• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
        • Crypto-hdwallet
        • Apt
        • Error-checking
        • Fty-extensions
        • Isar
        • Kestrel-utilities
        • Set
        • Soft
        • C
        • Bv
        • Imp-language
        • Event-macros
        • Java
        • Bitcoin
        • Ethereum
        • Yul
        • Zcash
        • ACL2-programming-language
        • Prime-fields
        • Json
        • Syntheto
        • File-io-light
        • Cryptography
          • R1cs
          • Interfaces
          • Sha-2
          • Keccak
          • Kdf
          • Mimc
          • Padding
          • Hmac
          • Elliptic-curves
            • Secp256k1-attachment
            • Twisted-edwards
            • Montgomery
            • Short-weierstrass-curves
            • Birational-montgomery-twisted-edwards
            • Has-square-root?-satisfies-pfield-squarep
            • Secp256k1
              • Secp256k1*
              • Secp256k1-negate
              • Secp256k1-sqrt
              • Secp256k1+
              • Secp256k1-has-square-root?
              • Secp256k1-point-type-conversions
              • Secp256k1-generator
            • Secp256k1-domain-parameters
            • Secp256k1-types
            • Pfield-squarep
            • Secp256k1-interface
            • Prime-field-extra-rules
            • Points
          • Attachments
          • Elliptic-curve-digital-signature-algorithm
        • Number-theory
        • Lists-light
        • Axe
        • Builtins
        • Solidity
        • Helpers
        • Htclient
        • Typed-lists-light
        • Arithmetic-light
      • X86isa
      • Axe
      • Execloader
    • Math
    • Testing-utilities
  • Elliptic-curves

Secp256k1

A library for the Short Weierstrass elliptic curve secp256k1.

This library contains executable formal specifications of elliptic curve operations on secp256k1, defined here, which is a short Weierstrass elliptic curve with a=0 and b=7:

y^2=x^3+7

secp256k1 is used for Bitcoin and Ethereum.

For more information on secp256k1, see secp256k1-domain-parameters.

See also the source code for more extensive discussion, references, and proved theorems.

Subtopics

Secp256k1*
Multiply an elliptic curve point by a scalar.
Secp256k1-negate
Negate an elliptic curve point.
Secp256k1-sqrt
Compute the modular square root of a in the field p.
Secp256k1+
Add two elliptic curve points.
Secp256k1-has-square-root?
Test if a has a square root in secp256k1's prime field p.
Secp256k1-point-type-conversions
Conversions between secp256k1-point and pointp.
Secp256k1-generator
The generator point G.