From c8adb6c55c7ca0ad5b9f777d70e1564541658545 Mon Sep 17 00:00:00 2001
From: federico <federico.zhen@tron.network>
Date: Wed, 8 Apr 2026 20:16:42 +0800
Subject: [PATCH 1/2] refactor(crypto): remove deprecated point-compression
 methods and harden SM2/SignUtils

---
 .../java/org/tron/common/crypto/ECKey.java    | 24 -------------
 .../org/tron/common/crypto/SignUtils.java     | 10 ++++++
 .../java/org/tron/common/crypto/sm2/SM2.java  | 36 ++++---------------
 3 files changed, 16 insertions(+), 54 deletions(-)

diff --git a/crypto/src/main/java/org/tron/common/crypto/ECKey.java b/crypto/src/main/java/org/tron/common/crypto/ECKey.java
index d0a6048aca1..36f83d6ef10 100644
--- a/crypto/src/main/java/org/tron/common/crypto/ECKey.java
+++ b/crypto/src/main/java/org/tron/common/crypto/ECKey.java
@@ -245,30 +245,6 @@ private static PrivateKey privateKeyFromBigInteger(BigInteger priv) {
     }
   }
 
-  /**
-   * Utility for compressing an elliptic curve point. Returns the same point if it's already
-   * compressed. See the ECKey class docs for a discussion of point compression.
-   *
-   * @param uncompressed -
-   * @return -
-   * @deprecated per-point compression property will be removed in Bouncy Castle
-   */
-  public static ECPoint compressPoint(ECPoint uncompressed) {
-    return CURVE.getCurve().decodePoint(uncompressed.getEncoded(true));
-  }
-
-  /**
-   * Utility for decompressing an elliptic curve point. Returns the same point if it's already
-   * compressed. See the ECKey class docs for a discussion of point compression.
-   *
-   * @param compressed -
-   * @return -
-   * @deprecated per-point compression property will be removed in Bouncy Castle
-   */
-  public static ECPoint decompressPoint(ECPoint compressed) {
-    return CURVE.getCurve().decodePoint(compressed.getEncoded(false));
-  }
-
   /**
    * Creates an ECKey given the private key only.
    *
diff --git a/crypto/src/main/java/org/tron/common/crypto/SignUtils.java b/crypto/src/main/java/org/tron/common/crypto/SignUtils.java
index b921d548e8b..00c9c6f345e 100644
--- a/crypto/src/main/java/org/tron/common/crypto/SignUtils.java
+++ b/crypto/src/main/java/org/tron/common/crypto/SignUtils.java
@@ -48,8 +48,18 @@ public static byte[] signatureToAddress(
       byte[] messageHash, SignatureInterface signatureInterface, boolean isECKeyCryptoEngine)
       throws SignatureException {
     if (isECKeyCryptoEngine) {
+      if (!(signatureInterface instanceof ECDSASignature)) {
+        throw new IllegalArgumentException(
+            "Expected ECDSASignature for ECKey engine, got: "
+                + signatureInterface.getClass().getName());
+      }
       return ECKey.signatureToAddress(messageHash, (ECDSASignature) signatureInterface);
     }
+    if (!(signatureInterface instanceof SM2Signature)) {
+      throw new IllegalArgumentException(
+          "Expected SM2Signature for SM2 engine, got: "
+              + signatureInterface.getClass().getName());
+    }
     return SM2.signatureToAddress(messageHash, (SM2Signature) signatureInterface);
   }
 }
diff --git a/crypto/src/main/java/org/tron/common/crypto/sm2/SM2.java b/crypto/src/main/java/org/tron/common/crypto/sm2/SM2.java
index b1d349efad3..9a68e29d172 100644
--- a/crypto/src/main/java/org/tron/common/crypto/sm2/SM2.java
+++ b/crypto/src/main/java/org/tron/common/crypto/sm2/SM2.java
@@ -50,17 +50,17 @@
 @Slf4j(topic = "crypto")
 public class SM2 implements Serializable, SignInterface {
 
-  private static BigInteger SM2_N = new BigInteger(
+  private static final BigInteger SM2_N = new BigInteger(
       "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", 16);
-  private static BigInteger SM2_P = new BigInteger(
+  private static final BigInteger SM2_P = new BigInteger(
       "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", 16);
-  private static BigInteger SM2_A = new BigInteger(
+  private static final BigInteger SM2_A = new BigInteger(
       "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", 16);
-  private static BigInteger SM2_B = new BigInteger(
+  private static final BigInteger SM2_B = new BigInteger(
       "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", 16);
-  private static BigInteger SM2_GX = new BigInteger(
+  private static final BigInteger SM2_GX = new BigInteger(
       "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", 16);
-  private static BigInteger SM2_GY = new BigInteger(
+  private static final BigInteger SM2_GY = new BigInteger(
       "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", 16);
 
   private static ECDomainParameters ecc_param;
@@ -207,30 +207,6 @@ private static ECPoint extractPublicKey(final ECPublicKey ecPublicKey) {
   }
 
 
-  /**
-   * Utility for compressing an elliptic curve point. Returns the same point if it's already
-   * compressed. See the ECKey class docs for a discussion of point compression.
-   *
-   * @param uncompressed -
-   * @return -
-   * @deprecated per-point compression property will be removed in Bouncy Castle
-   */
-  public static ECPoint compressPoint(ECPoint uncompressed) {
-    return ecc_param.getCurve().decodePoint(uncompressed.getEncoded(true));
-  }
-
-  /**
-   * Utility for decompressing an elliptic curve point. Returns the same point if it's already
-   * compressed. See the ECKey class docs for a discussion of point compression.
-   *
-   * @param compressed -
-   * @return -
-   * @deprecated per-point compression property will be removed in Bouncy Castle
-   */
-  public static ECPoint decompressPoint(ECPoint compressed) {
-    return ecc_param.getCurve().decodePoint(compressed.getEncoded(false));
-  }
-
   /**
    * Creates an SM2 given the private key only.
    *

From e8cd1040d85cab4463ca9ee5f9dc5f0fc89c82b8 Mon Sep 17 00:00:00 2001
From: federico <federico.zhen@tron.network>
Date: Thu, 9 Apr 2026 15:59:49 +0800
Subject: [PATCH 2/2] fix(crypto): null-safe error message in
 SignUtils.signatureToAddress

---
 crypto/src/main/java/org/tron/common/crypto/SignUtils.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/crypto/src/main/java/org/tron/common/crypto/SignUtils.java b/crypto/src/main/java/org/tron/common/crypto/SignUtils.java
index 00c9c6f345e..34f7c65ba65 100644
--- a/crypto/src/main/java/org/tron/common/crypto/SignUtils.java
+++ b/crypto/src/main/java/org/tron/common/crypto/SignUtils.java
@@ -51,14 +51,16 @@ public static byte[] signatureToAddress(
       if (!(signatureInterface instanceof ECDSASignature)) {
         throw new IllegalArgumentException(
             "Expected ECDSASignature for ECKey engine, got: "
-                + signatureInterface.getClass().getName());
+                + (signatureInterface == null ? "null"
+                    : signatureInterface.getClass().getName()));
       }
       return ECKey.signatureToAddress(messageHash, (ECDSASignature) signatureInterface);
     }
     if (!(signatureInterface instanceof SM2Signature)) {
       throw new IllegalArgumentException(
           "Expected SM2Signature for SM2 engine, got: "
-              + signatureInterface.getClass().getName());
+              + (signatureInterface == null ? "null"
+                  : signatureInterface.getClass().getName()));
     }
     return SM2.signatureToAddress(messageHash, (SM2Signature) signatureInterface);
   }