Structure
P256K.Schnorr.PrivateKey
secp256k1 BIP-340 Schnorr private key for signing messages with P256K.Schnorr.SchnorrSignature and for deriving the x-only public key used in verification.
- iOS 13.0+
- macCatalyst 13.0+
- macOS 10.15+
- tvOS 13.0+
- visionOS 1.0+
- watchOS 6.0+
struct PrivateKey
Mentioned In
Overview
Schnorr signatures use secp256k1_schnorrsig_sign_custom with the BIP-340 nonce function (secp256k1_nonce_function_bip340). Unlike ECDSA, signing takes a 32-byte auxiliary randomness input that is mixed into the nonce for protection against fault attacks; the default signature(for:) overload supplies fresh random bytes automatically.
Verification uses x-only public keys (xonly), not full compressed keys. The publicKey property returns the full P256K.Schnorr.PublicKey for contexts that require it.
Topics
Operators
Initializers
Instance Properties
Instance Methods
func add([UInt8]) throws -> P256K.Schnorr.PrivateKeyCreate a new PrivateKey by adding tweak to the secret key. When tweaking keys, implicit negations are handled when odd Y coordinates are reached. REF
func partialSignature<D>(for: D, pubnonce: P256K.Schnorr.Nonce, secureNonce: consuming P256K.Schnorr.SecureNonce, publicNonceAggregate: P256K.MuSig.Nonce, publicKeyAggregate: P256K.MuSig.PublicKey) throws -> P256K.Schnorr.PartialSignatureConvenience overload of partialSignature(for:pubnonce:secureNonce:publicNonceAggregate:xonlyKeyAggregate:) that derives the x-only key from a P256K.MuSig.PublicKey.
func partialSignature<D>(for: D, pubnonce: P256K.Schnorr.Nonce, secureNonce: consuming P256K.Schnorr.SecureNonce, publicNonceAggregate: P256K.MuSig.Nonce, xonlyKeyAggregate: P256K.MuSig.XonlyKey) throws -> P256K.Schnorr.PartialSignatureProduces a 36-byte P256K.Schnorr.PartialSignature via secp256k1_musig_partial_sign, consuming and zeroing the secret nonce to prevent reuse.
func signature<D>(for: D) throws -> P256K.Schnorr.SchnorrSignatureGenerates a BIP-340 Schnorr signature from a pre-computed digest using secp256k1_schnorrsig_sign_custom with fresh 32-byte auxiliary randomness.
func signature<D>(for: D, auxiliaryRand: [UInt8]) throws -> P256K.Schnorr.SchnorrSignatureGenerates a BIP-340 Schnorr signature from a pre-computed digest using caller-supplied auxiliary randomness.
func signature(message: inout [UInt8], auxiliaryRand: UnsafeMutableRawPointer?, strict: Bool) throws -> P256K.Schnorr.SchnorrSignatureGenerates a Schnorr signature over an arbitrary-length message using secp256k1_schnorrsig_sign_custom.