Skip to content

Class Secp256k1::Point

Inherits: Object

An elliptic curve point on secp256k1.

Stores affine coordinates (x, y) or represents the point at infinity. Scalar multiplication uses Jacobian coordinates internally with windowed-NAF for performance.

Attributes

x [R]

  • @return [Integer, nil] x-coordinate (nil for infinity)

y [R]

  • @return [Integer, nil] y-coordinate (nil for infinity)

Public Class Methods

from_bytes(bytes)

Deserialise a point from compressed (33 bytes) or uncompressed (65 bytes) SEC1 encoding. - @param bytes [String] binary string - @raise [ArgumentError] if the encoding is invalid or the point is not on the curve - @return [Point]

generator()

The generator point G. - @return [Point]

infinity()

The point at infinity (additive identity). - @return [Point]

Public Instance Methods

==(other)

Equality comparison. - @param other [Point] - @return [Boolean]

add(other)

Point addition: self + other. - @param other [Point] - @return [Point]

hash()

Not documented.

infinity?()

Whether this is the point at infinity. - @return [Boolean]

initialize(x, y)

  • @param x [Integer, nil] x-coordinate (nil for infinity)
  • @param y [Integer, nil] y-coordinate (nil for infinity)
  • @return [Point] a new instance of Point

mul(scalar)

Scalar multiplication: self * scalar (constant-time, Montgomery ladder).

Processes all 256 bits unconditionally so execution time does not depend on the scalar value. Safe for both secret and public scalars. This is the default because the safe path should be the easy path.

For performance-critical public-scalar paths (e.g. batch verification) where constant-time is unnecessary, use {#mul_vt}.

Raises {InsecureOperationError} if the native C extension is not loaded, unless explicitly allowed via {Secp256k1.allow_pure_ruby_ct!} or the SECP256K1_ALLOW_PURE_RUBY_CT environment variable. - @param scalar [Integer] the scalar multiplier - @return [Point] the resulting point

mul_vt(scalar)

Variable-time scalar multiplication: self * scalar (wNAF).

Faster than {#mul} but leaks timing information about the scalar. Use only when the scalar is public (e.g. signature verification, computing known generator multiples). Never use with secret scalars. - @param scalar [Integer] the public scalar multiplier - @return [Point] the resulting point

negate()

Point negation: -self. - @return [Point]

on_curve?()

Whether this point lies on the secp256k1 curve (y² = x³ + 7). - @return [Boolean]

to_octet_string(format = :compressed)

Serialise the point in SEC1 format. - @param format [:compressed, :uncompressed] - @raise [RuntimeError] if the point is at infinity - @return [String] binary string (33 or 65 bytes)