blindsecp256k1

package module

v0.0.0-...-04b9532 Latest Latest Go to latest Published: Nov 18, 2021 License: GPL-3.0 Imports: 8 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

go-blindsecp256k1

Blind signature over secp256k1, based on "New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem" paper by Hamid Mala & Nafiseh Nezhadansari.

WARNING: this repo is experimental, do not use in production.

The implementation of this repo is compatible with https://github.com/arnaucube/blindsecp256k1-js

Usage

import (
	[...]
	"github.com/arnaucube/go-blindsecp256k1"
)

[...]
// errors are not handled for simplicity of the example

// signer: create new signer key pair
sk, _ := blindsecp256k1.NewPrivateKey()
signerPubK := sk.Public()

// signer: when user requests new R parameter to blind a new msg,
// create new signerR (public) with its secret k
k, signerR, _ := blindsecp256k1.NewRequestParameters()

// user: blinds the msg using signer's R
msg := new(big.Int).SetBytes([]byte("test"))
msgBlinded, userSecretData, _ := blindsecp256k1.Blind(msg, signerR)

// signer: signs the blinded message using its private key & secret k
sBlind, _ := sk.BlindSign(msgBlinded, k)

// user: unblinds the blinded signature
sig := blindsecp256k1.Unblind(sBlind, userSecretData)

// signature can be verified with signer PublicKey
verified := blindsecp256k1.Verify(msg, sig, signerPubK)
assert.True(t, verified)

Compression & decompression (allows to compress a point & public key (64 bytes) into 33 bytes, and a signature (96 bytes) into 65 bytes):

p := blindsecp256k1.G // take the generator point as an example

// also, instead from G, we can start from a PublicKey, which can be converted
// into a Point with
p = pk.Point()

// compress point
b := p.Compress()
fmt.Println(hex.EncodeToString(b[:]))

// decompress point (recovering the original point)
p2, _ := blindsecp256k1.DecompressPoint(b)
assert.Equal(t, p, p2)


// compress signature
b = sig.Compress()
fmt.Println(hex.EncodeToString(b[:])) // 65 bytes

// decompress signature
sig2, _ := DecompressSignature(b)
assert.Equal(t, sig, sig2)

WASM usage

WASM wrappers for browser usage can be found at the wasm directory with an example in html&js.

Documentation ¶

Overview ¶

Package blindsecp256k1 implements the Blind signature scheme explained at "New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem", by Hamid Mala & Nafiseh Nezhadansari https://sci-hub.st/10.1109/ICCKE.2013.6682844

LICENSE can be found at https://github.com/arnaucube/go-blindsecp256k1/blob/master/LICENSE

Index ¶

Variables
func Verify(m *big.Int, s *Signature, q *PublicKey) bool
type Point
type PrivateKey
- func NewPrivateKey() (*PrivateKey, error)
type PublicKey
type Signature
type UserSecretData
- func Blind(m *big.Int, signerR *Point) (*big.Int, *UserSecretData, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (

	// B (from y^2 = x^3 + B)
	B *big.Int = s256.B

	// P represents the secp256k1 finite field
	P *big.Int = s256.P

	// G represents the base point of secp256k1
	G *Point = &Point{
		X: s256.Gx,
		Y: s256.Gy,
	}

	// N represents the order of G of secp256k1
	N *big.Int = s256.N
)

Functions ¶

func Verify ¶

func Verify(m *big.Int, s *Signature, q *PublicKey) bool

Verify checks the signature of the message m for the given PublicKey

Types ¶

type Point ¶

type Point struct {
	X *big.Int
	Y *big.Int
}

Point represents a point on the secp256k1 curve

func DecompressPoint ¶

func DecompressPoint(b [33]byte) (*Point, error)

DecompressPoint unpacks a Point from the given byte array of 33 bytes https://bitcointalk.org/index.php?topic=162805.msg1712294#msg1712294

func NewPointFromBytes ¶

func NewPointFromBytes(b []byte) (*Point, error)

NewPointFromBytes returns a new *Point from a given byte array with length 64 which has encoded the point coordinates each one as 32 bytes in little-endian.

func NewPointFromBytesUncompressed ¶

func NewPointFromBytesUncompressed(b []byte) (*Point, error)

NewPointFromBytesUncompressed returns a new *Point from a given byte array with length 64 which has encoded the point coordinates each one as 32 bytes in little-endian.

func NewRequestParameters ¶

func NewRequestParameters() (*big.Int, *Point, error)

NewRequestParameters returns a new random k (secret) & R (public) parameters

func (*Point) Add ¶

func (p *Point) Add(q *Point) *Point

Add performs the Point addition

func (*Point) Bytes ¶

func (p *Point) Bytes() []byte

Bytes returns the compressed Point in a little-endian byte array

func (*Point) BytesUncompressed ¶

func (p *Point) BytesUncompressed() []byte

BytesUncompressed returns a byte array of length 64, with the X & Y coordinates of the Point encoded in little-endian. [ X (32 bytes) | Y (32 bytes)]

func (*Point) Compress ¶

func (p *Point) Compress() [33]byte

Compress packs a Point to a byte array of 33 bytes, encoded in little-endian.

func (Point) MarshalJSON ¶

func (p Point) MarshalJSON() ([]byte, error)

MarshalJSON implements the json marshaler for the Point

func (*Point) Mul ¶

func (p *Point) Mul(scalar *big.Int) *Point

Mul performs the Point scalar multiplication

func (*Point) UnmarshalJSON ¶

func (p *Point) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json unmarshaler for the Point

type PrivateKey ¶

type PrivateKey big.Int

PrivateKey represents the signer's private key

func NewPrivateKey ¶

func NewPrivateKey() (*PrivateKey, error)

NewPrivateKey returns a new random private key

func (*PrivateKey) BigInt ¶

func (sk *PrivateKey) BigInt() *big.Int

BigInt returns a *big.Int representation of the PrivateKey

func (*PrivateKey) BlindSign ¶

func (sk *PrivateKey) BlindSign(mBlinded *big.Int, k *big.Int) (*big.Int, error)

BlindSign performs the blind signature on the given mBlinded using the PrivateKey and the secret k values.

func (*PrivateKey) Public ¶

func (sk *PrivateKey) Public() *PublicKey

Public returns the PublicKey from the PrivateKey

type PublicKey ¶

type PublicKey Point

PublicKey represents the signer's public key

func NewPublicKeyFromBytes ¶

func NewPublicKeyFromBytes(b []byte) (*PublicKey, error)

NewPublicKeyFromBytes returns a new *PublicKey from a given byte array with length 64 which has encoded the public key coordinates each one as 32 bytes in little-endian.

func NewPublicKeyFromBytesUncompressed ¶

func NewPublicKeyFromBytesUncompressed(b []byte) (*PublicKey, error)

NewPublicKeyFromBytesUncompressed returns a new *PublicKey from a given byte array with length 64 which has encoded the public key coordinates each one as 32 bytes in little-endian.

func NewPublicKeyFromECDSA ¶

func NewPublicKeyFromECDSA(b []byte) (*PublicKey, error)

NewPublicKeyFromECDSA returns a *PublicKey from a serialized/marshaled array of bytes generated by the ethereum/standard ECDSA PubKey implementation.

func (*PublicKey) Bytes ¶

func (pk *PublicKey) Bytes() []byte

Bytes returns the compressed PublicKey in a little-endian byte array

func (*PublicKey) BytesUncompressed ¶

func (pk *PublicKey) BytesUncompressed() []byte

BytesUncompressed returns a byte array of length 64, with the X & Y coordinates of the PublicKey encoded in little-endian. [ X (32 bytes) | Y (32 bytes)]

func (PublicKey) MarshalJSON ¶

func (pk PublicKey) MarshalJSON() ([]byte, error)

MarshalJSON implements the json marshaler for the PublicKey

func (*PublicKey) Point ¶

func (pk *PublicKey) Point() *Point

Point returns a *Point representation of the PublicKey

func (*PublicKey) UnmarshalJSON ¶

func (pk *PublicKey) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json unmarshaler for the PublicKey

type Signature ¶

type Signature struct {
	S *big.Int
	F *Point
}

Signature contains the signature values S & F

func DecompressSignature ¶

func DecompressSignature(b [65]byte) (*Signature, error)

DecompressSignature unpacks a Signature from the given byte array of 65 bytes

func NewSignatureFromBytes ¶

func NewSignatureFromBytes(b []byte) (*Signature, error)

NewSignatureFromBytes returns a new *Signature from a given byte array with length 96 which has encoded S and the F point coordinates each one as 32 bytes in little-endian.

func NewSignatureFromBytesUncompressed ¶

func NewSignatureFromBytesUncompressed(b []byte) (*Signature, error)

NewSignatureFromBytesUncompressed returns a new *Signature from a given byte array with length 96 which has encoded S and the F point coordinates each one as 32 bytes in little-endian.

func Unblind ¶

func Unblind(sBlind *big.Int, u *UserSecretData) *Signature

Unblind performs the unblinding operation of the blinded signature for the given the UserSecretData

func (*Signature) Bytes ¶

func (sig *Signature) Bytes() []byte

Bytes returns the compressed Signature in a little-endian byte array

func (*Signature) BytesUncompressed ¶

func (sig *Signature) BytesUncompressed() []byte

BytesUncompressed returns a byte array of length 96, with the S, F.X and F.Y coordinates of the Signature encoded in little-endian. [ S (32 bytes | F.X (32 bytes) | F.Y (32 bytes)]

func (*Signature) Compress ¶

func (s *Signature) Compress() [65]byte

Compress packs a Signature to a byte array of 65 bytes, encoded in little-endian.

func (Signature) MarshalJSON ¶

func (sig Signature) MarshalJSON() ([]byte, error)

MarshalJSON implements the json marshaler for the Signature

func (*Signature) UnmarshalJSON ¶

func (sig *Signature) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json unmarshaler for the Signature

type UserSecretData ¶

type UserSecretData struct {
	A *big.Int
	B *big.Int

	F *Point // public (in the paper is named R)
}

UserSecretData contains the secret values from the User (a, b) and the public F

func Blind(m *big.Int, signerR *Point) (*big.Int, *UserSecretData, error)

Blind performs the blinding operation on m using signerR parameter

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
v0 Package blindsecp256k1v0 implements the Blind signature scheme explained at "An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem", by Morteza Nikooghadama & Ali Zakerolhosseini http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf LICENSE can be found at https://github.com/arnaucube/go-blindsecp256k1/blob/master/LICENSE	Package blindsecp256k1v0 implements the Blind signature scheme explained at "An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem", by Morteza Nikooghadama & Ali Zakerolhosseini http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf LICENSE can be found at https://github.com/arnaucube/go-blindsecp256k1/blob/master/LICENSE
wasm

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL