allow use of custom nonce in ecdsa_sign #11
Conversation
|
Hi, thank you for the patch. Can you write a test where this new option is used? |
|
@ludbb ok, will do. |
add test of custom nonce
| #since we don't increment the counter here, that will not succeed. | ||
| #Of course the likelihood of such an error is infinitesimal. | ||
| #TLDR this is not intended to be used in real life; use | ||
| #deterministic signatures. |
There was a problem hiding this comment.
As briefly mentioned here, using a custom nonce function is certainly not something you'd normally want to do; the particular use case we had related to stealth addresses. The problem was that the default operation of the library ecdsa_sign does not return the value of the nonce, and this is needed in this case. A brief discussion with Greg Maxwell today indicated that there might be a possibility of having the nonce value returned in the extra data field in future in the upstream library; this would allow one to use the nonce value without using a non-default (non-rfc6979) nonce. There may be other situations where a custom nonce function is required for some reason, so one way or another this patch (which is just exposing what the underlying library offers) might conceivably be useful for someone, even given the caveats.
As per the title. Calling code would need to build the nonce function and data with cffi and pass it in.