Orfeas Litos
23782b8693
Remove the term "secret nonce", only refer to s
2020-11-30 14:30:47 +00:00
Orfeas Litos
cf32b7bd39
Say that public nonce is R and private nonce is s
2020-11-30 12:31:10 +00:00
Pieter Wuille
3b1fb9600b
Clarify that R=infinity is invalid in BIP340
...
Also rename is_infinity to is_infinite is reference implementation,
to match the wording in BIP340.
2020-09-03 14:38:22 -07:00
Pieter Wuille
b6b0715c28
Clarify that Jacobian coordinates are the optimization, not the Legendre symbol
2020-08-26 15:56:23 -07:00
Pieter Wuille
8a3db73a84
Rename lift_x_even_y to lift_x
2020-08-20 13:24:20 -07:00
Pieter Wuille
5dadeb3e1c
Change tags to avoid collisions with earlier draft
2020-08-20 13:24:20 -07:00
Pieter Wuille
968096c451
Switch to even tiebreaker for R
2020-08-20 13:24:16 -07:00
Tim Ruffing
e98888322f
BIP340: Fix typo
2020-08-04 18:57:16 +02:00
Pieter Wuille
e331aadf92
Merge pull request #206 from jonasnick/some-fixups
...
BIP-0340: Miscellaneous fixups
2020-07-21 19:38:23 -07:00
Jonas Nick
7e9b4dd620
BIP-0340: note that adapting the spec to other curves is insecure
2020-07-21 18:44:46 +00:00
Pieter Wuille
005586d2fd
Clarify security argument of x-only pubkeys better
2020-07-20 14:39:28 -07:00
Jonas Nick
2611302d83
BIP-0340: Remove last remaining mention of Jacobi symbol
...
Jacobi symbol can be confusing because it may suggest that the modulus is
composite.
Thanks to Alan Szepieniec for pointing out this issue.
2020-07-18 20:14:51 +00:00
Jonas Nick
804538f141
BIP-0340: small fixups
...
- key prefixing means prefixing the message
- array indexing starts with 0
- 'Gennaro' is spelled with two n's
- has_even_y definition takes P as argument
Thanks to Alan Szepieniec for pointing out these issues.
2020-07-18 20:14:36 +00:00
Tim Ruffing
a6301c5af0
Optionally print intermediate values in reference code
...
and make reference code and pseudocode more consistent with each other
2020-03-12 21:15:52 +01:00
Tim Ruffing
cd19095fb0
Switch to only 32 bytes aux
2020-02-29 11:21:24 +01:00
Tim Ruffing
4f482a6748
Fix a few minor issues
...
* Recommend a byte length for aux random data
* Clarify that with signature verification by default at the end of the signing algorithm, using public keys from untrusted sources is not an issue.
* A few editorial nits
2020-02-24 21:59:13 +01:00
Pieter Wuille
88d30c704f
Address comments
2020-02-23 19:45:10 -08:00
Pieter Wuille
806b46fde1
Switch to new synth nonce scheme and make it default
2020-02-23 19:43:20 -08:00
Anthony Towns
453947f43a
give bip32 conversion its own section
2020-02-23 19:40:21 -08:00
Anthony Towns
455504b3af
Include d in nonce rather than d'
2020-02-23 19:40:19 -08:00
Anthony Towns
8a009b90d8
notes about precomputed pubkey data
2020-02-23 19:39:00 -08:00
Pieter Wuille
d11cf65b6c
Change tags to prevent inconsistent breakage with earlier draft
2020-02-23 19:35:22 -08:00
Pieter Wuille
6581a87ff2
Switch to even-y tiebreaker for pubkeys
2020-02-23 19:33:35 -08:00
Jonas Nick
ddc31eb6f6
BIP-340: Improve wording of recommendation for fresh secret keys
2020-02-23 19:33:13 -08:00
Jonas Nick
8b4f79b6f6
BIP-340: Stress that secret key should be fresh and if not then RFC6979 shouldn't be used
2020-02-23 19:33:13 -08:00
Keagan McClelland
4b18c45e74
Update bip-0340.mediawiki
2020-02-23 13:43:25 -08:00
Luke Dashjr
99d4de01cd
Merge pull request #884 from RandyMcMillan/patch-2
...
bip-0340: typo change intent to intend
2020-02-19 22:47:00 +00:00
Jonas Nick
b4255dc83b
BIP 340: Recommend verifying the signing output
2020-01-28 22:04:39 +00:00
Jonas Nick
2874f1ffe7
BIP 340: Recommend synthetic nonces
2020-01-28 22:04:34 +00:00
@RandyMcMillan
66ab3565ef
change intent to intend
2020-01-26 16:44:37 -05:00
Pieter Wuille
9cf4038f17
fix BIP links
2020-01-20 07:35:26 -08:00
Pieter Wuille
c3b91dcc22
Fixes to headers
2020-01-19 14:48:58 -08:00
Pieter Wuille
e1914b8173
fixes
2020-01-19 14:48:58 -08:00
Pieter Wuille
1faa4b19bc
Rename BIPs
2020-01-19 14:47:33 -08:00
