Sigma Library

A digital signature scheme for signing Bitcoin transaction data.

A Go version of this library is available at github.com/bitcoinschema/go-sigma

Library Usage

To use the Sigma Protocol library, follow the instructions below:

  1. Install the library and peer dependency using npm / yarn / bun:

bun add sigma-protocol @bsv/sdk
  1. You can use the verify method to check a signature:

import { Sigma } from "sigma-protocol";
  1. Use the sign function to sign your data:

const outputScriptAsm = `OP_0 OP_RETURN ${Buffer.from(
  "pushdata1",
  "utf-8"
).toString("hex")} ${Buffer.from("pushdata2", "utf-8").toString("hex")}`;

const script = Script.from_asm_string(outputScriptAsm);

const tx = new Transaction(1, 0);
const txOut = new TxOut(BigInt(0), script);
tx.add_output(txOut);

const sigma = new Sigma(tx);

const { signedTx } = sigma.sign(privateKey);
  1. Use the verify method to verify the signature:

const sigma = new Sigma(tx);

const isValid = sigma.verify()

console.log("Signature is valid:", isValid);

You can select a transaction output, and sigma instance to target. If you do not specify a target, the first output and first sigma instance will be assumed.

Here we target output index 1:

const sigma = new Sigma(tx, 1);

Here we target output index 1, sigma instance 2:

// this means there are 2 signatures on a single output
// this is typical when a user signs, and then a 
// platform signs covering the user signature
const sigma = new Sigma(tx, 1);

Once an instance is targeted, you can use verify like normal:

  const isValid = sigma.verify()
  console.log("Signature is valid:", isValid);

If you sign a tx and the sign it a again the signature will be replaced. However, you can add additional signatures by incrementing the sigma instance number before signing.

  const sigma = new Sigma(tx, 1, 2);
  sigma.sign(privateKey);

Remote Signatures

This library supports using a remove key server such as starfish or tokenpass. use the sigmaInstance.remoteSign(keyHost) method to sign the message buffer using a remove key service instead of passing in a private key. This will take a second parameter, authTokenHeader object which will be forwarded as a header to the key server. This is useful if you need a signing server in the cloud.

  const sigma = new Sigma(tx, 1, 2);
  sigma.remoteSign("http://localhost:21000", "authToken");

Building the Library:

To build the Sigma Protocol library yourself, follow these steps:

  1. Clone the repository:

git clone https://github.com/BitcoinSchema/sigma.git
  1. Navigate to the project directory and install dependencies:

cd sigma
yarn
  1. Build the library:

yarn build

The compiled JavaScript files will be output to the ./dist directory.

Last updated