-
-
Save AndrejMitrovic/1afd35d75f5eba1f279427570a2e9f67 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
extern crate libsecp256k1_rs as secp256k1; | |
use secp256k1::{SecretKey, PublicKey, thread_rng, Message}; | |
use secp256k1::schnorr::{ Challenge}; | |
// This one tests that adding r/R makes key extraction impossible | |
#[allow(non_snake_case)] | |
fn main() { | |
// Create a random private key | |
let mut rng = thread_rng(); | |
let r = SecretKey::random(&mut rng); | |
println!("r: {}", r); | |
let R = PublicKey::from_secret_key(&r); | |
let k = SecretKey::random(&mut rng); | |
println!("k: {}", k); | |
let P = PublicKey::from_secret_key(&k); | |
// Challenge, e = H(P || m) | |
let m = Message::hash(b"Meet me at 12").unwrap(); | |
let e = Challenge::new(&[&P, &m]).as_scalar().unwrap(); | |
// Signature (with nonce) | |
let s = r + (e * k); | |
// Verify the signature | |
assert_eq!(PublicKey::from_secret_key(&s), R + (e*P)); | |
println!("Signature is valid."); | |
// create a fake signature | |
let mut rng2 = thread_rng(); | |
let fake_sig = SecretKey::random(&mut rng2); | |
// calculate fake R | |
let fake_R = (e * P) - PublicKey::from_secret_key(&fake_sig); | |
// the fake signature does not pass | |
assert_eq!(PublicKey::from_secret_key(&fake_sig), fake_R + (e*P)); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment