-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NUT-11 uses compressed pubkeys where xonly is called for #133
Comments
It seems odd to me that your secp implementation requires an x-only key. The Could you confirm that your lib is not able to verify signatures with an odd parity ( |
I'm not using any specific library for anything at the moment. The BIP-340 specification - which
I'm assuming you're using the Some libraries do this same thing, accepting a Point-like type:
Others like
Verification works regardless of the points' parity, because fundamentally BIP340 verification only uses the X-coordinate of the pubkey and signature nonce as input. My point is that in the cashu spec, we should reference upstream specs (BIP340), not upstream implementations ( Speaking of ambiguity: A signature issued by If you want to keep the status quo without changing the spec too much, i'd suggest we go this route.
But going forward with new NUTs if we use BIP340 signatures again, we should use the spec as intended, and use xonly pubkeys to avoid potential unforeseen bugs. |
NUT-11 says:
However, in the examples, the pubkey specified in the
Secret.data
field is a 33-byte compressed key. The schnorr signature verification function oflibsecp256k1
, as with any BIP340 implementation in general, requires a 32-byte x-only public key.I suggest either:
P2PK
Secret.data
field02
byte)The text was updated successfully, but these errors were encountered: