Skip to content

Instantly share code, notes, and snippets.

@robot-dreams

robot-dreams/challenge_001.md Secret

Created January 7, 2022 18:06
Show Gist options
  • Star 7 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save robot-dreams/669c13bc724fdeb9af8460c9b64d5665 to your computer and use it in GitHub Desktop.
Save robot-dreams/669c13bc724fdeb9af8460c9b64d5665 to your computer and use it in GitHub Desktop.
Download ZIP
Challenge 001
Raw
challenge_001.md

You're given Schnorr signatures on two different messages signed by the same private key. Fortunately for you (the adversary), the signer screwed up their implementation of BIP-340 and reused a nonce.

Can you capitalize on this fatal error and extract the signer's private key?

Note: You may find it helpful to interpret some of the byte strings as ASCII, in order to check your work.

Public Key

463F9E1F3808CEDF5BB282427ECD1BFE8FC759BC6F65A42C90AA197EFC6F9F26

Message 1

6368616E63656C6C6F72206F6E20746865206272696E6B206F66207365636F6E

Signature 1

F3F148DBF94B1BCAEE1896306141F319729DCCA9451617D4B529EB22C2FB521A32A1DB8D2669A00AFE7BE97AF8C355CCF2B49B9938B9E451A5C231A45993D920

Message 2

6974206D69676874206D616B652073656E7365206A75737420746F2067657420

Signature 2

F3F148DBF94B1BCAEE1896306141F319729DCCA9451617D4B529EB22C2FB521A974240A9A9403996CA01A06A3BC8F0D7B71D87FB510E897FF3EC5BF347E5C5C1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment