Skip to content

bytemare/hash2curve

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

172 Commits
.github
.github
 
 
docs
docs
 
 
edwards25519
edwards25519
 
 
internal
internal
 
 
nist
nist
 
 
ristretto255
ristretto255
 
 
secp256k1
secp256k1
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
doc.go
doc.go
 
 
expand.go
expand.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
h2f.go
h2f.go
 
 

Repository files navigation

Hash To Curve

hash2curve Go Reference codecov OpenSSF Scorecard

  import "github.com/bytemare/hash2curve"

Package hash2curve implements Hashing to Elliptic Curves as specified in RFC 9380. It exposed a minimal API so you don't have to worry about the parameters.

The following table shows supported groups with hash-to-curve capability and links each one to the underlying implementations:

Curve Backend
Ristretto255 github.com/gtank/ristretto255
P-256 filippo.io/nistec
P-384 filippo.io/nistec
P-521 filippo.io/nistec
Edwards25519 filippo.io/edwards25519
Secp256k1 github.com/bytemare/secp256k1

What is hash2curve?

Hashing to Elliptic Curves allows for encoding or hashing an arbitrary string to a point on an elliptic curve (or element in a group), therefore benefiting from interesting mathematical properties very useful in cryptographic protocols, like CPace, VOPRF, and OPAQUE.

Documentation Go Reference

You can find the documentation and usage examples in the package doc.

Versioning

SemVer is used for versioning. For the versions available, see the tags on the repository.

Release Integrity (SLSA Level 3)

Releases are built with the reusable bytemare/slsa workflow and ship the evidence required for SLSA Level 3 compliance:

  • 📦 Artifacts are uploaded to the release page, and include the deterministic source archive plus subjects.sha256, signed SBOM (sbom.cdx.json), GitHub provenance (*.intoto.jsonl), a reproducibility report (verification.json), and a signed Verification Summary Attestation (verification-summary.attestation.json[.bundle]).
  • ✍️ All artifacts are signed using Sigstore with transparency via Rekor.
  • ✅ Verification (or see the latest docs at bytemare/slsa):
curl -sSL https://raw.githubusercontent.com/bytemare/slsa/main/verify-release.sh -o verify-release.sh
chmod +x verify-release.sh
./verify-release.sh --repo <owner>/<repo> --tag <tag> --mode full --signer-repo bytemare/slsa

Run again with --mode reproduce to build in a container, or --mode vsa to validate just the verification summary.

Contributing

Please read CONTRIBUTING.md for details on the code of conduct, and the process for submitting pull requests.

License

This project is licensed under the MIT License - see the LICENSE file for details.

About

Go implementation of RFC 9380 - Hashing to Elliptic Curves

Topics

go golang cryptography ecc hash elliptic-curves secp256k1 hash-to-curve rfc9380

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

2 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 13

v0.5.4 Latest
May 1, 2025
+ 12 releases

Packages

 
 
 

Contributors

Languages