purify
C++ Purify implementation with native circuit and BPP support
Loading...
Searching...
No Matches
bppp.hpp
Go to the documentation of this file.
1// Copyright (c) 2026 Judica, Inc.
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or https://opensource.org/license/mit/.
4
10#pragma once
11
12#include <array>
13#include <cstdint>
14#include <span>
15#include <utility>
16
17#include "purify/api.hpp"
18#include "purify/bppp.hpp"
19
20namespace purify::puresign_plusplus {
21
22using Scalar32 = std::array<unsigned char, 32>;
23using XOnly32 = std::array<unsigned char, 32>;
24using Signature64 = std::array<unsigned char, 64>;
25
26struct MessageProofCache;
27struct TopicProofCache;
28struct Signature;
29class PreparedNonce;
30
31struct NonceProof;
32struct ProvenSignature;
33
34struct PublicKey {
35 static constexpr std::size_t kSerializedSize = 96;
36
37 UInt512 purify_pubkey;
38 XOnly32 bip340_pubkey{};
39
44 [[nodiscard]] Bytes serialize() const;
45
51 [[nodiscard]] static Result<PublicKey> deserialize(std::span<const unsigned char> serialized,
52 purify_secp_context* secp_context);
53
59 [[nodiscard]] static Result<PublicKey> from_secret(const SecretKey& secret,
60 purify_secp_context* secp_context);
61
68 [[nodiscard]] Result<bool> verify_signature(std::span<const unsigned char> message,
69 const Signature& signature,
70 purify_secp_context* secp_context) const;
71
79 [[nodiscard]] Result<bool> verify_message_nonce_proof(
80 std::span<const unsigned char> message,
81 const NonceProof& nonce_proof,
82 purify_secp_context* secp_context,
83 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
84
92 [[nodiscard]] Result<bool> verify_message_nonce_proof(
93 const MessageProofCache& cache,
94 const NonceProof& nonce_proof,
95 purify_secp_context* secp_context,
96 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
97
105 [[nodiscard]] Result<bool> verify_topic_nonce_proof(
106 std::span<const unsigned char> topic,
107 const NonceProof& nonce_proof,
108 purify_secp_context* secp_context,
109 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
110
118 [[nodiscard]] Result<bool> verify_topic_nonce_proof(
119 const TopicProofCache& cache,
120 const NonceProof& nonce_proof,
121 purify_secp_context* secp_context,
122 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
123
131 [[nodiscard]] Result<bool> verify_message_signature_with_proof(
132 std::span<const unsigned char> message,
133 const ProvenSignature& signature,
134 purify_secp_context* secp_context,
135 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
136
144 [[nodiscard]] Result<bool> verify_message_signature_with_proof(
145 const MessageProofCache& cache,
146 const ProvenSignature& signature,
147 purify_secp_context* secp_context,
148 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
149
158 [[nodiscard]] Result<bool> verify_topic_signature_with_proof(
159 std::span<const unsigned char> message,
160 std::span<const unsigned char> topic,
161 const ProvenSignature& signature,
162 purify_secp_context* secp_context,
163 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
164
173 [[nodiscard]] Result<bool> verify_topic_signature_with_proof(
174 const TopicProofCache& cache,
175 std::span<const unsigned char> message,
176 const ProvenSignature& signature,
177 purify_secp_context* secp_context,
178 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
179};
180
182struct Nonce {
183 static constexpr std::size_t kSerializedSize = 32;
184
185 XOnly32 xonly{};
186
188 [[nodiscard]] Bytes serialize() const;
190 [[nodiscard]] static Result<Nonce> deserialize(std::span<const unsigned char> serialized,
191 purify_secp_context* secp_context);
192};
193
195struct Signature {
196 static constexpr std::size_t kSerializedSize = 64;
197
198 Signature64 bytes{};
199
201 [[nodiscard]] Nonce nonce() const;
203 [[nodiscard]] Scalar32 s() const;
205 [[nodiscard]] Bytes serialize() const;
207 [[nodiscard]] static Result<Signature> deserialize(std::span<const unsigned char> serialized,
208 purify_secp_context* secp_context);
209};
210
232
254
255struct NonceProof {
256 static constexpr unsigned char kSerializationVersion = 1;
257
258 Nonce nonce;
259 bppp::PointBytes commitment_point{};
260 bppp::ExperimentalCircuitZkNormArgProof proof;
261
262 [[nodiscard]] Result<Bytes> serialize(purify_secp_context* secp_context) const;
263 [[nodiscard]] static Result<NonceProof> deserialize(std::span<const unsigned char> serialized,
264 purify_secp_context* secp_context);
265};
266
267struct ProvenSignature {
268 static constexpr unsigned char kSerializationVersion = 1;
269
270 Signature signature;
271 NonceProof nonce_proof;
272
273 [[nodiscard]] Result<Bytes> serialize(purify_secp_context* secp_context) const;
274 [[nodiscard]] static Result<ProvenSignature> deserialize(std::span<const unsigned char> serialized,
275 purify_secp_context* secp_context);
276};
277
284class PreparedNonce {
285public:
286 enum class Scope : std::uint8_t {
287 Message,
288 Topic,
289 };
290
291 PreparedNonce(const PreparedNonce&) = delete;
292 PreparedNonce& operator=(const PreparedNonce&) = delete;
293
294 PreparedNonce(PreparedNonce&& other) noexcept;
295 PreparedNonce& operator=(PreparedNonce&& other) noexcept;
296 ~PreparedNonce();
297
302 [[nodiscard]] const Nonce& public_nonce() const noexcept {
303 return nonce_;
304 }
305
312 [[nodiscard]] Scalar32 scalar() const {
313 return scalar_;
314 }
315
325 [[nodiscard]] static PreparedNonce from_parts(Scope scope, const Scalar32& scalar, const Nonce& nonce,
326 const XOnly32& signer_pubkey, const XOnly32& binding_digest);
327
334 [[nodiscard]] Result<Signature> sign_message(const Bip340Key& signer,
335 std::span<const unsigned char> message,
336 purify_secp_context* secp_context) &&;
337
344 [[nodiscard]] Result<Signature> sign_topic_message(const Bip340Key& signer,
345 std::span<const unsigned char> message,
346 purify_secp_context* secp_context) &&;
347
348private:
349 PreparedNonce(Scope scope, const Scalar32& scalar, const Nonce& nonce,
350 const XOnly32& signer_pubkey, const XOnly32& binding_digest);
351
352 void clear() noexcept;
353
354 Scope scope_{Scope::Message};
355 Scalar32 scalar_{};
356 Nonce nonce_{};
357 XOnly32 signer_pubkey_{};
358 XOnly32 binding_digest_{};
359};
360
361class PreparedNonceWithProof {
362public:
363 PreparedNonceWithProof(const PreparedNonceWithProof&) = delete;
364 PreparedNonceWithProof& operator=(const PreparedNonceWithProof&) = delete;
365
366 PreparedNonceWithProof(PreparedNonceWithProof&& other) noexcept = default;
367 PreparedNonceWithProof& operator=(PreparedNonceWithProof&& other) noexcept = default;
368 ~PreparedNonceWithProof() = default;
369
374 [[nodiscard]] const Nonce& public_nonce() const noexcept {
375 return prepared_.public_nonce();
376 }
377
382 [[nodiscard]] const NonceProof& proof() const noexcept {
383 return proof_;
384 }
385
390 [[nodiscard]] Scalar32 scalar() const {
391 return prepared_.scalar();
392 }
393
400 [[nodiscard]] static PreparedNonceWithProof from_parts(PreparedNonce prepared, NonceProof proof);
401
408 [[nodiscard]] Result<ProvenSignature> sign_message(const SecretKey& secret,
409 std::span<const unsigned char> message,
410 purify_secp_context* secp_context) &&;
411
418 [[nodiscard]] Result<ProvenSignature> sign_topic_message(const SecretKey& secret,
419 std::span<const unsigned char> message,
420 purify_secp_context* secp_context) &&;
421
422private:
423 PreparedNonceWithProof(PreparedNonce prepared, NonceProof proof)
424 : prepared_(std::move(prepared)), proof_(std::move(proof)) {}
425
426 PreparedNonce prepared_;
427 NonceProof proof_;
428};
429
430class KeyPair {
431public:
432 KeyPair(const KeyPair&) = delete;
433 KeyPair& operator=(const KeyPair&) = delete;
434 KeyPair(KeyPair&& other) noexcept = default;
435 KeyPair& operator=(KeyPair&& other) noexcept = default;
