deterministicSign static method
Generates a deterministic MuSig2 signature
Implementation
static MuSig2DeterministicSignature deterministicSign(
{required List<int> sk,
required List<int> aggotherNonce,
required List<List<int>> publicKeys,
List<MuSig2Tweak> tweaks = const [],
required List<int> msg,
List<int>? rand}) {
if (rand != null) {
rand = BytesUtils.xor(
sk, P2TRUtils.taggedHash(MuSig2Const.musigAuxDomain, rand));
} else {
rand = List<int>.from(sk);
}
final aggPk =
MuSig2Utils.keyAggAndTweak(publicKeys: publicKeys, tweaks: tweaks);
final aggPkX = aggPk.xOnly().asImmutableBytes;
final k1 = MuSig2Utils.deterministicNonceHash(
sk: rand,
aggotherNonce: aggotherNonce,
aggPk: aggPkX,
i: 0,
msg: msg) %
MuSig2Const.order;
final k2 = MuSig2Utils.deterministicNonceHash(
sk: rand,
aggotherNonce: aggotherNonce,
aggPk: aggPkX,
i: 1,
msg: msg) %
MuSig2Const.order;
if (k1 == BigInt.zero || k2 == BigInt.zero) {
throw MuSig2Exception("derive nonce hash failed.");
}
final rs1 = MuSig2Const.generator * k1;
final rs2 = MuSig2Const.generator * k2;
final pk = MuSig2Utils.scToPk(sk);
final pubnonce = [...rs1.toBytes(), ...rs2.toBytes()];
final secnonce = [
...BigintUtils.toBytes(k1, length: BigintUtils.bitlengthInBytes(k1)),
...BigintUtils.toBytes(k2, length: BigintUtils.bitlengthInBytes(k2)),
...pk
].asImmutableBytes;
final aggnonce = nonceAgg([pubnonce, aggotherNonce]);
final session = MuSig2Session(
aggnonce: aggnonce, publicKeys: publicKeys, tweaks: tweaks, msg: msg);
final signature = sign(secnonce: secnonce, sk: sk, session: session);
return MuSig2DeterministicSignature(
pubnonce: pubnonce, signature: signature);
}