PlatformSpecific

scalus.builtin.PlatformSpecific

This is the platform specific part of the builtins. This is mostly cryptographic primitives that have different implementations on different platforms.

Attributes

Graph
Supertypes
class Object
trait Matchable
class Any
Known subtypes

Members list

Value members

Abstract methods

Adds two G1 group elements

Adds two G1 group elements

Value parameters

p1

G1 element

p2

G1 element

Attributes

Returns

p1 + p2

Compress a G1 element to a bytestring. This serialises a curve point to its x coordinate only. The compressed bytestring is 48 bytes long, with three spare bits used to convey extra information about the point, including determining which of two possible y coordinates the point has and whether the point is the point at infinity.

Compress a G1 element to a bytestring. This serialises a curve point to its x coordinate only. The compressed bytestring is 48 bytes long, with three spare bits used to convey extra information about the point, including determining which of two possible y coordinates the point has and whether the point is the point at infinity.

Value parameters

p

G1 element to compress

Attributes

Returns

Compressed bytestring

See also

Negates a G1 group element

Negates a G1 group element

Value parameters

p

G1 element

Attributes

Returns

-p

Multiplication of group elements by scalars. In the blst library the arguments are the other way round, but scalars acting on the left is more consistent with standard mathematical practice.

Multiplication of group elements by scalars. In the blst library the arguments are the other way round, but scalars acting on the left is more consistent with standard mathematical practice.

Value parameters

p

group element

s

scalar

Attributes

Returns

s * p

Uncompress a bytestring to get a G1 point. This will fail if any of the following are true.

Uncompress a bytestring to get a G1 point. This will fail if any of the following are true.

  • The bytestring is not exactly 48 bytes long.
  • The most significant three bits are used incorrectly.
  • The bytestring encodes a field element which is not the x coordinate of a point on the E1 curve.
  • The bytestring does represent a point on the E1 curve, but the point is not in the G1 subgroup.

Attributes

Verify an ECDSA signature made using the SECP256k1 curve.

Verify an ECDSA signature made using the SECP256k1 curve.

Value parameters

msg

Message (32 bytes)

pk

Public key (33 bytes)

sig

Signature (64 bytes)

Attributes

Note

There are additional well-formation requirements for the arguments beyond their length:

  • The first byte of the public key must correspond to the sign of the y coordinate: this is 0x02 if y is even, and 0x03 otherwise.
  • The remaining bytes of the public key must correspond to the x coordinate, as a big-endian integer.
  • The first 32 bytes of the signature must correspond to the big-endian integer representation of r.
  • The last 32 bytes of the signature must correspond to the big-endian integer representation of s. While this primitive accepts a hash, any caller should only pass it hashes that they computed themselves: specifically, they should receive the message from a sender and hash it, rather than receiving the hash from said sender. Failure to do so can be dangerous. Other than length, we make no requirements of what hash gets used.
def verifyEd25519Signature(pk: ByteString, msg: ByteString, sig: ByteString): Boolean

Verify a Schnorr signature made using the SECP256k1 curve.

Verify a Schnorr signature made using the SECP256k1 curve.

Value parameters

msg

Message (arbitrary length)

pk

Public key (32 bytes)

sig

Signature (64 bytes)

Attributes

See also
Note

There are additional well-formation requirements for the arguments beyond their length. Throughout, we refer to co-ordinates of the point R.

  • The bytes of the public key must correspond to the x coordinate, as a big-endian integer, as specified in BIP-340.
  • The first 32 bytes of the signature must correspond to the x coordinate, as a big-endian integer, as specified in BIP-340.
  • The last 32 bytes of the signature must correspond to the bytes of s, as a big-endian integer, as specified in BIP-340.