This library is under development, and, like the secp256k1-zkp C library it depends on, this is a research effort to determine an optimal API for end-users of the mimblewimble ecosystem.
npm install secp256k1-zkp
yarn add secp256k1-zkp
- sha256(v) ⇒
PromiseLike.<ArrayBuffer>
create random sha256 Buffer
- uInt64T(num) ⇒
Buffer
Takes any number (native number, BN, or string) and converts it to uInt64T (64-bit BE Buffer) suitable for use by the C++ bindings.
Kind: global class
- Secp
- new Secp(opts)
- .secretKeyZero() ⇒
Buffer
- .secretKeyCreate(input) ⇒
Buffer
- .secretKeyGenerate() ⇒
Buffer
- .secretKeyVerify(key) ⇒
boolean
- .secretKeyAdd(secretKey1, secretKey2) ⇒
Buffer
- .secretKeymul(secretKey1, secretKey2) ⇒
Buffer
- .pubKeyZero() ⇒
Buffer
- .pubKeyFromSecretKey(secretKey) ⇒
Buffer
- .pubKeyFromAddingPubKeys(pubKeys) ⇒
Buffer
- .pubKeyIsValid(pubKey) ⇒
boolean
- .pubKeyIsZero(pubKey) ⇒
boolean
- .pubKeySerialize(pubKey, [compress]) ⇒
Buffer
- .pubKeyParse(buffer) ⇒
Buffer
- .keyPairGenerate() ⇒
Object
- .sign(msg, secretKey) ⇒
Buffer
- .verify(sig, msg, pubKey) ⇒
boolean
- .signatureSerialize(sig) ⇒
Buffer
- .signatureParse(buffer) ⇒
Buffer
- .commit(value, [blind]) ⇒
Buffer
- .blindSwitch(value, blind) ⇒
Buffer
- .commitSum([positives], [negatives]) ⇒
Buffer
- .verifyCommitSum([positives], [negatives]) ⇒
boolean
- .blindSum([positives], [negatives]) ⇒
Buffer
- .commitmentToPubKey(commitment) ⇒
Buffer
- .commitmentSerialize(commitment) ⇒
Buffer
- .commitmentParse(buffer) ⇒
Buffer
- .verifyFromCommit(msg, sig, commitment) ⇒
boolean
- .bulletProofVerify(commitment, rangeProof, extraData) ⇒
boolean
- .bulletProofVerifyMulti(commitments, rangeProofs, extraData) ⇒
boolean
- .bulletProofCreate(amount, secretKey, nonce, extraData, [msg]) ⇒
Buffer
- .bulletProofRewind(commitment, nonce, extraData, rangeProof) ⇒
Buffer
- .aggsigCreateSecnonce() ⇒
Buffer
- .aggsigSignSingle(msg, secretKey, pubKeySum) ⇒
Buffer
- .aggsigSignFromSecretKey(secretKey, msg, blindSum) ⇒
Buffer
- .aggsigCalculatePartialSig(secretKey, secNonce, nonceSum, pubKeySum, msg) ⇒
Buffer
- .aggsigVerifySingle(sig, msg, pubNonce, pubKey, pubKeyTotal, extraPubKey, isPartial) ⇒
Buffer
- .aggsigVerifyPartialSig(sig, pubNonceSum, pubKey, pubKeySum, msg) ⇒
Buffer
- .aggsigVerifySingleFromCommit(sig, msg, commit) ⇒
Buffer
- .aggsigVerifyCompletedSig(sig, pubKey, pubKeySum, msg) ⇒
Buffer
- .aggsigAddSignatures(partSigs, nonceSum) ⇒
Buffer
Param | Type | Default |
---|---|---|
opts | Object |
|
[opts.sign] | boolean |
true |
[opts.verify] | boolean |
true |
Creates an zero secret key.
Kind: instance method of Secp
Creates a secret key.
Kind: instance method of Secp
Param | Type |
---|---|
input | Buffer | string |
Creates a new random secret key
Kind: instance method of Secp
Verifies validity of a secret key.
