Skip to content

Remove ecdsa dependency, use cryptography only II #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
onvej-sl merged 7 commits into from
Jan 29, 2026
Merged

Remove ecdsa dependency, use cryptography only II #4

onvej-sl merged 7 commits into from
Jan 29, 2026

Conversation

@onvej-sl
Copy link
Collaborator

@onvej-sl onvej-sl commented Dec 19, 2025

This replaces #2. Unlike that, I've tried to use the cryptography package as much as possible.

onvej-sl
onvej-sl commented Dec 19, 2025
View reviewed changes
andrewkozlik
andrewkozlik reviewed Dec 19, 2025
View reviewed changes
@andrewkozlik andrewkozlik mentioned this pull request Dec 19, 2025
Closed
@onvej-sl onvej-sl force-pushed the remove-ecda-2 branch 2 times, most recently from e0b0f49 to ecd81f3 Compare January 9, 2026 16:11
@onvej-sl onvej-sl force-pushed the remove-ecda-2 branch 11 times, most recently from a9c7320 to 16c914e Compare January 13, 2026 11:20
@onvej-sl onvej-sl marked this pull request as ready for review January 13, 2026 11:21
andrewkozlik
andrewkozlik reviewed Jan 21, 2026
View reviewed changes
andrewkozlik
andrewkozlik reviewed Jan 21, 2026
View reviewed changes
andrewkozlik
andrewkozlik reviewed Jan 28, 2026
View reviewed changes
tests/test_slip10.py
Comment on lines +918 to +934
def test_secp256r1_derivation_retry():
# Test retry in public key to public key derivation
# https://github.com/satoshilabs/slips/blob/master/slip-0010.md#test-derivation-retry-for-nist256p1
chaincode, pubkey = SLIP10.from_seed(
bytes.fromhex(SEED_1), curve_name="secp256r1"
).get_extended_pubkey_from_path("m/28578'")
chaincode, pubkey = SLIP10(
chaincode, pubkey=pubkey, curve_name="secp256r1"
).get_extended_pubkey_from_path("m/33941")
assert (
chaincode.hex()
== "9e87fe95031f14736774cd82f25fd885065cb7c358c1edf813c72af535e83071"
)
assert (
pubkey.hex()
== "0235bfee614c0d5b2cae260000bb1d0d84b270099ad790022c1ae0b2e782efe120"
)
Copy link
Collaborator

@andrewkozlik andrewkozlik Jan 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This works, although ideally we should have a test that takes the path in each test vector, converts it to a list _deriv_path_str_to_list(path) and counts how many indices at the end are non-hardened. Then it should derive the node up to the last hardened index using get_child_from_path() and from there derive using only public keys. Basically the above test but automated. (Doesn't need to be done in this PR.)

andrewkozlik
andrewkozlik reviewed Jan 28, 2026
View reviewed changes
@onvej-sl onvej-sl mentioned this pull request Jan 29, 2026
Open
@onvej-sl onvej-sl merged commit dc07bca into master Jan 29, 2026
8 checks passed
@onvej-sl onvej-sl deleted the remove-ecda-2 branch January 29, 2026 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkozlik andrewkozlik andrewkozlik approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@onvej-sl @andrewkozlik