Upgrade secp to 0.32.0-beta.0

Based on the release tracking PR

 rust-bitcoin/rust-secp256k1#843

Just do the build errors, lint warnings done next.

Author: tcharding

Cargo.toml

@@ -3,8 +3,5 @@ members = ["addresses", "base58", "bitcoin", "chacha20_poly1305", "consensus_enc
 exclude = ["benches"]
 resolver = "2"
 
-# Keep this patch for hashes because secp256k1 depends on bitcoin-hashes via crates.io
-# This allows testing changes to hashes with secp256k1
-# See https://github.com/rust-bitcoin/rust-bitcoin/pull/4284#pullrequestreview-2714442229
-[patch.crates-io.bitcoin_hashes]
-path = "hashes"
+[patch.crates-io.secp256k1]
+path = "../rust-secp256k1"

bitcoin/Cargo.toml

@@ -33,9 +33,7 @@ hex = { package = "hex-conservative", version = "0.3.0", default-features = fals
 internals = { package = "bitcoin-internals", path = "../internals", features = ["alloc", "hex"] }
 io = { package = "bitcoin-io", path = "../io", default-features = false, features = ["alloc", "hashes"] }
 primitives = { package = "bitcoin-primitives", path = "../primitives", default-features = false, features = ["alloc", "hex"] }
-<<<<<<< Side #1 (Conflict 1 of 1)
-secp256k1 = { version = "0.30.0", default-features = false, features = ["hashes", "alloc"] }
-secp256k1 = { version = "0.31.1", default-features = false, features = ["hashes", "alloc", "rand"] }
+secp256k1 = { version = "0.32.0-beta.0", default-features = false, features = ["alloc", "rand"] }
 units = { package = "bitcoin-units", path = "../units", default-features = false, features = ["alloc"] }
 
 arbitrary = { version = "1.4.1", optional = true }

bitcoin/embedded/src/main.rs

@@ -12,7 +12,6 @@ use core::panic::PanicInfo;
 
 use alloc_cortex_m::CortexMHeap;
 use bitcoin::secp256k1::ffi::types::AlignedType;
-use bitcoin::secp256k1::Secp256k1;
 // use panic_halt as _;
 use bitcoin::{Address, Network, PrivateKey};
 use cortex_m_rt::entry;
@@ -30,19 +29,15 @@ fn main() -> ! {
 
     unsafe { ALLOCATOR.init(cortex_m_rt::heap_start() as usize, HEAP_SIZE) }
 
-    let size = Secp256k1::preallocate_size();
-    hprintln!("secp buf size {}", size * 16).unwrap();
-
     // Load a private key
     let raw = "L1HKVVLHXiUhecWnwFYF6L3shkf1E12HUmuZTESvBXUdx3yqVP1D";
     let pk = PrivateKey::from_wif(raw).unwrap();
     hprintln!("Seed WIF: {}", pk).unwrap();
 
     let mut buf_ful = vec![AlignedType::zeroed(); size];
-    let secp = Secp256k1::preallocated_new(&mut buf_ful).unwrap();
 
     // Derive address
-    let pubkey = pk.public_key(&secp).try_into().unwrap();
+    let pubkey = pk.public_key().try_into().unwrap();
     let address = Address::p2wpkh(pubkey, Network::Bitcoin);
     hprintln!("Address: {}", address).unwrap();
 

bitcoin/examples/bip32.rs

@@ -4,7 +4,6 @@ use bitcoin::address::{Address, KnownHrp};
 use bitcoin::bip32::{ChildNumber, DerivationPath, Xpriv, Xpub};
 use bitcoin::hex::FromHex;
 use bitcoin::secp256k1::ffi::types::AlignedType;
-use bitcoin::secp256k1::Secp256k1;
 use bitcoin::{CompressedPublicKey, NetworkKind};
 
 fn main() {
@@ -27,26 +26,21 @@ fn main() {
 
     let seed = Vec::from_hex(seed_hex).unwrap();
 
