nonceGenerate method

  1. @override
MuSig2Nonce nonceGenerate({
  1. required List<int> publicKey,
  2. List<int>? rand,
  3. List<int>? sk,
  4. List<int>? aggPubKey,
  5. List<int>? msg,
  6. List<int>? extra,
})
override

Generates a MuSig2 nonce for signing

Implementation

@override
MuSig2Nonce nonceGenerate({
  required List<int> publicKey,
  List<int>? rand,
  List<int>? sk,
  List<int>? aggPubKey,
  List<int>? msg,
  List<int>? extra,
}) {
  if (publicKey.length != EcdsaKeysConst.pubKeyCompressedByteLen) {
    throw ArgumentException.invalidOperationArguments(
      "nonceGenerate",
      name: "publicKey",
      reason: "Invalid public key bytes length.",
    );
  }
  rand ??= QuickCrypto.generateRandom();
  if (sk != null) {
    rand = BytesUtils.xor(
      sk,
      P2TRUtils.taggedHash(MuSig2Constants.musigAuxDomain, rand),
    );
  }
  if (msg == null) {
    msg = [0];
  } else {
    msg = [
      1,
      ...BigintUtils.toBytes(BigInt.from(msg.length), length: 8),
      ...msg,
    ];
  }
  extra ??= [];
  aggPubKey ??= [];
  final k1 = MuSig2UtilsConst.nonceHash(
    rand: rand,
    publicKey: publicKey,
    aggPk: aggPubKey,
    i: 0,
    messagePrefix: msg,
    extraIn: extra,
  );
  final k2 = MuSig2UtilsConst.nonceHash(
    rand: rand,
    publicKey: publicKey,
    aggPk: aggPubKey,
    i: 1,
    messagePrefix: msg,
    extraIn: extra,
  );
  final rs1 = Secp256k1Utils.secp256k1MultBase(scalar: k1);
  final rs2 = Secp256k1Utils.secp256k1MultBase(scalar: k2);
  final pubNonce = [
    ...Secp256k1Utils.geToBytes(rs1),
    ...Secp256k1Utils.geToBytes(rs2),
  ];
  final secNonce = [
    ...Secp256k1Utils.scalarToBytes(k1, clean: true),
    ...Secp256k1Utils.scalarToBytes(k2, clean: true),
    ...publicKey,
  ];
  return MuSig2Nonce(secnonce: secNonce, pubnonce: pubNonce);
}