--- Log opened Thu Aug 29 00:00:36 2024
00:07 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Read error: Connection reset by peer]
01:53 -!- lbia [~lbia@user/lbia] has joined #secp256k1
02:18 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #secp256k1
03:28 < siv2r> I noticed that `musig_partial_sign` branches based on the `keypair` input argument, returning 0 when `keypair_load` fails. Does this mean the partial sign algorithm isn't const-time wrt `keypair` and, therefore, not const-time wrt secret key (inside the keypair)?
03:28 < siv2r> Shouldn't signing algorithms be const-time for all secret data, or am I missing something?
03:29 < siv2r> `schnorrsig_sign_internal` doesn't branch on the `keypair` input argument. It stores the result of `keypair_load` in a `ret` variable instead of returning 0 immediately.
04:20 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
05:28 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #secp256k1
05:48 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
05:49 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 272 seconds]
06:12 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #secp256k1
06:23 < sipa> siv2r: constant-time algorithms need to be constant time in all *honest* inputs; can a keypair fail to load for an honest user (who is using the library correctly)?
06:24 < sipa> (i haven't looked at the code, just speaking generically)
07:00 -!- jonatack [~jonatack@user/jonatack] has joined #secp256k1
07:36 -!- preimage [~halosghos@user/halosghost] has joined #secp256k1
07:55 -!- BlueMatt [~BlueMatt@ircb.bluematt.me] has quit [Ping timeout: 276 seconds]
07:55 -!- BlueMatt_ [~BlueMatt@ircb.bluematt.me] has joined #secp256k1
07:55 -!- preimage [~halosghos@user/halosghost] has quit [Ping timeout: 276 seconds]
07:56 -!- preimage [~halosghos@user/halosghost] has joined #secp256k1
08:35 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
09:18 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #secp256k1
09:31 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
10:21 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #secp256k1
10:46 < siv2r> sipa: Thanks! I was under the impression that a function’s constant-time property need to be maintained across all input ranges (including the invalid ones). However, it makes sense to ignore this property for invalid inputs.
10:48 < siv2r> Follow-up question: When an invalid seckey is supplied to `keypair_create`, it sets the seckey to 1 and then generates the keypair object. Technically, would it be okay to return 0 immediately? (Not suggesting it should).
11:14 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 252 seconds]
11:19 -!- jonatack [~jonatack@user/jonatack] has joined #secp256k1
13:30 < bitcoin-git> [secp256k1] Cheapshot003 opened pull request #1598: #1570 - Improve examples: remove key generation loops (master...#1570-improve-examples) https://github.com/bitcoin-core/secp256k1/pull/1598
13:31 < bitcoin-git> [secp256k1] Cheapshot003 closed pull request #1598: #1570 - Improve examples: remove key generation loops (master...#1570-improve-examples) https://github.com/bitcoin-core/secp256k1/pull/1598
13:39 < bitcoin-git> [secp256k1] Cheapshot003 opened pull request #1599: #1570 improve examples: remove key generation loop (master...#1570-improve-examples) https://github.com/bitcoin-core/secp256k1/pull/1599
14:15 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Read error: Connection reset by peer]
16:24 -!- preimage [~halosghos@user/halosghost] has quit [Quit: WeeChat 4.4.1]
17:24 -!- real_or_random [sid554204@user/real-or-random/x-4440763] has quit [Ping timeout: 252 seconds]
17:24 -!- fjahr [sid374480@uxbridge.irccloud.com] has quit [Ping timeout: 252 seconds]
17:27 -!- real_or_random [sid554204@user/real-or-random/x-4440763] has joined #secp256k1
17:27 -!- fjahr [sid374480@id-374480.uxbridge.irccloud.com] has joined #secp256k1
--- Log closed Fri Aug 30 00:00:37 2024