-    // we need secp256k1 context for key derivation
-    let mut buf: Vec<AlignedType> = Vec::new();
-    buf.resize(Secp256k1::preallocate_size(), AlignedType::zeroed());
-    let secp = Secp256k1::preallocated_new(buf.as_mut_slice()).unwrap();
-
     // calculate root key from seed
     let root = Xpriv::new_master(NetworkKind::Main, &seed);
     println!("Root key: {root}");
 
     // derive child xpub
     let path = "84h/0h/0h".parse::<DerivationPath>().unwrap();
-    let child = root.derive_xpriv(&secp, &path).expect("only deriving three steps");
+    let child = root.derive_xpriv(&path).expect("only deriving three steps");
     println!("Child at {path}: {child}");
-    let xpub = Xpub::from_xpriv(&secp, &child);
+    let xpub = Xpub::from_xpriv(&child);
     println!("Public key at {path}: {xpub}");
 
     // generate first receiving address at m/0/0
     // manually creating indexes this time
     let zero = ChildNumber::ZERO_NORMAL;
-    let public_key = xpub.derive_xpub(&secp, [zero, zero]).unwrap().public_key;
+    let public_key = xpub.derive_xpub([zero, zero]).unwrap().public_key;
     let address = Address::p2wpkh(CompressedPublicKey(public_key), KnownHrp::Mainnet);
     println!("First receiving address: {address}");
 }

bitcoin/examples/create-p2wpkh-address.rs

@@ -1,14 +1,11 @@
-use bitcoin::secp256k1::{rand, Secp256k1};
+use bitcoin::secp256k1::rand;
 use bitcoin::{Address, CompressedPublicKey, Network, PrivateKey};
 
 /// Generate a P2WPKH (pay-to-witness-public-key-hash) address and print it
 /// along with the associated private key needed to transact.
 fn main() {
-    // Create new secp256k1 instance.
-    let secp = Secp256k1::new();
-
     // Generate secp256k1 public and private key pair.
-    let (secret_key, public_key) = secp.generate_keypair(&mut rand::rng());
+    let (secret_key, public_key) = secp256k1::generate_keypair(&mut rand::rng());
 
     // Create a Bitcoin private key to be used on the Bitcoin mainnet.
     let private_key = PrivateKey::new(secret_key, Network::Bitcoin);

bitcoin/examples/ecdsa-psbt

@@ -29,7 +29,6 @@ use bitcoin::ext::*;
 use bitcoin::key::WPubkeyHash;
 use bitcoin::locktime::absolute;
 use bitcoin::psbt::Input;
-use bitcoin::secp256k1::{Secp256k1, Signing};
 use bitcoin::{
     consensus, transaction, Address, Amount, EcdsaSighashType, Network, OutPoint, Psbt,
     RedeemScriptBuf, ScriptPubKeyBuf, ScriptSigBuf, Sequence, Transaction, TxIn, TxOut, Txid,
@@ -55,35 +54,33 @@ const SPEND_AMOUNT: Amount = Amount::from_sat_u32(25_000_000);
 const CHANGE_AMOUNT: Amount = Amount::from_sat_u32(4_990_000); // 10_000 sat fee.
 
 // Derive the external address xpriv.
-fn get_external_address_xpriv<C: Signing>(
-    secp: &Secp256k1<C>,
+fn get_external_address_xpriv(
     master_xpriv: Xpriv,
     index: u32,
 ) -> Xpriv {
     let derivation_path =
         BIP84_DERIVATION_PATH.into_derivation_path().expect("valid derivation path");
     let child_xpriv =
-        master_xpriv.derive_xpriv(secp, &derivation_path).expect("only deriving three steps");
+        master_xpriv.derive_xpriv(&derivation_path).expect("only deriving three steps");
     let external_index = ChildNumber::ZERO_NORMAL;
     let idx = ChildNumber::from_normal_idx(index).expect("valid index number");
 
-    child_xpriv.derive_xpriv(secp, [external_index, idx]).expect("only deriving two more steps")
+    child_xpriv.derive_xpriv([external_index, idx]).expect("only deriving two more steps")
 }
 
