secp256kfun 0.8.0

A mid-level secp256k1 library optimized for fun!
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

use crate::{g, marker::*, Point, Scalar, G};
/// A secret and public key pair.
///
/// The secret key is a [`Scalar`] and the public key is the [`Point`] resulting from multiplying the scalar by [`G`].
///
/// ```
/// use secp256kfun::{KeyPair, Scalar};
/// let my_secret_key = Scalar::random(&mut rand::thread_rng());
/// let my_keypair = KeyPair::new(my_secret_key);
/// ```
///
/// [`Scalar`]: crate::Scalar
/// [`G`]: crate::G
/// [`Point`]: crate::Point
#[derive(Clone, Debug, PartialEq)]
pub struct KeyPair {
    sk: Scalar,
    pk: Point,
}

impl KeyPair {
    /// Create a new `KeyPair` from a `secret_key`.
    pub fn new(secret_key: Scalar) -> Self {
        Self {
            pk: g!(secret_key * G).normalize(),
            sk: secret_key,
        }
    }

    /// Returns a reference to the secret key.
    pub fn secret_key(&self) -> &Scalar {
        &self.sk
    }

    /// The public key
    pub fn public_key(&self) -> Point {
        self.pk
    }

    /// Gets a reference to the keypair as a tuple
    ///
    /// # Example
    /// ```
    /// use secp256kfun::{KeyPair, Scalar};
    /// let keypair = KeyPair::new(Scalar::random(&mut rand::thread_rng()));
    /// let (secret_key, public_key) = keypair.as_tuple();
    pub fn as_tuple(&self) -> (&Scalar, Point) {
        (&self.sk, self.pk)
    }
}

/// A secret and public key pair where the public key has an even y-coordinate.
///
/// [`Scalar`]: crate::Scalar
#[derive(Clone, Debug, PartialEq)]
pub struct XOnlyKeyPair {
    sk: Scalar,
    pk: Point<EvenY>,
}

impl XOnlyKeyPair {
    /// Converts a non-zero scalar to a keypair by interpreting it as a secret key, generating
    /// the corresponding public key by multiplying it by [`G`] and dropping the y-coordinate.
    ///
    /// **The secret key in the resulting keypair is not guaranteed to be the same
    /// as the input**. For half the input values the result will be the
    /// negation of it. This happens because the corresponding [`Point`] may not
    /// have an y-coordinate that is even (see [`EvenY`])
    ///
    /// # Example
    /// ```
    /// use secp256kfun::{g, s, Scalar, XOnlyKeyPair, G};
    ///
    /// let original_secret_key = Scalar::random(&mut rand::thread_rng());
    /// let keypair = XOnlyKeyPair::new(original_secret_key.clone());
    ///
    /// assert!(
    ///     &original_secret_key == keypair.secret_key()
    ///         || &-original_secret_key == keypair.secret_key()
    /// );
    /// assert!(g!({ keypair.secret_key() } * G).normalize().is_y_even());
    /// assert_eq!(g!({ keypair.secret_key() } * G), keypair.public_key());
    /// ```
    ///
    /// [`Point`]: crate::Point
    /// [`EvenY`]: crate::marker::EvenY
    pub fn new(mut secret_key: Scalar) -> Self {
        let pk = Point::even_y_from_scalar_mul(&G, &mut secret_key);
        Self { sk: secret_key, pk }
    }

    /// Returns a reference to the secret key.
    ///
    /// The secret key will always correspond to a point with an even y-coordinate when multiplied
    /// by [`G`] (regardless of what was passed into [`XOnlyKeyPair::new`]).
    pub fn secret_key(&self) -> &Scalar {
        &self.sk
    }

    /// The public key as a point.
    pub fn public_key(&self) -> Point<EvenY> {
        self.pk
    }

    /// Gets a reference to the keypair as a tuple
    ///
    /// # Example
    /// ```
    /// use secp256kfun::{XOnlyKeyPair, Scalar};
    /// let keypair = XOnlyKeyPair::new(Scalar::random(&mut rand::thread_rng()));
    /// let (secret_key, public_key) = keypair.as_tuple();
    pub fn as_tuple(&self) -> (&Scalar, Point<EvenY>) {
        (&self.sk, self.pk)
    }
}

impl From<XOnlyKeyPair> for (Scalar, Point<EvenY>) {
    fn from(kp: XOnlyKeyPair) -> Self {
        (kp.sk, kp.pk)
    }
}

impl From<XOnlyKeyPair> for KeyPair {
    fn from(xonly: XOnlyKeyPair) -> Self {
        Self {
            sk: xonly.sk,
            pk: xonly.pk.normalize(),
        }
    }
}

impl From<KeyPair> for XOnlyKeyPair {
    fn from(kp: KeyPair) -> Self {
        let mut sk = kp.sk;
        let (pk, needs_negation) = kp.pk.into_point_with_even_y();
        sk.conditional_negate(needs_negation);
        Self { sk, pk }
    }
}