436 ~KeyPair() = default;
437
443 [[nodiscard]] static Result<KeyPair> from_secret(const SecretKey& secret,
444 purify_secp_context* secp_context);
445
451 [[nodiscard]] static Result<KeyPair> from_secret(SecretKey&& secret,
452 purify_secp_context* secp_context);
453
458 [[nodiscard]] const PublicKey& public_key() const noexcept {
459 return public_key_;
460 }
461
467 [[nodiscard]] Result<PreparedNonce> prepare_message_nonce(std::span<const unsigned char> message,
468 purify_secp_context* secp_context) const;
469
476 [[nodiscard]] Result<PreparedNonceWithProof> prepare_message_nonce_with_proof(
477 std::span<const unsigned char> message,
478 purify_secp_context* secp_context,
479 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
480
487 [[nodiscard]] Result<PreparedNonceWithProof> prepare_message_nonce_with_proof(
488 const MessageProofCache& cache,
489 purify_secp_context* secp_context,
490 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
491
497 [[nodiscard]] Result<PreparedNonce> prepare_topic_nonce(std::span<const unsigned char> topic,
498 purify_secp_context* secp_context) const;
499
506 [[nodiscard]] Result<PreparedNonceWithProof> prepare_topic_nonce_with_proof(
507 std::span<const unsigned char> topic,
508 purify_secp_context* secp_context,
509 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
510
517 [[nodiscard]] Result<PreparedNonceWithProof> prepare_topic_nonce_with_proof(
518 const TopicProofCache& cache,
519 purify_secp_context* secp_context,
520 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
521
527 [[nodiscard]] Result<Signature> sign_message(std::span<const unsigned char> message,
528 purify_secp_context* secp_context) const;
529
536 [[nodiscard]] Result<Signature> sign_message_with_prepared(std::span<const unsigned char> message,
537 PreparedNonce&& prepared,
538 purify_secp_context* secp_context) const;
539
546 [[nodiscard]] Result<ProvenSignature> sign_message_with_prepared_proof(
547 std::span<const unsigned char> message,
548 PreparedNonceWithProof&& prepared,
549 purify_secp_context* secp_context) const;
550
557 [[nodiscard]] Result<Signature> sign_with_topic(std::span<const unsigned char> message,
558 std::span<const unsigned char> topic,
559 purify_secp_context* secp_context) const;
566 [[nodiscard]] Result<Signature> sign_with_prepared_topic(std::span<const unsigned char> message,
567 PreparedNonce&& prepared,
568 purify_secp_context* secp_context) const;
569
576 [[nodiscard]] Result<ProvenSignature> sign_with_prepared_topic_proof(
577 std::span<const unsigned char> message,
578 PreparedNonceWithProof&& prepared,
579 purify_secp_context* secp_context) const;
580
587 [[nodiscard]] Result<ProvenSignature> sign_message_with_proof(
588 std::span<const unsigned char> message,
589 purify_secp_context* secp_context,
590 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
591
598 [[nodiscard]] Result<ProvenSignature> sign_message_with_proof(
599 const MessageProofCache& cache,
600 purify_secp_context* secp_context,
601 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
602
610 [[nodiscard]] Result<ProvenSignature> sign_with_topic_proof(
611 std::span<const unsigned char> message,
612 std::span<const unsigned char> topic,
613 purify_secp_context* secp_context,
614 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
615
623 [[nodiscard]] Result<ProvenSignature> sign_with_topic_proof(
624 std::span<const unsigned char> message,
625 const TopicProofCache& cache,
626 purify_secp_context* secp_context,
627 bppp::ExperimentalCircuitBackend* circuit_cache = nullptr) const;
628
629private:
630 KeyPair(SecretKey secret, PublicKey public_key)
631 : secret_(std::move(secret)), public_key_(std::move(public_key)) {}
632
633 SecretKey secret_;
634 PublicKey public_key_{};
635};
636
637} // namespace purify::puresign_plusplus
api.hpp
High-level Purify key generation, evaluation, witness generation, and circuit helpers.
