Skip to main content

EcdsaSignature

Constructors

new EcdsaSignature(signature)

new EcdsaSignature(signature: {
r: number | bigint | Field3 | AlmostForeignField;
s: number | bigint | Field3 | AlmostForeignField;
}): EcdsaSignature

Create a new EcdsaSignature from an object containing the scalars r and s.

Parameters

signature

signature.r: number | bigint | Field3 | AlmostForeignField

signature.s: number | bigint | Field3 | AlmostForeignField

Returns

EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:37

Properties

r

r: AlmostForeignField;

Source

lib/provable/crypto/foreign-ecdsa.ts:30


s

s: AlmostForeignField;

Source

lib/provable/crypto/foreign-ecdsa.ts:31


_Curve?

static optional _Curve: typeof ForeignCurve;

Source

lib/provable/crypto/foreign-ecdsa.ts:164


_provable?

static optional _provable: ProvablePureExtended<EcdsaSignature, {
r: string;
s: string;
}>;

Source

lib/provable/crypto/foreign-ecdsa.ts:165

Accessors

Constructor

get Constructor(): typeof EcdsaSignature

Returns

typeof EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:161


Curve

get static Curve(): typeof ForeignCurve

The ForeignCurve on which the ECDSA signature is defined.

Returns

typeof ForeignCurve

Source

lib/provable/crypto/foreign-ecdsa.ts:173


provable

get static provable(): ProvablePureExtended<EcdsaSignature, {
r: string;
s: string;
}>

Provable<EcdsaSignature>

Returns

ProvablePureExtended\<EcdsaSignature, { r: string; s: string; }>

Source

lib/provable/crypto/foreign-ecdsa.ts:180

Methods

toBigInt()

toBigInt(): {
r: bigint;
s: bigint;
}

Convert this signature to an object with bigint fields.

Returns

{
r: bigint;
s: bigint;
}
r
r: bigint;
s
s: bigint;

Source

lib/provable/crypto/foreign-ecdsa.ts:65


verify()

verify(message: Bytes, publicKey: FlexiblePoint): Bool

Verify the ECDSA signature given the message (an array of bytes) and public key (a Curve point).

Important: This method returns a Bool which indicates whether the signature is valid. So, to actually prove validity of a signature, you need to assert that the result is true.

Parameters

message: Bytes

publicKey: FlexiblePoint

Returns

Bool

Throws

if one of the signature scalars is zero or if the public key is not on the curve.

Example

// create classes for your curve
class Secp256k1 extends createForeignCurve(Crypto.CurveParams.Secp256k1) {}
class Scalar extends Secp256k1.Scalar {}
class Ecdsa extends createEcdsa(Secp256k1) {}

let message = 'my message';
let messageBytes = new TextEncoder().encode(message);

// outside provable code: create inputs
let privateKey = Scalar.random();
let publicKey = Secp256k1.generator.scale(privateKey);
let signature = Ecdsa.sign(messageBytes, privateKey.toBigInt());

// ...
// in provable code: create input witnesses (or use method inputs, or constants)
let pk = Provable.witness(Secp256k1.provable, () => publicKey);
let msg = Provable.witness(Provable.Array(Field, 9), () => messageBytes.map(Field));
let sig = Provable.witness(Ecdsa.provable, () => signature);

// verify signature
let isValid = sig.verify(msg, pk);
isValid.assertTrue('signature verifies');

Source

lib/provable/crypto/foreign-ecdsa.ts:103


verifySignedHash()

verifySignedHash(msgHash: bigint | AlmostForeignField, publicKey: FlexiblePoint): Bool

Verify the ECDSA signature given the message hash (a Scalar) and public key (a Curve point).

This is a building block of EcdsaSignature.verify, where the input message is also hashed. In contrast, this method just takes the message hash (a curve scalar) as input, giving you flexibility in choosing the hashing algorithm.

Parameters

msgHash: bigint | AlmostForeignField

publicKey: FlexiblePoint

Returns

Bool

Source

lib/provable/crypto/foreign-ecdsa.ts:116


check()

static check(signature: EcdsaSignature): void

Parameters

signature: EcdsaSignature

Returns

void

Source

lib/provable/crypto/foreign-ecdsa.ts:155


from()

static from(signature: FlexibleSignature): EcdsaSignature

Coerce the input to a EcdsaSignature.

Parameters

signature: FlexibleSignature

Returns

EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:48


fromHex()

static fromHex(rawSignature: string): EcdsaSignature

Create an EcdsaSignature from a raw 130-char hex string as used in Ethereum transactions.

Parameters

rawSignature: string

Returns

EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:57


sign()

static sign(message: Uint8Array | (number | bigint)[], privateKey: bigint): EcdsaSignature

Create an EcdsaSignature by signing a message with a private key.

Note: This method is not provable, and only takes JS bigints as input.

Parameters

message: Uint8Array | (number | bigint)[]

privateKey: bigint

Returns

EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:135


signHash()

static signHash(msgHash: bigint, privateKey: bigint): EcdsaSignature

Create an EcdsaSignature by signing a message hash with a private key.

This is a building block of EcdsaSignature.sign, where the input message is also hashed. In contrast, this method just takes the message hash (a curve scalar) as input, giving you flexibility in choosing the hashing algorithm.

Note: This method is not provable, and only takes JS bigints as input.

Parameters

msgHash: bigint

privateKey: bigint

Returns

EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:150