Version: dev

ECDSA Signature Verification

Noir supports ECDSA signatures verification over the secp256k1 and secp256r1 curves.

ecdsa_secp256k1::verify_signature

Verifier for ECDSA Secp256k1 signatures. See ecdsa_secp256k1::verify_signature_slice for a version that accepts slices directly.

ecdsa_secp256k1
/// Verifies a ECDSA signature over the secp256k1 curve.
/// - inputs:
///     - x coordinate of public key as 32 bytes
///     - y coordinate of public key as 32 bytes
///     - the signature, as a 64 bytes array
///       The signature internally will be represented as `(r, s)`,
///       where `r` and `s` are fixed-sized big endian scalar values.
///       As the `secp256k1` has a 256-bit modulus, we have a 64 byte signature
///       while `r` and `s` will both be 32 bytes.
///       We expect `s` to be normalized. This means given the curve's order,
///       `s` should be less than or equal to `order / 2`.
///       This is done to prevent malleability.
///       For more context regarding malleability you can reference BIP 0062.
///     - the hash of the message, as a vector of bytes
/// - output: false for failure and true for success
pub fn verify_signature<let N: u32>(
    public_key_x: [u8; 32],
    public_key_y: [u8; 32],
    signature: [u8; 64],
    message_hash: [u8; N],
) -> bool

^{_{Source code: noir_stdlib/src/ecdsa_secp256k1.nr#L2-L24}}

example:

fn main(hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) {
     let valid_signature = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message);
     assert(valid_signature);
}

This is a black box function. Read this section to learn more about black box functions in Noir.

ecdsa_secp256k1::verify_signature_slice

Verifier for ECDSA Secp256k1 signatures where the message is a slice.

ecdsa_secp256k1_slice
pub fn verify_signature_slice(
    public_key_x: [u8; 32],
    public_key_y: [u8; 32],
    signature: [u8; 64],
    message_hash: [u8],
) -> bool

^{_{Source code: noir_stdlib/src/ecdsa_secp256k1.nr#L28-L35}}

This is a black box function. Read this section to learn more about black box functions in Noir.

ecdsa_secp256r1::verify_signature

Verifier for ECDSA Secp256r1 signatures. See ecdsa_secp256r1::verify_signature_slice for a version that accepts slices directly.

ecdsa_secp256r1
pub fn verify_signature<let N: u32>(
    public_key_x: [u8; 32],
    public_key_y: [u8; 32],
    signature: [u8; 64],
    message_hash: [u8; N],
) -> bool

^{_{Source code: noir_stdlib/src/ecdsa_secp256r1.nr#L2-L9}}

example:

fn main(hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) {
     let valid_signature = std::ecdsa_secp256r1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message);
     assert(valid_signature);
}

This is a black box function. Read this section to learn more about black box functions in Noir.

ecdsa_secp256r1::verify_signature

Verifier for ECDSA Secp256r1 signatures where the message is a slice.

ecdsa_secp256r1_slice
pub fn verify_signature_slice(
    public_key_x: [u8; 32],
    public_key_y: [u8; 32],
    signature: [u8; 64],
    message_hash: [u8],
) -> bool

^{_{Source code: noir_stdlib/src/ecdsa_secp256r1.nr#L13-L20}}

This is a black box function. Read this section to learn more about black box functions in Noir.

ecdsa_secp256k1::verify_signature​

ecdsa_secp256k1::verify_signature_slice​

ecdsa_secp256r1::verify_signature​

ecdsa_secp256r1::verify_signature​

ecdsa_secp256k1::verify_signature

ecdsa_secp256k1::verify_signature_slice

ecdsa_secp256r1::verify_signature

ecdsa_secp256r1::verify_signature