upgrade to latest github.com/Roasbeef/btcd BIP340 branch, upgrade deps

Author: creamwhip

cmd/tss-benchsign/main.go

@@ -18,7 +18,7 @@ import (
 	"github.com/binance-chain/tss-lib/ecdsa/signing"
 	"github.com/binance-chain/tss-lib/test"
 	"github.com/binance-chain/tss-lib/tss"
-	"github.com/btcsuite/btcd/btcec"
+	"github.com/decred/dcrd/dcrec/secp256k1/v2"
 	"github.com/ipfs/go-log"
 	"github.com/olekukonko/tablewriter"
 	"github.com/pkg/errors"
@@ -196,8 +196,8 @@ outer:
 				); !ok {
 					panic("ECDSA signature verification did not pass")
 				}
-				btcecSig := &btcec.Signature{R: r, S: s}
-				if ok = btcecSig.Verify(msg.Bytes(), (*btcec.PublicKey)(&pk)); !ok {
+				btcecSig := secp256k1.NewSignature(r, s)
+				if ok = btcecSig.Verify(msg.Bytes(), (*secp256k1.PublicKey)(&pk)); !ok {
 					panic("ECDSA signature verification 2 did not pass")
 				}
 				break outer

common/signature.pb.go

@@ -4,7 +4,6 @@ package ckd
 
 import (
 	"bytes"
-	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/hmac"
 	"crypto/rand"
@@ -17,13 +16,13 @@ import (
 
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
-	"github.com/btcsuite/btcd/btcec"
+	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcutil/base58"
 	"golang.org/x/crypto/ripemd160"
 )
 
 type ExtendedKey struct {
-	ecdsa.PublicKey
+	*btcec.PublicKey
 	Depth      uint8
 	ChildIndex uint32
 	ChainCode  []byte // 32 bytes
@@ -71,7 +70,7 @@ func (k *ExtendedKey) String() string {
 	serializedBytes = append(serializedBytes, k.ParentFP...)
 	serializedBytes = append(serializedBytes, childNumBytes[:]...)
 	serializedBytes = append(serializedBytes, k.ChainCode...)
-	pubKeyBytes := serializeCompressed(k.PublicKey.X, k.PublicKey.Y)
+	pubKeyBytes := serializeCompressed(k.PublicKey.X(), k.PublicKey.Y())
 	serializedBytes = append(serializedBytes, pubKeyBytes...)
 
 	checkSum := doubleHashB(serializedBytes)[:4]
@@ -104,23 +103,21 @@ func NewExtendedKeyFromString(key string, curve elliptic.Curve) (*ExtendedKey, e
 	chainCode := payload[13:45]
 	keyData := payload[45:78]
 
-	var pubKey ecdsa.PublicKey
-
-	if c, ok := curve.(*btcec.KoblitzCurve); ok {
+	var pubKey *btcec.PublicKey
+	if _, ok := curve.(*btcec.KoblitzCurve); ok {
 		// Ensure the public key parses correctly and is actually on the
 		// secp256k1 curve.
-		pk, err := btcec.ParsePubKey(keyData, c)
+		pk, err := btcec.ParsePubKey(keyData)
 		if err != nil {
 			return nil, err
 		}
-		pubKey = ecdsa.PublicKey(*pk)
+		pubKey = pk
 	} else {
+		var x, y btcec.FieldVal
 		px, py := elliptic.Unmarshal(curve, keyData)
-		pubKey = ecdsa.PublicKey{
-			Curve: curve,
-			X:     px,
-			Y:     py,
-		}
+		x.SetByteSlice(px.Bytes())
+		y.SetByteSlice(py.Bytes())
+		pubKey = btcec.NewPublicKey(&x, &y)
 	}
 
 	return &ExtendedKey{
@@ -207,13 +204,13 @@ func DeriveChildKey(index uint32, pk *ExtendedKey, curve elliptic.Curve) (*big.I
 		return nil, nil, errors.New("cannot derive key beyond max depth")
 	}
 
-	cryptoPk, err := crypto.NewECPoint(curve, pk.X, pk.Y)
+	cryptoPk, err := crypto.NewECPoint(curve, pk.X(), pk.Y())
 	if err != nil {
 		common.Logger.Error("error getting pubkey from extendedkey")
 		return nil, nil, err
 	}
 
