musig_8h_source.html

// Copyright (c) 2024-present The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or https://www.opensource.org/licenses/mit-license.php.


#ifndef BITCOIN_MUSIG_H

#define BITCOIN_MUSIG_H


#include <pubkey.h>


#include <optional>

#include <vector>


struct secp256k1_musig_keyagg_cache;

class MuSig2SecNonceImpl;

struct secp256k1_musig_secnonce;


using namespace util::hex_literals;

constexpr uint256 MUSIG_CHAINCODE{

    // Use immediate lambda to work around GCC-14 bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117966

    []() consteval { return uint256{"868087ca02a6f974c4598924c36b57762d32cb45717167e300622c7167e38965"_hex_u8}; }(),

};


constexpr size_t MUSIG2_PUBNONCE_SIZE{66};


std::optional<CPubKey> MuSig2AggregatePubkeys(const std::vector<CPubKey>& pubkeys, secp256k1_musig_keyagg_cache& keyagg_cache, const std::optional<CPubKey>& expected_aggregate);

std::optional<CPubKey> MuSig2AggregatePubkeys(const std::vector<CPubKey>& pubkeys);


CExtPubKey CreateMuSig2SyntheticXpub(const CPubKey& pubkey);


class MuSig2SecNonce

{

private:

    std::unique_ptr<MuSig2SecNonceImpl> m_impl;


public:

    MuSig2SecNonce();

    MuSig2SecNonce(MuSig2SecNonce&&) noexcept;

    MuSig2SecNonce& operator=(MuSig2SecNonce&&) noexcept;

    ~MuSig2SecNonce();


    // Delete copy constructors

    MuSig2SecNonce(const MuSig2SecNonce&) = delete;

    MuSig2SecNonce& operator=(const MuSig2SecNonce&) = delete;


    secp256k1_musig_secnonce* Get() const;

    void Invalidate();

    bool IsValid();

};


uint256 MuSig2SessionID(const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256& sighash);


std::optional<std::vector<uint8_t>> CreateMuSig2AggregateSig(const std::vector<CPubKey>& participants, const CPubKey& aggregate_pubkey, const std::vector<std::pair<uint256, bool>>& tweaks, const uint256& sighash, const std::map<CPubKey, std::vector<uint8_t>>& pubnonces, const std::map<CPubKey, uint256>& partial_sigs);


#endif // BITCOIN_MUSIG_H

CPubKey
An encapsulated public key.
Definition: pubkey.h:34

MuSig2SecNonce
MuSig2SecNonce encapsulates a secret nonce in use in a MuSig2 signing session.
Definition: musig.h:49

MuSig2SecNonce::Invalidate
void Invalidate()
Definition: musig.cpp:105

MuSig2SecNonce::IsValid
bool IsValid()
Definition: musig.cpp:110

MuSig2SecNonce::MuSig2SecNonce
MuSig2SecNonce()
Definition: musig.cpp:93

MuSig2SecNonce::Get
secp256k1_musig_secnonce * Get() const
Definition: musig.cpp:100

MuSig2SecNonce::m_impl
std::unique_ptr< MuSig2SecNonceImpl > m_impl
Definition: musig.h:51

MuSig2SecNonce::MuSig2SecNonce
MuSig2SecNonce(MuSig2SecNonce &&) noexcept

MuSig2SecNonceImpl
Definition: musig.cpp:76

uint256
256-bit opaque blob.
Definition: uint256.h:196

CreateMuSig2SyntheticXpub
CExtPubKey CreateMuSig2SyntheticXpub(const CPubKey &pubkey)
Construct the BIP 328 synthetic xpub for a pubkey.
Definition: musig.cpp:64

MUSIG2_PUBNONCE_SIZE
constexpr size_t MUSIG2_PUBNONCE_SIZE
Definition: musig.h:26

MuSig2SessionID
uint256 MuSig2SessionID(const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 &sighash)
Definition: musig.cpp:115

CreateMuSig2AggregateSig
std::optional< std::vector< uint8_t > > CreateMuSig2AggregateSig(const std::vector< CPubKey > &participants, const CPubKey &aggregate_pubkey, const std::vector< std::pair< uint256, bool > > &tweaks, const uint256 &sighash, const std::map< CPubKey, std::vector< uint8_t > > &pubnonces, const std::map< CPubKey, uint256 > &partial_sigs)
Definition: musig.cpp:122

MUSIG_CHAINCODE
constexpr uint256 MUSIG_CHAINCODE
Definition: musig.h:19

MuSig2AggregatePubkeys
std::optional< CPubKey > MuSig2AggregatePubkeys(const std::vector< CPubKey > &pubkeys, secp256k1_musig_keyagg_cache &keyagg_cache, const std::optional< CPubKey > &expected_aggregate)
Compute the full aggregate pubkey from the given participant pubkeys in their current order.
Definition: musig.cpp:47

std
Definition: setup_common.h:265

util::hex_literals
""_hex is a compile-time user-defined literal returning a std::array<std::byte>, equivalent to ParseH...
Definition: strencodings.h:384

pubkey.h

CExtPubKey
Definition: pubkey.h:346

secp256k1_musig_keyagg_cache
This module implements BIP 327 "MuSig2 for BIP340-compatible Multi-Signatures" (https://github....
Definition: secp256k1_musig.h:43

secp256k1_musig_secnonce
Opaque data structure that holds a signer's secret nonce.
Definition: secp256k1_musig.h:59