use BitXor operator; clean up taproot key test and debug printlns

Trust-Machines · Oct 28, 2024 · 1e6b142 · 1e6b142
1 parent d7cf6ed
commit 1e6b142
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 38 deletions.
diff --git a/src/compute.rs b/src/compute.rs
@@ -174,8 +174,3 @@ pub fn merkle_root(data: &[u8]) -> [u8; 32] {
 
     hasher.finalize().into()
 }
-
-/// logical xor
-pub fn xor(a: bool, b: bool) -> bool {
-    (a && !b) || (b && !a)
-}
diff --git a/src/taproot.rs b/src/taproot.rs
@@ -30,7 +30,6 @@ impl SchnorrProof {
     /// Verify a BIP-340 schnorr proof
     #[allow(non_snake_case)]
     pub fn verify(&self, public_key: &field::Element, msg: &[u8]) -> bool {
-        println!("taproot verify: public_key  {}", &public_key);
         let Y = match Point::lift_x(public_key) {
             Ok(Y) => Y,
             Err(_) => return false,
@@ -40,7 +39,6 @@ impl SchnorrProof {
             Err(_) => return false,
         };
         let c = compute::challenge(&Y, &R, msg);
-        println!("taproot verify: challenge   {}", c);
         let Rp = self.s * G - c * Y;
 
         Rp.has_even_y() && Rp.x() == self.r
@@ -153,16 +151,10 @@ mod test {
     use crate::{compute, traits::Aggregator, traits::Signer, v1, v2};
     use rand_core::OsRng;
 
-    fn xor(a: bool, b: bool) -> bool {
-        (a && !b) || (b && !a)
-    }
-
     #[test]
     #[allow(non_snake_case)]
     fn key_tweaks() {
         let mut rng = OsRng;
-        let script = "OP_1".as_bytes();
-        let merkle_root = compute::merkle_root(script);
         let r = Scalar::random(&mut rng);
         let R = r * G;
         let rp = if R.has_even_y() { r } else { -r };
@@ -183,6 +175,7 @@ mod test {
         }
 
         println!("P.has_even_y {}", P.has_even_y());
+        let c = compute::challenge(&P, &R, msg.as_bytes());
         let s = r - c * d;
         assert!(R == s * G + c * P);
 
@@ -198,21 +191,20 @@ mod test {
             assert!(Pp == (-d) * G);
             let R = Point::lift_x(&proof.r).unwrap();
             let e = compute::challenge(&P, &R, msg.as_bytes());
-            //let e = c.clone();
             let Rp = proof.s * G - e * Pp;
-            //assert!(Rp.has_even_y());
-            //assert_eq!(Rp.x(), proof.r);
+            assert!(Rp.has_even_y());
+            assert_eq!(Rp.x(), proof.r);
         }
-        //assert!(proof.verify(&P.x(), msg.as_bytes()));
+        assert!(proof.verify(&P.x(), msg.as_bytes()));
 
-        let mut Q = Point::lift_x(&P.x()).unwrap();
+        let Q = Point::lift_x(&P.x()).unwrap();
         let c = compute::challenge(&Q, &R, msg.as_bytes());
         println!("Q.has_even_y {}", Q.has_even_y());
 
         assert!(Q != P);
         assert!(d * G != Q);
 
-        let mut e = -d;
+        let e = -d;
 
         assert!(e * G == Q);
 
@@ -244,7 +236,7 @@ mod test {
         let t = compute::tweak(&P, None);
         //let d = if !P.has_even_y() || !S.has_even_y() {
         //let d = if !S.has_even_y() {
-        let d = if !P.has_even_y() { (-d + t) } else { (d + t) };
+        let d = if !P.has_even_y() { -d + t } else { d + t };
         assert!((d * G).x() == S.x());
         assert!((d * G) == S);
 
@@ -272,7 +264,7 @@ mod test {
         let t = compute::tweak(&Q, None);
         //let e = if !Q.has_even_y() || !T.has_even_y() {
         //let e = if !T.has_even_y() {
-        let e = if !Q.has_even_y() { (-e + t) } else { (e + t) };
+        let e = if !Q.has_even_y() { -e + t } else { e + t };
         assert!((e * G).x() == T.x());
         assert!((e * G) == T);
 
