How do I sign a message with secp256k1 using noble-curves?

Import secp256k1 from '@noble/curves/secp256k1.js', generate keys with keygen(), sign the message using sign(msg, secretKey) which defaults to SHA-256 prehashing, and verify with verify(sig, msg, publicKey). The README provides code examples for various options like recovered signatures.

Is noble-curves constant-time secure?

No, the library targets algorithmic constant time but explicitly states in the security section that JavaScript's JIT compiler and garbage collector make true constant-timeness extremely hard, so it's not suitable for applications requiring absolute protection against timing attacks.

noble-curves vs tweetnacl for Ed25519 signatures?

noble-curves offers a broader range of curves and features like hash-to-curve and OPRFs, with independent audits, while tweetnacl is more focused on NaCl-compatible APIs and might be simpler for basic Ed25519. noble-curves is tree-shakeable and performance-optimized, but tweetnacl could be lighter for minimal use cases.

How to hash data to a curve point with noble-curves?

Use the dedicated hash-to-curve modules, e.g., import secp256k1_hasher and call hashToCurve(msg) to get a point, conforming to RFC 9380. The README shows examples for multiple curves, including custom DST options for interoperability.

Can I use noble-curves in React Native?

Yes, it works in React Native with a polyfill for getRandomValues, as mentioned in the usage section. The library is cross-platform, but you need to ensure the polyfill is installed for proper randomness generation in that environment.

What are the breaking changes from noble-curves v1 to v2?

Key changes include switching to ESM-only with .js extensions required, default prehashed messages in ECDSA, renamed methods like toBytes, and moving BLS signatures to longSignatures/shortSignatures namespaces. The README has a detailed upgrading guide with migration steps.

Does noble-curves support threshold signatures?

Yes, it implements FROST threshold signatures for curves like p256 and ed25519, allowing min-of-max participants to jointly sign, but the code is new and not audited yet, so caution is advised for production use as per the warning in the README.

noble-curves — Audited Elliptic Curve Cryptography

What is noble-curves?

noble-curves is a JavaScript library that provides audited, minimal implementations of elliptic curve cryptography. It solves the need for a secure, dependency-light cryptographic toolkit in JavaScript environments, offering a wide range of curves and algorithms like ECDSA, EdDSA, Schnorr, BLS, ECDH, and hash-to-curve.

Target Audience

JavaScript and TypeScript developers building applications requiring cryptographic signatures, key exchange, or advanced elliptic curve operations, particularly in security-sensitive domains like blockchain, authentication, and secure messaging.

Value Proposition

Developers choose noble-curves for its independent security audits, minimal bundle size, comprehensive feature set, and adherence to cryptographic standards, all while maintaining high performance and cross-platform compatibility without heavy dependencies.

Audited & minimal JS implementation of elliptic curve cryptography.

Use Cases

Best For

Implementing digital signatures (ECDSA, EdDSA, Schnorr) in web or Node.js applications
Building blockchain or cryptocurrency projects requiring secp256k1 or BLS12-381 support
Adding secure key exchange (ECDH) to communication protocols
Creating passwordless authentication with OPRF (Oblivious Pseudorandom Functions)
Developing threshold signature schemes using FROST
Hashing data to elliptic curve points for cryptographic protocols like VRF or ZKPs

Not Ideal For

Projects requiring absolute constant-time security guarantees, as JavaScript's JIT compiler and garbage collector make timing attacks difficult to mitigate effectively.
Teams needing native-level performance for high-throughput cryptographic operations, where WebAssembly or C++ bindings would offer better speed.
Applications that rely on frequently updated or bleeding-edge cryptographic standards, as noble-curves practices rare releasing to minimize re-audits, potentially delaying new feature adoption.
Developers looking for a drop-in solution with extensive pre-built integrations or GUI components, since the library focuses on low-level primitives and requires manual implementation.

Pros & Cons

Pros

Audited Security

Independently audited by multiple firms like Cure53 and Trail of Bits, with PGP-signed releases and transparent builds, ensuring high trustworthiness for security-critical applications.

Minimal Bundle Size

Tree-shakeable design excludes unused code, resulting in a small footprint (29KB gzipped) and optimal bundle sizes, as highlighted in the README's performance benchmarks.

Wide Curve Support

Implements a comprehensive suite of curves including secp256k1, P-256, ed25519, and BLS12-381, supporting Weierstrass, Edwards, and Montgomery forms for diverse cryptographic needs.

Performance Optimizations

Hand-optimized for JavaScript engine caveats with extensive benchmarking, providing fast operations for signatures and key exchange, as shown in the speed section with M4 benchmarks.

Cross-Platform Compatibility

Works in browsers, Node.js, Deno, and React Native (with polyfills), making it versatile for various JavaScript environments without heavy dependencies.

Cons

JavaScript Timing Vulnerabilities

Admits in the security section that constant-timeness is extremely hard to achieve in JS due to JIT and GC, potentially exposing timing attacks in sensitive applications.

New Features Unaudited

Advanced features like FROST threshold signatures are marked as new and not audited yet, posing potential security risks for early adopters, as warned in the README.

Breaking Changes in Upgrades

Upgrading from v1 to v2 involved significant breaking changes, such as switching to prehashed messages by default and renaming methods, which can disrupt existing implementations and require careful migration.

Dependency on Noble-Hashes

Relies on noble-hashes for cryptographic hashing, adding a dependency that, while minimal, means security audits must cover both libraries, and updates might be tied to its release cycle.

Frequently Asked Questions

What is noble-curves?

Target Audience

Value Proposition

Use Cases

Best For

Implementing digital signatures (ECDSA, EdDSA, Schnorr) in web or Node.js applications
Building blockchain or cryptocurrency projects requiring secp256k1 or BLS12-381 support
Adding secure key exchange (ECDH) to communication protocols
Creating passwordless authentication with OPRF (Oblivious Pseudorandom Functions)
Developing threshold signature schemes using FROST
Hashing data to elliptic curve points for cryptographic protocols like VRF or ZKPs

Not Ideal For

Projects requiring absolute constant-time security guarantees, as JavaScript's JIT compiler and garbage collector make timing attacks difficult to mitigate effectively.
Teams needing native-level performance for high-throughput cryptographic operations, where WebAssembly or C++ bindings would offer better speed.
Applications that rely on frequently updated or bleeding-edge cryptographic standards, as noble-curves practices rare releasing to minimize re-audits, potentially delaying new feature adoption.
Developers looking for a drop-in solution with extensive pre-built integrations or GUI components, since the library focuses on low-level primitives and requires manual implementation.

Pros & Cons

Pros

Audited Security

Independently audited by multiple firms like Cure53 and Trail of Bits, with PGP-signed releases and transparent builds, ensuring high trustworthiness for security-critical applications.

Minimal Bundle Size

Tree-shakeable design excludes unused code, resulting in a small footprint (29KB gzipped) and optimal bundle sizes, as highlighted in the README's performance benchmarks.

Wide Curve Support

Implements a comprehensive suite of curves including secp256k1, P-256, ed25519, and BLS12-381, supporting Weierstrass, Edwards, and Montgomery forms for diverse cryptographic needs.

Performance Optimizations

Hand-optimized for JavaScript engine caveats with extensive benchmarking, providing fast operations for signatures and key exchange, as shown in the speed section with M4 benchmarks.

Cross-Platform Compatibility

Works in browsers, Node.js, Deno, and React Native (with polyfills), making it versatile for various JavaScript environments without heavy dependencies.

Cons

JavaScript Timing Vulnerabilities

Admits in the security section that constant-timeness is extremely hard to achieve in JS due to JIT and GC, potentially exposing timing attacks in sensitive applications.

New Features Unaudited

Advanced features like FROST threshold signatures are marked as new and not audited yet, posing potential security risks for early adopters, as warned in the README.

Breaking Changes in Upgrades

Dependency on Noble-Hashes

Relies on noble-hashes for cryptographic hashing, adding a dependency that, while minimal, means security audits must cover both libraries, and updates might be tied to its release cycle.

Frequently Asked Questions

noble-curves

What is noble-curves?

Overview

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions

Related Projects

Found a gem we're missing?

noble-curves

What is noble-curves?

Overview

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions

Related Projects

Found a gem we're missing?