Pieter Wuille

I added a commit that permits COMB_BITS < 256 in exhaustive test mode. However, it doesn't work in a lot of configurations, and I don't understand what's causing it. Here...

Update: it appears that `EXHAUSTIVE_TEST_ORDER < 2**(BLOCKS * TEETH * (SPACING - 1))` perfectly predicts which configurations work.

Final update: I was being very dumb, and precompute_ecmult_gen just had `spacing = (COMB_RANGE + blocks * teeth) / (block * teeth)` hardcoded, leading to an inconsistency between the table...

I thought this was deliberate, because addresses are intended to be single-use.

This is pretty cool. I'll have to play with it a bit.

@elichai Boost is C++. libsecp256k1 is C.

These would be BIP341-specifiek tweaking functions then that take the merkle_root as input? I believe that's sufficient to make the construction safe. If we had a way to have callers...

asan/lsan is generally as easy as ubsan to enable (and they can all be enabled simultaneously) though has a higher performance impact. It can catch out-of-bound accesses (also on the...

So to give an idea of the status here: * The code works, is generally a speedup, and is unlikely to change much; if it does, it's probably restricted to...

@real-or-random Re posdivsteps see #979 which this PR is based on.