-	pkPublicKeyBytes := serializeCompressed(pk.X, pk.Y)
+	pkPublicKeyBytes := serializeCompressed(pk.X(), pk.Y())
 
 	data := make([]byte, 37)
 	copy(data, pkPublicKeyBytes)
@@ -247,7 +244,7 @@ func DeriveChildKey(index uint32, pk *ExtendedKey, curve elliptic.Curve) (*big.I
 	}
 
 	childPk := &ExtendedKey{
-		PublicKey:  *childCryptoPk.ToECDSAPubKey(),
+		PublicKey:  childCryptoPk.ToSecp256k1PubKey(),
 		Depth:      pk.Depth + 1,
 		ChildIndex: index,
 		ChainCode:  childChainCode,
@@ -257,6 +254,8 @@ func DeriveChildKey(index uint32, pk *ExtendedKey, curve elliptic.Curve) (*big.I
 	return ilNum, childPk, nil
 }
 
+// GenerateSeed
+// TODO: Is this being used?
 func GenerateSeed(length uint8) ([]byte, error) {
 	// Per [BIP32], the seed must be in range [MinSeedBytes, MaxSeedBytes].
 	if length < MinSeedBytes || length > MaxSeedBytes {

crypto/ckd/child_key_derivation.go

@@ -10,7 +10,7 @@ import (
 	"testing"
 
 	. "github.com/binance-chain/tss-lib/crypto/ckd"
-	"github.com/btcsuite/btcd/btcec"
+	"github.com/btcsuite/btcd/btcec/v2"
 )
 
 func TestPublicDerivation(t *testing.T) {

crypto/ckd/child_key_derivation_test.go

@@ -18,6 +18,8 @@ import (
 
 	"github.com/binance-chain/tss-lib/tss"
 	"github.com/btcsuite/btcd/btcec/v2"
+	"github.com/decred/dcrd/dcrec/edwards/v2"
+	"github.com/decred/dcrd/dcrec/secp256k1/v4"
 )
 
 // ECPoint convenience helper
@@ -59,20 +61,28 @@ func (p *ECPoint) ScalarMult(k *big.Int) *ECPoint {
 	return newP
 }
 
-func (p *ECPoint) ToECDSAPubKey() *ecdsa.PublicKey {
-	return &ecdsa.PublicKey{
-		Curve: p.curve,
-		X:     p.X(),
-		Y:     p.Y(),
-	}
+func (p *ECPoint) ToBtcecPubKey() *btcec.PublicKey {
+	var x, y btcec.FieldVal
+	x.SetByteSlice(p.X().Bytes())
+	y.SetByteSlice(p.Y().Bytes())
+	return btcec.NewPublicKey(&x, &y)
 }
 
-func (p *ECPoint) ToBtcecPubKey() *btcec.PublicKey {
+func (p *ECPoint) ToSecp256k1PubKey() *secp256k1.PublicKey {
 	var x, y btcec.FieldVal
 	x.SetByteSlice(p.X().Bytes())
 	y.SetByteSlice(p.Y().Bytes())
+	return secp256k1.NewPublicKey(&x, &y)
+}
 
-	return btcec.NewPublicKey(&x, &y)
+func (p *ECPoint) ToEdwardsPubKey() *edwards.PublicKey {
+	ecdsaPK := ecdsa.PublicKey{
+		Curve: p.curve,
+		X:     p.X(),
+		Y:     p.Y(),
+	}
+	pk := edwards.PublicKey(ecdsaPK)
+	return &pk
 }
 
 func (p *ECPoint) IsOnCurve() bool {

crypto/ecpoint.go

@@ -13,7 +13,7 @@ import (
 	"reflect"
 	"testing"
 
-	"github.com/btcsuite/btcd/btcec"
+	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/decred/dcrd/dcrec/edwards/v2"
 	"github.com/stretchr/testify/assert"
 
