bdk_chain::bitcoin::secp256k1

Struct SecretKey

pub struct SecretKey(/* private fields */);
Expand description

Secret key - a 256-bit key used to create ECDSA and Taproot signatures.

This value should be generated using a cryptographically secure pseudorandom number generator.

§Side channel attacks

We have attempted to reduce the side channel attack surface by implementing a constant time eq method. For similar reasons we explicitly do not implement PartialOrd, Ord, or Hash on SecretKey. If you really want to order secrets keys then you can use AsRef to get at the underlying bytes and compare them - however this is almost certainly a bad idea.

§Serde support

Implements de/serialization with the serde feature enabled. We treat the byte value as a tuple of 32 u8s for non-human-readable formats. This representation is optimal for for some formats (e.g. bincode) however other formats may be less optimal (e.g. cbor).

§Examples

Basic usage:

use secp256k1::{rand, Secp256k1, SecretKey};

let secp = Secp256k1::new();
let secret_key = SecretKey::new(&mut rand::thread_rng());

Implementations§

§

impl SecretKey

pub fn display_secret(&self) -> DisplaySecret

Formats the explicit byte value of the secret key kept inside the type as a little-endian hexadecimal string using the provided formatter.

This is the only method that outputs the actual secret key value, and, thus, should be used with extreme caution.

§Examples
use secp256k1::SecretKey;
let key = SecretKey::from_str("0000000000000000000000000000000000000000000000000000000000000001").unwrap();

// Normal debug hides value (`Display` is not implemented for `SecretKey`).
// E.g., `format!("{:?}", key)` prints "SecretKey(#2518682f7819fb2d)".

// Here we explicitly display the secret value:
assert_eq!(
    "0000000000000000000000000000000000000000000000000000000000000001",
    format!("{}", key.display_secret())
);
// Also, we can explicitly display with `Debug`:
assert_eq!(
    format!("{:?}", key.display_secret()),
    format!("DisplaySecret(\"{}\")", key.display_secret())
);
§

impl SecretKey

pub fn non_secure_erase(&mut self)

Attempts to erase the contents of the underlying array.

Note, however, that the compiler is allowed to freely copy or move the contents of this array to other places in memory. Preventing this behavior is very subtle. For more discussion on this, please see the documentation of the zeroize crate.

§

impl SecretKey

pub fn new<R>(rng: &mut R) -> SecretKey
where R: Rng + ?Sized,

Generates a new random secret key.

§Examples
use secp256k1::{rand, SecretKey};
let secret_key = SecretKey::new(&mut rand::thread_rng());

pub fn from_slice(data: &[u8]) -> Result<SecretKey, Error>

Converts a SECRET_KEY_SIZE-byte slice to a secret key.

§Examples
use secp256k1::SecretKey;
let sk = SecretKey::from_slice(&[0xcd; 32]).expect("32 bytes, within curve order");

pub fn from_keypair(keypair: &Keypair) -> SecretKey

Creates a new secret key using data from BIP-340 Keypair.

§Examples
use secp256k1::{rand, Secp256k1, SecretKey, Keypair};

let secp = Secp256k1::new();
let keypair = Keypair::new(&secp, &mut rand::thread_rng());
let secret_key = SecretKey::from_keypair(&keypair);

pub fn secret_bytes(&self) -> [u8; 32]

Returns the secret key as a byte value.

pub fn negate(self) -> SecretKey

Negates the secret key.

pub fn add_tweak(self, tweak: &Scalar) -> Result<SecretKey, Error>

Tweaks a SecretKey by adding tweak modulo the curve order.

§Errors

Returns an error if the resulting key would be invalid.

pub fn mul_tweak(self, tweak: &Scalar) -> Result<SecretKey, Error>

Tweaks a SecretKey by multiplying by tweak modulo the curve order.

§Errors

Returns an error if the resulting key would be invalid.

pub fn keypair<C>(&self, secp: &Secp256k1<C>) -> Keypair
where C: Signing,

Returns the Keypair for this SecretKey.

This is equivalent to using Keypair::from_secret_key.

pub fn public_key<C>(&self, secp: &Secp256k1<C>) -> PublicKey
where C: Signing,

Returns the PublicKey for this SecretKey.

This is equivalent to using PublicKey::from_secret_key.

pub fn x_only_public_key<C>( &self, secp: &Secp256k1<C>, ) -> (XOnlyPublicKey, Parity)
where C: Signing,

Returns the XOnlyPublicKey (and it’s Parity) for this SecretKey.

This is equivalent to XOnlyPublicKey::from_keypair(self.keypair(secp)).

Trait Implementations§

§

impl AsRef<[u8; 32]> for SecretKey

§

fn as_ref(&self) -> &[u8; 32]

Gets a reference to the underlying array.

§Side channel attacks

Using ordering functions (PartialOrd/Ord) on a reference to secret keys leaks data because the implementations are not constant time. Doing so will make your code vulnerable to side channel attacks. SecretKey::eq is implemented using a constant time algorithm, please consider using it to do comparisons of secret keys.

§

impl CPtr for SecretKey

§

type Target = u8

§

fn as_c_ptr(&self) -> *const <SecretKey as CPtr>::Target

§

fn as_mut_c_ptr(&mut self) -> *mut <SecretKey as CPtr>::Target

§

impl Clone for SecretKey

§

fn clone(&self) -> SecretKey

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
§

impl Debug for SecretKey

§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
§

impl<'de> Deserialize<'de> for SecretKey

§

fn deserialize<D>(d: D) -> Result<SecretKey, <D as Deserializer<'de>>::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
§

impl<'a> From<&'a Keypair> for SecretKey

§

fn from(pair: &'a Keypair) -> SecretKey

Converts to this type from the input type.
§

impl From<Keypair> for SecretKey

§

fn from(pair: Keypair) -> SecretKey

Converts to this type from the input type.
§

impl From<SecretKey> for Scalar

§

fn from(value: SecretKey) -> Scalar

Converts to this type from the input type.
§

impl<T> From<T> for SecretKey

§

fn from(t: T) -> SecretKey

Converts a 32-byte hash directly to a secret key without error paths.

§

impl FromStr for SecretKey

§

type Err = Error

The associated error which can be returned from parsing.
§

fn from_str(s: &str) -> Result<SecretKey, Error>

Parses a string s to return a value of this type. Read more
§

impl<I> Index<I> for SecretKey
where [u8]: Index<I>,

§

type Output = <[u8] as Index<I>>::Output

The returned type after indexing.
§

fn index(&self, index: I) -> &<SecretKey as Index<I>>::Output

Performs the indexing (container[index]) operation. Read more
§

impl PartialEq for SecretKey

§

fn eq(&self, other: &SecretKey) -> bool

This implementation is designed to be constant time to help prevent side channel attacks.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
§

impl Serialize for SecretKey

§

fn serialize<S>( &self, s: S, ) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more
§

impl Copy for SecretKey

§

impl Eq for SecretKey

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,