Skip to main content

EcdsaSignatureV2

Deprecated

EcdsaSignature is now deprecated and will be removed in a future release. Please use EcdsaSignatureV2 instead.

Extends

Constructors

new EcdsaSignatureV2()

new EcdsaSignatureV2(signature: {
"r": number | bigint | Field3 | AlmostForeignField;
"s": number | bigint | Field3 | AlmostForeignField;
}): EcdsaSignatureV2

Parameters

signature

signature.r: number | bigint | Field3 | AlmostForeignField

signature.s: number | bigint | Field3 | AlmostForeignField

Returns

EcdsaSignatureV2

Overrides

EcdsaSignature.constructor

Source

lib/provable/crypto/foreign-ecdsa.ts:220

Properties

r

r: AlmostForeignField;

Inherited from

EcdsaSignature.r

Source

lib/provable/crypto/foreign-ecdsa.ts:36


s

s: AlmostForeignField;

Inherited from

EcdsaSignature.s

Source

lib/provable/crypto/foreign-ecdsa.ts:37


_Curve?

static optional _Curve: typeof ForeignCurve;

Inherited from

EcdsaSignature._Curve

Source

lib/provable/crypto/foreign-ecdsa.ts:196


_provable?

static optional _provable: ProvablePureExtended<EcdsaSignature, {
"r": bigint;
"s": bigint;
}, {
"r": string;
"s": string;
}>;

Inherited from

EcdsaSignature._provable

Source

lib/provable/crypto/foreign-ecdsa.ts:197

Accessors

Constructor

get Constructor(): typeof EcdsaSignature

Returns

typeof EcdsaSignature

Source

lib/provable/crypto/foreign-ecdsa.ts:193


Curve

get static Curve(): typeof ForeignCurve

The ForeignCurve on which the ECDSA signature is defined.

Returns

typeof ForeignCurve

Source

lib/provable/crypto/foreign-ecdsa.ts:206


provable

get static provable(): ProvablePureExtended<EcdsaSignature, {
"r": bigint;
"s": bigint;
}, {
"r": string;
"s": string;
}>

Provable<EcdsaSignature>

Returns

ProvablePureExtended\<EcdsaSignature, { "r": bigint; "s": bigint; }, { "r": string; "s": string; }>

Source

lib/provable/crypto/foreign-ecdsa.ts:213

Methods

toBigInt()

toBigInt(): {
"r": bigint;
"s": bigint;
}

Convert this signature to an object with bigint fields.

Returns

{
"r": bigint;
"s": bigint;
}
r
r: bigint;
s
s: bigint;

Inherited from

EcdsaSignature.toBigInt

Source

lib/provable/crypto/foreign-ecdsa.ts:71


verify()

verify(message: Bytes, publicKey: FlexiblePoint): Bool

Parameters

message: Bytes

publicKey: FlexiblePoint

Returns

Bool

Inherited from

EcdsaSignature.verify

Deprecated

There is a security vulnerability in this method. Use verifyV2 instead.

Source

lib/provable/crypto/foreign-ecdsa.ts:78


verifySignedHash()

verifySignedHash(msgHash: bigint | AlmostForeignField, publicKey: FlexiblePoint): Bool

Parameters

msgHash: bigint | AlmostForeignField

publicKey: FlexiblePoint

Returns

Bool

Inherited from

EcdsaSignature.verifySignedHash

Deprecated

There is a security vulnerability in this method. Use verifySignedHashV2 instead.

Source

lib/provable/crypto/foreign-ecdsa.ts:127


verifySignedHashV2()

verifySignedHashV2(msgHash: bigint | AlmostForeignField, publicKey: FlexiblePoint): Bool

Verify the ECDSA signature given the message hash (a Scalar) and public key (a Curve point).

This is a building block of EcdsaSignature.verify, where the input message is also hashed. In contrast, this method just takes the message hash (a curve scalar) as input, giving you flexibility in choosing the hashing algorithm.

Parameters

msgHash: bigint | AlmostForeignField

publicKey: FlexiblePoint

Returns

Bool

Inherited from

EcdsaSignature.verifySignedHashV2

Source

lib/provable/crypto/foreign-ecdsa.ts:148


verifyV2()

verifyV2(message: Bytes, publicKey: FlexiblePoint): Bool

Verify the ECDSA signature given the message (an array of bytes) and public key (a Curve point).

Important: This method returns a Bool which indicates whether the signature is valid. So, to actually prove validity of a signature, you need to assert that the result is true.

Parameters

message: Bytes

publicKey: FlexiblePoint

Returns

Bool

Inherited from

EcdsaSignature.verifyV2

Throws

if one of the signature scalars is zero or if the public key is not on the curve.

Example

// create classes for your curve
class Secp256k1 extends createForeignCurve(Crypto.CurveParams.Secp256k1) {}
class Scalar extends Secp256k1.Scalar {}
class Ecdsa extends createEcdsa(Secp256k1) {}

let message = 'my message';
let messageBytes = new TextEncoder().encode(message);

// outside provable code: create inputs
let privateKey = Scalar.random();
let publicKey = Secp256k1.generator.scale(privateKey);
let signature = Ecdsa.sign(messageBytes, privateKey.toBigInt());

// ...
// in provable code: create input witnesses (or use method inputs, or constants)
let pk = Provable.witness(Secp256k1.provable, () => publicKey);
let msg = Provable.witness(Provable.Array(Field, 9), () => messageBytes.map(Field));
let sig = Provable.witness(Ecdsa.provable, () => signature);

// verify signature
let isValid = sig.verify(msg, pk);
isValid.assertTrue('signature verifies');

Source

lib/provable/crypto/foreign-ecdsa.ts:118


check()

static check(signature: EcdsaSignatureV2): void

Parameters

signature: EcdsaSignatureV2

Returns

void

Overrides

EcdsaSignature.check

Source

lib/provable/crypto/foreign-ecdsa.ts:227


from()

static from(signature: FlexibleSignature): EcdsaSignature

Coerce the input to a EcdsaSignature.

Parameters

signature: FlexibleSignature

Returns

EcdsaSignature

Inherited from

EcdsaSignature.from

Source

lib/provable/crypto/foreign-ecdsa.ts:54


fromHex()

static fromHex(rawSignature: string): EcdsaSignature

Create an EcdsaSignature from a raw 130-char hex string as used in Ethereum transactions.

Parameters

rawSignature: string

Returns

EcdsaSignature

Inherited from

EcdsaSignature.fromHex

Source

lib/provable/crypto/foreign-ecdsa.ts:63


sign()

static sign(message: Uint8Array | (number | bigint)[], privateKey: bigint): EcdsaSignature

Create an EcdsaSignature by signing a message with a private key.

Note: This method is not provable, and only takes JS bigints as input.

Parameters

message: Uint8Array | (number | bigint)[]

privateKey: bigint

Returns

EcdsaSignature

Inherited from

EcdsaSignature.sign

Source

lib/provable/crypto/foreign-ecdsa.ts:167


signHash()

static signHash(msgHash: bigint, privateKey: bigint): EcdsaSignature

Create an EcdsaSignature by signing a message hash with a private key.

This is a building block of EcdsaSignature.sign, where the input message is also hashed. In contrast, this method just takes the message hash (a curve scalar) as input, giving you flexibility in choosing the hashing algorithm.

Note: This method is not provable, and only takes JS bigints as input.

Parameters

msgHash: bigint

privateKey: bigint

Returns

EcdsaSignature

Inherited from

EcdsaSignature.signHash

Source

lib/provable/crypto/foreign-ecdsa.ts:182