Struct sp_consensus_vrf::schnorrkel::PublicKey
source · [−]pub struct PublicKey(_);
Expand description
A Ristretto Schnorr public key.
Internally, these are represented as a RistrettoPoint
, meaning
an Edwards point with a static guarantee to be 2-torsion free.
At present, we decompress PublicKey
s into this representation
during deserialization, which improves error handling, but costs
a compression during signing and verifiaction.
Implementations
sourceimpl PublicKey
impl PublicKey
sourcepub fn as_compressed(&self) -> &CompressedRistretto
pub fn as_compressed(&self) -> &CompressedRistretto
Access the compressed Ristretto form
sourcepub fn into_compressed(self) -> CompressedRistretto
pub fn into_compressed(self) -> CompressedRistretto
Extract the compressed Ristretto form
sourcepub fn as_point(&self) -> &RistrettoPoint
pub fn as_point(&self) -> &RistrettoPoint
Access the point form
sourcepub fn into_point(self) -> RistrettoPoint
pub fn into_point(self) -> RistrettoPoint
Extract the point form
sourcepub fn from_compressed(
compressed: CompressedRistretto
) -> Result<PublicKey, SignatureError>
pub fn from_compressed(
compressed: CompressedRistretto
) -> Result<PublicKey, SignatureError>
Decompress into the PublicKey
format that also retains the
compressed form.
sourcepub fn from_point(point: RistrettoPoint) -> PublicKey
pub fn from_point(point: RistrettoPoint) -> PublicKey
Compress into the PublicKey
format that also retains the
uncompressed form.
sourcepub fn to_bytes(&self) -> [u8; 32]
pub fn to_bytes(&self) -> [u8; 32]
Convert this public key to a byte array.
Example
use schnorrkel::{SecretKey, PublicKey, PUBLIC_KEY_LENGTH, SignatureError};
let public_key: PublicKey = SecretKey::generate().to_public();
let public_key_bytes = public_key.to_bytes();
let public_key_again: PublicKey = PublicKey::from_bytes(&public_key_bytes[..]).unwrap();
assert_eq!(public_key_bytes, public_key_again.to_bytes());
sourcepub fn from_bytes(bytes: &[u8]) -> Result<PublicKey, SignatureError>
pub fn from_bytes(bytes: &[u8]) -> Result<PublicKey, SignatureError>
Construct a PublicKey
from a slice of bytes.
Example
use schnorrkel::{PublicKey, PUBLIC_KEY_LENGTH, SignatureError};
let public_key_bytes: [u8; PUBLIC_KEY_LENGTH] = [
208, 120, 140, 129, 177, 179, 237, 159,
252, 160, 028, 013, 206, 005, 211, 241,
192, 218, 001, 097, 130, 241, 020, 169,
119, 046, 246, 029, 079, 080, 077, 084];
let public_key = PublicKey::from_bytes(&public_key_bytes).unwrap();
assert_eq!(public_key.to_bytes(), public_key_bytes);
Returns
A Result
whose okay value is an EdDSA PublicKey
or whose error value
is an SignatureError
describing the error that occurred.
sourceimpl PublicKey
impl PublicKey
sourcepub fn verify<T>(
&self,
t: T,
signature: &Signature
) -> Result<(), SignatureError> where
T: SigningTranscript,
pub fn verify<T>(
&self,
t: T,
signature: &Signature
) -> Result<(), SignatureError> where
T: SigningTranscript,
Verify a signature by this public key on a transcript.