 // Derive the internal address xpriv.
-fn get_internal_address_xpriv<C: Signing>(
-    secp: &Secp256k1<C>,
+fn get_internal_address_xpriv(
     master_xpriv: Xpriv,
     index: u32,
 ) -> Xpriv {
     let derivation_path =
         BIP84_DERIVATION_PATH.into_derivation_path().expect("valid derivation path");
     let child_xpriv =
-        master_xpriv.derive_xpriv(secp, &derivation_path).expect("only deriving three steps");
+        master_xpriv.derive_xpriv(&derivation_path).expect("only deriving three steps");
     let internal_index = ChildNumber::ONE_NORMAL;
     let idx = ChildNumber::from_normal_idx(index).expect("valid index number");
 
-    child_xpriv.derive_xpriv(secp, [internal_index, idx]).expect("only deriving two more steps")
+    child_xpriv.derive_xpriv([internal_index, idx]).expect("only deriving two more steps")
 }
 
 // The address to send to.
@@ -128,19 +125,17 @@ fn dummy_unspent_transaction_outputs() -> Vec<(OutPoint, TxOut)> {
 }
 
 fn main() {
-    let secp = Secp256k1::new();
-
     // Get the individual xprivs we control. In a real application these would come from a stored secret.
     let master_xpriv = XPRIV.parse::<Xpriv>().expect("valid xpriv");
-    let xpriv_input_1 = get_external_address_xpriv(&secp, master_xpriv, 0);
-    let xpriv_input_2 = get_internal_address_xpriv(&secp, master_xpriv, 0);
-    let xpriv_change = get_internal_address_xpriv(&secp, master_xpriv, 1);
+    let xpriv_input_1 = get_external_address_xpriv(master_xpriv, 0);
+    let xpriv_input_2 = get_internal_address_xpriv(master_xpriv, 0);
+    let xpriv_change = get_internal_address_xpriv(master_xpriv, 1);
 
     // Get the PKs
-    let pk_input_1 = Xpub::from_xpriv(&secp, &xpriv_input_1).to_public_key();
-    let pk_input_2 = Xpub::from_xpriv(&secp, &xpriv_input_2).to_public_key();
+    let pk_input_1 = Xpub::from_xpriv(&xpriv_input_1).to_public_key();
+    let pk_input_2 = Xpub::from_xpriv(&xpriv_input_2).to_public_key();
     let pk_inputs = [pk_input_1, pk_input_2];
-    let pk_change = Xpub::from_xpriv(&secp, &xpriv_change).to_public_key();
+    let pk_change = Xpub::from_xpriv(&xpriv_change).to_public_key();
 
     // Get the Witness Public Key Hashes (WPKHs)
     let wpkhs: Vec<WPubkeyHash> = pk_inputs.iter().map(|pk| pk.wpubkey_hash()).collect();
@@ -218,7 +213,7 @@ fn main() {
     ];
 
     // Step 3: Signer role; that signs the PSBT.
-    psbt.sign(&master_xpriv, &secp).expect("valid signature");
+    psbt.sign(&master_xpriv).expect("valid signature");
 
     // Step 4: Finalizer role; that finalizes the PSBT.
     println!("PSBT Inputs: {:#?}", psbt.inputs);

bitcoin/examples/ecdsa-psbt-simple.rs

@@ -36,7 +36,6 @@ use bitcoin::consensus::encode;
 use bitcoin::ext::*;
 use bitcoin::locktime::absolute;
 use bitcoin::psbt::{self, Input, Psbt, PsbtSighashType};
-use bitcoin::secp256k1::{Secp256k1, Signing, Verification};
 use bitcoin::{
     transaction, Address, Amount, CompressedPublicKey, Network, OutPoint, RedeemScriptBuf,
     ScriptPubKeyBuf, ScriptSigBuf, Sequence, Transaction, TxIn, TxOut, Witness,
@@ -66,17 +65,15 @@ const CHANGE_AMOUNT_BTC: &str = "48.99999 BTC"; // 1000 sat transaction fee.
 const NETWORK: Network = Network::Regtest;
 
 fn main() -> Result<()> {
-    let secp = Secp256k1::new();
-
     let (offline, fingerprint, account_0_xpub, input_xpub) =
-        ColdStorage::new(&secp, EXTENDED_MASTER_PRIVATE_KEY)?;
+        ColdStorage::new(EXTENDED_MASTER_PRIVATE_KEY)?;
 
     let online = WatchOnly::new(account_0_xpub, input_xpub, fingerprint);
 
