commit ed95eae3e2fc1573cea860bb9eb09875e1ed25cd
parent fd8257987717027b2b7658b2466cc06a0f62460b
Author: Jared Tobin <jared@jtobin.io>
Date: Tue, 12 Mar 2024 17:44:17 +0400
lib: add warning re: context usage
Diffstat:
1 file changed, 14 insertions(+), 0 deletions(-)
diff --git a/lib/Crypto/Secp256k1.hs b/lib/Crypto/Secp256k1.hs
@@ -156,6 +156,17 @@ instance Exception Secp256k1Exception
-- that has /not/ been randomized, and so /doesn't/ offer additional
-- side-channel attack protection. For that, use 'wrcontext'.
--
+-- Do /not/ attempt to use the created 'Context' value outside
+-- of a 'wcontext' or 'wrcontext' block, as the internal
+-- bitcoin-core/secp256k1 context will have been destroyed by then.
+-- For example, don't be cheeky and do something like:
+--
+-- > do
+-- > context <- wcontext pure
+-- > derive_pub context seckey
+--
+-- unless you like segfaults.
+--
-- >>> wcontext $ \tex -> parse_pub tex bytestring
-- "<bitcoin-core/secp256k1 public key>"
wcontext
@@ -176,6 +187,9 @@ wcontext = bracket create destroy where
-- Use this function to execute computations that may benefit from
-- additional side-channel attack protection.
--
+-- As with 'wcontext', do /not/ attempt to use a created 'Context'
+-- value outside of the 'wrcontext' block.
+--
-- >>> wrcontext entropy $ \tex -> sign tex sec msg
-- "<bitcoin-core/secp256k1 signature>"
wrcontext
