Bitcoin Core  29.1.0
P2P Digital Currency
secp256k1_musig.h
Go to the documentation of this file.
1 #ifndef SECP256K1_MUSIG_H
2 #define SECP256K1_MUSIG_H
3 
4 #include "secp256k1_extrakeys.h"
5 
6 #ifdef __cplusplus
7 extern "C" {
8 #endif
9 
10 #include <stddef.h>
11 #include <stdint.h>
12 
43 typedef struct secp256k1_musig_keyagg_cache {
44  unsigned char data[197];
45 } secp256k1_musig_keyagg_cache;
46 
59 typedef struct secp256k1_musig_secnonce {
60  unsigned char data[132];
61 } secp256k1_musig_secnonce;
62 
68 typedef struct secp256k1_musig_pubnonce {
69  unsigned char data[132];
70 } secp256k1_musig_pubnonce;
71 
77 typedef struct secp256k1_musig_aggnonce {
78  unsigned char data[132];
79 } secp256k1_musig_aggnonce;
80 
87 typedef struct secp256k1_musig_session {
88  unsigned char data[133];
89 } secp256k1_musig_session;
90 
96 typedef struct secp256k1_musig_partial_sig {
97  unsigned char data[36];
98 } secp256k1_musig_partial_sig;
99 
107 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubnonce_parse(
108  const secp256k1_context *ctx,
109  secp256k1_musig_pubnonce *nonce,
110  const unsigned char *in66
111 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
112 
120 SECP256K1_API int secp256k1_musig_pubnonce_serialize(
121  const secp256k1_context *ctx,
122  unsigned char *out66,
123  const secp256k1_musig_pubnonce *nonce
124 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
125 
133 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_aggnonce_parse(
134  const secp256k1_context *ctx,
135  secp256k1_musig_aggnonce *nonce,
136  const unsigned char *in66
137 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
138 
146 SECP256K1_API int secp256k1_musig_aggnonce_serialize(
147  const secp256k1_context *ctx,
148  unsigned char *out66,
149  const secp256k1_musig_aggnonce *nonce
150 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
151 
159 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_partial_sig_parse(
160  const secp256k1_context *ctx,
161  secp256k1_musig_partial_sig *sig,
162  const unsigned char *in32
163 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
164 
172 SECP256K1_API int secp256k1_musig_partial_sig_serialize(
173  const secp256k1_context *ctx,
174  unsigned char *out32,
175  const secp256k1_musig_partial_sig *sig
176 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
177 
199 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_agg(
200  const secp256k1_context *ctx,
201  secp256k1_xonly_pubkey *agg_pk,
202  secp256k1_musig_keyagg_cache *keyagg_cache,
203  const secp256k1_pubkey * const *pubkeys,
204  size_t n_pubkeys
205 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(4);
206 
219 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_get(
220  const secp256k1_context *ctx,
221  secp256k1_pubkey *agg_pk,
222  const secp256k1_musig_keyagg_cache *keyagg_cache
223 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
224 
262 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_ec_tweak_add(
263  const secp256k1_context *ctx,
264  secp256k1_pubkey *output_pubkey,
265  secp256k1_musig_keyagg_cache *keyagg_cache,
266  const unsigned char *tweak32
267 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
268 
304 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_xonly_tweak_add(
305  const secp256k1_context *ctx,
306  secp256k1_pubkey *output_pubkey,
307  secp256k1_musig_keyagg_cache *keyagg_cache,
308  const unsigned char *tweak32
309 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
310 
362 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_nonce_gen(
363  const secp256k1_context *ctx,
364  secp256k1_musig_secnonce *secnonce,
365  secp256k1_musig_pubnonce *pubnonce,
366  unsigned char *session_secrand32,
367  const unsigned char *seckey,
368  const secp256k1_pubkey *pubkey,
369  const unsigned char *msg32,
370  const secp256k1_musig_keyagg_cache *keyagg_cache,
371  const unsigned char *extra_input32
372 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(6);
373 
374 
425 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_nonce_gen_counter(
426  const secp256k1_context *ctx,
427  secp256k1_musig_secnonce *secnonce,
428  secp256k1_musig_pubnonce *pubnonce,
429  uint64_t nonrepeating_cnt,
430  const secp256k1_keypair *keypair,
431  const unsigned char *msg32,
432  const secp256k1_musig_keyagg_cache *keyagg_cache,
433  const unsigned char *extra_input32
434 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(5);
435 
455 SECP256K1_API int secp256k1_musig_nonce_agg(
456  const secp256k1_context *ctx,
457  secp256k1_musig_aggnonce *aggnonce,
458  const secp256k1_musig_pubnonce * const *pubnonces,
459  size_t n_pubnonces
460 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
461 
474 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_nonce_process(
475  const secp256k1_context *ctx,
476  secp256k1_musig_session *session,
477  const secp256k1_musig_aggnonce *aggnonce,
478  const unsigned char *msg32,
479  const secp256k1_musig_keyagg_cache *keyagg_cache
480 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5);
481 
514 SECP256K1_API int secp256k1_musig_partial_sign(
515  const secp256k1_context *ctx,
516  secp256k1_musig_partial_sig *partial_sig,
517  secp256k1_musig_secnonce *secnonce,
518  const secp256k1_keypair *keypair,
519  const secp256k1_musig_keyagg_cache *keyagg_cache,
520  const secp256k1_musig_session *session
521 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6);
522 
555 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_partial_sig_verify(
556  const secp256k1_context *ctx,
557  const secp256k1_musig_partial_sig *partial_sig,
558  const secp256k1_musig_pubnonce *pubnonce,
559  const secp256k1_pubkey *pubkey,
560  const secp256k1_musig_keyagg_cache *keyagg_cache,
561  const secp256k1_musig_session *session
562 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6);
563 
576 SECP256K1_API int secp256k1_musig_partial_sig_agg(
577  const secp256k1_context *ctx,
578  unsigned char *sig64,
579  const secp256k1_musig_session *session,
580  const secp256k1_musig_partial_sig * const *partial_sigs,
581  size_t n_sigs
582 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
583 
584 #ifdef __cplusplus
585 }
586 #endif
587 
588 #endif
secp256k1_musig_aggnonce::data
unsigned char data[132]
Definition: secp256k1_musig.h:78
secp256k1_musig_pubkey_get
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_get(const secp256k1_context *ctx, secp256k1_pubkey *agg_pk, const secp256k1_musig_keyagg_cache *keyagg_cache) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Obtain the aggregate public key from a keyagg_cache.
Definition: keyagg_impl.h:233
secp256k1_musig_keyagg_cache::data
unsigned char data[197]
Definition: secp256k1_musig.h:44
secp256k1_musig_keyagg_cache
This module implements BIP 327 "MuSig2 for BIP340-compatible Multi-Signatures" (https://github.com/bitcoin/bips/blob/master/bip-0327.mediawiki) v1.0.0.
Definition: secp256k1_musig.h:43
secp256k1_musig_pubnonce_serialize
SECP256K1_API int secp256k1_musig_pubnonce_serialize(const secp256k1_context *ctx, unsigned char *out66, const secp256k1_musig_pubnonce *nonce) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Serialize a signer&#39;s public nonce.
Definition: session_impl.h:214
SECP256K1_WARN_UNUSED_RESULT
#define SECP256K1_WARN_UNUSED_RESULT
Definition: secp256k1.h:171
secp256k1_musig_partial_sign
SECP256K1_API int secp256k1_musig_partial_sign(const secp256k1_context *ctx, secp256k1_musig_partial_sig *partial_sig, secp256k1_musig_secnonce *secnonce, const secp256k1_keypair *keypair, const secp256k1_musig_keyagg_cache *keyagg_cache, const secp256k1_musig_session *session) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6)
Produces a partial signature.
Definition: session_impl.h:658
nonce
unsigned int nonce
Definition: miner_tests.cpp:75
secp256k1_musig_aggnonce
Opaque data structure that holds an aggregate public nonce.
Definition: secp256k1_musig.h:77
secp256k1_musig_session
struct secp256k1_musig_session secp256k1_musig_session
Opaque data structure that holds a MuSig session.
secp256k1_musig_nonce_agg
SECP256K1_API int secp256k1_musig_nonce_agg(const secp256k1_context *ctx, secp256k1_musig_aggnonce *aggnonce, const secp256k1_musig_pubnonce *const *pubnonces, size_t n_pubnonces) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Aggregates the nonces of all signers into a single nonce.
Definition: session_impl.h:536
secp256k1_musig_partial_sig_verify
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_partial_sig_verify(const secp256k1_context *ctx, const secp256k1_musig_partial_sig *partial_sig, const secp256k1_musig_pubnonce *pubnonce, const secp256k1_pubkey *pubkey, const secp256k1_musig_keyagg_cache *keyagg_cache, const secp256k1_musig_session *session) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6)
Verifies an individual signer&#39;s partial signature.
Definition: session_impl.h:728
secp256k1_musig_pubnonce_parse
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubnonce_parse(const secp256k1_context *ctx, secp256k1_musig_pubnonce *nonce, const unsigned char *in66) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse a signer&#39;s public nonce.
Definition: session_impl.h:194
secp256k1_musig_partial_sig::data
unsigned char data[36]
Definition: secp256k1_musig.h:97
secp256k1_context_struct
Definition: secp256k1.c:61
secp256k1_musig_aggnonce
struct secp256k1_musig_aggnonce secp256k1_musig_aggnonce
Opaque data structure that holds an aggregate public nonce.
secp256k1_musig_keyagg_cache
struct secp256k1_musig_keyagg_cache secp256k1_musig_keyagg_cache
This module implements BIP 327 "MuSig2 for BIP340-compatible Multi-Signatures" (https://github.com/bitcoin/bips/blob/master/bip-0327.mediawiki) v1.0.0.
secp256k1_musig_partial_sig
Opaque data structure that holds a partial MuSig signature.
Definition: secp256k1_musig.h:96
secp256k1_musig_secnonce
struct secp256k1_musig_secnonce secp256k1_musig_secnonce
Opaque data structure that holds a signer&#39;s secret nonce.
secp256k1_musig_pubkey_ec_tweak_add
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_ec_tweak_add(const secp256k1_context *ctx, secp256k1_pubkey *output_pubkey, secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Apply plain "EC" tweaking to a public key in a given keyagg_cache by adding the generator multiplied ...
Definition: keyagg_impl.h:283
secp256k1_extrakeys.h
secp256k1_musig_partial_sig_serialize
SECP256K1_API int secp256k1_musig_partial_sig_serialize(const secp256k1_context *ctx, unsigned char *out32, const secp256k1_musig_partial_sig *sig) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Serialize a MuSig partial signature.
Definition: session_impl.h:294
secp256k1_musig_nonce_process
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_nonce_process(const secp256k1_context *ctx, secp256k1_musig_session *session, const secp256k1_musig_aggnonce *aggnonce, const unsigned char *msg32, const secp256k1_musig_keyagg_cache *keyagg_cache) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5)
Takes the aggregate nonce and creates a session that is required for signing and verification of part...
Definition: session_impl.h:612
secp256k1_musig_pubkey_agg
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_agg(const secp256k1_context *ctx, secp256k1_xonly_pubkey *agg_pk, secp256k1_musig_keyagg_cache *keyagg_cache, const secp256k1_pubkey *const *pubkeys, size_t n_pubkeys) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(4)
Computes an aggregate public key and uses it to initialize a keyagg_cache.
Definition: keyagg_impl.h:175
secp256k1_xonly_pubkey
Opaque data structure that holds a parsed and valid "x-only" public key.
