frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,328 Commits 14 Branches 0 Tags
Commit Graph

132 Commits

Author SHA1 Message Date
Andrew Poelstra
8e46cac5b3 ecdsa-s2c: block in module 
Co-authored-by: Marko Bencun <mbencun+pgp@gmail.com>
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
 2020-12-21 20:49:41 +00:00
Andrew Poelstra
826bd04b43 add eccommit functionality 
Co-authored-by: Marko Bencun <mbencun+pgp@gmail.com>
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
 2020-12-21 20:49:41 +00:00
Jonas Nick
b9d91b3ecb musig: add pubkey_tweak_add function to allow taproot tweaking 2020-11-30 15:40:09 +00:00
Jonas Nick
38a8b20991 musig: fix memory leak in musig test 2020-11-13 16:05:37 +00:00
Jonas Nick
5b4eb18ec5 musig: shorten partial nonce byte array from 33 to 32 bytes 2020-11-13 16:05:37 +00:00
Jonas Nick
62f0b2d867 musig: make musig partial nonces byte arrays instead of "pubkeys" 2020-11-13 16:05:37 +00:00
Jonas Nick
73792e4a27 musig: represent a combined_nonce as an xonly_pubkey 2020-11-13 16:05:36 +00:00
Jonas Nick
2117e7466a musig: improve variable naming and be consistent with schnorrsig module 
session_initialize -> session_init
msg_is_set -> is_msg_set
is_negated -> pk_parity
nonce_is_negated -> nonce_parity
 2020-11-13 16:05:36 +00:00
Jonas Nick
ebc31f1f9d musig: add ARG_CHECKs to functions to help debuggability 2020-11-13 16:05:36 +00:00
Jonas Nick
ac2d0e6697 musig: add magic to session to detect if session is uninitalized 2020-11-13 16:05:36 +00:00
Jonas Nick
29b4bd85d7 musig: simplify state machine by adding explicit round to session struct 2020-11-13 16:05:36 +00:00
Jonas Nick
e0ced690cf Rename rands64 to testrandi64 
This is to make it consistent with upstream changes.
 2020-11-05 22:07:30 +00:00
Jonas Nick
b0917f3de1 Merge remote-tracking branch 'upstream/master' into temp-merge-835 2020-11-05 20:21:38 +00:00
Jonas Nick
23900a0d86 Fix the MuSig module after integrating bip-schnorr updates 
1.  using xonly_pubkeys in MuSig for input public keys and the combined
    pk. For that to work we need to store whether the MuSig aggregated point
    has an even y in the session, may need to negate each signers secret
    key and may need to negate each signers public key in
    musig_partial_sig_verify.
2.  using a tagged hash for the message hash.
3.  use !fe_is_odd in place of fe_is_quad_var
 2020-11-04 21:47:09 +00:00
Andrew Poelstra
005fe79262 Merge commit '8ab24e8d' into tmp 2020-11-04 21:46:54 +00:00
Andrew Poelstra
a11250330b (actually) remove schnorrsig module 2020-11-04 21:45:18 +00:00
Tim Ruffing
e89278f211 Don't use reserved identifiers memczero and benchmark_verify_t 
As identified in #829 and #833. Fixes #829.

Since we touch this anyway, this commit additionally makes the
identifiers in the benchmark files a little bit more consistent.
 2020-10-20 15:00:19 +02:00
Andrew Poelstra
8b70795b5e Fix BE platforms by updating endianness macros to match upstream 2020-10-12 13:44:16 +00:00
Tim Ruffing
6173839c90 Switch to our own memcmp function 
Fixes #823.
 2020-10-11 10:39:20 -07:00
Pieter Wuille
a45c1fa63c Rename testrand functions to have test in name 2020-09-25 20:50:43 -07:00
Pieter Wuille
8b7dcdd955 Add exhaustive test for extrakeys and schnorrsig 2020-09-18 14:11:38 -07:00
Pieter Wuille
08d7d89299 Make pubkey parsing test whether points are in the correct subgroup 2020-09-18 14:11:38 -07:00
Pieter Wuille
87af00b511 Abstract out challenge computation in schnorrsig 2020-09-18 14:11:38 -07:00
Pieter Wuille
39f67dd072 Support splitting exhaustive tests across cores 2020-09-18 14:11:02 -07:00
Pieter Wuille
b110c106fa Change exhaustive test groups so they have a point with X=1 
This enables testing overflow is correctly encoded in the recid, and
likely triggers more edge cases.

