futr icon indicating copy to clipboard operation
futr copied to clipboard
verified publisher icon prolic

Nip incompliant pubkey (length 32 expected)

Open ghost opened this issue 2 years ago • 4 comments

"pubkey": <32-bytes lowercase hex-encoded public key of the event creator>

https://github.com/prolic/futr/blob/672758c0a654f310b8c5ac6c87a2bcc3e3b696e8/src/Nostr/Event.hs#L94

ghci> kp <- generateKeyPair
ghci> pk = exportXOnlyPubKey . deriveXOnlyPubKey $ kp
ghci> BS.length . Hex.decodeLenient . encodeUtf8 . T.pack $ pk
64
-- or
ghci> BS.length . getXOnlyPubKey . deriveXOnlyPubKey $ kp
64
-- therefore 
ghci> xOnlyPubKey . getXOnlyPubKey . deriveXOnlyPubKey $ kp
Nothing

Am I missing something? Does this, how does this work?

ghost avatar Jul 31 '23 21:07 ghost

Sorry, I'm not following, can you explain what's the issues here?

prolic avatar Aug 07 '23 23:08 prolic

64 bytes is coming out from exportXOnlyPubKey but the spec asks for a 32 bytes. I'm trying to understand why / how this isn't creating invalid events with pubkeys like: ae6fb593b1613d445a198d9b7f287e08b61f0d13e56b98259c409937cf3d4c758e37918d84ab20dcf6f3698185685bd66ddbf86829878a8b5e8e817bef086643

ghci> xOnlyPubKey . getXOnlyPubKey . deriveXOnlyPubKey $ kp

This loop return Nothing because building the XOnlyPub takes 32 bytes but getXOnlyPubKey puts out 64.

ghost avatar Aug 08 '23 00:08 ghost

I have to double check that, maybe I get to it on the weekend.

Sascha-Oliver Prolic

Am Mo., 7. Aug. 2023 um 20:06 Uhr schrieb AutonomousOrganization < @.***>:

64 bytes is coming out from exportXOnlyPubKey but the spec asks for a 32 bytes. I'm trying to understand why / how this isn't creating invalid events with pubkeys like:

ae6fb593b1613d445a198d9b7f287e08b61f0d13e56b98259c409937cf3d4c758e37918d84ab20dcf6f3698185685bd66ddbf86829878a8b5e8e817bef086643

ghci> xOnlyPubKey . getXOnlyPubKey . deriveXOnlyPubKey $ kp

This loop return Nothing because building the XOnlyPub takes 32 bytes but getXOnlyPubKey puts out 64.

— Reply to this email directly, view it on GitHub https://github.com/prolic/futr/issues/16#issuecomment-1668726057, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADAJPFO32A2E7MT7YHGEH3XUF7H3ANCNFSM6AAAAAA262D764 . You are receiving this because you commented.Message ID: @.***>

prolic avatar Aug 09 '23 18:08 prolic

The problem is in the underlying secp256k1 library:

exportXOnlyPubKey :: XOnlyPubKey -> String
exportXOnlyPubKey (XOnlyPubKey p) = unsafePerformIO $ do
         unsafeUseByteString p $ \(p_ptr, _) -> do
           serialized <- mallocBytes 64 -- !! <--- 32
           ret <- schnorrPubKeySerialize ctx serialized p_ptr
           unless (isSuccess ret) $ do
             free serialized
             error "could not serialize x-only public key"
           out <- unsafePackByteString (serialized, 64) -- !! <-- 32
           return $ exportText out

I've learned a lot picking through futr and secp256k1-schnorr. Got the sign verify working here: futr2

ghost avatar Aug 19 '23 05:08 ghost

I'm going to close this issue. I've removed the secp256k1-schnorr dependency and I am now working on some major changes for this project.

prolic avatar Jun 22 '24 01:06 prolic