Definition: secp256k1_extrakeys.h:22
secp256k1_musig_aggnonce_parse
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_aggnonce_parse(const secp256k1_context *ctx, secp256k1_musig_aggnonce *nonce, const unsigned char *in66) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse an aggregate public nonce.
Definition: session_impl.h:240
secp256k1_musig_partial_sig_agg
SECP256K1_API int secp256k1_musig_partial_sig_agg(const secp256k1_context *ctx, unsigned char *sig64, const secp256k1_musig_session *session, const secp256k1_musig_partial_sig *const *partial_sigs, size_t n_sigs) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Aggregates partial signatures.
Definition: session_impl.h:791
secp256k1_musig_session::data
unsigned char data[133]
Definition: secp256k1_musig.h:88
secp256k1_musig_secnonce
Opaque data structure that holds a signer&#39;s secret nonce.
Definition: secp256k1_musig.h:59
secp256k1_musig_nonce_gen
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_nonce_gen(const secp256k1_context *ctx, secp256k1_musig_secnonce *secnonce, secp256k1_musig_pubnonce *pubnonce, unsigned char *session_secrand32, const unsigned char *seckey, const secp256k1_pubkey *pubkey, const unsigned char *msg32, const secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *extra_input32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(6)
Starts a signing session by generating a nonce.
Definition: session_impl.h:461
secp256k1_keypair
Opaque data structure that holds a keypair consisting of a secret and a public key.
Definition: secp256k1_extrakeys.h:33
SECP256K1_ARG_NONNULL
#define SECP256K1_ARG_NONNULL(_x)
Definition: secp256k1.h:176
secp256k1_musig_pubnonce::data
unsigned char data[132]
Definition: secp256k1_musig.h:69
secp256k1_musig_pubnonce
Opaque data structure that holds a signer&#39;s public nonce.
Definition: secp256k1_musig.h:68
secp256k1_musig_aggnonce_serialize
SECP256K1_API int secp256k1_musig_aggnonce_serialize(const secp256k1_context *ctx, unsigned char *out66, const secp256k1_musig_aggnonce *nonce) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Serialize an aggregate public nonce.
Definition: session_impl.h:257
secp256k1_musig_session
Opaque data structure that holds a MuSig session.
Definition: secp256k1_musig.h:87
secp256k1_musig_pubkey_xonly_tweak_add
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_xonly_tweak_add(const secp256k1_context *ctx, secp256k1_pubkey *output_pubkey, secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Apply x-only tweaking to a public key in a given keyagg_cache by adding the generator multiplied with...
Definition: keyagg_impl.h:287
secp256k1_musig_secnonce::data
unsigned char data[132]
Definition: secp256k1_musig.h:60
SECP256K1_API
#define SECP256K1_API
Definition: secp256k1.h:161
secp256k1_musig_pubnonce
struct secp256k1_musig_pubnonce secp256k1_musig_pubnonce
Opaque data structure that holds a signer&#39;s public nonce.
secp256k1_musig_partial_sig
struct secp256k1_musig_partial_sig secp256k1_musig_partial_sig
Opaque data structure that holds a partial MuSig signature.
secp256k1_musig_nonce_gen_counter
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_nonce_gen_counter(const secp256k1_context *ctx, secp256k1_musig_secnonce *secnonce, secp256k1_musig_pubnonce *pubnonce, uint64_t nonrepeating_cnt, const secp256k1_keypair *keypair, const unsigned char *msg32, const secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *extra_input32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(5)
Alternative way to generate a nonce and start a signing session.
Definition: session_impl.h:489
secp256k1_pubkey
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:61
secp256k1_musig_partial_sig_parse
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_partial_sig_parse(const secp256k1_context *ctx, secp256k1_musig_partial_sig *sig, const unsigned char *in32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse a MuSig partial signature.
Definition: session_impl.h:275
Generated on Wed Sep 3 2025 12:00:00 for Bitcoin Core by   doxygen 1.8.14