Creates and verifies Winternitz signatures.
| 133 | |
| 134 | /// Creates and verifies Winternitz signatures. |
| 135 | pub trait Verifier { |
| 136 | /// Creates a Winternitz signature for the given `secret_key` and `digits`. |
| 137 | /// |
| 138 | /// ## Output format |
| 139 | /// |
| 140 | /// - `hash(digits[0])` |
| 141 | /// - `digits[0]` |
| 142 | /// - `hash(digits[1])` |
| 143 | /// - `digits[1]` |
| 144 | /// - ... |
| 145 | /// - `hash(digits[n + m - 1])` |
| 146 | /// - `digits[n + m - 1]` |
| 147 | /// |
| 148 | /// There are `n` message digits followed by `m` checksum digits. |
| 149 | /// The checksum is computed internally. |
| 150 | fn sign_digits(ps: &Parameters, secret_key: &SecretKey, message_digits: Vec<u32>) -> Witness { |
| 151 | let digits = add_message_checksum(ps, message_digits); |
| 152 | let mut result = Witness::new(); |
| 153 | for i in 0..ps.total_digit_len() { |
| 154 | let sig = digit_signature(secret_key, i, digits[i as usize]); |
| 155 | // FIXME: Do trailing zeroes violate Bitcoin Script's minimum data push requirement? |
| 156 | // Maybe the script! macro removes the zeroes. |
| 157 | // There is a 1/256 chance that a signature contains a trailing zero. |
| 158 | result.push(sig); |
| 159 | result.push(bitcoin_representation(digits[i as usize] as i32)); |
| 160 | } |
| 161 | result |
| 162 | } |
| 163 | |
| 164 | /// Returns a Bitcoin script that verifies a Winternitz signature for the given `public_key`. |
| 165 | /// |
| 166 | /// The checksum is verified by a separate Bitcoin script. |
| 167 | /// |
| 168 | /// ## Precondition |
| 169 | /// |
| 170 | /// - `hash(digits[0])` |
| 171 | /// - `digits[0]` |
| 172 | /// - `hash(digits[1])` |
| 173 | /// - `digits[1]` |
| 174 | /// - ... |
| 175 | /// - `hash(digits[n + m - 1])` |
| 176 | /// - `digits[n + m - 1]` (stack top) |
| 177 | /// |
| 178 | /// For `n` message digits followed by `m` checksum digits. |
| 179 | /// |
| 180 | /// ## Postcondition |
| 181 | /// |
| 182 | /// - `digits[n + m - 1]` |
| 183 | /// - `digits[n + m - 2]` |
| 184 | /// - ... |
| 185 | /// - `digits[0]` (alt stack top) |
| 186 | /// |
| 187 | /// The input is consumed from the stack. |
| 188 | fn verify_digits(ps: &Parameters, public_key: &PublicKey) -> Script; |
| 189 | } |
| 190 | |
| 191 | /// Converts the message on the stack after signature verification. |
| 192 | pub trait Converter { |
nothing calls this directly
no outgoing calls
no test coverage detected