Struct secp256kfun::Point
source · [−]Expand description
A point on the secp256k1 elliptic curve.
A Point<T,S,Z>
marked with Z = NonZero
is any two integers modulo p
(x,y)
that satisfy:
y^2 = 3*x + 7 mod p
where p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
.
For every valid x-coordinate, there will be exactly two valid y-coordinates which will be the negation modulo p of each other.
If the point is marked Z = Zero
then it may also be point at infinity which is the identity element of the group.
Markers
A Point<T,S,Z>
has three types parameters.
T
: APointType
used to reason about what the point can do and to specialize point operations.S
: ASecrecy
to determine whether operations on this point should be done in constant-time or not. By default points arePublic
so operations run in variable time.Z
: AZeroChoice
to keep track of whether the point might be zero (the point at infinity) or is guaranteed to be non-zero.
Serialization
Only points that are marked with Z
= NonZero
and T
≠ Jacobian
can be
serialized. A Point that is EvenY
serializes to and from the 32-byte
x-only representation like the XOnly
type. Normal
points serialize to
and from the standard 33-byte representation specified in Standards for
Efficient Cryptography (the same as Point::to/from_bytes
)
Implementations
sourceimpl Point<Normal, Public, NonZero>
impl Point<Normal, Public, NonZero>
sourcepub fn from_bytes(bytes: [u8; 33]) -> Option<Self>
pub fn from_bytes(bytes: [u8; 33]) -> Option<Self>
Creates a Point the compressed encoding specified in Standards for
Efficient Cryptography. This is the typical encoding used in
Bitcoin. The first byte must be 0x02
or 0x03
to indicate that the
y-coordinate is even or odd respectively. The remaining 32 bytes must
encode an x-coordinate on the curve. If these conditions are not then
it will return None
.
Examples
use secp256kfun::{Point, G};
let bytes = [
2, 121, 190, 102, 126, 249, 220, 187, 172, 85, 160, 98, 149, 206, 135, 11, 7, 2, 155, 252,
219, 45, 206, 40, 217, 89, 242, 129, 91, 22, 248, 23, 152,
];
let point = Point::from_bytes(bytes).unwrap();
assert_eq!(point, *G);
sourcepub fn from_slice(slice: &[u8]) -> Option<Self>
pub fn from_slice(slice: &[u8]) -> Option<Self>
Convenience method for calling from_bytes
wth a slice.
Returns None if from_bytes
would or if slice
is not 33 bytes long.
sourcepub fn from_bytes_uncompressed(bytes: [u8; 65]) -> Option<Self>
pub fn from_bytes_uncompressed(bytes: [u8; 65]) -> Option<Self>
Creates a Point from a 65-byte uncompressed encoding specified in
Standards for Efficient Cryptography. The first byte must be
0x04
. The remaining 64 bytes must encode a valid x and y coordinate
on the curve. If the conditions are not met then it will return None
.
sourceimpl<T, S> Point<T, S, NonZero>
impl<T, S> Point<T, S, NonZero>
sourcepub fn into_point_with_even_y(self) -> (Point<EvenY, S, NonZero>, bool)
pub fn into_point_with_even_y(self) -> (Point<EvenY, S, NonZero>, bool)
Converts this point into the point with the same x-coordinate but with
an even y-coordinate. Returns a Point marked EvenY
with a bool
indicating whether the point had to be negated to make its y-coordinate
even.
Examples
use secp256kfun::{marker::*, Point};
let point = Point::random(&mut rand::thread_rng());
let (point_with_even_y, was_odd) = point.clone().into_point_with_even_y();
sourceimpl Point<EvenY, Public, NonZero>
impl Point<EvenY, Public, NonZero>
sourcepub fn from_scalar_mul(
base: &Point<impl PointType, impl Secrecy>,
scalar: &mut Scalar<impl Secrecy>
) -> Self
pub fn from_scalar_mul(
base: &Point<impl PointType, impl Secrecy>,
scalar: &mut Scalar<impl Secrecy>
) -> Self
Multiplies base
by scalar
and returns the resulting point. If the
resulting point does not have an even y-coordinate then the scalar and
point are negated so the point has an even y-coordinate and the scalar
matches it.
Examples
use secp256kfun::{marker::*, Point, Scalar, G};
let mut secret_key = Scalar::random(&mut rand::thread_rng());
let public_key = Point::<EvenY>::from_scalar_mul(G, &mut secret_key);
assert!(public_key.is_y_even());
sourceimpl<T, S, Z> Point<T, S, Z>
impl<T, S, Z> Point<T, S, Z>
sourcepub fn is_zero(&self) -> bool
pub fn is_zero(&self) -> bool
Returns true if this point the [identity element
] of the group A.K.A. the point at infinity.
