EcdsaSignatureV2
Deprecated
EcdsaSignature
is now deprecated and will be removed in a future release. Please use EcdsaSignatureV2 instead.
Extends
Constructors
new EcdsaSignatureV2()
new EcdsaSignatureV2(signature: {
"r": number | bigint | Field3 | AlmostForeignField;
"s": number | bigint | Field3 | AlmostForeignField;
}): EcdsaSignatureV2
Parameters
• signature
• signature.r: number
| bigint
| Field3
| AlmostForeignField
• signature.s: number
| bigint
| Field3
| AlmostForeignField
Returns
Overrides
Source
lib/provable/crypto/foreign-ecdsa.ts:220
Properties
r
r: AlmostForeignField;
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:36
s
s: AlmostForeignField;
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:37
_Curve?
static optional _Curve: typeof ForeignCurve;
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:196
_provable?
static optional _provable: ProvablePureExtended<EcdsaSignature, {
"r": bigint;
"s": bigint;
}, {
"r": string;
"s": string;
}>;
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:197
Accessors
Constructor
get Constructor(): typeof EcdsaSignature
Returns
typeof EcdsaSignature
Source
lib/provable/crypto/foreign-ecdsa.ts:193
Curve
get static Curve(): typeof ForeignCurve
The ForeignCurve on which the ECDSA signature is defined.
Returns
typeof ForeignCurve
Source
lib/provable/crypto/foreign-ecdsa.ts:206
provable
get static provable(): ProvablePureExtended<EcdsaSignature, {
"r": bigint;
"s": bigint;
}, {
"r": string;
"s": string;
}>
Provable<EcdsaSignature>
Returns
ProvablePureExtended
\<EcdsaSignature
, {
"r"
: bigint
;
"s"
: bigint
;
}, {
"r"
: string
;
"s"
: string
;
}>
Source
lib/provable/crypto/foreign-ecdsa.ts:213
Methods
toBigInt()
toBigInt(): {
"r": bigint;
"s": bigint;
}
Convert this signature to an object with bigint fields.
Returns
{
"r": bigint;
"s": bigint;
}
r
r: bigint;
s
s: bigint;
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:71
verify()
verify(message: Bytes, publicKey: FlexiblePoint): Bool
Parameters
• message: Bytes
• publicKey: FlexiblePoint
Returns
Inherited from
Deprecated
There is a security vulnerability in this method. Use verifyV2 instead.
Source
lib/provable/crypto/foreign-ecdsa.ts:78
verifySignedHash()
verifySignedHash(msgHash: bigint | AlmostForeignField, publicKey: FlexiblePoint): Bool
Parameters
• msgHash: bigint
| AlmostForeignField
• publicKey: FlexiblePoint
Returns
Inherited from
EcdsaSignature
.verifySignedHash
Deprecated
There is a security vulnerability in this method. Use verifySignedHashV2 instead.
Source
lib/provable/crypto/foreign-ecdsa.ts:127
verifySignedHashV2()
verifySignedHashV2(msgHash: bigint | AlmostForeignField, publicKey: FlexiblePoint): Bool
Verify the ECDSA signature given the message hash (a Scalar) and public key (a Curve point).
This is a building block of EcdsaSignature.verify, where the input message is also hashed. In contrast, this method just takes the message hash (a curve scalar) as input, giving you flexibility in choosing the hashing algorithm.
Parameters
• msgHash: bigint
| AlmostForeignField
• publicKey: FlexiblePoint
Returns
Inherited from
EcdsaSignature
.verifySignedHashV2
Source
lib/provable/crypto/foreign-ecdsa.ts:148
verifyV2()
verifyV2(message: Bytes, publicKey: FlexiblePoint): Bool
Verify the ECDSA signature given the message (an array of bytes) and public key (a Curve point).
Important: This method returns a Bool which indicates whether the signature is valid. So, to actually prove validity of a signature, you need to assert that the result is true.
Parameters
• message: Bytes
• publicKey: FlexiblePoint
Returns
Inherited from
Throws
if one of the signature scalars is zero or if the public key is not on the curve.
Example
// create classes for your curve
class Secp256k1 extends createForeignCurve(Crypto.CurveParams.Secp256k1) {}
class Scalar extends Secp256k1.Scalar {}
class Ecdsa extends createEcdsa(Secp256k1) {}
let message = 'my message';
let messageBytes = new TextEncoder().encode(message);
// outside provable code: create inputs
let privateKey = Scalar.random();
let publicKey = Secp256k1.generator.scale(privateKey);
let signature = Ecdsa.sign(messageBytes, privateKey.toBigInt());
// ...
// in provable code: create input witnesses (or use method inputs, or constants)
let pk = Provable.witness(Secp256k1.provable, () => publicKey);
let msg = Provable.witness(Provable.Array(Field, 9), () => messageBytes.map(Field));
let sig = Provable.witness(Ecdsa.provable, () => signature);
// verify signature
let isValid = sig.verify(msg, pk);
isValid.assertTrue('signature verifies');
Source
lib/provable/crypto/foreign-ecdsa.ts:118
check()
static check(signature: EcdsaSignatureV2): void
Parameters
• signature: EcdsaSignatureV2
Returns
void
Overrides
Source
lib/provable/crypto/foreign-ecdsa.ts:227
from()
static from(signature: FlexibleSignature): EcdsaSignature
Coerce the input to a EcdsaSignature.
Parameters
• signature: FlexibleSignature
Returns
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:54
fromHex()
static fromHex(rawSignature: string): EcdsaSignature
Create an EcdsaSignature from a raw 130-char hex string as used in Ethereum transactions.
Parameters
• rawSignature: string
Returns
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:63
sign()
static sign(message: Uint8Array | (number | bigint)[], privateKey: bigint): EcdsaSignature
Create an EcdsaSignature by signing a message with a private key.
Note: This method is not provable, and only takes JS bigints as input.
Parameters
• message: Uint8Array
| (number
| bigint
)[]
• privateKey: bigint
Returns
Inherited from
Source
lib/provable/crypto/foreign-ecdsa.ts:167
signHash()
static signHash(msgHash: bigint, privateKey: bigint): EcdsaSignature
Create an EcdsaSignature by signing a message hash with a private key.
This is a building block of EcdsaSignature.sign, where the input message is also hashed. In contrast, this method just takes the message hash (a curve scalar) as input, giving you flexibility in choosing the hashing algorithm.
Note: This method is not provable, and only takes JS bigints as input.
Parameters
• msgHash: bigint
• privateKey: bigint