#elliptic-curve #secp256k1 #p256 #ecvrf #k163


Fast and extensible Verifiable Random Function (VRF) library; currently supporting secp256k1, secp256r1 and sect163k1 curves

8 releases

0.2.4 Apr 7, 2022
0.2.3 Nov 3, 2021
0.2.2 Oct 24, 2019
0.2.1 Aug 26, 2019
0.1.1 May 22, 2019

#207 in Cryptography

Download history 535/week @ 2024-01-06 332/week @ 2024-01-13 193/week @ 2024-01-20 278/week @ 2024-01-27 245/week @ 2024-02-03 166/week @ 2024-02-10 133/week @ 2024-02-17 156/week @ 2024-02-24 175/week @ 2024-03-02 206/week @ 2024-03-09 145/week @ 2024-03-16 160/week @ 2024-03-23 167/week @ 2024-03-30 159/week @ 2024-04-06 128/week @ 2024-04-13 112/week @ 2024-04-20

583 downloads per month
Used in 33 crates (6 directly)

MIT license

733 lines


vrf-rs is an open source implementation of Verifiable Random Functions (VRFs) written in Rust.

DISCLAIMER: This is experimental software. Be careful!

The library can be built using cargo and the examples can be executed with:

cargo build
cargo run --example <example_name>

Elliptic Curve VRF

This module uses the OpenSSL library to offer Elliptic Curve Verifiable Random Function (VRF) functionality.

It follows the algorithms described in:

Currently the supported cipher suites are:

  • P256_SHA256_TAI: the aforementioned algorithms with SHA256 and the secp256r1 curve (aka NIST P-256).
  • K163_SHA256_TAI: the aforementioned algorithms with SHA256 and the sect163k1 curve (aka NIST K-163).
  • SECP256K1_SHA256_TAI: the aforementioned algorithms with SHA256 and the secp256k1 curve.


Create and verify a VRF proof by using the cipher suite SECP256K1_SHA256_TAI:

use vrf::openssl::{CipherSuite, ECVRF};
use vrf::VRF;

fn main() {
    // Initialization of VRF context by providing a curve
    let mut vrf = ECVRF::from_suite(CipherSuite::SECP256K1_SHA256_TAI).unwrap();
    // Inputs: Secret Key, Public Key (derived) & Message
    let secret_key =
    let public_key = vrf.derive_public_key(&secret_key).unwrap();
    let message: &[u8] = b"sample";
    // VRF proof and hash output
    let pi = vrf.prove(&secret_key, &message).unwrap();
    let hash = vrf.proof_to_hash(&pi).unwrap();

    // VRF proof verification (returns VRF hash output)
    let beta = vrf.verify(&public_key, &pi, &message);

A complete example can be found in examples/basic.rs. It can be executed with:

cargo run --example basic

Adding unsupported cipher suites

This library defines a VRF trait which can be extended in order to use different curves and algorithms.

pub trait VRF<PublicKey, SecretKey> {
    type Error;

    fn prove(&mut self, x: SecretKey, alpha: &[u8]) -> Result<Vec<u8>, Self::Error>;

    fn verify(&mut self, y: PublicKey, pi: &[u8], alpha: &[u8]) -> Result<Vec<u8>, Self::Error>;


vrf-rs is published under the MIT license.


~73K SLoC