EthereumUtils

Git Source

State Variables

K256_P

uint256 internal constant K256_P = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f;

K256_P_PLUS_1_OVER_4

uint256 internal constant K256_P_PLUS_1_OVER_4 = 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffff0c;

PRECOMPILE_BIGMODEXP

address internal constant PRECOMPILE_BIGMODEXP = address(0x5);

Functions

expmod

function expmod(uint256 base, uint256 exponent, uint256 modulus) internal view returns (uint256 out);

k256DeriveY

Recover Y coordinate from X coordinate and sign bit.

function k256DeriveY(uint8 prefix, uint256 x) internal view returns (uint256 y);

Parameters

NameTypeDescription
prefixuint80x02 or 0x03 indicates sign bit of compressed point.
xuint256X coordinate.

k256Decompress

Decompress SEC P256 k1 point.

function k256Decompress(bytes memory pk) internal view returns (uint256 x, uint256 y);

Parameters

NameTypeDescription
pkbytes33 byte compressed public key.

Returns

NameTypeDescription
xuint256X coordinate.
yuint256Y coordinate.

k256PubkeyToEthereumAddress

function k256PubkeyToEthereumAddress(bytes memory pubkey) internal view returns (address);

toEthereumAddress

Convert SEC P256 k1 curve point to Ethereum address.

Note: see: https://gavwood.com/paper.pdf (pp. 212)

function toEthereumAddress(uint256 x, uint256 y) internal pure returns (address);

Parameters

NameTypeDescription
xuint256X coordinate.
yuint256Y coordinate.

splitDERSignature

Extracts the r and s parameters from a DER encoded ECDSA signature. The signature is an ASN1 encoded SEQUENCE of the variable length r and s INTEGERs.

| 0x30 | len(z) | 0x02 | len(r) |  r   | 0x02 | len(s) |  s   | = hex value
|  1   |   1    |   1  |   1    | 1-33 |  1   |   1    | 1-33 | = byte length

If the highest bit of either r or s is set, it will be prefix padded with a zero byte. There is exponentially decreasing probability that either r or s will be below 32 bytes. There is a very high probability that either r or s will be 33 bytes. This function only works if either r or s are 256bits or lower.

Note: see: https://bitcoin.stackexchange.com/questions/58853/how-do-you-figure-out-the-r-and-s-out-of-a-signature-using-python

function splitDERSignature(bytes memory der) internal pure returns (SignatureRSV memory rsv);

Parameters

NameTypeDescription
derbytesDER encoded ECDSA signature

Returns

NameTypeDescription
rsvSignatureRSVECDSA R point X coordinate, and S scalar

recoverV

function recoverV(address pubkeyAddr, bytes32 digest, SignatureRSV memory rsv) internal pure;

toEthereumSignature

Convert a Secp256k1PrehashedKeccak256 signature to one accepted by ecrecover.

Note: see: https://gavwood.com/paper.pdf (pp. 206)

function toEthereumSignature(bytes memory pubkey, bytes32 digest, bytes memory signature)
    internal
    view
    returns (address pubkeyAddr, SignatureRSV memory rsv);

Parameters

NameTypeDescription
pubkeybytes33 byte compressed public key.
digestbytes3232 byte pre-hashed message digest.
signaturebytesASN.1 DER encoded signature, as returned from Sapphire.sign.

Returns

NameTypeDescription
pubkeyAddraddress20 byte Ethereum address.
rsvSignatureRSVEthereum EcDSA RSV signature values.

sign

function sign(address pubkeyAddr, bytes32 secretKey, bytes32 digest) internal view returns (SignatureRSV memory rsv);

generateKeypair

Generate an Ethereum compatible SEC P256 k1 keypair and corresponding public address.

function generateKeypair() internal view returns (address pubkeyAddr, bytes32 secretKey);

Returns

NameTypeDescription
pubkeyAddraddressEthereum address.
secretKeybytes32Secret key used for signing.

Errors

expmod_Error

error expmod_Error();

k256DeriveY_Invalid_Prefix_Error

error k256DeriveY_Invalid_Prefix_Error();

k256Decompress_Invalid_Length_Error

error k256Decompress_Invalid_Length_Error();

DER_Split_Error

error DER_Split_Error();

recoverV_Error

error recoverV_Error();