EC Checks in ECDSA Signatures #17
Description
Most ECDSA signatures can be analyzed with just the sig_info information, the exception is CheckIssuerKey that uses issuer_key_info. Also, when you run paranoid.CheckAllECDSASigs, the doc string says you need "at least" all the attributes of ecdsa_sig_info set, but then it fails in CheckIssuerKey as it doesn't have the issuer_key_info. In the paranoid_ecdsa_test.py script the signatures are set without the issuer property of sig_info, but with the x and y of the issuer_key_info.
It keeps going as in ecdsa_sig_checks the BiasedBaseCheck class calls _MapIssuerSigIndexes that, once again, uses issuer_key_info to return a dict of public keys and create a list of unique values for the check.
Finally it compares guessed private keys (named "guess_pk") multiplied by G to the public keys dict generated earlier.
This can limit common use cases like Ethereum addresses since they compress the public key with a hash to form the address, you probably won't be able to get the (x, y).
I suggest the following:
- Update the docstring of CheckAllECDSASigs to state it is necessary to have issuer_key_info x and y
- Create a script set for Ethereum addresses check, that is, when you do not have the uncompressed public key. This script should find unique values using the compressed public key (ethereum address), and check the guesses against the compressed public keys generated from the guesses.
If you agree, I can work on a PR for that.