My question is: Is there a private key where the y coordinate of the public key created through the ECDSA secp256k1 curve ever a negative y? From what I can tell is 'no', but then I wonder why even bring the sign into the bitcoin code as a prefix? I must be missing or misunderstanding something.
Given that the secp256k1 curve is defined modulo
p, then there are no negative coordinates as anything which would be negative will loop round mod
p and end up positive. As pooya87 says, -y =
p-y.
Given that the curve equation is y
2 = x
3 + 7, then for every x coordinate there are two valid y coordinates. And because
p is an odd prime, negating y by doing
p-y as above will change its parity. This means that one y coordinate will always be even, and the other will always be odd. This allows us to compress public keys simply by specifying the parity of the y coordinate as a prefix.