-    let created = online.create_psbt(&secp)?;
+    let created = online.create_psbt()?;
     let updated = online.update_psbt(created)?;
 
-    let signed = offline.sign_psbt(&secp, updated)?;
+    let signed = offline.sign_psbt(updated)?;
 
     let finalized = online.finalize_psbt(signed)?;
 
@@ -90,6 +87,7 @@ fn main() -> Result<()> {
     Ok(())
 }
 
+// TODO: This comment is stale now, re-visit.
 // We cache the pubkeys for convenience because it requires a secp context to convert the private key.
 /// An example of an offline signer i.e., a cold-storage device.
 struct ColdStorage {
@@ -109,20 +107,20 @@ impl ColdStorage {
     /// # Returns
     ///
     /// The newly created signer along with the data needed to configure a watch-only wallet.
-    fn new<C: Signing>(secp: &Secp256k1<C>, xpriv: &str) -> Result<ExportData> {
+    fn new(xpriv: &str) -> Result<ExportData> {
         let master_xpriv = xpriv.parse::<Xpriv>()?;
-        let master_xpub = Xpub::from_xpriv(secp, &master_xpriv);
+        let master_xpub = Xpub::from_xpriv(&master_xpriv);
 
         // Hardened children require secret data to derive.
 
         let path = "84h/0h/0h".into_derivation_path()?;
         let account_0_xpriv =
-            master_xpriv.derive_xpriv(secp, &path).expect("derivation path is short");
-        let account_0_xpub = Xpub::from_xpriv(secp, &account_0_xpriv);
+            master_xpriv.derive_xpriv(&path).expect("derivation path is short");
+        let account_0_xpub = Xpub::from_xpriv(&account_0_xpriv);
 
         let path = INPUT_UTXO_DERIVATION_PATH.into_derivation_path()?;
-        let input_xpriv = master_xpriv.derive_xpriv(secp, &path).expect("derivation path is short");
-        let input_xpub = Xpub::from_xpriv(secp, &input_xpriv);
+        let input_xpriv = master_xpriv.derive_xpriv(&path).expect("derivation path is short");
+        let input_xpub = Xpub::from_xpriv(&input_xpriv);
 
         let wallet = ColdStorage { master_xpriv, master_xpub };
         let fingerprint = wallet.master_fingerprint();
@@ -134,12 +132,11 @@ impl ColdStorage {
     fn master_fingerprint(&self) -> Fingerprint { self.master_xpub.fingerprint() }
 
     /// Signs `psbt` with this signer.
-    fn sign_psbt<C: Signing + Verification>(
+    fn sign_psbt(
         &self,
-        secp: &Secp256k1<C>,
         mut psbt: Psbt,
     ) -> Result<Psbt> {
-        match psbt.sign(&self.master_xpriv, secp) {
+        match psbt.sign(&self.master_xpriv) {
             Ok(keys) => assert_eq!(keys.len(), 1),
             Err((_, e)) => {
                 let e = e.get(&0).expect("at least one error");
@@ -173,12 +170,12 @@ impl WatchOnly {
     }
 
     /// Creates the PSBT, in BIP-0174 parlance this is the 'Creator'.
-    fn create_psbt<C: Verification>(&self, secp: &Secp256k1<C>) -> Result<Psbt> {
+    fn create_psbt(&self) -> Result<Psbt> {
         let to_address =
             RECEIVE_ADDRESS.parse::<Address<_>>()?.require_network(Network::Regtest)?;
         let to_amount = OUTPUT_AMOUNT_BTC.parse::<Amount>()?;
 
