secp256k1 icon indicating copy to clipboard operation
secp256k1 copied to clipboard

Published 20 hours ago verified publisher icon bitcoin-core

Enable non-experimental modules by default

Open real-or-random opened this issue 2 years ago • 6 comments

This has been discussed in https://github.com/bitcoin-core/secp256k1/issues/817#issuecomment-693198323 and I agree with the arguments brought up there.

Alternatively, we could not enable them and add a discussion to the readme why we discourage people from using the modules. I believe enabling ECDH is not very controversial. But what about recovery? Do we want to leave it off and instead give a reason?

real-or-random avatar Oct 19 '21 12:10 real-or-random

Convince bitcoin to drop the use of recovery, then it can just be removed.

gmaxwell avatar Oct 19 '21 18:10 gmaxwell

@gmaxwell I think it's used by a number of things, including BOLT11 in Lightning (where it helps avoiding encoding the payee ID), so I don't think that's a good idea, even if the P2PKH message signing feature was removed.

As far as I know, the concern with it is that it's an ad-hoc design we personally probably wouldn't use again in the context it was first used (message signing with addresses).

Any other reasons why we'd want to "discourage" the use?

sipa avatar Oct 19 '21 18:10 sipa

I think it's used by a number of things, including BOLT11 in Lightning (where it helps avoiding encoding the payee ID)

That's right, we do depend on pubkey recovery for lightning:

  • to avoid wasting 33 bytes in Bolt 11 invoices because they're already bigger than we'd like
  • in our message signing scheme (that one could arguably include the public key directly, it's not that useful to do pubkey recovery for it)

What would be the rationale to remove it?

t-bast avatar Oct 21 '21 08:10 t-bast

I propose doing this before the release. A release would hopefully trigger updates in a few packages and distributions (which currently use dates or commit id as version numbers), and if we believe that standard distributions should enable non-experimental modules (as discussed in the linked issue), then now is a good time.

Note: This PR needs an update, now that more (i.e., all) modules have been made non-experimental.

real-or-random avatar Jul 29 '22 16:07 real-or-random

I propose doing this before the release.

Concept ACK. Do you also want to add an entry to the ChangeLog, similar to #1126?

jonasnick avatar Jul 31 '22 17:07 jonasnick

Updated. This now doesn't enable the ECDSA recovery module if this is controversial. Rationale is in the commit message.

real-or-random avatar Aug 03 '22 15:08 real-or-random

ACK 41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1

sipa avatar Nov 21 '22 21:11 sipa