SchnorrFun! ![cratesbadge] ![docsbadge]

Generate and verify Schnorr signatures on secp256k1. Built on [secp256kfun].

Schnorr signatures were introduced (and patented until 2008) by their namesake in Efficient Signature Generation by Smart Cards. This implementation is based on the [BIP-340] specification, but is flexible enough to be used as a general purpose Schnorr signature scheme.

Use

toml [dependencies] schnorr_fun = "0.9" sha2 = "0.10"

Should use?

This library and [secp256kfun] are experimental.

Synopsis

rust use schnorr_fun::{ fun::{marker::*, Scalar, nonce}, Schnorr, Message }; use sha2::Sha256; use rand::rngs::ThreadRng; // Use synthetic nonces let nonce_gen = nonce::Synthetic::<Sha256, nonce::GlobalRng<ThreadRng>>::default(); let schnorr = Schnorr::<Sha256, _>::new(nonce_gen.clone()); // Generate your public/private key-pair let keypair = schnorr.new_keypair(Scalar::random(&mut rand::thread_rng())); // Sign a variable length message let message = Message::<Public>::plain("the-times-of-london", b"Chancellor on brink of second bailout for banks"); // Sign the message with our keypair let signature = schnorr.sign(&keypair, message); // Get the verifier's key let verification_key = keypair.public_key(); // Check it's valid 🍿 assert!(schnorr.verify(&verification_key, message, &signature));

Features

• BIP-340 compliant signing and verification
• Adaptor signatures
• compatibility with rust-secp256k1's schnorr signature types with libsecp_compat feature.
• [MuSig2] implementation compatible with the spec.
• WIP [FROST] implementation
• Feature flags
  • serde: for serde implementations for signatures
  • bincode: for bincode v2 Encode/Decode implementations
  • libsecp_compat: for From implementations between rust-secp256k1's Schnorr signatures.
  • proptest to enable secp256kfun/proptest.