nonceGenerate method

  1. @override
MuSig2Nonce nonceGenerate({
  1. required List<int> publicKey,
  2. List<int>? rand,
  3. List<int>? sk,
  4. List<int>? aggPubKey,
  5. List<int>? msg,
  6. List<int>? extra,
})
override

Generates a MuSig2 nonce for signing

Implementation

@override
MuSig2Nonce nonceGenerate({
  required List<int> publicKey,
  List<int>? rand,
  List<int>? sk,
  List<int>? aggPubKey,
  List<int>? msg,
  List<int>? extra,
}) {
  if (publicKey.length != EcdsaKeysConst.pubKeyCompressedByteLen) {
    throw ArgumentException.invalidOperationArguments(
      "nonceGenerate",
      name: "publicKey",
      reason: "Invalid public key bytes length.",
      expecteLen: EcdsaKeysConst.pubKeyCompressedByteLen,
    );
  }
  rand ??= QuickCrypto.generateRandom();
  if (sk != null) {
    rand = BytesUtils.xor(
      sk,
      P2TRUtils.taggedHash(MuSig2Constants.musigAuxDomain, rand),
    );
  }
  if (msg == null) {
    msg = [0];
  } else {
    msg = [
      1,
      ...BigintUtils.toBytes(BigInt.from(msg.length), length: 8),
      ...msg,
    ];
  }
  extra ??= [];
  aggPubKey ??= [];
  final k1 = MuSig2Utils.toScalarBigInt(
    MuSig2Utils.nonceHash(
      rand: rand,
      publicKey: publicKey,
      aggPk: aggPubKey,
      i: 0,
      messagePrefix: msg,
      extraIn: extra,
    ),
  );
  final k2 = MuSig2Utils.toScalarBigInt(
    MuSig2Utils.nonceHash(
      rand: rand,
      publicKey: publicKey,
      aggPk: aggPubKey,
      i: 1,
      messagePrefix: msg,
      extraIn: extra,
    ),
  );
  final rs1 = MuSig2Constants.generator * k1;
  final rs2 = MuSig2Constants.generator * k2;
  final pubNonce = [...rs1.toBytes(), ...rs2.toBytes()];
  final secNonce = [
    ...BigintUtils.toBytes(k1),
    ...BigintUtils.toBytes(k2),
    ...publicKey,
  ];
  return MuSig2Nonce(secnonce: secNonce, pubnonce: pubNonce);
}