studying – Inconsistent conduct testing Taproot Workshop – Part: 0.2 Elliptic Curve Math

0
81


Workshop hyperlink: https://github.com/bitcoinops/taproot-workshop/

Within the part 0.2.4 Programming Train: Distributivity of scalar operations we implement the next code:

a_key = ECKey().set(a)

b = random.randrange(1, SECP256K1_ORDER)
b_key = ECKey().set(b)

c = random.randrange(1, SECP256K1_ORDER)
c_key = ECKey().set(c)

# Left: Compute a - b as ints (modulo the sepc256k1 group order)
a_minus_b =  (a - b) % SECP256K1_ORDER# TODO: implement

# Left: Compute (a - b) * c as ints (modulo the sepc256k1 group order)
left =  (a_minus_b * c) % SECP256K1_ORDER# TODO: implement

# Proper: Compute a * c - b * c as ECKeys
proper = (a * c % SECP256K1_ORDER) - (b * c % SECP256K1_ORDER) # TODO: implement 
#in the event you dont modulo curve order in each parenthesis your quantity (most likely) turns into too giant for the curve
#due to this fact calling .secret on it is not going to work even in the event you forged it to ECKey Object (so the assertion can not even occur on this case)
#you'll solely be capable of name .secret on a price inside the curve order

print("Left: {}".format(left))
print("Proper: {}".format(proper))


proper = ECKey().set(proper)
# Left/Proper: Assert equality
assert left == proper.secret
print("nSuccess!")

Notice that the traces with #TODO: implement are the one ones I’ve modified.

When attempting this code block a couple of occasions I seen that it fails often with:

Left: 84229569338898829804715923445734053841060795723920762893503652295039608159004
Proper: -31562519898417365618855061562953854011776768555154141489101510846478553335333
---------------------------------------------------------------------------
AttributeError                            Traceback (most up-to-date name final)
Cell In[32], line 28
     26 proper = ECKey().set(proper)
     27 # Left/Proper: Assert equality
---> 28 assert left == proper.secret
     29 print("nSuccess!")

AttributeError: 'ECKey' object has no attribute 'secret'

The attribute error means that the generated secret is exterior the curve order and was not correctly became the ECKey

However for no less than 50% of the time it returns one thing like:

Left: 51082417157028894624564857296082907029625179491897309339882235219613900809295
Proper: 51082417157028894624564857296082907029625179491897309339882235219613900809295

Success!

What’s inflicting this inconsistency?

LEAVE A REPLY

Please enter your comment!
Please enter your name here