chore: integrate rust-secp256k1

crates/precompile/Cargo.toml

@@ -31,6 +31,7 @@ specification.workspace = true
 once_cell = { version = "1.19", default-features = false, features = ["alloc"] }
 
 # ecRecover
+libsecp256k1 = { version = "0.7", default-features = false, package = "libsecp256k1", optional = true }
 k256 = { version = "0.13.3", default-features = false, features = ["ecdsa"] }
 secp256k1 = { version = ">=0.28, <=0.29", default-features = false, features = [
     "alloc",
@@ -78,7 +79,7 @@ serde_json = "1.0"
 serde_derive = "1.0"
 
 [features]
-default = ["std", "c-kzg", "secp256k1", "portable", "blst"]
+default = ["std", "c-kzg", "secp256k1", "portable", "blst", "libsecp256k1"]
 std = [
     "primitives/std",
     "k256/std",

crates/precompile/src/secp256k1.rs

@@ -9,60 +9,71 @@ pub const ECRECOVER: PrecompileWithAddress =
 
 pub use self::secp256k1::ecrecover;
 
-#[cfg(not(feature = "secp256k1"))]
 #[allow(clippy::module_inception)]
 mod secp256k1 {
-    use k256::ecdsa::{Error, RecoveryId, Signature, VerifyingKey};
     use primitives::{alloy_primitives::B512, keccak256, B256};
 
-    pub fn ecrecover(sig: &B512, mut recid: u8, msg: &B256) -> Result<B256, Error> {
-        // parse signature
-        let mut sig = Signature::from_slice(sig.as_slice())?;
-
-        // normalize signature and flip recovery id if needed.
-        if let Some(sig_normalized) = sig.normalize_s() {
-            sig = sig_normalized;
-            recid ^= 1;
+    cfg_if::cfg_if! {
+        if #[cfg(feature = "secp256k1")] {
+            use secp256k1::{
+                ecdsa::{RecoverableSignature, RecoveryId},
+                Message, SECP256K1,
+            };
+
+            // Silence the unused crate dependency warning.
+            use k256 as _;
+
+            pub fn ecrecover(sig: &B512, recid: u8, msg: &B256) -> Result<B256, secp256k1::Error> {
+                let recid = RecoveryId::from_i32(recid as i32).expect("recovery ID is valid");
+                let sig = RecoverableSignature::from_compact(sig.as_slice(), recid)?;
+
+                let msg = Message::from_digest(msg.0);
+                let public = SECP256K1.recover_ecdsa(&msg, &sig)?;
+
+                let mut hash = keccak256(&public.serialize_uncompressed()[1..]);
+                hash[..12].fill(0);
+                Ok(hash)
+            }
+        } else if #[cfg(feature = "libsecp256k1")] {
+            pub fn ecrecover(sig: &B512, recid: u8, msg: &B256) -> Result<B256, libsecp256k1::Error> {
+                let recid = libsecp256k1::RecoveryId::parse(recid)?;
+                let sig = RecoverableSignature::from_compact(sig.as_slice(), recid)?;
+
+                let msg = libsecp256k1::Message::parse(msg.as_ref());
+                let public = libsecp256k1::recover(&msg, &sig, &recid)?;
+
+                let mut hash = keccak256(&public.serialize_uncompressed()[1..]);
+                hash[..12].fill(0);
+                Ok(hash)
+            }
+        } else {
+            use k256::ecdsa::{Error, RecoveryId, Signature, VerifyingKey};
+
+            pub fn ecrecover(sig: &B512, mut recid: u8, msg: &B256) -> Result<B256, Error> {
+                // parse signature
+                let mut sig = Signature::from_slice(sig.as_slice())?;
+
+                // normalize signature and flip recovery id if needed.
+                if let Some(sig_normalized) = sig.normalize_s() {
+                    sig = sig_normalized;
+                    recid ^= 1;
+                }
+                let recid = RecoveryId::from_byte(recid).expect("recovery ID is valid");
+
+                // recover key
+                let recovered_key = VerifyingKey::recover_from_prehash(&msg[..], &sig, recid)?;
+                // hash it
+                let mut hash = keccak256(
+                    &recovered_key
+                        .to_encoded_point(/* compress = */ false)
+                        .as_bytes()[1..],
+                );
+
+                // truncate to 20 bytes
+                hash[..12].fill(0);
+                Ok(hash)
+            }
         }
-        let recid = RecoveryId::from_byte(recid).expect("recovery ID is valid");
-
-        // recover key
-        let recovered_key = VerifyingKey::recover_from_prehash(&msg[..], &sig, recid)?;
-        // hash it
-        let mut hash = keccak256(
-            &recovered_key
-                .to_encoded_point(/* compress = */ false)
-                .as_bytes()[1..],
-        );
-
-        // truncate to 20 bytes
-        hash[..12].fill(0);
-        Ok(hash)
-    }
-}
-
-#[cfg(feature = "secp256k1")]
-#[allow(clippy::module_inception)]
-mod secp256k1 {
-    use primitives::{alloy_primitives::B512, keccak256, B256};
-    use secp256k1::{
-        ecdsa::{RecoverableSignature, RecoveryId},
-        Message, SECP256K1,
-    };
-
-    // Silence the unused crate dependency warning.
-    use k256 as _;
-
-    pub fn ecrecover(sig: &B512, recid: u8, msg: &B256) -> Result<B256, secp256k1::Error> {
-        let recid = RecoveryId::from_i32(recid as i32).expect("recovery ID is valid");
-        let sig = RecoverableSignature::from_compact(sig.as_slice(), recid)?;
-
-        let msg = Message::from_digest(msg.0);
-        let public = SECP256K1.recover_ecdsa(&msg, &sig)?;
-
-        let mut hash = keccak256(&public.serialize_uncompressed()[1..]);
-        hash[..12].fill(0);
-        Ok(hash)
     }
 }