tests: add exhaustive extrakeys tweak coverage#1836
Open
mangoostaa wants to merge 1 commit intobitcoin-core:masterfrom
Open
tests: add exhaustive extrakeys tweak coverage#1836mangoostaa wants to merge 1 commit intobitcoin-core:masterfrom
mangoostaa wants to merge 1 commit intobitcoin-core:masterfrom
Conversation
theStack
approved these changes
Apr 9, 2026
| } | ||
|
|
||
| /* TODO: keypair/xonly_pubkey tweak tests */ | ||
| /* Check keypair/xonly_pubkey tweak behavior over all non-zero tweaks. */ |
Contributor
There was a problem hiding this comment.
whitespace nit:
Suggested change
| /* Check keypair/xonly_pubkey tweak behavior over all non-zero tweaks. */ | |
| /* Check keypair/xonly_pubkey tweak behavior over all non-zero tweaks. */ |
Comment on lines
+116
to
+120
| CHECK(secp256k1_ec_pubkey_serialize(ctx, serialized_pk, &serialized_pklen, &tweaked_pk, SECP256K1_EC_COMPRESSED)); | ||
| CHECK(serialized_pklen == sizeof(serialized_pk)); | ||
| CHECK((serialized_pk[0] == SECP256K1_TAG_PUBKEY_EVEN) || (serialized_pk[0] == SECP256K1_TAG_PUBKEY_ODD)); | ||
| CHECK(serialized_pk[0] == (expected_pk_parity ? SECP256K1_TAG_PUBKEY_ODD : SECP256K1_TAG_PUBKEY_EVEN)); | ||
| CHECK(secp256k1_memcmp_var(&serialized_pk[1], expected_x, 32) == 0); |
Contributor
There was a problem hiding this comment.
nit (here and below): serializing is not strictly needed I think, one could alternatively do these checks on the internal types, i.e. by loading into a group element instance (via secp256k1_pubkey_load) first and then check its x/y field elements.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
and detect edge cases (resulting infinity, parity/x-coordinate mismatches).
Description
Replaced the TODO in src/modules/extrakeys/tests_exhaustive_impl.h with nested loops that exercise every internal non-zero key and every tweak scalar and compute the expected resulting group element and parity.
For each case the test exercises secp256k1_xonly_pubkey_tweak_add, secp256k1_keypair_xonly_tweak_add, secp256k1_xonly_pubkey_tweak_add_check, and verifies serialized compressed pubkey bytes and x-only serialization against the expected group point.
Fixed test-side issues: call secp256k1_fe_get_b32 without wrapping in CHECK (avoids invalid use of EXPECT), normalize field elements before checking parity and exporting to bytes, reset serialized_pklen prior to reuse, and derive the keypair secret bytes via secp256k1_scalar_get_b32 for deterministic keypair creation in the exhaustive loop.
All changes are contained in src/modules/extrakeys/tests_exhaustive_impl.h and only affect the exhaustive test code