diff --git a/lib/hd/private.js b/lib/hd/private.js
index 74ba8855..27f3a19d 100644
--- a/lib/hd/private.js
+++ b/lib/hd/private.js
@@ -537,7 +537,7 @@ class HDPrivateKey {
    */
 
   static generate() {
-    const key = secp256k1.generatePrivateKey();
+    const key = secp256k1.privateKeyGenerate();
     const entropy = random.randomBytes(32);
     return HDPrivateKey.fromKey(key, entropy);
   }
diff --git a/lib/node/http.js b/lib/node/http.js
index ae82bca0..c9261f33 100644
--- a/lib/node/http.js
+++ b/lib/node/http.js
@@ -15,7 +15,7 @@ const {base58} = require('bstring');
 const {BloomFilter} = require('bfilter');
 const sha256 = require('bcrypto/lib/sha256');
 const random = require('bcrypto/lib/random');
-const ccmp = require('bcrypto/lib/ccmp');
+const {safeEqual} = require('bcrypto/lib/safe');
 const util = require('../utils/util');
 const Address = require('../primitives/address');
 const TX = require('../primitives/tx');
@@ -367,7 +367,7 @@ class HTTP extends Server {
         const data = Buffer.from(key, 'ascii');
         const hash = sha256.digest(data);
 
-        if (!ccmp(hash, this.options.apiHash))
+        if (!safeEqual(hash, this.options.apiHash))
           throw new Error('Invalid API key.');
       }
 
diff --git a/lib/node/rpc.js b/lib/node/rpc.js
index 56689926..01ac7e0c 100644
--- a/lib/node/rpc.js
+++ b/lib/node/rpc.js
@@ -14,7 +14,7 @@ const Validator = require('bval');
 const {BufferMap, BufferSet} = require('buffer-map');
 const hash160 = require('bcrypto/lib/hash160');
 const hash256 = require('bcrypto/lib/hash256');
-const ccmp = require('bcrypto/lib/ccmp');
+const {safeEqual} = require('bcrypto/lib/safe');
 const secp256k1 = require('bcrypto/lib/secp256k1');
 const util = require('../utils/util');
 const common = require('../blockchain/common');
@@ -2111,7 +2111,7 @@ class RPC extends RPCBase {
     if (!key)
       return false;
 
-    return ccmp(hash160.digest(key), addr.hash);
+    return safeEqual(hash160.digest(key), addr.hash);
   }
 
   async signMessageWithPrivkey(args, help) {
diff --git a/lib/primitives/keyring.js b/lib/primitives/keyring.js
index 88cfb37b..5c3f6ed8 100644
--- a/lib/primitives/keyring.js
+++ b/lib/primitives/keyring.js
@@ -171,7 +171,7 @@ class KeyRing {
    */
 
   generate(compress) {
-    const key = secp256k1.generatePrivateKey();
+    const key = secp256k1.privateKeyGenerate();
     return this.fromKey(key, compress);
   }
 
diff --git a/lib/wallet/http.js b/lib/wallet/http.js
index 8376c390..c85418cb 100644
--- a/lib/wallet/http.js
+++ b/lib/wallet/http.js
@@ -17,7 +17,7 @@ const Outpoint = require('../primitives/outpoint');
 const Script = require('../script/script');
 const sha256 = require('bcrypto/lib/sha256');
 const random = require('bcrypto/lib/random');
-const ccmp = require('bcrypto/lib/ccmp');
+const {safeEqual} = require('bcrypto/lib/safe');
 const Network = require('../protocol/network');
 const Address = require('../primitives/address');
 const KeyRing = require('../primitives/keyring');
@@ -102,7 +102,7 @@ class HTTP extends Server {
       const valid = Validator.fromRequest(req);
       const token = valid.buf('token');
 
-      if (token && ccmp(token, this.options.adminToken)) {
+      if (token && safeEqual(token, this.options.adminToken)) {
         req.admin = true;
         return;
       }
@@ -949,7 +949,7 @@ class HTTP extends Server {
         const data = Buffer.from(key, 'utf8');
         const hash = sha256.digest(data);
 
-        if (!ccmp(hash, this.options.apiHash))
+        if (!safeEqual(hash, this.options.apiHash))
           throw new Error('Invalid API key.');
       }
 
