Skip to content

Commit 6476542

Browse files
committed
v3: schnorr, u8a-only, change names and exports
1 parent d3f9415 commit 6476542

File tree

13 files changed

+693
-396
lines changed

13 files changed

+693
-396
lines changed

index.d.ts

Lines changed: 44 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -12,15 +12,6 @@ declare const CURVE: {
1212
};
1313
/** Alias to Uint8Array. */
1414
export type Bytes = Uint8Array;
15-
/** Hex-encoded string or Uint8Array. */
16-
export type Hex = Bytes | string;
17-
/** Hex-encoded string, Uint8Array or bigint. */
18-
export type PrivKey = Hex | bigint;
19-
/** Signature instance. Has properties r and s. */
20-
export type SigLike = {
21-
r: bigint;
22-
s: bigint;
23-
};
2415
/** Signature instance, which allows recovering pubkey from it. */
2516
export type SignatureWithRecovery = Signature & {
2617
recovery: number;
@@ -32,13 +23,10 @@ export interface AffinePoint {
3223
}
3324
/** Point in 3d xyz projective coordinates. 3d takes less inversions than 2d. */
3425
declare class Point {
35-
static BASE: Point;
36-
static ZERO: Point;
3726
readonly px: bigint;
3827
readonly py: bigint;
3928
readonly pz: bigint;
4029
constructor(px: bigint, py: bigint, pz: bigint);
41-
/** Convert Uint8Array or hex string to Point. */
4230
static fromBytes(bytes: Bytes): Point;
4331
/** Equality check: compare points P&Q. */
4432
equals(other: Point): boolean;
@@ -58,43 +46,26 @@ declare class Point {
5846
/** Checks if the point is valid and on-curve. */
5947
ok(): Point;
6048
toBytes(isCompressed?: boolean): Bytes;
61-
/** Create 3d xyz point from 2d xy. (0, 0) => (0, 1, 0), not (0, 0, 1) */
62-
static fromAffine(p: AffinePoint): Point;
63-
static fromPrivateKey(k: PrivKey): Point;
64-
static fromHex(hex: Hex): Point;
65-
get x(): bigint;
66-
get y(): bigint;
49+
toHex(c?: boolean): string;
6750
multiply(n: bigint): Point;
68-
toAffine(): AffinePoint;
69-
toHex(isCompressed?: boolean): string;
70-
toRawBytes(c?: boolean): Bytes;
71-
assertValidity(): Point;
51+
static fromPrivateKey(k: Bytes): Point;
7252
}
7353
/** Creates 33/65-byte public key from 32-byte private key. */
74-
declare const getPublicKey: (privKey: PrivKey, isCompressed?: boolean) => Bytes;
54+
declare const getPublicKey: (privKey: Bytes, isCompressed?: boolean) => Bytes;
7555
/** ECDSA Signature class. Supports only compact 64-byte representation, not DER. */
7656
declare class Signature {
7757
readonly r: bigint;
7858
readonly s: bigint;
7959
readonly recovery?: number;
8060
constructor(r: bigint, s: bigint, recovery?: number);
81-
/** Create signature from 64b compact (r || s) representation. */
82-
static fromCompact(hex: Hex): Signature;
83-
assertValidity(): Signature;
84-
/** Create new signature, with added recovery bit. */
85-
addRecoveryBit(rec: number): SignatureWithRecovery;
8661
hasHighS(): boolean;
87-
normalizeS(): Signature;
88-
recoverPublicKey(msgh: Hex): Point;
89-
/** Uint8Array 64b compact (r || s) representation. */
62+
static fromBytes(b: Bytes): Signature;
9063
toCompactRawBytes(): Bytes;
91-
/** Hex string 64b compact (r || s) representation. */
92-
toCompactHex(): string;
9364
}
9465
type HmacFnSync = undefined | ((key: Bytes, ...msgs: Bytes[]) => Bytes);
9566
type OptS = {
9667
lowS?: boolean;
97-
extraEntropy?: boolean | Hex;
68+
extraEntropy?: boolean | Bytes;
9869
};
9970
type OptV = {
10071
lowS?: boolean;
@@ -109,7 +80,7 @@ type OptV = {
10980
* @param priv - private key
11081
* @param opts - `lowS: true` to prevent malleability (s >= CURVE.n/2), `extraEntropy: boolean | Hex` to improve sig security.
11182
*/
112-
declare const signAsync: (msgh: Hex, priv: PrivKey, opts?: OptS) => Promise<SignatureWithRecovery>;
83+
declare const signAsync: (msgh: Bytes, priv: Bytes, opts?: OptS) => Promise<Bytes>;
11384
/**
11485
* Sign a msg hash using secp256k1.
11586
* It is advised to use `extraEntropy: true` (from RFC6979 3.6) to prevent fault attacks.
@@ -121,15 +92,17 @@ declare const signAsync: (msgh: Hex, priv: PrivKey, opts?: OptS) => Promise<Sign
12192
* @example
12293
* const sig = sign(sha256('hello'), privKey, { extraEntropy: true }).toCompactRawBytes();
12394
*/
124-
declare const sign: (msgh: Hex, priv: PrivKey, opts?: OptS) => SignatureWithRecovery;
95+
declare const sign: (msgh: Bytes, priv: Bytes, opts?: OptS) => Bytes;
12596
/**
12697
* Verify a signature using secp256k1.
12798
* @param sig - signature, 64-byte or Signature instance
12899
* @param msgh - message HASH, not message itself e.g. sha256(message)
129100
* @param pub - public key
130101
* @param opts - { lowS: true } is default, prohibits s >= CURVE.n/2 to prevent malleability
131102
*/
132-
declare const verify: (sig: Hex | SigLike, msgh: Hex, pub: Hex, opts?: OptV) => boolean;
103+
declare const verify: (sig: Bytes, msgh: Bytes, pub: Bytes, opts?: OptV) => boolean;
104+
/** ECDSA public key recovery. Requires msg hash and recovery id. */
105+
declare const recoverPublicKey: (point: SignatureWithRecovery, msgh: Bytes) => Point;
133106
/**
134107
* Elliptic Curve Diffie-Hellman (ECDH) on secp256k1.
135108
* Result is **NOT hashed**. Use hash on it if you need.
@@ -138,26 +111,52 @@ declare const verify: (sig: Hex | SigLike, msgh: Hex, pub: Hex, opts?: OptV) =>
138111
* @param isCompressed 33-byte or 65-byte output
139112
* @returns public key C
140113
*/
141-
declare const getSharedSecret: (privA: Hex, pubB: Hex, isCompressed?: boolean) => Bytes;
114+
declare const getSharedSecret: (privA: Bytes, pubB: Bytes, isCompressed?: boolean) => Bytes;
142115
/** Math, hex, byte helpers. Not in `utils` because utils share API with noble-curves. */
143116
declare const etc: {
117+
hmacSha256Async: (key: Bytes, ...msgs: Bytes[]) => Promise<Bytes>;
118+
hmacSha256Sync: HmacFnSync;
119+
sha256Async: (msg: Bytes) => Promise<Bytes>;
120+
sha256Sync: Sha256FnSync;
121+
};
122+
declare const etc2: {
144123
hexToBytes: (hex: string) => Bytes;
145124
bytesToHex: (bytes: Bytes) => string;
146125
concatBytes: (...arrs: Bytes[]) => Bytes;
147126
bytesToNumberBE: (a: Bytes) => bigint;
148127
numberToBytesBE: (n: bigint) => Bytes;
149128
mod: (a: bigint, md?: bigint) => bigint;
150129
invert: (num: bigint, md?: bigint) => bigint;
151-
hmacSha256Async: (key: Bytes, ...msgs: Bytes[]) => Promise<Bytes>;
152-
hmacSha256Sync: HmacFnSync;
153-
hashToPrivateKey: (hash: Hex) => Bytes;
154130
randomBytes: (len?: number) => Bytes;
155131
};
132+
declare const randomPrivateKey: () => Bytes;
156133
/** Curve-specific utilities for private keys. */
157134
declare const utils: {
158-
normPrivateKeyToScalar: (p: PrivKey) => bigint;
159-
isValidPrivateKey: (key: Hex) => boolean;
135+
isValidPrivateKey: (key: Bytes) => boolean;
160136
randomPrivateKey: () => Bytes;
161-
precompute: (w?: number, p?: Point) => Point;
162137
};
163-
export { CURVE, etc, getPublicKey, getSharedSecret, Point as ProjectivePoint, sign, signAsync, Signature, utils, verify };
138+
export type Sha256FnSync = undefined | ((msg: Bytes) => Bytes);
139+
/**
140+
* Schnorr public key is just `x` coordinate of Point as per BIP340.
141+
*/
142+
declare const pubSchnorr: (privateKey: Bytes) => Bytes;
143+
/**
144+
* Creates Schnorr signature as per BIP340. Verifies itself before returning anything.
145+
* auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous.
146+
*/
147+
declare const signSchnorr: (message: Bytes, privateKey: Bytes, auxRand?: Bytes) => Bytes;
148+
declare const signAsyncSchnorr: (message: Bytes, privateKey: Bytes, auxRand?: Bytes) => Promise<Bytes>;
149+
/**
150+
* Verifies Schnorr signature.
151+
* Will swallow errors & return false except for initial type validation of arguments.
152+
*/
153+
declare const verifySchnorr: (s: Bytes, m: Bytes, p: Bytes) => boolean;
154+
declare const verifyAsyncSchnorr: (s: Bytes, m: Bytes, p: Bytes) => Promise<boolean>;
155+
declare const schnorr: {
156+
getPublicKey: typeof pubSchnorr;
157+
sign: typeof signSchnorr;
158+
verify: typeof verifySchnorr;
159+
signAsync: typeof signAsyncSchnorr;
160+
verifyAsync: typeof verifyAsyncSchnorr;
161+
};
162+
export { CURVE, etc, etc2, getPublicKey, getSharedSecret, Point, randomPrivateKey, recoverPublicKey, schnorr, sign, signAsync, Signature, utils, verify };

0 commit comments

Comments
 (0)