bppp.hpp
C++ wrappers for the BPPP functionality used by Purify.
purify::Expected
Purify result carrier that either holds a value or an error.
Definition expected.hpp:64
purify::NativeBulletproofCircuitTemplate
Public-key-agnostic native verifier-circuit template.
Definition bulletproof.hpp:349
purify::SecretKey
Move-only packed Purify secret stored in dedicated heap memory.
Definition secret.hpp:52
purify::bppp::ExperimentalCircuitBackend
Common interface for reusable experimental BPPP backend state.
Definition bppp.hpp:119
purify::bppp::ExperimentalCircuitCache
Caller-owned cache for reusable experimental circuit reduction and BPPP backend data.
Definition bppp.hpp:186
purify::puresign_plusplus::KeyPair
Definition bppp.hpp:430
purify::puresign_plusplus::KeyPair::prepare_message_nonce
Result< PreparedNonce > prepare_message_nonce(std::span< const unsigned char > message, purify_secp_context *secp_context) const
Deterministically prepares a message-bound nonce.
Definition bppp.cpp:808
purify::puresign_plusplus::KeyPair::prepare_topic_nonce
Result< PreparedNonce > prepare_topic_nonce(std::span< const unsigned char > topic, purify_secp_context *secp_context) const
Deterministically prepares a topic-bound nonce.
Definition bppp.cpp:827
purify::puresign_plusplus::KeyPair::sign_message_with_proof
Result< ProvenSignature > sign_message_with_proof(std::span< const unsigned char > message, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Signs a message and returns the signature bundled with its BPPP nonce proof.
Definition bppp.cpp:885
purify::puresign_plusplus::KeyPair::public_key
const PublicKey & public_key() const noexcept
Returns the public key bundle associated with this signer.
Definition bppp.hpp:458
purify::puresign_plusplus::KeyPair::sign_with_prepared_topic
Result< Signature > sign_with_prepared_topic(std::span< const unsigned char > message, PreparedNonce &&prepared, purify_secp_context *secp_context) const
Signs a message using an already prepared topic-bound nonce.
Definition bppp.cpp:872
purify::puresign_plusplus::KeyPair::~KeyPair
~KeyPair()=default
purify::puresign_plusplus::KeyPair::operator=
KeyPair & operator=(KeyPair &&other) noexcept=default
purify::puresign_plusplus::KeyPair::operator=
KeyPair & operator=(const KeyPair &)=delete
purify::puresign_plusplus::KeyPair::from_secret
static Result< KeyPair > from_secret(const SecretKey &secret, purify_secp_context *secp_context)
Derives a PureSign++ signing key pair from one packed Purify secret.
Definition bppp.cpp:798
purify::puresign_plusplus::KeyPair::prepare_message_nonce_with_proof
Result< PreparedNonceWithProof > prepare_message_nonce_with_proof(std::span< const unsigned char > message, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Deterministically prepares a message-bound nonce together with its BPPP proof.
Definition bppp.cpp:813
purify::puresign_plusplus::KeyPair::sign_with_prepared_topic_proof
Result< ProvenSignature > sign_with_prepared_topic_proof(std::span< const unsigned char > message, PreparedNonceWithProof &&prepared, purify_secp_context *secp_context) const
Signs a message using an already prepared topic-bound nonce proof bundle.
Definition bppp.cpp:879
purify::puresign_plusplus::KeyPair::sign_message_with_prepared
Result< Signature > sign_message_with_prepared(std::span< const unsigned char > message, PreparedNonce &&prepared, purify_secp_context *secp_context) const
Signs a message using an already prepared message-bound nonce.
