frost/secp256k1-kmp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Verify musig2 secret nonces (#108)

Browse Source 
* Verify musig2 secret nonces

Trying to generate a musig2 partial signature with a secret nonce that was generated with a public key that does not match the signing key's public key will trigger secp256k1's illegal callback (which calls abort()) and crash the application.

=> Here we verify that the secret nonce matches the signing key before we call secp256k1_musig_partial_sign().
The verification method is a bit hackish (we extract the public key from the secret nonce blob) because secp256k1 does not export the methods we need to do this cleanly.
This commit is contained in:
Fabrice Drouin
2024-04-18 09:54:51 +02:00
committed by GitHub
parent eb92fccbd6
commit 567f411e12
4 changed files with 80 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
jni/src/main/kotlin/fr/acinq/secp256k1/NativeSecp256k1.kt
View File

@@ -117,6 +117,7 @@ public object NativeSecp256k1 : Secp256k1 {
}
override fun musigPartialSign(secnonce: ByteArray, privkey: ByteArray, keyaggCache: ByteArray, session: ByteArray): ByteArray {
require(musigNonceValidate(secnonce, pubkeyCreate(privkey)))
return Secp256k1CFunctions.secp256k1_musig_partial_sign(Secp256k1Context.getContext(), secnonce, privkey, keyaggCache, session)
}