Examples
let point = Point::random(&mut rand::thread_rng());
assert!(!point.is_zero());
assert!(g!(0 * point).is_zero());
sourcepub fn conditional_negate(&self, cond: bool) -> Point<T::NegationType, S, Z> where
T: PointType,
pub fn conditional_negate(&self, cond: bool) -> Point<T::NegationType, S, Z> where
T: PointType,
Negates a point based on a condition.
If cond
is true the value returned is the negation of the point, otherwise it will be the point.
sourcepub fn set_secrecy<SNew>(self) -> Point<T, SNew, Z>
pub fn set_secrecy<SNew>(self) -> Point<T, SNew, Z>
sourceimpl<T, S> Point<T, S, Zero>
impl<T, S> Point<T, S, Zero>
sourcepub fn expect_nonzero(self, reason: &str) -> Point<T, S, NonZero>
pub fn expect_nonzero(self, reason: &str) -> Point<T, S, NonZero>
Converts a point marked with Zero
to one that is marked NonZero
.
You must provide a justification for this as the reason
.
If you’re wrong the method will panic with the reason.
This is shorthand for:
use secp256kfun::marker::*;
point.mark::<NonZero>().expect(reason);
Example
use secp256kfun::{g, G};
let two_g = g!(G + G).expect_nonzero("2 * G is not zero");
sourceimpl<Z, T> Point<T, Public, Z>
impl<Z, T> Point<T, Public, Z>
sourcepub fn x_eq_scalar<Z2>(&self, scalar: &Scalar<Public, Z2>) -> bool
pub fn x_eq_scalar<Z2>(&self, scalar: &Scalar<Public, Z2>) -> bool
Checks if this point’s x-coordiante is the equal to the scalar mod the curve order. This is only useful for ECDSA implementations.
sourceimpl<S, Z> Point<Jacobian, S, Z>
impl<S, Z> Point<Jacobian, S, Z>
sourcepub fn normalize(self) -> Point<Normal, S, Z>
pub fn normalize(self) -> Point<Normal, S, Z>
Normalize a point.
Shorthand for calling .mark::<Normal>()
.
sourceimpl<S, T: Normalized> Point<T, S, NonZero>
impl<S, T: Normalized> Point<T, S, NonZero>
sourcepub fn coordinates(&self) -> ([u8; 32], [u8; 32])
pub fn coordinates(&self) -> ([u8; 32], [u8; 32])
Returns the x and y coordinates of the point as two 32-byte arrays containing their big endian encoding.
Example
let point = Point::random(&mut rand::thread_rng());
let (x_coord, y_coord) = point.coordinates();
sourcepub fn to_bytes(&self) -> [u8; 33]
pub fn to_bytes(&self) -> [u8; 33]
Converts the point to its compressed encoding as specified by Standards for Efficient Cryptography.
Example
Round trip serialization with from_bytes
let point = Point::random(&mut rand::thread_rng());
let bytes = point.to_bytes();
assert!(bytes[0] == 0x02 || bytes[0] == 0x03);
assert_eq!(Point::from_bytes(bytes).unwrap(), point);
sourcepub fn to_bytes_uncompressed(&self) -> [u8; 65]
pub fn to_bytes_uncompressed(&self) -> [u8; 65]
Encodes a point as its compressed encoding as specified by Standards for Efficient Cryptography.
Example
use secp256kfun::Point;
let point = Point::random(&mut rand::thread_rng());
let bytes = point.to_bytes_uncompressed();
assert_eq!(Point::from_bytes_uncompressed(bytes).unwrap(), point);
sourcepub fn to_xonly(&self) -> XOnly
pub fn to_xonly(&self) -> XOnly
Converts a point to an XOnly
(i.e. just its x-coordinate).
