Add warning for undefined 'e' in signSchnorr function (#3)

landabaso · landabaso · commit e40fadcd45b4 · 2023-06-28T10:04:36.000+02:00
This commit introduces a console warning when 'e' (auxRand equivalent) is undefined during a Schnorr signing operation. The warning informs users of potential discrepancies between our library and tiny-secp256k1 due to differences in how 'e' is handled when it's not provided. This is a response to issue #3.
diff --git a/index.js b/index.js
@@ -310,7 +310,12 @@ export function sign(h, d, e) {
   return necc.signSync(h, d, { der: false, extraEntropy: e });
 }
 
-export function signSchnorr(h, d, e = Buffer.alloc(32, 0x00)) {
+export function signSchnorr(h, d, e) {
+  if (e === undefined) {
+    console.warn(
+      `Warning: The extra data 'e' is not defined. This library defaults to a random value when 'e' is undefined, which is different from the deterministic approach in tiny-secp256k1. This might lead to discrepancies in the Schnorr signatures between the two libraries.`
+    );
+  }
   if (!isPrivate(d)) {
     throw new Error('Expected Private');
   }
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@bitcoinerlab/secp256k1",
   "homepage": "https://bitcoinerlab.com/secp256k1",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "A library for performing elliptic curve operations on the secp256k1 curve. It is designed to integrate into the BitcoinJS & BitcoinerLAB ecosystems and uses the audited noble-secp256k1 library. It is compatible with environments that do not support WASM, such as React Native.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",

Original file line number	Diff line number	Diff line change
`@@ -310,7 +310,12 @@ export function sign(h, d, e) {`
`310`	`310`	`return necc.signSync(h, d, { der: false, extraEntropy: e });`
`311`	`311`	`}`
`312`	`312`
`313`		`-export function signSchnorr(h, d, e = Buffer.alloc(32, 0x00)) {`
	`313`	`+export function signSchnorr(h, d, e) {`
	`314`	`+ if (e === undefined) {`
	`315`	`+ console.warn(`
	`316`	+ `Warning: The extra data 'e' is not defined. This library defaults to a random value when 'e' is undefined, which is different from the deterministic approach in tiny-secp256k1. This might lead to discrepancies in the Schnorr signatures between the two libraries.`
	`317`	`+ );`
	`318`	`+ }`
`314`	`319`	`if (!isPrivate(d)) {`
`315`	`320`	`throw new Error('Expected Private');`
`316`	`321`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@bitcoinerlab/secp256k1",`
`3`	`3`	`"homepage": "https://bitcoinerlab.com/secp256k1",`
`4`		`- "version": "1.0.2",`
	`4`	`+ "version": "1.0.3",`
`5`	`5`	`"description": "A library for performing elliptic curve operations on the secp256k1 curve. It is designed to integrate into the BitcoinJS & BitcoinerLAB ecosystems and uses the audited noble-secp256k1 library. It is compatible with environments that do not support WASM, such as React Native.",`
`6`	`6`	`"main": "dist/index.js",`
`7`	`7`	`"types": "types/index.d.ts",`