d9396a56da13df97827e193f636a7593fb4d7864 ci: Attempt to make macOS builds more reliable (Tim Ruffing)
Pull request description:
ACKs for top commit:
jonasnick:
ACK d9396a56da13df97827e193f636a7593fb4d7864
Tree-SHA512: 68df44107d74671de148e9c3e6dbc6b16bec937137d7d9771efce10f5d66459559b372346d05ecc23237b2e3af9479156f733219717cb93f5204f9ea5b2636a9
ebb1beea7832207e5c8c5112d250fd216259ef41 sage: Ensure that constraints are always fastfracs (Tim Ruffing)
d8d54859ed138a8ed9a8486d847155211c9f4a7d ci: Run sage prover on CI (Tim Ruffing)
77cfa98dbc40f9494048447b8a302867235300da sage: Normalize sign of polynomial factors in prover (Tim Ruffing)
eae75869cfbbbcb69d881bc5d313bd94c6155655 sage: Exit with non-zero status in case of failures (Tim Ruffing)
b54d843eac905993eba2314a89a2d7f155445eaa sage: Fix printing of errors (Tim Ruffing)
e108d0039c36483dffe4be00815c1b6d65ef5751 sage: Fix incompatibility with sage 9.4 (Tim Ruffing)
Pull request description:
ACKs for top commit:
sipa:
ACK ebb1beea7832207e5c8c5112d250fd216259ef41
jonasnick:
ACK ebb1beea7832207e5c8c5112d250fd216259ef41
Tree-SHA512: 7a4732fd31d925d3dff471911183acc465ddcadbb5c88c46995502df61a913433c7639cb52fad3db72373b7cc47b9b0f063f7f5d5f8189c9ef998955e409479f
The prover, when run on recent sage versions, failed to prove some of its
goals due to a change in sage. This commit adapts our code accordingly.
The prover passes again after this commit.
The macOS CI tasks often error fail when doing `brew update` with
git fetch errors:
```
remote: fatal: packfile /data/repositories/b/nw/b6/07/5c/123272362/network.git/objects/pack/pack-2139bd07361b62a358e380a0e7d58ec35593d191.pack cannot be accessed
fatal: protocol error: bad pack header
Error: Fetching /usr/local/Homebrew/Library/Taps/homebrew/homebrew-core failed!
```
Superficially this seems to be a problem on the GitHub server because
the message shows a "remote" error. But it seems we're the only one in
the world running into this specific issue when doing `brew update`, so
it's more likely that the something else is the culprit, and this error
message is just a symptom.
This commit replaces `brew update` with a complete reinstallation of
brew. This is essentially a shot in the dark but it's worth a try, and
I doubt it's significantly more expensive. If that won't work, we may
consider simply retrying `brew update` a few times.
According to [autoconf 2.70](https://www.gnu.org/software/autoconf/manual/autoconf-2.70/html_node/Obsolete-Macros.html)
documentation, the `AC_PROG_CC_C89' is replaced by `AC_PROG_CC`, which
defines the same variable `ac_cv_prog_cc_c89`.
Avoids the following message:
```
configure.ac:23: warning: The macro `AC_PROG_CC_C89' is obsolete.
```
Also, remove deprecated `AM_PROG_CC_C_O`.
Python 3 often returns iterable map objects where Python 2 returned
list. We can just them down to lists explicitly.
Overlooked in 13c88efed0005eb6745a222963ee74564054eafb.
b797a500ec194948eecbea8bd80f6b7d455f7ca2 Create a SECP256K1_ECMULT_TABLE_VERIFY macro. (Russell O'Connor)
a731200cc30fcf019af08a41f7b6f329a08eaa0c Replace ECMULT_TABLE_GET_GE_STORAGE macro with a function. (Russell O'Connor)
fe34d9f3419d090e94b0c0897895c5b2b9fdc244 Eliminate input_pos state field from ecmult_strauss_wnaf. (Russell O'Connor)
0397d00ba0401bf5be7c4312d84d17fc789a6566 Eliminate na_1 and na_lam state fields from ecmult_strauss_wnaf. (Russell O'Connor)
7ba3ffcca0ae054cf0a1d6407c2dcf7445a46935 Remove the unused pre_a_lam allocations. (Russell O'Connor)
b3b57ad6eedac86bda40f062daee7d5f4241d25c Eliminate the pre_a_lam array from ecmult_strauss_wnaf. (Russell O'Connor)
ae7ba0f922b4c1439888b8488b307cd0f0e8ec59 Remove the unused prej allocations. (Russell O'Connor)
e5c18892db69b5db44d282225ab4fea788af8035 Eliminate the prej array from ecmult_strauss_wnaf. (Russell O'Connor)
c9da1baad125e830901f0ed6ad65eb4f9ccb81f4 Move secp256k1_fe_one to field.h (Russell O'Connor)
Pull request description:
ACKs for top commit:
sipa:
ACK b797a500ec194948eecbea8bd80f6b7d455f7ca2
jonasnick:
ACK b797a500ec194948eecbea8bd80f6b7d455f7ca2
Tree-SHA512: 6742469979c306104a0861be76c2be86bf8ab14116b00afbd24f91b9e3ea843bf9b9a74552b367bd06ee617090019ad4df6be037d58937c8c869f8b37ddaa6cc
69b392f3cbd4dbff953ec8f2ff44f6a8f612b661 musig: move explanation for aggnonce=inf to spec (Jonas Nick)
4824220bb71102064babf832372f4e5ae43ef16f musig-spec: describe NonceGen, NonceAgg, Sign,PartialSig{Verify,Agg} (Jonas Nick)
3c122d07807dfaea6457d8a48ba4adc7a15f1182 musig-spec: improve definition of lift_x (Jonas Nick)
e0bb2d7009eebe2b25dfe977fe3534ad507251ab musig-spec: improve KeyAgg description (Jonas Nick)
b8f4e75d89071515231be03727d47a34b1c12cab musig-spec: move to doc directory (Jonas Nick)
Pull request description:
Will wait before adding tweaking until #151 is merged.
