latest contributor to this doc

Last Edit: @gaeacodes ,

MuSig

Notice

The MuSig Module is an experimental feature. It is provided as a demonstration of Antara capabilities and of the MuSig concept. If you would like to use MuSig on a production-level Smart Chain, please reach out to the Komodo team on Discord.

The MuSig Antara Module implements a new type of multi-signature functionality. MuSig allows a blockchain to process multi-signature transactions in a more data-efficient manner. MuSig also keeps private the number of signers partaking in a multi-signature transaction.

This functionality is facilitated by MuSig's implementation of Schnorr Signature technology. Schnorr Signatures are unique in that each signature is 64 bytes in size, regardless of the number of signers in a transaction. Also, a multi-signature Schnorr Signature can be processed in one verification.

Schnorr Signatures differs from the existing multi-signature method (ECDSA), as the ECDSA method requires each signer of a transaction to be verified separately. Also, with the ECDSA method each set of signers must be collected into a final verification. The size of the ECDSA multi-signature transaction can vary according to the number of signers in the set, and this can disclose information that would otherwise remain private.

Therefore, Schnorr Signatures greatly reduce verification time and data-storage requirements, and enhance user privacy.

For further information, see this article. Also, the reader may refer to the comments in the following core komodod files, File 1 and File 2.

  • Create a combined pubkey using the combine method
    • From the response, take note of the combined_pk and pkhash values
  • Send coins to combined_pk using the send method
    • Decode the returned raw transaction using getrawtransaction
    • From the decoded raw transaction, take note of the sendtxid value
  • Calculate the message that needs to be signed using the calcmsg method
    • From the response, take note of msg
    • This msg needs to be signed by all participating pubkeys
  • On each node create a session using the session method
    • From the response on each node take note of the commitment value
    • Transfer each node's commitment value to each other node
    • Do not stop the komodod daemon on any node from this point forward
      • The komodod daemon stores the commitment value as a part of a global data structure
      • Should any komodod daemon be stopped, the MuSig workflow must be restarted from the beginning
    • Also, execute the sessions method only once on each node
  • On each node use the commit method
    • Transfer each node's nonce value to each other node
  • On each node use the nonce method
    • Transfer each node's partialsig value to each other node
  • On each node execute the partialsig method
    • Verify that the combinedsig value of each node is the same as each other node by transferring one combinedsig value on one node to all other nodes
  • On at least one node execute the verify method
    • Use the returned output to verify that the combinedsig value will be able to successfully execute the spend method for the desired msg
  • On one node execute the spend method and broadcast the returned raw transaction

The Antara Tutorials section features a full installation and walkthrough tutorial of the Musig module.

Link to Musig Module Tutorial

cclib calcmsg 18 '["sendtxid", "scriptPubKey"]'

The calcmsg method can be used by any one of the signers to initiate a spend transaction.

To calculate the msg value, this method requires a sendtxid and a scriptPubKey.

  • The sendtxid is the id of a transaction that added funds to the combined_pk through the send method.
  • The scriptPubKey expected here is of the type p2pk in hex form.

To create a scriptPubkey from a normal pubkey, add the characters 21 to the beginning of the pubkey string and the characters ac to the end of the string:

scriptPubkey = 21 + pubkey + ac

For example:

  • The pubkey is: 02f7597468703c1c5c8465dd6d43acaae697df9df30bed21494d193412a1ea193e
  • The associated scriptPubkey is: 2102f7597468703c1c5c8465dd6d43acaae697df9df30bed21494d193412a1ea193eac

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
sendtxid(string)the transaction id of the transaction created by the send method that was executed to fund the MuSig address; only the funds in the vout0 of the sendtxid are spent
scriptPubKey(string)a modified form of a pubkey; this is the pubkey that will receive the spent funds

NameTypeDescription
msg(string)the message that must be signed by all the signers for the final spend to succeed
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG  cclib calcmsg 18 '["09daa45cb6e17028f9568347291a993cbf29c152a527b53e9ac0925d4900c293","210225f1cbbda1a0c406bb8f6dc7a589d88b2f9e28cd4fdb3f59139f8aff1f5d270aac"]'

cclib combine 18 '[ "pubkey1", "pubkey2", .....]'

