--- Day changed Wed May 31 2017
02:42 -!- afk11 [~afk11@gateway/tor-sasl/afk11] has quit [Ping timeout: 248 seconds]     
02:43 -!- afk11 [~afk11@gateway/tor-sasl/afk11] has joined #secp256k1     
04:13 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has joined #secp256k1     
04:13 < SopaXorzTaker> sipa, can you provide an example of EC multiplication?
04:13 < SopaXorzTaker> writing my own crypto (I know, I know)
04:14 < SopaXorzTaker> also, addition
04:14 < SopaXorzTaker> I have no idea what is going wrong in my implementation, but the resulting points aren't on-curve
04:14 < SopaXorzTaker> this is bad
05:34 < andytoshi> SopaXorzTaker: use http://bitcoin.ninja/secp256k1.ecdsa.sage in sage to compare
05:35 < andytoshi> this won't be the first time your numbers are inexplicably wrong, you'll want to learn how sage works so you can stick printf() on every single C line while stepping through in parallel in sage :P
05:35 < andytoshi> s/first/last/
05:49 < SopaXorzTaker> hm     
05:49 < SopaXorzTaker> got sign to work
05:49 < SopaXorzTaker> now verify fails - lol
06:10 -!- jtimon [~quassel@117.29.134.37.dynamic.jazztel.es] has joined #secp256k1     
07:09 < sipa> SopaXorzTaker: start with point addition; these are the formulae i used first in libsecp: https://en.m.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates
07:09 < sipa> if addition worked, you can use an exponentiation algorith to call it repeatedly to implement multiplication
07:16 < SopaXorzTaker> sipa, already implemented
07:16 < SopaXorzTaker> I even found a test case
07:17 < SopaXorzTaker> but uh
07:17 < SopaXorzTaker> it will even sign properly
07:17 < SopaXorzTaker> but does not verify
07:19 < SopaXorzTaker> sipa, https://gist.github.com/SopaXorzTaker/a79a1b422b8e7aedffd91a5a4aa76ed4
07:19 < SopaXorzTaker> literally tried everything
07:19 < SopaXorzTaker> the sign routine works very well (checked against a test dataset)
07:19 < SopaXorzTaker> it's just not working
07:27 < SopaXorzTaker> it returns False, as the calculated r does not match
07:27 < SopaXorzTaker> WTF?
09:20 -!- [b__b] [~b__b]@ec2-54-85-45-223.compute-1.amazonaws.com] has joined #secp256k1     
09:44 -!- [b__b] [~b__b]@ec2-54-85-45-223.compute-1.amazonaws.com] has quit [Remote host closed the connection]     
09:47 -!- [b__b] [~b__b]@ec2-54-85-45-223.compute-1.amazonaws.com] has joined #secp256k1     
11:11 -!- roconnor [~roconnor@host-45-58-194-118.dyn.295.ca] has joined #secp256k1     
11:19 < SopaXorzTaker> sipa,
11:20 < sipa> that code looks right
11:20 < sipa> on cursory reading
11:22 < arubi> really? 'if q == self.g' -> invalid public point?
11:23 < arubi> or is it the standard to fail on signatures made by the generator?
11:24 < sipa> no     
11:30 < SopaXorzTaker> arubi, uh
11:30 < arubi> 'w = ECPoint.inverse(s, self.n)' is a bit weird for me, why is it some inverse function of ECPoint and not a normal inverse?
11:30 < SopaXorzTaker> "Check that {\displaystyle Q_{A}} Q_{A} is not equal to the identity element {\displaystyle O} O, and its coordinates are otherwise valid"
11:31 < SopaXorzTaker> https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_verification_algorithm
11:31 < SopaXorzTaker> O = G, right?
11:32 < SopaXorzTaker> sipa, for some reason it fails to verify a valid signature\
11:32 < arubi> SopaXorzTaker, I think it means that it's not a point at infinity
11:32 < SopaXorzTaker> the r mismatches
11:36 < SopaXorzTaker> sipa, so why does it even fail?
11:37 < sipa> SopaXorzTaker: i don't know, debug it
11:38 < sipa> this is a channel for libsecp256k1... i'll gladly help explain questions about that library or provide some support
11:38 < sipa> i'm not your personal coach for learning EC math
11:46 < SopaXorzTaker> ECPoint <0xc1b0957679cbe2e50414156aa010fb79de894845f80f17622e80d87411917f93, 0x6cc5cd0f2108bf43e6dead0e9f18f6bf48f736338f1337720932df177c5b4bdf>
11:46 < SopaXorzTaker> that isn't right, oh well, you don't have the test case
11:46 < SopaXorzTaker> but the y coordinate contains dead, 1337
11:51 < arubi> fwiw, it's a valid point
11:52 < SopaXorzTaker> arubi, dead elite
11:52 < SopaXorzTaker> those who did have an understanding in ECDSA
11:52 < arubi> SopaXorzTaker, I offered my help on #bitcoin-dev, let's not spam here
12:17 -!- jtimon [~quassel@117.29.134.37.dynamic.jazztel.es] has quit [Ping timeout: 240 seconds]     
12:25 -!- jtimon [~quassel@117.29.134.37.dynamic.jazztel.es] has joined #secp256k1     
12:46 -!- sipa [~pw@2001:19f0:ac01:2fb:5400:ff:fe5b:c3ff] has quit [Changing host]     
12:46 -!- sipa [~pw@unaffiliated/sipa1024] has joined #secp256k1     
12:51 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has quit [Remote host closed the connection]     
15:28 -!- afk11 [~afk11@gateway/tor-sasl/afk11] has quit [Ping timeout: 248 seconds]     
15:34 -!- afk11 [~afk11@gateway/tor-sasl/afk11] has joined #secp256k1     
21:53 -!- jtimon [~quassel@117.29.134.37.dynamic.jazztel.es] has quit [Ping timeout: 240 seconds]     
23:36 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has joined #secp256k1