Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update reference code and test vectors #196

Merged
merged 3 commits into from
Mar 10, 2020
Merged

Update reference code and test vectors #196

merged 3 commits into from
Mar 10, 2020

Conversation

jonasnick
Copy link

Probably not final because we may want to make synthetic nonces the default (bitcoin#886) and change where to put the additional randomness (#195).

@jonasnick jonasnick mentioned this pull request Feb 24, 2020
Merged
@jonasnick
Copy link
Author

Should be up to date now with #199. I'm cross-checking the test vectors with the libsecp implementation.

@jonasnick
Copy link
Author

Test vectors pass in my (locally) updated libsecp schnorrsig branch. Pr is ready for review.

@elichai
Copy link

elichai commented Mar 4, 2020
edited
Loading

FWIW the "int-wise" and "byte-wise" xor should be equivalent, so if they're both ints you can just do seckey ^ aux_rand.
This also applies to the "Default signing" protocol ie Let t be the byte-wise xor of bytes(d) and HBIP340/aux(a)[12].

@sipa
Copy link
Owner

sipa commented Mar 4, 2020

Sure, but seckey is a byte array, not an integer in the BIP, and we haven't defined an xor operation for either. You could write it as convert to int, xor, and convert back to bytes... but that would be very far removed from how things get implemented in non-prototyping code.

@elichai
Copy link

elichai commented Mar 4, 2020

Sure, but seckey is a byte array, not an integer in the BIP, and we haven't defined an xor operation for either. You could write it as convert to int, xor, and convert back to bytes... but that would be very far removed from how things get implemented in non-prototyping code.

Yeah, in any non-python enviroment you'll obviously do it by bytes. I was just confused a bit because of the wording "be the byte-wise xor", it made me think for a second that that's a distinct thing.

@real-or-random real-or-random mentioned this pull request Mar 4, 2020
Merged
@sipa
Copy link
Owner

sipa commented Mar 5, 2020

ACK

real-or-random
real-or-random approved these changes Mar 10, 2020
View reviewed changes
Copy link

@real-or-random real-or-random left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK except nit

bip-0340/test-vectors.py

return (seckey, pubkey, msg, sig, "TRUE", None)
# For historic reasons (pubkey tiebreaker was squareness and not evenness)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# For historic reasons (pubkey tiebreaker was squareness and not evenness)
# For historical reasons (pubkey tiebreaker was squareness and not evenness)

@real-or-random
Copy link

@sipa Feel free to merge, I can fix the nit in my PR.

@sipa sipa merged commit f71b5cb into sipa:bip-taproot Mar 10, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@real-or-random real-or-random real-or-random approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jonasnick @elichai @sipa @real-or-random