1
0
mirror of https://github.com/bitcoin/bips.git synced 2025-10-20 14:07:26 +00:00

2625 Commits

Author SHA1 Message Date
Fabian Jahr
4774e4d1e8 Link design section of BIP Schnorr in Specification 2020-01-19 14:47:33 -08:00
Max Hillebrand
3d97967b97 fix: script spend, not key spend
For the key spend the script tree depth is not revealed, it is only done for script spends. This sentence makes sense only for the script spend.
2020-01-19 14:47:33 -08:00
Jonas Nick
fe74ab65db Update test-vectors.csv 2020-01-19 14:47:33 -08:00
Jonas Nick
c8281deec6 Fix point_from_bytes accepting out-of-range pubkeys and add test vector 2020-01-19 14:47:33 -08:00
Tim Ruffing
9b5ba158c1 improve rationale for key prefixing 2020-01-19 14:47:33 -08:00
Jonas Nick
c9196eeef4 Fix typo in reference code comment 2020-01-19 14:47:33 -08:00
Jonas Nick
301fef36de Make more clear that signing function in test vectors generation code isn't intended to be used anywhere else 2020-01-19 14:47:33 -08:00
Jonas Nick
a6d2d42aa2 Check infinity in is_positive 2020-01-19 14:47:33 -08:00
Jonas Nick
82129e720d Adjust test vector generation code to latest terminology 2020-01-19 14:47:33 -08:00
Jonas Nick
fdf6e897d9 Fix test vector generation code after changing schnorrsig_sign api 2020-01-19 14:47:33 -08:00
Pieter Wuille
ae7122822a Settle on notation: is_square(y), has_square_y(P) 2020-01-19 14:47:33 -08:00
Dmitry Petukhov
0f9ab0cec9 fix docstring in taproot_output_script
the final "-None" line in the docstring of `taproot_output_script` example function was actually outside of the docstring
2020-01-19 14:47:33 -08:00
Dmitry Petukhov
d87c5c8801 use bytes() instead of b'' - avoid markdown issue
Currently github markdown renders `b''` inside `<source>` tags incorrectly. This makes `h = b''` show as `h = b` and creates some confusion.
The issue can be avoided by using bytes() to create empty byte array
2020-01-19 14:47:33 -08:00
Tim Ruffing
7c00346cf2 typos 2020-01-19 14:47:33 -08:00
Pieter Wuille
dbbe690c8a Consistently mention resource limits in bip-tapscript 2020-01-19 14:47:33 -08:00
Pieter Wuille
9c1670f345 Update bip-schnorr.mediawiki
Co-Authored-By: Tim Ruffing <tim@timruffing.de>
2020-01-19 14:47:33 -08:00
Pieter Wuille
83cebb5326 Update bip-schnorr.mediawiki
Co-Authored-By: Tim Ruffing <tim@timruffing.de>
2020-01-19 14:47:33 -08:00
Pieter Wuille
1695f073d3 Elaborate on default and alternative signing 2020-01-19 14:47:33 -08:00
Pieter Wuille
fc0a4ef542 Explain why CMS is not turned into SUCCESSx 2020-01-19 14:47:33 -08:00
Pieter Wuille
2059b9e35a Address aj comments 2020-01-19 14:47:33 -08:00
Pieter Wuille
3595c30acd Improve section on alternatives to OP_CHECKMULTISIG 2020-01-19 14:47:33 -08:00
Tim Ruffing
09e3f637b5 Change reference for ECDSA proofs
Refer to Manuel Fersch's dissertation for provable security of ECDSA. It's freely accessible and multiple results put well in context.
2020-01-19 14:47:33 -08:00
Anthony Towns
feffc4e34d annex is bit 0 of spend_type 2020-01-19 14:47:33 -08:00
Pieter Wuille
23c1c3ed8b More on key generation 2020-01-19 14:47:33 -08:00
Pieter Wuille
7a7ab111c9 Clarify interaction x-only keys with verification 2020-01-19 14:47:33 -08:00
Pieter Wuille
20f9901809 Update bip-schnorr.mediawiki
Co-Authored-By: Tim Ruffing <tim@timruffing.de>
2020-01-19 14:47:33 -08:00
Pieter Wuille
aef148ffc6 Explain that MuSig needs key prefixing 2020-01-19 14:47:33 -08:00
Tim Ruffing
a7ee6c30fa bip-schnorr: more on (e,s) 2020-01-19 14:47:33 -08:00
Tim Ruffing
bc4e8f28b8 bip-schnorr: more on provable security
I'll try to get a link to the CCS paper that does not have a paywall...
2020-01-19 14:47:33 -08:00
Pieter Wuille
565ac4f717 Typo 2020-01-19 14:47:33 -08:00
Pieter Wuille
96a199ac8c Drop other curve comment 2020-01-19 14:47:33 -08:00
Pieter Wuille
281df660b9 Prefix infinite with is_ 2020-01-19 14:47:33 -08:00
Pieter Wuille
e29d82dc88 Apply suggestions from code review
Co-Authored-By: Tim Ruffing <tim@timruffing.de>
2020-01-19 14:47:33 -08:00
Pieter Wuille
0d4191bae5 Formulate claims about BatchVerify more accurately 2020-01-19 14:47:33 -08:00
Pieter Wuille
7f5926703a Use is_square/is_positive and introduce algorithm names 2020-01-19 14:47:33 -08:00
Pieter Wuille
9b9fab9a03 HTTPS links where possible 2020-01-19 14:47:33 -08:00
Pieter Wuille
406bc17c16 Small fixes from review with real-or-random 2020-01-19 14:47:33 -08:00
Pieter Wuille
276d9d338b Small fix: 0xc1 is possible as first control block byte 2020-01-19 14:47:33 -08:00
Pieter Wuille
c93e298518 Increase max Merkle path length 2020-01-19 14:47:33 -08:00
Pieter Wuille
fb486d7e13 Fix formula 2020-01-19 14:47:33 -08:00
Pieter Wuille
79f9fc4cc8 Extend input_index from 16 to 32 bits 2020-01-19 14:47:33 -08:00
Pieter Wuille
d9a30c954f Extend codeseparator_position from 16 to 32 bits 2020-01-19 14:47:33 -08:00
Jonas Nick
78bb31c3bf Accept seckey in the form of bytes and not int in the reference BIP-schnorr code to match the spec. 2020-01-19 14:47:33 -08:00
Tim Ruffing
e0e422a5ca Link to Schnorr's paper instead of Wikipedia 2020-01-19 14:47:33 -08:00
Jonas Nick
d112f5b035 Replace taproot_tweak_pubkey assertion with exception and add it to taproot_tweak_seckey too 2020-01-19 14:47:33 -08:00
Jonas Nick
afa5519ade Add taproot_tweak_pubkey and taproot_tweak_privkey functions to bip-taproot wallet section 2020-01-19 14:47:33 -08:00
Jonas Nick
e1d7da3796 Add is_quad function to bip-schnorr reference code 2020-01-19 14:47:33 -08:00
Jonas Nick
fe8f5f68ca Standardize on secret key in bip-schnorr 2020-01-19 14:47:33 -08:00
Jonas Nick
05cc92b9ad Add x() and y() functions for points to bip-schnorr 2020-01-19 14:47:33 -08:00
Jonas Nick
1c8bdd75a5 Remove 0xc1 2020-01-19 14:47:33 -08:00