Skip to content

BlockstreamResearch/secp256k1-zkp

Repository files navigation

libsecp256k1-zkp

Dependencies: None

A fork of libsecp256k1 with support for advanced and experimental features

Added features:

  • Experimental module for ECDSA adaptor signatures.
  • Experimental module for ECDSA sign-to-contract.
  • Experimental modules for Confidential Assets (Pedersen commitments, range proofs, and surjection proofs).
  • Experimental module for address whitelisting.
  • Experimental module for Schnorr signature half-aggregation.

Experimental features are made available for testing and review by the community. The APIs of these features should not be considered stable.

Build steps

Obtaining and verifying

The git tag for each release (e.g. v0.6.0) is GPG-signed by one of the maintainers. For a fully verified build of this project, it is recommended to obtain this repository via git, obtain the GPG keys of the signing maintainer(s), and then verify the release tag's signature using git.

This can be done with the following steps:

  1. Obtain the GPG keys listed in SECURITY.md.
  2. If possible, cross-reference these key IDs with another source controlled by its owner (e.g. social media, personal website). This is to mitigate the unlikely case that incorrect content is being presented by this repository.
  3. Clone the repository:
    git clone https://github.com/bitcoin-core/secp256k1
    
  4. Check out the latest release tag, e.g.
    git checkout v0.7.1
    
  5. Use git to verify the GPG signature:
    % git tag -v v0.7.1 | grep -C 3 'Good signature'
    
    gpg: Signature made Mon 26 Jan 2026 07:42:46 PM UTC
    gpg:                using RSA key 2840EAABF4BC9F0FFD716AFAFBAFCC46DE2D3FE2
    gpg: Good signature from "Pieter Wuille <pieter@wuille.net>" [unknown]
    gpg:                 aka "Pieter Wuille <pieter.wuille@gmail.com>" [full]
    gpg:                 aka "[jpeg image of size 5996]" [undefined]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: 133E AC17 9436 F14A 5CF1  B794 860F EB80 4E66 9320
         Subkey fingerprint: 2840 EAAB F4BC 9F0F FD71  6AFA FBAF CC46 DE2D 3FE2
    

Building with Autotools

$ ./autogen.sh       # Generate a ./configure script
$ ./configure        # Generate a build system
$ make               # Run the actual build process
$ make check         # Run the test suite
$ sudo make install  # Install the library into the system (optional)

To compile optional modules (such as Schnorr signatures), you need to run ./configure with additional flags (such as --enable-module-schnorrsig). Run ./configure --help to see the full list of available flags. For experimental modules, you will also need --enable-experimental as well as a flag for each individual module, e.g. --enable-module-rangeproof.

Building with CMake

To maintain a pristine source tree, CMake encourages to perform an out-of-source build by using a separate dedicated build tree.

Building on POSIX systems

$ cmake -B build              # Generate a build system in subdirectory "build"
$ cmake --build build         # Run the actual build process
$ ctest --test-dir build      # Run the test suite
$ sudo cmake --install build  # Install the library into the system (optional)

To compile optional modules (such as Schnorr signatures), you need to run cmake with additional flags (such as -DSECP256K1_ENABLE_MODULE_SCHNORRSIG=ON). Run cmake -B build -LH or ccmake -B build to see the full list of available flags.

Cross compiling

To alleviate issues with cross compiling, preconfigured toolchain files are available in the cmake directory. For example, to cross compile for Windows:

$ cmake -B build -DCMAKE_TOOLCHAIN_FILE=cmake/x86_64-w64-mingw32.toolchain.cmake

To cross compile for Android with NDK (using NDK's toolchain file, and assuming the ANDROID_NDK_ROOT environment variable has been set):

$ cmake -B build -DCMAKE_TOOLCHAIN_FILE="${ANDROID_NDK_ROOT}/build/cmake/android.toolchain.cmake" -DANDROID_ABI=arm64-v8a -DANDROID_PLATFORM=28

Building on Windows

The following example assumes Visual Studio 2022. Using clang-cl is recommended.

In "Developer Command Prompt for VS 2022":

>cmake -B build -T ClangCL
>cmake --build build --config RelWithDebInfo

Usage examples

Usage examples can be found in the examples directory. To compile them you need to configure with --enable-examples.

To compile the examples, make sure the corresponding modules are enabled.

Benchmark

If configured with --enable-benchmark (which is the default), binaries for benchmarking the libsecp256k1-zkp functions will be present in the root directory after the build.

To print the benchmark result to the command line:

$ ./bench_name

To create a CSV file for the benchmark result :

$ ./bench_name | sed '2d;s/ \{1,\}//g' > bench_name.csv

Reporting a vulnerability

See SECURITY.md

Contributing to libsecp256k1

See CONTRIBUTING.md

About

A fork of libsecp256k1 with support for advanced and experimental features such as Confidential Assets and MuSig2

Topics

Resources

License

Contributing

Security policy

Stars

436 stars

Watchers

47 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors