1 // Copyright (c) 2013-2014 The btcsuite developers
2 // Copyright (c) 2015-2022 The Decred developers
3 // Use of this source code is governed by an ISC
4 // license that can be found in the LICENSE file.
5 6 // Package secp256k1 implements optimized secp256k1 elliptic curve operations in
7 // pure Go. This is an update that uses the Go 1.16 embed library instead of
8 // generated code for the data.
9 //
10 // This package provides an optimized pure Go implementation of elliptic curve
11 // cryptography operations over the secp256k1 curve as well as data structures and
12 // functions for working with public and secret secp256k1 keys. See
13 // https://www.secg.org/sec2-v2.pdf for details on the standard.
14 //
15 // In addition, sub packages are provided to produce, verify, parse, and serialize
16 // ECDSA signatures and EC-Schnorr-DCRv0 (a custom Schnorr-based signature scheme
17 // specific to Decred) signatures. See the README.md files in the relevant sub
18 // packages for more details about those aspects.
19 //
20 // An overview of the features provided by this package are as follows:
21 //
22 // - Secret key generation, serialization, and parsing
23 // - Public key generation, serialization and parsing per ANSI X9.62-1998
24 // - Parses uncompressed, compressed, and hybrid public keys
25 // - Serializes uncompressed and compressed public keys
26 // - Specialized types for performing optimized and constant time field operations
27 // - FieldVal type for working modulo the secp256k1 field prime
28 // - ModNScalar type for working modulo the secp256k1 group order
29 // - Elliptic curve operations in Jacobian projective coordinates
30 // - Point addition
31 // - Point doubling
32 // - Scalar multiplication with an arbitrary point
33 // - Scalar multiplication with the base point (group generator)
34 // - Point decompression from a given x coordinate
35 // - Nonce generation via RFC6979 with support for extra data and version
36 // information that can be used to prevent nonce reuse between signing
37 // algorithms
38 //
39 // It also provides an implementation of the Go standard library crypto/elliptic
40 // Curve interface via the S256 function so that it may be used with other packages
41 // in the standard library such as crypto/tls, crypto/x509, and crypto/ecdsa.
42 // However, in the case of ECDSA, it is highly recommended to use the ecdsa sub
43 // package of this package instead since it is optimized specifically for secp256k1
44 // and is significantly faster as a result.
45 //
46 // Although this package was primarily written for dcrd, it has intentionally been
47 // designed so it can be used as a standalone package for any projects needing to
48 // use optimized secp256k1 elliptic curve cryptography.
49 //
50 // Finally, a comprehensive suite of tests is provided to provide a high level of
51 // quality assurance.
52 //
53 // # Use of secp256k1 in Decred
54 //
55 // At the time of this writing, the primary public key cryptography in widespread
56 // use on the Decred network used to secure coins is based on elliptic curves
57 // defined by the secp256k1 domain parameters.
58 package secp256k1
59