tiny-secp256k1

This library is under development, and, like the secp256k1 C library it depends on, this is a research effort to determine an optimal API for end-users of the bitcoinjs ecosystem.

Installation

npm

npm install tiny-secp256k1

yarn

yarn add tiny-secp256k1

If you are having problems, please read the guide at secp256k1-node, as the build instructions should be exactly the same (and this module is a direct derivation).

Documentation

isPoint (A)

isPoint :: Buffer -> Bool

Returns false if

A is not encoded with a sequence tag of 0x02, 0x03 or 0x04
A.x is not in [1...p - 1]
A.y is not in [1...p - 1]

isPointCompressed (A)

isPointCompressed :: Buffer -> Bool

Returns false if the signature is not compressed.

isPrivate (d)

isPrivate :: Buffer -> Bool

Returns false if

d is not 256-bit, or
d is not in [1..order - 1]

pointAdd (A, B[, compressed])

pointAdd :: Buffer -> Buffer [-> Bool] -> Maybe Buffer

Returns null if result is at infinity.

Throws:

Expected Point if !isPoint(A)
Expected Point if !isPoint(B)

pointAddScalar (A, tweak[, compressed])

pointAddScalar :: Buffer -> Buffer [-> Bool] -> Maybe Buffer

Returns null if result is at infinity.

Throws:

Expected Point if !isPoint(A)
Expected Tweak if tweak is not in [0...order - 1]

pointCompress (A, compressed)

pointCompress :: Buffer -> Bool -> Buffer

Throws:

Expected Point if !isPoint(A)

pointFromScalar (d[, compressed])

pointFromScalar :: Buffer [-> Bool] -> Maybe Buffer

Returns null if result is at infinity.

Throws:

Expected Private if !isPrivate(d)

pointMultiply (A, tweak[, compressed])

pointMultiply :: Buffer -> Buffer [-> Bool] -> Maybe Buffer

Returns null if result is at infinity.

Throws:

Expected Point if !isPoint(A)
Expected Tweak if tweak is not in [0...order - 1]

privateAdd (d, tweak)

privateAdd :: Buffer -> Buffer -> Maybe Buffer

Returns null if result is equal to 0.

Throws:

Expected Private if !isPrivate(d)
Expected Tweak if tweak is not in [0...order - 1]

privateSub (d, tweak)

privateSub :: Buffer -> Buffer -> Maybe Buffer

Returns null if result is equal to 0.

Throws:

Expected Private if !isPrivate(d)
Expected Tweak if tweak is not in [0...order - 1]

sign (h, d)

sign :: Buffer -> Buffer -> Buffer

Returns normalized signatures, each of (r, s) values are guaranteed to less than order / 2. Uses RFC6979.

Throws:

Expected Private if !isPrivate(d)
Expected Scalar if h is not 256-bit

signWithEntropy (h, d, e)

sign :: Buffer -> Buffer -> Buffer -> Buffer

Returns normalized signatures, each of (r, s) values are guaranteed to less than order / 2. Uses RFC6979. Adds e as Added Entropy to the deterministic k generation.

Throws:

Expected Private if !isPrivate(d)
Expected Scalar if h is not 256-bit
Expected Extra Data (32 bytes) if e is not 256-bit

verify (h, Q, signature[, strict = false])

verify :: Buffer -> Buffer -> Buffer -> Bool

Returns false if any of (r, s) values are equal to 0, or if the signature is rejected.

If strict is true, valid signatures with any of (r, s) values greater than order / 2 are rejected.

Throws:

Expected Point if !isPoint(Q)
Expected Signature if signature has any (r, s) values not in range [0...order - 1]
Expected Scalar if h is not 256-bit

Credit

This is a partially derived work of https://github.com/cryptocoinjs/secp256k1-node, specifically this commit.

This library uses the native library secp256k1 by the bitcoin-core developers, including derivatives of its tests and test vectors.

tiny-secp256k1

Installation

npm

yarn

Documentation

isPoint (A)

isPointCompressed (A)

isPrivate (d)

pointAdd (A, B[, compressed])

Throws:

pointAddScalar (A, tweak[, compressed])

Throws:

pointCompress (A, compressed)

Throws:

pointFromScalar (d[, compressed])

Throws:

pointMultiply (A, tweak[, compressed])

Throws:

privateAdd (d, tweak)

Throws:

privateSub (d, tweak)

Throws:

sign (h, d)

Throws:

signWithEntropy (h, d, e)

Throws:

verify (h, Q, signature[, strict = false])

Throws:

Credit

LICENSE MIT