Requires a SigningTranscript
, normally created from a
SigningContext
and a message, as well as the signature
to be verified.
sourcepub fn verify_simple(
&self,
ctx: &[u8],
msg: &[u8],
signature: &Signature
) -> Result<(), SignatureError>
pub fn verify_simple(
&self,
ctx: &[u8],
msg: &[u8],
signature: &Signature
) -> Result<(), SignatureError>
Verify a signature by this public key on a message.
sourcepub fn verify_simple_preaudit_deprecated(
&self,
ctx: &'static [u8],
msg: &[u8],
sig: &[u8]
) -> Result<(), SignatureError>
pub fn verify_simple_preaudit_deprecated(
&self,
ctx: &'static [u8],
msg: &[u8],
sig: &[u8]
) -> Result<(), SignatureError>
A temporary verification routine for use in transitioning substrate testnets only.
sourceimpl PublicKey
impl PublicKey
sourcepub fn vrf_hash<T>(&self, t: T) -> RistrettoBoth where
T: VRFSigningTranscript,
pub fn vrf_hash<T>(&self, t: T) -> RistrettoBoth where
T: VRFSigningTranscript,
Create a non-malleable VRF input point by hashing a transcript to a point.
sourcepub fn vrf_attach_hash<T>(
&self,
output: VRFOutput,
t: T
) -> Result<VRFInOut, SignatureError> where
T: VRFSigningTranscript,
pub fn vrf_attach_hash<T>(
&self,
output: VRFOutput,
t: T
) -> Result<VRFInOut, SignatureError> where
T: VRFSigningTranscript,
Pair a non-malleable VRF output with the hash of the given transcript.
sourceimpl PublicKey
impl PublicKey
sourcepub fn vrfs_merge<B>(&self, ps: &[B], vartime: bool) -> VRFInOut where
B: Borrow<VRFInOut>,
pub fn vrfs_merge<B>(&self, ps: &[B], vartime: bool) -> VRFInOut where
B: Borrow<VRFInOut>,
Merge VRF input and output pairs from the same signer, using variable time arithmetic
You should use vartime=true
when verifying VRF proofs batched
by the singer. You could usually use vartime=true
even when
producing proofs, provided the set being signed is not secret.
There is sadly no constant time 128 bit multiplication in dalek,
making vartime=false
somewhat slower than necessary. It should
only impact signers in niche scenarios however, so the slower
variant should normally be unnecessary.
Panics if given an empty points list.
TODO: Add constant time 128 bit batched multiplication to dalek.
TODO: Is rand_chacha’s gen::<u128>()
standardizable enough to
prefer it over merlin for the output?
sourceimpl PublicKey
impl PublicKey
sourcepub fn dleq_verify<T>(
&self,
t: T,
p: &VRFInOut,
proof: &VRFProof,
kusama: bool
) -> Result<VRFProofBatchable, SignatureError> where
T: SigningTranscript,
pub fn dleq_verify<T>(
&self,
t: T,
p: &VRFInOut,
proof: &VRFProof,
kusama: bool
) -> Result<VRFProofBatchable, SignatureError> where
T: SigningTranscript,
Verify DLEQ proof that p.output = s * p.input
where self
s
times the basepoint.
We return an enlarged VRFProofBatchable
instead of just true,
so that verifiers can forward batchable proofs.
In principle, one might provide “blindly verifiable” VRFs that
avoid requiring self
here, but naively such constructions
risk the same flaws as DLEQ based blind signatures, and this
version exploits the slightly faster basepoint arithmetic.
sourcepub fn vrf_verify<T>(
&self,
t: T,
out: &VRFOutput,
proof: &VRFProof
) -> Result<(VRFInOut, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
pub fn vrf_verify<T>(
&self,
t: T,
out: &VRFOutput,
proof: &VRFProof
) -> Result<(VRFInOut, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
Verify VRF proof for one single input transcript and corresponding output.
sourcepub fn vrf_verify_extra<T, E>(
&self,
t: T,
out: &VRFOutput,
proof: &VRFProof,
extra: E
) -> Result<(VRFInOut, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
E: SigningTranscript,
pub fn vrf_verify_extra<T, E>(
&self,
t: T,
out: &VRFOutput,
proof: &VRFProof,
extra: E
) -> Result<(VRFInOut, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
E: SigningTranscript,
Verify VRF proof for one single input transcript and corresponding output.
