summaryrefslogtreecommitdiff
path: root/bip-0340.mediawiki
AgeCommit message (Collapse)Author
2024-05-06more precise wordingYannick Seurin
Co-authored-by: Tim Ruffing <crypto@timruffing.de>
2024-05-06spelling out FROSTYannick Seurin
Co-authored-by: Tim Ruffing <crypto@timruffing.de>
2024-05-03update changelogYannick Seurin
2024-05-03more precise wording for key-prefixing justificationYannick Seurin
2024-04-30link to BIP327Yannick Seurin
2024-04-30updating info on multi-, threshold, and blind signaturesYannick Seurin
2023-04-20bip340: Add subsection on Domain SeparationTim Ruffing
2023-04-20bip340: Allow variable-length messagesTim Ruffing
2023-04-20bip340: clarify that tags are byte arraysPieter Wuille
2023-02-19Mark Taproot BIPs as FinalChristian Lewe
2022-08-23BIP 340: fix function signature of lift_x in reference codeJonas Nick
bip-0340.mediawiki defines lift_x as taking an integer argument. This commit changes the argument of lift_x in the reference code to be identical to the specification. Previously it took a byte array.
2022-06-20bip-0340: clarify that lift_x fails with out-of-range inputsJonas Nick
Without this commit, it's not defined what happens if x is not in range 0..p-1. However, lift_x may easily be called with out of range values. The reference implementation of lift_x correctly returns failure in such cases.
2022-01-21BIP340: fix broken link to Schnorr's blind signature attackSamuel Dobson
2021-05-17BIP340: remove batch speedup graph and link to it insteadJonas Nick
This avoids having to update the BIP with a fresh graph every time there's a change to libsecp and suggests that the expected speedup depends on the specific implementation.
2020-11-30Remove the term "secret nonce", only refer to sOrfeas Litos
2020-11-30Say that public nonce is R and private nonce is sOrfeas Litos
2020-09-03Clarify that R=infinity is invalid in BIP340Pieter Wuille
Also rename is_infinity to is_infinite is reference implementation, to match the wording in BIP340.
2020-08-26Clarify that Jacobian coordinates are the optimization, not the Legendre symbolPieter Wuille
2020-08-20Rename lift_x_even_y to lift_xPieter Wuille
2020-08-20Change tags to avoid collisions with earlier draftPieter Wuille
2020-08-20Switch to even tiebreaker for RPieter Wuille
2020-08-04BIP340: Fix typoTim Ruffing
2020-07-21Merge pull request #206 from jonasnick/some-fixupsPieter Wuille
BIP-0340: Miscellaneous fixups
2020-07-21BIP-0340: note that adapting the spec to other curves is insecureJonas Nick
2020-07-20Clarify security argument of x-only pubkeys betterPieter Wuille
2020-07-18BIP-0340: Remove last remaining mention of Jacobi symbolJonas Nick
Jacobi symbol can be confusing because it may suggest that the modulus is composite. Thanks to Alan Szepieniec for pointing out this issue.
2020-07-18BIP-0340: small fixupsJonas Nick
- key prefixing means prefixing the message - array indexing starts with 0 - 'Gennaro' is spelled with two n's - has_even_y definition takes P as argument Thanks to Alan Szepieniec for pointing out these issues.
2020-03-12Optionally print intermediate values in reference codeTim Ruffing
and make reference code and pseudocode more consistent with each other
2020-02-29Switch to only 32 bytes auxTim Ruffing
2020-02-24Fix a few minor issuesTim Ruffing
* Recommend a byte length for aux random data * Clarify that with signature verification by default at the end of the signing algorithm, using public keys from untrusted sources is not an issue. * A few editorial nits
2020-02-23Address commentsPieter Wuille
2020-02-23Switch to new synth nonce scheme and make it defaultPieter Wuille
2020-02-23give bip32 conversion its own sectionAnthony Towns
2020-02-23Include d in nonce rather than d'Anthony Towns
2020-02-23notes about precomputed pubkey dataAnthony Towns
2020-02-23Change tags to prevent inconsistent breakage with earlier draftPieter Wuille
2020-02-23Switch to even-y tiebreaker for pubkeysPieter Wuille
2020-02-23BIP-340: Improve wording of recommendation for fresh secret keysJonas Nick
2020-02-23BIP-340: Stress that secret key should be fresh and if not then RFC6979 ↵Jonas Nick
shouldn't be used
2020-02-23Update bip-0340.mediawikiKeagan McClelland
2020-02-19Merge pull request #884 from RandyMcMillan/patch-2Luke Dashjr
bip-0340: typo change intent to intend
2020-01-28BIP 340: Recommend verifying the signing outputJonas Nick
2020-01-28BIP 340: Recommend synthetic noncesJonas Nick
2020-01-26change intent to intend@RandyMcMillan
2020-01-20fix BIP linksPieter Wuille
2020-01-19Fixes to headersPieter Wuille
2020-01-19fixesPieter Wuille
2020-01-19Rename BIPsPieter Wuille