Kind: instance method of Secp
Param | Type |
---|---|
key | Buffer |
Adds two secretKeys to create a new secretKey
Kind: instance method of Secp
Param | Type |
---|---|
secretKey1 | Buffer |
secretKey2 | Buffer |
Adds two secretKeys to create a new secretKey
Kind: instance method of Secp
Param | Type |
---|---|
secretKey1 | Buffer |
secretKey2 | Buffer |
Creates an invalid zero public key.
Kind: instance method of Secp
Creates a new public key from a secret key.
Kind: instance method of Secp
Param | Type |
---|---|
secretKey | Buffer |
Creates a new public key from the sum of the public keys.
Kind: instance method of Secp
Param | Type |
---|---|
pubKeys | Array.<Buffer> |
Determine if a public key is valid.
Kind: instance method of Secp
Param | Type |
---|---|
pubKey | Buffer |
Determine if a public key is zero.
Kind: instance method of Secp
Param | Type |
---|---|
pubKey | Buffer |
Serializes a public key.
Kind: instance method of Secp
Param | Type | Default |
---|---|---|
pubKey | Buffer |
|
[compress] | boolean |
true |
Parses a public key.
Kind: instance method of Secp
Param | Type |
---|---|
buffer | Buffer |
Generates a random keyPair. Convenience function for secretKeyGenerate
and pubKeyFromSecretKey
Kind: instance method of Secp
Constructs a signature for msg
using the secret key secretKey
and RFC6979 nonce
Kind: instance method of Secp
Param | Type |
---|---|
msg | Buffer |
secretKey | Buffer |
Checks that sig
is a valid ECDSA signature for msg
using the public
key pubKey
.
Kind: instance method of Secp
Param | Type |
---|---|
sig | Buffer |
msg | Buffer |
pubKey | Buffer |
Serializes a signature.
Kind: instance method of Secp
Param | Type |
---|---|
sig | Buffer |
Parses a signature.
Kind: instance method of Secp
Param | Type |
---|---|
buffer | Buffer |
Creates a pedersen commitment from a value and a blinding factor
Kind: instance method of Secp
Param | Type |
---|---|
value | number |
[blind] | Buffer |
Computes blinding factor for switch commitment.
Kind: instance method of Secp
Param | Type |
---|---|
value | number |
blind | Buffer |
Computes the sum of multiple positive and negative pedersen commitments.
Kind: instance method of Secp
Param | Type | Default |
---|---|---|
[positives] | Array.<Buffer> |
[] |
[negatives] | Array.<Buffer> |
[] |
Taking arrays of positive and negative commitments as well as an expected excess, verifies that it all sums to zero.
Kind: instance method of Secp
Param | Type | Default |
---|---|---|
[positives] | Array.<Buffer> |
[] |
[negatives] | Array.<Buffer> |
[] |
Computes the sum of multiple positive and negative blinding factors.
Kind: instance method of Secp
Param | Type | Default |
---|---|---|
[positives] | Array.<Buffer> |
[] |
[negatives] | Array.<Buffer> |
[] |
Retrieves pubKey from commit.
Kind: instance method of Secp
Param | Type |
---|---|
commitment | Buffer |
Serializes commitment.
Kind: instance method of Secp
Param | Type |
---|---|
commitment | Buffer |
Parses a commitment.
Kind: instance method of Secp
Param | Type |
---|---|
buffer | Buffer |
Verify commitment.
Kind: instance method of Secp
Param | Type |
---|---|
msg | Buffer |
sig | Buffer |
commitment | Buffer |
Verify with bullet proof that a committed value is positive.
Kind: instance method of Secp
Param | Type |
---|---|
commitment | Buffer |
rangeProof | Buffer |
extraData | Buffer |
Verify with bullet proof that a committed value is positive.
Kind: instance method of Secp
Param | Type |
---|---|
commitments | Buffer |
rangeProofs | Array.<Buffer> |
extraData | Buffer |
Create a bulletproof. The blinding factor for commitment should be secretKey.
Kind: instance method of Secp
Param | Type | Default |
---|---|---|
amount | number |
|
secretKey | Buffer |
|
nonce | Buffer |
|
extraData | Buffer |
|
[msg] | Buffer |
Buffer.alloc(16, 0) |
Rewind a rangeProof to retrieve the amount
Kind: instance method of Secp
Param | Type |
---|---|
commitment | number |
nonce | number |
extraData | number |
rangeProof | number |
Creates a new secure nonce (as a SecretKey), guaranteed to be usable during aggsig creation.
Kind: instance method of Secp
Simple signature (nonce will be created).
Kind: instance method of Secp
Param | Type |
---|---|
msg | Buffer |
secretKey | Buffer |
pubKeySum | Buffer |
Calculates a signature for msg given the secretKey and an optional blindSum
Kind: instance method of Secp
Param | Type |
---|---|
secretKey | Buffer |
msg | Buffer |
blindSum | Buffer |
Calculates a partial signature given the signer's secure key, the sum of all public nonces and (optionally) the sum of all public keys.
Kind: instance method of Secp
Param | Type | Description |
---|---|---|
secretKey | Buffer |
The signer's secret key |
secNonce | Buffer |
The signer's secret nonce (the public version of which was added to the nonceSum total) |
nonceSum | Buffer |
The sum of the public nonces of all signers participating in the full signature. This value is encoded in e. |
pubKeySum | Buffer |
(Optional) The sum of the public keys of all signers participating in the full signature. If included, this value is encoded in e. |
msg | Buffer |
The message to sign. |
Single-Signer (plain old Schnorr, sans-multisig) signature verification
Kind: instance method of Secp
Returns: Buffer
- - Signature on success
Param | Type | Description |
---|---|---|
sig | Buffer |
The signature |
msg | Buffer |
the message to verify |
pubNonce | Buffer |
if not null overrides the public nonce used to calculate e |
pubKey | Buffer |
the public key |
pubKeyTotal | Buffer |
The total of all public keys (for the message in e) |
extraPubKey | Buffer |
if not null, subtract this pubKey from sG |
isPartial | boolean |
whether this is a partial sig, or a fully-combined sig |
Verifies a partial signature from a public key. All nonce and public
key sum values must be identical to those provided in the call to
[calculate_partial_sig
].
Kind: instance method of Secp
Param | Type | Description |
---|---|---|
sig | Buffer |
The signature to validate, created via a call to [calculate_partial_sig ] |
pubNonceSum | Buffer |
The sum of the public nonces of all signers participating in the full signature. This value is encoded in e. |
pubKey | Buffer |
Corresponding Public Key of the private key used to sign the message. |
pubKeySum | Buffer |
(Optional) The sum of the public keys of all signers participating in the full signature. If included, this value is encoded in e. |
msg | Buffer |
The message to verify. |
Simple verification a single signature from a commitment. The public key used to verify the signature is derived from the commit.
Kind: instance method of Secp
Param | Type | Description |
---|---|---|
sig | Buffer |
The Signature to verify |
msg | Buffer |
The message to sign. |
commit | Buffer |
The commitment to verify. The actual public key used during verification is derived from this commit. |
Verifies a completed (summed) signature, which must include the message and pubKey sum values that are used during signature creation time to create 'e'
Kind: instance method of Secp
Param | Type | Description |
---|---|---|
sig | Buffer |
The Signature to verify |
pubKey | Buffer |
Corresponding Public Key of the private key used to sign the message. |
pubKeySum | Buffer |
(Optional) The sum of the public keys of all signers participating in the full signature. If included, this value is encoded in e. Must be the same value as when the signature was created to verify correctly. |
msg | Buffer |
The message to verify. |
Adds signatures
Kind: instance method of Secp
Param | Type |
---|---|
partSigs | Buffer |
nonceSum | Buffer |
create random sha256 Buffer
Kind: global function
Param | Type |
---|---|
v | string |
Takes any number (native number, BN, or string) and converts it to uInt64T (64-bit BE Buffer) suitable for use by the C++ bindings.
Kind: global function
Param | Type | Description |
---|---|---|
num | number |
number to convert. |