[][src]Module k256::ecdsa::recoverable

This is supported on crate feature ecdsa-core only.

Ethereum-style "recoverable signatures".

These signatures include an additional Id field which allows for recovery of the VerifyKey which can be used to verify them.

This is helpful in cases where a hash/fingerprint of a VerifyKey for a given signature in known in advance.

Signing/Recovery Example

NOTE: make sure to enable both the ecdsa and keccak256 features of this crate for the example to work.

use k256::{
    ecdsa::{SigningKey, recoverable, signature::Signer},
use rand_core::OsRng; // requires 'getrandom' feature

// Signing
let signing_key = SigningKey::random(&mut OsRng); // Serialize with `::to_bytes()`
let verify_key = signing_key.verify_key();
let message = b"ECDSA proves knowledge of a secret number in the context of a single message";

// Note: the signature type must be annotated or otherwise inferrable as
// `Signer` has many impls of the `Signer` trait (for both regular and
// recoverable signature types).
let signature: recoverable::Signature = signing_key.sign(message);
let recovered_key = signature.recover_verify_key(message).expect("couldn't recover pubkey");

assert_eq!(&verify_key, &recovered_key);



Identifier used to compute a VerifyKey from a Signature.


Ethereum-style "recoverable signatures" which allow for the recovery of the signer's VerifyKey from the signature itself.



Size of an Ethereum-style recoverable signature in bytes