@@ -126,10 +126,10 @@ func TestS256EcpointJsonSerialization(t *testing.T) {
 
 	pubKeyBytes, err := hex.DecodeString("03935336acb03b2b801d8f8ac5e92c56c4f6e93319901fdfffba9d340a874e2879")
 	assert.NoError(t, err)
-	pbk, err := btcec.ParsePubKey(pubKeyBytes, btcec.S256())
+	pbk, err := btcec.ParsePubKey(pubKeyBytes)
 	assert.NoError(t, err)
 
-	point, err := NewECPoint(ec, pbk.X, pbk.Y)
+	point, err := NewECPoint(ec, pbk.X(), pbk.Y())
 	assert.NoError(t, err)
 	bz, err := json.Marshal(point)
 	assert.NoError(t, err)
@@ -144,7 +144,7 @@ func TestS256EcpointJsonSerialization(t *testing.T) {
 }
 
 func TestEdwardsEcpointJsonSerialization(t *testing.T) {
-	ec := edwards.Edwards()
+	ec := tss.Edwards()
 	tss.RegisterCurve("ed25519", ec)
 
 	pubKeyBytes, err := hex.DecodeString("ae1e5bf5f3d6bf58b5c222088671fcbe78b437e28fae944c793897b26091f249")

crypto/ecpoint_test.go

@@ -10,7 +10,6 @@ import (
 	"sync/atomic"
 	"testing"
 
-	"github.com/btcsuite/btcd/btcec"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/binance-chain/tss-lib/common"
@@ -39,12 +38,7 @@ func TestHDKeyDerivation(t *testing.T) {
 	assert.NotNil(t, keys[0].ECDSAPub, "the first ECDSA public key must not be null")
 
 	// build ecdsa key pair
-	parentPkX, parentPkY := keys[0].ECDSAPub.X(), keys[0].ECDSAPub.Y()
-	pk := ecdsa.PublicKey{
-		Curve: tss.EC(),
-		X:     parentPkX,
-		Y:     parentPkY,
-	}
+	pk := keys[0].ECDSAPub.ToSecp256k1PubKey()
 
 	// setting the chain code to a random positive number smaller than the maximum allowed of 32 bytes
 	chainCode := make([]byte, 32)
@@ -66,7 +60,7 @@ func TestHDKeyDerivation(t *testing.T) {
 
 	keyDerivationDelta := il
 
-	err = UpdatePublicKeyAndAdjustBigXj(keyDerivationDelta, keys, &extendedChildPk.PublicKey, tss.EC())
+	err = UpdatePublicKeyAndAdjustBigXj(keyDerivationDelta, keys, extendedChildPk.PublicKey, tss.EC())
 	assert.NoErrorf(t, err, "there should not be an error setting the derived keys")
 
 	// PHASE: signing
@@ -117,7 +111,6 @@ signing:
 				bigRX, bigRY := parties[0].temp.BigR.X(), parties[0].temp.BigR.Y()
 				bigR := crypto.NewECPointNoCurveCheck(tss.EC(), bigRX, bigRY)
 
-				r := parties[0].temp.Rx
 				// fmt.Printf("sign result: R(%s, %s), r=%s\n", bigR.X().String(), bigR.Y().String(), r.String())
 
 				modN := common.ModInt(tss.EC().Params().N)
@@ -130,13 +123,14 @@ signing:
 				// fmt.Printf("S: %s\n", sumS.String())
 				// END check s correctness
 
-				ok := ecdsa.Verify(&extendedChildPk.PublicKey, msg.Bytes(), bigR.X(), sumS)
+				ecdsaPK := &ecdsa.PublicKey{
+					Curve: tss.EC(),
+					X:     extendedChildPk.X(),
+					Y:     extendedChildPk.Y(),
+				}
+				ok := ecdsa.Verify(ecdsaPK, msg.Bytes(), bigR.X(), sumS)
 				assert.True(t, ok, "ecdsa verify must pass")
 
-				btcecSig := &btcec.Signature{R: r, S: sumS}
-				btcecSig.Verify(msg.Bytes(), (*btcec.PublicKey)(&extendedChildPk.PublicKey))
-				assert.True(t, ok, "ecdsa verify 2 must pass")
-
 				t.Log("ECDSA signing test done.")
 				// END ECDSA verify