Revert "extend and refactor nut11 sig_all message aggregation (#804)" (#810)

This reverts commit 7000e5c7ee.
2025-12-19 10:04:19 +01:00 · 2025-10-28 11:42:21 +01:00
parent 7000e5c7ee
commit 184f8ba6ca
7 changed files with 18 additions and 69 deletions
--- a/cashu/core/nuts/nut11.py
+++ b/cashu/core/nuts/nut11.py
@@ -1,18 +0,0 @@
-from typing import List
-
-from ..base import BlindedMessage, Proof
-
-
-def sigall_message_to_sign(proofs: List[Proof], outputs: List[BlindedMessage]) -> str:
-    """
-    Creates the message to sign for sigall spending conditions.
-    The message is a concatenation of all proof secrets and signatures + all output attributes (amount, id, B_).
-    """
-
-    # Concatenate all proof secrets
-    message = "".join([p.secret + p.C for p in proofs])
-
-    # Concatenate all output attributes
-    message += "".join([str(o.amount) + o.id + o.B_ for o in outputs])
-
-    return message
--- a/cashu/mint/conditions.py
+++ b/cashu/mint/conditions.py
@@ -9,7 +9,7 @@ from ..core.errors import (
    TransactionError,
 )
 from ..core.htlc import HTLCSecret
-from ..core.nuts import nut11, nut14
+from ..core.nuts.nut14 import verify_htlc_spending_conditions
 from ..core.p2pk import (
    P2PKSecret,
    SigFlags,
@@ -163,7 +163,7 @@ class LedgerSpendingConditions:
        # HTLC
        if SecretKind(secret.kind) == SecretKind.HTLC:
            htlc_secret = HTLCSecret.from_secret(secret)
-            nut14.verify_htlc_spending_conditions(proof)
+            verify_htlc_spending_conditions(proof)
            return self._verify_p2pk_sig_inputs(proof, htlc_secret)

        # no spending condition present
@@ -285,8 +285,8 @@ class LedgerSpendingConditions:
        if not pubkeys:
            return True

-        message_to_sign = message_to_sign or nut11.sigall_message_to_sign(
-            proofs, outputs
+        message_to_sign = message_to_sign or "".join(
+            [p.secret for p in proofs] + [o.B_ for o in outputs]
        )

        # validation
--- a/cashu/mint/ledger.py
+++ b/cashu/mint/ledger.py
@@ -45,7 +45,6 @@ from ..core.models import (
    PostMeltQuoteResponse,
    PostMintQuoteRequest,
 )
-from ..core.nuts import nut11
 from ..core.settings import settings
 from ..core.split import amount_split
 from ..lightning.base import (
@@ -887,7 +886,9 @@ class Ledger(
                )

        # verify SIG_ALL signatures
-        message_to_sign = nut11.sigall_message_to_sign(proofs, outputs or []) + quote
+        message_to_sign = (
+            "".join([p.secret for p in proofs] + [o.B_ for o in outputs or []]) + quote
+        )
        self._verify_sigall_spending_conditions(proofs, outputs or [], message_to_sign)

        # verify that the amount of the input proofs is equal to the amount of the quote
--- a/cashu/wallet/p2pk.py
+++ b/cashu/wallet/p2pk.py
@@ -3,6 +3,8 @@ from typing import List, Optional

 from loguru import logger

+from cashu.core.htlc import HTLCSecret
+
 from ..core.base import (
    BlindedMessage,
    HTLCWitness,
@@ -11,8 +13,6 @@ from ..core.base import (
 )
 from ..core.crypto.secp import PrivateKey
 from ..core.db import Database
-from ..core.htlc import HTLCSecret
-from ..core.nuts import nut11
 from ..core.p2pk import (
    P2PKSecret,
    SigFlags,
@@ -157,8 +157,8 @@ class WalletP2PK(SupportsPrivateKey, SupportsDb):
            secrets = set([Secret.deserialize(p.secret) for p in proofs])
            if not len(secrets) == 1:
                raise Exception("Secrets not identical")
-            message_to_sign = message_to_sign or nut11.sigall_message_to_sign(
-                proofs, outputs
+            message_to_sign = message_to_sign or "".join(
+                [p.secret for p in proofs] + [o.B_ for o in outputs]
            )
            signature = self.schnorr_sign_message(message_to_sign)
            # add witness to only the first proof
@@ -195,7 +195,9 @@ class WalletP2PK(SupportsPrivateKey, SupportsDb):
    ) -> List[Proof]:
        # sign proofs if they are P2PK SIG_INPUTS
        proofs = self.add_witnesses_sig_inputs(proofs)
-        message_to_sign = nut11.sigall_message_to_sign(proofs, outputs) + quote_id
+        message_to_sign = (
+            "".join([p.secret for p in proofs] + [o.B_ for o in outputs]) + quote_id
+        )
        # sign first proof if swap is SIG_ALL
        return self.add_witness_swap_sig_all(proofs, outputs, message_to_sign)

--- a/tests/mint/test_mint_p2pk.py
+++ b/tests/mint/test_mint_p2pk.py
@@ -2,7 +2,6 @@ import pytest
 import pytest_asyncio

 from cashu.core.base import P2PKWitness
-from cashu.core.nuts import nut11
 from cashu.mint.ledger import Ledger
 from cashu.wallet.wallet import Wallet as Wallet1
 from tests.conftest import SERVER_ENDPOINT
@@ -193,7 +192,7 @@ async def test_ledger_verify_sigall_validation(wallet1: Wallet1, ledger: Ledger)
    outputs, rs = wallet1._construct_outputs(output_amounts, secrets, rs)

