EthereumUtils

State Variables

K256_P

uint256 internal constant K256_P = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f;

K256_P_PLUS_1_OVER_4

uint256 internal constant K256_P_PLUS_1_OVER_4 = 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffff0c;

PRECOMPILE_BIGMODEXP

address internal constant PRECOMPILE_BIGMODEXP = address(0x5);

Functions

expmod

function expmod(uint256 base, uint256 exponent, uint256 modulus) internal view returns (uint256 out);

k256DeriveY

Recover Y coordinate from X coordinate and sign bit.

function k256DeriveY(uint8 prefix, uint256 x) internal view returns (uint256 y);

Parameters

Name	Type	Description
`prefix`	`uint8`	0x02 or 0x03 indicates sign bit of compressed point.
`x`	`uint256`	X coordinate.

k256Decompress

Decompress SEC P256 k1 point.

function k256Decompress(bytes memory pk) internal view returns (uint256 x, uint256 y);

Parameters

Name	Type	Description
`pk`	`bytes`	33 byte compressed public key.

Returns

Name	Type	Description
`x`	`uint256`	X coordinate.
`y`	`uint256`	Y coordinate.

k256PubkeyToEthereumAddress

function k256PubkeyToEthereumAddress(bytes memory pubkey) internal view returns (address);

toEthereumAddress

Convert SEC P256 k1 curve point to Ethereum address.

Note: https://gavwood.com/paper.pdf (pp. 212)

function toEthereumAddress(uint256 x, uint256 y) internal pure returns (address);

Parameters

Name	Type	Description
`x`	`uint256`	X coordinate.
`y`	`uint256`	Y coordinate.

splitDERSignature

Extracts the r and s parameters from a DER encoded ECDSA signature. The signature is an ASN1 encoded SEQUENCE of the variable length r and s INTEGERs.

| 0x30 | len(z) | 0x02 | len(r) |  r   | 0x02 | len(s) |  s   | = hex value
|  1   |   1    |   1  |   1    | 1-33 |  1   |   1    | 1-33 | = byte length

If the highest bit of either r or s is set, it will be prefix padded with a zero byte. There is exponentially decreasing probability that either r or s will be below 32 bytes. There is a very high probability that either r or s will be 33 bytes. This function only works if either r or s are 256bits or lower.

Note: https://bitcoin.stackexchange.com/questions/58853/how-do-you-figure-out-the-r-and-s-out-of-a-signature-using-python

function splitDERSignature(bytes memory der) internal pure returns (SignatureRSV memory rsv);

Parameters

Name	Type	Description
`der`	`bytes`	DER encoded ECDSA signature

Returns

Name	Type	Description
`rsv`	`SignatureRSV`	ECDSA R point X coordinate, and S scalar

recoverV

function recoverV(address pubkeyAddr, bytes32 digest, SignatureRSV memory rsv) internal pure;

toEthereumSignature

Convert a Secp256k1PrehashedKeccak256 signature to one accepted by ecrecover.

Note: https://gavwood.com/paper.pdf (pp. 206)

function toEthereumSignature(bytes memory pubkey, bytes32 digest, bytes memory signature)
    internal
    view
    returns (address pubkeyAddr, SignatureRSV memory rsv);

Parameters

Name	Type	Description
`pubkey`	`bytes`	33 byte compressed public key.
`digest`	`bytes32`	32 byte pre-hashed message digest.
`signature`	`bytes`	ASN.1 DER encoded signature, as returned from `Sapphire.sign`.

Returns

Name	Type	Description
`pubkeyAddr`	`address`	20 byte Ethereum address.
`rsv`	`SignatureRSV`	Ethereum EcDSA RSV signature values.

sign

function sign(address pubkeyAddr, bytes32 secretKey, bytes32 digest) internal view returns (SignatureRSV memory rsv);

generateKeypair

Generate an Ethereum compatible SEC P256 k1 keypair and corresponding public address.

function generateKeypair() internal view returns (address pubkeyAddr, bytes32 secretKey);

Returns

Name	Type	Description
`pubkeyAddr`	`address`	Ethereum address.
`secretKey`	`bytes32`	Secret key used for signing.

Errors

expmod_Error

error expmod_Error();

k256DeriveY_Invalid_Prefix_Error

error k256DeriveY_Invalid_Prefix_Error();

k256Decompress_Invalid_Length_Error

error k256Decompress_Invalid_Length_Error();

DER_Split_Error

error DER_Split_Error();

recoverV_Error

error recoverV_Error();

Sapphire Contracts Lib