Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify musig2 secret nonces #108

Merged
merged 5 commits into from
Apr 18, 2024
Merged

Verify musig2 secret nonces #108

merged 5 commits into from
Apr 18, 2024

Conversation

sstone
Copy link
Member

@sstone sstone commented Apr 16, 2024

Trying to generate a musig2 partial signature with a secret nonce that was generated with a public key that does not match the siging key's public key will trigger secp256k1's illegal callback (which calls abort()) and crash the application.

=> Here we verify that the secret nonce matches the siging keys before we call secp256k1_musig_partial_sign(). The verification method is a bit hackish (we extract the public key from the secret nonce blob) because secp256k1 does not export the methods we need to do this cleanly.

@sstone
Verify musig2 secret nonces
e532ad8 
Trying to generate a musig2 partial signature with a secret nonce that was generated with a public key that does not match the
siging key's public key will trigger secp256k1's illegal callback (which calls abort()) and crash the application.

=> Here we verify that the secret nonce matches the siging keys before we call secp256k1_musig_partial_sign().
The verification method is a bit hackish (we extract the public key from the secret nonce blob) because secp256k1 does not export the methods we need
to do this cleanly.
@sstone sstone requested a review from t-bast April 16, 2024 12:27
t-bast
t-bast reviewed Apr 17, 2024
View reviewed changes
Copy link
Member

@t-bast t-bast left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see a better way of verifying this, so it should be fine. Even though it feels hackish to interpret what should be an opaque blob, our test coverage ensures that we cannot mess it up.

tests/src/commonTest/kotlin/fr/acinq/secp256k1/Secp256k1Test.kt Show resolved Hide resolved
src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt Outdated Show resolved Hide resolved
src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt Outdated Show resolved Hide resolved
src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt Outdated Show resolved Hide resolved
@sstone sstone merged commit 567f411 into master Apr 18, 2024
6 checks passed
@sstone sstone deleted the snapshot/validate-musig2-nonces branch April 18, 2024 07:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@t-bast t-bast t-bast approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sstone @t-bast