libsecp256k1

Todays newsletter begins chapter 4 from Bitcoin: A Work in Progress.

The chapters title matches your 20% discount code for the Advancing Bitcoin conference in London: libsecp256k1

If you like, you buy can buy the full chapter as a printer friendly PDF.

Tomorrow is the second edition of the BitDevs Amsterdam Socratic Seminar. If you find this content interesting, you should enjoy this meetup. RSVP here if you’re in the neighbourhood.

libsecp256k1 and software libraries

libsecp256k1 is a library that some people might have heard about in passing, but many don’t really understand it in depth, nor do they grasp its importance. This chapter will discuss what it is and why it matters for Bitcoin. But before tackling that, an overview of libraries in general would be helpful.

A library is a reusable piece of software. According to Techopedia “A software library is a suite of data and programming code that is used to develop software programs and applications.” An example of this in the cryptography world is OpenSSL: It’s a piece of software that lets you perform a variety of cryptographic operations — from creating random numbers, to signing stuff with every curve under the sun. A library isn’t an actual program itself, in that it doesn’t do anything independently. However, other programs can use a library like OpenSSL — or a subset of it — to accomplish desired actions without having to write all the code themselves.

In the case of OpenSSL, users download Bitcoin Core, which is the most popular software used to connect to the Bitcoin network. Its binary file contains Bitcoin Core-specific items, along with a lot of relevant libraries. One of those libraries is OpenSSL. Or rather, was, as we’ll explain later.

From the beginning, OpenSSL was in Bitcoin for everything cryptography related, such as signing transactions and generating secure random private keys. Satoshi had to pick one of the cryptographic curves offered by the library. For various reasons about which we can only speculate (see the “Choosing The Right Elliptic Curve” section in this article by (pre-Ethereum) Vitalik Buterin) he picked the secp256k1 curve. As a result, he didn’t have to write the necessary cryptographic functionality himself — which you never want to do yourself, because it’s dangerous. Additionally, Satoshi didn’t pick the superior Schnorr signature scheme, a topic that will be covered in chapter 11, because OpenSSL didn’t support it and there was no other library for it either.

With every Bitcoin Core release, the necessary library is included in the file you can download. Not all software includes all its libraries. The alternative is to make use of libraries that are already present on your computer, which makes the download smaller, as the library doesn’t have to be redownloaded. However, this can create problems.

The most obvious problem of not including all libraries in the download is that the user may not have one or more of the required libraries. They’d then have to be instructed to download them, which is a bad user experience. As an aside, this is actually a common experience in the life of software developers, who spend much of their time chasing down libraries and other dependencies for the professional tools they try to install. The experience is often recursive, where each library in turn depends on yet another library.

Another concern is that libraries can and do change. The library on your system may be too old or too new. Critical things may have changed that cause the library to no longer be compatible with the program that relies on it. The last thing you want when dealing with cryptographic stuff is to be surprised about what’s on your computer.

Including libraries in the download means you always have the right version. This is why your computer probably contains many copies and versions of the same libraries.