Skip to content

Commit

Permalink
crypto: lower the EC_SIGNATURE_DER_MAX_LOW_R_LEN constant to 70
Browse files Browse the repository at this point in the history
This constant is the size of signatures produced by wally when grinding.
As wally (and libsecp256k1[-zkp]) always produce low-S signatures, the
maximum size is 70 bytes plus the sighash byte for low-R signatures.

This affects the dummy witness stack function, making transaction fee
estimation more accurate.
jgriffiths committed Nov 16, 2023

Verified

This commit was signed with the committer’s verified signature.
1 parent e443bca commit 168b676
Showing 3 changed files with 7 additions and 7 deletions.
6 changes: 3 additions & 3 deletions include/wally_crypto.h
Original file line number Diff line number Diff line change
@@ -359,10 +359,10 @@ WALLY_CORE_API int wally_pbkdf2_hmac_sha512(
#define EC_SIGNATURE_LEN 64
/** The length of a compact recoverable signature produced by EC signing */
#define EC_SIGNATURE_RECOVERABLE_LEN 65
/** The maximum encoded length of a DER encoded signature */
/** The maximum encoded length of a DER signature (High-R, High-S), excluding sighash byte */
#define EC_SIGNATURE_DER_MAX_LEN 72
/** The maximum encoded length of a DER encoded signature created with `EC_FLAG_GRIND_R` */
#define EC_SIGNATURE_DER_MAX_LOW_R_LEN 71
/** The maximum encoded length of a DER signature created with `EC_FLAG_GRIND_R` (Low-R, Low-S), excluding sighash byte */
#define EC_SIGNATURE_DER_MAX_LOW_R_LEN 70
/** The length of a secp256k1 scalar value */
#define EC_SCALAR_LEN 32

6 changes: 3 additions & 3 deletions src/transaction.c
Original file line number Diff line number Diff line change
@@ -72,7 +72,7 @@ static void assert_tx_assumptions(void)
{
BUILD_ASSERT(WALLY_TXHASH_LEN == SHA256_LEN);
BUILD_ASSERT(sizeof(DUMMY_SIG) == EC_SIGNATURE_DER_MAX_LEN + 1);
BUILD_ASSERT(sizeof(DUMMY_SIG) - 1 == EC_SIGNATURE_DER_MAX_LOW_R_LEN + 1);
BUILD_ASSERT(sizeof(DUMMY_SIG) > EC_SIGNATURE_DER_MAX_LOW_R_LEN + 1);
}
/* LCOV_EXCL_STOP */

@@ -348,10 +348,10 @@ int wally_tx_witness_stack_set_dummy(struct wally_tx_witness_stack *stack,

if (flags == WALLY_TX_DUMMY_SIG) {
p = DUMMY_SIG;
len = sizeof(DUMMY_SIG);
len = sizeof(DUMMY_SIG); /* High-R, High-S plus sighash byte */
} else if (flags == WALLY_TX_DUMMY_SIG_LOW_R) {
p = DUMMY_SIG;
len = sizeof(DUMMY_SIG) - 1; /* Low-R signatures are always at least 1 byte shorter */
len = EC_SIGNATURE_DER_MAX_LOW_R_LEN + 1; /* Low-R, Low-S plus sighash byte */
} else if (flags != WALLY_TX_DUMMY_NULL)
return WALLY_EINVAL;
return wally_tx_witness_stack_set(stack, index, p, len);
2 changes: 1 addition & 1 deletion src/wasm_package/src/const.js
Original file line number Diff line number Diff line change
@@ -77,7 +77,7 @@ export const EC_PUBLIC_KEY_LEN = 33;
export const EC_PUBLIC_KEY_UNCOMPRESSED_LEN = 65;
export const EC_SCALAR_LEN = 32;
export const EC_SIGNATURE_DER_MAX_LEN = 72;
export const EC_SIGNATURE_DER_MAX_LOW_R_LEN = 71;
export const EC_SIGNATURE_DER_MAX_LOW_R_LEN = 70;
export const EC_SIGNATURE_LEN = 64;
export const EC_SIGNATURE_RECOVERABLE_LEN = 65;
export const EC_XONLY_PUBLIC_KEY_LEN = 32;

0 comments on commit 168b676

Please sign in to comment.