signrpc: add schnorr sig to sign and validate msg

2025-08-29 15:11:09 +02:00 · 2022-06-23 15:35:29 +02:00
parent 9d568cc119
commit b5af0ce327
8 changed files with 449 additions and 213 deletions
--- a/keychain/btcwallet.go
+++ b/keychain/btcwallet.go
@@ -6,7 +6,9 @@ import (

 	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcd/btcec/v2/ecdsa"
+	"github.com/btcsuite/btcd/btcec/v2/schnorr"
 	"github.com/btcsuite/btcd/chaincfg/chainhash"
+	"github.com/btcsuite/btcd/txscript"
 	"github.com/btcsuite/btcwallet/waddrmgr"
 	"github.com/btcsuite/btcwallet/wallet"
 	"github.com/btcsuite/btcwallet/walletdb"
@@ -452,3 +454,33 @@ func (b *BtcWalletKeyRing) SignMessageCompact(keyLoc KeyLocator,
 	}
 	return ecdsa.SignCompact(privKey, digest, true)
 }
+
+// SignMessageSchnorr uses the Schnorr signature algorithm to sign the given
+// message, single or double SHA256 hashing it first, with the private key
+// described in the key locator and the optional tweak applied to the private
+// key.
+//
+// NOTE: This is part of the keychain.MessageSignerRing interface.
+func (b *BtcWalletKeyRing) SignMessageSchnorr(keyLoc KeyLocator,
+	msg []byte, doubleHash bool, taprootTweak []byte) (*schnorr.Signature,
+	error) {
+
+	privKey, err := b.DerivePrivKey(KeyDescriptor{
+		KeyLocator: keyLoc,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	if len(taprootTweak) > 0 {
+		privKey = txscript.TweakTaprootPrivKey(privKey, taprootTweak)
+	}
+
+	var digest []byte
+	if doubleHash {
+		digest = chainhash.DoubleHashB(msg)
+	} else {
+		digest = chainhash.HashB(msg)
+	}
+	return schnorr.Sign(privKey, digest)
+}
--- a/keychain/derivation.go
+++ b/keychain/derivation.go
@@ -5,6 +5,7 @@ import (

 	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcd/btcec/v2/ecdsa"
+	"github.com/btcsuite/btcd/btcec/v2/schnorr"
 )

 const (
@@ -234,6 +235,13 @@ type MessageSignerRing interface {
 	// format.
 	SignMessageCompact(keyLoc KeyLocator, msg []byte,
 		doubleHash bool) ([]byte, error)
+
+	// SignMessageSchnorr signs the given message, single or double SHA256
+	// hashing it first, with the private key described in the key locator
+	// and the optional Taproot tweak applied to the private key.
+	SignMessageSchnorr(keyLoc KeyLocator, msg []byte,
+		doubleHash bool, taprootTweak []byte) (*schnorr.Signature,
+		error)
 }

 // SingleKeyMessageSigner is an abstraction interface that hides the