The default "illegal" callback calls abort, which will crash the JVM or native app. We check arguments before calling secp256k1 so it should
never happen, except when trying to create a partial musig2 signature with an secret nonce that does not match the private key.
Methods that could be used to verify that the secret nonce does match the private key are not exported, hence the choice to set a custom callback.
* Use Jonas Nick's musig2 branch
* Reformat c code (no functional changes)
* Implement musig2
* Add documentation to musig2 functions (#97)
Usage of the Musig2 functions isn't intuitive at all, especially with
the key aggregation cache and session data. It's important to provide
accurate documentation to help users understand how to correctly produce
musig2 signatures.
We also change argument names to match Kotlin best practices instead of
using the same argument names as C functions.
* Add musig2 reference tests (no functional changes)
---------
Co-authored-by: Bastien Teinturier <31281497+t-bast@users.noreply.github.com>
* Check arguments passed to secp256k1 methods
Illegal arguments will trigger an internal callback that prints to stderr and calls abort.
We already check arguments in our JNI and kotlin native code but had missed 2 checks (recid in ecdsaRecover, empty arrays in pubkeyCombine).
* Implement the same "tweak" checks in the native code and JNI code
The native code was missing checks on the "tweak" size (which must be 32 bytes)
* Set version to 0.6.5-SNAPSHOT
* Update secp256k1 sources
We use 44c2452fd387f7ca604ab42d73746e7d3a44d8a2, same as bitcoin core at c41bfd1070176efcaae7fa33313cb4c3e88b44b0
Github Actions modified their windows runners which broke our build. As recommended, we now uses `msys2` on windows and install the packages that we need.
