search

bnb-chain / tss-lib

Threshold Signature Scheme, for ECDSA and EDDSA
MIT License
790 stars 271 forks source link

ecdsa/signing finalize_round.data.Signature serialization #85

Closed 0xmountaintop closed 4 years ago

0xmountaintop commented 4 years ago

why https://github.com/binance-chain/tss-lib/blob/4fcd04b0ce5527ece51afa70c7852b5fd03b120c/ecdsa/signing/finalize.go#L59

instead of 

sig := btcec.Signature{
    R: new(big.Int).SetBytes(round.data.R),
    S: new(big.Int).SetBytes(round.data.S),
}
round.data.Signature = sig.Serialize()

such serialization also passes the test case in local_party_test.go

signature, err := btcec.ParseSignature(sig.Serialize(), btcec.S256())
if err != nil {
    t.Log("parse secp256k1 signature failed")
}

if !signature.Verify(big.NewInt(42).Bytes(), pubKey) {
    t.Log("errVerifyFail")
}

pubKey is 

pkX, pkY := keys[0].ECDSAPub.X(), keys[0].ECDSAPub.Y()
pk := ecdsa.PublicKey{
    Curve: tss.EC(),
    X:     pkX,
    Y:     pkY,
}

pubKey, err := btcec.ParsePubKey((*btcec.PublicKey)(&pk).SerializeCompressed(), btcec.S256())
if err != nil {
    t.Log("parse secp256k1 public key failed")
}
notatestuser commented 4 years ago

We didn't want to be bound too tightly to btcec in the API.

You can rebuild the btcec.Signature easily:

sig := &btcec.Signature{
    R: new(big.Int).SetBytes(data.R),
    S: new(big.Int).SetBytes(data.S),
}