decodeSession static method

MuSig2SessionValues decodeSession(MuSig2Session session)

Implementation

static MuSig2SessionValues decodeSession(MuSig2Session session) {
  final tweak =
      keyAggAndTweak(publicKeys: session.publicKeys, tweaks: session.tweaks);
  final hash = P2TRUtils.taggedHash(MuSig2Const.noncecoefDomain,
      [...session.aggnonce, ...tweak.xOnly(), ...session.msg]);
  final b = BigintUtils.fromBytes(hash) % MuSig2Const.order;
  ProjectiveECCPoint r1 = MuSig2Utils.encodeOrInfinityPoint(
      session.aggnonce.sublist(0, EcdsaKeysConst.pubKeyCompressedByteLen));
  ProjectiveECCPoint r2 = MuSig2Utils.encodeOrInfinityPoint(session.aggnonce
      .sublist(EcdsaKeysConst.pubKeyCompressedByteLen,
          EcdsaKeysConst.pubKeyCompressedByteLen * 2));
  ProjectiveECCPoint r = (r1 + (r2 * b)).cast();
  if (r.isInfinity) {
    r = MuSig2Const.generator;
  }
  final eHash = P2TRUtils.taggedHash(MuSig2Const.challengeDomain,
      [...r.toXonly(), ...tweak.xOnly(), ...session.msg]);
  final e = BigintUtils.fromBytes(eHash) % MuSig2Const.order;
  return MuSig2SessionValues(
      publicKey: tweak.publicKey,
      gacc: tweak.gacc,
      tacc: tweak.tacc,
      b: b,
      r: r,
      e: e);
}