-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Research]: Can we verify Schnorr signatures in Clarity? #33
Comments
The answer to "can we verify Schnoor via any default functions" is almost definitely "no", as the built-in function only verifies ECDSA. Here is the Clarity Rust code that calls into that function. |
Yeah just I saw that too. I'm wondering if there are any Clarity libraries which allow us to do this, or expose lower level curve point operations that we could build upon. I'm not aware of any though. |
I've updated the ticket concluding that this is currently not possible. |
Yeah, unfortunately I'm not aware of any libraries. Is it even possible to build a schnoor verification library with only 128 uints? (I truly have no idea) |
Well, no and yes. You'd have to implement our own uint 256 first. So the lack of a 256 uint library (that we know if) is a further indication that this does not exist. |
We need a new design ticket on "how do we aggregate votes in clarity"? |
I know this is done. but just want to put this link here for posterity stacks-network/stacks-core#4002 |
Completing the issue description and arriving at a conclusion is the deliverable of this issue.
Research - Can we verify Schnorr signatures in Clarity?
This ticket holds the research relating to if we can verify Schnorr signatures in Clarity smart contracts.
1. Summary
We are currently not aware of any Clarity library providing any secp256k1 curve primitives or Schnorr signatures.
2. Context & Relevance
Verifying Schnorr signatures in Clarity would allow us to create contract calls which the signers can only make as a single unit, which is needed for the deposit and withdrawal flows.
3. Research
3.1 Proposed Research Conclusions
After searching and asking around I have not been able to find any library or contract which allows us to do secp256k1 curve math or verify Schnorr signatures in Clarity contracts. The only known secp256k1 operations in Clarity are the built-in functions for ECDSA signature verification (secp256k1-verify and secp256k1-recover).
To move forward with the sBTC design there are a few possible paths forward:
secp256k1-verify
.3.2 External Resources
Clarity built-in functions https://docs.stacks.co/clarity/functions
3.3 Areas of Ambiguity
Closing Checklist
The text was updated successfully, but these errors were encountered: