fix: fr9 recommendations (#1743)

* fix: fr9 recommendations

* fix: en_1 recommendations

---------

Co-authored-by: Fabio Rigamonti <[email protected]>

docs/accounts.md

@@ -130,7 +130,7 @@ Through the use of mnemonics and keystore, VeChainSDK ensures secure and user-fr
 ```typescript { name=keystore, category=example }
 // 1 - Create private key using Secp256k1
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // @NOTE you can use BIP 39 too!
 // const words = Mnemonic.of()

docs/certificates.md

@@ -47,7 +47,7 @@ It's important to note that certificates in the VeChainThor blockchain are self-
 ```typescript { name=sign_verify, category=example }
 // 1 - Generate a private key and address for the signer
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 const publicKey = Secp256k1.derivePublicKey(privateKey);
 const signerAddress = Address.ofPublicKey(publicKey).toString();
 

docs/cryptography.md

@@ -51,7 +51,7 @@ Secp256k1 is mainly used for generating public and private key pairs in cryptogr
 ```typescript { name=secp256k1, category=example }
 // 1 - Generate a private key.
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 console.log('Private key:', Hex.of(privateKey).toString());
 // Private key: ...SOME_PRIVATE_KEY...
 

docs/examples/accounts/keystore.ts

@@ -5,7 +5,7 @@ import { expect } from 'expect';
 
 // 1 - Create private key using Secp256k1
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // @NOTE you can use BIP 39 too!
 // const words = Mnemonic.of()

docs/examples/certificates/sign_verify.ts

@@ -4,7 +4,7 @@ import { Address, Certificate, Secp256k1 } from '@vechain/sdk-core';
 
 // 1 - Generate a private key and address for the signer
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 const publicKey = Secp256k1.derivePublicKey(privateKey);
 const signerAddress = Address.ofPublicKey(publicKey).toString();
 

docs/examples/cryptography/secp256k1.ts

@@ -5,7 +5,7 @@ import { expect } from 'expect';
 
 // 1 - Generate a private key.
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 console.log('Private key:', Hex.of(privateKey).toString());
 // Private key: ...SOME_PRIVATE_KEY...
 

docs/examples/transactions/blockref-expiration.ts

@@ -37,7 +37,7 @@ const body: TransactionBody = {
 
 // 3 - Create private key
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // 4 - Sign transaction
 

docs/examples/transactions/multiple-clauses.ts

@@ -46,7 +46,7 @@ const body: TransactionBody = {
 };
 
 // Create private key
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // 4 - Sign transaction
 

docs/examples/transactions/sign-decode.ts

@@ -40,7 +40,7 @@ const body: TransactionBody = {
 };
 
 // Create private key
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // 4 - Sign transaction
 

docs/examples/transactions/tx-dependency.ts

@@ -57,7 +57,7 @@ const txBBody: TransactionBody = {
 };
 
 // Define the senders private key
-const senderPrivateKey = await Secp256k1.generatePrivateKey();
+const senderPrivateKey = Secp256k1.generatePrivateKey();
 
 // To define transaction B as dependent on transaction
 // it's necessary to sign transaction A, and then get its Id

docs/transactions.md

@@ -47,7 +47,7 @@ const body: TransactionBody = {
 };
 
 // Create private key
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // 4 - Sign transaction
 
@@ -99,7 +99,7 @@ const body: TransactionBody = {
 };
 
 // Create private key
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // 4 - Sign transaction
 
@@ -214,7 +214,7 @@ const body: TransactionBody = {
 
 // 3 - Create private key
 
-const privateKey = await Secp256k1.generatePrivateKey();
+const privateKey = Secp256k1.generatePrivateKey();
 
 // 4 - Sign transaction
 
@@ -277,7 +277,7 @@ const txBBody: TransactionBody = {
 };
 
 // Define the senders private key
-const senderPrivateKey = await Secp256k1.generatePrivateKey();
+const senderPrivateKey = Secp256k1.generatePrivateKey();
 
 // To define transaction B as dependent on transaction
 // it's necessary to sign transaction A, and then get its Id

packages/core/src/secp256k1/Secp256k1.ts

@@ -94,41 +94,26 @@ class Secp256k1 {
     }
 
     /**
-     * Generates a new random private key.
-     * If an error occurs during generation using
-     * [nc_secp256k1](https://github.com/paulmillr/noble-secp256k1),
-     * an AES-GCM key is generated as a fallback in runtimes not supported
-     * by `nc_secp256k1`, if those support {@link {@link global.crypto}.
+     * Generates a new Secp256k1 private key using a secure random number generator.
      *
-     * @return {Promise<Uint8Array>} The generated private key as a Uint8Array.
+     * @return {Uint8Array} A Uint8Array representing the generated private key.
+     *                      This encoded private key is suitable for cryptographic operations.
+     * @throws {InvalidSecp256k1PrivateKey} Throws an error if private key generation fails if a secure random number
+     *                                      generator is not provided by the hosting operating system.
      *
      * @remarks Security auditable method, depends on
-     * * {@link global.crypto.subtle.exportKey};
-     * * {@link global.crypto.subtle.generateKey};
      * * [nc_secp256k1.utils.randomPrivateKey](https://github.com/paulmillr/noble-secp256k1).
      */
-    public static async generatePrivateKey(): Promise<Uint8Array> {
+    public static generatePrivateKey(): Uint8Array {
         try {
             return nc_secp256k1.utils.randomPrivateKey();
         } catch (e) {
-            // Generate an ECDSA key pair
-            const cryptoKey = await global.crypto.subtle.generateKey(
-                {
-                    name: 'AES-GCM',
-                    length: 256
-                },
-                true,
-                ['encrypt', 'decrypt']
-            );
-
-            // Export the private key to raw format
-            const rawKey = await global.crypto.subtle.exportKey(
-                'raw',
-                cryptoKey
+            throw new InvalidSecp256k1PrivateKey(
+                'Secp256k1.generatePrivateKey',
+                'Private key generation failed: ensure you have a secure random number generator available at runtime.',
+                undefined,
+                e
             );
-
-            // Convert the ArrayBuffer to Uint8Array
-            return new Uint8Array(rawKey);
         }
     }
 
@@ -192,20 +177,18 @@ class Secp256k1 {
      * {@link {@link global.crypto} is used as fall back togenerate
      * the random sequence.
      *
-     * @param {number} [bytesLength=32] - Optional. The number of random bytes to generate.
+     * @param {number} [bytesLength=32] - Optional. The number of random bytes to generate, 32 by default.
      * @return {Uint8Array} - A Uint8Array containing the random bytes.
      *
      * @remarks Security auditable method, depends on
-     *  * {@link global.crypto.getRandomValues};
+     * * {@link global.crypto.getRandomValues};
      * * [nh_randomBytes](https://github.com/paulmillr/noble-hashes).
      */
-    public static randomBytes(bytesLength?: number): Uint8Array {
+    public static randomBytes(bytesLength: number = 32): Uint8Array {
         try {
             return nh_randomBytes(bytesLength);
         } catch (e) {
-            return global.crypto.getRandomValues(
-                new Uint8Array(bytesLength ?? 32)
-            );
+            return global.crypto.getRandomValues(new Uint8Array(bytesLength));
         }
     }
 

packages/core/tests/keystore/keystore.unit.test.ts

@@ -31,7 +31,7 @@ import { encryptionPassword } from './fixture';
          */
         test('encrypt', async () => {
             // Generate a random private key
-            const privateKey = await Secp256k1.generatePrivateKey();
+            const privateKey = Secp256k1.generatePrivateKey();
             const addressFromPrivateKey =
                 Address.ofPrivateKey(privateKey).toString();
 
@@ -68,7 +68,7 @@ import { encryptionPassword } from './fixture';
          */
         test('decrypt', async () => {
             // Generate a random private key
-            const privateKey = await Secp256k1.generatePrivateKey();
+            const privateKey = Secp256k1.generatePrivateKey();
 
             const expected = HexUInt.of(privateKey).toString();
 
@@ -93,7 +93,7 @@ import { encryptionPassword } from './fixture';
          */
         test('decrypt with invalid password', async () => {
             // Generate a random private key
-            const privateKey = await Secp256k1.generatePrivateKey();
+            const privateKey = Secp256k1.generatePrivateKey();
 
             //  Create keystore
             const myKeystore = await keystore.encrypt(
@@ -116,7 +116,7 @@ import { encryptionPassword } from './fixture';
          */
         test('decrypt invalid keystore', async () => {
             // Generate a random private key
-            const privateKey = await Secp256k1.generatePrivateKey();
+            const privateKey = Secp256k1.generatePrivateKey();
 
             //  Create keystore
             const myKeystore = await keystore.encrypt(
@@ -149,7 +149,7 @@ import { encryptionPassword } from './fixture';
          */
         test('validation', async () => {
             // Generate a random private key
-            const privateKey = await Secp256k1.generatePrivateKey();
+            const privateKey = Secp256k1.generatePrivateKey();
 
             //  Create keystore
             const myKeystore = await keystore.encrypt(