Change param IDs to 48 - 59, change leaf response to 3 bytes

Those changes make our SPHINCS+ quantum resistant lock compatible with a
multisig design for any possible digital signature algorithms.

Author: xxuejie

contracts/c-sphincs-all-in-one-lock/Makefile

@@ -110,7 +110,7 @@ $(CUR_BUILD)/leaf.complete: $(DETECTING_SOURCES) $(HEADERS) ckb-sphincsplus-leaf
 	@set -eu; \
 	param_ids=$$(cat $(CUR_BUILD)/params.txt | cut -d" " -f1); \
 	for param_id in $${param_ids}; do \
-		param=$$(head -n $${param_id} $(CUR_BUILD)/params.txt | tail -1 | cut -d" " -f2); \
+		param=$$(grep ^$${param_id} $(CUR_BUILD)/params.txt | head -1 | cut -d" " -f2); \
 		if echo "$${param}" | grep "shake" - > /dev/null; then \
 			srcs="$(COMPILING_COMMON_SOURCES) $(COMPILING_SHAKE_SOURCES)"; \
 		elif echo "$${param}" | grep "sha2" - > /dev/null; then \
@@ -138,7 +138,7 @@ $(CUR_BUILD)/aggregated-params.h: tools/extract-sphincs-params.c $(HEADERS) $(CU
 	@set -eu; \
 	param_ids=$$(cat $(CUR_BUILD)/params.txt | cut -d" " -f1); \
 	for param_id in $${param_ids}; do \
-		param=$$(head -n $${param_id} $(CUR_BUILD)/params.txt | tail -1 | cut -d" " -f2); \
+		param=$$(grep ^$${param_id} $(CUR_BUILD)/params.txt | head -1 | cut -d" " -f2); \
 		set -x; \
 		$(CLANG) -g -O3 $< -o $(CUR_BUILD)/extract-params_$${param} \
 			-DPARAMS_ID=$${param_id} -DPARAMS=$${param} \

contracts/c-sphincs-all-in-one-lock/ckb-sphincsplus-common.h

@@ -11,8 +11,12 @@
 #define SCRIPT_SIZE ONE_BATCH_SIZE
 
 #define MULTISIG_RESERVED_FIELD_VALUE 0x80
-#define MULTISIG_PARAMS_ID_MASK 0x7F
-#define MULTISIG_SIG_MASK (1 << 7)
+#define MULTISIG_HAS_SIGNATURE(flag) ((flag & 1) != 0)
+#define MULTISIG_SIGN_FLAG(flag) (flag & 0xFE)
+#define MULTISIG_FLAG_TO_PARAM_ID(flag) (flag >> 1)
+#define MULTISIG_PARAM_ID_TO_INDEX(id) (id - CKB_SPHINCS_MIN_PARAM_ID)
+#define MULTISIG_FLAG_TO_PARAM_INDEX(flag) \
+  MULTISIG_PARAM_ID_TO_INDEX(MULTISIG_FLAG_TO_PARAM_ID(flag))
 
 #ifndef MOL2_EXIT
 #define MOL2_EXIT ckb_exit

contracts/c-sphincs-all-in-one-lock/ckb-sphincsplus-leaf-lock.c

@@ -41,13 +41,13 @@ int verify(const uint8_t *message, size_t message_length,
   int err = CKB_SUCCESS;
 
   while (data_cursor.size > 0) {
-    uint8_t param_id;
-    CHECK(mol2_read_and_advance(&data_cursor, &param_id, 1));
+    uint8_t flag;
+    CHECK(mol2_read_and_advance(&data_cursor, &flag, 1));
 
-    CHECK2((param_id & MULTISIG_PARAMS_ID_MASK) == PARAMS_ID,
+    CHECK2(MULTISIG_FLAG_TO_PARAM_ID(flag) == PARAMS_ID,
            ERROR_SPHINCSPLUS_PARAMS);
 
-    if ((param_id & MULTISIG_SIG_MASK) != 0) {
+    if (MULTISIG_HAS_SIGNATURE(flag)) {
       /* Validate a signature when we see one */
       CHECK2(data_cursor.size >= SPHINCS_PLUS_PK_SIZE + SPHINCS_PLUS_SIGN_SIZE,
              ERROR_SPHINCSPLUS_WITNESS);
@@ -174,14 +174,14 @@ int handle_spawn(const uint8_t *command, size_t command_length) {
        * 2. Both fds are closed
        * 3. Current script terminates with non-zero exit code
        */
-      uint8_t failure_response = 1;
-      CHECK(_write_all(leaf_to_root_fd, &failure_response, 1));
+      uint8_t failure_response[3] = {0, 1, 0};
+      CHECK(_write_all(leaf_to_root_fd, failure_response, 3));
       CHECK(ckb_close(root_to_leaf_fd));
       CHECK(ckb_close(leaf_to_root_fd));
       return verify_err;
     } else {
-      uint8_t success_response = 0;
-      CHECK(_write_all(leaf_to_root_fd, &success_response, 1));
+      uint8_t success_response[3] = {0, 0, 0};
+      CHECK(_write_all(leaf_to_root_fd, success_response, 3));
     }
   }
 

contracts/c-sphincs-all-in-one-lock/ckb-sphincsplus-root-lock.c

@@ -109,11 +109,10 @@ static int write_to_blake2b(const uint8_t *data, size_t length, void *context) {
 
 int fetch_params(uint8_t id, const CkbSphincsParams **params) {
   int err = CKB_SUCCESS;
-  id &= MULTISIG_PARAMS_ID_MASK;
-  /* id uses offset by 1 */
-  CHECK2(id >= 1 && id <= CKB_SPHINCS_SUPPORTED_PARAMS_COUNT,
+  uint8_t index = MULTISIG_PARAM_ID_TO_INDEX(id);
+  CHECK2(index >= 0 && index < CKB_SPHINCS_SUPPORTED_PARAMS_COUNT,
          ERROR_SPHINCSPLUS_WITNESS);
-  *params = &ckb_sphincs_supported_params[id - 1];
+  *params = &ckb_sphincs_supported_params[index];
 
 exit:
   return err;
@@ -160,10 +159,11 @@ int multisig_preliminary_check(WitnessArgsType *witness_args,
   int last_param_id = 0;
 
   for (uint8_t i = 0; i < pubkeys; i++) {
-    uint8_t id;
-    CHECK(mol2_read_and_advance(&lock_bytes, &id, 1));
-    uint8_t param_id = id & MULTISIG_PARAMS_ID_MASK;
-    blake2b_update(&s, &param_id, 1);
+    uint8_t flag;
+    CHECK(mol2_read_and_advance(&lock_bytes, &flag, 1));
+    uint8_t param_id = MULTISIG_FLAG_TO_PARAM_ID(flag);
+    uint8_t sign_flag = MULTISIG_SIGN_FLAG(flag);
+    blake2b_update(&s, &sign_flag, 1);
 
     const CkbSphincsParams *params = NULL;
     CHECK(fetch_params(param_id, &params));
@@ -172,7 +172,7 @@ int multisig_preliminary_check(WitnessArgsType *witness_args,
     CHECK(mol2_read_and_advance(&lock_bytes, pubkey, params->pk_bytes));
     blake2b_update(&s, pubkey, params->pk_bytes);
 
-    if ((id & MULTISIG_SIG_MASK) != 0) {
+    if (MULTISIG_HAS_SIGNATURE(flag)) {
       mol2_advance(&lock_bytes, params->sign_bytes);
 
       CHECK2(threshold > 0, ERROR_SPHINCSPLUS_WITNESS);
@@ -288,27 +288,28 @@ int main(int argc, char *argv[]) {
      * Iterate over lock data again to verify each signature.
      */
     while (signatures.size > 0) {
-      uint8_t header;
-      CHECK(mol2_read_and_advance(&signatures, &header, 1));
+      uint8_t flag;
+      CHECK(mol2_read_and_advance(&signatures, &flag, 1));
 
-      uint8_t param_id = header & MULTISIG_PARAMS_ID_MASK;
-      if (all_params[param_id] == NULL) {
-        CHECK(fetch_params(param_id, &all_params[param_id]));
+      uint8_t param_index = MULTISIG_FLAG_TO_PARAM_INDEX(flag);
+      if (all_params[param_index] == NULL) {
+        CHECK(fetch_params(MULTISIG_FLAG_TO_PARAM_ID(flag),
+                           &all_params[param_index]));
       }
-      uint32_t pk_size = all_params[param_id]->pk_bytes;
-      uint32_t sign_size = all_params[param_id]->sign_bytes;
+      uint32_t pk_size = all_params[param_index]->pk_bytes;
+      uint32_t sign_size = all_params[param_index]->sign_bytes;
       CHECK2(pk_size + sign_size + 1 == (size_t)pk_size + (size_t)sign_size + 1,
              ERROR_SPHINCSPLUS_WITNESS;);
 
