musig: Reject partial sig without generated secnonce #35419

pull nervana21 wants to merge 4 commits into bitcoin:master from nervana21:reject-partial-signing changing 4 files +52 −15
  1. nervana21 commented at 4:02 PM on May 30, 2026: contributor

    Summary

    • Replace MuSig2SecNonce::IsValid() with HasNonce(), set only after a successful CreateMuSig2Nonce and cleared by Invalidate().
    • Reject CreateMuSig2PartialSig when the secnonce was never generated, and guard the signing provider path in MutableTransactionSignatureCreator::CreateMuSig2PartialSig.
    • Document the intended signing API on MuSig2SecNonce and add a unit test.

    Previously IsValid() only checked that secure memory was allocated, not that nonce generation succeeded. A caller could reach partial signing with an uninitialized secnonce.

    Test plan

    • build/bin/test_bitcoin --run_test=bip328_tests
    • build/bin/test_bitcoin --run_test=psbt_tests (unchanged behavior, sanity)
    • Manual MuSig2 PSBT signing flow still works end-to-end
  2. musig: Track MuSig2SecNonce nonce generation with HasNonce
    HasNonce reflects successful CreateMuSig2Nonce, not merely allocated
secure memory. Set m_has_nonce on success and clear it in Invalidate.
Rename signing provider checks from IsValid.
    2c27913e54
  3. musig: Reject partial sig without generated nonce
    Return nullopt from CreateMuSig2PartialSig when HasNonce is false,
so signing cannot proceed before a successful CreateMuSig2Nonce.
    d085adc073
  4. test: Reject partial sig without generated secnonce fc178b9778
  5. doc: Document MuSig2SecNonce signing API and HasNonce 4fe9ae1621
  6. DrahtBot commented at 4:02 PM on May 30, 2026: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--006a51241073e994b41acfe9ec718e94-->

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/35419.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--5faf32d7da4f0f540f40219e4f7537a3-->

  7. nervana21 closed this on May 30, 2026
Contributors
nervana21DrahtBot
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-31 17:50 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me