Skip to main content
Recovers the public key from an ECDSA signature and message hash. Given a valid ECDSA signature, the original message hash, and the y-coordinate parity of point R, this function recovers the signer’s public key. This is useful in scenarios where you need to verify a message has been signed by a specific public key.

Signature

pub fn recover_public_key(
    message_hash: felt252, signature_r: felt252, signature_s: felt252, y_parity: bool,
) -> Option

Arguments

  • message_hash - The hash of the signed message
  • signature_r - The r component of the ECDSA signature (x-coordinate of point R)
  • signature_s - The s component of the ECDSA signature
  • y_parity - The parity of the y-coordinate of point R (true for odd, false for even)

Returns

Returns Some(public_key) containing the x-coordinate of the recovered public key point if the signature is valid, None otherwise.

Examples

use core::ecdsa::recover_public_key;

let message_hash = 0x503f4bea29baee10b22a7f10bdc82dda071c977c1f25b8f3973d34e6b03b2c;
let signature_r = 0xbe96d72eb4f94078192c2e84d5230cde2a70f4b45c8797e2c907acff5060bb;
let signature_s = 0x677ae6bba6daf00d2631fab14c8acf24be6579f9d9e98f67aa7f2770e57a1f5;
assert!(
    recover_public_key(:message_hash, :signature_r, :signature_s, y_parity: false)
        .unwrap() == 0x7b7454acbe7845da996377f85eb0892044d75ae95d04d3325a391951f35d2ec,
)