fix: uint256 overflow when generate 256bit seed words

Author: Planxnx

README.md

@@ -257,7 +257,6 @@ Total Wallet Resolved: 50000 w
 
 - [conseweb/coinutil](https://github.com/conseweb/coinutil) - for BIP39 implementation in Go
 - [tyler-smith/go-bip39](https://github.com/tyler-smith/go-bip39) - for BIP39 implementation in Go
-- [holiman/uint256](https://github.com/holiman/uint256) - for high performance fixed size unsigned 256-bit math library
 
 ## Contributing ![eth](https://user-images.githubusercontent.com/37617738/120125730-1d1bd680-c1e4-11eb-83ad-45664245cae9.png)
 

bip39/bip39.go

@@ -11,20 +11,20 @@ import (
 	"crypto/rand"
 	"crypto/sha256"
 	"crypto/sha512"
+	"math/big"
 	"strings"
 
-	"github.com/holiman/uint256"
 	"github.com/pkg/errors"
 	"golang.org/x/crypto/pbkdf2"
 )
 
 var (
-	one = uint256.NewInt(1)
-	two = uint256.NewInt(2)
+	one = big.NewInt(1)
+	two = big.NewInt(2)
 
 	bitsChunkSize   = 11
-	shift11BitsMask = new(uint256.Int).Lsh(one, uint(bitsChunkSize)) // 2^11 = 2048
-	last11BitsMask  = new(uint256.Int).Sub(shift11BitsMask, one)     // 2^11 - 1 = 2047
+	shift11BitsMask = new(big.Int).Lsh(one, uint(bitsChunkSize)) // 2^11 = 2048
+	last11BitsMask  = new(big.Int).Sub(shift11BitsMask, one)     // 2^11 - 1 = 2047
 )
 
 // NewEntropy will create random entropy bytes
@@ -61,10 +61,10 @@ func NewMnemonic(entropy []byte) (string, error) {
 
 	// Add checksum to entropy.
 	// Entropy as an int so we can bitmask without worrying about bytes slices.
-	entropyInt := new(uint256.Int).SetBytes(addChecksum(entropy))
+	entropyInt := addChecksum(entropy)
 
-	// Throw away uint256.Int for AND masking.
-	word := uint256.NewInt(0)
+	// Throw away big.Int for AND masking.
+	word := big.NewInt(0)
 
 	// Slice to hold words in.
 	words := make([]string, sentenceLength)
@@ -92,10 +92,10 @@ func NewSeed(mnemonic, password string) []byte {
 }
 
 // Appends to data the first (len(data) / 32)bits of the result of sha256(data)
-// abd returns the result as a uint256.Int.
+// abd returns the result as a big.Int.
 //
 // Currently only supports data up to 32 bytes.
-func addChecksum(data []byte) []byte {
+func addChecksum(data []byte) *big.Int {
 	// Get first byte of sha256
 	hash := computeChecksum(data)
 	firstChecksumByte := hash[0]
@@ -106,7 +106,7 @@ func addChecksum(data []byte) []byte {
 	// For each bit of check sum we want we shift the data one the left
 	// and then set the (new) right most bit equal to checksum bit at that index
 	// staring from the left
-	dataInt := new(uint256.Int).SetBytes(data)
+	dataInt := new(big.Int).SetBytes(data)
 	for i := uint(0); i < checksumBitLength; i++ {
 		// Bitshift 1 left
 		dataInt.Mul(dataInt, two)
@@ -117,7 +117,7 @@ func addChecksum(data []byte) []byte {
 		}
 	}
 
-	return dataInt.Bytes()
+	return dataInt
 }
 
 func computeChecksum(data []byte) []byte {

go.mod

@@ -7,7 +7,6 @@ require (
 	github.com/btcsuite/btcd/btcutil v1.1.3
 	github.com/cheggaaa/pb/v3 v3.1.2
 	github.com/ethereum/go-ethereum v1.11.4
-	github.com/holiman/uint256 v1.2.2
 	github.com/pkg/errors v0.9.1
 	github.com/schollz/progressbar/v3 v3.13.0
 	github.com/tyler-smith/go-bip39 v1.1.0
@@ -36,7 +35,7 @@ require (
 	github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
 	github.com/rivo/uniseg v0.4.4 // indirect
 	github.com/stretchr/testify v1.8.2
-	golang.org/x/crypto v0.7.0 // indirect
+	golang.org/x/crypto v0.7.0
 	golang.org/x/sys v0.6.0 // indirect
 	golang.org/x/term v0.6.0 // indirect
 )

go.sum

@@ -72,8 +72,6 @@ github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEW
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/holiman/uint256 v1.2.2 h1:TXKcSGc2WaxPD2+bmzAsVthL4+pEN0YwXcL5qED83vk=
-github.com/holiman/uint256 v1.2.2/go.mod h1:SC8Ryt4n+UBbPbIBKaG9zbbDlp4jOru9xFZmPzLUTxw=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
@@ -134,7 +132,6 @@ github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpE
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
@@ -186,6 +183,7 @@ google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miE
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=