This collection of libraries provides simple and safe ways to use different cryptographic primitives.



Elliptic Curve Digital Signature Algorithm (ECDSA) operations.

These functions can be used to verify that a message was signed by the holder of the private keys of a given address.

recover(bytes32 hash, bytes signature) → address internal

Returns the address that signed a hashed message (hash) with signature. This address can then be used for verification purposes.

The ecrecover EVM opcode allows for malleable (non-unique) signatures: this function rejects them by requiring the s value to be in the lower half order, and the v value to be either 27 or 28.

hash must be the result of a hash operation for the verification to be secure: it is possible to craft signatures that recover to arbitrary addresses for non-hashed data. A safe way to ensure this is by receiving a hash of the original message (which may otherwise be too long), and then calling toEthSignedMessageHash on it.

toEthSignedMessageHash(bytes32 hash) → bytes32 internal

Returns an Ethereum Signed Message, created from a hash. This replicates the behavior of the eth_sign JSON-RPC method.

See recover. /


These functions deal with verification of Merkle trees (hash trees),

verify(bytes32[] proof, bytes32 root, bytes32 leaf) → bool internal

Returns true if a leaf can be proved to be a part of a Merkle tree defined by root. For this, a proof must be provided, containing sibling hashes on the branch from the leaf to the root of the tree. Each pair of leaves and each pair of pre-images are assumed to be sorted.