Structure

P256K.MuSig.Nonce

66-byte aggregated MuSig2 public nonce produced by secp256k1_musig_nonce_agg from all signers’ individual public nonces, required before any partial signing can occur.

iOS 13.0+
macCatalyst 13.0+
macOS 10.15+
tvOS 13.0+
visionOS 1.0+
watchOS 6.0+

struct Nonce

Overview

Aggregation is specified in BIP-327 and implemented in Vendor/secp256k1-zkp/include/secp256k1_musig.h. The aggregated nonce is computed once from all signers’ P256K.Schnorr.Nonce values and then shared with every signer before they call partialSignature(for:pubnonce:secureNonce:publicNonceAggregate:xonlyKeyAggregate:). An untrusted aggregator may compute the aggregate nonce; if the result is wrong, the final signature will simply be invalid rather than leaking key material.

Topics

Construction

Serialization

var dataRepresentation: Data
The 66-byte BIP-327 wire representation of the aggregated nonce, serialized via secp256k1_musig_aggnonce_serialize.