extend and refactor nut11 sig_all message aggregation (#804)

tests/mint/test_mint_p2pk.py

@@ -2,6 +2,7 @@ import pytest
 import pytest_asyncio
 
 from cashu.core.base import P2PKWitness
+from cashu.core.nuts import nut11
 from cashu.mint.ledger import Ledger
 from cashu.wallet.wallet import Wallet as Wallet1
 from tests.conftest import SERVER_ENDPOINT
@@ -192,7 +193,7 @@ async def test_ledger_verify_sigall_validation(wallet1: Wallet1, ledger: Ledger)
     outputs, rs = wallet1._construct_outputs(output_amounts, secrets, rs)
 
     # Create the message to sign (all inputs + all outputs)
-    message_to_sign = "".join([p.secret for p in send_proofs] + [o.B_ for o in outputs])
+    message_to_sign = nut11.sigall_message_to_sign(send_proofs, outputs)
 
     # Sign the message with the wallet's private key
     signature = wallet1.schnorr_sign_message(message_to_sign)

tests/mint/test_mint_p2pk_comprehensive.py

@@ -7,6 +7,7 @@ import pytest_asyncio
 
 from cashu.core.base import BlindedMessage, P2PKWitness
 from cashu.core.migrations import migrate_databases
+from cashu.core.nuts import nut11
 from cashu.core.p2pk import P2PKSecret, SigFlags
 from cashu.core.secret import Secret, SecretKind, Tags
 from cashu.mint.ledger import Ledger
@@ -108,6 +109,39 @@ async def test_p2pk_sig_inputs_basic(wallet1: Wallet, wallet2: Wallet, ledger: L
     assert len(promises) == len(outputs)
 
 
+@pytest.mark.asyncio
+async def test_p2pk_sig_all_message_aggregation(
+    wallet1: Wallet, wallet2: Wallet, ledger: Ledger
+):
+    # Mint tokens to wallet1
+    mint_quote = await wallet1.request_mint(64)
+    await pay_if_regtest(mint_quote.request)
+    await wallet1.mint(64, quote_id=mint_quote.quote)
+
+    # Create locked tokens with SIG_ALL
+    pubkey_wallet2 = await wallet2.create_p2pk_pubkey()
+    secret_lock = await wallet1.create_p2pk_lock(pubkey_wallet2, sig_all=True)
+    _, send_proofs = await wallet1.swap_to_send(
+        wallet1.proofs, 16, secret_lock=secret_lock
+    )
+
+    # Verify that sent tokens have P2PK secrets with SIG_ALL flag
+    for proof in send_proofs:
+        p2pk_secret = Secret.deserialize(proof.secret)
+        assert p2pk_secret.kind == SecretKind.P2PK.value
+        assert P2PKSecret.from_secret(p2pk_secret).sigflag == SigFlags.SIG_ALL
+
+    # Create outputs for redemption
+    outputs = await create_test_outputs(wallet2, 16)
+
+    message_to_sign_expected = "".join(
+        [p.secret + p.C for p in send_proofs]
+        + [str(o.amount) + o.id + o.B_ for o in outputs]
+    )
+    message_to_sign_actual = nut11.sigall_message_to_sign(send_proofs, outputs)
+    assert message_to_sign_actual == message_to_sign_expected
+
+
 @pytest.mark.asyncio
 async def test_p2pk_sig_all_valid(wallet1: Wallet, wallet2: Wallet, ledger: Ledger):
     """Test P2PK with SIG_ALL where the signature covers both inputs and outputs."""
@@ -133,7 +167,7 @@ async def test_p2pk_sig_all_valid(wallet1: Wallet, wallet2: Wallet, ledger: Ledg
     outputs = await create_test_outputs(wallet2, 16)
 
     # Create a message from concatenated inputs and outputs
-    message_to_sign = "".join([p.secret for p in send_proofs] + [o.B_ for o in outputs])
+    message_to_sign = nut11.sigall_message_to_sign(send_proofs, outputs)
 
     # Sign with wallet2's private key
     signature = wallet2.schnorr_sign_message(message_to_sign)
@@ -611,7 +645,7 @@ async def test_p2pk_sig_all_with_multiple_pubkeys(
     outputs = await create_test_outputs(wallet1, 16)
 
     # Create message to sign (all inputs + all outputs)
-    message_to_sign = "".join([p.secret for p in send_proofs] + [o.B_ for o in outputs])
+    message_to_sign = nut11.sigall_message_to_sign(send_proofs, outputs)
 
     # Sign with wallet1's key
     signature1 = wallet1.schnorr_sign_message(message_to_sign)

tests/wallet/test_wallet_p2pk_methods.py

@@ -8,6 +8,7 @@ import pytest_asyncio
 from cashu.core.base import P2PKWitness
 from cashu.core.crypto.secp import PrivateKey
 from cashu.core.migrations import migrate_databases
+from cashu.core.nuts import nut11
 from cashu.core.p2pk import P2PKSecret, SigFlags
 from cashu.core.secret import SecretKind, Tags
 from cashu.wallet import migrations
@@ -199,7 +200,7 @@ async def test_add_witness_swap_sig_all(wallet1: Wallet):
     assert len(witness.signatures) == 1
 
     # Verify the signature includes both inputs and outputs
-    message_to_sign = "".join([p.secret for p in proofs] + [o.B_ for o in outputs])
+    message_to_sign = nut11.sigall_message_to_sign(proofs, outputs)
     signature = wallet1.schnorr_sign_message(message_to_sign)
     assert witness.signatures[0] == signature