frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,309 Commits 14 Branches 0 Tags
Commit Graph

120 Commits

Author SHA1 Message Date
Jonas Nick
b0917f3de1 Merge remote-tracking branch 'upstream/master' into temp-merge-835 2020-11-05 20:21:38 +00:00
Jonas Nick
23900a0d86 Fix the MuSig module after integrating bip-schnorr updates 
1.  using xonly_pubkeys in MuSig for input public keys and the combined
    pk. For that to work we need to store whether the MuSig aggregated point
    has an even y in the session, may need to negate each signers secret
    key and may need to negate each signers public key in
    musig_partial_sig_verify.
2.  using a tagged hash for the message hash.
3.  use !fe_is_odd in place of fe_is_quad_var
 2020-11-04 21:47:09 +00:00
Andrew Poelstra
005fe79262 Merge commit '8ab24e8d' into tmp 2020-11-04 21:46:54 +00:00
Andrew Poelstra
a11250330b (actually) remove schnorrsig module 2020-11-04 21:45:18 +00:00
Tim Ruffing
e89278f211 Don't use reserved identifiers memczero and benchmark_verify_t 
As identified in #829 and #833. Fixes #829.

Since we touch this anyway, this commit additionally makes the
identifiers in the benchmark files a little bit more consistent.
 2020-10-20 15:00:19 +02:00
Andrew Poelstra
8b70795b5e Fix BE platforms by updating endianness macros to match upstream 2020-10-12 13:44:16 +00:00
Tim Ruffing
6173839c90 Switch to our own memcmp function 
Fixes #823.
 2020-10-11 10:39:20 -07:00
Pieter Wuille
a45c1fa63c Rename testrand functions to have test in name 2020-09-25 20:50:43 -07:00
Pieter Wuille
8b7dcdd955 Add exhaustive test for extrakeys and schnorrsig 2020-09-18 14:11:38 -07:00
Pieter Wuille
08d7d89299 Make pubkey parsing test whether points are in the correct subgroup 2020-09-18 14:11:38 -07:00
Pieter Wuille
87af00b511 Abstract out challenge computation in schnorrsig 2020-09-18 14:11:38 -07:00
Pieter Wuille
39f67dd072 Support splitting exhaustive tests across cores 2020-09-18 14:11:02 -07:00
Pieter Wuille
b110c106fa Change exhaustive test groups so they have a point with X=1 
This enables testing overflow is correctly encoded in the recid, and
likely triggers more edge cases.

