1 // Copyright (c) 2013-2014 The btcsuite developers 2 // Copyright (c) 2015-2022 The Decred developers 3 // Use of this source code is governed by an ISC 4 // license that can be found in the LICENSE file. 5 6 /* 7 Package secp256k1 implements optimized secp256k1 elliptic curve operations in 8 pure Go. 9 10 This package provides an optimized pure Go implementation of elliptic curve 11 cryptography operations over the secp256k1 curve as well as data structures and 12 functions for working with public and private secp256k1 keys. See 13 https://www.secg.org/sec2-v2.pdf for details on the standard. 14 15 In addition, sub packages are provided to produce, verify, parse, and serialize 16 ECDSA signatures and EC-Schnorr-DCRv0 (a custom Schnorr-based signature scheme 17 specific to Decred) signatures. See the README.md files in the relevant sub 18 packages for more details about those aspects. 19 20 An overview of the features provided by this package are as follows: 21 22 - Private key generation, serialization, and parsing 23 - Public key generation, serialization and parsing per ANSI X9.62-1998 24 - Parses uncompressed, compressed, and hybrid public keys 25 - Serializes uncompressed and compressed public keys 26 - Specialized types for performing optimized and constant time field operations 27 - FieldVal type for working modulo the secp256k1 field prime 28 - ModNScalar type for working modulo the secp256k1 group order 29 - Elliptic curve operations in Jacobian projective coordinates 30 - Point addition 31 - Point doubling 32 - Scalar multiplication with an arbitrary point 33 - Scalar multiplication with the base point (group generator) 34 - Point decompression from a given x coordinate 35 - Nonce generation via RFC6979 with support for extra data and version 36 information that can be used to prevent nonce reuse between signing 37 algorithms 38 39 It also provides an implementation of the Go standard library crypto/elliptic 40 Curve interface via the S256 function so that it may be used with other packages 41 in the standard library such as crypto/tls, crypto/x509, and crypto/ecdsa. 42 However, in the case of ECDSA, it is highly recommended to use the ecdsa sub 43 package of this package instead since it is optimized specifically for secp256k1 44 and is significantly faster as a result. 45 46 Although this package was primarily written for dcrd, it has intentionally been 47 designed so it can be used as a standalone package for any projects needing to 48 use optimized secp256k1 elliptic curve cryptography. 49 50 Finally, a comprehensive suite of tests is provided to provide a high level of 51 quality assurance. 52 53 # Use of secp256k1 in Decred 54 55 At the time of this writing, the primary public key cryptography in widespread 56 use on the Decred network used to secure coins is based on elliptic curves 57 defined by the secp256k1 domain parameters. 58 */ 59 package secp256k1 60