UltrafastSecp256k1 3.50.0
Ultra high-performance secp256k1 elliptic curve cryptography library
Loading...
Searching...
No Matches
message_signing.hpp
Go to the documentation of this file.
1#ifndef SECP256K1_COINS_MESSAGE_SIGNING_HPP
2#define SECP256K1_COINS_MESSAGE_SIGNING_HPP
3#pragma once
4
5// ============================================================================
6// Unified Message Signing -- Bitcoin, Ethereum, and generic secp256k1 chains
7// ============================================================================
8// Provides chain-aware message signing and verification:
9//
10// Bitcoin: "\x18Bitcoin Signed Message:\n" + varint(len) + msg -> dSHA256
11// Ethereum: "\x19Ethereum Signed Message:\n" + decimal(len) + msg -> Keccak
12// Generic: raw 32-byte hash signing (no prefix)
13//
14// All signing produces recoverable signatures (r, s, recid).
15// Bitcoin uses base64-encoded 65-byte format (1-byte header + r + s).
16// Ethereum uses RSV (r + s + v) with EIP-155 chain ID encoding.
17// ============================================================================
18
19#include <array>
20#include <cstdint>
21#include <cstddef>
22#include <string>
23#include "secp256k1/scalar.hpp"
24#include "secp256k1/point.hpp"
25#include "secp256k1/recovery.hpp"
26
27namespace secp256k1::coins {
28
29// -- Bitcoin Message Signing (BIP-137 / Electrum) -----------------------------
30
31// Hash a message using Bitcoin signed message format:
32// SHA256(SHA256("\x18Bitcoin Signed Message:\n" + varint(msg_len) + msg))
33std::array<std::uint8_t, 32> bitcoin_message_hash(const std::uint8_t* msg,
34 std::size_t msg_len);
35
36// Sign a message using Bitcoin signed message format.
37// Returns recoverable signature (can extract recid for base64 encoding).
38RecoverableSignature bitcoin_sign_message(const std::uint8_t* msg,
39 std::size_t msg_len,
40 const fast::Scalar& private_key);
41
42// Verify a Bitcoin signed message against a public key.
43bool bitcoin_verify_message(const std::uint8_t* msg,
44 std::size_t msg_len,
45 const fast::Point& pubkey,
46 const ECDSASignature& sig);
47
48// Recover the public key from a Bitcoin signed message + recoverable signature.
49// Returns (pubkey, success).
50std::pair<fast::Point, bool>
51bitcoin_recover_message(const std::uint8_t* msg,
52 std::size_t msg_len,
53 const ECDSASignature& sig,
54 int recid);
55
56// Encode a recoverable signature as Bitcoin signed message base64 (65 bytes).
57// Header byte encodes recid + compression flag (27-34 range).
58std::string bitcoin_sig_to_base64(const RecoverableSignature& rsig,
59 bool compressed = true);
60
61// Decode a base64 Bitcoin signed message signature.
62// Returns (signature, recid, compressed_flag, success).
69BitcoinSigDecodeResult bitcoin_sig_from_base64(const std::string& base64);
70
71} // namespace secp256k1::coins
72
73#endif // SECP256K1_COINS_MESSAGE_SIGNING_HPP
secp256k1::coins::bitcoin_verify_message
bool bitcoin_verify_message(const std::uint8_t *msg, std::size_t msg_len, const fast::Point &pubkey, const ECDSASignature &sig)
secp256k1::coins::bitcoin_sig_to_base64
std::string bitcoin_sig_to_base64(const RecoverableSignature &rsig, bool compressed=true)
secp256k1::coins::bitcoin_sig_from_base64
BitcoinSigDecodeResult bitcoin_sig_from_base64(const std::string &base64)
secp256k1::coins::bitcoin_sign_message
RecoverableSignature bitcoin_sign_message(const std::uint8_t *msg, std::size_t msg_len, const fast::Scalar &private_key)
secp256k1::coins::bitcoin_message_hash
std::array< std::uint8_t, 32 > bitcoin_message_hash(const std::uint8_t *msg, std::size_t msg_len)
secp256k1::coins::bitcoin_recover_message
std::pair< fast::Point, bool > bitcoin_recover_message(const std::uint8_t *msg, std::size_t msg_len, const ECDSASignature &sig, int recid)