Struct bitcoin::key::Secp256k1

pub struct Secp256k1<C>where
    C: Context,{ /* private fields */ }
Expand description

The secp256k1 engine, used to execute all signature operations.



impl<C> Secp256k1<C>where C: Context,

pub fn gen_new() -> Secp256k1<C>

Lets you create a context in a generic manner (sign/verify/all).

If rand-std feature is enabled, context will have been randomized using thread_rng. If rand-std feature is not enabled please consider randomizing the context as follows:

let mut ctx = Secp256k1::new();
// let seed = <32 bytes of random data>

impl Secp256k1<All>

pub fn new() -> Secp256k1<All>

Creates a new Secp256k1 context with all capabilities.

If rand-std feature is enabled, context will have been randomized using thread_rng. If rand-std feature is not enabled please consider randomizing the context (see docs for Secp256k1::gen_new()).


impl Secp256k1<SignOnly>

pub fn signing_only() -> Secp256k1<SignOnly>

Creates a new Secp256k1 context that can only be used for signing.

If rand-std feature is enabled, context will have been randomized using thread_rng. If rand-std feature is not enabled please consider randomizing the context (see docs for Secp256k1::gen_new()).


impl Secp256k1<VerifyOnly>

pub fn verification_only() -> Secp256k1<VerifyOnly>

Creates a new Secp256k1 context that can only be used for verification.

  • If rand-std feature is enabled, context will have been randomized using thread_rng.
  • If rand-std feature is not enabled please consider randomizing the context (see docs for Secp256k1::gen_new()).

impl<'buf, C> Secp256k1<C>where C: Context + PreallocatedContext<'buf>,

pub fn preallocated_gen_new( buf: &'buf mut [AlignedType] ) -> Result<Secp256k1<C>, Error>

Lets you create a context with a preallocated buffer in a generic manner (sign/verify/all).


impl<'buf> Secp256k1<AllPreallocated<'buf>>

pub fn preallocated_new( buf: &'buf mut [AlignedType] ) -> Result<Secp256k1<AllPreallocated<'buf>>, Error>

Creates a new Secp256k1 context with all capabilities.

pub fn preallocate_size() -> usize

Uses the ffi secp256k1_context_preallocated_size to check the memory size needed for a context.

pub unsafe fn from_raw_all( raw_ctx: NonNull<Context> ) -> ManuallyDrop<Secp256k1<AllPreallocated<'buf>>>

Creates a context from a raw context.

The returned core::mem::ManuallyDrop context will never deallocate the memory pointed to by raw_ctx nor destroy the context. This may lead to memory leaks. ManuallyDrop::drop (or core::ptr::drop_in_place) will only destroy the context; the caller is required to free the memory.


This is highly unsafe due to a number of conditions that aren’t checked, specifically:

  • raw_ctx must be a valid pointer (live, aligned…) to memory that was initialized by secp256k1_context_preallocated_create (either called directly or from this library by one of the context creation methods - all of which call it internally).
  • The version of libsecp256k1 used to create raw_ctx must be exactly the one linked into this library.
  • The lifetime of the raw_ctx pointer must outlive 'buf.
  • raw_ctx must point to writable memory (cannot be ffi::secp256k1_context_no_precomp).

impl<'buf> Secp256k1<SignOnlyPreallocated<'buf>>

pub fn preallocated_signing_only( buf: &'buf mut [AlignedType] ) -> Result<Secp256k1<SignOnlyPreallocated<'buf>>, Error>

Creates a new Secp256k1 context that can only be used for signing.

pub fn preallocate_signing_size() -> usize

Uses the ffi secp256k1_context_preallocated_size to check the memory size needed for the context.

pub unsafe fn from_raw_signing_only( raw_ctx: NonNull<Context> ) -> ManuallyDrop<Secp256k1<SignOnlyPreallocated<'buf>>>

Creates a context from a raw context that can only be used for signing.


Please see Secp256k1::from_raw_all for full documentation and safety requirements.


impl<'buf> Secp256k1<VerifyOnlyPreallocated<'buf>>

pub fn preallocated_verification_only( buf: &'buf mut [AlignedType] ) -> Result<Secp256k1<VerifyOnlyPreallocated<'buf>>, Error>

Creates a new Secp256k1 context that can only be used for verification

pub fn preallocate_verification_size() -> usize

Uses the ffi secp256k1_context_preallocated_size to check the memory size needed for the context.

pub unsafe fn from_raw_verification_only( raw_ctx: NonNull<Context> ) -> ManuallyDrop<Secp256k1<VerifyOnlyPreallocated<'buf>>>

Creates a context from a raw context that can only be used for verification.


Please see Secp256k1::from_raw_all for full documentation and safety requirements.


impl<C> Secp256k1<C>where C: Signing,

pub fn sign_ecdsa_recoverable( &self, msg: &Message, sk: &SecretKey ) -> RecoverableSignature

Constructs a signature for msg using the secret key sk and RFC6979 nonce Requires a signing-capable context.

pub fn sign_ecdsa_recoverable_with_noncedata( &self, msg: &Message, sk: &SecretKey, noncedata: &[u8; 32] ) -> RecoverableSignature

Constructs a signature for msg using the secret key sk and RFC6979 nonce and includes 32 bytes of noncedata in the nonce generation via inclusion in one of the hash operations during nonce generation. This is useful when multiple signatures are needed for the same Message and SecretKey while still using RFC6979. Requires a signing-capable context.


impl<C> Secp256k1<C>where C: Verification,

pub fn recover_ecdsa( &self, msg: &Message, sig: &RecoverableSignature ) -> Result<PublicKey, Error>

Determines the public key for which sig is a valid signature for msg. Requires a verify-capable context.


impl<C> Secp256k1<C>where C: Signing,

pub fn sign_ecdsa(&self, msg: &Message, sk: &SecretKey) -> Signature

Constructs a signature for msg using the secret key sk and RFC6979 nonce Requires a signing-capable context.

pub fn sign_ecdsa_with_noncedata( &self, msg: &Message, sk: &SecretKey, noncedata: &[u8; 32] ) -> Signature

Constructs a signature for msg using the secret key sk and RFC6979 nonce and includes 32 bytes of noncedata in the nonce generation via inclusion in one of the hash operations during nonce generation. This is useful when multiple signatures are needed for the same Message and SecretKey while still using RFC6979. Requires a signing-capable context.

pub fn sign_ecdsa_grind_r( &self, msg: &Message, sk: &SecretKey, bytes_to_grind: usize ) -> Signature

Constructs a signature for msg using the secret key sk, RFC6979 nonce and “grinds” the nonce by passing extra entropy if necessary to produce a signature that is less than 71 - bytes_to_grind bytes. The number of signing operation performed by this function is exponential in the number of bytes grinded. Requires a signing capable context.

pub fn sign_ecdsa_low_r(&self, msg: &Message, sk: &SecretKey) -> Signature

Constructs a signature for msg using the secret key sk, RFC6979 nonce and “grinds” the nonce by passing extra entropy if necessary to produce a signature that is less than 71 bytes and compatible with the low r signature implementation of bitcoin core. In average, this function will perform two signing operations. Requires a signing capable context.


impl<C> Secp256k1<C>where C: Verification,

pub fn verify_ecdsa( &self, msg: &Message, sig: &Signature, pk: &PublicKey ) -> Result<(), Error>

Checks that sig is a valid ECDSA signature for msg using the public key pubkey. Returns Ok(()) on success. Note that this function cannot be used for Bitcoin consensus checking since there may exist signatures which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a verify-capable context.

let message = Message::from_slice(&[0xab; 32]).expect("32 bytes");
let sig = secp.sign_ecdsa(&message, &secret_key);
assert_eq!(secp.verify_ecdsa(&message, &sig, &public_key), Ok(()));

let message = Message::from_slice(&[0xcd; 32]).expect("32 bytes");
assert_eq!(secp.verify_ecdsa(&message, &sig, &public_key), Err(Error::IncorrectSignature));

impl<C> Secp256k1<C>where C: Signing,

pub fn sign_schnorr(&self, msg: &Message, keypair: &KeyPair) -> Signature

Creates a schnorr signature internally using the rand::rngs::ThreadRng random number generator to generate the auxiliary random data.

pub fn sign_schnorr_no_aux_rand( &self, msg: &Message, keypair: &KeyPair ) -> Signature

Creates a schnorr signature without using any auxiliary random data.

pub fn sign_schnorr_with_aux_rand( &self, msg: &Message, keypair: &KeyPair, aux_rand: &[u8; 32] ) -> Signature

Creates a schnorr signature using the given auxiliary random data.

pub fn sign_schnorr_with_rng<R>( &self, msg: &Message, keypair: &KeyPair, rng: &mut R ) -> Signaturewhere R: Rng + CryptoRng,

Creates a schnorr signature using the given random number generator to generate the auxiliary random data.


impl<C> Secp256k1<C>where C: Verification,

pub fn verify_schnorr( &self, sig: &Signature, msg: &Message, pubkey: &XOnlyPublicKey ) -> Result<(), Error>

Verifies a schnorr signature.


impl<C> Secp256k1<C>where C: Context,

pub fn ctx(&self) -> NonNull<Context>

Getter for the raw pointer to the underlying secp256k1 context. This shouldn’t be needed with normal usage of the library. It enables extending the Secp256k1 with more cryptographic algorithms outside of this crate.

pub fn preallocate_size_gen() -> usize

Returns the required memory for a preallocated context buffer in a generic manner(sign/verify/all).

pub fn randomize<R>(&mut self, rng: &mut R)where R: Rng + ?Sized,

(Re)randomizes the Secp256k1 context for extra sidechannel resistance.

Requires compilation with “rand” feature. See comment by Gregory Maxwell in libsecp256k1.

pub fn seeded_randomize(&mut self, seed: &[u8; 32])

(Re)randomizes the Secp256k1 context for extra sidechannel resistance given 32 bytes of cryptographically-secure random data; see comment in libsecp256k1 commit d2275795f by Gregory Maxwell.


impl<C> Secp256k1<C>where C: Signing,

pub fn generate_keypair<R>(&self, rng: &mut R) -> (SecretKey, PublicKey)where R: Rng + ?Sized,

Generates a random keypair. Convenience function for SecretKey::new and PublicKey::from_secret_key.

impl<C> Clone for Secp256k1<C>where C: Context,


fn clone(&self) -> Secp256k1<C>

Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl<C> Debug for Secp256k1<C>where C: Context,


fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more

impl Default for Secp256k1<All>


fn default() -> Secp256k1<All>

Returns the “default value” for a type. Read more

impl<C> Drop for Secp256k1<C>where C: Context,


fn drop(&mut self)

Executes the destructor for this type. Read more

impl<C> PartialEq<Secp256k1<C>> for Secp256k1<C>where C: Context,


fn eq(&self, _other: &Secp256k1<C>) -> bool

This method tests for self and other values to be equal, and is used by ==.
fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<C> Eq for Secp256k1<C>where C: Context,


impl<C> Send for Secp256k1<C>where C: Context,


impl<C> Sync for Secp256k1<C>where C: Context,

impl<C> RefUnwindSafe for Secp256k1<C>where C: RefUnwindSafe,


impl<C> Unpin for Secp256k1<C>where C: Unpin,


impl<C> UnwindSafe for Secp256k1<C>where C: UnwindSafe,

impl<T> Any for Twhere T: 'static + ?Sized,


fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for Twhere T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for Twhere T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> Conv for T


fn conv<T>(self) -> Twhere Self: Into<T>,

Converts self into T using Into<T>. Read more

impl<T> DynClone for Twhere T: Clone,


fn __clone_box(&self, _: Private) -> *mut ()


impl<Q, K> Equivalent<K> for Qwhere Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,


fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.

impl<T> FmtForward for T


fn fmt_binary(self) -> FmtBinary<Self>where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.

fn fmt_display(self) -> FmtDisplay<Self>where Self: Display,

Causes self to use its Display implementation when Debug-formatted.

fn fmt_lower_exp(self) -> FmtLowerExp<Self>where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.

fn fmt_lower_hex(self) -> FmtLowerHex<Self>where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.

fn fmt_octal(self) -> FmtOctal<Self>where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.

fn fmt_pointer(self) -> FmtPointer<Self>where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.

fn fmt_upper_exp(self) -> FmtUpperExp<Self>where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.

fn fmt_upper_hex(self) -> FmtUpperHex<Self>where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.

fn fmt_list(self) -> FmtList<Self>where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.


impl<T> Instrument for T


fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for Twhere U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.


impl<T, Outer> IsWrappedBy<Outer> for Twhere Outer: AsRef<T> + AsMut<T> + From<T>, T: From<Outer>,


fn from_ref(outer: &Outer) -> &T

Get a reference to the inner from the outer.


fn from_mut(outer: &mut Outer) -> &mut T

Get a mutable reference to the inner from the outer.


impl<T> Pipe for Twhere T: ?Sized,


fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> Rwhere Self: Sized,

Pipes by value. This is generally the method you want to use. Read more

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> Rwhere R: 'a,

Borrows self and passes that borrow into the pipe function. Read more

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> Rwhere R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> Rwhere Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R ) -> Rwhere Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> Rwhere Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> Rwhere Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> Rwhere Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.

fn pipe_deref_mut<'a, T, R>(&'a mut self, func: impl FnOnce(&'a mut T) -> R) -> Rwhere Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.

impl<T> Same<T> for T


type Output = T

Should always be Self

impl<T> Tap for T


fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Selfwhere Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Selfwhere Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Selfwhere Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Selfwhere Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Selfwhere Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Selfwhere Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Selfwhere Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Selfwhere Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Selfwhere Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Selfwhere Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Selfwhere Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Selfwhere Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.

impl<T> ToOwned for Twhere T: Clone,


type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T> TryConv for T


fn try_conv<T>(self) -> Result<T, Self::Error>where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more

impl<T, U> TryFrom<U> for Twhere U: Into<T>,


type Error = Infallible

The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,


type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<S, T> UncheckedInto<T> for Swhere T: UncheckedFrom<S>,


fn unchecked_into(self) -> T

The counterpart to unchecked_from.

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,


fn vzip(self) -> V


impl<T> WithSubscriber for T


fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<T> JsonSchemaMaybe for T


impl<T> MaybeDebug for Twhere T: Debug,


impl<T> MaybeRefUnwindSafe for Twhere T: RefUnwindSafe,