sourcepub fn vrfs_verify<T, I, O>(
&self,
transcripts: I,
outs: &[O],
proof: &VRFProof
) -> Result<(Box<[VRFInOut], Global>, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
I: IntoIterator<Item = T>,
O: Borrow<VRFOutput>,
pub fn vrfs_verify<T, I, O>(
&self,
transcripts: I,
outs: &[O],
proof: &VRFProof
) -> Result<(Box<[VRFInOut], Global>, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
I: IntoIterator<Item = T>,
O: Borrow<VRFOutput>,
Verify a common VRF short proof for several input transcripts and corresponding outputs.
sourcepub fn vrfs_verify_extra<T, E, I, O>(
&self,
transcripts: I,
outs: &[O],
proof: &VRFProof,
extra: E
) -> Result<(Box<[VRFInOut], Global>, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
E: SigningTranscript,
I: IntoIterator<Item = T>,
O: Borrow<VRFOutput>,
pub fn vrfs_verify_extra<T, E, I, O>(
&self,
transcripts: I,
outs: &[O],
proof: &VRFProof,
extra: E
) -> Result<(Box<[VRFInOut], Global>, VRFProofBatchable), SignatureError> where
T: VRFSigningTranscript,
E: SigningTranscript,
I: IntoIterator<Item = T>,
O: Borrow<VRFOutput>,
Verify a common VRF short proof for several input transcripts and corresponding outputs.
sourceimpl PublicKey
impl PublicKey
sourcepub fn accept_ecqv_cert<T>(
&self,
t: T,
seed_secret_key: &SecretKey,
cert_secret: ECQVCertSecret
) -> Result<(ECQVCertPublic, SecretKey), SignatureError> where
T: SigningTranscript,
pub fn accept_ecqv_cert<T>(
&self,
t: T,
seed_secret_key: &SecretKey,
cert_secret: ECQVCertSecret
) -> Result<(ECQVCertPublic, SecretKey), SignatureError> where
T: SigningTranscript,
Accept an ECQV implicit certificate
We request an ECQV implicit certificate by first creating an
ephemeral Keypair
and sending the public portion to the issuer
as seed_public_key
. An issuer issues the certificat by replying
with the ECQVCertSecret
created by issue_ecqv_cert
.
Aside from the issuer PublicKey
supplied as self
, you provide
(1) a SigningTranscript
called t
that incorporates both the context
and the certificate requester’s identity,
(2) the seed_secret_key
corresponding to the seed_public_key
they sent to the issuer by the certificate recipient in their
certificate request, and
(3) the ECQVCertSecret
send by the issuer to the certificate
requester.
We return both your certificate’s new SecretKey
as well as
an ECQVCertPublic
from which third parties may derive
corresponding public key from h
and the issuer’s public key.
sourceimpl PublicKey
impl PublicKey
sourcepub fn open_ecqv_cert<T>(
&self,
t: T,
cert_public: &ECQVCertPublic
) -> Result<PublicKey, SignatureError> where
T: SigningTranscript,
pub fn open_ecqv_cert<T>(
&self,
t: T,
cert_public: &ECQVCertPublic
) -> Result<PublicKey, SignatureError> where
T: SigningTranscript,
Trait Implementations
sourceimpl Derivation for PublicKey
impl Derivation for PublicKey
sourcepub fn derived_key<T>(&self, t: T, cc: ChainCode) -> (PublicKey, ChainCode) where
T: SigningTranscript,
pub fn derived_key<T>(&self, t: T, cc: ChainCode) -> (PublicKey, ChainCode) where
T: SigningTranscript,
Derive key with subkey identified by a byte array
presented via a SigningTranscript
, and a chain code. Read more
sourceimpl<'d> Deserialize<'d> for PublicKey
impl<'d> Deserialize<'d> for PublicKey
sourcepub fn deserialize<D>(
deserializer: D
) -> Result<PublicKey, <D as Deserializer<'d>>::Error> where
D: Deserializer<'d>,
pub fn deserialize<D>(
deserializer: D
) -> Result<PublicKey, <D as Deserializer<'d>>::Error> where
D: Deserializer<'d>,
Deserialize this value from the given Serde deserializer. Read more
sourceimpl Ord for PublicKey
impl Ord for PublicKey
sourceimpl PartialOrd<PublicKey> for PublicKey
impl PartialOrd<PublicKey> for PublicKey
sourcepub fn partial_cmp(&self, other: &PublicKey) -> Option<Ordering>
pub fn partial_cmp(&self, other: &PublicKey) -> Option<Ordering>
This method returns an ordering between self
and other
values if one exists. Read more
1.0.0 · sourcefn lt(&self, other: &Rhs) -> bool
fn lt(&self, other: &Rhs) -> bool
This method tests less than (for self
and other
) and is used by the <
operator. Read more
1.0.0 · sourcefn le(&self, other: &Rhs) -> bool
fn le(&self, other: &Rhs) -> bool
This method tests less than or equal to (for self
and other
) and is used by the <=
operator. Read more
sourceimpl Serialize for PublicKey
impl Serialize for PublicKey
sourcepub fn serialize<S>(
&self,
serializer: S
) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error> where
S: Serializer,
pub fn serialize<S>(
&self,
serializer: S
) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error> where
S: Serializer,
Serialize this value into the given Serde serializer. Read more
impl Copy for PublicKey
impl Eq for PublicKey
impl StructuralEq for PublicKey
impl StructuralPartialEq for PublicKey
Auto Trait Implementations
impl RefUnwindSafe for PublicKey
impl Send for PublicKey
impl Sync for PublicKey
impl Unpin for PublicKey
impl UnwindSafe for PublicKey
Blanket Implementations
sourceimpl<T, U> AsByteSlice<T> for U where
T: ToByteSlice,
U: AsRef<[T]> + ?Sized,
impl<T, U> AsByteSlice<T> for U where
T: ToByteSlice,
U: AsRef<[T]> + ?Sized,
sourceimpl<U> AsSliceOf for U where
U: AsRef<[u8]> + ?Sized,
impl<U> AsSliceOf for U where
U: AsRef<[u8]> + ?Sized,
pub fn as_slice_of<T>(&self) -> Result<&[T], Error> where
T: FromByteSlice,
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcepub fn borrow_mut(&mut self) -> &mut T
pub fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> CallHasher for T where
T: Hash,
impl<T> CallHasher for T where
T: Hash,
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Instruments this type with the provided Span
, returning an
Instrumented
wrapper. Read more
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T, Outer> IsWrappedBy<Outer> for T where
Outer: AsRef<T> + AsMut<T> + From<T>,
T: From<Outer>,
impl<T, Outer> IsWrappedBy<Outer> for T where
Outer: AsRef<T> + AsMut<T> + From<T>,
T: From<Outer>,
sourceimpl<T> ToHex for T where
T: AsRef<[u8]>,
impl<T> ToHex for T where
T: AsRef<[u8]>,
sourcepub fn encode_hex<U>(&self) -> U where
U: FromIterator<char>,
pub fn encode_hex<U>(&self) -> U where
U: FromIterator<char>,
Encode the hex strict representing self
into the result. Lower case
letters are used (e.g. f9b4ca
) Read more
sourcepub fn encode_hex_upper<U>(&self) -> U where
U: FromIterator<char>,
pub fn encode_hex_upper<U>(&self) -> U where
U: FromIterator<char>,
Encode the hex strict representing self
into the result. Upper case
letters are used (e.g. F9B4CA
) Read more
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcepub fn to_owned(&self) -> T
pub fn to_owned(&self) -> T
Creates owned data from borrowed data, usually by cloning. Read more
sourcepub fn clone_into(&self, target: &mut T)
pub fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more
sourceimpl<S, T> UncheckedInto<T> for S where
T: UncheckedFrom<S>,
impl<S, T> UncheckedInto<T> for S where
T: UncheckedFrom<S>,
sourcepub fn unchecked_into(self) -> T
pub fn unchecked_into(self) -> T
The counterpart to unchecked_from
.