Merge rust-bitcoin/rust-bitcoin#845: Change the parameter for control block verification

91c5d7192f Change the parameter for control block verification (sanket1729)

Pull request description:

  - Changes the API from TweakedPublicKey to XonlyPublicKey. I believe we
  introduced TweakedPublicKey to guard against creating address API. This
  is confusing because when we want to verify control block we have to
  call dangerous_assume_tweak.
  - This is in true in most cases that the key would be tweaked, but we only
  want to guard in while creating a new address. If we want to verify
  blocks, we should deal with native X-only-keys regardless of how they
  were created
  - Also removes the & from a 32 Copy byte as discussed elsewhere.

ACKs for top commit:
  Kixunil:
    ACK 91c5d7192f
  apoelstra:
    ACK 91c5d7192f

Tree-SHA512: d7da403435afbd1c1650b6e62055b1b0e6811d6ec30fff198315523035a56b493d510e8a560b08552684417886687c8a8daa57b5eef4f3699dfff7e2ee6a7447
This commit is contained in:
Andrew Poelstra 2022-03-04 17:44:29 +00:00
commit f733dc0bbf
No known key found for this signature in database
GPG Key ID: C588D63CE41B97C1
1 changed files with 6 additions and 5 deletions

View File

@ -27,6 +27,7 @@ use std::error;
use hashes::{sha256, sha256t, Hash, HashEngine}; use hashes::{sha256, sha256t, Hash, HashEngine};
use schnorr::{TweakedPublicKey, UntweakedPublicKey, TapTweak}; use schnorr::{TweakedPublicKey, UntweakedPublicKey, TapTweak};
use util::key::XOnlyPublicKey;
use Script; use Script;
use consensus::Encodable; use consensus::Encodable;
@ -726,7 +727,7 @@ impl ControlBlock {
pub fn verify_taproot_commitment<C: secp256k1::Verification>( pub fn verify_taproot_commitment<C: secp256k1::Verification>(
&self, &self,
secp: &Secp256k1<C>, secp: &Secp256k1<C>,
output_key: &TweakedPublicKey, output_key: XOnlyPublicKey,
script: &Script, script: &Script,
) -> bool { ) -> bool {
// compute the script hash // compute the script hash
@ -750,7 +751,7 @@ impl ControlBlock {
let tweak = TapTweakHash::from_key_and_tweak(self.internal_key, Some(curr_hash)); let tweak = TapTweakHash::from_key_and_tweak(self.internal_key, Some(curr_hash));
self.internal_key.tweak_add_check( self.internal_key.tweak_add_check(
secp, secp,
output_key.as_inner(), &output_key,
self.output_key_parity, self.output_key_parity,
tweak.into_inner(), tweak.into_inner(),
) )
@ -1106,7 +1107,7 @@ mod test {
let script = Script::from_hex(script_hex).unwrap(); let script = Script::from_hex(script_hex).unwrap();
let control_block = ControlBlock::from_slice(&Vec::<u8>::from_hex(control_block_hex).unwrap()).unwrap(); let control_block = ControlBlock::from_slice(&Vec::<u8>::from_hex(control_block_hex).unwrap()).unwrap();
assert_eq!(control_block_hex, control_block.serialize().to_hex()); assert_eq!(control_block_hex, control_block.serialize().to_hex());
assert!(control_block.verify_taproot_commitment(secp, &out_pk, &script)); assert!(control_block.verify_taproot_commitment(secp, out_pk.to_inner(), &script));
} }
#[test] #[test]
@ -1187,7 +1188,7 @@ mod test {
for (_weights, script) in script_weights { for (_weights, script) in script_weights {
let ver_script = (script, LeafVersion::TapScript); let ver_script = (script, LeafVersion::TapScript);
let ctrl_block = tree_info.control_block(&ver_script).unwrap(); let ctrl_block = tree_info.control_block(&ver_script).unwrap();
assert!(ctrl_block.verify_taproot_commitment(&secp, &output_key, &ver_script.0)) assert!(ctrl_block.verify_taproot_commitment(&secp, output_key.to_inner(), &ver_script.0))
} }
} }
@ -1223,7 +1224,7 @@ mod test {
for script in vec![a, b, c, d, e] { for script in vec![a, b, c, d, e] {
let ver_script = (script, LeafVersion::TapScript); let ver_script = (script, LeafVersion::TapScript);
let ctrl_block = tree_info.control_block(&ver_script).unwrap(); let ctrl_block = tree_info.control_block(&ver_script).unwrap();
assert!(ctrl_block.verify_taproot_commitment(&secp, &output_key, &ver_script.0)) assert!(ctrl_block.verify_taproot_commitment(&secp, output_key.to_inner(), &ver_script.0))
} }
} }