File tree Expand file tree Collapse file tree 2 files changed +61
-3
lines changed Expand file tree Collapse file tree 2 files changed +61
-3
lines changed Original file line number Diff line number Diff line change 1+ package adaptor
2+
3+ import (
4+ "github.com/btcsuite/btcd/btcec/v2/schnorr"
5+ "github.com/decred/dcrd/dcrec/secp256k1/v4"
6+ )
7+
8+ // Extract extracts the secret from the given adapted signature and adaptor signature
9+ func Extract (adaptedSigBytes []byte , adaptorSigBytes []byte ) []byte {
10+ adaptedR , err := schnorr .ParsePubKey (adaptedSigBytes [0 :32 ])
11+ if err != nil {
12+ return nil
13+ }
14+
15+ adaptorR , err := schnorr .ParsePubKey (adaptorSigBytes [0 :32 ])
16+ if err != nil {
17+ return nil
18+ }
19+
20+ var adaptedRPoint , adaptorRPoint secp256k1.JacobianPoint
21+ adaptedR .AsJacobian (& adaptedRPoint )
22+ adaptorR .AsJacobian (& adaptorRPoint )
23+
24+ var rPointSub , rPointAdd secp256k1.JacobianPoint
25+ secp256k1 .AddNonConst (& adaptedRPoint , NegatePoint (& adaptorRPoint ), & rPointSub )
26+ secp256k1 .AddNonConst (& adaptedRPoint , & adaptorRPoint , & rPointAdd )
27+
28+ adaptedSig := NewSignature (adaptedSigBytes )
29+ adaptorSig := NewSignature (adaptorSigBytes )
30+
31+ t := adaptedSig .s .Add (adaptorSig .s .Negate ())
32+
33+ var T secp256k1.JacobianPoint
34+ secp256k1 .ScalarBaseMultNonConst (t , & T )
35+
36+ switch T {
37+ case rPointSub :
38+ return SerializeScalar (t )
39+ case rPointAdd :
40+ return SerializeScalar (t .Negate ())
41+ default :
42+ return nil
43+ }
44+ }
Original file line number Diff line number Diff line change @@ -14,16 +14,30 @@ type Signature struct {
1414}
1515
1616// NewSignature creates a new Signature from bytes
17- // Assume that the given byte slice is valid
17+ // Assume that the given signature is valid
1818func NewSignature (sigBytes []byte ) * Signature {
1919 var r btcec.FieldVal
20- _ = r .SetByteSlice (sigBytes [0 :32 ])
20+ r .SetByteSlice (sigBytes [0 :32 ])
2121
2222 var s btcec.ModNScalar
23- _ = s .SetByteSlice (sigBytes [32 :])
23+ s .SetByteSlice (sigBytes [32 :])
2424
2525 return & Signature {
2626 r ,
2727 s ,
2828 }
2929}
30+
31+ // NegatePoint negates the given point
32+ func NegatePoint (point * btcec.JacobianPoint ) * btcec.JacobianPoint {
33+ result := * point
34+ result .Y .Negate (1 ).Normalize ()
35+
36+ return & result
37+ }
38+
39+ // SerializeScalar serializes the given scalar
40+ func SerializeScalar (scalar * btcec.ModNScalar ) []byte {
41+ bz := scalar .Bytes ()
42+ return bz [:]
43+ }
You can’t perform that action at this time.
0 commit comments