What is tiny-secp256k1?
The tiny-secp256k1 npm package is a small, fast, and reliable library for elliptic curve cryptography using the secp256k1 curve. It is commonly used in blockchain and cryptocurrency applications, particularly for Bitcoin, to perform cryptographic operations such as key generation, signing, and verification.
What are tiny-secp256k1's main functionalities?
Key Generation
This feature allows you to generate a private key and derive the corresponding public key using the secp256k1 curve.
const secp256k1 = require('tiny-secp256k1');
const randomBytes = require('crypto').randomBytes;
const privateKey = randomBytes(32);
const publicKey = secp256k1.pointFromScalar(privateKey);
console.log('Private Key:', privateKey.toString('hex'));
console.log('Public Key:', publicKey.toString('hex'));
Signing a Message
This feature allows you to sign a message using a private key. The message is hashed using SHA-256 before signing.
const secp256k1 = require('tiny-secp256k1');
const randomBytes = require('crypto').randomBytes;
const createHash = require('crypto').createHash;
const privateKey = randomBytes(32);
const message = 'Hello, world!';
const messageHash = createHash('sha256').update(message).digest();
const signature = secp256k1.sign(messageHash, privateKey);
console.log('Signature:', signature.toString('hex'));
Verifying a Signature
This feature allows you to verify a signature using a public key. The message is hashed using SHA-256 before verification.
const secp256k1 = require('tiny-secp256k1');
const createHash = require('crypto').createHash;
const publicKey = Buffer.from('your-public-key-hex', 'hex');
const message = 'Hello, world!';
const messageHash = createHash('sha256').update(message).digest();
const signature = Buffer.from('your-signature-hex', 'hex');
const isValid = secp256k1.verify(messageHash, publicKey, signature);
console.log('Is the signature valid?', isValid);
Other packages similar to tiny-secp256k1
elliptic
The elliptic package is a comprehensive library for elliptic curve cryptography that supports multiple curves, including secp256k1. It is more feature-rich and flexible compared to tiny-secp256k1, but it is also larger in size.
secp256k1
The secp256k1 package is a native binding to the secp256k1 library used in Bitcoin Core. It offers high performance and is specifically optimized for the secp256k1 curve, similar to tiny-secp256k1, but it requires native compilation.
bitcoinjs-lib
The bitcoinjs-lib package is a full-featured library for Bitcoin-related operations, including key generation, signing, and verification using the secp256k1 curve. It provides a higher-level API compared to tiny-secp256k1.
tiny-secp256k1
This library is under development, and, like the secp256k1 C library it depends on, this is a research effort to determine an optimal API for end-users of the bitcoinjs ecosystem.
Installation
npm
npm install tiny-secp256k1
yarn
yarn add tiny-secp256k1
If you are having problems, please read the guide at secp256k1-node, as the build instructions should be exactly the same (and this module is a direct derivation).
Documentation
isPoint (A)
isPoint :: Buffer -> Bool
Returns false
if
A
is not encoded with a sequence tag of 0x02
, 0x03
or 0x04
A.x
is not in [1...p - 1]
A.y
is not in [1...p - 1]
isPointCompressed (A)
isPointCompressed :: Buffer -> Bool
Returns false
if the signature is not compressed.
isPrivate (d)
isPrivate :: Buffer -> Bool
Returns false
if
d
is not 256-bit, ord
is not in [1..order - 1]
pointAdd (A, B[, compressed])
pointAdd :: Buffer -> Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Point
if !isPoint(A)
Expected Point
if !isPoint(B)
pointAddScalar (A, tweak[, compressed])
pointAddScalar :: Buffer -> Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Point
if !isPoint(A)
Expected Tweak
if tweak
is not in [0...order - 1]
pointCompress (A, compressed)
pointCompress :: Buffer -> Bool -> Buffer
Throws:
Expected Point
if !isPoint(A)
pointFromScalar (d[, compressed])
pointFromScalar :: Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Private
if !isPrivate(d)
pointMultiply (A, tweak[, compressed])
pointMultiply :: Buffer -> Buffer [-> Bool] -> Maybe Buffer
Returns null
if result is at infinity.
Throws:
Expected Point
if !isPoint(A)
Expected Tweak
if tweak
is not in [0...order - 1]
privateAdd (d, tweak)
privateAdd :: Buffer -> Buffer -> Maybe Buffer
Returns null
if result is equal to 0
.
Throws:
Expected Private
if !isPrivate(d)
Expected Tweak
if tweak
is not in [0...order - 1]
privateSub (d, tweak)
privateSub :: Buffer -> Buffer -> Maybe Buffer
Returns null
if result is equal to 0
.
Throws:
Expected Private
if !isPrivate(d)
Expected Tweak
if tweak
is not in [0...order - 1]
sign (h, d)
sign :: Buffer -> Buffer -> Buffer
Returns normalized signatures, each of (r, s) values are guaranteed to less than order / 2
.
Uses RFC6979.
Throws:
Expected Private
if !isPrivate(d)
Expected Scalar
if h
is not 256-bit
signWithEntropy (h, d, e)
sign :: Buffer -> Buffer -> Buffer -> Buffer
Returns normalized signatures, each of (r, s) values are guaranteed to less than order / 2
.
Uses RFC6979.
Adds e
as Added Entropy to the deterministic k generation.
Throws:
Expected Private
if !isPrivate(d)
Expected Scalar
if h
is not 256-bitExpected Extra Data (32 bytes)
if e
is not 256-bit
verify (h, Q, signature[, strict = false])
verify :: Buffer -> Buffer -> Buffer -> Bool
Returns false
if any of (r, s) values are equal to 0
, or if the signature is rejected.
If strict
is true
, valid signatures with any of (r, s) values greater than order / 2
are rejected.
Throws:
Expected Point
if !isPoint(Q)
Expected Signature
if signature
has any (r, s) values not in range [0...order - 1]
Expected Scalar
if h
is not 256-bit
Credit
This is a partially derived work of https://github.com/cryptocoinjs/secp256k1-node, specifically this commit.
This library uses the native library secp256k1 by the bitcoin-core developers, including derivatives of its tests and test vectors.
LICENSE MIT