tiny-secp256k1
This library is under development, and, like the secp256k1 C library it depends on, this is a research effort to determine an optimal API for end-users of the bitcoinjs ecosystem.
Documentation
isPoint (A)
isPoint :: Buffer -> Bool
Returns false
if
A
is not encoded with a sequence tag of 0x02
, 0x03
or 0x04
A.x
is not in [1...p - 1]
A.y
is not in [1...p - 1]
isPointCompressed (A)
isPointCompressed :: Buffer -> Bool
Returns false
if the signature is not compressed.
isPrivate (d)
isPrivate :: Buffer -> Bool
Returns false
if
d
is not 256-bit, ord
is not in [1..order - 1]
pointAdd (A, B[, compressed])
pointAdd :: Buffer -> Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Point
if !isPoint(A)
Expected Point
if !isPoint(B)
pointAddScalar (A, tweak[, compressed])
pointAddScalar :: Buffer -> Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Point
if !isPoint(A)
Expected Tweak
if tweak
is not in [0...order - 1]
pointCompress (A, compressed)
pointCompress :: Buffer -> Bool -> Buffer
Throws:
Expected Point
if !isPoint(A)
pointFromScalar (d[, compressed])
pointFromScalar :: Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Private
if !isPrivate(d)
pointMultiply (A, tweak[, compressed])
pointMultiply :: Buffer -> Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Point
if !isPoint(A)
Expected Tweak
if tweak
is not in [0...order - 1]
privateAdd (d, tweak)
privateAdd :: Buffer -> Buffer -> Maybe Buffer
Returns null
if result is equal to 0
.
Throws:
Expected Private
if !isPrivate(d)
Expected Tweak
if tweak
is not in [0...order - 1]
privateSub (d, tweak)
privateSub :: Buffer -> Buffer -> Maybe Buffer
Returns null
if result is equal to 0
.
Throws:
Expected Private
if !isPrivate(d)
Expected Tweak
if tweak
is not in [0...order - 1]
sign (h, d)
sign :: Buffer -> Buffer -> Buffer
Returns normalized signatures, each of (r, s) values are guaranteed to less than order / 2
.
Uses RFC6979.
Throws:
Expected Private
if !isPrivate(d)
Expected Scalar
if h
is not 256-bit
verify (h, Q, signature[, strict = false])
verify :: Buffer -> Buffer -> Buffer -> Bool
Returns false
if any of (r, s) values are equal to 0
, or if the signature is rejected.
If strict
is true
, valid signatures with any of (r, s) values greater than order / 2
are rejected.
Throws:
Expected Point
if !isPoint(Q)
Expected Signature
if signature
has any (r, s) values not in range [0...order - 1]
Expected Scalar
if h
is not 256-bit
Credit
This is a partially derived work of https://github.com/cryptocoinjs/secp256k1-node, specifically this commit.
https://github.com/bitcoin-core/secp256k1 - for the secp256k1 library
LICENSE MIT