What are you trying to do?
in the schnorr single key account, the ivsk_m is used as a signing key. If i give my viewing key to someone, they will be able to transact from my account. Does it make sense to use nsk_m instead?
|
x: witness.keys.ivpk_m.inner.x, |
|
y: witness.keys.ivpk_m.inner.y, |
|
is_infinite: false, |
|
}; |
|
|
|
// In a single key account contract we re-used ivpk_m as signing key |
|
schnorr::assert_valid_signature(public_key, witness.signature, message_bytes); |
the account is exported from @aztec/accounts, so app devs are gonna import from an official npm package
from @nventuro: using ivsk as a signing key is very bad
Code Reference
Aztec Version
3.0.0
OS
No response
Browser (if relevant)
No response
Node Version
No response
Additional Context
No response
What are you trying to do?
in the schnorr single key account, the ivsk_m is used as a signing key. If i give my viewing key to someone, they will be able to transact from my account. Does it make sense to use nsk_m instead?
aztec-packages/noir-projects/noir-contracts/contracts/account/schnorr_single_key_account_contract/src/util.nr
Lines 8 to 14 in e0ea846
the account is exported from
@aztec/accounts, so app devs are gonna import from an official npm packagefrom @nventuro: using ivsk as a signing key is very bad
Code Reference
Aztec Version
3.0.0
OS
No response
Browser (if relevant)
No response
Node Version
No response
Additional Context
No response