Skip to content

Instantly share code, notes, and snippets.

View paulmillr's full-sized avatar
:octocat:
_

Paul Miller paulmillr

:octocat:
_
3.7k followers · 0 following
View GitHub Profile
@paulmillr
paulmillr / inp-nacl.mjs
Created April 23, 2024 16:08
noble vs tweetnacl
export { box_keyPair, sign_detached_verify, sign, box, box_open } from 'tweetnacl-ts';
@paulmillr
paulmillr / active.md
Last active April 23, 2024 17:32
Most active GitHub users (by contributions). http://twitter.com/paulmillr

Most active GitHub users (git.io/top)

The count of contributions (summary of Pull Requests, opened issues and commits) to public repos at GitHub.com from Wed, 21 Sep 2022 till Thu, 21 Sep 2023.

Only first 1000 GitHub users according to the count of followers are taken. This is because of limitations of GitHub search. Sorting algo in pseudocode:

githubUsers
 .filter(user => user.followers > 1000)
@paulmillr
paulmillr / md5.test.ts
Created January 2, 2024 06:25
noble-hashes md5
MD5: {
fn: md5,
obj: md5.create,
node: (buf) => Uint8Array.from(crypto.createHash('md5').update(buf).digest()),
node_obj: () => crypto.createHash('md5'),
nist: [
'90015098 3cd24fb0d 6963f7d2 8e17f72',
'd41d8cd9 8f00b204e 9800998e cf8427e',
'8215ef07 96a20bcaa ae116d38 76c664a',
'03dd8807 a93175fb0 62dfb55d c7d359c',
@paulmillr
paulmillr / BLS_Signature.md
Last active March 2, 2024 14:44
BLS Signature for Busy People

BLS Signature for Busy People

Summary

  • BLS stands for

    • Barreto-Lynn-Scott: BLS12, a Pairing Friendly Elliptic Curve.
    • Boneh-Lynn-Shacham: A Signature Scheme.

  • Signature Aggregation

  • It is possible to verify n aggregate signatures on the same message with just 2 pairings instead of n+1.

@paulmillr
paulmillr / hybrid-pkg.md
Last active February 10, 2024 17:45
Why writing hybrid Common.js + ESM NPM packages is hard
  • BigInt literals (15n) are not supported in some environments
    • Must use BigInt('15') instead
    • It was not supported in React Native 0.70. Need to test in new versions
  • Must use hybrid ESM-Common.js package
    • ESM (ECMAScript modules) are not supported in Electron, Jest
      • Electron needs pre-compilation step aka bundler
      • Jest has experimental esm flag, also can be replaced with micro-should
    • Common.js modules (legacy node.js modules) are not supported in browsers, Deno
      • Browsers can be worked around with UMD wrapper
  • Doesn’t play well with ESM in-browser imports
@paulmillr
paulmillr / github-languages-stats.json
Last active January 22, 2024 06:06
Most active GitHub users raw data
{
"Total": 910,
"my dms": 1,
"harbor is safe": 1,
"the Galaxy ": 1,
"Practice author": 1,
"Graph Representation Learning - rusty1s": 1,
"the PHP ecosystem": 1,
"software and to ensure that Python code is properly ported to Python 3": 1,
"Vienna - alanhamlett": 1,
@paulmillr
paulmillr / guide.md
Last active November 4, 2023 15:22
Sign git commits with ssh key

Sign git commits with ssh key

  • git version must be >= 2.34. Earlier versions don't support gpg.format ssh (signing commits with ssh keys).

    If you're printing signature keys in git log by using %GK %GF %GP %GT in git.format.pretty, earlier versions will crash when doing git log with following error:

    BUG: gpg-interface.c:284: bad signature

  • OpenSSH version must be >= 8.8. Earlier versions don't support valid-after,valid-before options.

@paulmillr
paulmillr / noble-fun.md
Last active October 10, 2023 07:11

Fun parts of developing noble-hashes and scure-base

  • Base58 is quadratic (O(n^2)). Basically you can’t encode 1MB of data with it. This has been found with our DoS tests, which we employ for scure-base and noble-hashes. See README for more details
  • Hashes are additionally tested against huge multi-gig inputs, scrypt/pbkdf2 are tested against all possible combination of options. They take 2 hours to run on a decent machine
  • Hashes are actually faster than many wasm alternatives. A single sha256 hashing of 32 bytes of data takes 888 nanoseconds on mac with M1
  • The last fact is extremely remarkable, because we do not employ loop unrolls in the code. A loop unroll is when you’re writing code which could have been executed in loop like for (let step = 0; step < 64), but instead, you’re writing every iteration step-by-step. Which incr
@paulmillr
paulmillr / secp256k1-endomorphism.md
Last active September 28, 2023 14:53
Speed-up secp256k1 by using endomorphism https://paulmillr.com/posts/noble-secp256k1-fast-ecc/

Hal Finney's explanation of secp256k1 "efficiently computable endomorphism" parameters used secp256k1 libraries, archived from source.

The same optimization could be applied to any Koblitz curve (e.g. Short Weistrass curve with a=0).

I implemented an optimized ECDSA verify for the secp256k1 curve, based on pages 125-129 of the Guide to Elliptic Curve Cryptography, by Hankerson, Menezes and Vanstone. I own the book but I also found a PDF on a Russian site which is more convenient.

secp256k1 uses the following prime for its x and y coordinates:

@paulmillr
paulmillr / metamask-sign.md
Last active September 10, 2023 13:36
Tracing cryptography in Metamask dependencies

Tracing cryptography in Metamask dependencies

Metamask uses noble for low-level cryptography operations, such as signature creation. The audit path as per Sep 2023, where every item is name of NPM package:

flowchart TD;
    MM[metamask-extension] -->|imports KeyringController| MMKC["@metamask/keyring-controller"];
    MMKC -->|imports HDKeyring| MMHD["@metamask/eth-hd-keyring"];
 MMKC -->|imports SimpleKeyring| MMSK["@metamask/eth-simple-keyring"];