-      if ((header & MULTISIG_SIG_MASK) != 0) {
+      if (MULTISIG_HAS_SIGNATURE(flag)) {
         /*
          * Spawns a leaf process if needed, and use it to validate
          * the signature
          */
         CHECK2(signatures.size >= pk_size + sign_size,
                ERROR_SPHINCSPLUS_WITNESS);
         /* Spawn a new proces if needed */
-        if (spawned_processes[param_id] == 0) {
+        if (spawned_processes[param_index] == 0) {
           uint64_t root_to_leaf_fds[2];
           CHECK(ckb_pipe(root_to_leaf_fds));
           uint64_t leaf_to_root_fds[2];
@@ -320,17 +321,18 @@ int main(int argc, char *argv[]) {
            */
           uint64_t inherited_fds[3] = {root_to_leaf_fds[0], leaf_to_root_fds[1],
                                        0};
-          fds[param_id][0] = root_to_leaf_fds[1];
-          fds[param_id][1] = leaf_to_root_fds[0];
+          fds[param_index][0] = root_to_leaf_fds[1];
+          fds[param_index][1] = leaf_to_root_fds[0];
 
           const char *argv[] = {(const char *)escaped};
-          spawn_args_t spawn_args = {.argc = 1,
-                                     .argv = (const char **)argv,
-                                     .process_id = &spawned_processes[param_id],
-                                     .inherited_fds = inherited_fds};
-          CHECK(ckb_spawn_cell(code_hash, hash_type,
-                               *all_params[param_id]->offset_ptr,
-                               *all_params[param_id]->length_ptr, &spawn_args));
+          spawn_args_t spawn_args = {
+              .argc = 1,
+              .argv = (const char **)argv,
+              .process_id = &spawned_processes[param_index],
+              .inherited_fds = inherited_fds};
+          CHECK(ckb_spawn_cell(
+              code_hash, hash_type, *all_params[param_index]->offset_ptr,
+              *all_params[param_index]->length_ptr, &spawn_args));
         }
         /* Sends data location to the leaf process */
         {
@@ -344,13 +346,14 @@ int main(int argc, char *argv[]) {
           *((uint32_t *)&data[3 + 8 + 4]) = signatures.offset - 1;
           *((uint32_t *)&data[3 + 8 + 4 + 4]) = 1 + pk_size + sign_size;
 
-          CHECK(_write_all(fds[param_id][0], data, sizeof(data)));
+          CHECK(_write_all(fds[param_index][0], data, sizeof(data)));
         }
         /* Waits for leaf process to respond */
         {
-          uint8_t response;
-          CHECK(_read_all(fds[param_id][1], &response, 1));
-          CHECK2(response == 0, ERROR_SPHINCSPLUS_LEAF_VERIFY);
+          uint8_t response[3];
+          CHECK(_read_all(fds[param_index][1], response, 3));
+          CHECK2(response[0] == 0 && response[1] == 0 && response[2] == 0,
+                 ERROR_SPHINCSPLUS_LEAF_VERIFY);
         }
         /* Advance to the next signature if all the above succeeds */
         mol2_advance(&signatures, pk_size + sign_size);

contracts/c-sphincs-all-in-one-lock/nist-vector-tester.c

@@ -40,11 +40,10 @@
 
 int fetch_params(uint8_t id, const CkbSphincsParams **params) {
   int err = CKB_SUCCESS;
-  id &= MULTISIG_PARAMS_ID_MASK;
-  /* id uses offset by 1 */
-  CHECK2(id >= 1 && id <= CKB_SPHINCS_SUPPORTED_PARAMS_COUNT,
+  uint8_t index = MULTISIG_PARAM_ID_TO_INDEX(id);
+  CHECK2(index >= 0 && index < CKB_SPHINCS_SUPPORTED_PARAMS_COUNT,
          ERROR_SPHINCSPLUS_WITNESS);
-  *params = &ckb_sphincs_supported_params[id - 1];
+  *params = &ckb_sphincs_supported_params[index];
 
