Struct secp256k1zkp::Secp256k1
source · pub struct Secp256k1 { /* private fields */ }
Expand description
The secp256k1 engine, used to execute all signature operations
Implementations§
source§impl Secp256k1
impl Secp256k1
sourcepub fn verify_from_commit(
&self,
msg: &Message,
sig: &Signature,
commit: &Commitment
) -> Result<(), Error>
pub fn verify_from_commit( &self, msg: &Message, sig: &Signature, commit: &Commitment ) -> Result<(), Error>
verify commitment
sourcepub fn commit(&self, value: u64, blind: SecretKey) -> Result<Commitment, Error>
pub fn commit(&self, value: u64, blind: SecretKey) -> Result<Commitment, Error>
Creates a pedersen commitment from a value and a blinding factor
sourcepub fn commit_blind(
&self,
value: SecretKey,
blind: SecretKey
) -> Result<Commitment, Error>
pub fn commit_blind( &self, value: SecretKey, blind: SecretKey ) -> Result<Commitment, Error>
Creates a pedersen commitment from a two blinding factors
sourcepub fn commit_value(&self, value: u64) -> Result<Commitment, Error>
pub fn commit_value(&self, value: u64) -> Result<Commitment, Error>
Convenience method to Create a pedersen commitment only from a value, with a zero blinding factor
sourcepub fn verify_commit_sum(
&self,
positive: Vec<Commitment>,
negative: Vec<Commitment>
) -> bool
pub fn verify_commit_sum( &self, positive: Vec<Commitment>, negative: Vec<Commitment> ) -> bool
Taking vectors of positive and negative commitments as well as an expected excess, verifies that it all sums to zero.
sourcepub fn commit_sum(
&self,
positive: Vec<Commitment>,
negative: Vec<Commitment>
) -> Result<Commitment, Error>
pub fn commit_sum( &self, positive: Vec<Commitment>, negative: Vec<Commitment> ) -> Result<Commitment, Error>
Computes the sum of multiple positive and negative pedersen commitments.
sourcepub fn blind_sum(
&self,
positive: Vec<SecretKey>,
negative: Vec<SecretKey>
) -> Result<SecretKey, Error>
pub fn blind_sum( &self, positive: Vec<SecretKey>, negative: Vec<SecretKey> ) -> Result<SecretKey, Error>
Computes the sum of multiple positive and negative blinding factors.
sourcepub fn blind_switch(
&self,
value: u64,
blind: SecretKey
) -> Result<SecretKey, Error>
pub fn blind_switch( &self, value: u64, blind: SecretKey ) -> Result<SecretKey, Error>
Compute a blinding factor using a switch commitment
sourcepub fn nonce(&self) -> [u8; 32]
pub fn nonce(&self) -> [u8; 32]
Convenience function for generating a random nonce for a range proof. We will need the nonce later if we want to rewind the range proof.
sourcepub fn range_proof(
&self,
min: u64,
value: u64,
blind: SecretKey,
commit: Commitment,
message: ProofMessage
) -> RangeProof
pub fn range_proof( &self, min: u64, value: u64, blind: SecretKey, commit: Commitment, message: ProofMessage ) -> RangeProof
Produces a range proof for the provided value, using min and max bounds, relying on the blinding factor and commitment.
sourcepub fn verify_range_proof(
&self,
commit: Commitment,
proof: RangeProof
) -> Result<ProofRange, Error>
pub fn verify_range_proof( &self, commit: Commitment, proof: RangeProof ) -> Result<ProofRange, Error>
Verify a proof that a committed value is within a range.
sourcepub fn rewind_range_proof(
&self,
commit: Commitment,
proof: RangeProof,
nonce: SecretKey
) -> ProofInfo
pub fn rewind_range_proof( &self, commit: Commitment, proof: RangeProof, nonce: SecretKey ) -> ProofInfo
Verify a range proof and rewind the proof to recover information sent by its author.
sourcepub fn range_proof_info(&self, proof: RangeProof) -> ProofInfo
pub fn range_proof_info(&self, proof: RangeProof) -> ProofInfo
General information extracted from a range proof. Does not provide any information about the value or the message (see rewind).
sourcepub fn bullet_proof(
&self,
value: u64,
blind: SecretKey,
rewind_nonce: SecretKey,
private_nonce: SecretKey,
extra_data_in: Option<Vec<u8>>,
message: Option<ProofMessage>
) -> RangeProof
pub fn bullet_proof( &self, value: u64, blind: SecretKey, rewind_nonce: SecretKey, private_nonce: SecretKey, extra_data_in: Option<Vec<u8>>, message: Option<ProofMessage> ) -> RangeProof
Produces a bullet proof for the provided value, using min and max bounds, relying on the blinding factor and value. If a message is passed, it will be truncated or padded to exactly BULLET_PROOF_MSG_SIZE bytes
sourcepub fn bullet_proof_multisig(
&self,
value: u64,
blind: SecretKey,
nonce: SecretKey,
extra_data_in: Option<Vec<u8>>,
message: Option<ProofMessage>,
tau_x: Option<&mut SecretKey>,
t_one: Option<&mut PublicKey>,
t_two: Option<&mut PublicKey>,
commits: Vec<Commitment>,
private_nonce: Option<&SecretKey>,
step: u8
) -> Option<RangeProof>
pub fn bullet_proof_multisig( &self, value: u64, blind: SecretKey, nonce: SecretKey, extra_data_in: Option<Vec<u8>>, message: Option<ProofMessage>, tau_x: Option<&mut SecretKey>, t_one: Option<&mut PublicKey>, t_two: Option<&mut PublicKey>, commits: Vec<Commitment>, private_nonce: Option<&SecretKey>, step: u8 ) -> Option<RangeProof>
Produces a bullet proof for multi-party commitment
sourcepub fn verify_bullet_proof(
&self,
commit: Commitment,
proof: RangeProof,
extra_data_in: Option<Vec<u8>>
) -> Result<ProofRange, Error>
pub fn verify_bullet_proof( &self, commit: Commitment, proof: RangeProof, extra_data_in: Option<Vec<u8>> ) -> Result<ProofRange, Error>
Verify with bullet proof that a committed value is positive
sourcepub fn verify_bullet_proof_multi(
&self,
commits: Vec<Commitment>,
proofs: Vec<RangeProof>,
extra_data_in: Option<Vec<Vec<u8>>>
) -> Result<ProofRange, Error>
pub fn verify_bullet_proof_multi( &self, commits: Vec<Commitment>, proofs: Vec<RangeProof>, extra_data_in: Option<Vec<Vec<u8>>> ) -> Result<ProofRange, Error>
Verify with bullet proof that a committed value is positive
sourcepub fn rewind_bullet_proof(
&self,
commit: Commitment,
nonce: SecretKey,
extra_data_in: Option<Vec<u8>>,
proof: RangeProof
) -> Result<ProofInfo, Error>
pub fn rewind_bullet_proof( &self, commit: Commitment, nonce: SecretKey, extra_data_in: Option<Vec<u8>>, proof: RangeProof ) -> Result<ProofInfo, Error>
Rewind a bullet proof to get the value and Blinding factor back out
source§impl Secp256k1
impl Secp256k1
sourcepub fn with_caps(caps: ContextFlag) -> Secp256k1
pub fn with_caps(caps: ContextFlag) -> Secp256k1
Creates a new Secp256k1 context with the specified capabilities
sourcepub fn without_caps() -> Secp256k1
pub fn without_caps() -> Secp256k1
Creates a new Secp256k1 context with no capabilities (just de/serialization)
sourcepub fn randomize<R: Rng>(&mut self, rng: &mut R)
pub fn randomize<R: Rng>(&mut self, rng: &mut R)
(Re)randomizes the Secp256k1 context for cheap sidechannel resistence; see comment in libsecp256k1 commit d2275795f by Gregory Maxwell
sourcepub fn generate_keypair<R: Rng>(
&self,
rng: &mut R
) -> Result<(SecretKey, PublicKey), Error>
pub fn generate_keypair<R: Rng>( &self, rng: &mut R ) -> Result<(SecretKey, PublicKey), Error>
Generates a random keypair. Convenience function for key::SecretKey::new
and key::PublicKey::from_secret_key
; call those functions directly for
batch key generation. Requires a signing-capable context.
sourcepub fn sign(&self, msg: &Message, sk: &SecretKey) -> Result<Signature, Error>
pub fn sign(&self, msg: &Message, sk: &SecretKey) -> Result<Signature, Error>
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
Requires a signing-capable context.
sourcepub fn sign_recoverable(
&self,
msg: &Message,
sk: &SecretKey
) -> Result<RecoverableSignature, Error>
pub fn sign_recoverable( &self, msg: &Message, sk: &SecretKey ) -> Result<RecoverableSignature, Error>
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
Requires a signing-capable context.
sourcepub fn recover(
&self,
msg: &Message,
sig: &RecoverableSignature
) -> Result<PublicKey, Error>
pub fn recover( &self, msg: &Message, sig: &RecoverableSignature ) -> Result<PublicKey, Error>
Determines the public key for which sig
is a valid signature for
msg
. Requires a verify-capable context.
sourcepub fn verify(
&self,
msg: &Message,
sig: &Signature,
pk: &PublicKey
) -> Result<(), Error>
pub fn verify( &self, msg: &Message, sig: &Signature, pk: &PublicKey ) -> Result<(), Error>
Checks that sig
is a valid ECDSA signature for msg
using the public
key pubkey
. Returns Ok(true)
on success. Note that this function cannot
be used for Bitcoin consensus checking since there may exist signatures
which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a
verify-capable context.