Definition bppp.cpp:852
purify::puresign_plusplus::KeyPair::sign_with_topic_proof
Result< ProvenSignature > sign_with_topic_proof(std::span< const unsigned char > message, std::span< const unsigned char > topic, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Signs a message with a topic-bound nonce proof.
Definition bppp.cpp:901
purify::puresign_plusplus::KeyPair::sign_message
Result< Signature > sign_message(std::span< const unsigned char > message, purify_secp_context *secp_context) const
Signs a message with a deterministically derived message-bound nonce.
Definition bppp.cpp:846
purify::puresign_plusplus::KeyPair::prepare_topic_nonce_with_proof
Result< PreparedNonceWithProof > prepare_topic_nonce_with_proof(std::span< const unsigned char > topic, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Deterministically prepares a topic-bound nonce together with its BPPP proof.
Definition bppp.cpp:832
purify::puresign_plusplus::KeyPair::KeyPair
KeyPair(const KeyPair &)=delete
purify::puresign_plusplus::KeyPair::sign_with_topic
Result< Signature > sign_with_topic(std::span< const unsigned char > message, std::span< const unsigned char > topic, purify_secp_context *secp_context) const
Signs a message using a topic-bound deterministic nonce.
Definition bppp.cpp:865
purify::puresign_plusplus::KeyPair::KeyPair
KeyPair(KeyPair &&other) noexcept=default
purify::puresign_plusplus::KeyPair::sign_message_with_prepared_proof
Result< ProvenSignature > sign_message_with_prepared_proof(std::span< const unsigned char > message, PreparedNonceWithProof &&prepared, purify_secp_context *secp_context) const
Signs a message using an already prepared message-bound nonce proof bundle.
Definition bppp.cpp:859
purify::puresign_plusplus::PreparedNonceWithProof
Definition bppp.hpp:361
purify::puresign_plusplus::PreparedNonceWithProof::PreparedNonceWithProof
PreparedNonceWithProof(const PreparedNonceWithProof &)=delete
purify::puresign_plusplus::PreparedNonceWithProof::proof
const NonceProof & proof() const noexcept
Returns the public nonce proof carried by this bundle.
Definition bppp.hpp:382
purify::puresign_plusplus::PreparedNonceWithProof::sign_message
Result< ProvenSignature > sign_message(const SecretKey &secret, std::span< const unsigned char > message, purify_secp_context *secp_context) &&
Consumes this message-bound prepared proof bundle and signs the message.
Definition bppp.cpp:400
purify::puresign_plusplus::PreparedNonceWithProof::from_parts
static PreparedNonceWithProof from_parts(PreparedNonce prepared, NonceProof proof)
Bundles a prepared nonce with its matching BPPP-backed public nonce proof.
Definition bppp.cpp:396
purify::puresign_plusplus::PreparedNonceWithProof::operator=
PreparedNonceWithProof & operator=(PreparedNonceWithProof &&other) noexcept=default
purify::puresign_plusplus::PreparedNonceWithProof::scalar
Scalar32 scalar() const
Explicitly exports the secret nonce scalar from the wrapped prepared nonce.
Definition bppp.hpp:390
purify::puresign_plusplus::PreparedNonceWithProof::~PreparedNonceWithProof
~PreparedNonceWithProof()=default
purify::puresign_plusplus::PreparedNonceWithProof::PreparedNonceWithProof
PreparedNonceWithProof(PreparedNonceWithProof &&other) noexcept=default
purify::puresign_plusplus::PreparedNonceWithProof::sign_topic_message
Result< ProvenSignature > sign_topic_message(const SecretKey &secret, std::span< const unsigned char > message, purify_secp_context *secp_context) &&
Consumes this topic-bound prepared proof bundle and signs the message.
Definition bppp.cpp:413
purify::puresign_plusplus::PreparedNonceWithProof::public_nonce
const Nonce & public_nonce() const noexcept
Returns the public nonce proved by this bundle.
Definition bppp.hpp:374
purify::puresign_plusplus::PreparedNonceWithProof::operator=
PreparedNonceWithProof & operator=(const PreparedNonceWithProof &)=delete
purify::puresign_plusplus::PreparedNonce
Move-only prepared nonce bound to either a message or a topic.
Definition bppp.hpp:284
purify::puresign_plusplus::PreparedNonce::sign_message
Result< Signature > sign_message(const Bip340Key &signer, std::span< const unsigned char > message, purify_secp_context *secp_context) &&
Consumes this message-bound nonce and signs the matching message.
Definition bppp.cpp:338
purify::puresign_plusplus::PreparedNonce::Scope
Scope
Definition bppp.hpp:286
purify::puresign_plusplus::PreparedNonce::Scope::Topic
@ Topic
purify::puresign_plusplus::PreparedNonce::Scope::Message
@ Message
purify::puresign_plusplus::PreparedNonce::public_nonce
const Nonce & public_nonce() const noexcept
Returns the public nonce corresponding to this prepared secret nonce scalar.
Definition bppp.hpp:302
purify::puresign_plusplus::PreparedNonce::~PreparedNonce
~PreparedNonce()
Definition bppp.cpp:330
purify::puresign_plusplus::PreparedNonce::operator=
PreparedNonce & operator=(const PreparedNonce &)=delete
purify::puresign_plusplus::PreparedNonce::PreparedNonce
PreparedNonce(const PreparedNonce &)=delete
purify::puresign_plusplus::PreparedNonce::sign_topic_message
Result< Signature > sign_topic_message(const Bip340Key &signer, std::span< const unsigned char > message, purify_secp_context *secp_context) &&
Consumes this topic-bound nonce and signs a message under that topic binding.
Definition bppp.cpp:368
purify::puresign_plusplus::PreparedNonce::scalar
Scalar32 scalar() const
Explicitly exports the secret nonce scalar.
Definition bppp.hpp:312
purify::puresign_plusplus::PreparedNonce::from_parts
static PreparedNonce from_parts(Scope scope, const Scalar32 &scalar, const Nonce &nonce, const XOnly32 &signer_pubkey, const XOnly32 &binding_digest)
Builds a prepared nonce from already-derived nonce components.
Definition bppp.cpp:306
purify::bppp::PointBytes
std::array< unsigned char, 33 > PointBytes
Compressed 33-byte curve-point encoding.
Definition bppp.hpp:32
purify::puresign_plusplus
Definition bppp.hpp:20
purify::puresign_plusplus::Signature64
std::array< unsigned char, 64 > Signature64
Definition bppp.hpp:24
purify::puresign_plusplus::Scalar32
std::array< unsigned char, 32 > Scalar32
Definition bppp.hpp:22
purify::puresign_plusplus::XOnly32
std::array< unsigned char, 32 > XOnly32
Definition bppp.hpp:23
purify::Bytes
std::vector< unsigned char > Bytes
Dynamically sized byte string used for messages, serialized witnesses, and proofs.
Definition common.hpp:99
scope
Scope scope
Definition bppp.cpp:118
nonce
Nonce nonce
Definition bppp.cpp:120
signer_pubkey
XOnly32 signer_pubkey
Definition bppp.cpp:121
binding_digest
XOnly32 binding_digest
Definition bppp.cpp:122
purify::Bip340Key
Canonical BIP340 keypair derived deterministically from a packed Purify secret.
Definition api.hpp:38
purify::bppp::ExperimentalCircuitZkNormArgProof
Experimental masked circuit proof that hides the reduced witness before the final BPPP argument.
Definition bppp.hpp:257
purify::puresign_plusplus::MessageProofCache
Cacheable message-bound nonce-proof template for the BPPP-backed PureSign++ proof(R) flow.
Definition bppp.hpp:218
purify::puresign_plusplus::MessageProofCache::backend_cache
bppp::ExperimentalCircuitCache backend_cache
Definition bppp.hpp:223
purify::puresign_plusplus::MessageProofCache::template_digest
Bytes template_digest
Definition bppp.hpp:222
purify::puresign_plusplus::MessageProofCache::message
Bytes message
Definition bppp.hpp:219
purify::puresign_plusplus::MessageProofCache::eval_input
Bytes eval_input
Definition bppp.hpp:220
purify::puresign_plusplus::MessageProofCache::circuit_template
NativeBulletproofCircuitTemplate circuit_template
Definition bppp.hpp:221
purify::puresign_plusplus::MessageProofCache::build
static Result< MessageProofCache > build(std::span< const unsigned char > message)
Builds a reusable verifier template for one exact message.
Definition bppp.cpp:271
purify::puresign_plusplus::NonceProof
Definition bppp.hpp:255
purify::puresign_plusplus::NonceProof::commitment_point
bppp::PointBytes commitment_point
Definition bppp.hpp:259
purify::puresign_plusplus::NonceProof::deserialize
static Result< NonceProof > deserialize(std::span< const unsigned char > serialized, purify_secp_context *secp_context)
Definition bppp.cpp:144
purify::puresign_plusplus::NonceProof::serialize
Result< Bytes > serialize(purify_secp_context *secp_context) const
Definition bppp.cpp:117
purify::puresign_plusplus::NonceProof::proof
bppp::ExperimentalCircuitZkNormArgProof proof
Definition bppp.hpp:260
purify::puresign_plusplus::NonceProof::kSerializationVersion
static constexpr unsigned char kSerializationVersion
Definition bppp.hpp:256
purify::puresign_plusplus::NonceProof::nonce
Nonce nonce
Definition bppp.hpp:258
purify::puresign_plusplus::Nonce
Public BIP340 nonce point in x-only form.
Definition bppp.hpp:182
purify::puresign_plusplus::Nonce::deserialize
static Result< Nonce > deserialize(std::span< const unsigned char > serialized, purify_secp_context *secp_context)
Parses a serialized x-only nonce.
Definition bppp.cpp:71
purify::puresign_plusplus::Nonce::xonly
XOnly32 xonly
Definition bppp.hpp:185
purify::puresign_plusplus::Nonce::serialize
Bytes serialize() const
Serializes this x-only nonce into its fixed-size wire format.
Definition bppp.cpp:67
purify::puresign_plusplus::Nonce::kSerializedSize
static constexpr std::size_t kSerializedSize
Definition bppp.hpp:183
purify::puresign_plusplus::ProvenSignature
Definition bppp.hpp:267
purify::puresign_plusplus::ProvenSignature::serialize
Result< Bytes > serialize(purify_secp_context *secp_context) const
Definition bppp.cpp:180
purify::puresign_plusplus::ProvenSignature::kSerializationVersion
static constexpr unsigned char kSerializationVersion
Definition bppp.hpp:268
purify::puresign_plusplus::ProvenSignature::deserialize
static Result< ProvenSignature > deserialize(std::span< const unsigned char > serialized, purify_secp_context *secp_context)
Definition bppp.cpp:200
purify::puresign_plusplus::ProvenSignature::signature
Signature signature
Definition bppp.hpp:270
purify::puresign_plusplus::ProvenSignature::nonce_proof
NonceProof nonce_proof
Definition bppp.hpp:271
purify::puresign_plusplus::PublicKey
Definition bppp.hpp:34
purify::puresign_plusplus::PublicKey::from_secret
static Result< PublicKey > from_secret(const SecretKey &secret, purify_secp_context *secp_context)
Derives both public identities from one packed Purify secret.
Definition bppp.cpp:733
purify::puresign_plusplus::PublicKey::verify_message_nonce_proof
Result< bool > verify_message_nonce_proof(std::span< const unsigned char > message, const NonceProof &nonce_proof, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Verifies a message-bound BPPP nonce proof against this public key.
Definition bppp.cpp:742
purify::puresign_plusplus::PublicKey::deserialize
static Result< PublicKey > deserialize(std::span< const unsigned char > serialized, purify_secp_context *secp_context)
Parses a serialized PureSign++ public-key bundle.
