From 0e0042d1aed596efd835c5ca08f27b4932e34483 Mon Sep 17 00:00:00 2001
From: Salvatore Ingala <6681844+bigspider@users.noreply.github.com>
Date: Thu, 21 Nov 2024 11:22:33 +0000
Subject: [PATCH] Only compute the aggregate key once for each key expression

---
 src/handler/sign_psbt.c | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/src/handler/sign_psbt.c b/src/handler/sign_psbt.c
index e1b8177f..3f54a113 100644
--- a/src/handler/sign_psbt.c
+++ b/src/handler/sign_psbt.c
@@ -2613,16 +2613,8 @@ static bool compute_musig_per_input_info(dispatcher_context_t *dc,
         }
     }
 
-    musig_keyagg_context_t musig_ctx;
-    musig_key_agg(out->keys, musig_info->n, &musig_ctx);
-
-    // compute the aggregated extended pubkey
-    memset(&ext_pubkey, 0, sizeof(ext_pubkey));
-    write_u32_be(ext_pubkey.version, 0, BIP32_PUBKEY_VERSION);
-
-    ext_pubkey.compressed_pubkey[0] = (musig_ctx.Q.y[31] % 2 == 0) ? 2 : 3;
-    memcpy(&ext_pubkey.compressed_pubkey[1], musig_ctx.Q.x, sizeof(musig_ctx.Q.x));
-    memcpy(&ext_pubkey.chain_code, BIP_328_CHAINCODE, sizeof(BIP_328_CHAINCODE));
+    // we already computed the aggregate (pre-tweaks) xpub in the keyexpr_info
+    memcpy(&ext_pubkey, &keyexpr_info->pubkey, sizeof(serialized_extended_pubkey_t));
 
     // 2) compute musig2 tweaks
     // We always have exactly 2 BIP32 tweaks in wallet policies; if the musig is in the keypath