projects / rust-lightning / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 23d9514) | patch
Use `Sha256`s for tweaks in `sign` to enforce randomness
authorMatt Corallo <git@bluematt.me>
Fri, 19 Apr 2024 00:36:52 +0000 (00:36 +0000)
committerMatt Corallo <git@bluematt.me>
Mon, 22 Apr 2024 13:00:29 +0000 (13:00 +0000)
commit9f1c9062db3278597429751c00b3cc7b0ef277e0
tree58e923d302147dbea0e46aee01e62b3e0b33d466tree | snapshot
parent23d9514259d0e9f8d9caecd96c0818674aaf7d92commit | diff
Use `Sha256`s for tweaks in `sign` to enforce randomness

We assume that tweaks are the output of a SHA-256 hash function
(and thus that failing to create a private key from the has
negligible probability) in `add_public_key_tweak` and elsewhere.

Thus, we really shouldn't be taking byte arrays in the public API
but rather `Sha256` objects, and communicating in the docs for
`add_public_key_tweak` that we can panic if its not the output of
a hash function, both of which we do here.
lightning/src/ln/channel_keys.rs diff | blob | history
lightning/src/sign/mod.rs diff | blob | history
Personal fork of Rust-Lightning. Upstream is https://github.com/rust-bitcoin/rust-lightning