secp256k1

Pure Haskell Schnorr, ECDSA on the elliptic curve secp256k1 (docs.ppad.tech/secp256k1).
git clone git://git.ppad.tech/secp256k1.git
Log | Files | Refs | README | LICENSE

commit c7feb7f5551d91b7f0962d1aaa9a8065d3be478f
parent 27b9296909069cec961a8619c5f97721c9580ec6
Author: Jared Tobin <jared@jtobin.io>
Date:   Fri, 14 Mar 2025 14:03:10 +0400

lib: hash raw x-coor only in ecdh

Diffstat:
Mlib/Crypto/Curve/Secp256k1.hs | 15+++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/lib/Crypto/Curve/Secp256k1.hs b/lib/Crypto/Curve/Secp256k1.hs @@ -1246,17 +1246,20 @@ _verify_ecdsa_unrestricted _mul (SHA256.hash -> h) p (ECDSA r s) -- | Compute a shared secret, given a secret key and public secp256k1 point, -- via Elliptic Curve Diffie-Hellman (ECDH). -- --- The shared secret is the SHA256 hash of the compressed secp256k1 +-- The shared secret is the SHA256 hash of the x-coordinate of the -- point obtained by scalar multiplication. +-- +-- ecdh - :: Integer -- ^ secret key - -> Projective -- ^ public key + :: Projective -- ^ public key + -> Integer -- ^ secret key -> BS.ByteString -- ^ shared secret -ecdh _SECRET pub - | not (ge _SECRET) = error "ppad-secp256k1 (ecdh): invalid secret key" +ecdh pub _SECRET + | not (ge _SECRET) = error "ppad-secp256k1 (ecdh): invalid secret key" | otherwise = let pt = mul pub _SECRET in if pt == _CURVE_ZERO then error "ppad-secp256k1 (ecdh): invalid public key" - else SHA256.hash (serialize_point pt) + else let Affine x _ = affine pt + in SHA256.hash (unroll32 x)