1 // Copyright (c) 2020-2023 The Decred developers 2 // Use of this source code is governed by an ISC 3 // license that can be found in the LICENSE file. 4 5 /* 6 Package ecdsa provides secp256k1-optimized ECDSA signing and verification. 7 8 This package provides data structures and functions necessary to produce and 9 verify deterministic canonical signatures in accordance with RFC6979 and 10 BIP0062, optimized specifically for the secp256k1 curve using the Elliptic Curve 11 Digital Signature Algorithm (ECDSA), as defined in FIPS 186-3. See 12 https://www.secg.org/sec2-v2.pdf for details on the secp256k1 standard. 13 14 It also provides functions to parse and serialize the ECDSA signatures with the 15 more strict Distinguished Encoding Rules (DER) of ISO/IEC 8825-1 and some 16 additional restrictions specific to secp256k1. 17 18 In addition, it supports a custom "compact" signature format which allows 19 efficient recovery of the public key from a given valid signature and message 20 hash combination. 21 22 A comprehensive suite of tests is provided to ensure proper functionality. 23 24 # ECDSA use in Decred 25 26 At the time of this writing, ECDSA signatures are heavily used for proving coin 27 ownership in Decred as the vast majority of transactions consist of what is 28 effectively transferring ownership of coins to a public key associated with a 29 private key only known to the recipient of the coins along with an encumbrance 30 that requires an ECDSA signature that proves the new owner possesses the private 31 key without actually revealing it. 32 33 # Errors 34 35 The errors returned by this package are of type ecdsa.Error and fully support 36 the standard library errors.Is and errors.As functions. This allows the caller 37 to programmatically determine the specific error by examining the ErrorKind 38 field of the type asserted ecdsa.Error while still providing rich error messages 39 with contextual information. See ErrorKind in the package documentation for a 40 full list. 41 */ 42 package ecdsa 43