#vrf #secp256k1 #p256 #ecvrf #k163


Fast and extensible Verifiable Random Function (VRF) library; currently supporting secp256k1, secp256r1 and sect163k1 curves

8 releases

0.2.4 Apr 7, 2022
0.2.3 Nov 3, 2021
0.2.2 Oct 24, 2019
0.2.1 Aug 26, 2019
0.1.1 May 22, 2019

#153 in Cryptography

Download history 96/week @ 2022-08-03 74/week @ 2022-08-10 37/week @ 2022-08-17 69/week @ 2022-08-24 70/week @ 2022-08-31 144/week @ 2022-09-07 72/week @ 2022-09-14 70/week @ 2022-09-21 63/week @ 2022-09-28 102/week @ 2022-10-05 191/week @ 2022-10-12 168/week @ 2022-10-19 115/week @ 2022-10-26 221/week @ 2022-11-02 137/week @ 2022-11-09 148/week @ 2022-11-16

674 downloads per month
Used in 3 crates

MIT license

733 lines


vrf-rs is an open source implementation of Verifiable Random Functions (VRFs) written in Rust.

DISCLAIMER: This is experimental software. Be careful!

The library can be built using cargo and the examples can be executed with:

cargo build
cargo run --example <example_name>

Elliptic Curve VRF

This module uses the OpenSSL library to offer Elliptic Curve Verifiable Random Function (VRF) functionality.

It follows the algorithms described in:

Currently the supported cipher suites are:

  • P256_SHA256_TAI: the aforementioned algorithms with SHA256 and the secp256r1 curve (aka NIST P-256).
  • K163_SHA256_TAI: the aforementioned algorithms with SHA256 and the sect163k1 curve (aka NIST K-163).
  • SECP256K1_SHA256_TAI: the aforementioned algorithms with SHA256 and the secp256k1 curve.


Create and verify a VRF proof by using the cipher suite SECP256K1_SHA256_TAI:

use vrf::openssl::{CipherSuite, ECVRF};
use vrf::VRF;

fn main() {
    // Initialization of VRF context by providing a curve
    let mut vrf = ECVRF::from_suite(CipherSuite::SECP256K1_SHA256_TAI).unwrap();
    // Inputs: Secret Key, Public Key (derived) & Message
    let secret_key =
    let public_key = vrf.derive_public_key(&secret_key).unwrap();
    let message: &[u8] = b"sample";
    // VRF proof and hash output
    let pi = vrf.prove(&secret_key, &message).unwrap();
    let hash = vrf.proof_to_hash(&pi).unwrap();

    // VRF proof verification (returns VRF hash output)
    let beta = vrf.verify(&public_key, &pi, &message);

A complete example can be found in examples/basic.rs. It can be executed with:

cargo run --example basic

Adding unsupported cipher suites

This library defines a VRF trait which can be extended in order to use different curves and algorithms.

pub trait VRF<PublicKey, SecretKey> {
    type Error;

    fn prove(&mut self, x: SecretKey, alpha: &[u8]) -> Result<Vec<u8>, Self::Error>;

    fn verify(&mut self, y: PublicKey, pi: &[u8], alpha: &[u8]) -> Result<Vec<u8>, Self::Error>;


vrf-rs is published under the MIT license.


~50K SLoC