1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
# secp256k1 from Scratch — Learning Plan
Building ECDSA on secp256k1 in Go, from first principles.
**Goal:** Understand the math deeply, not just copy formulas. End with a working (non-production) implementation.
---
## Progress
### Part 1: Foundations
- [x] **Modular arithmetic** — clock math, remainders, finite sets
- [x] **Modular division/inverses** — finding multiplicative inverses
- [x] **What is an elliptic curve** — y² = x³ + 7, points as (x, y) pairs
### Part 2: Curve Operations
- [ ] **Point addition** — adding two points geometrically and algebraically
- [ ] **Point doubling** — special case when adding a point to itself
- [ ] **The point at infinity** — identity element (like zero for addition)
- [ ] **Scalar multiplication** — multiplying a point by an integer (repeated addition)
### Part 3: Key Pairs
- [ ] **Generator point G** — the "starting point" everyone uses
- [ ] **Private key** — just a random big number
- [ ] **Public key** — private key × G (scalar multiplication)
- [ ] **Why it's hard to reverse** — the discrete log problem
### Part 4: ECDSA Signing
- [ ] **What a signature proves** — "I know the private key for this public key"
- [ ] **The signing algorithm** — k, r, s explained
- [ ] **Why random k matters** — reuse = leaked private key
### Part 5: ECDSA Verification
- [ ] **The verification equation** — checking without knowing the private key
- [ ] **Putting it together** — sign and verify a message
### Part 6: Implementation
- [ ] **Field element type** — big.Int wrapper with mod p
- [ ] **Point type** — x, y coordinates + infinity
- [ ] **Point addition/doubling** — the core math
- [ ] **Scalar multiplication** — double-and-add algorithm
- [ ] **ECDSA sign/verify** — the full flow
- [ ] **Test against known vectors** — verify correctness
---
## Code Location
`/home/ai/vault/projects/secp256k1-learn/`
We'll build incrementally:
- `field.go` — modular arithmetic
- `point.go` — curve points and operations
- `ecdsa.go` — signing and verification
- `main.go` — demo/test harness
---
## Resources
- secp256k1 parameters: p, n, G coordinates
- Test vectors from Bitcoin/Nostr for verification
- No external crypto libraries (that's the point)
---
## Notes
*Add observations, "aha" moments, or questions here as we go.*
|
