Reorder verify_ecdsa args to match those of verify_schnorr #751

shinghim · 2024-10-12T17:32:32Z

The issue (#617) seemed to have good support with 4 thumbs up, so this PR will reorder verify_ecdsa args to match those of verify_schnorr, which just swaps the place of msg and sig. This will break the API, but will potentially cause less confusion in the future

Closes #617

apoelstra · 2024-10-13T12:46:46Z

Sure. Looks like dalek uses this order (sorta; the pubkey is self), while Core verifymessage uses pubkey then sig then message. libsodium uses sig, message, key for its crypto_auth_verify method.

OTOH there is no standard here at all so we should just pick one to be consistent within our own library.

apoelstra

ACK 2d7cc5e successfully ran local tests

tcharding · 2024-10-13T16:37:25Z

Totally bikeshedding, please feel free to merge around me. I think the other way is more intuitive, one verifies a signature and to do so one needs the message and pubkey, right? But that begs the question why verify_ecdsa is the other way, presumably it was intuitive to the original author, so maybe my intuition is wrong.

shinghim · 2024-10-13T17:00:02Z

I don't have a preference for the order, but I'm very new to crypto APIs so don't have an intuition on how it should be. I think it's more important that they're in the same order.

I think the other way is more intuitive, one verifies a signature and to do so one needs the message and pubkey, right?

This makes sense to me, and it's no problem at all to update these changes. It's probably worth discussing a bit before deciding so we only change it once

tcharding · 2024-10-13T18:12:30Z

Yes, this is @apoelstra's domain, definitely wait for him to chime in. I am not a cryptographer.

apoelstra · 2024-10-13T19:21:49Z

I definitely think the schnorr API is more intuitive and that if we want to pick the "best" one we should change ECDSA instead.

But OTOH the ECDSA API is probably more widely used and likely to annoy people if we break it.

I'd be happy with either change.

shinghim · 2024-10-13T22:06:03Z

I definitely think the schnorr API is more intuitive and that if we want to pick the "best" one we should change ECDSA instead.

Okay, I'm onboard with switching to the schnorr order. I'll update these changes

tcharding · 2024-10-13T22:43:51Z

Can you write a longer commit message please because over time downstream users are inevitably going to whinge about this, when they git blame it would be nice if they saw our reasoning.

Something like

When we introduced verify_schnorr we used parameters in the intuitive order sig, msg, key but did not notice that we had a very similar verify_ecdsa function with the parameters in a different order. Since both functions have been released any fix is breaking. We decided to do the annoying fix-now so that users benefit for years to come.

apoelstra · 2024-10-13T22:57:40Z

Will ACK this -- but @shinghim I would appreciate if you expanded the commit message, and I'll hold off on merging till you take a look at @tcharding's comment.

apoelstra

ACK 3c8f5e0 successfully ran local tests

tcharding · 2024-10-14T03:29:48Z

Can you wrap the columns in the git commit log to 72 characters please - sorry to be picky.

shinghim · 2024-10-14T03:38:44Z

no worries!

apoelstra

ACK 51a954b successfully ran local tests

tcharding · 2025-06-12T03:36:06Z

Needs rebase @shinghim if you get a chance please mate.

When `verify_schnorr` was first introduced, it used parameters in the inuitive order: sig, msg, key. It was later noticed that `verify_ecdsa` had the same parameters but in a different order. Since both functions have been released, this will be a breaking change, but fixing this now will add consistency and remove any confusion for users in the future.

shinghim · 2025-06-12T04:13:16Z

done 👍🏼

apoelstra

ACK c051b14; successfully ran local tests

tcharding

ACK c051b14

tcharding · 2025-06-12T23:32:07Z

Thanks @shinghim, I'll accept full responsibility for this change. For those annoyed by this please forward abusive emails directly to me :)