The combine method produces the combined pubkey ( combined_pk ) from all pubkeys provided.

Usage of this method depends upon the cclib method. The EVALCODE is 18.

NameTypeDescription
pubkey1, pubkey2, ....(string)the pubkeys of all the signers of the MuSig address

NameTypeDescription
pkhash(string)the 32-byte hash of the original public keys
combined_pk(string)the combined pubkey of all the signers
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib combine 18 '["0225f1cbbda1a0c406bb8f6dc7a589d88b2f9e28cd4fdb3f59139f8aff1f5d270a","02d3431950c2f0f9654217b6ce3d44468d3a9ca7255741767fdeee7c5ec6b47567"]'

cclib commit 18 '["pkhash", ind, "commitment"]'

The commit method produces a nonce for each set of index and commitment values provided.

The returned nonce must be shared with all corresponding nodes.

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
pkhash(string)the 32-byte hash of the original public keys
ind(decimal number)the index of the node, whose commitment is being added to the global data structure
commitment(string)the commitment value produced by the node with index ind

NameTypeDescription
added_index(decimal number)the index of the node whose commitment is added
myind(decimal number)the index of the node on which this method is executed
nonce(string)the nonce value produced by the node on which this method is executed
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib commit 18 '["8897e150bfb07d3f967ffadb4b0f3c84ea73a94c0d715c4b7e6d9c816c5113a9",1,"2854473733147ebdbf2fb70b956c8086c9d7659ca0093627fe0371098f8bc003"]'

cclib nonce 18 '["pkhash", ind, "nonce"]'

The nonce method produces a partialsig for each set of index and nonce value provided.

The returned partialsig must be shared with all corresponding nodes.

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
pkhash(string)the 32-byte hash of the original public keys
ind(decimal number)the index of the node, whose nonce is being added to the global data structure
nonce(string)the nonce value produced by the node with index ind

NameTypeDescription
added_index(decimal number)the index of the node whose nonce is added
myind(decimal number)the index of the node on which this method is executed
partialsig(string)the partialsig value produced by the node on which this method is executed
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib nonce 18 '["8897e150bfb07d3f967ffadb4b0f3c84ea73a94c0d715c4b7e6d9c816c5113a9",1,"02402fe26abd7ed2cf22d872a6b22ced4309aac8ec273b9c89e0f8f5b77f1574db"]'

cclib partialsig 18 '["pkhash", ind, "partialsig"]'

The partialsig method produces a combinedsig for each set of index and nonce values provided.

The returned combinedsig must be shared with all corresponding nodes.

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
pkhash(string)the 32-byte hash of the original public keys
ind(decimal number)the index of the node, whose partialsig is now added to the global data structure
partialsig(string)the partialsig value produced by the node with index ind

NameTypeDescription
added_index(decimal number)the index of the node whose partialsig is added
myind(decimal number)the index of the node on which this method is executed
combinedsig(string)the combinedsig value produced by the node on which this method is executed
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib partialsig 18 '["8897e150bfb07d3f967ffadb4b0f3c84ea73a94c0d715c4b7e6d9c816c5113a9",1,"9e964dfd402f973ea1e9407e19918b1c3897ff6544d60dcdb19cfb0e5bc4c0c1"]'

cclib send 18 '["combined_pk", amount]'

The send method allows any node on the network to fund the combined_pk with the specified amount .

The returned transaction id is called the sendtxid. It is used as a parameter for the methods calcmsg and spend.

Usage of this method depends upon the cclib method. The EVALCODE is 18.

NameTypeDescription
combined_pk(string)the combined pubkey of all the signers
amount(number)the amount of coins to be sent to the combined_pk

NameTypeDescription
hex(string)the send_transaction in raw-transaction format, provided in hexadecimal
txid(string)the transaction id of the send transaction
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG  cclib send 18 '["03d31479e789014a96ba6dd60d50210045aa8292fe693f293d44615929f04cf57a",1]'

cclib session 18 '["myindex", "numsigners", "combined_pk", "pkhash", "msg"]'

The session method creates a global data structure on each node on which the method is executed. The method also adds a commitment to sign the msg message provided.

