# Points (Elliptic Curves)

Source code: point.js

Note that points are handled automatically by Money Button behind the scenes and it is not necessary to deal with points directly unless you are building an advanced application.

## Summary of Elliptic Curves

A critical feature of the Bitcoin protocol is ECDSA, or elliptic curve digital signature algorithm. ECDSA is based on elliptic curves, which are groups over a finite field. This group consists of points. Points can be added together (the group operation) and multiplied by big numbers (applying the group operation a large number of times). They use modulus arithmetic and wrap around. The group is cyclic and generated by the base point G.

It is unlikely you will need to understand elliptic curves in detail to build your application, but it is helpful to have a very high level overview.

The elliptic curve used by Bitcoin is called SECP256k1.

A point on this curve is denoted A = (Ax, Ay). This is a point in the sense that it is two values, Ax and Ay, which are big numbers. A second point is denoted B = (Bx, By).

It is possible to add two points together, which is written as A + B. Please
note that this is *not* the same operation as normal addition. This is an
operation on the group which is called "adding" for convenience. It is *not* the
case that you can add Ax and Bx to get (A+B)x. Instead, (A+B)x must use the
group operation.

Points can be added together and multiplied by big numbers. To multiply a point by a big number is to add it to itself that many times. On the SECP256k1 elliptic curve there is a point called G which is the "base point" of the curve. Every other point on the curve can be found by multiplying some value p by G. In other words, for any point P on the curve, there always exists some p such that P = pG.

If p is a private key, then P = pG is the public key.

If Alice has private key a and public key A, and Bob has private key b and public key B, then they can perform Diffie-Helman key exchange:

aB = abG = baG = bA

In other words, Alice's private key times Bob's public key is the same thing as Bob's private key times Alice's public key. This is a secret that that can only be derived by Alice or Bob.

## Points in bsv

You can access points in bsv with this object:

```
bsv.crypto.Point
```

One way to make a new point is to start with the value G:

```
var G = bsv.crypto.Point.getG()
console.log(G)
// prints:
// <EC Point x: 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 y: 483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8>
console.log(G.mul(bsv.crypto.BN.fromString('2')))
// prints:
// <EC Point x: c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 y: 1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a>
```

A private key is a very long unpredictable number. Here is an example of generating such a number and deriving the corresponding public key:

```
var phex = bsv.crypto.Random.getRandomBuffer(32).toString('hex')
var p = bsv.crypto.BN.fromBuffer(Buffer.from(phex, 'hex'))
console.log(p)
// prints:
// <BN: b024b46bbebeebc1b268b47751543e3127c7c8ee3e30d8ea53e70c3bf60ec71b>
var P = G.mul(p)
console.log(P)
// <EC Point x: 49c26cf2b0ade47d54559df6ea8eced8b8f70b6957dbe43126fde3b7ffa6642c y: 32b2000bd658f1cc37b65dfd6cb10ac23083af9bec428afc2c944af18c0178e3>
```

Note that you should not actually use Points directly to manage private keys and public keys. We have classes for that, which are called PrivKey and PubKey which private additional methods appropropate for Bitcoin keys. Those classes are wrappers for Point and Big Numbers with additional methods.

Here is an overview of methods on Point that you may need if you are doing anything advanced:

Method | Inputs | Description |
---|---|---|

add | Another point. | Adds two points together. |

mul | Big number. | Adds a point to itself big number times. |

getX | Get the X value of a point. | |

getY | Get the Y value of a point. |