Gregory Maxwell
Gregory Maxwell
@elichai It's offtopic, but since you edited the microecc code, I'm confused by: "* We just use H(m) directly rather than bits2octets(H(m)) (it is not reduced modulo curve_n)." IIRC, in...
Ah, indeed that's right! I don't see how to exploit that particular behaviour, either. Thanks for answering my question!
@real-or-random if it's buggy and the cross tests pass that in and of itself is _extremely informative_ as the tests should be catching real bugs. ... though the first link...
The main purpose of cross testing is to find (or avoid) deficiencies in the tests and prevent them from concealing complementary bugs in the library. If those bugs in microecc...
> So we need to exclude the failing instances from the cross-tests (as we can't hope for micro-ecc to fix them). Just fix 'em locally. Unless it takes a heroic...
> . Currently, you have to enter it and do a clean shutdown instead of just terminating. Well with this, if you "just terminate" you're going to end up with...
We constructed a new kind of signmessage for elements which is conceptually a lot better and supports arbitrary scripts-- but it immediately runs into a problem that softfork semantics only...
Generally the node is defended from block denial by the subscription to three peers in HB mode, resulting in getting up to four copies even in the face of malicious...
@aymericcousaert see the provided protocol design tips: https://github.com/sipa/minisketch/blob/master/doc/protocoltips.md In a reconciliation protocol you will almost always want to use keys no longer than is needed to make collisions between distinct...
Or you should do both. The choice of 32 bytes messages is the one in Bitcoin and isn't going to change, in particular to gain from not prehashing you'd totally...