ddk-messages 1.0.11

Structs and serialization for the Discreet Log Contract (DLC) protocol.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681

//! Structs containing oracle information.

use crate::ser_impls::{
    read_as_tlv, read_i32, read_schnorr_pubkey, read_schnorrsig, read_strings_u16, write_as_tlv,
    write_i32, write_schnorr_pubkey, write_schnorrsig, write_strings_u16, BigSize,
};
use bitcoin::hashes::{Hash, HashEngine};
use ddk_dlc::{Error, OracleInfo as DlcOracleInfo};
use lightning::ln::msgs::DecodeError;
use lightning::ln::wire::Type;
use lightning::util::ser::{Readable, Writeable, Writer};
use secp256k1_zkp::Verification;
use secp256k1_zkp::{schnorr::Signature, Message, Secp256k1, XOnlyPublicKey};
#[cfg(feature = "use-serde")]
use serde::{Deserialize, Serialize};

/// The type of the announcement struct.
pub const ANNOUNCEMENT_TYPE: u16 = 55332;
/// The type of the attestation struct.
pub const ATTESTATION_TYPE: u16 = 55400;

/// The tag of the oracle announcement struct.
pub const ORACLE_ANNOUNCEMENT_TAG: &[u8] = b"DLC/oracle/announcement/v0";
/// The tag of the oracle attestation struct.
pub const ORACLE_ATTESTATION_TAG: &[u8] = b"DLC/oracle/attestation/v0";

#[derive(Clone, Eq, PartialEq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(serde::Serialize, serde::Deserialize),
    serde(rename_all = "camelCase")
)]
/// Information about an oracle used in a contract.
pub enum OracleInfo {
    /// Used when a contract uses a single oracle.
    Single(SingleOracleInfo),
    /// Used when a contract uses multiple oracles.
    Multi(MultiOracleInfo),
}

impl<'a> OracleInfo {
    /// Returns the first event descriptor.
    pub fn get_first_event_descriptor(&'a self) -> &'a EventDescriptor {
        match self {
            OracleInfo::Single(single) => &single.oracle_announcement.oracle_event.event_descriptor,
            OracleInfo::Multi(multi) => {
                &multi.oracle_announcements[0].oracle_event.event_descriptor
            }
        }
    }
}

impl OracleInfo {
    /// Returns the closest maturity date amongst all events
    pub fn get_closest_maturity_date(&self) -> u32 {
        match self {
            OracleInfo::Single(s) => s.oracle_announcement.oracle_event.event_maturity_epoch,
            OracleInfo::Multi(m) => m
                .oracle_announcements
                .iter()
                .map(|x| x.oracle_event.event_maturity_epoch)
                .min()
                .expect("to have at least one event"),
        }
    }

    /// Checks that the info satisfies the validity conditions.
    pub fn validate<C: Verification>(&self, secp: &Secp256k1<C>) -> Result<(), Error> {
        match self {
            OracleInfo::Single(s) => s.oracle_announcement.validate(secp)?,
            OracleInfo::Multi(m) => {
                for o in &m.oracle_announcements {
                    o.validate(secp)?;
                }
            }
        };

        Ok(())
    }
}

impl_dlc_writeable_enum!(
    OracleInfo, (0, Single), (1, Multi);;;
);

#[derive(Clone, Eq, PartialEq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(serde::Serialize, serde::Deserialize),
    serde(rename_all = "camelCase")
)]
/// Structure containing information about an oracle to be used as external
/// data source for a DLC contract.
pub struct SingleOracleInfo {
    /// The oracle announcement from the oracle.
    pub oracle_announcement: OracleAnnouncement,
}

impl_dlc_writeable!(SingleOracleInfo, {
    (oracle_announcement, {cb_writeable, write_as_tlv, read_as_tlv })
});

#[derive(Clone, Eq, PartialEq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(serde::Serialize, serde::Deserialize),
    serde(rename_all = "camelCase")
)]
/// Information about oracles used in multi oracle based contracts.
pub struct MultiOracleInfo {
    /// The threshold to be used for the contract (e.g. 2 of 3).
    pub threshold: u16,
    /// The set of oracle announcements.
    pub oracle_announcements: Vec<OracleAnnouncement>,
    /// The parameters to be used when allowing differences between oracle
    /// outcomes in numerical outcome contracts.
    pub oracle_params: Option<OracleParams>,
}

impl_dlc_writeable!(MultiOracleInfo, {
    (threshold, writeable),
    (oracle_announcements, {vec_cb, write_as_tlv, read_as_tlv}),
    (oracle_params, option)
});

#[derive(Clone, Eq, PartialEq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(serde::Serialize, serde::Deserialize),
    serde(rename_all = "camelCase")
)]
/// Parameter describing allowed differences between oracles in numerical outcome
/// contracts.
pub struct OracleParams {
    /// The maximum allowed difference between oracle expressed as a power of 2.
    pub max_error_exp: u16,
    /// The minimum allowed difference that should be supported by the contract
    /// expressed as a power of 2.
    pub min_fail_exp: u16,
    /// Whether to maximize coverage of the interval between [`Self::max_error_exp`]
    /// and [`Self::min_fail_exp`].
    pub maximize_coverage: bool,
}

impl_dlc_writeable!(OracleParams, {
    (max_error_exp, writeable),
    (min_fail_exp, writeable),
    (maximize_coverage, writeable)
});

#[derive(Clone, Eq, PartialEq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(Serialize, Deserialize),
    serde(rename_all = "camelCase")
)]
/// An oracle announcement that describe an event and the way that an oracle will
/// attest to it.
pub struct OracleAnnouncement {
    /// The signature enabling verifying the origin of the announcement.
    pub announcement_signature: Signature,
    /// The public key of the oracle.
    pub oracle_public_key: XOnlyPublicKey,
    /// The description of the event and attesting.
    pub oracle_event: OracleEvent,
}

impl Type for OracleAnnouncement {
    fn type_id(&self) -> u16 {
        ANNOUNCEMENT_TYPE
    }
}

/// TODO: this should be handled by the read/write macros. They do not append
/// the tagged hash to the event. As well, [`crate::Message`]
///
/// It should end up being back to original:
///
/// self.event.write(&mut event_hex)?;
///
fn write_oracle_event(event: &OracleEvent) -> Result<Vec<u8>, lightning::io::Error> {
    let mut event_hex = Vec::new();
    BigSize(event.type_id() as u64).write(&mut event_hex)?;
    BigSize(event.serialized_length() as u64).write(&mut event_hex)?;
    event
        .write(&mut event_hex)
        .expect("Error writing oracle event");
    Ok(event_hex)
}

/// Returns the message to be signed for an oracle announcement.
///
/// Follows the signing validation rules from the [DLC spec](https://github.com/discreetlogcontracts/dlcspecs/blob/master/Oracle.md#signing-algorithm).
pub fn tagged_announcement_msg(event: &OracleEvent) -> Message {
    let tag_hash = bitcoin::hashes::sha256::Hash::hash(ORACLE_ANNOUNCEMENT_TAG);
    let event_hex = write_oracle_event(event).expect("Error writing oracle event");
    let mut hash_engine = bitcoin::hashes::sha256::Hash::engine();
    hash_engine.input(&tag_hash[..]);
    hash_engine.input(&tag_hash[..]);
    hash_engine.input(&event_hex);
    let hash = bitcoin::hashes::sha256::Hash::from_engine(hash_engine);
    Message::from_digest(hash.to_byte_array())
}

/// Returns the message to be signed for an oracle attestation.
///
/// Follows the signing validation rules from the [DLC spec](https://github.com/discreetlogcontracts/dlcspecs/blob/master/Oracle.md#signing-algorithm).
pub fn tagged_attestation_msg(outcome: &str) -> Message {
    let tag_hash = bitcoin::hashes::sha256::Hash::hash(ORACLE_ATTESTATION_TAG);
    let mut hash_engine = bitcoin::hashes::sha256::Hash::engine();
    hash_engine.input(&tag_hash[..]);
    hash_engine.input(&tag_hash[..]);
    hash_engine.input(outcome.as_bytes());
    let hash = bitcoin::hashes::sha256::Hash::from_engine(hash_engine);
    Message::from_digest(hash.to_byte_array())
}

impl OracleAnnouncement {
    /// Returns whether the announcement satisfy validity checks.
    pub fn validate<C: Verification>(&self, secp: &Secp256k1<C>) -> Result<(), Error> {
        let msg = tagged_announcement_msg(&self.oracle_event);
        secp.verify_schnorr(&self.announcement_signature, &msg, &self.oracle_public_key)?;
        self.oracle_event.validate()
    }
}

impl_dlc_writeable!(OracleAnnouncement, {
    (announcement_signature, {cb_writeable, write_schnorrsig, read_schnorrsig}),
    (oracle_public_key, {cb_writeable, write_schnorr_pubkey, read_schnorr_pubkey}),
    (oracle_event, {cb_writeable, write_as_tlv, read_as_tlv})
});

impl From<&OracleAnnouncement> for DlcOracleInfo {
    fn from(input: &OracleAnnouncement) -> DlcOracleInfo {
        DlcOracleInfo {
            public_key: input.oracle_public_key,
            nonces: input.oracle_event.oracle_nonces.clone(),
        }
    }
}

#[derive(Clone, Eq, PartialEq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(Serialize, Deserialize),
    serde(rename_all = "camelCase")
)]
/// Information about an event and the way that the oracle will attest to it.
pub struct OracleEvent {
    /// The nonces that the oracle will use to attest to the event outcome.
    pub oracle_nonces: Vec<XOnlyPublicKey>,
    /// The expected maturity of the contract.
    // TODO(tibo): should validate that with the contract maturity.
    pub event_maturity_epoch: u32,
    /// The description of the event.
    pub event_descriptor: EventDescriptor,
    /// The id of the event.
    pub event_id: String,
}

impl OracleEvent {
    /// Returns whether the event passes validity checks.
    pub fn validate(&self) -> Result<(), Error> {
        let expected_nb_nonces = match &self.event_descriptor {
            EventDescriptor::EnumEvent(_) => 1,
            EventDescriptor::DigitDecompositionEvent(d) => {
                if d.is_signed {
                    d.nb_digits as usize + 1
                } else {
                    d.nb_digits as usize
                }
            }
        };

        if expected_nb_nonces == self.oracle_nonces.len() {
            Ok(())
        } else {
            Err(Error::InvalidArgument(format!(
                "Expected number of nonces is not equal to actual number of nonces. expected={} actual={}",
                expected_nb_nonces,
                self.oracle_nonces.len()
            )))
        }
    }
}

impl Type for OracleEvent {
    fn type_id(&self) -> u16 {
        55330
    }
}

impl_dlc_writeable!(OracleEvent, {
    (oracle_nonces, {vec_u16_cb, write_schnorr_pubkey, read_schnorr_pubkey}),
    (event_maturity_epoch, writeable),
    (event_descriptor, writeable),
    (event_id, string)
});

#[derive(Clone, PartialEq, Eq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(Serialize, Deserialize),
    serde(rename_all = "camelCase")
)]
/// Description of an event.
pub enum EventDescriptor {
    /// Used for events based on enumerated outcomes.
    EnumEvent(EnumEventDescriptor),
    /// Used for event based on numerical outcomes.
    DigitDecompositionEvent(DigitDecompositionEventDescriptor),
}

impl_dlc_writeable_enum_as_tlv!(EventDescriptor, (55302, EnumEvent), (55306, DigitDecompositionEvent););

#[derive(Clone, PartialEq, Eq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(Serialize, Deserialize),
    serde(rename_all = "camelCase")
)]
/// Describes the outcomes of an event as an enumeration.
pub struct EnumEventDescriptor {
    /// The possible outcomes of the event.
    pub outcomes: Vec<String>,
}

impl_dlc_writeable!(EnumEventDescriptor, {
    (outcomes, {cb_writeable, write_strings_u16, read_strings_u16})
});

#[derive(Clone, PartialEq, Eq, Debug)]
#[cfg_attr(
    feature = "use-serde",
    derive(Serialize, Deserialize),
    serde(rename_all = "camelCase")
)]
/// Describes the outcomes of a numerical outcome event.
pub struct DigitDecompositionEventDescriptor {
    /// The base in which the outcome will be represented.
    pub base: u16,
    /// Whether the outcome value is signed.
    pub is_signed: bool,
    /// The unit in which the outcome is represented.
    pub unit: String,
    /// The precision used to represent the event outcome.
    pub precision: i32,
    /// The number of digits used to represent the event outcome.
    // TODO:(tibo) should validate that nb_digits == nb_nonces
    pub nb_digits: u16,
}

impl_dlc_writeable!(DigitDecompositionEventDescriptor, {
    (base, writeable),
    (is_signed, writeable),
    (unit, string),
    (precision, {cb_writeable, write_i32, read_i32}),
    (nb_digits, writeable)
});

/// An attestation from an oracle providing signatures over an outcome value.
#[derive(Clone, Debug, PartialEq, Eq)]
#[cfg_attr(
    feature = "use-serde",
    derive(Serialize, Deserialize),
    serde(rename_all = "camelCase")
)]
pub struct OracleAttestation {
    /// The identifier of the announcement.
    pub event_id: String,
    /// The public key of the oracle.
    pub oracle_public_key: XOnlyPublicKey,
    /// The signatures over the event outcome.
    pub signatures: Vec<Signature>,
    /// The set of strings representing the outcome value.
    pub outcomes: Vec<String>,
}

impl OracleAttestation {
    /// Returns whether the attestation satisfy validity checks.
    pub fn validate<C: Verification>(
        &self,
        secp: &Secp256k1<C>,
        announcement: &OracleAnnouncement,
    ) -> Result<(), Error> {
        if self.outcomes.len() != self.signatures.len() {
            return Err(Error::InvalidArgument(format!(
                "Outcomes length is not equal to signatures length. outcomes={} signatures={}",
                self.outcomes.len(),
                self.signatures.len()
            )));
        }

        if self.oracle_public_key != announcement.oracle_public_key {
            return Err(Error::InvalidArgument(format!(
                "Oracle public key is not equal to announcement oracle public key. oracle_public_key={} announcement_oracle_public_key={}",
                self.oracle_public_key,
                announcement.oracle_public_key
            )));
        }

        self.signatures
            .iter()
            .zip(self.outcomes.iter())
            .try_for_each(|(sig, outcome)| {
                let msg = tagged_attestation_msg(outcome);
                secp.verify_schnorr(sig, &msg, &self.oracle_public_key)
                    .map_err(|_| Error::InvalidArgument(format!(
                        "Failed to verify schnorr signature. signature={} oracle_public_key={} msg={}",
                        sig,
                        self.oracle_public_key,
                        msg
                    )))?;

                Ok::<(), ddk_dlc::Error>(())
            })?;

        if !self
            .signatures
            .iter()
            .zip(announcement.oracle_event.oracle_nonces.iter())
            .all(|(sig, nonce)| sig.encode()[..32] == nonce.serialize())
        {
            return Err(Error::InvalidArgument(format!(
                "Signatures are not equal to nonces. signatures={} nonces={}",
                self.signatures.len(),
                announcement.oracle_event.oracle_nonces.len()
            )));
        }

        Ok(())
    }
    /// Returns the nonces used by the oracle to sign the event outcome.
    /// This is used for finding the matching oracle announcement.
    pub fn nonces(&self) -> Vec<XOnlyPublicKey> {
        self.signatures
            .iter()
            .map(|s| XOnlyPublicKey::from_slice(&s[0..32]).expect("valid signature"))
            .collect()
    }
}

impl Type for OracleAttestation {
    fn type_id(&self) -> u16 {
        ATTESTATION_TYPE
    }
}

impl_dlc_writeable!(OracleAttestation, {
    (event_id, string),
    (oracle_public_key, {cb_writeable, write_schnorr_pubkey, read_schnorr_pubkey}),
    (signatures, {vec_u16_cb, write_schnorrsig, read_schnorrsig}),
    (outcomes, {cb_writeable, write_strings_u16, read_strings_u16})
});

#[cfg(test)]
mod tests {
    use super::*;
    use bitcoin::bip32::{ChildNumber, Xpriv};
    use bitcoin::Network;
    use secp256k1_zkp::rand::Fill;
    use secp256k1_zkp::SecretKey;
    use secp256k1_zkp::{rand::thread_rng, SECP256K1};
    use secp256k1_zkp::{schnorr::Signature as SchnorrSignature, Keypair, XOnlyPublicKey};

    fn enum_descriptor() -> EnumEventDescriptor {
        EnumEventDescriptor {
            outcomes: vec!["1".to_string(), "2".to_string(), "3".to_string()],
        }
    }

    fn digit_descriptor() -> DigitDecompositionEventDescriptor {
        DigitDecompositionEventDescriptor {
            base: 2,
            is_signed: false,
            unit: "kg/sats".to_string(),
            precision: 1,
            nb_digits: 10,
        }
    }

    fn signed_digit_descriptor() -> DigitDecompositionEventDescriptor {
        DigitDecompositionEventDescriptor {
            base: 2,
            is_signed: true,
            unit: "kg/sats".to_string(),
            precision: 1,
            nb_digits: 10,
        }
    }

    fn some_schnorr_pubkey() -> XOnlyPublicKey {
        let key_pair = Keypair::new(SECP256K1, &mut thread_rng());
        XOnlyPublicKey::from_keypair(&key_pair).0
    }

    fn digit_event(nb_nonces: usize) -> OracleEvent {
        OracleEvent {
            oracle_nonces: (0..nb_nonces).map(|_| some_schnorr_pubkey()).collect(),
            event_maturity_epoch: 10,
            event_descriptor: EventDescriptor::DigitDecompositionEvent(digit_descriptor()),
            event_id: "test".to_string(),
        }
    }

    fn signed_digit_event(nb_nonces: usize) -> OracleEvent {
        OracleEvent {
            oracle_nonces: (0..nb_nonces).map(|_| some_schnorr_pubkey()).collect(),
            event_maturity_epoch: 10,
            event_descriptor: EventDescriptor::DigitDecompositionEvent(signed_digit_descriptor()),
            event_id: "test-signed".to_string(),
        }
    }

    fn enum_event(nb_nonces: usize) -> OracleEvent {
        OracleEvent {
            oracle_nonces: (0..nb_nonces).map(|_| some_schnorr_pubkey()).collect(),
            event_maturity_epoch: 10,
            event_descriptor: EventDescriptor::EnumEvent(enum_descriptor()),
            event_id: "test".to_string(),
        }
    }

    fn create_nonce_key() -> (SecretKey, XOnlyPublicKey) {
        let mut nonce_seed = [0u8; 32];
        nonce_seed.try_fill(&mut thread_rng()).unwrap();
        let nonce_priv = Xpriv::new_master(Network::Bitcoin, &nonce_seed)
            .unwrap()
            .derive_priv(SECP256K1, &[ChildNumber::from_normal_idx(1).unwrap()])
            .unwrap()
            .private_key;

        let nonce_xpub = nonce_priv.x_only_public_key(SECP256K1).0;

        (nonce_priv, nonce_xpub)
    }

    #[test]
    fn valid_oracle_announcement_passes_validation_test() {
        let key_pair = Keypair::new(SECP256K1, &mut thread_rng());
        let oracle_pubkey = XOnlyPublicKey::from_keypair(&key_pair).0;
        let events = [digit_event(10), signed_digit_event(11), enum_event(1)];
        for event in events {
            let msg = tagged_announcement_msg(&event);
            let sig = SECP256K1.sign_schnorr(&msg, &key_pair);
            let valid_announcement = OracleAnnouncement {
                announcement_signature: sig,
                oracle_public_key: oracle_pubkey,
                oracle_event: event,
            };

            valid_announcement
                .validate(SECP256K1)
                .expect("a valid announcement.");
        }
    }

    #[test]
    fn invalid_oracle_announcement_fails_validation_test() {
        let key_pair = Keypair::new(SECP256K1, &mut thread_rng());
        let oracle_pubkey = XOnlyPublicKey::from_keypair(&key_pair).0;
        let events = [digit_event(9), signed_digit_event(10), enum_event(2)];
        for event in events {
            let msg = tagged_announcement_msg(&event);
            let sig = SECP256K1.sign_schnorr(&msg, &key_pair);
            let invalid_announcement = OracleAnnouncement {
                announcement_signature: sig,
                oracle_public_key: oracle_pubkey,
                oracle_event: event,
            };

            invalid_announcement
                .validate(SECP256K1)
                .expect_err("invalid announcement should fail validation.");
        }
    }

    #[test]
    fn invalid_oracle_announcement_signature_fails_validation_test() {
        let key_pair = Keypair::new(SECP256K1, &mut thread_rng());
        let oracle_pubkey = XOnlyPublicKey::from_keypair(&key_pair).0;
        let event = digit_event(10);
        let msg = tagged_announcement_msg(&event);
        let sig = SECP256K1.sign_schnorr(&msg, &key_pair);
        let mut sig_hex = *sig.as_ref();
        sig_hex[10] = sig_hex[10].checked_add(1).unwrap_or(0);
        let sig = SchnorrSignature::from_slice(&sig_hex).unwrap();
        let invalid_announcement = OracleAnnouncement {
            announcement_signature: sig,
            oracle_public_key: oracle_pubkey,
            oracle_event: event,
        };

        assert!(invalid_announcement.validate(SECP256K1).is_err());
    }

    #[test]
    fn valid_oracle_attestation() {
        let key_pair = Keypair::new(SECP256K1, &mut thread_rng());
        let oracle_pubkey = XOnlyPublicKey::from_keypair(&key_pair).0;
        let (nonce_secret, nonce_xpub) = create_nonce_key();

        let oracle_event = OracleEvent {
            event_id: "test".to_string(),
            event_maturity_epoch: 10,
            oracle_nonces: vec![nonce_xpub],
            event_descriptor: EventDescriptor::EnumEvent(enum_descriptor()),
        };

        let msg = tagged_announcement_msg(&oracle_event);
        let sig = SECP256K1.sign_schnorr(&msg, &key_pair);

        let valid_announcement = OracleAnnouncement {
            oracle_public_key: oracle_pubkey,
            announcement_signature: sig,
            oracle_event,
        };

        let msg = tagged_attestation_msg("1");
        let sig = ddk_dlc::secp_utils::schnorrsig_sign_with_nonce(
            SECP256K1,
            &msg,
            &key_pair,
            &nonce_secret.secret_bytes(),
        );

        let attestation = OracleAttestation {
            event_id: "test".to_string(),
            oracle_public_key: oracle_pubkey,
            signatures: vec![sig],
            outcomes: vec!["1".to_string()],
        };

        let validation = attestation.validate(SECP256K1, &valid_announcement);

        assert!(validation.is_ok())
    }

    #[test]
    fn invalid_attestation_incorrect_nonce() {
        let key_pair = Keypair::new(SECP256K1, &mut thread_rng());
        let oracle_pubkey = XOnlyPublicKey::from_keypair(&key_pair).0;
        let (_, nonce_xpub) = create_nonce_key();
        let (incorrect_nonce_secret, _) = create_nonce_key();

        let oracle_event = OracleEvent {
            event_id: "test".to_string(),
            event_maturity_epoch: 10,
            oracle_nonces: vec![nonce_xpub],
            event_descriptor: EventDescriptor::EnumEvent(enum_descriptor()),
        };

        let msg = tagged_announcement_msg(&oracle_event);
        let sig = SECP256K1.sign_schnorr(&msg, &key_pair);

        let valid_announcement = OracleAnnouncement {
            oracle_public_key: oracle_pubkey,
            announcement_signature: sig,
            oracle_event,
        };

        let msg = tagged_attestation_msg("1");
        let sig = ddk_dlc::secp_utils::schnorrsig_sign_with_nonce(
            SECP256K1,
            &msg,
            &key_pair,
            &incorrect_nonce_secret.secret_bytes(),
        );

        let attestation = OracleAttestation {
            event_id: "test".to_string(),
            oracle_public_key: oracle_pubkey,
            signatures: vec![sig],
            outcomes: vec!["1".to_string()],
        };

        let validation = attestation.validate(SECP256K1, &valid_announcement);

        assert!(validation.is_err())
    }
}