Merge pull request #1466 from paulmillr/patch-2

nip44: clarify ecdh hashing
This commit is contained in:
Vitor Pamplona 2024-09-03 08:37:21 -04:00 committed by GitHub
commit a928d11fb5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

2
44.md
View File

@ -142,6 +142,8 @@ validation rules, refer to BIP-340.
The operation produces a shared point, and we encode the shared point's 32-byte x coordinate, using method The operation produces a shared point, and we encode the shared point's 32-byte x coordinate, using method
`bytes(P)` from BIP340. Private and public keys must be validated as per BIP340: pubkey must be a valid, `bytes(P)` from BIP340. Private and public keys must be validated as per BIP340: pubkey must be a valid,
on-curve point, and private key must be a scalar in range `[1, secp256k1_order - 1]`. on-curve point, and private key must be a scalar in range `[1, secp256k1_order - 1]`.
NIP44 doesn't do hashing of the output: keep this in mind, because some libraries hash it using sha256.
As an example, in libsecp256k1, unhashed version is available in `secp256k1_ec_pubkey_tweak_mul`
- Operators - Operators
- `x[i:j]`, where `x` is a byte array and `i, j <= 0` returns a `(j - i)`-byte array with a copy of the - `x[i:j]`, where `x` is a byte array and `i, j <= 0` returns a `(j - i)`-byte array with a copy of the
`i`-th byte (inclusive) to the `j`-th byte (exclusive) of `x`. `i`-th byte (inclusive) to the `j`-th byte (exclusive) of `x`.