Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Properly handle BIP-340 Schnorr signatures with or without BIP-341 taproot tweaked keys #94

Merged
merged 42 commits into from
Nov 15, 2024
+1,020 −347
Merged

Properly handle BIP-340 Schnorr signatures with or without BIP-341 taproot tweaked keys #94

Show file tree
Hide file tree
Changes from 20 commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
506d915
fix v1 and v2; get started on coordinator state machines
xoloki Oct 17, 2024
990bf86
fix signer state machine; more frost fixes
xoloki Oct 17, 2024
a94b62b
more frost clonings
xoloki Oct 17, 2024
ae8857f
finish frost
xoloki Oct 17, 2024
f1788c3
start on fire
xoloki Oct 17, 2024
77833ec
fire coordinator builds
xoloki Oct 17, 2024
7dd8d1e
tests pass; fmt fixed:
xoloki Oct 17, 2024
25ef974
add missing sign_schnorr to aggregator and coordinators
xoloki Oct 17, 2024
3f9b193
inc major semver since lots of APIs changed
xoloki Oct 17, 2024
be1d95d
test sign_schnorr in coordinators dkg_sign tests
xoloki Oct 17, 2024
e70ffb5
split run_dkg_sign into run_dkg, run_sign, then have run_dkg_sign tes…
xoloki Oct 17, 2024
0b56917
add missing frost run_dkg_sign_v2; change log spam to debug
xoloki Oct 22, 2024
801ab5b
remove commented out hasher updates, just use debug string
xoloki Oct 22, 2024
0016b24
build coordinator test functions as public module
xoloki Oct 22, 2024
56e4909
return operation result from run_sign
xoloki Oct 22, 2024
d7cf6ed
fix schnorr and taproot signing; needs cleanup
xoloki Oct 26, 2024
1e6b142
use BitXor operator; clean up taproot key test and debug printlns
xoloki Oct 28, 2024
a9606bc
clippy prefers slices and not taking references to ref args
xoloki Oct 28, 2024
86c2f48
be more explicit about usize casting since sbtc gets confused
xoloki Oct 28, 2024
30839f6
clippy prefers slices to vec refs
xoloki Oct 28, 2024
75acbba
use explicit match instead of debug string for SignatureType when has…
xoloki Oct 29, 2024
536f79c
use match not if let/else if let
xoloki Oct 29, 2024
00bc258
re-enable taproot signing in dkg_sign test; fix check_signature_share…
xoloki Oct 30, 2024
fa10d08
clippy didn't like else
xoloki Oct 30, 2024
53bcf90
don't take a ref from a ref
xoloki Oct 31, 2024
2d57f20
return OperationResult::SignError if gather_sig_shares fails; add tes…
xoloki Nov 1, 2024
f34ced5
allow large enum variants
xoloki Nov 1, 2024
708eced
return more SignError rather than percolating up via ?
xoloki Nov 1, 2024
e5ac9ae
chain AesGcmError into signer error; comment on why unwraps should no…
xoloki Nov 4, 2024
1ec996b
remove commented out check in test
xoloki Nov 4, 2024
0932a4d
add comment explaining check_signature_shares test fn
xoloki Nov 4, 2024
11e3ca4
add trait, function, and inline comments to explain how to handle BIP…
xoloki Nov 4, 2024
645c263
clippy fixes; add comments
xoloki Nov 4, 2024
7ded9b3
derive Copy for SignatureType
xoloki Nov 7, 2024
a10ba81
change todo to warn
xoloki Nov 11, 2024
d31e57e
log more info before returning NotEnoughShares from compute_secret in v2
xoloki Nov 11, 2024
b4ecea6
add debugging around DkgPrivateShares in fire coordinator
xoloki Nov 11, 2024
e214f39
possible malicious signer log should be warn not debug
xoloki Nov 11, 2024
543a685
remove excess logging
xoloki Nov 13, 2024
8bb25cc
now that SignatureType impls Copy, we don't need to clone it but some…
xoloki Nov 13, 2024
fabc875
now that we don't clone SignatureType we can pass it into struct crea…
xoloki Nov 13, 2024
8e26944
break up long comment lines since rustfmt doesn't
xoloki Nov 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "wsts"
version = "9.2.0"
version = "10.0.0"
edition = "2021"
authors = ["Joey Yandle <[email protected]>"]
license = "Apache-2.0"
Expand Down
7 changes: 6 additions & 1 deletion src/compute.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,12 @@ pub fn tweak(public_key: &Point, merkle_root: Option<[u8; 32]>) -> Scalar {