 exit:
   return err;
@@ -89,8 +88,8 @@ int main() {
          ERROR_SPHINCSPLUS_ENCODING);
 
   const CkbSphincsParams *params = NULL;
-  CHECK(
-      fetch_params(second_witness_data[0] & MULTISIG_PARAMS_ID_MASK, &params));
+  uint8_t param_id = MULTISIG_FLAG_TO_PARAM_ID(second_witness_data[0]);
+  CHECK(fetch_params(param_id, &params));
 
   uint8_t script_data[MAX_SCRIPT_SIZE];
   size_t script_len = MAX_SCRIPT_SIZE;

contracts/hybrid-sphincs-all-in-one-lock/src/generated/params.rs

@@ -6,18 +6,35 @@ pub const PARAM_IDS_COUNT: usize = 12;
 
 pub fn lengths(param_id: ParamId) -> (usize, usize) {
     match param_id {
-        ParamId::Sha2128F => (CKB_SPHINCS_PARAM1_PK_BYTES, CKB_SPHINCS_PARAM1_SIGN_BYTES),
-        ParamId::Sha2128S => (CKB_SPHINCS_PARAM2_PK_BYTES, CKB_SPHINCS_PARAM2_SIGN_BYTES),
-        ParamId::Sha2192F => (CKB_SPHINCS_PARAM3_PK_BYTES, CKB_SPHINCS_PARAM3_SIGN_BYTES),
-        ParamId::Sha2192S => (CKB_SPHINCS_PARAM4_PK_BYTES, CKB_SPHINCS_PARAM4_SIGN_BYTES),
-        ParamId::Sha2256F => (CKB_SPHINCS_PARAM5_PK_BYTES, CKB_SPHINCS_PARAM5_SIGN_BYTES),
-        ParamId::Sha2256S => (CKB_SPHINCS_PARAM6_PK_BYTES, CKB_SPHINCS_PARAM6_SIGN_BYTES),
-        ParamId::Shake128F => (CKB_SPHINCS_PARAM7_PK_BYTES, CKB_SPHINCS_PARAM7_SIGN_BYTES),
-        ParamId::Shake128S => (CKB_SPHINCS_PARAM8_PK_BYTES, CKB_SPHINCS_PARAM8_SIGN_BYTES),
-        ParamId::Shake192F => (CKB_SPHINCS_PARAM9_PK_BYTES, CKB_SPHINCS_PARAM9_SIGN_BYTES),
-        ParamId::Shake192S => (CKB_SPHINCS_PARAM10_PK_BYTES, CKB_SPHINCS_PARAM10_SIGN_BYTES),
-        ParamId::Shake256F => (CKB_SPHINCS_PARAM11_PK_BYTES, CKB_SPHINCS_PARAM11_SIGN_BYTES),
-        ParamId::Shake256S => (CKB_SPHINCS_PARAM12_PK_BYTES, CKB_SPHINCS_PARAM12_SIGN_BYTES),
+        ParamId::Sha2128F => (CKB_SPHINCS_PARAM48_PK_BYTES, CKB_SPHINCS_PARAM48_SIGN_BYTES),
+        ParamId::Sha2128S => (CKB_SPHINCS_PARAM49_PK_BYTES, CKB_SPHINCS_PARAM49_SIGN_BYTES),
+        ParamId::Sha2192F => (CKB_SPHINCS_PARAM50_PK_BYTES, CKB_SPHINCS_PARAM50_SIGN_BYTES),
+        ParamId::Sha2192S => (CKB_SPHINCS_PARAM51_PK_BYTES, CKB_SPHINCS_PARAM51_SIGN_BYTES),
+        ParamId::Sha2256F => (CKB_SPHINCS_PARAM52_PK_BYTES, CKB_SPHINCS_PARAM52_SIGN_BYTES),
+        ParamId::Sha2256S => (CKB_SPHINCS_PARAM53_PK_BYTES, CKB_SPHINCS_PARAM53_SIGN_BYTES),
+        ParamId::Shake128F => (CKB_SPHINCS_PARAM54_PK_BYTES, CKB_SPHINCS_PARAM54_SIGN_BYTES),
+        ParamId::Shake128S => (CKB_SPHINCS_PARAM55_PK_BYTES, CKB_SPHINCS_PARAM55_SIGN_BYTES),
+        ParamId::Shake192F => (CKB_SPHINCS_PARAM56_PK_BYTES, CKB_SPHINCS_PARAM56_SIGN_BYTES),
+        ParamId::Shake192S => (CKB_SPHINCS_PARAM57_PK_BYTES, CKB_SPHINCS_PARAM57_SIGN_BYTES),
+        ParamId::Shake256F => (CKB_SPHINCS_PARAM58_PK_BYTES, CKB_SPHINCS_PARAM58_SIGN_BYTES),
+        ParamId::Shake256S => (CKB_SPHINCS_PARAM59_PK_BYTES, CKB_SPHINCS_PARAM59_SIGN_BYTES),
+    }
+}
+
+pub fn indices(param_id: ParamId) -> usize {
+    match param_id {
+        ParamId::Sha2128F => 0,
+        ParamId::Sha2128S => 1,
+        ParamId::Sha2192F => 2,
+        ParamId::Sha2192S => 3,
+        ParamId::Sha2256F => 4,
+        ParamId::Sha2256S => 5,
+        ParamId::Shake128F => 6,
+        ParamId::Shake128S => 7,
+        ParamId::Shake192F => 8,
+        ParamId::Shake192S => 9,
+        ParamId::Shake256F => 10,
+        ParamId::Shake256S => 11,
     }
 }
 

