ecdsa

package

v1.0.0 Latest Latest Go to latest Published: Feb 8, 2024 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/danivilardell/gnark

Links

Open Source Insights

Documentation ¶

Overview ¶

Package ecdsa implements ECDSA signature verification over any elliptic curve.

The package depends on the emulated/sw_emulated package for elliptic curve group operations using non-native arithmetic. Thus we can verify ECDSA signatures over any curve. The cost for a single secp256k1 signature verification is approximately 4M constraints in R1CS and 10M constraints in PLONKish.

See [ECDSA] for the signature verification algorithm.

[ECDSA]: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm

Index ¶

type PublicKey
- func (pk PublicKey[T, S]) Verify(api frontend.API, params sw_emulated.CurveParams, msg *emulated.Element[S], ...)
type Signature

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type PublicKey ¶

type PublicKey[Base, Scalar emulated.FieldParams] sw_emulated.AffinePoint[Base]

PublicKey represents the public key to verify the signature for.

func (PublicKey[T, S]) Verify ¶

func (pk PublicKey[T, S]) Verify(api frontend.API, params sw_emulated.CurveParams, msg *emulated.Element[S], sig *Signature[S])

Verify asserts that the signature sig verifies for the message msg and public key pk. The curve parameters params define the elliptic curve.

We assume that the message msg is already hashed to the scalar field.

Example ¶

Example how to verify the signature inside the circuit.

api := frontend.API(nil) // provider by the builder
r, s := 0x01, 0x02       // usually given in the witness
pubx, puby := 0x03, 0x04 // usually given in the witness
m := 0x1337              // usually given in the witness

// can be done in or out-circuit.
Sig := Signature[emulated.Secp256k1Fr]{
	R: emulated.ValueOf[emulated.Secp256k1Fr](r),
	S: emulated.ValueOf[emulated.Secp256k1Fr](s),
}
Msg := emulated.ValueOf[emulated.Secp256k1Fr](m)
Pub := PublicKey[emulated.Secp256k1Fp, emulated.Secp256k1Fr]{
	X: emulated.ValueOf[emulated.Secp256k1Fp](pubx),
	Y: emulated.ValueOf[emulated.Secp256k1Fp](puby),
}
// signature verification assertion is done in-circuit
Pub.Verify(api, sw_emulated.GetCurveParams[emulated.Secp256k1Fp](), &Msg, &Sig)

Output:

Example (Create) ¶

Example how to create a valid signature for secp256k1

// generate parameters
privKey, _ := ecdsa.GenerateKey(rand.Reader)

// sign
msg := []byte("testing ECDSA")
md := sha256.New()
sigBin, _ := privKey.Sign(msg, md)

pubx := privKey.PublicKey.A.X
puby := privKey.PublicKey.A.Y

// unmarshal signature
var sig ecdsa.Signature
sig.SetBytes(sigBin)

// can continue in the PublicKey Verify example
_, _, _, _, _ = sig.R, sig.S, msg, pubx, puby

Output:

type Signature ¶

type Signature[Scalar emulated.FieldParams] struct {
	R, S emulated.Element[Scalar]
}

Signature represents the signature for some message.

Source Files ¶

View all Source files

ecdsa.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL