Module k256::ecdsa::recoverable

source ·
Expand description

Ethereum-style “recoverable signatures”.

These signatures include an additional Id field which allows for recovery of the VerifyingKey which can be used to verify them.

This is helpful in cases where a hash/fingerprint of a VerifyingKey for a given signature in known in advance.

Signing/Recovery Example

NOTE: make sure to enable both the ecdsa and keccak256 features of this crate for the example to work.

use k256::{
    ecdsa::{SigningKey, recoverable, signature::Signer},
    EncodedPoint
};
use rand_core::OsRng; // requires 'getrandom' feature

// Signing
let signing_key = SigningKey::random(&mut OsRng); // Serialize with `::to_bytes()`
let verify_key = signing_key.verifying_key();
let message = b"ECDSA proves knowledge of a secret number in the context of a single message";

// Note: the signature type must be annotated or otherwise inferrable as
// `Signer` has many impls of the `Signer` trait (for both regular and
// recoverable signature types).
let signature: recoverable::Signature = signing_key.sign(message);
let recovered_key = signature.recover_verify_key(message).expect("couldn't recover pubkey");

assert_eq!(&verify_key, &recovered_key);

Structs

Id
Identifier used to compute a VerifyingKey from a Signature.
Signature
Ethereum-style “recoverable signatures” which allow for the recovery of the signer’s VerifyingKey from the signature itself.

Constants

SIZE
Size of an Ethereum-style recoverable signature in bytes