Example
use secp256kfun::{marker::*, Point};
let (point_even_y, _) = Point::random(&mut rand::thread_rng()).into_point_with_even_y();
let xonly = point_even_y.to_xonly();
assert_eq!(xonly.to_point(), point_even_y);
Trait Implementations
sourceimpl<Z, S, T> ChangeMark<Point<T, S, Z>> for NonZero
impl<Z, S, T> ChangeMark<Point<T, S, Z>> for NonZero
sourceimpl<T, S, Z> ChangeMark<Point<T, S, Z>> for Normal
impl<T, S, Z> ChangeMark<Point<T, S, Z>> for Normal
sourceimpl<Z, S, T> ChangeMark<Point<T, S, Z>> for Jacobian
impl<Z, S, T> ChangeMark<Point<T, S, Z>> for Jacobian
sourceimpl<Z, S, Y> ChangeMark<Point<Y, S, Z>> for Zero
impl<Z, S, Y> ChangeMark<Point<Y, S, Z>> for Zero
sourceimpl<T: Default, S, Z> ConditionallySelectable for Point<T, S, Z> where
Self: Copy,
impl<T: Default, S, Z> ConditionallySelectable for Point<T, S, Z> where
Self: Copy,
sourceimpl<'de, S> Deserialize<'de> for Point<EvenY, S, NonZero>
impl<'de, S> Deserialize<'de> for Point<EvenY, S, NonZero>
sourcefn deserialize<Deser: Deserializer<'de>>(
deserializer: Deser
) -> Result<Point<EvenY, S, NonZero>, Deser::Error>
fn deserialize<Deser: Deserializer<'de>>(
deserializer: Deser
) -> Result<Point<EvenY, S, NonZero>, Deser::Error>
Deserialize this value from the given Serde deserializer. Read more
sourceimpl<'de, S> Deserialize<'de> for Point<Normal, S, NonZero>
impl<'de, S> Deserialize<'de> for Point<Normal, S, NonZero>
sourcefn deserialize<Deser: Deserializer<'de>>(
deserializer: Deser
) -> Result<Point<Normal, S, NonZero>, Deser::Error>
fn deserialize<Deser: Deserializer<'de>>(
deserializer: Deser
) -> Result<Point<Normal, S, NonZero>, Deser::Error>
Deserialize this value from the given Serde deserializer. Read more
sourceimpl From<XOnlyPublicKey> for Point<EvenY>
impl From<XOnlyPublicKey> for Point<EvenY>
sourcefn from(pk: XOnlyPublicKey) -> Self
fn from(pk: XOnlyPublicKey) -> Self
Converts to this type from the input type.
sourceimpl<T: Normalized, S> HashInto for Point<T, S, NonZero>
impl<T: Normalized, S> HashInto for Point<T, S, NonZero>
impl<T: Copy, Z: Copy> Copy for Point<T, Public, Z>
impl<T, S, Z> Eq for Point<T, S, Z>
Auto Trait Implementations
impl<T, S, Z> RefUnwindSafe for Point<T, S, Z> where
S: RefUnwindSafe,
T: RefUnwindSafe,
Z: RefUnwindSafe,
impl<T, S, Z> Send for Point<T, S, Z> where
S: Send,
T: Send,
Z: Send,
impl<T, S, Z> Sync for Point<T, S, Z> where
S: Sync,
T: Sync,
Z: Sync,
impl<T, S, Z> Unpin for Point<T, S, Z> where
S: Unpin,
T: Unpin,
Z: Unpin,
impl<T, S, Z> UnwindSafe for Point<T, S, Z> where
S: UnwindSafe,
T: UnwindSafe,
Z: UnwindSafe,
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<Z, S, Y, SNew> ChangeMark<Point<Y, S, Z>> for SNew where
SNew: Secrecy,
impl<Z, S, Y, SNew> ChangeMark<Point<Y, S, Z>> for SNew where
SNew: Secrecy,
sourcefn change_mark(
point: Point<Y, S, Z>
) -> <SNew as ChangeMark<Point<Y, S, Z>>>::Out
fn change_mark(
point: Point<Y, S, Z>
) -> <SNew as ChangeMark<Point<Y, S, Z>>>::Out
Marks item
with Self
.
sourceimpl<T> ConditionallyNegatable for T where
T: ConditionallySelectable,
&'a T: for<'a> Neg,
<&'a T as Neg>::Output == T,
impl<T> ConditionallyNegatable for T where
T: ConditionallySelectable,
&'a T: for<'a> Neg,
<&'a T as Neg>::Output == T,
sourcefn conditional_negate(&mut self, choice: Choice)
fn conditional_negate(&mut self, choice: Choice)
Negate self
if choice == Choice(1)
; otherwise, leave it
unchanged. Read more
sourceimpl<T> Mark for T
impl<T> Mark for T
sourcefn mark<M>(self) -> <M as ChangeMark<T>>::Out where
M: ChangeMark<T>,
fn mark<M>(self) -> <M as ChangeMark<T>>::Out where
M: ChangeMark<T>,
Returns a new instance of the invocant that will be marked with M
. Read more
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more