bitcoin-s/website/versioned_docs/version-1.9.10/crypto/adaptor-signatures.md at 4f441f052bb58a43ce3b27bc924d23370df630e3

mirror of https://github.com/bitcoin-s/bitcoin-s.git synced 2025-03-01 09:40:06 +01:00

* Update versions to 1.9.10

* fix version

2025-01-25 09:13:11 -06:00

1.8 KiB

Raw Blame History

id	title	original_id
version-1.9.10-adaptor-signatures	Adaptor Signatures	adaptor-signatures

Bitcoin-S now has support for ECDSA Adaptor Signatures.

There are four relevant functions to adaptor signatures:

sign (aka encrypt)
- This function belongs to ECPrivateKey and creates an adaptor signature given a message (ByteVector) and an adaptor point (ECPublicKey).
verify
- Verifies an adaptor signature given the signing public key, the message and the adaptor point.
complete (aka decrypt)
- This function belongs to ECPrivateKey and computes a valid ECDSA signature given a valid adaptor signature whose adaptor point is this private key's public key.
extract (aka recover)
- This function belongs to ECPublicKey and computes the adaptor secret (private key to this public key) given a valid adaptor signature for this adaptor point, and the valid ECDSA signature computed using complete.

The following code shows each function to do with adaptor signature usage:

// Alice generates an adaptor signature using her private key and the adaptor point
val adaptorSig = privKey.adaptorSign(adaptorPoint, msg)

// Bob verifies this adaptor signature using Alice's public key and the adaptor point
require(pubKey.adaptorVerify(msg, adaptorPoint, adaptorSig))

// Bob computes a valid ECDSA signature using the adaptorSignature, which he knows
val sig = adaptorSecret.completeAdaptorSignature(adaptorSig)

// Anyone can validate this signature
require(pubKey.verify(msg, sig))

// Alice can compute the adaptor secret from the signatures
val secret = adaptorPoint.extractAdaptorSecret(adaptorSig, sig)
require(secret == adaptorSecret)

1.8 KiB Raw Blame History

1.8 KiB

Raw Blame History