/// Create a BIP341 compliant taproot tweak from a public key and merkle root
pub fn tweaked_public_key(public_key: &Point, merkle_root: Option<[u8; 32]>) -> Point {
public_key + tweak(public_key, merkle_root) * G
tweaked_public_key_from_tweak(public_key, tweak(public_key, merkle_root))
}

/// Create a BIP341 compliant taproot tweak from a public key and a pre-calculated tweak
pub fn tweaked_public_key_from_tweak(public_key: &Point, tweak: Scalar) -> Point {
Point::lift_x(&public_key.x()).unwrap() + tweak * G
djordon marked this conversation as resolved.
Show resolved Hide resolved
}

/// Create a taproot style merkle root from the serialized script data
Expand Down
46 changes: 21 additions & 25 deletions src/net.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,10 +273,8 @@ pub struct NonceRequest {
pub sign_iter_id: u64,
/// The message to sign
pub message: Vec<u8>,
/// Whether to make a taproot signature
pub is_taproot: bool,
/// Taproot merkle root
pub merkle_root: Option<MerkleRoot>,
/// What type of signature to create
pub signature_type: SignatureType,
}

impl Debug for NonceRequest {
Expand All @@ -286,8 +284,7 @@ impl Debug for NonceRequest {
.field("sign_id", &self.sign_id)
.field("sign_iter_id", &self.sign_iter_id)
.field("message", &hex::encode(&self.message))
.field("is_taproot", &self.is_taproot)
.field("merkle_root", &self.merkle_root.as_ref().map(hex::encode))
.field("signature_type", &self.signature_type)
.finish()
}
}
Expand All @@ -299,10 +296,7 @@ impl Signable for NonceRequest {
hasher.update(self.sign_id.to_be_bytes());
hasher.update(self.sign_iter_id.to_be_bytes());
hasher.update(self.message.as_slice());
hasher.update((self.is_taproot as u16).to_be_bytes());
if let Some(merkle_root) = self.merkle_root {
hasher.update(merkle_root);
}
hasher.update(format!("{:?}", self.signature_type));
}
}

Expand Down Expand Up @@ -367,6 +361,17 @@ impl Signable for NonceResponse {
}
}

#[derive(Clone, Serialize, Deserialize, Debug, PartialEq)]
/// Signature type
pub enum SignatureType {
/// FROST signature
Frost,
/// BIP-340 Schnorr proof
Schnorr,
/// BIP-341 Taproot style schnorr proof with a merkle root
Taproot(Option<MerkleRoot>),
}

#[derive(Clone, Serialize, Deserialize, PartialEq)]
/// Signature share request message from coordinator to signers
pub struct SignatureShareRequest {
Expand All @@ -380,10 +385,8 @@ pub struct SignatureShareRequest {
pub nonce_responses: Vec<NonceResponse>,
/// Bytes to sign
pub message: Vec<u8>,
/// Whether to make a taproot signature
pub is_taproot: bool,
/// Taproot merkle root
pub merkle_root: Option<MerkleRoot>,
/// What type of signature to create
pub signature_type: SignatureType,
}

impl Debug for SignatureShareRequest {
Expand All @@ -394,8 +397,7 @@ impl Debug for SignatureShareRequest {
.field("sign_iter_id", &self.sign_iter_id)
.field("nonce_responses", &self.nonce_responses)
.field("message", &hex::encode(&self.message))
.field("is_taproot", &self.is_taproot)
.field("merkle_root", &self.merkle_root.as_ref().map(hex::encode))
.field("signature_type", &self.signature_type)
.finish()
}
}
Expand All @@ -411,11 +413,7 @@ impl Signable for SignatureShareRequest {
}

hasher.update(self.message.as_slice());

hasher.update((self.is_taproot as u16).to_be_bytes());
if let Some(merkle_root) = self.merkle_root {
hasher.update(merkle_root);
}
hasher.update(format!("{:?}", self.signature_type));
}
}

Expand Down Expand Up @@ -792,8 +790,7 @@ mod test {
sign_id: 0,
sign_iter_id: 0,
message: vec![],
is_taproot: false,
merkle_root: None,
signature_type: SignatureType::Frost,
};
let msg = Message::NonceRequest(nonce_request.clone());
let coordinator_packet_nonce_request = Packet {
Expand Down Expand Up @@ -862,8 +859,7 @@ mod test {
sign_iter_id: 0,
nonce_responses: vec![],
message: vec![],
is_taproot: false,
merkle_root: None,
signature_type: SignatureType::Frost,
};
let msg = Message::SignatureShareRequest(signature_share_request.clone());
let coordinator_packet_signature_share_request = Packet {
Expand Down
Loading
Loading