tornadocontrib/noble-curves
1
0
Fork 0
forked from tornado-packages/noble-curves
Code Pull Requests Activity

secp256k1: Fix schnorrGetExtPubKey y coordinate

Browse Source
This commit is contained in:
Paul Miller 2023-02-27 16:20:13 +00:00
parent ec2c3e1248
commit 214c9aa553
No known key found for this signature in database
GPG Key ID: 697079DA6878B89B
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/secp256k1.ts
View File

@ -117,10 +117,13 @@ const GmulAdd = (Q: PointType<bigint>, a: bigint, b: bigint) =>
Point.BASE.multiplyAndAddUnsafe(Q, a, b); Point.BASE.multiplyAndAddUnsafe(Q, a, b);
// Calculate point, scalar and bytes // Calculate point, scalar and bytes
function schnorrGetExtPubKey(priv: PrivKey) { function schnorrGetExtPubKey(priv: PrivKey) {
const d = secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey let d = secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey
const point = Point.fromPrivateKey(d); // P = d'⋅G; 0 < d' < n check is done inside let p = Point.fromPrivateKey(d); // P = d'⋅G; 0 < d' < n check is done inside
const scalar = point.hasEvenY() ? d : modN(-d); // d = d' if has_even_y(P), otherwise d = n-d' if (!p.hasEvenY()) {
return { point, scalar, bytes: pointToBytes(point) }; d = modN(-d);
p = p.negate();
}
return { point: p, scalar: d, bytes: pointToBytes(p) };
} }
/** /**
* lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point.