diff options
author | Pieter Wuille <pieter@wuille.net> | 2021-06-17 16:54:56 -0700 |
---|---|---|
committer | Pieter Wuille <pieter@wuille.net> | 2021-08-20 14:29:23 -0400 |
commit | addb9b5a71ff96bdb1a4c15bc9345de0d7f2c98c (patch) | |
tree | 7d3753ee845ed37f88755bec6c0ce8a8784b00c9 /src/key.h | |
parent | 4fc15d15667d9d9c4fb5515ce73c05b4596298ec (diff) |
Improve comments in taproot signing logic
Diffstat (limited to 'src/key.h')
-rw-r--r-- | src/key.h | 13 |
1 files changed, 9 insertions, 4 deletions
@@ -133,10 +133,15 @@ public: * optionally tweaked by *merkle_root. Additional nonce entropy can be provided through * aux. * - * When merkle_root is not nullptr, this results in a signature with a modified key as - * specified in BIP341: - * - If merkle_root->IsNull(): key + H_TapTweak(pubkey)*G - * - Otherwise: key + H_TapTweak(pubkey || *merkle_root) + * merkle_root is used to optionally perform tweaking of the private key, as specified + * in BIP341: + * - If merkle_root == nullptr: no tweaking is done, sign with key directly (this is + * used for signatures in BIP342 script). + * - If merkle_root->IsNull(): sign with key + H_TapTweak(pubkey) (this is used for + * key path spending when no scripts are present). + * - Otherwise: sign with key + H_TapTweak(pubkey || *merkle_root) + * (this is used for key path spending, with specific + * Merkle root of the script tree). */ bool SignSchnorr(const uint256& hash, Span<unsigned char> sig, const uint256* merkle_root = nullptr, const uint256* aux = nullptr) const; |