Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-05-06 | more precise wording | Yannick Seurin | |
Co-authored-by: Tim Ruffing <crypto@timruffing.de> | |||
2024-05-06 | spelling out FROST | Yannick Seurin | |
Co-authored-by: Tim Ruffing <crypto@timruffing.de> | |||
2024-05-03 | update changelog | Yannick Seurin | |
2024-05-03 | more precise wording for key-prefixing justification | Yannick Seurin | |
2024-04-30 | link to BIP327 | Yannick Seurin | |
2024-04-30 | updating info on multi-, threshold, and blind signatures | Yannick Seurin | |
2023-04-20 | bip340: Add subsection on Domain Separation | Tim Ruffing | |
2023-04-20 | bip340: Allow variable-length messages | Tim Ruffing | |
2023-04-20 | bip340: clarify that tags are byte arrays | Pieter Wuille | |
2023-02-19 | Mark Taproot BIPs as Final | Christian Lewe | |
2022-08-23 | BIP 340: fix function signature of lift_x in reference code | Jonas Nick | |
bip-0340.mediawiki defines lift_x as taking an integer argument. This commit changes the argument of lift_x in the reference code to be identical to the specification. Previously it took a byte array. | |||
2022-06-20 | bip-0340: clarify that lift_x fails with out-of-range inputs | Jonas Nick | |
Without this commit, it's not defined what happens if x is not in range 0..p-1. However, lift_x may easily be called with out of range values. The reference implementation of lift_x correctly returns failure in such cases. | |||
2022-01-21 | BIP340: fix broken link to Schnorr's blind signature attack | Samuel Dobson | |
2021-05-17 | BIP340: remove batch speedup graph and link to it instead | Jonas Nick | |
This avoids having to update the BIP with a fresh graph every time there's a change to libsecp and suggests that the expected speedup depends on the specific implementation. | |||
2020-11-30 | Remove the term "secret nonce", only refer to s | Orfeas Litos | |
2020-11-30 | Say that public nonce is R and private nonce is s | Orfeas Litos | |
2020-09-03 | Clarify that R=infinity is invalid in BIP340 | Pieter Wuille | |
Also rename is_infinity to is_infinite is reference implementation, to match the wording in BIP340. | |||
2020-08-26 | Clarify that Jacobian coordinates are the optimization, not the Legendre symbol | Pieter Wuille | |
2020-08-20 | Rename lift_x_even_y to lift_x | Pieter Wuille | |
2020-08-20 | Change tags to avoid collisions with earlier draft | Pieter Wuille | |
2020-08-20 | Switch to even tiebreaker for R | Pieter Wuille | |
2020-08-04 | BIP340: Fix typo | Tim Ruffing | |
2020-07-21 | Merge pull request #206 from jonasnick/some-fixups | Pieter Wuille | |
BIP-0340: Miscellaneous fixups | |||
2020-07-21 | BIP-0340: note that adapting the spec to other curves is insecure | Jonas Nick | |
2020-07-20 | Clarify security argument of x-only pubkeys better | Pieter Wuille | |
2020-07-18 | BIP-0340: Remove last remaining mention of Jacobi symbol | Jonas Nick | |
Jacobi symbol can be confusing because it may suggest that the modulus is composite. Thanks to Alan Szepieniec for pointing out this issue. | |||
2020-07-18 | BIP-0340: small fixups | Jonas Nick | |
- key prefixing means prefixing the message - array indexing starts with 0 - 'Gennaro' is spelled with two n's - has_even_y definition takes P as argument Thanks to Alan Szepieniec for pointing out these issues. | |||
2020-03-12 | Optionally print intermediate values in reference code | Tim Ruffing | |
and make reference code and pseudocode more consistent with each other | |||
2020-02-29 | Switch to only 32 bytes aux | Tim Ruffing | |
2020-02-24 | Fix a few minor issues | Tim Ruffing | |
* Recommend a byte length for aux random data * Clarify that with signature verification by default at the end of the signing algorithm, using public keys from untrusted sources is not an issue. * A few editorial nits | |||
2020-02-23 | Address comments | Pieter Wuille | |
2020-02-23 | Switch to new synth nonce scheme and make it default | Pieter Wuille | |
2020-02-23 | give bip32 conversion its own section | Anthony Towns | |
2020-02-23 | Include d in nonce rather than d' | Anthony Towns | |
2020-02-23 | notes about precomputed pubkey data | Anthony Towns | |
2020-02-23 | Change tags to prevent inconsistent breakage with earlier draft | Pieter Wuille | |
2020-02-23 | Switch to even-y tiebreaker for pubkeys | Pieter Wuille | |
2020-02-23 | BIP-340: Improve wording of recommendation for fresh secret keys | Jonas Nick | |
2020-02-23 | BIP-340: Stress that secret key should be fresh and if not then RFC6979 ↵ | Jonas Nick | |
shouldn't be used | |||
2020-02-23 | Update bip-0340.mediawiki | Keagan McClelland | |
2020-02-19 | Merge pull request #884 from RandyMcMillan/patch-2 | Luke Dashjr | |
bip-0340: typo change intent to intend | |||
2020-01-28 | BIP 340: Recommend verifying the signing output | Jonas Nick | |
2020-01-28 | BIP 340: Recommend synthetic nonces | Jonas Nick | |
2020-01-26 | change intent to intend | @RandyMcMillan | |
2020-01-20 | fix BIP links | Pieter Wuille | |
2020-01-19 | Fixes to headers | Pieter Wuille | |
2020-01-19 | fixes | Pieter Wuille | |
2020-01-19 | Rename BIPs | Pieter Wuille | |