1.5.3

• New algorithm for utils.randomPrivateKey()
• Added utils.hashToPrivateKey()
• Improved JacobianPoint#toAffine() check
• 5-10% speed-up

1.5.2

• Fix library compatibility with bad parsers over bigint syntax
• New exported utils.mod utility
• recoverPublicKey and Point.fromSignature now reduce msgHash modulo n
• Uint8Arrays are now always copied instead of using .slice() method of theirs
• Hex parsing improvements

1.5.0

• Messages in ECDSA sign() are now reduced modulo n to match RFC6979. Contributed by @kklash.
  • Note: libsecp256k1 is awaiting pull request for the same bugfix
• sign can now receive {extraEntropy: true} to auto-populate k with random data. This is strongly recommended, see README
• RFC6979 has been thoroughly refactored

1.4.0

• Important: signatures are now canonical: true by default. This mirrors libsecp256k1 behavior. If you'd like old (OpenSSL) behavior, use sign with canonical: false
• Important: verify() is now strict: true by default. High-s signatures are rejected, which also mirrors libsecp behavior.
• Important: removed string (hex) return type from public methods. Uint8Array is now always returned
• Added extraEntropy option to sign. It allows to specify k' as per RFC6979
• Added Signature#hasHighS() and Signature#normalizeS() methods
• Rewrite DER parsing logic
• Improve hex parsing security
• assertValidity is now done in Signature constructor, instead of a separate method
• Remove SignResult deprecated class that cloned Signature

Full Changelog: 1.3.4...1.4.0

Thanks to @hank121314 for contribution

1.3.3

• Add main/module fields to package.json to fix rollup/browserify

1.3.2

• Typescript support bugfix

1.3.1

What's Changed

• Improve compatibility with non-compliant JS parsers: swap n format to Bigint() in #33
• ECMAScript Modules (ESM) support in #32
• Do not depend on @types/dom when using Typescript
• Improve garbage collector behavior by not using array assignments that call ES6 iterator protocol

New Contributors

• @jacogr made their first contribution in #33

Full Changelog: 1.3.0...1.3.1

1.3.0

• Security improvement: moved npm package to @noble/secp256k1 (from noble-secp256k1). Namespaces cannot be used by other people, so by using @noble you can be sure it's authentic

1.2.14

• Fix webpack builds

1.2.13

• Add Signature methods: fromDER, toDER, fromCompact, toCompact; discourage fromHex, toHex since it's ambigous
• Add der: false option to sign() to output compact sig