README
¶
p256k1
This is a library that uses the bitcoin-core optimized secp256k1 elliptic
curve signatures library for nostr schnorr signatures.
If you need to build it without libsecp256k1 C library, you must disable cgo:
export CGO_ENABLED='0'
This enables the fallback btcec pure Go library to be used in its place. This
CGO setting is not default for Go, so it must be set in order to disable this.
The standard libsecp256k1-0 and libsecp256k1-dev available through the
ubuntu dpkg repositories do not include support for the BIP-340 schnorr
signatures or the ECDH X-only shared secret generation algorithm, so you must
follow the following instructions to get the benefits of using this library. It
is 4x faster at signing and generating shared secrets so it is a must if your
intention is to use it for high throughput systems like a network transport.
The easy way to install it, if you have ubuntu/debian, is the script ../ubuntu_install_libsecp256k1.sh, it handles the dependencies and runs the build all in one step for you. Note that it
For ubuntu, you need these:
sudo apt -y install build-essential autoconf libtool
For other linux distributions, the process is the same but the dependencies are likely different. The main thing is it requires make, gcc/++, autoconf and libtool to run. The most important thing to point out is that you must enable the schnorr signatures feature, and ECDH.
The directory p256k/secp256k1 needs to be initialized, built and installed,
like so:
cd secp256k1
git submodule init
git submodule update
Then to build, you can refer to the instructions or just use the default autotools:
./autogen.sh
./configure --enable-module-schnorrsig --enable-module-ecdh --prefix=/usr
make
sudo make install
On WSL2 you may have to attend to various things to make this work, setting up
your basic locale (uncomment one or more in /etc/locale.gen, and run
locale-gen), installing the basic build tools (build-essential or base-devel)
and of course git, curl, wget, libtool and
autoconf.
ECDH
TODO: Currently the use of the libsecp256k1 library for ECDH, used in nip-04 and
nip-44 encryption is not enabled, because the default version uses the Y
coordinate and this is incorrect for nostr. It will be enabled soon... for now
it is done with the btcec fallback version. This is slower, however previous
tests have shown that this ECDH library is fast enough to enable 8mb/s
throughput per CPU thread when used to generate a distinct secret for TCP
packets. The C library will likely raise this to 20mb/s or more.
Documentation
¶
Index ¶
- func AssertLen(b by, length no, name st) (err er)
- func FromSecretBytes(skb by) (pkb by, sec *Sec, pub *XPublicKey, ecPub *PublicKey, err er)
- func Generate() (skb, pkb by, sec *Sec, pub *XPublicKey, ecpub *PublicKey, err er)
- func Negate(uskb by)
- func RandomizeContext(ctx *C.secp256k1_context)
- func Sign(msg *Uchar, sk *SecKey) (sig by, err er)
- func SignFromBytes(msg, sk by) (sig by, err er)
- func Verify(msg, sig *Uchar, pk *PubKey) (valid bo)
- func VerifyFromBytes(msg, sig, pk by) (err er)
- func Zero(sk *SecKey)
- type Cint
- type Context
- type ECPub
- type ECPubKey
- type Keygen
- type Pub
- type PubKey
- type PublicKey
- type Sec
- type SecKey
- type Signer
- func (s *Signer) ECDH(xkb by) (secret by, err er)
- func (s *Signer) ECPub() (b by)
- func (s *Signer) Generate() (err er)
- func (s *Signer) InitPub(pub by) (err er)
- func (s *Signer) InitSec(skb by) (err er)
- func (s *Signer) Negate()
- func (s *Signer) Pub() (b by)
- func (s *Signer) Sec() (b by)
- func (s *Signer) Sign(msg by) (sig by, err er)
- func (s *Signer) Verify(msg, sig by) (valid bo, err er)
- func (s *Signer) Zero()
- type Uchar
- type XPublicKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FromSecretBytes ¶
func FromSecretBytes(skb by) (pkb by, sec *Sec, pub *XPublicKey, ecPub *PublicKey, err er)
FromSecretBytes parses and processes what should be a secret key. If it is a correct key within the curve order, but with a public key having an odd Y coordinate, it returns an error with the fixed key.
func Generate ¶
func Generate() (skb, pkb by, sec *Sec, pub *XPublicKey, ecpub *PublicKey, err er)
Generate gathers entropy to generate a full set of bytes and CGO values of it and derived from it to perform signature and ECDH operations.
Note that the pubkey bytes are the 33 byte form with the sign prefix, slice it off for X-only use.
func RandomizeContext ¶
func RandomizeContext(ctx *C.secp256k1_context)
func SignFromBytes ¶
func SignFromBytes(msg, sk by) (sig by, err er)
func VerifyFromBytes ¶
func VerifyFromBytes(msg, sig, pk by) (err er)
Types ¶
type Context ¶
type Context = C.secp256k1_context
func CreateContext ¶
func CreateContext() *Context
func CreateRandomContext ¶
func CreateRandomContext() (c *Context)
type ECPub ¶
type ECPub struct {
Key ECPubKey
}
func ECPubFromBytes ¶
func ECPubFromBytes(pkb by) (pub *ECPub, err er)
ECPubFromBytes parses a pubkey from 33 bytes to the bitcoin-core/secp256k1 struct.
func ECPubFromSchnorrBytes ¶
func ECPubFromSchnorrBytes(xkb by) (pub *ECPub, err er)
ECPubFromSchnorrBytes converts a BIP-340 public key to its even standard 33 byte encoding.
This function is for the purpose of getting a key to do ECDH from an x-only key.
type ECPubKey ¶
type ECPubKey = C.secp256k1_pubkey
type Keygen ¶
type Keygen struct {
// contains filtered or unexported fields
}
Keygen is an implementation of a key miner designed to be used for vanity key generation with X-only BIP-340 keys.
func NewKeygen ¶
func NewKeygen() (k *Keygen)
NewKeygen allocates the required buffers for deriving a key. This should only be done once to avoid garbage and make the key mining as fast as possible.
This allocates everything and creates proper CGO variables needed for the generate function so they only need to be allocated once per thread.
func (*Keygen) Generate ¶
func (k *Keygen) Generate() (pubBytes by, err er)
Generate takes a pair of buffers for the secret and ec pubkey bytes and gathers new entropy and returns a valid secret key and the compressed pubkey bytes for the partial collision search.
The first byte of pubBytes must be sliced off before deriving the hex/Bech32 forms of the nostr public key.
func (*Keygen) KeyPairBytes ¶
func (k *Keygen) KeyPairBytes() (secBytes, cmprPubBytes by)
func (*Keygen) Negate ¶
func (k *Keygen) Negate()
Negate should be called when the pubkey's X coordinate is a match but the prefix is a 3. The X coordinate will not change but this ensures that when the X-only key has a 2 prefix added for ECDH and other purposes that it works correctly. This can be done after a match is found as it does not impact anything except the first byte.
type Pub ¶
type Pub struct {
Key PubKey
}
func PubFromBytes ¶
func PubFromBytes(pk by) (pub *Pub, err er)
type PubKey ¶
type PubKey = C.secp256k1_xonly_pubkey
type PublicKey ¶
type PublicKey struct {
Key *C.secp256k1_pubkey
}
func NewPublicKey ¶
func NewPublicKey() *PublicKey
type Sec ¶
type Sec struct {
Key SecKey
}
func SecFromBytes ¶
func SecFromBytes(sk by) (sec *Sec, err er)
type SecKey ¶
type SecKey = C.secp256k1_keypair
type Signer ¶
type Signer struct {
SecretKey *SecKey
PublicKey *PubKey
ECPublicKey *ECPubKey // not sure what this is useful for yet.
BTCECSec *btcec.SecretKey
// contains filtered or unexported fields
}
Signer implements the nostr.I interface.
Either the Sec or Pub must be populated, the former is for generating signatures, the latter is for verifying them.
When using this library only for verification, a constructor that converts from bytes to PubKey is needed prior to calling Verify.
type XPublicKey ¶
type XPublicKey struct {
Key *C.secp256k1_xonly_pubkey
}
func NewXPublicKey ¶
func NewXPublicKey() *XPublicKey
Source Files
Directories