Closed zargarzadehm closed 4 months ago
Hi Do you use the same msg to initialize NewLocalParty*(msg, ...) ? If the message to sign is not the same across all signing parties, it could possibly result in the error in round 9.
Hi Do you use the same msg to initialize NewLocalParty*(msg, ...) ? If the message to sign is not the same across all signing parties, it could possibly result in the error in round 9.
I checked, and the msg is the same for all parties. I also tested using NewLocalParty
instead of NewLocalPartyWithKDD
(without key derivation), and the message was signed successfully. The issue arises when attempting to sign using NewLocalPartyWithKDD
.
Did you call UpdatePublicKeyAndAdjustBigXj? For a given keyDelta value, it should be noticed that the corresponding child pubkey is needed to feed in
keyDerivationDelta := big.NewInt(123)
deltaG := crypto.ScalarBaseMult(tss.S256(), keyDerivationDelta)
cPk, err := deltaG.Add(keys[0].ECDSAPub)
cPubKey := ecdsa.PublicKey{
Curve: btcec.S256(),
X: cPk.X(),
Y: cPk.Y(),
}
err = UpdatePublicKeyAndAdjustBigXj(keyDerivationDelta, keys, &cPubKey, tss.S256())
Did you call UpdatePublicKeyAndAdjustBigXj? For a given keyDelta value, it should be noticed that the corresponding child pubkey is needed to feed in
keyDerivationDelta := big.NewInt(123) deltaG := crypto.ScalarBaseMult(tss.S256(), keyDerivationDelta) cPk, err := deltaG.Add(keys[0].ECDSAPub) cPubKey := ecdsa.PublicKey{ Curve: btcec.S256(), X: cPk.X(), Y: cPk.Y(), } err = UpdatePublicKeyAndAdjustBigXj(keyDerivationDelta, keys, &cPubKey, tss.S256())
Thank you for your assistance; my issue was related to updating the reference keys.
As a suggestion, I believe that UpdatePublicKeyAndAdjustBigXj
should be called for a single key rather than a list of keys. In production use, each user should call this function with their key, which should be passed as a pointer.
Hi
I'm trying to use ecdsa singing with
NewLocalPartyWithKDD
but I'm getting this error in round 9:Do you have any suggestions? Which parameters in creating a party can affect the verification in round 9?