Open wip-abramson opened 8 months ago
Hey Will, I'm looking at the BIP327 spec and realizing that it's different than what I've implemented (over a year ago). Thus, I would hold off until the updates to the library for making it BIP327 compliant are done. Sorry for the hassle!
Sure, no worries.
What are the differences out of interest?
Very specific ways to generate the nonce, ways to add more than one tweak and so on. I've got all the tests passing, it's just a matter of getting it ready as a PR.
I have been attempting to construct bitcoin address that is a 2-2 MuSig address only. No taproot tree.
Something like this
The p2tr_musig address is always tweaked. see cecc.py L200
I think this is correct per BIP86.
But, when I construct MuSig using the get_signature function. If there is no merkle_root, then no tweak is applied.
So I get back a valid signature from the untweaked public key. However, when I try to verify I transaction with an input that has a
p2tr_musig
value as ScriptPubKey it verifies as false. Because the pubkey used for the ScriptPubKey is tweaked, but the sig has not been.Basically
I believe a simple fix would be to remove the if/else in the get_signature function so that the tweak is always applied.
Happy to submit a P.R if I am on the right lines