Also introduce a Sage script to generate the parameters.
 2020-09-18 14:01:15 -07:00
Pieter Wuille
8bcd78cd79 Make secp256k1_scalar_b32 detect overflow in scalar_low 2020-09-18 14:01:15 -07:00
Pieter Wuille
c498366e5b Move exhaustive tests for recovery to module 2020-09-18 14:01:15 -07:00
Jonas Nick
16ffa9d97c schnorrsig: Add taproot test case 2020-09-06 19:00:08 +00:00
Jonas Nick
8dfd53ee3f schnorrsig: Add benchmark for sign and verify 2020-09-06 19:00:08 +00:00
Jonas Nick
4e43520026 schnorrsig: Add BIP-340 compatible signing and verification 2020-09-06 19:00:03 +00:00
Jonas Nick
7332d2db6b schnorrsig: Add BIP-340 nonce function 2020-09-06 19:00:03 +00:00
Jonas Nick
7a703fd97d schnorrsig: Init empty experimental module 2020-09-06 19:00:03 +00:00
Jonas Nick
6fcb5b845d extrakeys: Add keypair_xonly_tweak_add 2020-09-06 19:00:00 +00:00
Jonas Nick
58254463f9 extrakeys: Add keypair struct with create, pub and pub_xonly 2020-09-06 18:59:57 +00:00
Jonas Nick
910d9c284c extrakeys: Add xonly_pubkey_tweak_add & xonly_pubkey_tweak_add_test 2020-09-06 18:59:57 +00:00
Jonas Nick
4cd2ee474d extrakeys: Add xonly_pubkey with serialize, parse and from_pubkey 2020-09-06 18:59:50 +00:00
Jonas Nick
47e6618e11 extrakeys: Init empty experimental module 
This is to prepare for xonly_pubkeys and keypairs.
 2020-08-26 19:52:55 +00:00
Jason Davies
fabc8f74e7 Fix typo in MuSig documentation. 2020-07-24 14:59:36 +02:00
Jonas Nick
96201b4f6e Require message in musig protocol in an earlier state. In particular, 
remove the set_msg function and require the message in get_public_nonce
at the latest.
 2020-07-24 14:59:36 +02:00
Jonas Nick
4fd0d56e37 Fix my_index in musig state machine tests 2020-07-24 14:59:36 +02:00
Jonas Nick
b74f2dc478 Remove mentions of DER in H derivation. 2020-07-24 14:59:36 +02:00
Jonas Nick
9957307c3f Fix explanation of H derivation. It doesn't use DER encoding. 2020-07-24 14:59:36 +02:00
Jonas Nick
d924027765 Add tweak32 parameter to musig_partial_sig_combine which allows to sign for p2c/taproot commitments 2020-07-24 14:59:36 +02:00
Tim Ruffing
d6738e890e surjection proof: Reject proofs with too many used inputs in reduced mode 2020-07-24 14:59:36 +02:00
Roman Zeyde
bd70820123 allow reducing surjection proof size (to lower generation stack usage) 2020-07-24 14:59:36 +02:00
Andrew Poelstra
56f69d979f surjectionproof: introduce SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS constant and set it to 16 2020-07-24 14:59:36 +02:00
Andrew Poelstra
b8a3ff5f3b surjectionproof: reduce stack usage 2020-07-24 14:59:36 +02:00
Andrew Poelstra
68d937fe11 surjectionproof: fix malleability in surjection proof parsing 2020-07-24 14:59:36 +02:00
Andrew Poelstra
41bc9ce129 surjectionproof: add test vectors for "set padding bits" 2020-07-24 14:59:36 +02:00
Andrew Poelstra
b0644d4ab3 surjectionproof: add fixed test vectors 2020-07-24 14:59:36 +02:00