Struct secp256k1::SecretKey

source · 
pub struct SecretKey(_);
Expand description

Secret 256-bit key used as x in an ECDSA signature.

Side channel attacks

We have attempted to reduce the side channel attack surface by implementing a constant time eq method. For similar reasons we explicitly do not implement PartialOrd, Ord, or Hash on SecretKey. If you really want to order secrets keys then you can use AsRef to get at the underlying bytes and compare them - however this is almost certainly a bad idea.

Serde support

Implements de/serialization with the serde feature enabled. We treat the byte value as a tuple of 32 u8s for non-human-readable formats. This representation is optimal for for some formats (e.g. bincode) however other formats may be less optimal (e.g. cbor).

Examples

Basic usage:

use secp256k1::{rand, Secp256k1, SecretKey};

let secp = Secp256k1::new();
let secret_key = SecretKey::new(&mut rand::thread_rng());

Implementations§

Formats the explicit byte value of the secret key kept inside the type as a little-endian hexadecimal string using the provided formatter.

This is the only method that outputs the actual secret key value, and, thus, should be used with extreme caution.

Examples
use secp256k1::SecretKey;
let key = SecretKey::from_str("0000000000000000000000000000000000000000000000000000000000000001").unwrap();

// Normal debug hides value (`Display` is not implemented for `SecretKey`).
// E.g., `format!("{:?}", key)` prints "SecretKey(#2518682f7819fb2d)".

// Here we explicitly display the secret value:
assert_eq!(
    "0000000000000000000000000000000000000000000000000000000000000001",
    format!("{}", key.display_secret())
);
// Also, we can explicitly display with `Debug`:
assert_eq!(
    format!("{:?}", key.display_secret()),
    format!("DisplaySecret(\"{}\")", key.display_secret())
);
Available on crate feature rand only.

Generates a new random secret key.

Examples
use secp256k1::{rand, SecretKey};
let secret_key = SecretKey::new(&mut rand::thread_rng());

Converts a SECRET_KEY_SIZE-byte slice to a secret key.

Examples
use secp256k1::SecretKey;
let sk = SecretKey::from_slice(&[0xcd; 32]).expect("32 bytes, within curve order");

Creates a new secret key using data from BIP-340 KeyPair.

Examples
use secp256k1::{rand, Secp256k1, SecretKey, KeyPair};

let secp = Secp256k1::new();
let key_pair = KeyPair::new(&secp, &mut rand::thread_rng());
let secret_key = SecretKey::from_keypair(&key_pair);
Available on crate feature bitcoin-hashes only.

Constructs a SecretKey by hashing data with hash algorithm H.

Requires the feature bitcoin_hashes to be enabled.

Examples
use secp256k1::hashes::{sha256, Hash};
use secp256k1::SecretKey;

let sk1 = SecretKey::from_hashed_data::<sha256::Hash>("Hello world!".as_bytes());
// is equivalent to
let sk2 = SecretKey::from(sha256::Hash::hash("Hello world!".as_bytes()));

assert_eq!(sk1, sk2);

Returns the secret key as a byte value.

Negates the secret key.

Tweaks a SecretKey by adding tweak modulo the curve order.

Errors

Returns an error if the resulting key would be invalid.

Tweaks a SecretKey by multiplying by tweak modulo the curve order.

Errors

Returns an error if the resulting key would be invalid.

Available on crate feature global-context only.

Constructs an ECDSA signature for msg using the global SECP256K1 context.

Returns the KeyPair for this SecretKey.

This is equivalent to using KeyPair::from_secret_key.

Returns the PublicKey for this SecretKey.

This is equivalent to using PublicKey::from_secret_key.

Returns the XOnlyPublicKey (and it’s Parity) for this SecretKey.

This is equivalent to XOnlyPublicKey::from_keypair(self.keypair(secp)).

Trait Implementations§

Gets a reference to the underlying array.

Side channel attacks

Using ordering functions (PartialOrd/Ord) on a reference to secret keys leaks data because the implementations are not constant time. Doing so will make your code vulnerable to side channel attacks. SecretKey::eq is implemented using a constant time algorithm, please consider using it to do comparisons of secret keys.

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Deserialize this value from the given Serde deserializer. Read more
Converts to this type from the input type.
Converts to this type from the input type.
Converts to this type from the input type.

Converts a 32-byte hash directly to a secret key without error paths.

The associated error which can be returned from parsing.
Parses a string s to return a value of this type. Read more
The returned type after indexing.
Performs the indexing (container[index]) operation. Read more

This implementation is designed to be constant time to help prevent side channel attacks.

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more
Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.