Tool for generating sha256 initializiation with fixed midstate from BIP340 tagged hash #1653

issue theStack openend this issue on February 8, 2025
  1. theStack commented at 6:12 pm on February 8, 2025: contributor

    New secp256k1 modules often take use of BIP340 tagged hashes, with corresponding functions to initialize _sha256 objects with a fixed midstate for efficiency reasons. Right now there seems to be no standard way to create these functions, presumably every contributor does this in a slightly different way (I guess all ways involve cluttering the code with printf statements though). I was wondering if it’s worth it to provide a small tool for that, which could also be useful for reviewing.

    Proof-of-concept (not involving the build system yet): https://github.com/theStack/secp256k1/commit/009cac68a3bb571901636809183778bc70caf260

  2. real-or-random added the label meta/development on Feb 24, 2025
  3. real-or-random commented at 2:45 pm on February 24, 2025: contributor

    Last time I needed this, I used this Python library: https://github.com/cloudtools/sha256. I believe that’s a bit simpler than maintaining a C program (with build system integration, etc.)

    Of course, we could also add a small Python snippet that prints a BIP340 midstate explicitly.

  4. theStack commented at 4:35 pm on March 10, 2025: contributor

    Last time I needed this, I used this Python library: https://github.com/cloudtools/sha256. I believe that’s a bit simpler than maintaining a C program (with build system integration, etc.)

    Ah nice, bookmarked. :)

    Of course, we could also add a small Python snippet that prints a BIP340 midstate explicitly.

    That was my initial plan, but it seems that there is no way the access the internal state of the hashing class provided by hashlib, so we would have to reimplement sha256 (as done in the linked https://github.com/cloudtools/sha256), and it wouldn’t be a small snippet anymore. Closing, I agree it’s not worth it to maintain a C program either.

  5. theStack closed this on Mar 10, 2025

  6. real-or-random commented at 4:59 pm on March 10, 2025: contributor

    it seems that there is no way the access the internal state of the hashing class provided by hashlib, so we would have to reimplement sha256 (as done in the linked cloudtools/sha256), and it wouldn’t be a small snippet anymore.

    My thinking was that the script could depend on cloudtools/sha256. But ok, now that I think about it again, that may not be worth the hassle either. If someone needs a midstate, they can still use cloudtools/sha256.


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-04-04 17:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me