Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 80839C000D for ; Fri, 17 Sep 2021 07:08:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 7C1AD4071E for ; Fri, 17 Sep 2021 07:08:04 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9239g65dhG0j for ; Fri, 17 Sep 2021 07:08:01 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-qv1-xf32.google.com (mail-qv1-xf32.google.com [IPv6:2607:f8b0:4864:20::f32]) by smtp4.osuosl.org (Postfix) with ESMTPS id E141640701 for ; Fri, 17 Sep 2021 07:08:00 +0000 (UTC) Received: by mail-qv1-xf32.google.com with SMTP id jo30so5876822qvb.3 for ; Fri, 17 Sep 2021 00:08:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=m5dRs9ot+oLusXG17IMnU/Vc8ufth68vbK5AjqJA17Y=; b=L22qIPrbdf65awAJpMLeh4BOIs0D3sfWLbWESr63jywNchVTqyBZevhlzmMzV8AWmW bKd3WihRSarqxfTUjlxVSmR5fbdwjOoiv5nf96LBwmuAXuus7KUHDH+HWemNokuQIFq5 1kWTocyiKsRvwSkZVI010bltzFJQpHz5BK/qtfCusBw22G+wxrnbKaP/Y7eS9weOF2Gl KUjHPwSzDTchLcCC0CA/Z8wALtazPqh6BOKNXjsVTyxf5hhC/GdTEjuxjJ2ZcSsND68C ggk0b4haoGTrTJUn7mg5hYkMy8EPvqYZCKm1Kmw9bpGnr0HxITKeBAqvXKcR4yzMiisn uaLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=m5dRs9ot+oLusXG17IMnU/Vc8ufth68vbK5AjqJA17Y=; b=3RlKmSJBcE3038KcWr8y9M+7SQfi52QHW9KmCNnsWDJwArWMByxx9cFSMpHVhuecaZ Y8cWOeWH/khCt7nTI+ihYzIuS05PI34eeYZxLn5dcBxJCQ1or3NumKgQYrcAeKQsW4I0 DQ9aM2ZpmrnlPALO2K9hK64AZqJTXmsDW+Rs7MkbxWyI9y5DpY8dnt4tPBcFoIqeVYo5 uNxQaHJf0ZZ+bcnXoKv/Fu4DjHnbYeag13XG26JgDdLsWnJZTCBbF2h8jQhqidygGuKI yh8QFfHNtYKWicHNySpSNLfNS8kp2oW0RzLFqfB43k8pPzxu/G130mh9gVOrAxT9zPjN 4eZg== X-Gm-Message-State: AOAM530xNmrPlXpkus/hH2Qw5UstQzUBzGlk4Duu+fJV/y074HO7mwFB mAKNYoQTcxMG9nQ2c4zMF4KyUCfGH565m2ACl49fHyloYhI= X-Google-Smtp-Source: ABdhPJyYe47UeJPjQb0vhjgDT8i+bFJ1YpxpLKx+9RHdH3YTHZ3UZPVqogDftBwllW+1ydRpdVTJO9ncJM8XrwdYaGQ= X-Received: by 2002:a0c:f010:: with SMTP id z16mr9480880qvk.8.1631862479623; Fri, 17 Sep 2021 00:07:59 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Riccardo Casatta Date: Fri, 17 Sep 2021 09:07:48 +0200 Message-ID: To: Giacomo Caironi , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="0000000000006b9a7f05cc2b973f" X-Mailman-Approved-At: Fri, 17 Sep 2021 08:17:21 +0000 Subject: Re: [bitcoin-dev] Test cases for Taproot signature message X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Sep 2021 07:08:04 -0000 --0000000000006b9a7f05cc2b973f Content-Type: text/plain; charset="UTF-8" Hi Giacomo, I wrote the rust implementation of bitcoin signature messages and to double-check I created some test vectors you can see at https://github.com/rust-bitcoin/rust-bitcoin/blob/b7f984972ad6cb4942827c2b7c401f590588cdcf/src/util/sighash.rs#L689-L799. These vectors have been created printing intermediate results from https://github.com/bitcoin/bitcoin/blob/6401de0133e32a641ed9e78a85b3aa337c75d190/test/functional/feature_taproot.py Il giorno gio 16 set 2021 alle ore 23:40 Giacomo Caironi via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> ha scritto: > Hi, > recently I have worked on a python implementation of bitcoin signature > messages, and I have found that there was way better documentation about > Segwit signature message than Taproot. > > 1) Segwit signature message got its own BIP, completed with test cases > regarding only that specific function; Taproot on the other hand has the > signature message function defined in BIP 341 and the test vectors in a > different BIP (341). This is confusing. Shouldn't we create a different BIP > only for Taproot signature message exactly like Segwit? > > 2) The test vectors for Taproot have no documentation and, most > importantly, they are not atomic, in the sense that they do not target a > specific part of the taproot code but all of it. This may not be a very big > problem, but for signature verification it is. Because there are hashes > involved, we can't really debug why a signature message doesn't pass > validation, either it is valid or it is not. BIP 143 in this case is really > good, because it provides hash preimages, so it is possible to debug the > function and see where something went wrong. Because of this, writing the > Segwit signature hash function took a fraction of the time compared to > Taproot. > > If this idea is accepted I will be more than happy to write the test cases > for Taproot. > > BTW this is the first time I contribute to Bitcoin, let me know if I was > rude or did something wrong. Moreover english is not my first language, so > I apologize if I wrote something awful above > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > -- Riccardo Casatta - @RCasatta --0000000000006b9a7f05cc2b973f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi = Giacomo,

I wrote the rust= implementation of bitcoin signature messages and to double-check I created= some test vectors you can see at=C2=A0https://github.com/rust-bitcoin/rust-bitcoin/blob/b7f= 984972ad6cb4942827c2b7c401f590588cdcf/src/util/sighash.rs#L689-L799. Th= ese vectors have been created printing intermediate results from https://github.com/bitcoin/bitco= in/blob/6401de0133e32a641ed9e78a85b3aa337c75d190/test/functional/feature_ta= proot.py

Il giorno gio 16 set 2021 alle ore 23:40 Giacomo Caironi = via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> ha scritto:
Hi,=C2=A0
= recently I have worked on a python implementation of bitcoin signature mess= ages, and I have found that there was way better documentation about Segwit= signature message than Taproot.

1) Segwit signatu= re message got its own BIP, completed with test cases regarding only that s= pecific function; Taproot on the other hand has the signature message funct= ion defined in BIP 341 and the test vectors in a different BIP (341). This = is confusing. Shouldn't we create a different BIP only for Taproot sign= ature message exactly like Segwit?

2) The test vec= tors for Taproot have no documentation and, most importantly, they are not = atomic, in the sense that they do not target a specific part of the taproot= code but all of it. This may not be a very big problem, but for signature = verification it is. Because there are hashes involved, we can't really = debug why a signature message doesn't pass validation, either it is val= id or it is not. BIP 143 in this case is really good, because it provides h= ash preimages, so it is possible to debug the function and see where someth= ing went wrong. Because of this, writing the Segwit signature hash function= took a fraction of the time compared to Taproot.

= If this idea is accepted I will be more than happy to write the test cases = for Taproot.

BTW this is the first time I contribu= te to Bitcoin, let me know if I was rude or did something wrong. Moreover e= nglish is not my first language, so I apologize if I wrote something awful = above
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev


--
Riccardo Casatta - @RCasatta
--0000000000006b9a7f05cc2b973f--