I’m discovering it tough to determine the right way to correctly multiply the key-pairs with the challenges.
privkey1, pubkey1 = generate_key_pair(sha256(b'key0'))
privkey2, pubkey2 = generate_key_pair(sha256(b'key1'))
privkey3, pubkey3 = generate_key_pair(sha256(b'key2'))
pubkeys = [pubkey1, pubkey2, pubkey3]
# Compute key challenges
# Technique: use generate_musig_key() on the record of pubkeys.
# generate_musig_key() returns a problem map and the mixture public key.
c_map, pubkey_agg = generate_musig_key(pubkeys)# TODO: implement
print("Aggregated Public Key's {}n".format(pubkey_agg.get_bytes().hex()))
# Multiply key pairs by problem issue
The diagram exhibits that tweaked non-public key di'
= ci
* di
This made me suppose to do one thing like:
privkey1_c = int.from_bytes(c_map[pubkey1], "massive") * int.from_bytes(privkey1.get_bytes(), "massive")
(cant multiply bytes immediately)
However this leads to a quantity far too giant and since SECP256K1_ORDER
was not imported (for modulo operations) I figured that may be a mistake on my half. I additionally tried to simply set it like this:
privkey1_c = ECKey().set(c_map[pubkey1])
Which ends up in a legitimate key however shouldn’t be the anticipated values which might be checked on the assertions on the backside of the code:
assert privkey1_c.secret == 104717570570407299858230629579807834166658508605015363884161538594382975780625
assert privkey2_c.secret == 65554880484297966965546994775376394861215085064604177497808278620612854069980
assert privkey3_c.secret == 106998690642216524894360365246223287721822845133760006050846956016514597569168
I really feel like I am misunderstanding how the problem map pertains to the problem issue within the diagram. I assume it outputs ci
for every pubkey but when that is the case, multiplying that quantity by the unique privkey will end in a worth too giant for SECP256K1_ORDER.
There may be additionally this half:
# Decide if the non-public and public keys have to be negated.
# Trace: The mixture public secret is the one which must be legitimate.
if pubkey_agg.get_y() % 2 != 0:
pubkey_agg.negate()
# TODO: implement
For the reason that key era shouldn’t be random this has the identical outcome each time which is that the if assertion returns false (even worth) and won’t get used, so until I’m misunderstanding that this half appears to be a crimson herring (irrelevant to the difficulty).