@@ -407,7 +399,6 @@ mod test {
         let key_ids = S.iter().flat_map(|s| s.get_key_ids()).collect::<Vec<u32>>();
         let mut sig_agg = v2::Aggregator::new(Nk, T);
         sig_agg.init(&polys).expect("aggregator init failed");
-        let public_key = sig_agg.poly[0].clone();
         let tweaked_public_key = compute::tweaked_public_key(&sig_agg.poly[0], merkle_root);
         let (nonces, sig_shares) = test_helpers::sign(msg, &mut S, &mut rng, merkle_root);
         let proof = match sig_agg.sign_taproot(msg, &nonces, &sig_shares, &key_ids, merkle_root) {

diff --git a/src/v1.rs b/src/v1.rs
@@ -237,7 +237,7 @@ impl Party {
         let tweaked_public_key = if let Some(t) = tweak {
             if t != Scalar::zero() {
                 let key = compute::tweaked_public_key_from_tweak(&self.group_key, t);
-                if compute::xor(key.has_even_y(), self.group_key.has_even_y()) {
+                if key.has_even_y() ^ self.group_key.has_even_y() {
                     cx_sign = -cx_sign;
                 }
 
@@ -253,7 +253,6 @@ impl Party {
         };
 
         let c = compute::challenge(&tweaked_public_key, aggregate_nonce, msg);
-        println!("v1 sign_pre_twk challenge {}", &c);
         let mut cx = c * &self.private_key * compute::lambda(self.id, signers);
 
         cx = cx_sign * cx;
@@ -312,7 +311,6 @@ impl Aggregator {
             aggregate_public_key
         };
         let c = compute::challenge(&tweaked_public_key, &R, msg);
-        println!("v1 sign_with_twk: challenge {}", c);
 
         for sig_share in sig_shares {
             z += sig_share.z_i;
@@ -471,19 +469,9 @@ impl traits::Aggregator for Aggregator {
         merkle_root: Option<[u8; 32]>,
     ) -> Result<SchnorrProof, AggregatorError> {
         let tweak = compute::tweak(&self.poly[0], merkle_root);
-        println!(
-            "sign_taproot: agg_pubkey    {}",
-            &hex::encode(self.poly[0].compress().as_bytes())
-        );
-        println!("sign_taproot: agg_pubkey.x  {}", &self.poly[0].x());
         let (key, sig) = self.sign_with_tweak(msg, nonces, sig_shares, Some(tweak))?;
         let proof = SchnorrProof::new(&sig);
 
-        println!(
-            "sign_taproot: tweaked_key   {}",
-            &hex::encode(key.compress().as_bytes())
-        );
-        println!("sign_taproot: tweaked_key.x {}", &key.x());
         if proof.verify(&key.x(), msg) {
             Ok(proof)
         } else {

diff --git a/src/v2.rs b/src/v2.rs
@@ -193,7 +193,7 @@ impl Party {
         let tweaked_public_key = if let Some(t) = tweak {
             if t != Scalar::zero() {
                 let key = compute::tweaked_public_key_from_tweak(&self.group_key, t);
-                if compute::xor(key.has_even_y(), self.group_key.has_even_y()) {
+                if key.has_even_y() ^ self.group_key.has_even_y() {
                     cx_sign = -cx_sign;
                 }
 
@@ -209,7 +209,6 @@ impl Party {
         };
         let (_, R) = compute::intermediate(msg, party_ids, nonces);
         let c = compute::challenge(&tweaked_public_key, &R, msg);
-        println!("v2 sign_with_tweak: challenge {}", c);
         let mut r = &self.nonce.d + &self.nonce.e * compute::binding(&self.id(), nonces, msg);
         if tweak.is_some() && !R.has_even_y() {
             r = -r;
@@ -321,7 +320,7 @@ impl Aggregator {
         };
         let c = compute::challenge(&tweaked_public_key, &R, msg);
         let mut r_sign = Scalar::one();
-        let mut cx_sign = Scalar::one();
+        let cx_sign = Scalar::one();
         if tweak.is_some() {
             if !R.has_even_y() {
                 r_sign = -Scalar::one();