You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

70 lines
2.6 KiB

3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
  1. # go-blindsecp256k1 [![GoDoc](https://godoc.org/github.com/arnaucube/go-blindsecp256k1?status.svg)](https://godoc.org/github.com/arnaucube/go-blindsecp256k1) [![Go Report Card](https://goreportcard.com/badge/github.com/arnaucube/go-blindsecp256k1)](https://goreportcard.com/report/github.com/arnaucube/go-blindsecp256k1) [![Test](https://github.com/arnaucube/go-blindsecp256k1/workflows/Test/badge.svg)](https://github.com/arnaucube/go-blindsecp256k1/actions?query=workflow%3ATest)
  2. Blind signature over [secp256k1](https://en.bitcoin.it/wiki/Secp256k1), based on *"[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.st/10.1109/iccke.2013.6682844)"* paper by Hamid Mala & Nafiseh Nezhadansari.
  3. **WARNING**: this repo is experimental, do not use in production.
  4. The implementation of this repo is compatible with https://github.com/arnaucube/blindsecp256k1-js
  5. ## Usage
  6. ```go
  7. import (
  8. [...]
  9. "github.com/arnaucube/go-blindsecp256k1"
  10. )
  11. [...]
  12. // errors are not handled for simplicity of the example
  13. // signer: create new signer key pair
  14. sk, _ := blindsecp256k1.NewPrivateKey()
  15. signerPubK := sk.Public()
  16. // signer: when user requests new R parameter to blind a new msg,
  17. // create new signerR (public) with its secret k
  18. k, signerR, _ := blindsecp256k1.NewRequestParameters()
  19. // user: blinds the msg using signer's R
  20. msg := new(big.Int).SetBytes([]byte("test"))
  21. msgBlinded, userSecretData, _ := blindsecp256k1.Blind(msg, signerR)
  22. // signer: signs the blinded message using its private key & secret k
  23. sBlind, _ := sk.BlindSign(msgBlinded, k)
  24. // user: unblinds the blinded signature
  25. sig := blindsecp256k1.Unblind(sBlind, userSecretData)
  26. // signature can be verified with signer PublicKey
  27. verified := blindsecp256k1.Verify(msg, sig, signerPubK)
  28. assert.True(t, verified)
  29. ```
  30. Compression & decompression (allows to compress a point & public key (64 bytes) into 33 bytes, and a signature (96 bytes) into 65 bytes):
  31. ```go
  32. p := blindsecp256k1.G // take the generator point as an example
  33. // also, instead from G, we can start from a PublicKey, which can be converted
  34. // into a Point with
  35. p = pk.Point()
  36. // compress point
  37. b := p.Compress()
  38. fmt.Println(hex.EncodeToString(b[:]))
  39. // decompress point (recovering the original point)
  40. p2, _ := blindsecp256k1.DecompressPoint(b)
  41. assert.Equal(t, p, p2)
  42. // compress signature
  43. b = sig.Compress()
  44. fmt.Println(hex.EncodeToString(b[:])) // 65 bytes
  45. // decompress signature
  46. sig2, _ := DecompressSignature(b)
  47. assert.Equal(t, sig, sig2)
  48. ```
  49. ## WASM usage
  50. WASM wrappers for browser usage can be found at the [wasm](https://github.com/arnaucube/go-blindsecp256k1/tree/master/wasm/) directory with an example in html&js.