Custom fork of rust-secp256k1 with unsafe modifications for higher speed. Unsuitable for production.
Go to file
Christian Reitter 23c6669229 Work on optimizations 2024-04-28 21:15:47 +02:00
.github/workflows Bump MSRV to 1.56.1 2024-03-28 08:40:48 +11:00
api Deprecate ThirtyTwoByteHash 2024-04-02 11:11:29 +11:00
contrib Merge rust-bitcoin/rust-secp256k1#692: CI: Revert cc pin in ASAN job 2024-03-27 18:44:33 +00:00
examples Use hashes instead of bitcoin_hashes 2023-08-15 14:54:55 +10:00
githooks Add cargo fmt to pre-commit githook 2022-11-22 08:59:09 +11:00
no_std_test Merge rust-bitcoin/rust-secp256k1#644: Improve `Message` constructors 2023-08-10 15:05:43 +00:00
secp256k1-sys Work on optimizations 2024-04-28 21:15:47 +02:00
src Deprecate ThirtyTwoByteHash 2024-04-02 11:11:29 +11:00
tests Rename KeyPair to Keypair 2023-08-19 08:35:47 +10:00
.gitignore Add several unsafe optimizations, special trade-off decisions 2024-04-27 13:04:08 +02:00 Bump version to 0.29.0 2024-04-03 07:55:21 +11:00
Cargo-minimal.lock Bump version to 0.29.0 2024-04-03 07:55:21 +11:00
Cargo-recent.lock Bump version to 0.29.0 2024-04-03 07:55:21 +11:00
Cargo.toml Add several unsafe optimizations, special trade-off decisions 2024-04-27 13:04:08 +02:00
LICENSE Remove the MIT/CC0 license in favor of just CC0 2015-03-25 18:36:30 -05:00 Document the unsafe and unsupported nature of this fork 2024-04-27 14:01:33 +02:00
clippy.toml Bump MSRV to 1.56.1 2024-03-28 08:40:48 +11:00
justfile Add script to update-lock-files 2024-03-27 11:17:12 +11:00
rustfmt.toml rustfmt: Use now config option fn_params_layout 2023-05-10 08:16:33 +10:00

Unsafe Fast Fork


This is an experimental fork with extreme changes that intentionally break important security mechanisms and functionality in favor of speed for certain security research workloads.

The forked library version is completely unsuitable for any type of production use and receives no support or maintenance of any kind. It is published primarily as a reference for other researchers. You have been warned.

The original documentation content and other references are kept as-is to limit the repository differences to upstream. However, be aware that none of the contact information, usage guidance or security guarantees still applies since this is a deliberately broken variant of the project.

Thanks and credits go to , on which many of the optimizations are based.

Rust Secp256k1

Crate Info CC0 1.0 Universal Licensed CI Status API Docs Rustc Version 1.56.1+

rust-secp256k1 is a wrapper around libsecp256k1, a C library implementing various cryptographic functions using the SECG curve secp256k1.

This library:

  • exposes type-safe Rust bindings for all libsecp256k1 functions
  • implements key generation
  • implements deterministic nonce generation via RFC6979
  • implements many unit tests, adding to those already present in libsecp256k1
  • makes no allocations (except in unit tests) for efficiency and use in freestanding implementations


Contributions to this library are welcome. A few guidelines:

  • Any breaking changes must have an accompanied entry in
  • No new dependencies, please.
  • No crypto should be implemented in Rust, with the possible exception of hash functions. Cryptographic contributions should be directed upstream to libsecp256k1.
  • This library should always compile with any combination of features on Rust 1.56.1.


To assist devs in catching errors before running CI we provide some githooks. If you do not already have locally configured githooks you can use the ones in this repository by running, in the root directory of the repository:

git config --local core.hooksPath githooks/

Alternatively add symlinks in your .git/hooks directory to any of the githooks we provide.


We use a custom Rust compiler configuration conditional to guard the bench mark code. To run the bench marks use: RUSTFLAGS='--cfg=bench' cargo +nightly bench --features=recovery.

A note on non_secure_erase

This crate's secret types (SecretKey, Keypair, SharedSecret, Scalar, and DisplaySecret) have a method called non_secure_erase that attempts to overwrite the contained secret. This method is provided to assist other libraries in building secure secret erasure. However, this library makes no guarantees about the security of using non_secure_erase. In particular, the compiler doesn't have any concept of secrets and in most cases can arbitrarily move or copy values anywhere it pleases. For more information, consult the zeroize documentation.


If you want to fuzz this library, or any library which depends on it, you will probably want to disable the actual cryptography, since fuzzers are unable to forge signatures and therefore won't test many interesting codepaths. To instead use a trivially-broken but fuzzer-accessible signature scheme, compile with --cfg=secp256k1_fuzz in your RUSTFLAGS variable.

Note that cargo hfuzz does not set this config flag automatically. In 0.27.0 and earlier versions, we used the --cfg=fuzzing which honggfuzz does set, but we changed this because there was no way to override it.