secp256k1-zkp
This library is under development, and, like the secp256k1-zkp C library it depends on, this is a research effort to determine an optimal API for end-users of the mimblewimble ecosystem.
Installation
npm
npm install secp256k1-zkp
yarn
yarn add secp256k1-zkpClasses
Constants
Functions
- sha256(v) ⇒
PromiseLike.<ArrayBuffer> create random sha256 Buffer
- uInt64T(num) ⇒
Buffer Takes any number (native number, BN, or string) and converts it to uInt64T (64-bit BE Buffer) suitable for use by the C++ bindings.
Secp
Kind: global class
- Secp
- new Secp(opts)
- .secretKeyZero() ⇒
Buffer - .secretKeyCreate(input) ⇒
Buffer - .secretKeyGenerate() ⇒
Buffer - .secretKeyVerify(key) ⇒
boolean - .secretKeyAdd(secretKey1, secretKey2) ⇒
Buffer - .secretKeymul(secretKey1, secretKey2) ⇒
Buffer - .pubKeyZero() ⇒
Buffer - .pubKeyFromSecretKey(secretKey) ⇒
Buffer - .pubKeyFromAddingPubKeys(pubKeys) ⇒
Buffer - .pubKeyIsValid(pubKey) ⇒
boolean - .pubKeyIsZero(pubKey) ⇒
boolean - .pubKeySerialize(pubKey, [compress]) ⇒
Buffer - .pubKeyParse(buffer) ⇒
Buffer - .keyPairGenerate() ⇒
Object - .sign(msg, secretKey) ⇒
Buffer - .verify(sig, msg, pubKey) ⇒
boolean - .signatureSerialize(sig) ⇒
Buffer - .signatureParse(buffer) ⇒
Buffer - .commit(value, [blind]) ⇒
Buffer - .blindSwitch(value, blind) ⇒
Buffer - .commitSum([positives], [negatives]) ⇒
Buffer - .verifyCommitSum([positives], [negatives]) ⇒
boolean - .blindSum([positives], [negatives]) ⇒
Buffer - .commitmentToPubKey(commitment) ⇒
Buffer - .commitmentSerialize(commitment) ⇒
Buffer - .commitmentParse(buffer) ⇒
Buffer - .verifyFromCommit(msg, sig, commitment) ⇒
boolean - .bulletProofVerify(commitment, rangeProof, extraData) ⇒
boolean - .bulletProofVerifyMulti(commitments, rangeProofs, extraData) ⇒
boolean - .bulletProofCreate(amount, secretKey, nonce, extraData, [msg]) ⇒
Buffer - .bulletProofRewind(commitment, nonce, extraData, rangeProof) ⇒
Buffer - .aggsigCreateSecnonce() ⇒
Buffer - .aggsigSignSingle(msg, secretKey, pubKeySum) ⇒
Buffer - .aggsigSignFromSecretKey(secretKey, msg, blindSum) ⇒
Buffer - .aggsigCalculatePartialSig(secretKey, secNonce, nonceSum, pubKeySum, msg) ⇒
Buffer - .aggsigVerifySingle(sig, msg, pubNonce, pubKey, pubKeyTotal, extraPubKey, isPartial) ⇒
Buffer - .aggsigVerifyPartialSig(sig, pubNonceSum, pubKey, pubKeySum, msg) ⇒
Buffer - .aggsigVerifySingleFromCommit(sig, msg, commit) ⇒
Buffer - .aggsigVerifyCompletedSig(sig, pubKey, pubKeySum, msg) ⇒
Buffer - .aggsigAddSignatures(partSigs, nonceSum) ⇒
Buffer
new Secp(opts)
| Param | Type | Default |
|---|---|---|
| opts | Object |
|
| [opts.sign] | boolean |
true |
| [opts.verify] | boolean |
true |
secp.secretKeyZero() ⇒ Buffer
Creates an zero secret key.
Kind: instance method of Secp
secp.secretKeyCreate(input) ⇒ Buffer
Creates a secret key.
Kind: instance method of Secp
| Param | Type |
|---|---|
| input | Buffer | string |
secp.secretKeyGenerate() ⇒ Buffer
Creates a new random secret key
Kind: instance method of Secp
secp.secretKeyVerify(key) ⇒ boolean
Verifies validity of a secret key.
Kind: instance method of Secp
| Param | Type |
|---|---|
| key | Buffer |
secp.secretKeyAdd(secretKey1, secretKey2) ⇒ Buffer
Adds two secretKeys to create a new secretKey
Kind: instance method of Secp
| Param | Type |
|---|---|
| secretKey1 | Buffer |
| secretKey2 | Buffer |
secp.secretKeymul(secretKey1, secretKey2) ⇒ Buffer
Adds two secretKeys to create a new secretKey
Kind: instance method of Secp
| Param | Type |
|---|---|
| secretKey1 | Buffer |
| secretKey2 | Buffer |
secp.pubKeyZero() ⇒ Buffer
Creates an invalid zero public key.
Kind: instance method of Secp
secp.pubKeyFromSecretKey(secretKey) ⇒ Buffer
Creates a new public key from a secret key.
Kind: instance method of Secp
| Param | Type |
|---|---|
| secretKey | Buffer |
secp.pubKeyFromAddingPubKeys(pubKeys) ⇒ Buffer
Creates a new public key from the sum of the public keys.
Kind: instance method of Secp
| Param | Type |
|---|---|
| pubKeys | Array.<Buffer> |
secp.pubKeyIsValid(pubKey) ⇒ boolean
Determine if a public key is valid.
Kind: instance method of Secp
| Param | Type |
|---|---|
| pubKey | Buffer |
secp.pubKeyIsZero(pubKey) ⇒ boolean
Determine if a public key is zero.
Kind: instance method of Secp
| Param | Type |
|---|---|
| pubKey | Buffer |
secp.pubKeySerialize(pubKey, [compress]) ⇒ Buffer
Serializes a public key.
Kind: instance method of Secp
| Param | Type | Default |
|---|---|---|
| pubKey | Buffer |
|
| [compress] | boolean |
true |
secp.pubKeyParse(buffer) ⇒ Buffer
Parses a public key.
Kind: instance method of Secp
| Param | Type |
|---|---|
| buffer | Buffer |
secp.keyPairGenerate() ⇒ Object
Generates a random keyPair. Convenience function for secretKeyGenerate
and pubKeyFromSecretKey
Kind: instance method of Secp
secp.sign(msg, secretKey) ⇒ Buffer
Constructs a signature for msg using the secret key secretKey and RFC6979 nonce
Kind: instance method of Secp
| Param | Type |
|---|---|
| msg | Buffer |
| secretKey | Buffer |
secp.verify(sig, msg, pubKey) ⇒ boolean
Checks that sig is a valid ECDSA signature for msg using the public
key pubKey.
Kind: instance method of Secp
| Param | Type |
|---|---|
| sig | Buffer |
| msg | Buffer |
| pubKey | Buffer |
secp.signatureSerialize(sig) ⇒ Buffer
Serializes a signature.
Kind: instance method of Secp
| Param | Type |
|---|---|
| sig | Buffer |
secp.signatureParse(buffer) ⇒ Buffer
Parses a signature.
Kind: instance method of Secp
| Param | Type |
|---|---|
| buffer | Buffer |
secp.commit(value, [blind]) ⇒ Buffer
Creates a pedersen commitment from a value and a blinding factor
Kind: instance method of Secp
| Param | Type |
|---|---|
| value | number |
| [blind] | Buffer |
secp.blindSwitch(value, blind) ⇒ Buffer
Computes blinding factor for switch commitment.
Kind: instance method of Secp
| Param | Type |
|---|---|
| value | number |
| blind | Buffer |
secp.commitSum([positives], [negatives]) ⇒ Buffer
Computes the sum of multiple positive and negative pedersen commitments.
