Struct schnorrkel::context::SigningTranscriptWithRng
source · pub struct SigningTranscriptWithRng<T, R>where
T: SigningTranscript,
R: RngCore + CryptoRng,{ /* private fields */ }
Expand description
Schnorr signing transcript with the default ThreadRng
replaced
by an arbitrary CryptoRng
.
If ThreadRng
breaks on your platform, or merely if your paranoid,
then you might “upgrade” from ThreadRng
to OsRng
by using calls
like keypair.sign( attach_rng(t,OSRng::new()) )
.
We recommend instead simply fixing ThreadRng
for your platform
however.
There are also derandomization tricks like
attach_rng(t,ChaChaRng::from_seed([0u8; 32]))
for deterministic signing in tests too. Although derandomization
produces secure signatures, we recommend against doing this in
production because we implement protocols like multi-signatures
which likely become vulnerabile when derandomized.
Trait Implementations§
source§impl<T, R> SigningTranscript for SigningTranscriptWithRng<T, R>where
T: SigningTranscript,
R: RngCore + CryptoRng,
impl<T, R> SigningTranscript for SigningTranscriptWithRng<T, R>where
T: SigningTranscript,
R: RngCore + CryptoRng,
source§fn commit_bytes(&mut self, label: &'static [u8], bytes: &[u8])
fn commit_bytes(&mut self, label: &'static [u8], bytes: &[u8])
Extend transcript with some bytes, shadowed by
merlin::Transcript
.source§fn challenge_bytes(&mut self, label: &'static [u8], dest: &mut [u8])
fn challenge_bytes(&mut self, label: &'static [u8], dest: &mut [u8])
Produce some challenge bytes, shadowed by
merlin::Transcript
.source§fn witness_bytes(
&self,
label: &'static [u8],
dest: &mut [u8],
nonce_seeds: &[&[u8]]
)
fn witness_bytes(
&self,
label: &'static [u8],
dest: &mut [u8],
nonce_seeds: &[&[u8]]
)
Produce secret witness bytes from the protocol transcript
and any “nonce seeds” kept with the secret keys. Read more
source§fn witness_bytes_rng<RR>(
&self,
label: &'static [u8],
dest: &mut [u8],
nonce_seeds: &[&[u8]],
rng: RR
)where
RR: RngCore + CryptoRng,
fn witness_bytes_rng<RR>(
&self,
label: &'static [u8],
dest: &mut [u8],
nonce_seeds: &[&[u8]],
rng: RR
)where
RR: RngCore + CryptoRng,
Produce secret witness bytes from the protocol transcript
and any “nonce seeds” kept with the secret keys. Read more
source§fn proto_name(&mut self, label: &'static [u8])
fn proto_name(&mut self, label: &'static [u8])
Extend transcript with a protocol name
source§fn commit_point(&mut self, label: &'static [u8], compressed: &CompressedRistretto)
fn commit_point(&mut self, label: &'static [u8], compressed: &CompressedRistretto)
Extend the transcript with a compressed Ristretto point
source§fn challenge_scalar(&mut self, label: &'static [u8]) -> Scalar
fn challenge_scalar(&mut self, label: &'static [u8]) -> Scalar
Produce the public challenge scalar
e
.