Lloyd Fournier
Lloyd Fournier
> @LLFourn Should indexer be a `pub mod` or do we just re export everything under it? I think it must be `pub mod` otherwise you will be re-exporting the...
ConceptACK. Don't have time for a full review now. @evanlinjin?
Yes it's very important that not all 33 byte arrays are valid points because not all 32 byte arrays are valid x-coordinates on secp256k1 (around half are not!).
> We should, however, remove the functions for MuSig2 adaptor signatures as they lack both a specification and a satisfactory security proof. I read this and assumed it just means...
This is reviewable now. Please excuse poor documentation. I think I'll do a full sweep after I've attempted implementing the bip. See #189 for why I did multiplicative tweaking.
> The awkward parts were 1) applying tweaks to both SharedKey and PairedSecretShare Hmm I was actually thinking you wouldn't have to do this unless in your protocol signers are...
@irriden I can relax this a bit but you will need `CoordinatorSignSession` to verify the signature shares anyway or are you not doing that in this case?
@irriden see the two last commits. Hopefully the tweaking is more straightforward now. There is no longer two variants of tweakings "xonly" and normal tweaks. To do an xonly tweak...
See 4e222791dad3cde339aa65d9b5f52929b96f74f4 where I make a method to make it more discoverable how this is meant to work.
I just pushed a commit to make "verification shares" a first class type. Now you use the verification shares to verify signature shares. @irriden you can now create a polynomial...