Type Method
generate(secretKey:publicKey:msg32:extraInput32:)
Generates a fresh nonce pair for one MuSig2 signing session using a random 133-byte session ID.
- iOS 13.0+
- macCatalyst 13.0+
- macOS 10.15+
- tvOS 13.0+
- visionOS 1.0+
- watchOS 6.0+
static func generate(secretKey: P256K.Schnorr.PrivateKey?, publicKey: P256K.Schnorr.PublicKey, msg32: [UInt8], extraInput32: [UInt8]? = nil) throws -> P256K.MuSig.NonceResult
Parameters
-
secretKey
-
The signer’s private key; providing it increases misuse-resistance by binding the nonce to the key.
-
publicKey
-
The signer’s public key; the generated secret nonce is bound to this key and cannot sign for any other.
-
msg32
-
The 32-byte message to be signed, if known at nonce generation time.
-
extraInput32
-
Optional 32 bytes of additional entropy (e.g., current timestamp) passed to secp256k1_musig_nonce_gen.
Return Value
A ~Copyable P256K.MuSig.NonceResult containing the public nonce (to share) and secret nonce (to consume when signing).
Discussion
Warning
Nonce reuse leaks the secret signing key. This overload generates the session ID internally from SecureBytes. Never reuse a P256K.Schnorr.SecureNonce across multiple signing sessions. The returned P256K.MuSig.NonceResult is ~Copyable to prevent accidental duplication of the secret nonce.
Throws
secp256k1Error.underlyingCryptoError if secp256k1_musig_nonce_gen fails.