…atch those of verify_schnorr c051b145234177481dea4326566442fddc16537e Reorder verify_ecdsa args to match the order of verify_schnorr (Shing Him Ng) Pull request description: The issue (#617) seemed to have good support with 4 thumbs up, so this PR will reorder `verify_ecdsa` args to match those of `verify_schnorr`, which just swaps the place of `msg` and `sig`. This will break the API, but will potentially cause less confusion in the future Closes #617 ACKs for top commit: apoelstra: ACK c051b145234177481dea4326566442fddc16537e; successfully ran local tests tcharding: ACK c051b145234177481dea4326566442fddc16537e Tree-SHA512: 0798baa48e3073aea2fc68195124bf1d9c99fcfff2306f931b89fe8a6d0a8157203098cf6e5979c6f3baa09d294e251d915ab55d6a49b34d186f61853667b057

apoelstra previously approved these changes Oct 13, 2024

View reviewed changes

shinghim dismissed apoelstra’s stale review via 3c8f5e0 October 13, 2024 22:18

shinghim force-pushed the reorder-args branch from 2d7cc5e to 3c8f5e0 Compare October 13, 2024 22:18

shinghim changed the title ~~Reorder verify_schnorr args to match those of verify_ecdsa~~ Reorder verify_ecdsa args to match those of verify_schnorr Oct 13, 2024

apoelstra approved these changes Oct 14, 2024

View reviewed changes

shinghim force-pushed the reorder-args branch from 3c8f5e0 to 0f9a513 Compare October 14, 2024 03:02

shinghim force-pushed the reorder-args branch from 0f9a513 to 51a954b Compare October 14, 2024 03:38

apoelstra previously approved these changes Oct 14, 2024

View reviewed changes

shinghim dismissed apoelstra’s stale review via f6ac476 June 12, 2025 03:43

shinghim force-pushed the reorder-args branch from 51a954b to f6ac476 Compare June 12, 2025 03:43

shinghim marked this pull request as draft June 12, 2025 03:44

shinghim force-pushed the reorder-args branch 2 times, most recently from cf019e4 to 90dca1f Compare June 12, 2025 03:54

shinghim force-pushed the reorder-args branch from 90dca1f to c051b14 Compare June 12, 2025 03:56

shinghim marked this pull request as ready for review June 12, 2025 04:13

apoelstra approved these changes Jun 12, 2025

View reviewed changes

tcharding approved these changes Jun 12, 2025

View reviewed changes

apoelstra merged commit 2d672e2 into rust-bitcoin:master Jun 13, 2025
28 checks passed

Reorder verify_ecdsa args to match those of verify_schnorr #751

Reorder verify_ecdsa args to match those of verify_schnorr #751

Uh oh!

Conversation

shinghim commented Oct 12, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

apoelstra commented Oct 13, 2024

Uh oh!

apoelstra left a comment

Choose a reason for hiding this comment

Uh oh!

tcharding commented Oct 13, 2024

Uh oh!

shinghim commented Oct 13, 2024

Uh oh!

tcharding commented Oct 13, 2024

Uh oh!

apoelstra commented Oct 13, 2024

Uh oh!

shinghim commented Oct 13, 2024

Uh oh!

tcharding commented Oct 13, 2024

Uh oh!

apoelstra commented Oct 13, 2024

Uh oh!

apoelstra left a comment

Choose a reason for hiding this comment

Uh oh!

tcharding commented Oct 14, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

shinghim commented Oct 14, 2024

Uh oh!

apoelstra left a comment

Choose a reason for hiding this comment

Uh oh!

tcharding commented Jun 12, 2025

Uh oh!

shinghim commented Jun 12, 2025

Uh oh!

apoelstra left a comment

Choose a reason for hiding this comment

Uh oh!

tcharding left a comment

Choose a reason for hiding this comment

Uh oh!

tcharding commented Jun 12, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

shinghim commented Oct 12, 2024 •

edited

Loading

tcharding commented Oct 14, 2024 •

edited

Loading