This library provides well-tested Python CFFI bindings for libsecp256k1, the heavily optimized C library used by Bitcoin Core for operations on elliptic curve secp256k1.
- Fastest available implementation (more than 10x faster than OpenSSL)
- Clean, easy to use API
- Frequent updates from libsecp256k1 master
- Linux, macOS, and Windows all have binary packages for both 64 and 32-bit architectures
- Linux & macOS use GMP for faster computation
- Deterministic signatures via RFC 6979
- Non-malleable signatures (lower-S form) by default
- Secure, non-malleable ECDH implementation
- Implements a fix for https://bugs.python.org/issue28150 to support Python 3.6+ on macOS
- ethereum/pyethereum
- ethereum/py-evm
- ethereum/pydevp2p
- ethereum/eth-keys
- raiden-network/raiden
- raiden-network/microraiden
- raiden-network/raiden-contracts
- golemfactory/golem
- golemfactory/golem-messages
- PeerAssets/pypeerassets
- bit
- btcrecover
- crankycoin
Coincurve is distributed on PyPI and is available on Linux/macOS and Windows and supports Python 2.7/3.5+ and PyPy3.5-v5.8.1+.
$ pip install coincurveIf you are on a system that doesn't have a precompiled binary wheel (e.g. FreeBSD) then pip will fetch source to build yourself. You must have the necessary packages.
On Debian/Ubuntu for example the necessary packages are:
- build-essential
- automake
- pkg-config
- libtool
- libffi-dev
- libgmp-dev
Coincurve provides a simple API.
verify_signature(signature, message, public_key, hasher=sha256, context=GLOBAL_CONTEXT)
Verifies some message was signed by the owner of a public key.
Parameters:
- signature (
bytes) - The signature to verify. - message (
bytes) - The message that was supposedly signed. - public_key (
bytes) - A public key in compressed or uncompressed form. - hasher - The hash function to use, can be
None. hasher(message) must return 32 bytes. - context (
coincurve.Context)
- signature (
- Returns:
bool
All instances have a public_key of type coincurve.PublicKey
PrivateKey(secret=None, context=GLOBAL_CONTEXT)
Parameters:
- secret (
bytes) - The secret to use. - context (
coincurve.Context)
- secret (
Methods:
classmethod from_hex(hexed, context=GLOBAL_CONTEXT)
classmethod from_int(num, context=GLOBAL_CONTEXT)
classmethod from_pem(pem, context=GLOBAL_CONTEXT)
classmethod from_der(der, context=GLOBAL_CONTEXT)
sign(message, hasher=sha256, custom_nonce=None)
Parameters:
- message (
bytes) - The message to sign. - hasher - The hash function to use, can be
None. hasher(message) must return 32 bytes. - custom_nonce - A tuple of arity 2 in the form of
(nonce_fn, nonce_data). Refer to: secp256k1.h
- message (
- Returns:
bytes. 68 <= len(signature) <= 71
sign_recoverable(message, hasher=sha256)
Parameters:
- message (
bytes) - The message to sign. - hasher - The hash function to use, can be
None. hasher(message) must return 32 bytes.
- message (
- Returns:
bytes
ecdh(public_key)
Computes a Diffie-Hellman secret in constant time. Note: This prevents malleability by returning sha256(x) instead of the x coordinate directly. See ofek#9.
Parameters:
- public_key (
bytes) - Another party's public key in compressed or uncompressed form.
- public_key (
- Returns:
bytes
add(scalar, update=False)
Parameters:
- scalar (
bytes) - The scalar to add. - update (
bool) - IfTrue, will update and returnself.
- scalar (
- Returns:
coincurve.PrivateKey
multiply(scalar, update=False)
Parameters:
- scalar (
bytes) - The scalar to multiply. - update (
bool) - IfTrue, will update and returnself.
- scalar (
- Returns:
coincurve.PrivateKey
to_hex()
to_int()
to_pem()
to_der()
PublicKey(data, context=GLOBAL_CONTEXT)
Parameters:
- data (
bytes) - The public key in compressed or uncompressed form. - context (
coincurve.Context)
- data (
Methods:
classmethod from_secret(secret, context=GLOBAL_CONTEXT)
classmethod from_valid_secret(secret, context=GLOBAL_CONTEXT)
classmethod from_point(x, y, context=GLOBAL_CONTEXT)
classmethod from_signature_and_message(serialized_sig, message, hasher=sha256, context=GLOBAL_CONTEXT)
classmethod combine_keys(public_keys, context=GLOBAL_CONTEXT)
Parameters:
- public_keys (
list) - Alistofcoincurve.PublicKeyto add. - context (
coincurve.Context)
- public_keys (
- Returns:
coincurve.PublicKey
format(compressed=True)
Parameters:
- compressed (
bool)
- compressed (
- Returns: The public key serialized to
bytes.
point()
- Returns: (x, y)
verify(signature, message, hasher=sha256)
Verifies some message was signed by the owner of this public key.
Parameters:
- signature (
bytes) - The signature to verify. - message (
bytes) - The message that was supposedly signed. - hasher - The hash function to use, can be
None. hasher(message) must return 32 bytes.
- signature (
- Returns:
bool
add(scalar, update=False)
Parameters:
- scalar (
bytes) - The scalar to add. - update (
bool) - IfTrue, will update and returnself.
- scalar (
- Returns:
coincurve.PublicKey
multiply(scalar, update=False)
Parameters:
- scalar (
bytes) - The scalar to multiply. - update (
bool) - IfTrue, will update and returnself.
- scalar (
- Returns:
coincurve.PublicKey
combine(public_keys, update=False)
Parameters:
- public_keys (
list) - Alistofcoincurve.PublicKeyto add. - update (
bool) - IfTrue, will update and returnself.
- public_keys (
- Returns:
coincurve.PublicKey
Coincurve is distributed under the terms of both
at your option.
- Contributors of libsecp256k1.
- Contributors of secp256k1-py. While Coincurve is nearly a complete rewrite, much of the build system provided by ulope remains.
Important changes are emphasized.
- Fixed wheels for macOS
- Breaking: Drop support for 32-bit macOS
- No longer package tests
- New: Binary wheels for Python 3.7!
- Changed: Binary wheels on macOS for Python 3.5 now use Homebrew Python for compilation due to new security requirements
- Make build system support new GitHub & PyPI security requirements
- Improvements from libsecp256k1 master
- Pin version of libsecp256k1
- Improve docs
View all history