git config --system --unset credential.helper

then enter new password for Git remote server.

参考

https://stackoverflow.com/questions/47860772/gitlab-remote-http-basic-access-denied-and-fatal-authentication

由于合约中使用nlohmann/json解析json时，当遇到float类型时报"wabt out of bounds memory access"
不断调试代码，找到如下位置
https://github.com/nlohmann/json/blob/d2a08ddafd503b02b3418194c31e121e105411c6/include/nlohmann/detail/input/lexer.hpp#L1005
由于合约内不会考虑float类型，项目较急，先直接不解析此类型，下面位置添加return token_type::parse_error;

scan_number_decimal1:
    return token_type::parse_error; //在这加一个return
    // state: we just parsed a decimal point
    number_type = token_type::value_float;
    switch (get())
    {
        case '0':
        case '1':
        case '2':
        case '3':

并且由于合约内不允许使用try,修改下
https://github.com/nlohmann/json/blob/b52c3638f58291c2f2564aa31ad0a4a15cd01c84/include/nlohmann/detail/macro_scope.hpp#L68

// allow to disable exceptions
#if (defined(__cpp_exceptions) || defined(__EXCEPTIONS) || defined(_CPPUNWIND)) && !defined(JSON_NOEXCEPTION)
    // #define JSON_THROW(exception) throw exception 修改为如下
    #define JSON_THROW(exception) eosio_assert(false, exception.c_str());
    #define JSON_TRY try
    #define JSON_CATCH(exception) catch(exception)
    #define JSON_INTERNAL_CATCH(exception) catch(exception)
#else
    #include <cstdlib>
    // #define JSON_THROW(exception) std::abort() 修改为如下
    #define JSON_THROW(exception) eosio_assert(false, exception.c_str());
    #define JSON_TRY if(true)
    #define JSON_CATCH(exception) if(false)
    #define JSON_INTERNAL_CATCH(exception) if(false)
#endif

// override exception macros
#if defined(JSON_THROW_USER)
    #undef JSON_THROW
    #define JSON_THROW JSON_THROW_USER
#endif

先零散的记一下，后面再整理

js ecc

https://github.com/EOSIO/eosjs-ecc/blob/7ec577cad54e17da6168fdfb11ec2b09d6f0e7f0/src/signature.js

sign

https://github.com/EOSIO/eosjs-ecc/blob/7ec577cad54e17da6168fdfb11ec2b09d6f0e7f0/src/signature.js#L177

Signature.sign = function(data, privateKey, encoding = 'utf8') {
    if(typeof data === 'string') {
        data = Buffer.from(data, encoding)
    }
    assert(Buffer.isBuffer(data), 'data is a required String or Buffer')
    data = hash.sha256(data)
    return Signature.signHash(data, privateKey)
}

https://github.com/EOSIO/eosjs-ecc/blob/7ec577cad54e17da6168fdfb11ec2b09d6f0e7f0/src/signature.js#L210

 ecsignature = ecdsa.sign(curve, dataSha256, privateKey.d, nonce++);

java

https://github.com/adyliu/jeos/blob/53dbd027cd59d367d9a197cbff5a58bdd9bf7195/src/main/java/io/jafka/jeos/impl/LocalApiImpl.java#L68

private String sign(String privateKey, SignArg arg, PackedTransaction t) {
    Raw raw = Packer.packPackedTransaction(arg.getChainId(), t);
    raw.pack(ByteBuffer.allocate(33).array());// TODO: what's this?
    String hash = KeyUtil.signHash(privateKey, raw.bytes());
    return hash;
}

https://github.com/adyliu/jeos/blob/4eaa9fb4555129f3d0baa56e7ffb70cac213a009/src/main/java/io/jafka/jeos/util/ecc/Ecdsa.java

https://github.com/starkbank/ecdsa-java/blob/master/src/main/java/com/starkbank/ellipticcurve/Ecdsa.java

参考

ECDSA — The art of cryptographic signatures
https://medium.com/coinmonks/ecdsa-the-art-of-cryptographic-signatures-d0bb254c8b96

仅作测试使用，无法保证后面不更新是否导致安全等问题，非测试建议使用官方桌面版本

今天打开Scatter浏览器扩展版本发现

Goodbye, Scatter Extension
This extension is very old, and we at Scatter no longer maintain it which makes it unsafe to use. 

Because of this we are disabling it until it gets some love. 

已经禁止使用了，力推桌面版本。
但是开发测试的需要，还是需要扩展版本。

查看ScatterWebExtension源代码提交记录

disabling extension

https://github.com/GetScatter/ScatterWebExtension/commit/c59a253abfad0318a6befe87bf9eefab5fbcbb7f
看到是新提交了禁用的代码，那我们fork一下，revert掉这次提交
https://github.com/cppfuns/ScatterWebExtension
重新打包一份

npm i
cp .env.example .env
npm run build

最后生成在 ScatterWebExtension\build

chrome 打开扩展chrome://extensions/
打开开发者模式，然后加载已解压的扩展即可

或者直接下载我这边已打包的zip,解压加载
https://github.com/cppfuns/ScatterWebExtension/raw/master/scatter.zip

注意

由于扩展版本之后不在更新，安全性等问题，还是建议非特殊原因，还是使用官方的桌面版本。

https://github.com/yottachain/YTBP
持续更新