Move precomputes up to weierstrass() and edwards().

paulmillr · paulmillr · commit 3fdc3f69ec42 · 2025-07-30T01:48:32.000Z
diff --git a/src/abstract/edwards.ts b/src/abstract/edwards.ts
@@ -18,7 +18,7 @@ import {
   isBytes,
   memoized,
   notImplemented,
-  randomBytes as wcRandomBytes,
+  randomBytes as randomBytesWeb,
   type FHash,
   type Hex,
 } from '../utils.ts';
@@ -531,7 +531,8 @@ export function edwards(params: EdwardsOpts, extraOpts: EdwardsExtraOpts = {}):
       return this.toBytes();
     }
   }
-  const wnaf = new wNAF(Point, Fn.BYTES * 8); // Fn.BITS?
+  const wnaf = new wNAF(Point, Fn.BITS);
+  Point.BASE.precompute(8); // Enable precomputes. Slows down first publicKey computation by 20ms.
   return Point;
 }
 
@@ -665,7 +666,7 @@ export function eddsa(Point: EdwardsPointCons, cHash: FHash, eddsaOpts: EdDSAOpt
   const { prehash } = eddsaOpts;
   const { BASE, Fp, Fn } = Point;
 
-  const randomBytes = eddsaOpts.randomBytes || wcRandomBytes;
+  const randomBytes = eddsaOpts.randomBytes || randomBytesWeb;
   const adjustScalarBytes = eddsaOpts.adjustScalarBytes || ((bytes: Uint8Array) => bytes);
   const domain =
     eddsaOpts.domain ||
@@ -765,8 +766,6 @@ export function eddsa(Point: EdwardsPointCons, cHash: FHash, eddsaOpts: EdDSAOpt
     return RkA.subtract(SB).clearCofactor().is0();
   }
 
-  BASE.precompute(8); // Enable precomputes. Slows down first publicKey computation by 20ms.
-
   const _size = Fp.BYTES; // 32 for ed25519, 57 for ed448
   const lengths = {
     secret: _size,
@@ -781,11 +780,9 @@ export function eddsa(Point: EdwardsPointCons, cHash: FHash, eddsaOpts: EdDSAOpt
     const secretKey = utils.randomSecretKey(seed);
     return { secretKey, publicKey: getPublicKey(secretKey) };
   }
-
   function isValidSecretKey(key: Uint8Array): boolean {
     return isBytes(key) && key.length === Fn.BYTES;
   }
-
   function isValidPublicKey(key: Uint8Array, zip215?: boolean): boolean {
     try {
       return !!Point.fromBytes(key, zip215);
diff --git a/src/abstract/weierstrass.ts b/src/abstract/weierstrass.ts
@@ -44,7 +44,7 @@ import {
   isBytes,
   memoized,
   numberToHexUnpadded,
-  randomBytes as wcRandomBytes,
+  randomBytes as randomBytesWeb,
   type CHash,
   type Hex,
   type PrivKey,
@@ -988,6 +988,7 @@ export function weierstrassN<T>(
   }
   const bits = Fn.BITS;
   const wnaf = new wNAF(Point, extraOpts.endo ? Math.ceil(bits / 2) : bits);
+  Point.BASE.precompute(8); // Enable precomputes. Slows down first publicKey computation by 20ms.
   return Point;
 }
 
@@ -1188,7 +1189,7 @@ export function ecdh(
   ecdhOpts: { randomBytes?: (bytesLength?: number) => Uint8Array } = {}
 ): ECDH {
   const { Fn } = Point;
-  const randomBytes_ = ecdhOpts.randomBytes || wcRandomBytes;
+  const randomBytes_ = ecdhOpts.randomBytes || randomBytesWeb;
   const lengths = Object.assign(getWLengths(Point.Fp, Fn), { seed: getMinHashLength(Fn.ORDER) });
 
   function isValidSecretKey(secretKey: PrivKey) {
@@ -1311,7 +1312,7 @@ export function ecdsa(
     }
   );
 
-  const randomBytes = ecdsaOpts.randomBytes || wcRandomBytes;
+  const randomBytes = ecdsaOpts.randomBytes || randomBytesWeb;
   const hmac: HmacFnSync =
     ecdsaOpts.hmac ||
     (((key, ...msgs) => nobleHmac(hash, key, concatBytes(...msgs))) satisfies HmacFnSync);
@@ -1572,9 +1573,6 @@ export function ecdsa(
     return sig;
   }
 
-  // Enable precomputes. Slows down first publicKey computation by 20ms.
-  Point.BASE.precompute(8);
-
   function tryParsingSig(sg: Hex | SignatureLike) {
     // Try to deduce format
     let sig: Signature | undefined = undefined;
