Publish 2-Party chaincode protocol specification

[oleiba]

We need a specification of the protocol to better support binding tools, i.e., libs-core-bindings.

[omershlo]

chain code is the result of a ECDH key exchange:

• input: each party choose random number a,b
• output: abG where G is the EC generator

is this what you meant ?

[Wahahahahahahahahahaha]

hi,
What's the difference between abG and public key Q?

[Wahahahahahahahahahaha]

And,
In the 2P-algorithm of the whilt paper, there is a symbol that its meaning was not explained. Please confirm it.

[omershlo]

If I understand you correctly, Q and abG are the same.

What symbol do you refer to?

[Wahahahahahahahahahaha]

I dont't think so. Because abG is chain code that is used for all key derivations. So the chain code abG cann't be opened. However the pubilc key Q can be opened that is used for Verifying the signature of the transaction. And what do you think about it ? Thanks

[Wahahahahahahahahahaha]

If the chain code abG is opened everyone could deduce all keys. Then assets eof blockchain's wallets is unsafe.

[Wahahahahahahahahahaha]

I will tell you the symbol I refer to because formulas cannot be edited on Git

[omershlo]

right right, sorry for misleading you.
Q the public key and cc= abG have the same structure but different meaning.
cc is computed using diffie helman key exchange and we don't really care about the a and b, cc is used for key generation, known to both parties and even if it goes public an attacker will only be able to derive public keys and not compromise the secret keys.
Q is a specific public key that in our case is the result of multiplicative secret sharing

[Wahahahahahahahahahaha]

Yes Yes, Just now,I have carefully understood the 2p-HD algorithm again, and found that abG is used to derive the other public key of wallet, so even if the abG is exposed, the algorithm is still safe. Sorry I have a another question that's what's the relationship between vector of indices and i? Could you explain how vector is denoted by i? Thanks!

[omershlo]

no problem.
Can you be more specific about your question please?
what vector of indices are you referring to? maybe put a link to the code?