--- Log opened Sat Mar 19 00:00:04 2022 --- Day changed Sat Mar 19 2022 00:00 -!- filename [~kilitary@188.242.105.134] has quit [Remote host closed the connection] 00:15 -!- filename [~kilitary@188.242.105.134] has joined #bitcoin-rust 00:42 -!- filename [~kilitary@188.242.105.134] has quit [Read error: Connection reset by peer] 06:24 -!- filename [~kilitary@static.246.201.46.78.clients.your-server.de] has joined #bitcoin-rust 06:55 -!- kanzure [~kanzure@user/kanzure] has joined #bitcoin-rust 06:55 -!- kanzure [~kanzure@user/kanzure] has left #bitcoin-rust [] 06:55 -!- kanzure [~kanzure@user/kanzure] has joined #bitcoin-rust 06:56 < kanzure> does anyone want to contribute logs? https://gnusha.org/rust-bitcoin/ 06:58 < kanzure> oh https://gnusha.org/bitcoin-rust/ 07:40 < cryptoquick> Yeah, it's already there, just wasn't listed in the index. Thanks for updating it, kanzure :) 07:58 -!- filename [~kilitary@static.246.201.46.78.clients.your-server.de] has quit [Quit: joined libera] 08:01 -!- filename [~kilitary@static.246.201.46.78.clients.your-server.de] has joined #bitcoin-rust 08:15 -!- filename [~kilitary@static.246.201.46.78.clients.your-server.de] has quit [Ping timeout: 240 seconds] 08:17 < cryptoquick> Just opened this PR: https://github.com/rust-bitcoin/rust-bitcoin/pull/891 08:23 -!- filename [~kilitary@188.242.105.134] has joined #bitcoin-rust 08:42 -!- filename [~kilitary@188.242.105.134] has left #bitcoin-rust [Closing Window] 09:14 < junderw[m]> I want to read the room a bit before working on this, so I made an issue. 09:14 < junderw[m]> https://github.com/rust-bitcoin/rust-secp256k1/issues/424 10:17 < BlueMatt[m]> Hmm, that’d be really easy to leak a private key with, and generally rust-secp’s goal is to have a “misuse-resistant api” 10:17 < BlueMatt[m]> What are you trying to accomplish that needs that api? 11:25 < junderw[m]> > that’d be really easy to leak a private key with 11:25 < junderw[m]> How so? I'm curious... I thought RFC6979 was pretty well designed, but is there a known issue with the extra entropy section of the RFC? 11:26 < BlueMatt[m]> oh I misunderstood your request there, somehow I'd interpreted it as "select the nonce" not "add data to be hashed into the nonce" 11:26 < BlueMatt[m]> tho, again, why bother? 11:27 < junderw[m]> Because our API allows it to be passed in, and we're moved to Rust+WASM. I was trying to move us from using -sys crate to use the secp256k1 crate directly, and this was the only missing piece. 11:28 < BlueMatt[m]> not sure what your API is in this context, but...does it make sense to just remove that from your API? 11:28 < jeremyrubin> junderw[m]: do you need to be able to produce *different* signatures for a given message? 11:28 < jeremyrubin> otherwise if you have the SK it will be secure to not pass in any addtl entropy 11:28 < junderw[m]> Yes. That is the use case given when we first supported it. 11:29 < junderw[m]> But now we use it for low R grinding, which we do on a higher layer in the dependency graph of our libraries. 11:30 < junderw[m]> We could move low R grinding to this lower API that uses Rust, and then use the low R grinding method rust-bitcoin has. 11:30 < junderw[m]> But that's a breaking change, and a lot of shuffling around to explicitly remove a feature that someone requested. 11:31 < junderw[m]> I mean, tbh it's not that big of a deal, I can just keep that part using -sys package. 11:31 < BlueMatt[m]> yea, agreed it'd be nice to move users off of -sys entirely, though. 11:31 < junderw[m]> but just wanted to gauge interest before I write a PR only to get it rejected. 11:31 < BlueMatt[m]> but, yea, I dont see why we couldnt add it 11:32 < junderw[m]> ok then. I'll work on it tomorrow if I have the energy. 11:33 < junderw[m]> For anyone interested in the work that sparked this issue: 11:33 < junderw[m]> https://github.com/bitcoinjs/tiny-secp256k1/pull/66 13:14 -!- filename [~kilitary@188.242.105.134] has joined #bitcoin-rust 21:19 < junderw[m]> Matt Corallo jeremyrubin: I've created a PR here https://github.com/rust-bitcoin/rust-secp256k1/pull/425 --- Log closed Sun Mar 20 00:00:31 2022