sign_verify_vectors.json raw

   1  {
   2    "sk": "7FB9E0E687ADA1EEBF7ECFE2F21E73EBDB51A7D450948DFE8D76D7F2D1007671",
   3    "pubkeys": [
   4      "03935F972DA013F80AE011890FA89B67A27B7BE6CCB24D3274D18B2D4067F261A9",
   5      "02F9308A019258C31049344F85F89D5229B531C845836F99B08601F113BCE036F9",
   6      "02DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA661",
   7      "020000000000000000000000000000000000000000000000000000000000000007"
   8    ],
   9    "secnonces": [
  10      "508B81A611F100A6B2B6B29656590898AF488BCF2E1F55CF22E5CFB84421FE61FA27FD49B1D50085B481285E1CA205D55C82CC1B31FF5CD54A489829355901F703935F972DA013F80AE011890FA89B67A27B7BE6CCB24D3274D18B2D4067F261A9",
  11      "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003935F972DA013F80AE011890FA89B67A27B7BE6CCB24D3274D18B2D4067F261A9"
  12    ],
  13    "pnonces": [
  14      "0337C87821AFD50A8644D820A8F3E02E499C931865C2360FB43D0A0D20DAFE07EA0287BF891D2A6DEAEBADC909352AA9405D1428C15F4B75F04DAE642A95C2548480",
  15      "0279BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F817980279BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
  16      "032DE2662628C90B03F5E720284EB52FF7D71F4284F627B68A853D78C78E1FFE9303E4C5524E83FFE1493B9077CF1CA6BEB2090C93D930321071AD40B2F44E599046",
  17      "0237C87821AFD50A8644D820A8F3E02E499C931865C2360FB43D0A0D20DAFE07EA0387BF891D2A6DEAEBADC909352AA9405D1428C15F4B75F04DAE642A95C2548480",
  18      "020000000000000000000000000000000000000000000000000000000000000009"
  19    ],
  20    "aggnonces": [
  21      "028465FCF0BBDBCF443AABCCE533D42B4B5A10966AC09A49655E8C42DAAB8FCD61037496A3CC86926D452CAFCFD55D25972CA1675D549310DE296BFF42F72EEEA8C9",
  22      "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
  23      "048465FCF0BBDBCF443AABCCE533D42B4B5A10966AC09A49655E8C42DAAB8FCD61037496A3CC86926D452CAFCFD55D25972CA1675D549310DE296BFF42F72EEEA8C9",
  24      "028465FCF0BBDBCF443AABCCE533D42B4B5A10966AC09A49655E8C42DAAB8FCD61020000000000000000000000000000000000000000000000000000000000000009",
  25      "028465FCF0BBDBCF443AABCCE533D42B4B5A10966AC09A49655E8C42DAAB8FCD6102FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC30"
  26    ],
  27    "msgs": [
  28      "F95466D086770E689964664219266FE5ED215C92AE20BAB5C9D79ADDDDF3C0CF",
  29      "",
  30      "2626262626262626262626262626262626262626262626262626262626262626262626262626"
  31    ],
  32    "valid_test_cases": [
  33      {
  34        "key_indices": [0, 1, 2],
  35        "nonce_indices": [0, 1, 2],
  36        "aggnonce_index": 0,
  37        "msg_index": 0,
  38        "signer_index": 0,
  39        "expected": "012ABBCB52B3016AC03AD82395A1A415C48B93DEF78718E62A7A90052FE224FB"
  40      },
  41      {
  42        "key_indices": [1, 0, 2],
  43        "nonce_indices": [1, 0, 2],
  44        "aggnonce_index": 0,
  45        "msg_index": 0,
  46        "signer_index": 1,
  47        "expected": "9FF2F7AAA856150CC8819254218D3ADEEB0535269051897724F9DB3789513A52"
  48      },
  49      {
  50        "key_indices": [1, 2, 0],
  51        "nonce_indices": [1, 2, 0],
  52        "aggnonce_index": 0,
  53        "msg_index": 0,
  54        "signer_index": 2,
  55        "expected": "FA23C359F6FAC4E7796BB93BC9F0532A95468C539BA20FF86D7C76ED92227900"
  56      },
  57      {
  58        "key_indices": [0, 1],
  59        "nonce_indices": [0, 3],
  60        "aggnonce_index": 1,
  61        "msg_index": 0,
  62        "signer_index": 0,
  63        "expected": "AE386064B26105404798F75DE2EB9AF5EDA5387B064B83D049CB7C5E08879531",
  64        "comment": "Both halves of aggregate nonce correspond to point at infinity"
  65      }
  66    ],
  67    "sign_error_test_cases": [
  68      {
  69        "key_indices": [1, 2],
  70        "aggnonce_index": 0,
  71        "msg_index": 0,
  72        "secnonce_index": 0,
  73        "error": {
  74          "type": "value",
  75          "message": "The signer's pubkey must be included in the list of pubkeys."
  76        },
  77        "comment": "The signers pubkey is not in the list of pubkeys"
  78      },
  79      {
  80        "key_indices": [1, 0, 3],
  81        "aggnonce_index": 0,
  82        "msg_index": 0,
  83        "secnonce_index": 0,
  84        "error": {
  85          "type": "invalid_contribution",
  86          "signer": 2,
  87          "contrib": "pubkey"
  88        },
  89        "comment": "Signer 2 provided an invalid public key"
  90      },
  91      {
  92        "key_indices": [1, 2, 0],
  93        "aggnonce_index": 2,
  94        "msg_index": 0,
  95        "secnonce_index": 0,
  96        "error": {
  97          "type": "invalid_contribution",
  98          "signer": null,
  99          "contrib": "aggnonce"
 100        },
 101        "comment": "Aggregate nonce is invalid due wrong tag, 0x04, in the first half"
 102      },
 103      {
 104        "key_indices": [1, 2, 0],
 105        "aggnonce_index": 3,
 106        "msg_index": 0,
 107        "secnonce_index": 0,
 108        "error": {
 109          "type": "invalid_contribution",
 110          "signer": null,
 111          "contrib": "aggnonce"
 112        },
 113        "comment": "Aggregate nonce is invalid because the second half does not correspond to an X coordinate"
 114      },
 115      {
 116        "key_indices": [1, 2, 0],
 117        "aggnonce_index": 4,
 118        "msg_index": 0,
 119        "secnonce_index": 0,
 120        "error": {
 121          "type": "invalid_contribution",
 122          "signer": null,
 123          "contrib": "aggnonce"
 124        },
 125        "comment": "Aggregate nonce is invalid because second half exceeds field size"
 126      },
 127      {
 128        "key_indices": [0, 1, 2],
 129        "aggnonce_index": 0,
 130        "msg_index": 0,
 131        "signer_index": 0,
 132        "secnonce_index": 1,
 133        "error": {
 134          "type": "value",
 135          "message": "first secnonce value is out of range."
 136        },
 137        "comment": "Secnonce is invalid which may indicate nonce reuse"
 138      }
 139    ],
 140    "verify_fail_test_cases": [
 141      {
 142        "sig": "97AC833ADCB1AFA42EBF9E0725616F3C9A0D5B614F6FE283CEAAA37A8FFAF406",
 143        "key_indices": [0, 1, 2],
 144        "nonce_indices": [0, 1, 2],
 145        "msg_index": 0,
 146        "signer_index": 0,
 147        "comment": "Wrong signature (which is equal to the negation of valid signature)"
 148      },
 149      {
 150        "sig": "68537CC5234E505BD14061F8DA9E90C220A181855FD8BDB7F127BB12403B4D3B",
 151        "key_indices": [0, 1, 2],
 152        "nonce_indices": [0, 1, 2],
 153        "msg_index": 0,
 154        "signer_index": 1,
 155        "comment": "Wrong signer"
 156      },
 157      {
 158        "sig": "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
 159        "key_indices": [0, 1, 2],
 160        "nonce_indices": [0, 1, 2],
 161        "msg_index": 0,
 162        "signer_index": 0,
 163        "comment": "Signature exceeds group size"
 164      }
 165    ],
 166    "verify_error_test_cases": [
 167      {
 168        "sig": "68537CC5234E505BD14061F8DA9E90C220A181855FD8BDB7F127BB12403B4D3B",
 169        "key_indices": [0, 1, 2],
 170        "nonce_indices": [4, 1, 2],
 171        "msg_index": 0,
 172        "signer_index": 0,
 173        "error": {
 174          "type": "invalid_contribution",
 175          "signer": 0,
 176          "contrib": "pubnonce"
 177        },
 178        "comment": "Invalid pubnonce"
 179      },
 180      {
 181        "sig": "68537CC5234E505BD14061F8DA9E90C220A181855FD8BDB7F127BB12403B4D3B",
 182        "key_indices": [3, 1, 2],
 183        "nonce_indices": [0, 1, 2],
 184        "msg_index": 0,
 185        "signer_index": 0,
 186        "error": {
 187          "type": "invalid_contribution",
 188          "signer": 0,
 189          "contrib": "pubkey"
 190        },
 191        "comment": "Invalid pubkey"
 192      }
 193    ]
 194  }
 195