@@ -12,15 +12,6 @@ declare const CURVE: {
12
12
} ;
13
13
/** Alias to Uint8Array. */
14
14
export type Bytes = Uint8Array ;
15
- /** Hex-encoded string or Uint8Array. */
16
- export type Hex = Bytes | string ;
17
- /** Hex-encoded string, Uint8Array or bigint. */
18
- export type PrivKey = Hex | bigint ;
19
- /** Signature instance. Has properties r and s. */
20
- export type SigLike = {
21
- r : bigint ;
22
- s : bigint ;
23
- } ;
24
15
/** Signature instance, which allows recovering pubkey from it. */
25
16
export type SignatureWithRecovery = Signature & {
26
17
recovery : number ;
@@ -32,13 +23,10 @@ export interface AffinePoint {
32
23
}
33
24
/** Point in 3d xyz projective coordinates. 3d takes less inversions than 2d. */
34
25
declare class Point {
35
- static BASE : Point ;
36
- static ZERO : Point ;
37
26
readonly px : bigint ;
38
27
readonly py : bigint ;
39
28
readonly pz : bigint ;
40
29
constructor ( px : bigint , py : bigint , pz : bigint ) ;
41
- /** Convert Uint8Array or hex string to Point. */
42
30
static fromBytes ( bytes : Bytes ) : Point ;
43
31
/** Equality check: compare points P&Q. */
44
32
equals ( other : Point ) : boolean ;
@@ -58,43 +46,26 @@ declare class Point {
58
46
/** Checks if the point is valid and on-curve. */
59
47
ok ( ) : Point ;
60
48
toBytes ( isCompressed ?: boolean ) : Bytes ;
61
- /** Create 3d xyz point from 2d xy. (0, 0) => (0, 1, 0), not (0, 0, 1) */
62
- static fromAffine ( p : AffinePoint ) : Point ;
63
- static fromPrivateKey ( k : PrivKey ) : Point ;
64
- static fromHex ( hex : Hex ) : Point ;
65
- get x ( ) : bigint ;
66
- get y ( ) : bigint ;
49
+ toHex ( c ?: boolean ) : string ;
67
50
multiply ( n : bigint ) : Point ;
68
- toAffine ( ) : AffinePoint ;
69
- toHex ( isCompressed ?: boolean ) : string ;
70
- toRawBytes ( c ?: boolean ) : Bytes ;
71
- assertValidity ( ) : Point ;
51
+ static fromPrivateKey ( k : Bytes ) : Point ;
72
52
}
73
53
/** Creates 33/65-byte public key from 32-byte private key. */
74
- declare const getPublicKey : ( privKey : PrivKey , isCompressed ?: boolean ) => Bytes ;
54
+ declare const getPublicKey : ( privKey : Bytes , isCompressed ?: boolean ) => Bytes ;
75
55
/** ECDSA Signature class. Supports only compact 64-byte representation, not DER. */
76
56
declare class Signature {
77
57
readonly r : bigint ;
78
58
readonly s : bigint ;
79
59
readonly recovery ?: number ;
80
60
constructor ( r : bigint , s : bigint , recovery ?: number ) ;
81
- /** Create signature from 64b compact (r || s) representation. */
82
- static fromCompact ( hex : Hex ) : Signature ;
83
- assertValidity ( ) : Signature ;
84
- /** Create new signature, with added recovery bit. */
85
- addRecoveryBit ( rec : number ) : SignatureWithRecovery ;
86
61
hasHighS ( ) : boolean ;
87
- normalizeS ( ) : Signature ;
88
- recoverPublicKey ( msgh : Hex ) : Point ;
89
- /** Uint8Array 64b compact (r || s) representation. */
62
+ static fromBytes ( b : Bytes ) : Signature ;
90
63
toCompactRawBytes ( ) : Bytes ;
91
- /** Hex string 64b compact (r || s) representation. */
92
- toCompactHex ( ) : string ;
93
64
}
94
65
type HmacFnSync = undefined | ( ( key : Bytes , ...msgs : Bytes [ ] ) => Bytes ) ;
95
66
type OptS = {
96
67
lowS ?: boolean ;
97
- extraEntropy ?: boolean | Hex ;
68
+ extraEntropy ?: boolean | Bytes ;
98
69
} ;
99
70
type OptV = {
100
71
lowS ?: boolean ;
@@ -109,7 +80,7 @@ type OptV = {
109
80
* @param priv - private key
110
81
* @param opts - `lowS: true` to prevent malleability (s >= CURVE.n/2), `extraEntropy: boolean | Hex` to improve sig security.
111
82
*/
112
- declare const signAsync : ( msgh : Hex , priv : PrivKey , opts ?: OptS ) => Promise < SignatureWithRecovery > ;
83
+ declare const signAsync : ( msgh : Bytes , priv : Bytes , opts ?: OptS ) => Promise < Bytes > ;
113
84
/**
114
85
* Sign a msg hash using secp256k1.
115
86
* It is advised to use `extraEntropy: true` (from RFC6979 3.6) to prevent fault attacks.
@@ -121,15 +92,17 @@ declare const signAsync: (msgh: Hex, priv: PrivKey, opts?: OptS) => Promise<Sign
121
92
* @example
122
93
* const sig = sign(sha256('hello'), privKey, { extraEntropy: true }).toCompactRawBytes();
123
94
*/
124
- declare const sign : ( msgh : Hex , priv : PrivKey , opts ?: OptS ) => SignatureWithRecovery ;
95
+ declare const sign : ( msgh : Bytes , priv : Bytes , opts ?: OptS ) => Bytes ;
125
96
/**
126
97
* Verify a signature using secp256k1.
127
98
* @param sig - signature, 64-byte or Signature instance
128
99
* @param msgh - message HASH, not message itself e.g. sha256(message)
129
100
* @param pub - public key
130
101
* @param opts - { lowS: true } is default, prohibits s >= CURVE.n/2 to prevent malleability
131
102
*/
132
- declare const verify : ( sig : Hex | SigLike , msgh : Hex , pub : Hex , opts ?: OptV ) => boolean ;
103
+ declare const verify : ( sig : Bytes , msgh : Bytes , pub : Bytes , opts ?: OptV ) => boolean ;
104
+ /** ECDSA public key recovery. Requires msg hash and recovery id. */
105
+ declare const recoverPublicKey : ( point : SignatureWithRecovery , msgh : Bytes ) => Point ;
133
106
/**
134
107
* Elliptic Curve Diffie-Hellman (ECDH) on secp256k1.
135
108
* Result is **NOT hashed**. Use hash on it if you need.
@@ -138,26 +111,52 @@ declare const verify: (sig: Hex | SigLike, msgh: Hex, pub: Hex, opts?: OptV) =>
138
111
* @param isCompressed 33-byte or 65-byte output
139
112
* @returns public key C
140
113
*/
141
- declare const getSharedSecret : ( privA : Hex , pubB : Hex , isCompressed ?: boolean ) => Bytes ;
114
+ declare const getSharedSecret : ( privA : Bytes , pubB : Bytes , isCompressed ?: boolean ) => Bytes ;
142
115
/** Math, hex, byte helpers. Not in `utils` because utils share API with noble-curves. */
143
116
declare const etc : {
117
+ hmacSha256Async : ( key : Bytes , ...msgs : Bytes [ ] ) => Promise < Bytes > ;
118
+ hmacSha256Sync : HmacFnSync ;
119
+ sha256Async : ( msg : Bytes ) => Promise < Bytes > ;
120
+ sha256Sync : Sha256FnSync ;
121
+ } ;
122
+ declare const etc2 : {
144
123
hexToBytes : ( hex : string ) => Bytes ;
145
124
bytesToHex : ( bytes : Bytes ) => string ;
146
125
concatBytes : ( ...arrs : Bytes [ ] ) => Bytes ;
147
126
bytesToNumberBE : ( a : Bytes ) => bigint ;
148
127
numberToBytesBE : ( n : bigint ) => Bytes ;
149
128
mod : ( a : bigint , md ?: bigint ) => bigint ;
150
129
invert : ( num : bigint , md ?: bigint ) => bigint ;
151
- hmacSha256Async : ( key : Bytes , ...msgs : Bytes [ ] ) => Promise < Bytes > ;
152
- hmacSha256Sync : HmacFnSync ;
153
- hashToPrivateKey : ( hash : Hex ) => Bytes ;
154
130
randomBytes : ( len ?: number ) => Bytes ;
155
131
} ;
132
+ declare const randomPrivateKey : ( ) => Bytes ;
156
133
/** Curve-specific utilities for private keys. */
157
134
declare const utils : {
158
- normPrivateKeyToScalar : ( p : PrivKey ) => bigint ;
159
- isValidPrivateKey : ( key : Hex ) => boolean ;
135
+ isValidPrivateKey : ( key : Bytes ) => boolean ;
160
136
randomPrivateKey : ( ) => Bytes ;
161
- precompute : ( w ?: number , p ?: Point ) => Point ;
162
137
} ;
163
- export { CURVE , etc , getPublicKey , getSharedSecret , Point as ProjectivePoint , sign , signAsync , Signature , utils , verify } ;
138
+ export type Sha256FnSync = undefined | ( ( msg : Bytes ) => Bytes ) ;
139
+ /**
140
+ * Schnorr public key is just `x` coordinate of Point as per BIP340.
141
+ */
142
+ declare const pubSchnorr : ( privateKey : Bytes ) => Bytes ;
143
+ /**
144
+ * Creates Schnorr signature as per BIP340. Verifies itself before returning anything.
145
+ * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous.
146
+ */
147
+ declare const signSchnorr : ( message : Bytes , privateKey : Bytes , auxRand ?: Bytes ) => Bytes ;
148
+ declare const signAsyncSchnorr : ( message : Bytes , privateKey : Bytes , auxRand ?: Bytes ) => Promise < Bytes > ;
149
+ /**
150
+ * Verifies Schnorr signature.
151
+ * Will swallow errors & return false except for initial type validation of arguments.
152
+ */
153
+ declare const verifySchnorr : ( s : Bytes , m : Bytes , p : Bytes ) => boolean ;
154
+ declare const verifyAsyncSchnorr : ( s : Bytes , m : Bytes , p : Bytes ) => Promise < boolean > ;
155
+ declare const schnorr : {
156
+ getPublicKey : typeof pubSchnorr ;
157
+ sign : typeof signSchnorr ;
158
+ verify : typeof verifySchnorr ;
159
+ signAsync : typeof signAsyncSchnorr ;
160
+ verifyAsync : typeof verifyAsyncSchnorr ;
161
+ } ;
162
+ export { CURVE , etc , etc2 , getPublicKey , getSharedSecret , Point , randomPrivateKey , recoverPublicKey , schnorr , sign , signAsync , Signature , utils , verify } ;
0 commit comments