    # Create the message to sign (all inputs + all outputs)
-    message_to_sign = nut11.sigall_message_to_sign(send_proofs, outputs)
+    message_to_sign = "".join([p.secret for p in send_proofs] + [o.B_ for o in outputs])

    # Sign the message with the wallet's private key
    signature = wallet1.schnorr_sign_message(message_to_sign)
--- a/tests/mint/test_mint_p2pk_comprehensive.py
+++ b/tests/mint/test_mint_p2pk_comprehensive.py
@@ -7,7 +7,6 @@ import pytest_asyncio

 from cashu.core.base import BlindedMessage, P2PKWitness
 from cashu.core.migrations import migrate_databases
-from cashu.core.nuts import nut11
 from cashu.core.p2pk import P2PKSecret, SigFlags
 from cashu.core.secret import Secret, SecretKind, Tags
 from cashu.mint.ledger import Ledger
@@ -109,39 +108,6 @@ async def test_p2pk_sig_inputs_basic(wallet1: Wallet, wallet2: Wallet, ledger: L
    assert len(promises) == len(outputs)


-@pytest.mark.asyncio
-async def test_p2pk_sig_all_message_aggregation(
-    wallet1: Wallet, wallet2: Wallet, ledger: Ledger
-):
-    # Mint tokens to wallet1
-    mint_quote = await wallet1.request_mint(64)
-    await pay_if_regtest(mint_quote.request)
-    await wallet1.mint(64, quote_id=mint_quote.quote)
-
-    # Create locked tokens with SIG_ALL
-    pubkey_wallet2 = await wallet2.create_p2pk_pubkey()
-    secret_lock = await wallet1.create_p2pk_lock(pubkey_wallet2, sig_all=True)
-    _, send_proofs = await wallet1.swap_to_send(
-        wallet1.proofs, 16, secret_lock=secret_lock
-    )
-
-    # Verify that sent tokens have P2PK secrets with SIG_ALL flag
-    for proof in send_proofs:
-        p2pk_secret = Secret.deserialize(proof.secret)
-        assert p2pk_secret.kind == SecretKind.P2PK.value
-        assert P2PKSecret.from_secret(p2pk_secret).sigflag == SigFlags.SIG_ALL
-
-    # Create outputs for redemption
-    outputs = await create_test_outputs(wallet2, 16)
-
-    message_to_sign_expected = "".join(
-        [p.secret + p.C for p in send_proofs]
-        + [str(o.amount) + o.id + o.B_ for o in outputs]
-    )
-    message_to_sign_actual = nut11.sigall_message_to_sign(send_proofs, outputs)
-    assert message_to_sign_actual == message_to_sign_expected
-
-
@pytest.mark.asyncio
 async def test_p2pk_sig_all_valid(wallet1: Wallet, wallet2: Wallet, ledger: Ledger):
    """Test P2PK with SIG_ALL where the signature covers both inputs and outputs."""
@@ -167,7 +133,7 @@ async def test_p2pk_sig_all_valid(wallet1: Wallet, wallet2: Wallet, ledger: Ledg
    outputs = await create_test_outputs(wallet2, 16)

    # Create a message from concatenated inputs and outputs
-    message_to_sign = nut11.sigall_message_to_sign(send_proofs, outputs)
+    message_to_sign = "".join([p.secret for p in send_proofs] + [o.B_ for o in outputs])

    # Sign with wallet2's private key
    signature = wallet2.schnorr_sign_message(message_to_sign)
@@ -645,7 +611,7 @@ async def test_p2pk_sig_all_with_multiple_pubkeys(
    outputs = await create_test_outputs(wallet1, 16)

    # Create message to sign (all inputs + all outputs)
-    message_to_sign = nut11.sigall_message_to_sign(send_proofs, outputs)
+    message_to_sign = "".join([p.secret for p in send_proofs] + [o.B_ for o in outputs])

    # Sign with wallet1's key
    signature1 = wallet1.schnorr_sign_message(message_to_sign)
--- a/tests/wallet/test_wallet_p2pk_methods.py
+++ b/tests/wallet/test_wallet_p2pk_methods.py
@@ -8,7 +8,6 @@ import pytest_asyncio
 from cashu.core.base import P2PKWitness
 from cashu.core.crypto.secp import PrivateKey
 from cashu.core.migrations import migrate_databases
-from cashu.core.nuts import nut11
 from cashu.core.p2pk import P2PKSecret, SigFlags
 from cashu.core.secret import SecretKind, Tags
 from cashu.wallet import migrations
@@ -200,7 +199,7 @@ async def test_add_witness_swap_sig_all(wallet1: Wallet):
    assert len(witness.signatures) == 1

    # Verify the signature includes both inputs and outputs
-    message_to_sign = nut11.sigall_message_to_sign(proofs, outputs)
+    message_to_sign = "".join([p.secret for p in proofs] + [o.B_ for o in outputs])
    signature = wallet1.schnorr_sign_message(message_to_sign)
    assert witness.signatures[0] == signature