Home

Awesome

secp256k1-py Build Status Coverage Status

Python FFI bindings for libsecp256k1 (an experimental and optimized C library for EC operations on curve secp256k1).

Installation

pip install secp256k1

Precompiled binary packages (wheels)

Precompiled binary wheels is available for Python 2.7, 3.3, 3.4, and 3.5 on Linux. To take advantage of those you need to use pip >= 8.1.0.

In case you don't want to use the binary packages you can prevent pip from using them with the following command:

pip install --no-binary secp256k1

Installation with compilation

If you either can't or don't want to use the binary package options described above read on to learn what is needed to install the source pacakge.

There are two modes of installation depending on whether you already have libsecp256k1 installed on your system:

Using a system installed libsecp256k1

If the library is already installed it should usually be automatically detected and used. However if libsecp256k1 is installed in a non standard location you can use the environment variables INCLUDE_DIR and LIB_DIR to point the way:

INCLUDE_DIR=/opt/somewhere/include LIB_DIR=/opt/somewhere/lib pip install --no-binary secp256k1
Using the bundled libsecp256k1

If on the other hand you don't have libsecp256k1 installed on your system, a bundled version will be built and used. In this case only the recovery module will be enabled since it's the only one not currently considered as "experimental" by the library authors. This can be overridden by setting the SECP_BUNDLED_EXPERIMENTAL environment variable:

SECP_BUNDLED_EXPERIMENTAL=1 pip install --no-binary secp256k1

For the bundled version to compile successfully you need to have a C compiler as well as the development headers for libffi and libgmp installed.

On Debian / Ubuntu for example the necessary packages are:

On OS X the necessary homebrew packages are:

Command line usage

Generate a private key and show the corresponding public key
$ python -m secp256k1 privkey -p

a1455c78a922c52f391c5784f8ca1457367fa57f9d7a74fdab7d2c90ca05c02e
Public key: 02477ce3b986ab14d123d6c4167b085f4d08c1569963a0201b2ffc7d9d6086d2f3
Sign a message
$ python -m secp256k1 sign \
	-k a1455c78a922c52f391c5784f8ca1457367fa57f9d7a74fdab7d2c90ca05c02e \
	-m hello

3045022100a71d86190354d64e5b3eb2bd656313422cdf7def69bf3669cdbfd09a9162c96e0220713b81f3440bff0b639d2f29b2c48494b812fa89b754b7b6cdc9eaa8027cf369
Check signature
$ python -m secp256k1 checksig \
	-p 02477ce3b986ab14d123d6c4167b085f4d08c1569963a0201b2ffc7d9d6086d2f3 \
	-m hello \
	-s 3045022100a71d86190354d64e5b3eb2bd656313422cdf7def69bf3669cdbfd09a9162c96e0220713b81f3440bff0b639d2f29b2c48494b812fa89b754b7b6cdc9eaa8027cf369

True
Generate a signature that allows recovering the public key
$ python -m secp256k1 signrec \
	-k a1455c78a922c52f391c5784f8ca1457367fa57f9d7a74fdab7d2c90ca05c02e \
	-m hello

515fe95d0780b11633f3352deb064f1517d58f295a99131e9389da8bfacd64422513d0cd4e18a58d9f4873b592afe54cf63e8f294351d1e612c8a297b5255079 1
Recover public key
$ python -m secp256k1 recpub \
	-s 515fe95d0780b11633f3352deb064f1517d58f295a99131e9389da8bfacd64422513d0cd4e18a58d9f4873b592afe54cf63e8f294351d1e612c8a297b5255079 \
	-i 1 \
	-m hello

Public key: 02477ce3b986ab14d123d6c4167b085f4d08c1569963a0201b2ffc7d9d6086d2f3

It is easier to get started with command line, but it is more common to use this as a library. For that, check the next sections.

API

class secp256k1.PrivateKey(privkey, raw, flags)

The PrivateKey class loads or creates a private key by obtaining 32 bytes from urandom and operates over it.

Instantiation parameters
Methods and instance attributes

NOTE: ecdsa_sign_recoverable can only be used if the secp256k1 C library is compiled with support for it. If there is no support, an Exception will be raised when calling it.

class secp256k1.PublicKey(pubkey, raw, flags)

The PublicKey class loads an existing public key and operates over it.

Instantiation parameters
Methods and instance attributes

NOTE: ecdh can only be used if the secp256k1 C library is compiled with support for it. If there is no support, an Exception will be raised when calling it.

class secp256k1.ECDSA

The ECDSA class is intended to be used as a mix in. Its methods can be accessed from any secp256k1.PrivateKey or secp256k1.PublicKey instances.

Methods

NOTE: ecdsa_recover* can only be used if the secp256k1 C library is compiled with support for it. If there is no support, an Exception will be raised when calling any of them.

class secp256k1.Schnorr

The Schnorr class is intended to be used as a mix in. Its methods can be accessed from any secp256k1.PrivateKey or secp256k1.PublicKey instances.

Methods

NOTE: schnorr_* can only be used if the secp256k1 C library is compiled with support for it. If there is no support, an Exception will be raised when calling any of them.

Constants

secp256k1.FLAG_SIGN
secp256k1.FLAG_VERIFY
secp256k1.ALL_FLAGS

ALL_FLAGS combines FLAG_SIGN and FLAG_VERIFY using bitwise OR.

These flags are used during context creation (undocumented here) and affect which parts of the context are initialized in the C library. In these bindings, some calls are disabled depending on the active flags but this should not be noticeable unless you are manually specifying flags.

Example

from secp256k1 import PrivateKey, PublicKey

privkey = PrivateKey()
privkey_der = privkey.serialize()
assert privkey.deserialize(privkey_der) == privkey.private_key

sig = privkey.ecdsa_sign(b'hello')
verified = privkey.pubkey.ecdsa_verify(b'hello', sig)
assert verified

sig_der = privkey.ecdsa_serialize(sig)
sig2 = privkey.ecdsa_deserialize(sig_der)
vrf2 = privkey.pubkey.ecdsa_verify(b'hello', sig2)
assert vrf2

pubkey = privkey.pubkey
pub = pubkey.serialize()

pubkey2 = PublicKey(pub, raw=True)
assert pubkey2.serialize() == pub
assert pubkey2.ecdsa_verify(b'hello', sig)
from secp256k1 import PrivateKey

key = '31a84594060e103f5a63eb742bd46cf5f5900d8406e2726dedfc61c7cf43ebad'
msg = '9e5755ec2f328cc8635a55415d0e9a09c2b6f2c9b0343c945fbbfe08247a4cbe'
sig = '30440220132382ca59240c2e14ee7ff61d90fc63276325f4cbe8169fc53ade4a407c2fc802204d86fbe3bde6975dd5a91fdc95ad6544dcdf0dab206f02224ce7e2b151bd82ab'

privkey = PrivateKey(bytes(bytearray.fromhex(key)), raw=True)
sig_check = privkey.ecdsa_sign(bytes(bytearray.fromhex(msg)), raw=True)
sig_ser = privkey.ecdsa_serialize(sig_check)

assert sig_ser == bytes(bytearray.fromhex(sig))
from secp256k1 import PrivateKey

key = '7ccca75d019dbae79ac4266501578684ee64eeb3c9212105f7a3bdc0ddb0f27e'
pub_compressed = '03e9a06e539d6bf5cf1ca5c41b59121fa3df07a338322405a312c67b6349a707e9'
pub_uncompressed = '04e9a06e539d6bf5cf1ca5c41b59121fa3df07a338322405a312c67b6349a707e94c181c5fe89306493dd5677143a329065606740ee58b873e01642228a09ecf9d'

privkey = PrivateKey(bytes(bytearray.fromhex(key)))
pubkey_ser = privkey.pubkey.serialize()
pubkey_ser_uncompressed = privkey.pubkey.serialize(compressed=False)

assert pubkey_ser == bytes(bytearray.fromhex(pub_compressed))
assert pubkey_ser_uncompressed == bytes(bytearray.fromhex(pub_uncompressed))

Technical details about the bundled libsecp256k1

The bundling of libsecp256k1 is handled by the various setup.py build phases: