schnorr signatures

[nodech]

It seems there's a bug in schnorr (probably javascript).

Source of the issue: bcoin-org/bcash#134

Reproduce:

const native = require('./lib/native/secp256k1');
const js = require('./lib/js/secp256k1');

const hash = Buffer.from(
  'cd3808fc5cbf9f2190d9b867b4498f234212984b8c879f296cf8e792b622a2f4',
  'hex'
);
const sig = Buffer.from(
  '0df4be7f5fe74b2855b92082720e889038e15d8d747334fa3f300ef4ab1db1eea56aa83d1d60809ff6703791736be87cfb6cbc5c4036aeed3b4ea4e6dab35090',
  'hex'
);
const key = Buffer.from(
  '0479be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8',
  'hex'
);

const nres = native.schnorrVerify(hash, sig, key);
const jres = js.schnorrVerify(hash, sig, key);

console.log('verify native:', nres);     // true
console.log('verify javascript:', jres); // false

Unfortunately don't have more details.

[pinheadmz]

Nice find-and-fix, @nodar-chkuaselidze and @chjj !
I wonder if this would've been caught in advance by something like this: bcoin-org/bcoin#729
Shouldn't we require CI runs with native bcrypto? (Or should it test all 3 backends for every pull test?)

[chjj]

@pinheadmz all three backends, plus the browser would probably be ideal. A nasty command line of:

$ bmocha -H  && bmocha -B js && bmocha -B node && bmocha -B native

Will probably take a while to run.