Author

Topic: [Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1? (Read 132 times)

jr. member
Activity: 55
Merit: 4
Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?
No, because those things are not used in Bitcoin. Also, the library is heavily reviewed by cryptographers.

Even experimental things are generally safe to use as their cryptography is reviewed before it is implemented into libsecp256k1. The experimental mostly refers to the fact that APIs may change for those experimental things. Also, the experimental stuff is not enabled by default and must be explicitly enabled when compiling the library.

Thanks for your explanation. I've acquired some knowledge today Smiley
staff
Activity: 3458
Merit: 6793
Just writing some code
Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?
No, because those things are not used in Bitcoin. Also, the library is heavily reviewed by cryptographers.

Even experimental things are generally safe to use as their cryptography is reviewed before it is implemented into libsecp256k1. The experimental mostly refers to the fact that APIs may change for those experimental things. Also, the experimental stuff is not enabled by default and must be explicitly enabled when compiling the library.
jr. member
Activity: 55
Merit: 4
Because there isn't really a risk to using libsecp256k1. That's just there as a disclaimer since some parts of the library are experimental, but those are also labeled clearly.

Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?

libsecp256k1 is what Bitcoin Core uses for all of its ECDSA operations for several years now. The library was created by some Bitcoin Core developers.

Thanks a lot for this piece of information.
staff
Activity: 3458
Merit: 6793
Just writing some code
Because there isn't really a risk to using libsecp256k1. That's just there as a disclaimer since some parts of the library are experimental, but those are also labeled clearly.

libsecp256k1 is what Bitcoin Core uses for all of its ECDSA operations for several years now. The library was created by some Bitcoin Core developers.
jr. member
Activity: 55
Merit: 4
I managed to launch Electrum 3.2.3 from its folder. However it comes with the following warning:

Quote
$ ./run_electrum
[ecc] info: libsecp256k1 library not available, falling back to python-ecdsa. This means signing operations will be slower.

According to Debian (url: https://packages.debian.org/stretch/libsecp256k1-0), it warns that

NB! This library is a work in progress and is being used to research best practices. Use at your own risk.

I wonder how many of you have been using libsecp256k1 since Electrum 3.2.2
Jump to: