ghostchain/ghost-exodus-draft
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Description

Uncle Stretch 2025-10-17 19:32:59 +02:00
parent bcdb9a2ce2
commit 0c291c3496
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Description.md

@ -72,8 +72,6 @@ Q = (1/r) * (R*s - G*m) //recovered pubkey
Ethereum's `ecrecover` returns the last 20 bytes of the keccak256 hash of the 64-byte public key, [check code here](https://github.com/ethereum/go-ethereum/blob/eb948962704397bb861fd4c0591b5056456edd4d/crypto/crypto.go#L275). Given signature (`R`, `s`), message `m` and public key `P` we can feed values into `ecrecover` such that the returned address can be used in a comparison to the challenge. Ethereum's `ecrecover` returns the last 20 bytes of the keccak256 hash of the 64-byte public key, [check code here](https://github.com/ethereum/go-ethereum/blob/eb948962704397bb861fd4c0591b5056456edd4d/crypto/crypto.go#L275). Given signature (`R`, `s`), message `m` and public key `P` we can feed values into `ecrecover` such that the returned address can be used in a comparison to the challenge.
$$ calculate e = H(address(R) || m) and P_x = x-coordinate of P $$
pass: pass:
```bash ```bash
@ -92,12 +90,12 @@ a = -G*(-s*P_x) = G*s*P_x
b = P*(-m*P_x) = -P*e*P_x b = P*(-m*P_x) = -P*e*P_x
Q = (1/P_x) (a+b) Q = (1/P_x) (a+b)
Q = (1/P_x)(G*s*P_x - P*e*P_x) Q = (1/P_x)(G*s*P_x - P*e*P_x)
Q = G*s - P*e // same as schnorr verify above Q = G*s - P*e // same as verification above
``` ```
the returned value is `address(Q)`. the returned value is `address(Q)`.
* calculate e' = h(address(Q) || m) * calculate e'
* check e' == e to verify the signature. * check e' == e to verify the signature.
Canoncial `ecrecover` implementations: Canoncial `ecrecover` implementations: