cosmjs Migrate to @noble/secp256k1

Closes #1272

Dec 08 '22 17:12 webmaster128

any updates on this one?

May 14 '23 21:05 paulmillr

Last time I tried we ran into issues because of the dependency of the crypto module. I have not checked the lastest versions of the library yet.

May 22 '23 07:05 webmaster128

Most other projects and wallets have already switched. They don't seem to have the crypto issue.

Dec 15 '23 16:12 paulmillr

@webmaster128 the latest version of @noble/secp256k1 uses webcrypto and just 4KB in size without additional dependencies.

Could you please proceed with adjustment and merge or this PR?

Jun 26 '25 17:06 stalniy

@stalniy nothing changed much since 1.7 (from this pr). Size got smaller. That's it.

Old version was also using webcrypto for hashing ops.

Jun 26 '25 17:06 paulmillr

@paulmillr I'd disagree 😄

1.7.2 uses node crypto module -> https://github.com/paulmillr/noble-secp256k1/blob/1.7.2/index.ts#L6 and latest 2.x doesn't even have import of node:crypto -> https://github.com/paulmillr/noble-secp256k1/blob/2.3.0/index.ts

Maybe you solved this in 1.7.x through build tools (i.e., separate version for browser/node) but now it's possible to use single version on both envs

Jun 27 '25 05:06 stalniy

@webmaster128 I'm ready to help by the way. If I can do something to push this forward, please let me know

Jun 27 '25 05:06 stalniy

CosmJS was pretty much unmaintained/unfunded for the last two years. This change very recently. I will include this work in the next release.

Jun 27 '25 12:06 webmaster128

CosmJS was pretty much unmaintained/unfunded for the last two years. This change very recently. I will include this work in the next release.

Nice, who is funding it now?

Jun 27 '25 18:06 baktun14

if there would be an upgrade, it should be to noble-curves - which is audited; not to noble-secp256k1.

Jun 27 '25 19:06 paulmillr

An updates version of this PR was merged in #1698 using noble-curves. Thank you

Jul 08 '25 20:07 webmaster128