-        let (_, change_address, _) = self.change_address(secp)?;
+        let (_, change_address, _) = self.change_address()?;
         let change_amount = CHANGE_AMOUNT_BTC.parse::<Amount>()?;
 
         let tx = Transaction {
@@ -253,12 +250,11 @@ impl WatchOnly {
     /// "m/84h/0h/0h/1/0"). A real wallet would have access to the chain so could determine if an
     /// address has been used or not. We ignore this detail and just re-use the first change address
     /// without loss of generality.
-    fn change_address<C: Verification>(
+    fn change_address(
         &self,
-        secp: &Secp256k1<C>,
     ) -> Result<(CompressedPublicKey, Address, DerivationPath)> {
         let path = [ChildNumber::ONE_NORMAL, ChildNumber::ZERO_NORMAL];
-        let derived = self.account_0_xpub.derive_xpub(secp, path)?;
+        let derived = self.account_0_xpub.derive_xpub(path)?;
 
         let pk = derived.to_public_key();
         let addr = Address::p2wpkh(pk, NETWORK);

bitcoin/examples/ecdsa-psbt.rs

@@ -48,8 +48,7 @@ fn compute_sighash_p2wpkh(raw_tx: &[u8], inp_idx: usize, amount: Amount) {
     println!("SegWit p2wpkh sighash: {sighash:x}");
     let msg = secp256k1::Message::from(sighash);
     println!("Message is {msg:x}");
-    let secp = secp256k1::Secp256k1::verification_only();
-    pk.verify(&secp, msg, sig).unwrap()
+    pk.verify(msg, sig).unwrap()
 }
 
 /// Computes sighash for a legacy multisig transaction input that spends either a p2sh or a p2ms output.

bitcoin/examples/sighash.rs

@@ -5,7 +5,7 @@
 use bitcoin::ext::*;
 use bitcoin::key::WPubkeyHash;
 use bitcoin::locktime::absolute;
-use bitcoin::secp256k1::{rand, Message, Secp256k1, SecretKey, Signing};
+use bitcoin::secp256k1::{rand, Message, SecretKey};
 use bitcoin::sighash::{EcdsaSighashType, SighashCache};
 use bitcoin::{
     transaction, Address, Amount, Network, OutPoint, ScriptPubKeyBuf, ScriptSigBuf, Sequence,
@@ -17,11 +17,9 @@ const SPEND_AMOUNT: Amount = Amount::from_sat_u32(5_000_000);
 const CHANGE_AMOUNT: Amount = Amount::from_sat_u32(14_999_000); // 1000 sat fee.
 
 fn main() {
-    let secp = Secp256k1::new();
-
     // Get a secret key we control and the pubkeyhash of the associated pubkey.
     // In a real application these would come from a stored secret.
-    let (sk, wpkh) = senders_keys(&secp);
+    let (sk, wpkh) = senders_keys();
 
     // Get an address to send to.
     let address = receivers_address();
@@ -70,11 +68,11 @@ fn main() {
 
     // Sign the sighash using the secp256k1 library (exported by rust-bitcoin).
     let msg = Message::from(sighash);
-    let signature = secp.sign_ecdsa(msg, &sk);
+    let signature = secp256k1::ecdsa::sign(msg, &sk);
 
     // Update the witness stack.
     let signature = bitcoin::ecdsa::Signature { signature, sighash_type };
-    let pk = sk.public_key(&secp);
+    let pk = sk.public_key();
     *sighasher.witness_mut(input_index).unwrap() = Witness::p2wpkh(signature, pk);
 
     // Get the signed transaction.
@@ -87,9 +85,9 @@ fn main() {
 /// An example of keys controlled by the transaction sender.
 ///
 /// In a real application these would be actual secrets.
-fn senders_keys<C: Signing>(secp: &Secp256k1<C>) -> (SecretKey, WPubkeyHash) {
+fn senders_keys() -> (SecretKey, WPubkeyHash) {
     let sk = SecretKey::new(&mut rand::rng());
-    let pk = bitcoin::PublicKey::new(sk.public_key(secp));
+    let pk = bitcoin::PublicKey::new(sk.public_key());
     let wpkh = pk.wpubkey_hash().expect("key is compressed");
 
     (sk, wpkh)