Merge rust-bitcoin/rust-bitcoin#845: Change the parameter for control block verification

91c5d7192f Change the parameter for control block verification (sanket1729) Pull request description: - Changes the API from TweakedPublicKey to XonlyPublicKey. I believe we introduced TweakedPublicKey to guard against creating address API. This is confusing because when we want to verify control block we have to call dangerous_assume_tweak. - This is in true in most cases that the key would be tweaked, but we only want to guard in while creating a new address. If we want to verify blocks, we should deal with native X-only-keys regardless of how they were created - Also removes the & from a 32 Copy byte as discussed elsewhere. ACKs for top commit: Kixunil: ACK 91c5d7192f apoelstra: ACK 91c5d7192f Tree-SHA512: d7da403435afbd1c1650b6e62055b1b0e6811d6ec30fff198315523035a56b493d510e8a560b08552684417886687c8a8daa57b5eef4f3699dfff7e2ee6a7447
2022-03-04 17:44:29 +00:00 · 2022-03-04 17:44:29 +00:00 · f733dc0bbf
parent 1ec9e87255 91c5d7192f
commit f733dc0bbf
1 changed files with 6 additions and 5 deletions
--- a/src/util/taproot.rs
+++ b/src/util/taproot.rs
@ -27,6 +27,7 @@ use std::error;

 use hashes::{sha256, sha256t, Hash, HashEngine};
 use schnorr::{TweakedPublicKey, UntweakedPublicKey, TapTweak};
+use util::key::XOnlyPublicKey;
 use Script;

 use consensus::Encodable;
@ -726,7 +727,7 @@ impl ControlBlock {
    pub fn verify_taproot_commitment<C: secp256k1::Verification>(
        &self,
        secp: &Secp256k1<C>,
-        output_key: &TweakedPublicKey,
+        output_key: XOnlyPublicKey,
        script: &Script,
    ) -> bool {
        // compute the script hash
@ -750,7 +751,7 @@ impl ControlBlock {
        let tweak = TapTweakHash::from_key_and_tweak(self.internal_key, Some(curr_hash));
        self.internal_key.tweak_add_check(
            secp,
-            output_key.as_inner(),
+            &output_key,
            self.output_key_parity,
            tweak.into_inner(),
        )
@ -1106,7 +1107,7 @@ mod test {
        let script = Script::from_hex(script_hex).unwrap();
        let control_block = ControlBlock::from_slice(&Vec::<u8>::from_hex(control_block_hex).unwrap()).unwrap();
        assert_eq!(control_block_hex, control_block.serialize().to_hex());
-        assert!(control_block.verify_taproot_commitment(secp, &out_pk, &script));
+        assert!(control_block.verify_taproot_commitment(secp, out_pk.to_inner(), &script));
    }

    #[test]
@ -1187,7 +1188,7 @@ mod test {
        for (_weights, script) in script_weights {
            let ver_script = (script, LeafVersion::TapScript);
            let ctrl_block = tree_info.control_block(&ver_script).unwrap();
-            assert!(ctrl_block.verify_taproot_commitment(&secp, &output_key, &ver_script.0))
+            assert!(ctrl_block.verify_taproot_commitment(&secp, output_key.to_inner(), &ver_script.0))
        }
    }

@ -1223,7 +1224,7 @@ mod test {
        for script in vec![a, b, c, d, e] {
            let ver_script = (script, LeafVersion::TapScript);
            let ctrl_block = tree_info.control_block(&ver_script).unwrap();
-            assert!(ctrl_block.verify_taproot_commitment(&secp, &output_key, &ver_script.0))
+            assert!(ctrl_block.verify_taproot_commitment(&secp, output_key.to_inner(), &ver_script.0))
        }
    }