Bitcoin

sha256 – Schnorr batch verification random number generation method

adminJune 1, 2024

Is there a specific way I need to generate random numbers for batch verification using Schnorr signatures?

BIP 340 explains how to generate each random number.

seed = SHA256(pk1..pku || m1..mu || sig1..sigu)
a = ()
for (2..u) do |i|
    a(i) = ChaCha20(seed) <- not sure if this is right or how this works, but ChaCha20 is recommended
end

However, if you do not have easy access to ChaCha20, we recommend using SHA-256 with your index instead.

seed = SHA256(pk1..pku || m1..mu || sig1..sigu)
for (2..u) do |i|
  a(i) = SHA256(seed || i)
end

Likewise, does data order matter when generating the seed for a hash function? All identical input data is hashed in a different order.

seed = SHA256(m1..mu || sig1..sigu || pk1..pku)
for (2..u) do |i|
  a(i) = SHA256(seed || i)
end

Basically, I’m wondering if it’s possible to generate these numbers in any way I want, as long as they’re random and based on a hash of all the input data.

adminJune 1, 2024

Related Articles

What does total_amount in liquid gettxoutsetinfo command mean?

December 27, 2023

Asset freeze due to Venezuela’s cryptocurrency strategy for oil exports

April 24, 2024

Latest Learning Cryptocurrency Presale Raises Over $190,000 – Could It Be the Next Bitcoin?

April 14, 2024

transaction – help with serializing dictionary digest for txid calculation

April 6, 2024
Back to top button