Notice of copyright infringement

[gmaxwell]

https://github.com/jl777/SuperNET/blob/master/iguana/iguana_secp.c

And many other files contain large amounts of code copied directly from the Bitcoin project, libsecp256k1 and other places where I am a copyright holder. In all these cases this was performed in violation of the very permissive software license: stripping off all attribution and copyright notices.

Please remedy this.

Thanks.

[jl777]

The libsecp256k1 library was included at the source level and their copyright notices are intact. the file iguana_secp.c is calling the licsecp256k1 functions and I wrote them, so I did not think that it made sense to add the copyright notice of the functions it was calling.

can you please point out the specific code in iguana_secp.c that you feel is infringing your copyright? I assure you that any file that is externally created retains its copyright notices, unless there was an oversight made. I just dont see any such in iguana_secp.c

Please tell me what code inside iguana_secp.c that you wrote. If I overlooked any or included more than fair use principles allow, I will immediately correct this.

[gmaxwell]

uh. Come on, almost the entire file is copied, you even copied the comments verbatim -- https://github.com/jl777/SuperNET/blob/master/iguana/iguana_secp.c#L455

[jl777]

You mean the single test function that is #ifdef disabled?

/*

• The intended procedure for creating a multiparty signature is:
• • Each signer S[i] with private key x[i] and public key Q[i] runs
• secp256k1_schnorr_generate_nonce_pair to produce a pair (k[i],R[i]) of private/public nonces.
• • All signers communicate their public nonces to each other (revealing your
• private nonce can lead to discovery of your private key, so it should be considered secret).
• • All signers combine all the public nonces they received (excluding their
• own) using secp256k1_ec_pubkey_combine to obtain an Rall[i] = sum(R[0..i-1,i+1..n]).
• • All signers produce a partial signature using
• secp256k1_schnorr_partial_sign, passing in their own private key x[i],
• their own private nonce k[i], and the sum of the others' public nonces Rall[i].
• • All signers communicate their partial signatures to each other.
• • Someone combines all partial signatures using secp256k1_schnorr_partial_combine, to obtain a full signature.
• • The resulting signature is validatable using secp256k1_schnorr_verify, with
• public key equal to the result of secp256k1_ec_pubkey_combine of the signers' public keys (sum(Q[0..n])).
• Note that secp256k1_schnorr_partial_combine and secp256k1_ec_pubkey_combine
• function take their arguments in any order, and it is possible to
• pre-combine several inputs already with one call, and add more inputs later
• by calling the function again (they are commutative and associative).
  */

#ifdef test_schnorr
#include "secp256k1/src/util.h"
#include "secp256k1/src/hash_impl.h"
#include "secp256k1/src/testrand_impl.h"

void test_schnorr_threshold(void ctx) {
unsigned char msg[32];
unsigned char sec[5][32];
secp256k1_pubkey pub[5];
unsigned char nonce[5][32];
secp256k1_pubkey pubnonce[5];
unsigned char sig[5][64];
const unsigned char sigs[5];
unsigned char allsig[64];
const secp256k1_pubkey* pubs[5];
secp256k1_pubkey allpub;
int n, i;
int damage;
int ret = 0;

damage = secp256k1_rand_bits(1) ? (1 + secp256k1_rand_int(4)) : 0;
secp256k1_rand256_test(msg);
n = 2 + secp256k1_rand_int(4);
for (i = 0; i < n; i++) {
    do {
        secp256k1_rand256_test(sec[i]);
    } while (!secp256k1_ec_seckey_verify(ctx, sec[i]));
    CHECK(secp256k1_ec_pubkey_create(ctx, &pub[i], sec[i]));
    CHECK(secp256k1_schnorr_generate_nonce_pair(ctx, &pubnonce[i], nonce[i], msg, sec[i], NULL, NULL));
    pubs[i] = &pub[i];
}
if (damage == 1) {
    nonce[secp256k1_rand_int(n)][secp256k1_rand_int(32)] ^= 1 + secp256k1_rand_int(255);
} else if (damage == 2) {
    sec[secp256k1_rand_int(n)][secp256k1_rand_int(32)] ^= 1 + secp256k1_rand_int(255);
}
for (i = 0; i < n; i++) {
    secp256k1_pubkey allpubnonce;
    const secp256k1_pubkey *pubnonces[4];
    int j;
    for (j = 0; j < i; j++) {
        pubnonces[j] = &pubnonce[j];
    }
    for (j = i + 1; j < n; j++) {
        pubnonces[j - 1] = &pubnonce[j];
    }
    CHECK(secp256k1_ec_pubkey_combine(ctx, &allpubnonce, pubnonces, n - 1));
    ret |= (secp256k1_schnorr_partial_sign(ctx, sig[i], msg, sec[i], &allpubnonce, nonce[i]) != 1) * 1;
    sigs[i] = sig[i];
}
if (damage == 3) {
    sig[secp256k1_rand_int(n)][secp256k1_rand_bits(6)] ^= 1 + secp256k1_rand_int(255);
}
ret |= (secp256k1_ec_pubkey_combine(ctx, &allpub, pubs, n) != 1) * 2;
if ((ret & 1) == 0) {
    ret |= (secp256k1_schnorr_partial_combine(ctx, allsig, sigs, n) != 1) * 4;
}
if (damage == 4) {
    allsig[secp256k1_rand_int(32)] ^= 1 + secp256k1_rand_int(255);
}
if ((ret & 7) == 0) {
    ret |= (secp256k1_schnorr_verify(ctx, allsig, msg, &allpub) != 1) * 8;
}
CHECK((ret == 0) == (damage == 0));

}
#endif

I have removed this from the source tree (dev branch). Thank you for finding this single function that was still there and not deleted in a file without the libsecp copyright notice. Let me know if you find any other functions you wrote in my files.

I have no idea what you mean by saying almost the entire file is copied. Are you seriously claiming that you have copyright for functions like: bits256 bitcoin_pubkey33(secp256k1_context *ctx,uint8_t *data,bits256 privkey)

it uses the bits256 data type that is something I made, so how can you claim that you wrote it? I dont remember if falsely accusing someone is slander or libel. 1 out of 24 functions in the file, and one that was ifdef'ed out does not equal "almost the entire file"