Fix bitcore-lib browser test issues

[MichaelAJay]

Description

Locally, when Lodash was removed, it regenerated the package-lock file. Although the elliptic package was pinned, elliptic's dependencies were not pinned, so upon regeneration, elliptic's dependencies transitively caused test failure in browser test.

This was mitigated by updating bitcore-lib to use Point x-coordinate accessors (point.getX()) instead of directly accessing point.x. This issue was latent, and could have happened at any time, so this fix is appropriate.

In commit f68b2ca86f4e520f2458ce4d9f96760ceb9fddb3, benchmark scripts are checked in to the bitcore-lib package, along with a summary of execution (run on a Mac M3). These are then removed in the following commit.

Changelog

• Use internal Point class getX accessor pattern instead of directly retrieving the point class's x coordinate.

Testing Notes

---

Checklist

• I have read CONTRIBUTING.md and verified that this PR follows the guidelines and requirements outlined in it.

[Copilot]

Pull request overview

This PR addresses browser test failures caused by transitive dependency changes in elliptic/related packages by avoiding direct access to point coordinate internals and using the Point accessor APIs (getX()) when serializing x-coordinates.

Changes:

• Replace direct point.x access with point.getX() when converting x-coordinates to 32-byte buffers for Schnorr/taproot-related logic.
• Ensure x-only pubkey serialization is consistently padded to 32 bytes in Schnorr verification and transaction signature checks.
• Update taproot tweak hashing/output key derivation to use accessor-based x-coordinate retrieval.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
packages/bitcore-lib/lib/transaction/transaction.js	Use point.getX() (32-byte padded) when converting PublicKey to x-only pubkey bytes for Schnorr signature checks.
packages/bitcore-lib/lib/publickey.js	Use getX() for TapTweak hashing input and tweaked output key serialization (32 bytes).
packages/bitcore-lib/lib/privatekey.js	Use getX() when serializing the internal public point x-coordinate for TapTweak hashing.
packages/bitcore-lib/lib/crypto/schnorr.js	Use getX() for PublicKey conversion and BIP340 challenge hash construction (32-byte padded).

Comments suppressed due to low confidence (1)

packages/bitcore-lib/lib/crypto/schnorr.js:89

• Schnorr.verify now converts PublicKey inputs via publicKey.point.getX().toBuffer({ size: 32 }), but the existing BIP340 vector tests only cover the Buffer input path. Add a unit test that calls Schnorr.verify with a PublicKey instance (including a case where the x-coordinate would be <32 bytes without padding) to ensure this code path remains working across elliptic/bn.js dependency changes.

Schnorr.verify = function(publicKey, message, signature) {
  if ($.isType(publicKey, 'PublicKey')) {
    publicKey = publicKey.point.getX().toBuffer({ size: 32 });
  }
  if (publicKey.length !== 32) {
    throw new Error('Public key should be 32 bytes for schnorr signatures');
  }

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[kajoseph]

LGTM