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
myindex(decimal number)the index of the node that is running this method; each node must be assigned a unique index from the set: {0,1,2,3, ... , (numsigners - 1)}
numsigners(decimal number)the total number of signers participating
combined_pk(string)the combined pubkey of all the signers
pkhash(string)the 32-byte hash of the original public keys
msg(string)the message that needs to be signed by all the signers for the final spend to succeed

NameTypeDescription
myind(decimal number)the index of the node on which this method is executed
numsigners(decimal number)the total number of signers participating
commitment(string)the commitment value produced by the node for this msg and session
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib session 18 '[0,2,"03d31479e789014a96ba6dd60d50210045aa8292fe693f293d44615929f04cf57a","8897e150bfb07d3f967ffadb4b0f3c84ea73a94c0d715c4b7e6d9c816c5113a9","3ef43614242afd3c57e02a75a3bc99342fea7c731f6190b791c0f99826789603"]'

cclib spend 18 '["sendtxid", "combinedsig", "scriptPubKey"]'

The spend method spends coins to the indicated scriptPubKey.

The scriptPubKey expected here is of the type p2pk in hex form.

To create a scriptPubkey from a normal pubkey, add the characters 21 to the beginning of the pubkey string and the characters ac to the end of the string:

scriptPubkey = 21 + pubkey + ac

For example:

  • The pubkey is: 02f7597468703c1c5c8465dd6d43acaae697df9df30bed21494d193412a1ea193e
  • The associated scriptPubkey is: 2102f7597468703c1c5c8465dd6d43acaae697df9df30bed21494d193412a1ea193eac

The method generates a raw transaction which must then be broadcast using sendrawtransaction.

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
sendtxid(string)the transaction id of the transaction created by the send method used to fund the MuSig address; only the funds in the vout0 of the sendtxid are spent
combinedsig(string)the combined signature produced by all the signers
scriptPubKey(string)a modified form of a pubkey to which funds are to be spent

NameTypeDescription
msg(string)the message that needs to be signed by all the signers for the final spend to succeed
combined_pk(string)the combined pubkey of all the signers
combinedsig(string)the combined signature produced by all the signers
hex(string)the spend transaction in raw-transaction format, provided in hexadecimal
txid(string)the transaction id of the spend transaction
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib spend 18 '["09daa45cb6e17028f9568347291a993cbf29c152a527b53e9ac0925d4900c293","210225f1cbbda1a0c406bb8f6dc7a589d88b2f9e28cd4fdb3f59139f8aff1f5d270aac","4b3a9b2b162802bc6c2cca2d22e70ab1cf738a9d4f5692f4f881d0cce0319c137b27889bb562602c94e163729c4168120a4ab41a8e936909e832e6af09e758f2"]'

cclib verify 18 '["msg", "combined_pk", "combinedsig"]'

The verify method verifies that the combinedsig is able to spend the funds owned by combined_pk. The funds in question are those which were referenced in the creation of the msg value.

Usage of this method depends on the cclib method. The EVALCODE is 18.

NameTypeDescription
msg(string)the message that needs to be signed by all the signers for the final spend to succeed
combined_pk(string)the combined pubkey of all the signers
combinedsig(string)the combinedsig value produced by the node on which this method is executed

NameTypeDescription
msg(string)the message that needs to be signed by all the signers for the final spend to succeed
combinedsig(string)the combinedsig value produced by the node on which this method is executed
combined_pk(string)the combined pubkey of all the signers
result(string)whether the call executed successfully

Command:

./komodo-cli -ac_name=MUSIG cclib verify 18 '["3ef43614242afd3c57e02a75a3bc99342fea7c731f6190b791c0f99826789603","03d31479e789014a96ba6dd60d50210045aa8292fe693f293d44615929f04cf57a","4b3a9b2b162802bc6c2cca2d22e70ab1cf738a9d4f5692f4f881d0cce0319c137b27889bb562602c94e163729c4168120a4ab41a8e936909e832e6af09e758f2"]'