Closed elichai closed 3 months ago
Can you rebase to get CI passing?
Can you rebase to get CI passing?
Done :)
Ok, now the CI failures look real -- formatting and MSRV.
I've realized that this adds another reason to have a first-class signing API in bitcoin
since this double hashing is not intuitive.
For sure -- in Bitcoin we want a signing API that takes the sighash types (or something equivalent) and does the right thing. And which doesn't let you sign arbitrary crap, at least not without first extracting a rust-secp key.
Looking forward to seeing this released! @christophera
As discussed on https://github.com/rust-bitcoin/rust-secp256k1/issues/702 and on IRC, BIP340 has evolved from supporting only "pre-hashed" 32 byte messages, to supporting messages of "any length" and as such we should allow the users to pass a message of any length. Note that passing exactly 32 bytes will make the API behave exactly as before (ie it will produce the same signatures).
I added all the test vectors from: https://github.com/bitcoin/bips/blob/master/bip-0340/test-vectors.csv To make sure the API is correct even for empty messages and shorter/longer ones :)