ff33018fe7
39407c3f5999aa10e1470bc9eae8f63800a63e51 Mark stack variables as early clobber for technical correctness (Pieter Wuille)
56a5d41429a4daed2b02b59c45022044c3575955 Bugfix: mark outputs as early clobber in scalar x86_64 asm (Pieter Wuille)
c8c0f55a1132c0fc9a726f0a4a1417288163b904 ct: Be cautious and use volatile trick in more "conditional" paths (Tim Ruffing)
3e9428996698257aa2a3b4e974f574b8479f1261 ct: Use volatile trick in scalar_cond_negate (Tim Ruffing)
Pull request description:
ACKs for top commit:
real-or-random:
ACK 39407c3f5999aa10e1470bc9eae8f63800a63e51 I also verified that the ct time tests pass on GCC 13.1.1 and Clang 15.0.7.
Tree-SHA512: b7e695527ea58cc7b94a5f2fff6473b6779a469bc5c38baf92624b655cbdf303fbd204e6c1395fa02b98db3bc47bab32afe64bae4ab4fab18da856b621aab070
libsecp256k1-zkp
A fork of libsecp256k1 with support for advanced and experimental features such as Confidential Assets and MuSig2
Added features:
- Experimental module for ECDSA adaptor signatures.
- Experimental module for ECDSA sign-to-contract.
- Experimental module for MuSig2.
- Experimental module for Confidential Assets (Pedersen commitments, range proofs, and surjection proofs).
- Experimental module for Bulletproofs++ range proofs.
- Experimental module for address whitelisting.
Experimental features are made available for testing and review by the community. The APIs of these features should not be considered stable.
Build steps
libsecp256k1-zkp is built using autotools:
$ ./autogen.sh
$ ./configure
$ make
$ make check # run the test suite
$ sudo make install # optional
To compile optional modules (such as Schnorr signatures), you need to run ./configure with additional flags (such as --enable-module-schnorrsig). Run ./configure --help to see the full list of available flags. For experimental modules, you will also need --enable-experimental as well as a flag for each individual module, e.g. --enable-module-musig.
Usage examples
Usage examples can be found in the examples directory. To compile them you need to configure with --enable-examples.
Test coverage
This library aims to have full coverage of the reachable lines and branches.
To create a test coverage report, configure with --enable-coverage (use of GCC is necessary):
$ ./configure --enable-coverage
Run the tests:
$ make check
To create a report, gcovr is recommended, as it includes branch coverage reporting:
$ gcovr --exclude 'src/bench*' --print-summary
To create a HTML report with coloured and annotated source code:
$ mkdir -p coverage
$ gcovr --exclude 'src/bench*' --html --html-details -o coverage/coverage.html
Benchmark
If configured with --enable-benchmark (which is the default), binaries for benchmarking the libsecp256k1-zkp functions will be present in the root directory after the build.
To print the benchmark result to the command line:
$ ./bench_name
To create a CSV file for the benchmark result :
$ ./bench_name | sed '2d;s/ \{1,\}//g' > bench_name.csv
Reporting a vulnerability
See SECURITY.md