Skip to content

Commit

Permalink
fixup! convert KeyAgg output to point before assigning to Q
Browse files Browse the repository at this point in the history
  • Loading branch information
@jonasnick
jonasnick committed Jan 5, 2022
1 parent a215a92 commit 8984271
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions doc/musig-spec.mediawiki
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ Input:
The algorithm ''Sign(secnonce, sk, aggnonce, pk<sub>1..u</sub>, m)'' is defined as:
* Let ''R<sub>1</sub> = pointc(aggnonce[0:33]), R<sub>2</sub> = pointc(aggnonce[33:66])''; fail if that fails
* Let ''Q = KeyAgg(pk<sub>1..u</sub>)''; fail if that fails
* Let ''Q = point(KeyAgg(pk<sub>1..u</sub>))''; fail if that fails
* Let ''b = int(hash<sub>MuSig/noncecoef</sub>(aggnonce || bytes(Q) || m)) mod n''
* Let ''R = R<sub>1</sub> + b⋅R<sub>2</sub>''
* Fail if ''is_infinite(R)''
Expand Down Expand Up @@ -195,7 +195,7 @@ Input:
The algorithm ''PartialSigVerifyInternal(psig, pubnonce, aggnonce, pk<sub>1..u</sub>, pk<sup>*</sup>, m)'' is defined as:
* Let ''s = int(psig)''; fail if ''s &ge; n''
* Let ''R<sub>1</sub> = pointc(aggnonce[0:33]), R<sub>2</sub> = pointc(aggnonce[33:66])''; fail if that fails
* Let ''Q = KeyAgg(pk<sub>1..u</sub>)''; fail if that fails
* Let ''Q = point(KeyAgg(pk<sub>1..u</sub>))''; fail if that fails
* Let ''b = int(hash<sub>MuSig/noncecoef</sub>(aggnonce || bytes(Q) || m)) mod n''
* Let ''R = R<sub>1</sub> + b⋅R<sub>2</sub>''
* Let ''R<sup>*</sup><sub>1</sub> = pointc(pubnonce[0:33]), R<sup>*</sup><sub>2</sub> = pointc(pubnonce[33:66])''
Expand Down

0 comments on commit 8984271

Please sign in to comment.