ACKs for top commit:
robot-dreams:
ACK 69b392f3cbd4dbff953ec8f2ff44f6a8f612b661 based on:
real-or-random:
ACK 69b392f3cb I haven't looked at every detail but it's certainly ready to be merged as draft spec
Tree-SHA512: e3aa0265a9d7a7648e03ca42575397100edd5af43f0224937af51aa5c77efc451d7938149bdc711f69e24fb9291438453b8cd762affaa1a2e7bcc89f121485df
8088eddc534cbbb89dd5f892828c4013416c4f2b musig: add test vector for ordinary (non xonly) tweaking (Elliott Jin)
57a17929fc0056efb5436a6001597d656591e1ad musig: add ordinary and xonly tweaking to the example (Jonas Nick)
37107361a0ff3b8764903e3b384cfc12ed484e7a musig: allow ordinary, non-xonly tweaking (Jonas Nick)
c519b468791670654f8b66368a675655cd337ae8 musig: add pubkey_get to obtain a full pubkey from a keyagg_cache (Jonas Nick)
Pull request description:
In short, `musig_pubkey_tweak_add` now allows for xonly _and_ "ordinary" tweaking. Also, in order to allow using `ec_pubkey_tweak_add` on the non-xonly aggregate public key, there's a new function `musig_pubkey_get` that allows obtaining it from the `keyagg_cache`.
One alternative would be that instead of adding `musig_pubkey_get`, we could change `pubkey_agg` to output an ordinary (non-xonly) pubkey. Then users of the API who do not need ordinary (BIP32) tweaking would be forced to call `xonly_pubkey_from_pubkey`. And we'd probably want to change the spec. And it would be a bit weird to output a pubkey that can't be directly schnorrsig_verify'd.
Based on #131
ACKs for top commit:
robot-dreams:
ACK 8088eddc534cbbb89dd5f892828c4013416c4f2b based on https://github.com/ElementsProject/secp256k1-zkp/pull/151#issuecomment-1005198409 and the following `range-diff`:
Tree-SHA512: a4a0100f0470c870f88a8da27dbcc4684fcc2caabb368d4340e962e08d5ee04634e6289bafa3448dbfd0b5793a3e70de5bd6ddca7a619cc3220ff762d518a8fe
070e772211b3fcd297577b90b56bbf7a5cfbd0a3 Faster fixed-input ecmult tests (Pieter Wuille)
Pull request description:
Given how much #920 slowed down the tests with low iteration count, replace it with 3 different similar test:
* count >= 1: a test with 1024 multiplies that tests any pattern of 6 bits in windows not more than 20 bits wide
* count >= 3: a test with 2048 multiplies that tests any pattern of 8 consecutive bits
* count >= 35: the old test (which effectively tests all 2-bit patterns)
ACKs for top commit:
robot-dreams:
ACK 070e772211b3fcd297577b90b56bbf7a5cfbd0a3, the addition of the `CONDITIONAL_TEST` macro is nice.
real-or-random:
ACK 070e772211b3fcd297577b90b56bbf7a5cfbd0a3
Tree-SHA512: b4ccca42c71fcd1baa7143f73d1c3ac9d012c296485164a03341dbeee02e4ba9f7c7ad6b441923a5fe0286c97eff60815033adb4e1d30b3ef08bcb79590327ff
45f37b650635e46865104f37baed26ef8d2cfb97 Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes#1063. (Paul Miller)
Pull request description:
ACKs for top commit:
siv2r:
ACK 45f37b6. The diff looks good. It reduces `msg32` to modulo curve order for rfc6979 nonce generation. All tests passed on my machine with `make check`.
sipa:
utACK 45f37b650635e46865104f37baed26ef8d2cfb97
real-or-random:
ACK 45f37b650635e46865104f37baed26ef8d2cfb97
Tree-SHA512: 4c36784b2d6f2983bc0c3f380ff59cd9f2bd1822b98116d70964cd15183742fcc1f2ccde225a76dd30d946b3678b2cf29caff018efc07f40a200ee85843b39dd
