Comments (2)
It does not accept variable length messages, and it does not contain the extra 4 tests added to it that test this capability.
Hi correct that this isn't fully implemented. We never implemented as:
- Typically in Bitcoin situations, we're always signing a 32-byte sighash.
- No opcodes today in Bitcoin actually use the variable length message signing.
Going over the test vectors it is clear that in fact, normally RFC6979 should not be used with Bitcoin (and Nostr) Schnorr signatures at all, since the security flaw this RFC aims to eliminate is handled by the BIP 340 tagged nonces.
I'm not sure what you mean by this, see the section on "alternative signing": https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#user-content-Alternative_Signing
This can be most reliably accomplished by not reusing the same private key across different signing schemes. For example, if the rand value was computed as per RFC6979 and the same secret key is used in deterministic ECDSA with RFC6979, the signatures can leak the secret key through nonce reuse.
We counteract this by using a distinct RFC6979 tag for the ECDSA and Schnorr signatures. IMO RFC6979 is still an improvement to the ergonomics of the scheme, as it does away with the requirement to generate secure randomness for each signature.
from btcd.
I'm completely unable to respond to this. I won't bother in future, my experience with your dev group is pretty consistent.
from btcd.
Related Issues (20)
- Cannot spend 2 taproot output in one transaction
- Can you help me
- is there anyway to speedup the IBD and sync of btcd? HOT 2
- ecdsa.ParseDERSignature() succeeds for an invalid signature (append arbitrary data) HOT 4
- mempool.IsDust comment and argument name are out of date HOT 3
- chainhash do not include Unmarshal at v1.0.2 HOT 1
- `btcjson`: duplicate error codes
- Generating Taproot Address HOT 1
- BIP 322 Support HOT 12
- Is it a good idea to integrate nostr protocol into p2p layer? If not, why? HOT 2
- [email protected]
- no way to set rpcVersion! this is too freaky for https://getblock.io/ HOT 1
- blockchain: accounting error (off-by-one?) in utxo set cache size HOT 3
- reject good block ,sync stall HOT 21
- rpcclient: no way to set 'verbosity' parameter on GetBlock rpc call HOT 5
- btcec is still version v2.3.2 HOT 3
- btcutil refactoring HOT 2
- How to construct a schnorr multi-signature transaction HOT 3
- `btcjson`: map all bitcoind errors in one place
- Cannot broadcast segwit transaction with two outputs
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from btcd.