@smartledger/bsv-hardened v1.5.6-1

BSV Hardened

A drop-in replacement for BSV 1.5.6 with a security-hardened ECDSA implementation, fixing critical cryptographic vulnerabilities while maintaining full API compatibility.

Features

• Complete drop-in replacement for BSV 1.5.6
• Enhanced security with RFC 6979 deterministic k-value generation
• Signature uniqueness enforcement
• Malleability protection with low-s value enforcement
• 100% API compatibility with BSV 1.5.6

Installation

npm install @smartledger/bsv-hardened

Usage

Simply replace your BSV import:

// Instead of: const bsv = require('bsv')
const bsv = require('@smartledger/bsv-hardened');

// Use exactly as you would use BSV 1.5.6
const privateKey = new bsv.PrivateKey();
const message = 'Hello, Bitcoin SV!';
const messageHash = bsv.crypto.Hash.sha256(Buffer.from(message));
const signature = bsv.crypto.ECDSA.sign(messageHash, privateKey);
const isValid = bsv.crypto.ECDSA.verify(messageHash, signature, privateKey.publicKey);

Security Enhancements

This package specifically addresses critical vulnerabilities in the ECDSA implementation while maintaining all other BSV 1.5.6 functionality:

• Unique k-value generation using RFC 6979 with additional entropy
• Signature validation during signing process
• Low-s value enforcement for malleability protection
• Enhanced point arithmetic for proper signature verification

Compatibility

This package is a complete drop-in replacement for BSV 1.5.6. All existing code that uses BSV 1.5.6 will work without any modifications - just change your import statement.

License

This project is licensed under the MIT License - see the LICENSE file for details.