Skip to content

Instantly share code, notes, and snippets.

View paulmillr's full-sized avatar
:octocat:
_

Paul Miller paulmillr

:octocat:
_
4.1k followers · 0 following
View GitHub Profile
@paulmillr
paulmillr / noble.py
Created April 25, 2025 18:04
noble.py
### noble-secp256k1.py - MIT License (c) Paul Miller (paulmillr.com) ###
# initial: 0.177 / 36ms
# jacobian: 0.111 / 3.7ms
# + constant-time: 4ms
# + constant-time + precomputes: 2.6ms
class Curve:
# Params: a, b
a = 0
@paulmillr
paulmillr / active.md
Last active April 24, 2025 10:07
Most active GitHub users (by contributions). https://paulmillr.com

Most active GitHub users (git.io/top)

The list would not be updated for now. Don't write comments.

The count of contributions (summary of Pull Requests, opened issues and commits) to public repos at GitHub.com from Wed, 21 Sep 2022 till Thu, 21 Sep 2023.

Because of GitHub search limitations, only 1000 first users according to amount of followers are included. If you are not in the list you don't have enough followers. See raw data and source code. Algorithm in pseudocode:

githubUsers
@paulmillr
paulmillr / bookmarklet.js
Created March 23, 2025 17:35
download vscode extensions as .vsix
javascript:(function()%7Bconst%20URL_VSIX_PATTERN%20%3D%20'https%3A%2F%2Fmarketplace.visualstudio.com%2F_apis%2Fpublic%2Fgallery%2Fpublishers%2F%24%7Bpublisher%7D%2Fvsextensions%2F%24%7Bextension%7D%2F%24%7Bversion%7D%2Fvspackage'%3B%0A%0Alet%20itemName%20%3D%20new%20URL(window.location.href).searchParams.get('itemName')%3B%0Alet%20%5Bpublisher%2C%20extension%5D%20%3D%20itemName.split('.')%3B%0Alet%20version%20%3D%20document.querySelector('%23versionHistoryTab%20tbody%20tr%20.version-history-container-column').textContent%3B%0A%0Alet%20url%20%3D%20URL_VSIX_PATTERN.replace('%24%7Bpublisher%7D'%2C%20publisher)%0A%09%09%09%09%09%09%20%20.replace('%24%7Bextension%7D'%2C%20extension)%0A%09%09%09%09%09%09%20%20.replace('%24%7Bversion%7D'%2C%20version)%3B%0A%0Awindow.open(url%2C%20'_blank')%3B%7D)()%3B
@paulmillr
paulmillr / BLS_Signature.md
Last active February 12, 2025 15:27
BLS Signature for Busy People

BLS Signature for Busy People

Summary

  • BLS stands for

    • Barreto-Lynn-Scott: BLS12, a Pairing Friendly Elliptic Curve.
    • Boneh-Lynn-Shacham: A Signature Scheme.

  • Signature Aggregation

  • It is possible to verify n aggregate signatures on the same message with just 2 pairings instead of n+1.

@paulmillr
paulmillr / ecc.ts
Last active February 5, 2025 14:05
https://paulmillr.com/posts/noble-secp256k1-fast-ecc/
// PART 1
// secp256k1 curve parameters. Verify using https://www.secg.org/sec2-v2.pdf
const P = 2n ** 256n - 0x1000003d1n; // curve's field prime
const N = 2n ** 256n - 0x14551231950b75fc4402da1732fc9bebfn; // curve (group) order
const CURVE = { P: P, n: N, a: 0n, b: 7n };
const err = (m = ''): never => {
throw new Error(m);
}; // error helper
const M = (a: bigint, b: bigint = P) => {
// mod division
@paulmillr
paulmillr / dart.md
Last active January 7, 2025 21:10
Leaked internal google dart email

---------- Forwarded message ----------

From: Mark S. Miller <erights@google.com>
Date: Tue, Nov 16, 2010 at 3:44 PM
Subject: "Future of Javascript" doc from our internal "JavaScript Summit"
last week
To: javascript-standard@google.com
@paulmillr
paulmillr / secp256k1-endomorphism.md
Last active December 13, 2024 02:22
Speed-up secp256k1 by using endomorphism https://paulmillr.com/posts/noble-secp256k1-fast-ecc/

Hal Finney's explanation of secp256k1 "efficiently computable endomorphism" parameters used secp256k1 libraries, archived from source.

The same optimization could be applied to any Koblitz curve (e.g. Short Weistrass curve with a=0).

I implemented an optimized ECDSA verify for the secp256k1 curve, based on pages 125-129 of the Guide to Elliptic Curve Cryptography, by Hankerson, Menezes and Vanstone. I own the book but I also found a PDF on a Russian site which is more convenient.

secp256k1 uses the following prime for its x and y coordinates:

@paulmillr
paulmillr / noble-fun.md
Last active June 17, 2024 12:17

Fun parts of developing noble-hashes and scure-base

  • Base58 is quadratic (O(n^2)). Basically you can’t encode 1MB of data with it. This has been found with our DoS tests, which we employ for scure-base and noble-hashes. See README for more details
  • Hashes are additionally tested against huge multi-gig inputs, scrypt/pbkdf2 are tested against all possible combination of options. They take 2 hours to run on a decent machine
  • Hashes are actually faster than many wasm alternatives. A single sha256 hashing of 32 bytes of data takes 888 nanoseconds on mac with M1
  • The last fact is extremely remarkable, because we do not employ loop unrolls in the code. A loop unroll is when you’re writing code which could have been executed in loop like for (let step = 0; step &lt; 64), but instead, you’re writing every iteration step-by-step. Which incr
@paulmillr
paulmillr / github-languages-stats.json
Last active May 11, 2024 02:23
Most active GitHub users raw data
{
"Total": 910,
"my dms": 1,
"harbor is safe": 1,
"the Galaxy ": 1,
"Practice author": 1,
"Graph Representation Learning - rusty1s": 1,
"the PHP ecosystem": 1,
"software and to ensure that Python code is properly ported to Python 3": 1,
"Vienna - alanhamlett": 1,
@paulmillr
paulmillr / inp-nacl.mjs
Created April 23, 2024 16:08
noble vs tweetnacl
export { box_keyPair, sign_detached_verify, sign, box, box_open } from 'tweetnacl-ts';