Closed iashishanand closed 1 month ago
I suggest you follow the start_musig_txbuilder()
in the tap-node/src/template
, it is a working example.
Btw, let tapKeySig = Buffer.from(signature, 'hex');
is not seemed right, delete hex
Thanks a lot, deleting hex
from let tapKeySig = Buffer.from(signature, 'hex');
worked.
Also you have any lead on adaptor signature implementation in javascript or can we use/modify @cmdcode/musig2
library to achieve the same. I am also working on implementing DLC using adaptor signature, but did not find any easy to understand implementation out there.
you welcome. At the best of my knowledge, here is the only repo that use musig2 in bitcoins (I'm actually using the @cmdcode/musig2, but its working in taproot). DLCs is mostly involved with the off-chain psbt, I'm reading the specification, if you are interested, you can join the build of DLCs.
Hi @UIZorrot, I tried running a quick experiment on @cmdcode/musig2 can you check and verify whether this is a correct approach. For the purpose of experiment I hardcoded these:
const ADAPTOR_POINT = "633d066237862db2292981e8b1e191c15b6a853a8083160076a24168f83a9d57";
const ADAPTOR_SECRET = "6ccc11c46751edab5d9ba2acf68d0133fb67b68fa701c2ab8eddd3d98efe5595";
I changed the get_challenge()
to make the signature invalid by adding adaptor point to group_rx:
export function get_challenge(group_rx, group_pub, message) {
// Convert group_rx to a point
const R = pt.lift_x(group_rx);
// Convert adaptor point to a point
const T = pt.lift_x(Buff.hex(ADAPTOR_POINT));
// Add R and T
const R_plus_T = pt.add(R, T);
// Convert back to x-coordinate
const combined_x = pt.to_bytes(R_plus_T).slice(1);
const grx = convert_32b(combined_x);
const gpx = convert_32b(group_pub);
// Create the challenge pre-image
const preimg = Buff.join([grx, gpx, message]);
// Return the challenge hash
return hash340('BIP0340/challenge', preimg);
}
And I changed the implementation for combine_psigs()
to add the adaptor secret to the combined signature at end and as well as modifying the group_rx value to make the signature valid:
export function combine_psigs(context, signatures) {
const { challenge, group_state, group_rx } = context;
const { parity, tweak } = group_state;
const sigs = signatures
.map(e => parse_psig(e))
.map(e => e.sig);
const s = combine_s(sigs);
const e = challenge.big;
const a = e * parity * tweak;
const adaptor_secret = Buff.hex(ADAPTOR_SECRET).big;
const sig = math.mod_n(s + a + adaptor_secret);
// Convert group_rx to a point
const R = pt.lift_x(group_rx);
// Convert adaptor point to a point
const T = pt.lift_x(Buff.hex(ADAPTOR_POINT));
// Add R and T
const R_plus_T = pt.add(R, T);
// Convert back to x-coordinate
const combined_rx = pt.to_bytes(R_plus_T).slice(1);
// Return the combined signature with R+T as the nonce
return Buff.join([
keys.convert_32b(combined_rx),
Buff.big(sig, 32)
]);
}
These changes were directly made to the node_modules file, and it's giving weird result sometimes it passes the signature test for MuSig2 as well as @noble/curve library. But sometimes it give that signatures are wrong for the same set of values.
It looks like good, maybe there are some buffer conversion problem?
I am trying to implement MuSig transaction using @cmdcode/musig2 and bitcoinjs-lib library. @UIZorrot I have followed your issue thread on bitcoinjs-lib. But I am getting this error constantly.
Error: Mandatory-script-verify-flag-failed (Invalid Schnorr signature)
Any help would be appreciated.