Also introduce a Sage script to generate the parameters.
 2020-09-18 14:01:15 -07:00
Pieter Wuille
8bcd78cd79 Make secp256k1_scalar_b32 detect overflow in scalar_low 2020-09-18 14:01:15 -07:00
Pieter Wuille
c498366e5b Move exhaustive tests for recovery to module 2020-09-18 14:01:15 -07:00
Jonas Nick
16ffa9d97c schnorrsig: Add taproot test case 2020-09-06 19:00:08 +00:00
Jonas Nick
8dfd53ee3f schnorrsig: Add benchmark for sign and verify 2020-09-06 19:00:08 +00:00
Jonas Nick
4e43520026 schnorrsig: Add BIP-340 compatible signing and verification 2020-09-06 19:00:03 +00:00
Jonas Nick
7332d2db6b schnorrsig: Add BIP-340 nonce function 2020-09-06 19:00:03 +00:00
Jonas Nick
7a703fd97d schnorrsig: Init empty experimental module 2020-09-06 19:00:03 +00:00
Jonas Nick
6fcb5b845d extrakeys: Add keypair_xonly_tweak_add 2020-09-06 19:00:00 +00:00
Jonas Nick
58254463f9 extrakeys: Add keypair struct with create, pub and pub_xonly 2020-09-06 18:59:57 +00:00
Jonas Nick
910d9c284c extrakeys: Add xonly_pubkey_tweak_add & xonly_pubkey_tweak_add_test 2020-09-06 18:59:57 +00:00
Jonas Nick
4cd2ee474d extrakeys: Add xonly_pubkey with serialize, parse and from_pubkey 2020-09-06 18:59:50 +00:00
Jonas Nick
47e6618e11 extrakeys: Init empty experimental module 
This is to prepare for xonly_pubkeys and keypairs.
 2020-08-26 19:52:55 +00:00
Jason Davies
fabc8f74e7 Fix typo in MuSig documentation. 2020-07-24 14:59:36 +02:00
Jonas Nick
96201b4f6e Require message in musig protocol in an earlier state. In particular, 
remove the set_msg function and require the message in get_public_nonce
at the latest.
 2020-07-24 14:59:36 +02:00
Jonas Nick
4fd0d56e37 Fix my_index in musig state machine tests 2020-07-24 14:59:36 +02:00
Jonas Nick
b74f2dc478 Remove mentions of DER in H derivation. 2020-07-24 14:59:36 +02:00
Jonas Nick
9957307c3f Fix explanation of H derivation. It doesn't use DER encoding. 2020-07-24 14:59:36 +02:00
Jonas Nick
d924027765 Add tweak32 parameter to musig_partial_sig_combine which allows to sign for p2c/taproot commitments 2020-07-24 14:59:36 +02:00
Tim Ruffing
d6738e890e surjection proof: Reject proofs with too many used inputs in reduced mode 2020-07-24 14:59:36 +02:00
Roman Zeyde
bd70820123 allow reducing surjection proof size (to lower generation stack usage) 2020-07-24 14:59:36 +02:00
Andrew Poelstra
56f69d979f surjectionproof: introduce SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS constant and set it to 16 2020-07-24 14:59:36 +02:00
Andrew Poelstra
b8a3ff5f3b surjectionproof: reduce stack usage 2020-07-24 14:59:36 +02:00
Andrew Poelstra
68d937fe11 surjectionproof: fix malleability in surjection proof parsing 2020-07-24 14:59:36 +02:00
Andrew Poelstra
41bc9ce129 surjectionproof: add test vectors for "set padding bits" 2020-07-24 14:59:36 +02:00
Andrew Poelstra
b0644d4ab3 surjectionproof: add fixed test vectors 2020-07-24 14:59:36 +02:00
Tim Ruffing
c0415eb0cb Fix read of wrong buffer (and OOB) in surjectionproof tests 2020-07-24 14:59:36 +02:00
Dmitry Petukhov
00fffeb172 Improve comments for surctionproof init+alloc/destroy funcs 
The comments with 'XXX' was intended to indicate that the listed
concerns was subject to review and change, but the code with these
comments was merged straight away. This commit replaces comments
with more complete text describing the issues.

This also signifies that the commit that this code was introduced in is
not anymore 'work in progress'.
 2020-07-24 14:59:36 +02:00
Dmitry Petukhov
2dc868f35b work in progress: add _allocate_initialized/destroy funcs 2020-07-24 14:59:36 +02:00
Jonas Nick
0d4ee3c62d Improve explanation of key cancellation attack in whitelist.md 2020-07-24 14:59:36 +02:00
Jonas Nick
2a1750dedd Clarify how to derive alternative generator H 2020-07-24 14:59:36 +02:00
Andrew Poelstra
068f03c35b generator: remove CHECK abort calls exposed by public API 2020-07-24 14:59:36 +02:00
Andrew Poelstra
3424cb1fa3 musig: add user documentation 2020-07-24 14:59:36 +02:00
Jonas Nick
13ef445721 Add 3-of-3 MuSig example 2020-07-24 14:59:36 +02:00
Jonas Nick
b86c210747 Add MuSig module which allows creating n-of-n multisignatures and adaptor signatures. 2020-07-24 14:59:36 +02:00
Andrew Poelstra
c59c602dd6 Add schnorrsig module which implements BIP-schnorr [0] compatible signing, verification and batch verification. 
[0] https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
 2020-07-24 14:59:36 +02:00
Gregory Sanders
3cdc02ef8a use proper types for rangeproof min/max 2020-07-24 14:50:49 +02:00
Andrew Poelstra
cf21c9d715 rangeproof: reduce iteration count in unit tests 2020-07-24 14:50:49 +02:00