Remove context from verification functions

Done for both `schnorr` and `ecdsa`.

Author: tcharding

examples/musig.rs

@@ -96,5 +96,5 @@ fn main() {
 
     let aggregated_signature = session.partial_sig_agg(partial_sigs_ref);
 
-    assert!(aggregated_signature.verify(&secp, &agg_pk, msg).is_ok());
+    assert!(aggregated_signature.verify(&agg_pk, msg).is_ok());
 }

examples/sign_verify.rs

@@ -15,19 +15,14 @@
 
 extern crate secp256k1;
 
-use secp256k1::{ecdsa, Error, Message, PublicKey, Secp256k1, SecretKey, Signing, Verification};
+use secp256k1::{ecdsa, Error, Message, PublicKey, Secp256k1, SecretKey, Signing};
 
-fn verify<C: Verification>(
-    secp: &Secp256k1<C>,
-    msg_digest: [u8; 32],
-    sig: [u8; 64],
-    pubkey: [u8; 33],
-) -> Result<bool, Error> {
+fn verify(sig: [u8; 64], msg_digest: [u8; 32], pubkey: [u8; 33]) -> Result<bool, Error> {
     let msg = Message::from_digest(msg_digest);
     let sig = ecdsa::Signature::from_compact(&sig)?;
     let pubkey = PublicKey::from_slice(&pubkey)?;
 
-    Ok(secp.verify_ecdsa(&sig, msg, &pubkey).is_ok())
+    Ok(ecdsa::verify(&sig, msg, &pubkey).is_ok())
 }
 
 fn sign<C: Signing>(
@@ -57,5 +52,5 @@ fn main() {
 
     let serialize_sig = signature.serialize_compact();
 
-    assert!(verify(&secp, msg_digest, serialize_sig, pubkey).unwrap());
+    assert!(verify(serialize_sig, msg_digest, pubkey).unwrap());
 }

no_std_test/src/main.rs

@@ -83,10 +83,10 @@ fn start(_argc: isize, _argv: *const *const u8) -> isize {
     let message = Message::from_digest_slice(&[0xab; 32]).expect("32 bytes");
 
     let sig = secp.sign_ecdsa(message, &secret_key);
-    assert!(secp.verify_ecdsa(&sig, message, &public_key).is_ok());
+    assert!(ecdsa::verify(&sig, message, &public_key).is_ok());
 
     let rec_sig = ecdsa::RecoverableSignature::sign_ecdsa_recoverable(message, &secret_key);
-    assert!(secp.verify_ecdsa(&rec_sig.to_standard(), message, &public_key).is_ok());
+    assert!(ecdsa::verify(&rec_sig.to_standard(), message, &public_key).is_ok());
     assert_eq!(public_key, rec_sig.recover_ecdsa(message).unwrap());
     let (rec_id, data) = rec_sig.serialize_compact();
     let new_rec_sig = ecdsa::RecoverableSignature::from_compact(&data, rec_id).unwrap();
@@ -110,7 +110,7 @@ fn start(_argc: isize, _argv: *const *const u8) -> isize {
         let message = Message::from_digest_slice(&[0xab; 32]).expect("32 bytes");
 
         let sig = secp_alloc.sign_ecdsa(message, &secret_key);
-        assert!(secp_alloc.verify_ecdsa(&sig, message, &public_key).is_ok());
+        assert!(ecdsa::verify(&sig, message, &public_key).is_ok());
         unsafe { libc::printf("Verified alloc Successfully!\n\0".as_ptr() as _) };
     }
 

src/ecdsa/mod.rs

@@ -13,11 +13,7 @@ use core::{fmt, ptr, str};
 pub use self::recovery::{RecoverableSignature, RecoveryId};
 pub use self::serialized_signature::SerializedSignature;
 use crate::ffi::CPtr;
-#[cfg(feature = "global-context")]
-use crate::SECP256K1;
-use crate::{
-    ffi, from_hex, Error, Message, PublicKey, Secp256k1, SecretKey, Signing, Verification,
-};
+use crate::{ecdsa, ffi, from_hex, Error, Message, PublicKey, Secp256k1, SecretKey, Signing};
 
 /// An ECDSA signature
 #[derive(Copy, Clone, PartialOrd, Ord, PartialEq, Eq, Hash)]
@@ -190,12 +186,12 @@ impl Signature {
         ret
     }
 
-    /// Verifies an ECDSA signature for `msg` using `pk` and the global [`SECP256K1`] context.
+    /// Verifies an ECDSA signature for `msg` using `pk`.
+    ///
     /// The signature must be normalized or verification will fail (see [`Signature::normalize_s`]).
     #[inline]
-    #[cfg(feature = "global-context")]
     pub fn verify(&self, msg: impl Into<Message>, pk: &PublicKey) -> Result<(), Error> {
-        SECP256K1.verify_ecdsa(self, msg, pk)
+        ecdsa::verify(self, msg, pk)
     }
 }
 
