Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

multiplication of point does not match other open source library #1

Open
grantwest opened this issue Jan 12, 2019 · 2 comments
Open

multiplication of point does not match other open source library #1

grantwest opened this issue Jan 12, 2019 · 2 comments

Comments

@grantwest
Copy link

grantwest commented Jan 12, 2019
edited
Loading

btcd and lnd both use this function for multiplying a public key point by a private key:
https://github.com/btcsuite/btcd/blob/master/btcec/btcec.go#L758

This library sometimes produces a different result than the btcsuite implementation. For example:

test "mult that fails" do
  k = bin("1111111111111111111111111111111111111111111111111111111111111111")
  x = 31855367722742370537280679280108010854876607759940877706949385967087672770343
  y = 46659058944867745027460438812818578793297503278458148978085384795486842595210
  p = Secp256k1.Point.new(Secp256k1.Secp256k1Curve, x, y)
  p = Secp256k1.Point.mult(p, as_uint(k))
  assert p.x == 54221562124304953885180771592460698670019519428706259911404568629517370541567
  assert p.y == 41503598524832693408649273746083320222793867734891856875367632750649152059192
end

test "mult that passes" do
  k = bin("1212121212121212121212121212121212121212121212121212121212121212")
  x = 63982838722979151810905110027192376571325135238113748936948631759147324327927
  y = 17180151785156071809562681746353818655281144606192631545001595874213337763680
  p = Secp256k1.Point.new(Secp256k1.Secp256k1Curve, x, y)
  p = Secp256k1.Point.mult(p, as_uint(k))
  assert p.x == 111804478433660530705186081768070827849460643277644950589351528573593999580785
  assert p.y == 60380851274475674924967971953847652042604723681086380245173273372347822570512
end

def as_uint(<<i::unsigned-size(256)>>), do: i

defp bin(h) do
  Base.decode16!(h, case: :lower)
end

You will notice that in the failing example the y point that the elixir implementation is returning is negative. I think all results are supposed to be positive.
@spscream
Copy link
Owner

@grantwest thanks, i'll check this

@leeduckgo
Copy link

👍Same Problem and fixing it by myself……

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@spscream @grantwest @leeduckgo