* chore: remove dead SIMD/FE52-ARM64 code, add edge-case tests
Remove 4 dead-code files that are never compiled on any active platform:
- cpu/include/secp256k1/field_simd.hpp (169 lines)
- cpu/src/field_asm52_arm64.cpp (254 lines)
- cpu/src/field_simd.cpp (130 lines)
- cpu/tests/test_simd_batch.cpp (220 lines)
Replace test_simd_batch with test_edge_cases (60 tests covering scalar
zero, infinity arithmetic, BIP-32 IL>=n, cache corruption, and other
coverage gaps identified in CT Hardening Gap analysis).
Update CMakeLists.txt for cpu, audit, and esp32_audit to reflect removal
and replacement. All 31 ctest targets pass.
* fix(opencl): fix 6 bugs in OpenCL kernels -- 27/27 audit PASS
Root cause: NC constant typo in secp256k1_extended.cl -- 0x402DA1732FC9BEEF
should be 0x402DA1732FC9BEBF (off by 0x30). This single hex digit error
corrupted ALL scalar mod-n operations, causing scalar_inverse to fail,
which broke ECDSA and Schnorr verify.
Bug #1: Kernel name mismatch in opencl_context.cpp -- batch_jacobian_to_affine
vs batch_jacobian_to_affine_kernel.
Bug #2: Cross-program pubkey inconsistency -- host computed pubkey via embedded
kernel (PTX, correct) but verify ran in extended kernel (different field
arithmetic). Added ext_generator_mul() helper using extended kernel's
generator_mul_windowed for consistency.
Bug #3: Schnorr pubkey -- get_schnorr_pubkey_x() now uses ext_generator_mul().
Bug #4: scalar_mul_mod_n_impl -- Barrett reduction completely broken. Rewritten
with 2^256 = NC (mod n) reduction: 3 passes + scalar_cond_sub_n x3.
Bug #5: field_mul_impl/field_sqr_impl -- carry overflow in schoolbook multiply.
Rewritten with column-based muladd/muladd2 3-register accumulator.
Bug #6: NC constant typo (THE ROOT CAUSE) -- BEEF vs BEBF.
OpenCL audit result: 27/27 PASS, AUDIT-READY (0.7s on RTX 5060 Ti).
* ci(scorecard): rename cosign .bundle to .sigstore for OSSF recognition
OSSF Scorecard Signed-Releases check does not recognize .bundle extension.
Rename all cosign output from .bundle to .sigstore (standard Sigstore
extension) so Scorecard can detect signed artifacts.
Also extend attest-build-provenance subject-path to include .gem, .jar,
.deb, and .rpm package formats for complete SLSA provenance coverage.
* fix(ci): pass -T to docker-compose run in non-interactive contexts
The pre-push hook runs ci-local.sh branch-gate without a TTY, causing
docker-compose run to fail with 'the input device is not a TTY'.
Detect non-interactive stdin and pass -T flag automatically.
---------
Co-authored-by: shrec <shrec@users.noreply.github.com>
1609bec6f5