Definition bppp.cpp:49
purify::puresign_plusplus::PublicKey::bip340_pubkey
XOnly32 bip340_pubkey
Definition bppp.hpp:38
purify::puresign_plusplus::PublicKey::verify_topic_nonce_proof
Result< bool > verify_topic_nonce_proof(std::span< const unsigned char > topic, const NonceProof &nonce_proof, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Verifies a topic-bound BPPP nonce proof against this public key.
Definition bppp.cpp:755
purify::puresign_plusplus::PublicKey::verify_signature
Result< bool > verify_signature(std::span< const unsigned char > message, const Signature &signature, purify_secp_context *secp_context) const
Verifies a plain BIP340 signature against this bundle's x-only public key.
Definition bppp.cpp:737
purify::puresign_plusplus::PublicKey::serialize
Bytes serialize() const
Serializes this PureSign++ public-key bundle into its fixed-size wire format.
Definition bppp.cpp:40
purify::puresign_plusplus::PublicKey::verify_message_signature_with_proof
Result< bool > verify_message_signature_with_proof(std::span< const unsigned char > message, const ProvenSignature &signature, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Verifies a message signature bundled with its BPPP nonce proof.
Definition bppp.cpp:768
purify::puresign_plusplus::PublicKey::kSerializedSize
static constexpr std::size_t kSerializedSize
Definition bppp.hpp:35
purify::puresign_plusplus::PublicKey::verify_topic_signature_with_proof
Result< bool > verify_topic_signature_with_proof(std::span< const unsigned char > message, std::span< const unsigned char > topic, const ProvenSignature &signature, purify_secp_context *secp_context, bppp::ExperimentalCircuitBackend *circuit_cache=nullptr) const
Verifies a topic-bound signature bundled with its BPPP nonce proof.
Definition bppp.cpp:782
purify::puresign_plusplus::PublicKey::purify_pubkey
UInt512 purify_pubkey
Definition bppp.hpp:37
purify::puresign_plusplus::Signature
Standard 64-byte BIP340 signature.
Definition bppp.hpp:195
purify::puresign_plusplus::Signature::serialize
Bytes serialize() const
Serializes this signature into its fixed-size wire format.
Definition bppp.cpp:98
purify::puresign_plusplus::Signature::kSerializedSize
static constexpr std::size_t kSerializedSize
Definition bppp.hpp:196
purify::puresign_plusplus::Signature::bytes
Signature64 bytes
Definition bppp.hpp:198
purify::puresign_plusplus::Signature::s
Scalar32 s() const
Returns the 32-byte Schnorr s scalar encoded in the last 32 signature bytes.
Definition bppp.cpp:92
purify::puresign_plusplus::Signature::nonce
Nonce nonce() const
Returns the x-only public nonce encoded in the first 32 signature bytes.
Definition bppp.cpp:86
purify::puresign_plusplus::Signature::deserialize
static Result< Signature > deserialize(std::span< const unsigned char > serialized, purify_secp_context *secp_context)
Parses a serialized BIP340 signature.
Definition bppp.cpp:102
purify::puresign_plusplus::TopicProofCache
Cacheable topic-bound nonce-proof template for the BPPP-backed PureSign++ proof(R) flow.
Definition bppp.hpp:240
purify::puresign_plusplus::TopicProofCache::backend_cache
bppp::ExperimentalCircuitCache backend_cache
Definition bppp.hpp:245
purify::puresign_plusplus::TopicProofCache::template_digest
Bytes template_digest
Definition bppp.hpp:244
purify::puresign_plusplus::TopicProofCache::circuit_template
NativeBulletproofCircuitTemplate circuit_template
Definition bppp.hpp:243
purify::puresign_plusplus::TopicProofCache::topic
Bytes topic
Definition bppp.hpp:241
purify::puresign_plusplus::TopicProofCache::build
static Result< TopicProofCache > build(std::span< const unsigned char > topic)
Builds a reusable verifier template for one exact topic.
Definition bppp.cpp:285
purify::puresign_plusplus::TopicProofCache::eval_input
Bytes eval_input
Definition bppp.hpp:242
purify_secp_context
Definition bppp_bridge.c:36