@@ -359,48 +355,48 @@ impl<C: Signing> Secp256k1<C> {
     }
 }
 
-impl<C: Verification> Secp256k1<C> {
-    /// Checks that `sig` is a valid ECDSA signature for `msg` using the public
-    /// key `pubkey`. Returns `Ok(())` on success. Note that this function cannot
-    /// be used for Bitcoin consensus checking since there may exist signatures
-    /// which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a
-    /// verify-capable context.
-    ///
-    /// ```rust
-    /// # #[cfg(all(feature = "rand", feature = "std"))] {
-    /// # use secp256k1::{rand, Secp256k1, Message, Error};
-    /// #
-    /// # let secp = Secp256k1::new();
-    /// # let (secret_key, public_key) = secp256k1::generate_keypair(&mut rand::rng());
-    /// #
-    /// let message = Message::from_digest_slice(&[0xab; 32]).expect("32 bytes");
-    /// let sig = secp.sign_ecdsa(message, &secret_key);
-    /// assert_eq!(secp.verify_ecdsa(&sig, message, &public_key), Ok(()));
-    ///
-    /// let message = Message::from_digest_slice(&[0xcd; 32]).expect("32 bytes");
-    /// assert_eq!(secp.verify_ecdsa(&sig, message, &public_key), Err(Error::IncorrectSignature));
-    /// # }
-    /// ```
-    #[inline]
-    pub fn verify_ecdsa(
-        &self,
-        sig: &Signature,
-        msg: impl Into<Message>,
-        pk: &PublicKey,
-    ) -> Result<(), Error> {
-        let msg = msg.into();
-        unsafe {
-            if ffi::secp256k1_ecdsa_verify(
-                self.ctx.as_ptr(),
-                sig.as_c_ptr(),
-                msg.as_c_ptr(),
-                pk.as_c_ptr(),
-            ) == 0
-            {
-                Err(Error::IncorrectSignature)
-            } else {
-                Ok(())
-            }
+/// Checks that `sig` is a valid ECDSA signature for `msg` using the public
+/// key `pubkey`. Returns `Ok(())` on success. Note that this function cannot
+/// be used for Bitcoin consensus checking since there may exist signatures
+/// which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a
+/// verify-capable context.
+///
+/// ```rust
+/// # #[cfg(all(feature = "rand", feature = "std"))] {
+/// # use secp256k1::{rand, ecdsa, Secp256k1, Message, Error};
+/// #
+/// # let secp = Secp256k1::new();
+/// # let (secret_key, public_key) = secp256k1::generate_keypair(&mut rand::rng());
+/// #
+/// let message = Message::from_digest_slice(&[0xab; 32]).expect("32 bytes");
+/// let sig = secp.sign_ecdsa(message, &secret_key);
+/// assert_eq!(ecdsa::verify(&sig, message, &public_key), Ok(()));
+///
+/// let message = Message::from_digest_slice(&[0xcd; 32]).expect("32 bytes");
+/// assert_eq!(ecdsa::verify(&sig, message, &public_key), Err(Error::IncorrectSignature));
+/// # }
+/// ```
+#[inline]
+pub fn verify(sig: &Signature, msg: impl Into<Message>, pk: &PublicKey) -> Result<(), Error> {
+    let msg = msg.into();
+    // We have no seed here but we want rerandomiziation to happen for `rand` users.
+    let seed = [0_u8; 32];
+    unsafe {
+        let res = crate::with_global_context(
+            |secp: &Secp256k1<crate::AllPreallocated>| {
+                ffi::secp256k1_ecdsa_verify(
+                    secp.ctx.as_ptr(),
+                    sig.as_c_ptr(),
+                    msg.as_c_ptr(),
+                    pk.as_c_ptr(),
+                )
+            },
+            Some(&seed),
+        );
+        if res == 0 {
+            Err(Error::IncorrectSignature)
+        } else {
+            Ok(())
         }
     }
 }

src/ecdsa/recovery.rs

@@ -250,7 +250,7 @@ mod tests {
 
     use super::*;
     use crate::constants::ONE;
-    use crate::{Error, Message, Secp256k1, SecretKey};
+    use crate::{ecdsa, Error, Message, Secp256k1, SecretKey};
 
     #[test]
     fn capabilities() {
@@ -313,16 +313,14 @@ mod tests {
     #[test]
     #[cfg(feature = "std")]
     fn sign_and_verify_fail() {
-        let s = Secp256k1::new();
-
         let msg = Message::from_digest(crate::test_random_32_bytes());
         let (sk, pk) = crate::test_random_keypair();
 
         let sigr = RecoverableSignature::sign_ecdsa_recoverable(msg, &sk);
         let sig = sigr.to_standard();
 
         let msg = Message::from_digest(crate::test_random_32_bytes());
-        assert_eq!(s.verify_ecdsa(&sig, msg, &pk), Err(Error::IncorrectSignature));
+        assert_eq!(ecdsa::verify(&sig, msg, &pk), Err(Error::IncorrectSignature));
 
         let recovered_key = sigr.recover_ecdsa(msg).unwrap();
         assert!(recovered_key != pk);

src/key/mod.rs

@@ -416,13 +416,8 @@ impl PublicKey {
     }
 
     /// Checks that `sig` is a valid ECDSA signature for `msg` using this public key.
-    pub fn verify<C: Verification>(
-        &self,
-        secp: &Secp256k1<C>,
-        msg: impl Into<Message>,
-        sig: &ecdsa::Signature,
-    ) -> Result<(), Error> {
-        secp.verify_ecdsa(sig, msg, self)
+    pub fn verify(&self, msg: impl Into<Message>, sig: &ecdsa::Signature) -> Result<(), Error> {
+        ecdsa::verify(sig, msg, self)
     }
 }
 
@@ -1110,11 +1105,10 @@ impl XOnlyPublicKey {
     /// Checks that `sig` is a valid schnorr signature for `msg` using this public key.
     pub fn verify<C: Verification>(
         &self,
-        secp: &Secp256k1<C>,
         msg: &[u8],
         sig: &schnorr::Signature,
     ) -> Result<(), Error> {
-        secp.verify_schnorr(sig, msg, self)
+        schnorr::verify(sig, msg, self)
     }
 }