fix: do not serialize-deserialize secret for p2pk signature check (#398)

2025-12-20 10:34:20 +01:00 · 2024-01-25 20:56:41 +01:00
parent b307c4db79
commit 7b5192c27a
3 changed files with 6 additions and 6 deletions
--- a/cashu/core/p2pk.py
+++ b/cashu/core/p2pk.py
@@ -68,16 +68,16 @@ class P2PKSecret(Secret):
        return int(n_sigs) if n_sigs else None


-def sign_p2pk_sign(message: bytes, private_key: PrivateKey):
+def sign_p2pk_sign(message: bytes, private_key: PrivateKey) -> bytes:
    # ecdsa version
    # signature = private_key.ecdsa_serialize(private_key.ecdsa_sign(message))
    signature = private_key.schnorr_sign(
        hashlib.sha256(message).digest(), None, raw=True
    )
-    return signature.hex()
+    return signature


-def verify_p2pk_signature(message: bytes, pubkey: PublicKey, signature: bytes):
+def verify_p2pk_signature(message: bytes, pubkey: PublicKey, signature: bytes) -> bool:
    # ecdsa version
    # return pubkey.ecdsa_verify(message, pubkey.ecdsa_deserialize(signature))
    return pubkey.schnorr_verify(
--- a/cashu/mint/conditions.py
+++ b/cashu/mint/conditions.py
@@ -83,7 +83,7 @@ class LedgerSpendingConditions:
                logger.trace(f"verifying signature {input_sig} by pubkey {pubkey}.")
                logger.trace(f"Message: {p2pk_secret.serialize().encode('utf-8')}")
                if verify_p2pk_signature(
-                    message=p2pk_secret.serialize().encode("utf-8"),
+                    message=proof.secret.encode("utf-8"),
                    pubkey=PublicKey(bytes.fromhex(pubkey), raw=True),
                    signature=bytes.fromhex(input_sig),
                ):
--- a/cashu/wallet/p2pk.py
+++ b/cashu/wallet/p2pk.py
@@ -79,7 +79,7 @@ class WalletP2PK(SupportsPrivateKey, SupportsDb):
            sign_p2pk_sign(
                message=proof.secret.encode("utf-8"),
                private_key=private_key,
-            )
+            ).hex()
            for proof in proofs
        ]
        logger.debug(f"Signatures: {signatures}")
@@ -95,7 +95,7 @@ class WalletP2PK(SupportsPrivateKey, SupportsDb):
            sign_p2pk_sign(
                message=output.B_.encode("utf-8"),
                private_key=private_key,
-            )
+            ).hex()
            for output in outputs
        ]