Author: Pieter Wuille 2013-10-11 11:41:41
Published on: 2013-10-11T11:41:41+00:00
In an email thread dated October 10, 2013, Mike Hearn expressed his interest in seeing a library become usable behind a command line flag or config setting. The current idea is to provide a compile-time flag that enables the library while disabling the wallet and mining RPCs at the same time. This state would be safe enough to provide test builds. The main issue at the time was malleability issues, but it was suggested that OpenSSL could be used to parse the signature into components while libsecp256k1 verified them. libsecp256k1 supports every signature that OpenSSL supports, so that direction is likely covered. The other direction may potentially be a problem if a majority of the hash power ran on it. However, with canonical encodings enforced by recent relaying nodes, a softfork could be scheduled to require them inside blocks.Apart from that, there may be actual exploitable mistakes in the crypto code. There are unit tests, including ones that create signatures with libsecp256k1 and verify them using OpenSSL and vice versa, but errors are more likely to occur in edge cases not hit with randomized tests. Reviewing the code would be the only way to catch those errors. Pieter welcomed people to look at the code for comments and suggestions.
Updated on: 2023-05-19T17:33:32.115440+00:00