Kind: instance method of Secp
| Param | Type | Default |
|---|---|---|
| [positives] | Array.<Buffer> |
[] |
| [negatives] | Array.<Buffer> |
[] |
secp.verifyCommitSum([positives], [negatives]) ⇒ boolean
Taking arrays of positive and negative commitments as well as an expected excess, verifies that it all sums to zero.
Kind: instance method of Secp
| Param | Type | Default |
|---|---|---|
| [positives] | Array.<Buffer> |
[] |
| [negatives] | Array.<Buffer> |
[] |
secp.blindSum([positives], [negatives]) ⇒ Buffer
Computes the sum of multiple positive and negative blinding factors.
Kind: instance method of Secp
| Param | Type | Default |
|---|---|---|
| [positives] | Array.<Buffer> |
[] |
| [negatives] | Array.<Buffer> |
[] |
secp.commitmentToPubKey(commitment) ⇒ Buffer
Retrieves pubKey from commit.
Kind: instance method of Secp
| Param | Type |
|---|---|
| commitment | Buffer |
secp.commitmentSerialize(commitment) ⇒ Buffer
Serializes commitment.
Kind: instance method of Secp
| Param | Type |
|---|---|
| commitment | Buffer |
secp.commitmentParse(buffer) ⇒ Buffer
Parses a commitment.
Kind: instance method of Secp
| Param | Type |
|---|---|
| buffer | Buffer |
secp.verifyFromCommit(msg, sig, commitment) ⇒ boolean
Verify commitment.
Kind: instance method of Secp
| Param | Type |
|---|---|
| msg | Buffer |
| sig | Buffer |
| commitment | Buffer |
secp.bulletProofVerify(commitment, rangeProof, extraData) ⇒ boolean
Verify with bullet proof that a committed value is positive.
Kind: instance method of Secp
| Param | Type |
|---|---|
| commitment | Buffer |
| rangeProof | Buffer |
| extraData | Buffer |
secp.bulletProofVerifyMulti(commitments, rangeProofs, extraData) ⇒ boolean
Verify with bullet proof that a committed value is positive.
Kind: instance method of Secp
| Param | Type |
|---|---|
| commitments | Buffer |
| rangeProofs | Array.<Buffer> |
| extraData | Buffer |
secp.bulletProofCreate(amount, secretKey, nonce, extraData, [msg]) ⇒ Buffer
Create a bulletproof. The blinding factor for commitment should be secretKey.
Kind: instance method of Secp
| Param | Type | Default |
|---|---|---|
| amount | number |
|
| secretKey | Buffer |
|
| nonce | Buffer |
|
| extraData | Buffer |
|
| [msg] | Buffer |
Buffer.alloc(16, 0) |
secp.bulletProofRewind(commitment, nonce, extraData, rangeProof) ⇒ Buffer
Rewind a rangeProof to retrieve the amount
Kind: instance method of Secp
| Param | Type |
|---|---|
| commitment | number |
| nonce | number |
| extraData | number |
| rangeProof | number |
secp.aggsigCreateSecnonce() ⇒ Buffer
Creates a new secure nonce (as a SecretKey), guaranteed to be usable during aggsig creation.
Kind: instance method of Secp
secp.aggsigSignSingle(msg, secretKey, pubKeySum) ⇒ Buffer
Simple signature (nonce will be created).
Kind: instance method of Secp
| Param | Type |
|---|---|
| msg | Buffer |
| secretKey | Buffer |
| pubKeySum | Buffer |
secp.aggsigSignFromSecretKey(secretKey, msg, blindSum) ⇒ Buffer
Calculates a signature for msg given the secretKey and an optional blindSum
Kind: instance method of Secp
| Param | Type |
|---|---|
| secretKey | Buffer |
| msg | Buffer |
| blindSum | Buffer |
secp.aggsigCalculatePartialSig(secretKey, secNonce, nonceSum, pubKeySum, msg) ⇒ Buffer
Calculates a partial signature given the signer's secure key, the sum of all public nonces and (optionally) the sum of all public keys.
Kind: instance method of Secp
| Param | Type | Description |
|---|---|---|
| secretKey | Buffer |
The signer's secret key |
| secNonce | Buffer |
The signer's secret nonce (the public version of which was added to the nonceSum total) |
| nonceSum | Buffer |
The sum of the public nonces of all signers participating in the full signature. This value is encoded in e. |
| pubKeySum | Buffer |
(Optional) The sum of the public keys of all signers participating in the full signature. If included, this value is encoded in e. |
| msg | Buffer |
The message to sign. |
secp.aggsigVerifySingle(sig, msg, pubNonce, pubKey, pubKeyTotal, extraPubKey, isPartial) ⇒ Buffer
Single-Signer (plain old Schnorr, sans-multisig) signature verification
Kind: instance method of Secp
Returns: Buffer - - Signature on success
| Param | Type | Description |
|---|---|---|
| sig | Buffer |
The signature |
| msg | Buffer |
the message to verify |
| pubNonce | Buffer |
if not null overrides the public nonce used to calculate e |
| pubKey | Buffer |
the public key |
| pubKeyTotal | Buffer |
The total of all public keys (for the message in e) |
| extraPubKey | Buffer |
if not null, subtract this pubKey from sG |
| isPartial | boolean |
whether this is a partial sig, or a fully-combined sig |
secp.aggsigVerifyPartialSig(sig, pubNonceSum, pubKey, pubKeySum, msg) ⇒ Buffer
Verifies a partial signature from a public key. All nonce and public
key sum values must be identical to those provided in the call to
[calculate_partial_sig].
Kind: instance method of Secp
| Param | Type | Description |
|---|---|---|
| sig | Buffer |
The signature to validate, created via a call to [calculate_partial_sig] |
| pubNonceSum | Buffer |
The sum of the public nonces of all signers participating in the full signature. This value is encoded in e. |
| pubKey | Buffer |
Corresponding Public Key of the private key used to sign the message. |
| pubKeySum | Buffer |
(Optional) The sum of the public keys of all signers participating in the full signature. If included, this value is encoded in e. |
| msg | Buffer |
The message to verify. |
secp.aggsigVerifySingleFromCommit(sig, msg, commit) ⇒ Buffer
Simple verification a single signature from a commitment. The public key used to verify the signature is derived from the commit.
Kind: instance method of Secp
| Param | Type | Description |
|---|---|---|
| sig | Buffer |
The Signature to verify |
| msg | Buffer |
The message to sign. |
| commit | Buffer |
The commitment to verify. The actual public key used during verification is derived from this commit. |
secp.aggsigVerifyCompletedSig(sig, pubKey, pubKeySum, msg) ⇒ Buffer
Verifies a completed (summed) signature, which must include the message and pubKey sum values that are used during signature creation time to create 'e'
Kind: instance method of Secp
| Param | Type | Description |
|---|---|---|
| sig | Buffer |
The Signature to verify |
| pubKey | Buffer |
Corresponding Public Key of the private key used to sign the message. |
| pubKeySum | Buffer |
(Optional) The sum of the public keys of all signers participating in the full signature. If included, this value is encoded in e. Must be the same value as when the signature was created to verify correctly. |
| msg | Buffer |
The message to verify. |
secp.aggsigAddSignatures(partSigs, nonceSum) ⇒ Buffer
Adds signatures
Kind: instance method of Secp
| Param | Type |
|---|---|
| partSigs | Buffer |
| nonceSum | Buffer |
ZERO_8 : Buffer
ZERO_32 : Buffer
ZERO_64 : Buffer
sha256(v) ⇒ PromiseLike.<ArrayBuffer>
create random sha256 Buffer
Kind: global function
| Param | Type |
|---|---|
| v | string |
uInt64T(num) ⇒ Buffer
Takes any number (native number, BN, or string) and converts it to uInt64T (64-bit BE Buffer) suitable for use by the C++ bindings.
Kind: global function
| Param | Type | Description |
|---|---|---|
| num | number |
number to convert. |