Skip to content

Commit

Permalink
Add an explicit initializer for the musigsession signing state.
Browse files Browse the repository at this point in the history 
This is redundant with the current implementation. However, the
musigsession module is written in such a way that the calling code
has no knowledge about its internal working. Therefore, it should
not assume that zeroing out is the correct way of initializing it.
  • Loading branch information
@bigspider
bigspider committed Nov 29, 2024
1 parent bd286b3 commit b551ed4
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 2 deletions.
3 changes: 3 additions & 0 deletions src/handler/sign_psbt.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2907,6 +2907,9 @@ void handler_sign_psbt(dispatcher_context_t *dc, uint8_t protocol_version) {
signing_state_t signing_state;
memset(&signing_state, 0, sizeof(signing_state));

// Make sure that the signing state for MuSig2 is initialized correctly
musigsession_initialize_signing_state(&signing_state.musig);

// compute all the tx-wide hashes
if (!compute_tx_hashes(dc, &st, &signing_state.tx_hashes)) {
return;
Expand Down
7 changes: 7 additions & 0 deletions src/musig/musig_sessions.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,10 @@ void compute_rand_i_j(const musig_psbt_session_t *psbt_session,
crypto_hash_digest(&hash_context.header, out, 32);
}

void musigsession_initialize_signing_state(musig_signing_state_t *musig_signing_state) {
memset(musig_signing_state, 0, sizeof(musig_signing_state_t));
}

const musig_psbt_session_t *musigsession_round1_initialize(
uint8_t psbt_session_id[static 32],
musig_signing_state_t *musig_signing_state) {
Expand Down Expand Up @@ -126,6 +130,9 @@ void musigsession_commit(musig_signing_state_t *musig_signing_state) {
for (size_t i = 0; i < sizeof(musig_signing_state->_round1); i++) {
acc |= musig_signing_state->_round1._id[i];
}
// If round 1 was not executed, then there is nothing to store.
// This assumes that musigsession_initialize_signing_state, therefore the field is zeroed out
// if it wasn't used.
if (acc != 0) {
musigsession_store(musig_signing_state->_round1._id, &musig_signing_state->_round1);
}
Expand Down
16 changes: 14 additions & 2 deletions src/musig/musig_sessions.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,20 @@ void compute_rand_i_j(const musig_psbt_session_t *psbt_session,
int placeholder_index,
uint8_t out[static 32]);

/**
* Make sure that the musig signing state is initialized correctly.
*
* This method must be called before musigsession_round1_initialize or
* musigsession_round2_initialize are called in the code.
*
* This allows the calling code to not make any assumption about how
* the inialization of the musig signing state is done.
*
* @param[in] musig_signing_state
* Pointer to the musig signing state.
*/
void musigsession_initialize_signing_state(musig_signing_state_t *musig_signing_state);

/**
* Handles the creation of a new musig psbt session into the volatile memory, or its retrieval (if
* the session already exists).
Expand Down Expand Up @@ -80,8 +94,6 @@ __attribute__((warn_unused_result)) const musig_psbt_session_t *musigsession_rou
* been returned to the client. It must _not_ be called if any error occurs, or if the signing
* process is aborted for any reason.
*
* @param[in] psbt_session_id
* Pointer to the musig psbt session id.
* @param[in] musig_signing_state
* Pointer to the musig signing state.
*/
Expand Down

0 comments on commit b551ed4

Please sign in to comment.