This PR moves our fuzzers from tests/fuzzers into whatever their respective 'native' package is.
The historical reason why they were placed in an external location, is that when they were based on go-fuzz, they could not be "hidden" via the _test.go prefix. So in order to shove them away from the go-ethereum "production code", they were put aside.
But now we've rewritten them to be based on golang testing, and thus can be brought back. I've left (in tests/) the ones that are not production (bls128381), require non-standard imports (secp requires btcec, bn256 requires gnark/google/cloudflare deps).
This PR also adds a fuzzer for precompiled contracts, because why not.
This PR utilizes a newly rewritten replacement for go-118-fuzz-build, namely gofuzz-shim, which utilises the inputs from the fuzzing engine better.
This updates the no-cgo implementations in the crypto package to use
the github.com/btcsuite/btcd/btcec/v2 module instead of the older btcec
package that was part of the main github.com/btcsuite/btcd module.
name old time/op new time/op delta
EcrecoverSignature-32 198µs ± 0% 144µs ± 0% -27.11%
VerifySignature-32 177µs ± 0% 128µs ± 0% -27.44%
DecompressPubkey-32 20.9µs ± 0% 10.1µs ± 0% -51.51%
Use (*ModNScalar).IsOverHalfOrder instead of math/big.Int when checking
for malleable signatures.
This commit changes the behavior of BitCurve.Add to be more inline
with btcd. It fixes two different bugs:
1) When adding a point at infinity to another point, the other point
should be returned. While this is undefined behavior, it is better
to be more inline with the go standard library.
Thus (0,0) + (a, b) = (a,b)
2) Adding the same point to itself produced the point at infinity.
This is incorrect, now doubleJacobian is used to correctly calculate it.
Thus (a,b) + (a,b) == 2* (a,b) and not (0,0) anymore.
The change also adds a differential fuzzer for Add, testing it against btcd.
Co-authored-by: Felix Lange <fjl@twurst.com>
