frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,863 Commits 14 Branches 0 Tags
Commit Graph

214 Commits

Author SHA1 Message Date
Andrew Poelstra
e354c5751d ecdsa_s2c: rename anti-klepto to anti-exfil 2021-02-09 22:47:24 +00:00
Tim Ruffing
328aaef22a
Merge #845: Extract the secret key from a keypair 
33cb3c2b1fc3f3fe46c6d0eab118248ea86c1f06 Add secret key extraction from keypair to constant time tests (Elichai Turkel)
36d9dc1e8e6e3b15d805f04c973a8784a78880f6 Add seckey extraction from keypair to the extrakeys tests (Elichai Turkel)
fc96aa73f5c7f62452847a31821890ff1f72a5a4 Add a function to extract the secretkey from a keypair (Elichai Turkel)

Pull request description:

  With schnorrsig if you need to tweak the secret key (for BIP32) you must use the keypair API to get compatible secret/public keys which you do by calling `secp256k1_keypair_xonly_tweak_add()`, but after that there's no currently a way to extract the secret key back for storage.
  so I added a `secp256k1_keypair_seckey` function to extract the key

ACKs for top commit:
  jonasnick:
    ACK 33cb3c2b1fc3f3fe46c6d0eab118248ea86c1f06
  real-or-random:
    ACK 33cb3c2b1fc3f3fe46c6d0eab118248ea86c1f06 code inspection, tests pass

Tree-SHA512: 11212db38c8b87a87e2dc35c4d6993716867b45215b94b20522b1b3164ca63d4c6bf5192a6bff0e9267b333779cc8164844c56669a94e9be72df9ef025ffcfd4
 2021-01-12 10:56:14 +01:00
Jonas Nick
41d6963bc1 rangeproof: clarify rewind outlen argument 2021-01-05 13:42:58 +00:00
Ferdinando M. Ametrano
b7bc3a4aaa
fixed typo 2020-12-22 22:31:29 +01:00
Andrew Poelstra
396b558273 ecdsa-s2c: add anti-klepto protocol 
Co-authored-by: Marko Bencun <mbencun+pgp@gmail.com>
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
 2020-12-21 20:50:19 +00:00
Andrew Poelstra
290dee566e ecdsa-s2c: add actual sign-to-contract functionality 
Co-authored-by: Marko Bencun <mbencun+pgp@gmail.com>
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
 2020-12-21 20:50:17 +00:00
Andrew Poelstra
8e46cac5b3 ecdsa-s2c: block in module 
Co-authored-by: Marko Bencun <mbencun+pgp@gmail.com>
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
 2020-12-21 20:49:41 +00:00
Elichai Turkel
fc96aa73f5
Add a function to extract the secretkey from a keypair 2020-12-19 11:00:25 +02:00
Jonas Nick
6e85d675aa Rename tweak to tweak32 in public API 2020-12-04 14:16:43 +00:00
Jonas Nick
f587f04e35 Rename msg32 to msghash32 in ecdsa_sign/verify and add explanation 2020-12-04 14:12:38 +00:00
Andrew Poelstra
ff4714e641
Merge pull request #105 from jonasnick/update-musig 
MuSig state machine simplifictions, API improvements and taproot tweaking
 2020-11-30 16:11:34 +00:00
Jonas Nick
b9d91b3ecb musig: add pubkey_tweak_add function to allow taproot tweaking 2020-11-30 15:40:09 +00:00
Thomas Eizinger
4d20713425
Remove unused context initializer functions 
Fixes #15.
 2020-11-24 10:43:28 +11:00
Jonas Nick
5b4eb18ec5 musig: shorten partial nonce byte array from 33 to 32 bytes 2020-11-13 16:05:37 +00:00
Jonas Nick
62f0b2d867 musig: make musig partial nonces byte arrays instead of "pubkeys" 2020-11-13 16:05:37 +00:00
Jonas Nick
73792e4a27 musig: represent a combined_nonce as an xonly_pubkey 2020-11-13 16:05:36 +00:00
Jonas Nick
2117e7466a musig: improve variable naming and be consistent with schnorrsig module 
session_initialize -> session_init
msg_is_set -> is_msg_set
is_negated -> pk_parity
nonce_is_negated -> nonce_parity
 2020-11-13 16:05:36 +00:00
Jonas Nick
ebc31f1f9d musig: add ARG_CHECKs to functions to help debuggability 2020-11-13 16:05:36 +00:00
Jonas Nick
ac2d0e6697 musig: add magic to session to detect if session is uninitalized 2020-11-13 16:05:36 +00:00
Jonas Nick
29b4bd85d7 musig: simplify state machine by adding explicit round to session struct 2020-11-13 16:05:36 +00:00
Jonas Nick
23900a0d86 Fix the MuSig module after integrating bip-schnorr updates 
1.  using xonly_pubkeys in MuSig for input public keys and the combined
    pk. For that to work we need to store whether the MuSig aggregated point
    has an even y in the session, may need to negate each signers secret
    key and may need to negate each signers public key in
    musig_partial_sig_verify.
2.  using a tagged hash for the message hash.
3.  use !fe_is_odd in place of fe_is_quad_var
 2020-11-04 21:47:09 +00:00
Andrew Poelstra
005fe79262 Merge commit '8ab24e8d' into tmp 2020-11-04 21:46:54 +00:00
Andrew Poelstra
a11250330b (actually) remove schnorrsig module 2020-11-04 21:45:18 +00:00
Andrew Poelstra
a3a3a17f47
Merge pull request #94 from apoelstra/temp-merge-1309c03c45beece646a7d21fdb6a0e3d38adee2b 
[upstream PR #773]: Fix some compile problems on weird/old compilers.
 2020-09-25 14:23:54 +00:00
Jonas Nick
4e43520026 schnorrsig: Add BIP-340 compatible signing and verification 2020-09-06 19:00:03 +00:00
Jonas Nick
7332d2db6b schnorrsig: Add BIP-340 nonce function 2020-09-06 19:00:03 +00:00
Jonas Nick
7a703fd97d schnorrsig: Init empty experimental module 2020-09-06 19:00:03 +00:00
Jonas Nick
6fcb5b845d extrakeys: Add keypair_xonly_tweak_add 2020-09-06 19:00:00 +00:00
Jonas Nick
58254463f9 extrakeys: Add keypair struct with create, pub and pub_xonly 2020-09-06 18:59:57 +00:00
Jonas Nick
910d9c284c extrakeys: Add xonly_pubkey_tweak_add & xonly_pubkey_tweak_add_test 2020-09-06 18:59:57 +00:00
Jonas Nick
4cd2ee474d extrakeys: Add xonly_pubkey with serialize, parse and from_pubkey 2020-09-06 18:59:50 +00:00
Jonas Nick
47e6618e11 extrakeys: Init empty experimental module 
This is to prepare for xonly_pubkeys and keypairs.
 2020-08-26 19:52:55 +00:00
Gregory Maxwell
1309c03c45 Fix some compile problems on weird/old compilers. 
The visibility attribute is a GCC 4+ feature.
GCC 2.95 also warns about the unsigned/signed comparision.
 2020-07-26 05:26:56 +00:00
Jonas Nick
96201b4f6e Require message in musig protocol in an earlier state. In particular, 
remove the set_msg function and require the message in get_public_nonce
at the latest.
 2020-07-24 14:59:36 +02:00
Jonas Nick
b368a5d163 Fix ARG_NONNULL macro usage in musig include 2020-07-24 14:59:36 +02:00
Jonas Nick
bedff79848 Add cplusplus directive to musig include 2020-07-24 14:59:36 +02:00
Jonas Nick
d924027765 Add tweak32 parameter to musig_partial_sig_combine which allows to sign for p2c/taproot commitments 2020-07-24 14:59:36 +02:00
Roman Zeyde
bd70820123 allow reducing surjection proof size (to lower generation stack usage) 2020-07-24 14:59:36 +02:00
Andrew Poelstra
56f69d979f surjectionproof: introduce SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS constant and set it to 16 2020-07-24 14:59:36 +02:00
Dmitry Petukhov
2dc868f35b work in progress: add _allocate_initialized/destroy funcs 2020-07-24 14:59:36 +02:00
Roman Zeyde
f35b5e271f Fix a small typo in the generator parameter name 2020-07-24 14:59:36 +02:00
Andrew Poelstra
3424cb1fa3 musig: add user documentation 2020-07-24 14:59:36 +02:00
Jonas Nick
13ef445721 Add 3-of-3 MuSig example 2020-07-24 14:59:36 +02:00
Jonas Nick
b86c210747 Add MuSig module which allows creating n-of-n multisignatures and adaptor signatures. 2020-07-24 14:59:36 +02:00
Andrew Poelstra
c59c602dd6 Add schnorrsig module which implements BIP-schnorr [0] compatible signing, verification and batch verification. 
[0] https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
 2020-07-24 14:59:36 +02:00
Jonas Nick
f416e039bb Add comment to explain effect of max_n_iterations in surjectionproof_init 2020-07-24 14:50:49 +02:00
Andrew Poelstra
edb879f578 rangeproof: verify correctness of pedersen commitments when parsing 2020-07-24 14:50:48 +02:00
Andrew Poelstra
fca4c3b62f generator: verify correctness of point when parsing 2020-07-24 14:50:48 +02:00
Frank V. Castellucci
0c5cb7cd08 Expose generator in shared library 
Was failing linking to `*.so` library
 2020-07-24 14:50:48 +02:00
Gregory Sanders
dbc49df80c fix spelling in documentation 2020-07-24 14:50:48 +02:00