bring signatory up to date with the remote signer spec

[lescuer97]

Description

Changes the signatory keyset generation and updates the proto spec to follow this pr

1- Generates new keysets with the correct derivations paths.
2- returns the derivation_index as version
3- add test vectors from remote signer

---

Notes to the reviewers

This should not affect any already created keyset.

---

Suggested CHANGELOG Updates

CHANGED

ADDED

REMOVED

FIXED

---

Checklist

• I followed the code style guidelines
• I ran just final-check before committing

[thesimplekid]

Is this spec'd? @vnprc has been working on something similar. #1004

[lescuer97]

yeah, it has always been part of the remote signer spec: https://github.com/cashubtc/nuts/pull/250/files.

The only new addition is the modulo on the sha256sum. @lollerfirst had a look at that and gave me some thumbs up on it

[crodas]

@lescuer97 This will be a breaking change for the known types, how are planning to address that?

[vnprc]

yes I have open PRs to cdk and the NUTs repo to implement deterministic derivation paths
cdk PR #1181
NUTs PR cashubtc/nuts#292

[lescuer97]

yes I have open PRs to cdk and the NUTs repo to implement deterministic derivation paths cdk PR #1181 NUTs PR cashubtc/nuts#292

I was not aware of this PRs. @vnprc would you like to use mine? they seems to be equally as effective.

[lescuer97]

@lescuer97 This will be a breaking change for the known types, how are planning to address that?

you are right, it would break it for library users. I could make a new version and make a deprecation warning for the older function. What do you think?

[lescuer97]

@crodas I added back and depracted the original index function.

[thesimplekid]

I don't think we should deprecate this. Instead we keep the hard coded for the ones we already have and then hash anything else.

[lescuer97]

I don't think that would be a good idea. It would not make cdk spec compliant.

I don't think breaking types here is a big deal thought.

As an alternative, I can also just do a simple hack and return Some(u32). even thought there is no option. This would mantain type consistent

[thesimplekid]

Are there still open questions on this should we bump it to 0.15?

[vnprc]

I am concerned that this is not a hardened solution. It would derive different derivation indexes for currency unit strings that are almost but not quite the same:

• leading and trailing whitespace
• capitalization differences
• functionally equivalent unicode character combinations

The version in this PR also doesn't include a reserved range for the existing hard coded currency units. Over a long enough timeframe this will introduce derivation path conflicts with sats, millisats, USD, and EUR.

As written in this PR, the hashed_derivation_index function would open the door to bugs and exploits. Resolving those issues in a backward compatible way would be more complex and difficult than just addressing the issues now before any hashed currency unit derivation paths are introduced in the wild.

I just removed the draft setting on #1181. I will rebase it to the latest commit on main. I think we should get 1181 merged and rebase this commit on top of it. Y'all should also review the NUT spec PR: cashubtc/nuts#292. Once I get some feedback on it I would be happy to open a PR to nutshell to get the spec finalized.

[lescuer97]

@vnprc @crodas could you take a look at this pr again pls. I think it is ready now

[lescuer97]

@crodas could you re run the test? I think there was an error

[thesimplekid]

@crodas could you re run the test? I think there was an error

Its not an error. Cargo.lock file needs to be updated since you added a dep.