v2.0: massively reduce library size, remove features

[paulmillr]

noble-curves is proper evolution of noble-secp, switch to it now. noble-secp v2 will be "smallest possible" safe+fast implementation of secp in js. I will just go through every line and optimize it manually.

• 4x smaller
• each line has a comment
• getPublicKey(), sign(), verify(), getSharedSecret(), Signature.recoverPublicKey()
• Improved security
• Errors are sometimes throws with empty messages and longer stack traces
• No Schnorr: just ECDSA
• No DER: just compact signature representation
• No micro-optimizations, but still almost as fast
• No support for rare JS environments that can't use bigint literals, exponentiation operator

ed25519: paulmillr/noble-ed25519#76

[paulmillr]

old secp 1.7 main branch:

getPublicKey(utils.randomPrivateKey()) x 7,093 ops/sec @ 140μs/op
sign x 5,615 ops/sec @ 178μs/op
verify x 1,114 ops/sec @ 896μs/op
recoverPublicKey x 1,018 ops/sec @ 982μs/op
getSharedSecret x 665 ops/sec @ 1ms/op
Point.fromHex (decompression) x 14,582 ops/sec @ 68μs/op

new Iteration 7:

getPublicKey(utils.randomPrivateKey()) x 5,006 ops/sec @ 199μs/op
sign x 4,062 ops/sec @ 246μs/op
verify x 476 ops/sec @ 2ms/op
recoverPublicKey x 490 ops/sec @ 2ms/op
getSharedSecret x 401 ops/sec @ 2ms/op
Point.fromHex (decompression) x 7,665 ops/sec @ 130μs/op

[MicahZoltu]

Again, the point is that index.js is not build output in Deno. In deno, there is no build output.

I understand that, but I don't understand what this has to do with the proposal I'm making? Why does moving the build output to an output folder and the original source files into a source folder affect Deno?

Is the problem here that Deno can only run <root>/index.ts and there is no way to tell it to look in source/index.ts? If this is the case could we not just have a <root>/index.ts which simply contains export * from './source/index.ts'?

[paulmillr]

Tests are now using micro-should and are shared between noble/curves.

[Akamig]

Erm.... no offense and just askin', was there any specific reason about dropping DER format support?
We were using that well at dealing with frustrating AWS-KMS provide key in ASN.1 format.
(of course it's their and our problem to deal with not yours, but well.)

[paulmillr]

@Akamig it takes too much code and it's only used in specific situations. You're free to use noble-curves which has DER and is a proper evolution of the current library. goals of new noble-secp are being 1) safe 2) as small as possible 3) fast

[Akamig]

@paulmillr Oh, I didn't expected answer this fast. thanks for your quick, kind, understandable response! 🥰

Y E A H G O T T A G O F A S T