diff options
| author | Sebastian Falbesoner <sebastian.falbesoner@gmail.com> | 2024-06-14 14:33:40 +0200 |
|---|---|---|
| committer | Sebastian Falbesoner <sebastian.falbesoner@gmail.com> | 2024-06-22 01:48:44 +0200 |
| commit | 59cc43d727000794f18dac0a502cd87c0daec22a (patch) | |
| tree | 7c22335138cf9a2a57a474ae3dc89bbf3d69604d /bip-0352.mediawiki | |
| parent | 47033c62dc101080c31c1e8a88118ae8288f6d36 (diff) | |
BIP-352: scanning: add step to skip tx if input pubkeys sum A is point at infinity
The input data for the test vector is taken from the signet transaction
fe788cf6578d547819def43d79e6c8f0153d4885f5a343d12bd03f34507aabd6
which spends two P2WPKH inputs with negated pubkeys (x, y) and (x, -y)
from the funding transaction 3a286147b25e16ae80aff406f2673c6e565418c40f45c071245cdebc8a94174e
(see also https://github.com/bitcoin-core/secp256k1/pull/1519#issuecomment-2143167510
and the output from the script in the previous commit message).
Co-authored-by: josibake <josibake@protonmail.com>
Diffstat (limited to 'bip-0352.mediawiki')
| -rw-r--r-- | bip-0352.mediawiki | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/bip-0352.mediawiki b/bip-0352.mediawiki index def4d0b..0cf63a9 100644 --- a/bip-0352.mediawiki +++ b/bip-0352.mediawiki @@ -335,6 +335,7 @@ A scan and spend key pair using BIP32 derivation are defined (taking inspiration If each of the checks in ''[[#scanning-silent-payment-eligible-transactions|Scanning silent payment eligible transactions]]'' passes, the receiving wallet must: * Let ''A = A<sub>1</sub> + A<sub>2</sub> + ... + A<sub>n</sub>'', where each ''A<sub>i</sub>'' is the public key of an input from the ''[[#inputs-for-shared-secret-derivation|Inputs For Shared Secret Derivation]]'' list +** If ''A'' is the point at infinity, skip the transaction * Generate the ''input_hash'' with the smallest outpoint lexicographically and ''A'', using the method described above * Let ''ecdh_shared_secret = input_hash·b<sub>scan</sub>·A'' * Check for outputs: |