Expand description
commons-secp256k1: Rust reimplementation of libsecp256k1
Pure Rust implementation with vendored ASM for hot paths (ARM32 field, x86_64 scalar). No FFI to C — all logic in Rust.
§Context-free API
This crate is stateless and context-free. Unlike rust-secp256k1, there is no
Secp256k1<C> context object. All functions take raw bytes, points, or scalars
directly. No global mutable state. MuSig uses a Session struct (created from
aggnonce + msg + keyagg_cache) — this is algorithm state, not a global context.
Modules§
- ecdh
- ECDH: Elliptic Curve Diffie-Hellman shared secret.
- ecdsa
- ECDSA signatures for secp256k1.
- ecmult
- Elliptic curve multiplication: R = naA + ngG
- ellswift
- ElligatorSwift encoding for secp256k1 (BIP 324 v2 transport).
- field
- Field element arithmetic for secp256k1.
- group
- Group operations for secp256k1.
- musig
- MuSig2 for BIP340-compatible multi-signatures (BIP 327).
- scalar
- Scalar arithmetic modulo the secp256k1 group order n.
- schnorr
- BIP 340 Schnorr signatures for secp256k1.
- schnorr_
half_ agg - BIP 340 Schnorr half-aggregation.
- taproot
- BIP 341 Taproot utilities.
Functions§
- ecmult_
const - R =
q*A(constant-time w.r.t.q); public pointAis allowed to use variable precomputation. IfAis infinity,ris set to infinity. - ecmult_
gen_ const - Constant-time
r = k*Gusing the multi-comb. Public API. - ecmult_
gen_ precompute - Eagerly build the comb context. Useful for callers that don’t want first-call latency.