Struct musig2::SecondRound
source · pub struct SecondRound<M: AsRef<[u8]>> { /* private fields */ }
Expand description
A state machine to manage second round of a MuSig2 signing session.
This round handles collecting partial signatures one by one. Once all signers have provided a signature, it can be finalized into an aggregated Schnorr signature valid for the group’s aggregated key.
Implementations§
source§impl<M: AsRef<[u8]>> SecondRound<M>
impl<M: AsRef<[u8]>> SecondRound<M>
sourcepub fn aggregated_nonce(&self) -> &AggNonce
pub fn aggregated_nonce(&self) -> &AggNonce
Returns the aggregated nonce built from the nonces provided in the first round. Signers who find themselves in an aggregator role can distribute this aggregated nonce to other signers to that they can produce an aggregated signature without 1:1 communication between every pair of signers.
sourcepub fn our_signature<T: From<PartialSignature>>(&self) -> T
pub fn our_signature<T: From<PartialSignature>>(&self) -> T
Returns the partial signature created during finalization of the first round.
sourcepub fn holdouts(&self) -> &[usize]
pub fn holdouts(&self) -> &[usize]
Returns a slice of all signer indexes from whom we have yet to receive a
PartialSignature
. Note that since our signature was constructed
at the end of the first round, this slice will never contain the signer
index provided to FirstRound::new
.
sourcepub fn receive_signature(
&mut self,
signer_index: usize,
partial_signature: impl Into<PartialSignature>
) -> Result<(), RoundContributionError>
pub fn receive_signature( &mut self, signer_index: usize, partial_signature: impl Into<PartialSignature> ) -> Result<(), RoundContributionError>
Adds a PartialSignature
to the internal state, registering it to a specific
signer at a given index. Returns an error if the signature is not valid, or if
the given signer index is out of range, or if we already have a different partial
signature on-file for that signer.
sourcepub fn is_complete(&self) -> bool
pub fn is_complete(&self) -> bool
Returns true once we have all partial signatures from the group.
sourcepub fn finalize<T>(self) -> Result<T, RoundFinalizeError>where
T: From<LiftedSignature>,
pub fn finalize<T>(self) -> Result<T, RoundFinalizeError>where
T: From<LiftedSignature>,
Finishes the second round once all partial signatures are received,
combining signatures into an aggregated signature on the message
given to FirstRound::finalize
.
This method should only be invoked once is_complete
returns true, otherwise it will fail. Can also return an error if partial
signature aggregation fails, but if receive_signature
didn’t complain, then finalizing will succeed with overwhelming probability.
If the FirstRound
was finalized with FirstRound::finalize_adaptor
, then
the second round must also be finalized with SecondRound::finalize_adaptor
,
otherwise this method will return RoundFinalizeError::InvalidAggregatedSignature
.
sourcepub fn finalize_adaptor<T>(self) -> Result<AdaptorSignature, RoundFinalizeError>
pub fn finalize_adaptor<T>(self) -> Result<AdaptorSignature, RoundFinalizeError>
Finishes the second round once all partial adaptor signatures are received,
combining signatures into an aggregated adaptor signature on the message
given to FirstRound::finalize
.
To make this signature valid, it must then be adapted with the discrete log
of the adaptor point given to FirstRound::finalize
.
This method should only be invoked once is_complete
returns true, otherwise it will fail. Can also return an error if partial
signature aggregation fails, but if receive_signature
didn’t complain, then finalizing will succeed with overwhelming probability.
If this signing session did not use adaptor signatures, the signature returned by
this method will be a valid signature which can be adapted with MaybeScalar::Zero
.