Question 1

How do I sign a message with secp256k1 using noble-curves?

Accepted Answer

Import secp256k1 from '@noble/curves/secp256k1.js', generate keys with keygen(), sign the message using sign(msg, secretKey) which defaults to SHA-256 prehashing, and verify with verify(sig, msg, publicKey). The README provides code examples for various options like recovered signatures.

Question 2

Is noble-curves constant-time secure?

Accepted Answer

No, the library targets algorithmic constant time but explicitly states in the security section that JavaScript's JIT compiler and garbage collector make true constant-timeness extremely hard, so it's not suitable for applications requiring absolute protection against timing attacks.

Question 3

noble-curves vs tweetnacl for Ed25519 signatures?

Accepted Answer

noble-curves offers a broader range of curves and features like hash-to-curve and OPRFs, with independent audits, while tweetnacl is more focused on NaCl-compatible APIs and might be simpler for basic Ed25519. noble-curves is tree-shakeable and performance-optimized, but tweetnacl could be lighter for minimal use cases.

Question 4

How to hash data to a curve point with noble-curves?

Accepted Answer

Use the dedicated hash-to-curve modules, e.g., import secp256k1_hasher and call hashToCurve(msg) to get a point, conforming to RFC 9380. The README shows examples for multiple curves, including custom DST options for interoperability.

Question 5

Can I use noble-curves in React Native?

Accepted Answer

Yes, it works in React Native with a polyfill for getRandomValues, as mentioned in the usage section. The library is cross-platform, but you need to ensure the polyfill is installed for proper randomness generation in that environment.

Question 6

What are the breaking changes from noble-curves v1 to v2?

Accepted Answer

Key changes include switching to ESM-only with .js extensions required, default prehashed messages in ECDSA, renamed methods like toBytes, and moving BLS signatures to longSignatures/shortSignatures namespaces. The README has a detailed upgrading guide with migration steps.

Question 7

Does noble-curves support threshold signatures?

Accepted Answer

Yes, it implements FROST threshold signatures for curves like p256 and ed25519, allowing min-of-max participants to jointly sign, but the code is new and not audited yet, so caution is advised for production use as per the warning in the README.

noble-curves

What is noble-curves?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions