* initial commit
* fix formatting
* add importing section
* clarify csv preference
* tabs to spaces
* add rationale and references, require that rfc4180 is followed
* fix reference links
* show reference links as list
* use self describing json lines format instead of csv
* add bip number and accommodate 65 byte pubkeys
* fix comments uri
Includes:
* Simpler (but equivalent) ElligatorSwift encoding function & spec
* Improved test vectors
* Test vector generation code
* Code for converting test vectors for libsecp256k1 code.
* Code for running test vectors against SwiftEC paper authors' code.
* Miscellaneous reference code improvements (style, comments).
In contrast to taproot_output_script, taproot_sign_key was not able to deal with
a script_tree that is None. This commit fixes taproot_sign_key such that it can
sign for such outputs.
This commit avoids changing the behavior of the functions except
taproot_sign_key at the cost of having some code duplication. Alternatively, one
could let taproot_tree_helper deal with a None script_tree directly.
`lift_x` returns `None` if the input integer is not an X coordinate on the curve
to indicate failure. `point_add`, on the other hand, interprets `None` as the
point at infinity. Therefore, without this commit, if the internal `pubkey` is
not a valid X coordinate, the function will not fail, which contradicts the
specification in the "Script validation rules section". Instead, it sets `Q` to
`t*G`.
The reconciliation protocol assumes using one role consistently. Since
it is irrelevant which one is which, we can imply that the initiator of
the P2P connection will assume the role of reconciliation initiator.
This protocol simplification will seep into the implementation.
bip-0340.mediawiki defines lift_x as taking an integer argument. This commit
changes the argument of lift_x in the reference code to be identical to the
specification. Previously it took a byte array.
