verifySchnorrSignature method
Verifies a Schnorr(old style) signature for a given digest.
This method checks whether the provided Schnorr signature is valid for the given digest using the public key.
digest: The hash or message digest that was signed.signature: The Schnorr signature to verify.
Returns true if the signature is valid for the given digest, otherwise false.
Implementation
bool verifySchnorrSignature(
{required List<int> digest, required List<int> signature}) {
final schnorrSignature = BitcoinSchnorrSignature.fromBytes(signature);
if (digest.length != BitcoinSignerUtils.baselen) {
throw CryptoSignException(
"The digest must be a ${BitcoinSignerUtils.baselen}-byte array.");
}
final P = _verifyKey.publicKey.point;
final eHash = QuickCrypto.sha256Hash([
...schnorrSignature.rBytes(),
..._verifyKey.publicKey.toBytes(),
...digest
]);
final e = BigintUtils.fromBytes(eHash) % CryptoSignerConst.secp256k1Order;
final sG = CryptoSignerConst.generatorSecp256k1 * schnorrSignature.s;
final ProjectiveECCPoint eP = -(P * e);
final R = sG + eP;
if (R.isInfinity ||
ECDSAUtils.jacobi(R.y, CryptoSignerConst.curveSecp256k1.p) <= 0) {
return false;
}
return R.x == schnorrSignature.r;
}