contracts/hybrid-sphincs-all-in-one-lock/src/generated/sizes.rs

@@ -1,24 +1,24 @@
-pub const CKB_SPHINCS_PARAM1_PK_BYTES: usize = 32;
-pub const CKB_SPHINCS_PARAM1_SIGN_BYTES: usize = 17088;
-pub const CKB_SPHINCS_PARAM2_PK_BYTES: usize = 32;
-pub const CKB_SPHINCS_PARAM2_SIGN_BYTES: usize = 7856;
-pub const CKB_SPHINCS_PARAM3_PK_BYTES: usize = 48;
-pub const CKB_SPHINCS_PARAM3_SIGN_BYTES: usize = 35664;
-pub const CKB_SPHINCS_PARAM4_PK_BYTES: usize = 48;
-pub const CKB_SPHINCS_PARAM4_SIGN_BYTES: usize = 16224;
-pub const CKB_SPHINCS_PARAM5_PK_BYTES: usize = 64;
-pub const CKB_SPHINCS_PARAM5_SIGN_BYTES: usize = 49856;
-pub const CKB_SPHINCS_PARAM6_PK_BYTES: usize = 64;
-pub const CKB_SPHINCS_PARAM6_SIGN_BYTES: usize = 29792;
-pub const CKB_SPHINCS_PARAM7_PK_BYTES: usize = 32;
-pub const CKB_SPHINCS_PARAM7_SIGN_BYTES: usize = 17088;
-pub const CKB_SPHINCS_PARAM8_PK_BYTES: usize = 32;
-pub const CKB_SPHINCS_PARAM8_SIGN_BYTES: usize = 7856;
-pub const CKB_SPHINCS_PARAM9_PK_BYTES: usize = 48;
-pub const CKB_SPHINCS_PARAM9_SIGN_BYTES: usize = 35664;
-pub const CKB_SPHINCS_PARAM10_PK_BYTES: usize = 48;
-pub const CKB_SPHINCS_PARAM10_SIGN_BYTES: usize = 16224;
-pub const CKB_SPHINCS_PARAM11_PK_BYTES: usize = 64;
-pub const CKB_SPHINCS_PARAM11_SIGN_BYTES: usize = 49856;
-pub const CKB_SPHINCS_PARAM12_PK_BYTES: usize = 64;
-pub const CKB_SPHINCS_PARAM12_SIGN_BYTES: usize = 29792;
+pub const CKB_SPHINCS_PARAM48_PK_BYTES: usize = 32;
+pub const CKB_SPHINCS_PARAM48_SIGN_BYTES: usize = 17088;
+pub const CKB_SPHINCS_PARAM49_PK_BYTES: usize = 32;
+pub const CKB_SPHINCS_PARAM49_SIGN_BYTES: usize = 7856;
+pub const CKB_SPHINCS_PARAM50_PK_BYTES: usize = 48;
+pub const CKB_SPHINCS_PARAM50_SIGN_BYTES: usize = 35664;
+pub const CKB_SPHINCS_PARAM51_PK_BYTES: usize = 48;
+pub const CKB_SPHINCS_PARAM51_SIGN_BYTES: usize = 16224;
+pub const CKB_SPHINCS_PARAM52_PK_BYTES: usize = 64;
+pub const CKB_SPHINCS_PARAM52_SIGN_BYTES: usize = 49856;
+pub const CKB_SPHINCS_PARAM53_PK_BYTES: usize = 64;
+pub const CKB_SPHINCS_PARAM53_SIGN_BYTES: usize = 29792;
+pub const CKB_SPHINCS_PARAM54_PK_BYTES: usize = 32;
+pub const CKB_SPHINCS_PARAM54_SIGN_BYTES: usize = 17088;
+pub const CKB_SPHINCS_PARAM55_PK_BYTES: usize = 32;
+pub const CKB_SPHINCS_PARAM55_SIGN_BYTES: usize = 7856;
+pub const CKB_SPHINCS_PARAM56_PK_BYTES: usize = 48;
+pub const CKB_SPHINCS_PARAM56_SIGN_BYTES: usize = 35664;
+pub const CKB_SPHINCS_PARAM57_PK_BYTES: usize = 48;
+pub const CKB_SPHINCS_PARAM57_SIGN_BYTES: usize = 16224;
+pub const CKB_SPHINCS_PARAM58_PK_BYTES: usize = 64;
+pub const CKB_SPHINCS_PARAM58_SIGN_BYTES: usize = 49856;
+pub const CKB_SPHINCS_PARAM59_PK_BYTES: usize = 64;
+pub const CKB_SPHINCS_PARAM59_SIGN_BYTES: usize = 29792;

