Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Author

Topic: [Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1? (Read 134 times)

tUnes3
jr. member
Activity: 56
Merit: 5
[Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1?
September 08, 2018, 11:32:25 AM
#5
Quote from: achow101 on September 08, 2018, 11:28:39 AM
Quote from: tUnes3 on September 08, 2018, 11:13:51 AM
Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?
No, because those things are not used in Bitcoin. Also, the library is heavily reviewed by cryptographers.

Even experimental things are generally safe to use as their cryptography is reviewed before it is implemented into libsecp256k1. The experimental mostly refers to the fact that APIs may change for those experimental things. Also, the experimental stuff is not enabled by default and must be explicitly enabled when compiling the library.

Thanks for your explanation. I've acquired some knowledge today Smiley
achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Re: [Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1?
September 08, 2018, 11:28:39 AM
#4
Quote from: tUnes3 on September 08, 2018, 11:13:51 AM
Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?
No, because those things are not used in Bitcoin. Also, the library is heavily reviewed by cryptographers.

Even experimental things are generally safe to use as their cryptography is reviewed before it is implemented into libsecp256k1. The experimental mostly refers to the fact that APIs may change for those experimental things. Also, the experimental stuff is not enabled by default and must be explicitly enabled when compiling the library.
tUnes3
jr. member
Activity: 56
Merit: 5
Re: [Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1?
September 08, 2018, 11:13:51 AM
#3
Quote from: achow101 on September 08, 2018, 09:56:59 AM
Because there isn't really a risk to using libsecp256k1. That's just there as a disclaimer since some parts of the library are experimental, but those are also labeled clearly.

Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?

Quote from: achow101 on September 08, 2018, 09:56:59 AM
libsecp256k1 is what Bitcoin Core uses for all of its ECDSA operations for several years now. The library was created by some Bitcoin Core developers.

Thanks a lot for this piece of information.
achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Re: [Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1?
September 08, 2018, 09:56:59 AM
#2
Because there isn't really a risk to using libsecp256k1. That's just there as a disclaimer since some parts of the library are experimental, but those are also labeled clearly.

libsecp256k1 is what Bitcoin Core uses for all of its ECDSA operations for several years now. The library was created by some Bitcoin Core developers.
tUnes3
jr. member
Activity: 56
Merit: 5
Re: [Electrum 3.2.3] Why does it wish to use an at-risk package called libsecp256k1?
September 08, 2018, 08:39:57 AM
#1
I managed to launch Electrum 3.2.3 from its folder. However it comes with the following warning:

Quote
$ ./run_electrum
[ecc] info: libsecp256k1 library not available, falling back to python-ecdsa. This means signing operations will be slower.

According to Debian (url: https://packages.debian.org/stretch/libsecp256k1-0), it warns that

NB! This library is a work in progress and is being used to research best practices. Use at your own risk.

I wonder how many of you have been using libsecp256k1 since Electrum 3.2.2
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Jump to: