Replace libsecp256k1 with secp256k1 (paritytech#10798)

* Replace libsecp256k1 with secp256k1

* Wipe ecdsa secret key from memory on drop

* Some comments for a known issue

* Safer core crypto primitives `from_slice` constructor

Previous version panics if slice lenght is not the expected one.

* Unit test fix

* Enable use of global secp256k1 context

* Better comments for ecdsa `Pair` drop

* Replace `libsecp256k1` with `seco256k1` in `beefy-mmr`

Used to convert ecdsa public key to ETH address

* Replace `libsecp256k1` with `secp256k1` in FRAME `contracts`benchmarks

* Temporary rollback of `beefy-mmr` to libsecp256k1

Check for detected build issues

* Cargo fmt

* Rollback of FRAME `contracts` benchmarks to `libsecp256k1`

* Rollback for unrelated changes

* Typo fix

* Add comments for deprecated `ecdsa_verify` and `secp256k1_ecdsa_recover`

Author: davxy

Cargo.lock

@@ -265,6 +265,7 @@ percent-encoding = { opt-level = 3 }
 primitive-types = { opt-level = 3 }
 ring = { opt-level = 3 }
 rustls = { opt-level = 3 }
+secp256k1 = { opt-level = 3 }
 sha2 = { opt-level = 3 }
 sha3 = { opt-level = 3 }
 smallvec = { opt-level = 3 }

Cargo.toml

@@ -105,7 +105,7 @@ fn cryptos_are_compatible() {
 	let sp_core_signature = sp_core_secret.sign(message); // no error expected...
 
 	assert!(sp_core::ed25519::Pair::verify(
-		&sp_core::ed25519::Signature::from_slice(&libp2p_signature),
+		&sp_core::ed25519::Signature::from_slice(&libp2p_signature).unwrap(),
 		message,
 		&sp_core_public
 	));

client/authority-discovery/src/tests.rs

@@ -31,7 +31,6 @@ sc-executor-common = { version = "0.10.0-dev", path = "common" }
 sc-executor-wasmi = { version = "0.10.0-dev", path = "wasmi" }
 sc-executor-wasmtime = { version = "0.10.0-dev", path = "wasmtime", optional = true }
 parking_lot = "0.12.0"
-libsecp256k1 = "0.7"
 sp-core-hashing-proc-macro = { version = "4.0.0-dev", path = "../../primitives/core/hashing/proc-macro" }
 lru = "0.6.6"
 tracing = "0.1.29"

client/executor/Cargo.toml

@@ -54,8 +54,9 @@ schnorrkel = { version = "0.9.1", features = [
 	"u64_backend",
 ], default-features = false, optional = true }
 hex = { version = "0.4", default-features = false, optional = true }
-libsecp256k1 = { version = "0.7", default-features = false, features = ["hmac", "static-context"], optional = true }
+libsecp256k1 = { version = "0.7", default-features = false, features = ["static-context"], optional = true }
 merlin = { version = "2.0", default-features = false, optional = true }
+secp256k1 = { version = "0.21.2", default-features = false, features = ["recovery", "global-context"], optional = true }
 ss58-registry = { version = "1.11.0", default-features = false }
 sp-core-hashing = { version = "4.0.0", path = "./hashing", default-features = false, optional = true }
 sp-runtime-interface = { version = "5.0.0", default-features = false, path = "../runtime-interface" }
@@ -106,6 +107,7 @@ std = [
 	"schnorrkel/std",
 	"regex",
 	"num-traits/std",
+	"secp256k1/std",
 	"sp-core-hashing/std",
 	"sp-debug-derive/std",
 	"sp-externalities",
@@ -129,6 +131,7 @@ full_crypto = [
 	"schnorrkel",
 	"hex",
 	"libsecp256k1",
+	"secp256k1",
 	"sp-core-hashing",
 	"sp-runtime-interface/disable_target_static_assertions",
 	"merlin",