contracts/hybrid-sphincs-all-in-one-lock/src/main.rs

@@ -17,7 +17,7 @@ ckb_std::default_alloc!(16384, 1258306, 64);
 
 mod generated;
 
-use crate::generated::params::{lengths, PARAM_IDS_COUNT};
+use crate::generated::params::{indices, lengths, PARAM_IDS_COUNT};
 use ckb_fips205_utils::{
     ckb_tx_message_all_in_ckb_vm::generate_ckb_tx_message_all_with_witness,
     iterate_public_key_with_optional_signature, Hasher, ParamId,
@@ -55,8 +55,8 @@ pub fn program_entry() -> i8 {
 
     iterate_public_key_with_optional_signature(
         lock,
-        |_i, param_id, public_key, _signature| {
-            script_args_hasher.update(&[param_id.into()]);
+        |_i, param_id, sign_flag, public_key, _signature| {
+            script_args_hasher.update(&[sign_flag]);
             script_args_hasher.update(public_key);
 
             match parsed_param_id {
@@ -141,9 +141,9 @@ pub fn program_entry() -> i8 {
 
             iterate_public_key_with_optional_signature(
                 lock,
-                |_i, param_id, public_key, signature| {
+                |_i, param_id, _sign_flag, public_key, signature| {
                     if let Some(signature) = signature {
-                        let param_index = u8::from(param_id) as usize;
+                        let param_index = indices(param_id);
                         if spawned_vms[param_index].is_none() {
                             // Spawns a new VM for a param ID
                             let (binary_offset, binary_length) = load_binary_infos(param_id);
@@ -209,7 +209,7 @@ pub fn program_entry() -> i8 {
                         }
                         // Reads reasponse from child VM
                         {
-                            let mut response = [0u8; 1];
+                            let mut response = [0u8; 3];
 
                             let mut read = 0;
                             while read < response.len() {
@@ -220,6 +220,8 @@ pub fn program_entry() -> i8 {
                             }
 
                             assert_eq!(response[0], 0);
+                            assert_eq!(response[1], 0);
+                            assert_eq!(response[2], 0);
                         }
                     }
                 },

contracts/sphincs-all-in-one-lock/src/main.rs

@@ -45,8 +45,8 @@ pub fn program_entry() -> i8 {
 
     iterate_public_key_with_optional_signature(
         lock,
-        |_i, param_id, public_key, signature| {
-            script_args_hasher.update(&[param_id.into()]);
+        |_i, param_id, sign_flag, public_key, signature| {
+            script_args_hasher.update(&[sign_flag]);
             script_args_hasher.update(public_key);
 
             if let Some(signature) = signature {