@@ -981,7 +981,7 @@ class HTTP extends Server {
       if (!this.options.walletAuth) {
         socket.join('admin');
       } else if (token) {
-        if (ccmp(token, this.options.adminToken))
+        if (safeEqual(token, this.options.adminToken))
           socket.join('admin');
       }
 
diff --git a/lib/wallet/walletdb.js b/lib/wallet/walletdb.js
index db2d24e8..8771db80 100644
--- a/lib/wallet/walletdb.js
+++ b/lib/wallet/walletdb.js
@@ -15,7 +15,7 @@ const {BloomFilter} = require('bfilter');
 const {Lock, MapLock} = require('bmutex');
 const bdb = require('bdb');
 const Logger = require('blgr');
-const ccmp = require('bcrypto/lib/ccmp');
+const {safeEqual} = require('bcrypto/lib/safe');
 const aes = require('bcrypto/lib/aes');
 const Network = require('../protocol/network');
 const Path = require('./path');
@@ -1018,7 +1018,7 @@ class WalletDB extends EventEmitter {
       return null;
 
     // Compare in constant time:
-    if (!ccmp(token, wallet.token))
+    if (!safeEqual(token, wallet.token))
       throw new Error('WDB: Authentication error.');
 
     return wallet;
diff --git a/package.json b/package.json
index 9a519292..a2126555 100644
--- a/package.json
+++ b/package.json
@@ -23,36 +23,35 @@
     "node": ">=8.0.0"
   },
   "dependencies": {
-    "bcfg": "~0.1.2",
-    "bclient": "~0.1.3",
-    "bcrypto": "~1.1.0",
-    "bdb": "~1.1.0",
-    "bdns": "~0.1.1",
-    "bevent": "~0.1.1",
-    "bfile": "~0.1.1",
-    "bfilter": "~1.0.0",
-    "bheep": "~0.1.1",
-    "binet": "~0.3.1",
-    "blgr": "~0.1.1",
-    "blru": "~0.1.2",
-    "blst": "~0.1.1",
-    "bmutex": "~0.1.2",
+    "bcfg": "~0.1.3",
+    "bclient": "~0.1.4",
+    "bcrypto": "~2.0.0",
+    "bdb": "~1.1.1",
+    "bdns": "~0.1.2",
+    "bevent": "~0.1.2",
+    "bfile": "~0.1.2",
+    "bfilter": "~1.0.1",
+    "bheep": "~0.1.2",
+    "binet": "~0.3.2",
+    "blgr": "~0.1.2",
+    "blru": "~0.1.3",
+    "blst": "~0.1.2",
+    "bmutex": "~0.1.3",
     "bsert": "~0.0.4",
-    "bsip": "~0.1.1",
-    "bsock": "~0.1.2",
-    "bsocks": "~0.2.1",
-    "bstring": "~0.2.0",
-    "btcp": "~0.1.1",
-    "buffer-map": "~0.0.2",
-    "bufio": "~1.0.1",
-    "bupnp": "~0.2.2",
-    "bval": "~0.1.2",
-    "bweb": "~0.1.3",
-    "mrmr": "~0.1.1",
-    "n64": "~0.2.1"
+    "bsip": "~0.1.2",
+    "bsock": "~0.1.3",
+    "bsocks": "~0.2.2",
+    "bstring": "~0.3.0",
+    "btcp": "~0.1.2",
+    "buffer-map": "~0.0.3",
+    "bufio": "~1.0.2",
+    "bupnp": "~0.2.3",
+    "bval": "~0.1.3",
+    "bweb": "~0.1.4",
+    "mrmr": "~0.1.2",
+    "n64": "~0.2.2"
   },
   "devDependencies": {
-    "eslint": "^5.1.0",
     "istanbul": "^1.1.0-alpha.1",
     "mocha": "^5.2.0"
   },
diff --git a/scripts/fuzz.js b/scripts/fuzz.js
index 37e5aff4..4011ba1a 100644
--- a/scripts/fuzz.js
+++ b/scripts/fuzz.js
@@ -49,14 +49,14 @@ function assertConsensus(tx, output, flags, code) {
 }
 
 function randomSignature() {
-  const r = secp256k1.generatePrivateKey();
-  const s = secp256k1.generatePrivateKey();
-  return secp256k1.toDER(Buffer.concat([r, s]));
+  const r = secp256k1.privateKeyGenerate();
+  const s = secp256k1.privateKeyGenerate();
+  return secp256k1.signatureExport(Buffer.concat([r, s]));
 }
 
 function randomKey() {
-  const x = secp256k1.generatePrivateKey();
-  const y = secp256k1.generatePrivateKey();
+  const x = secp256k1.privateKeyGenerate();
+  const y = secp256k1.privateKeyGenerate();
 
   if (rand(0, 2) === 0) {
     const p = Buffer.from([2 | (y[y.length - 1] & 1)]);