AggregateKeys takes a list of possibly unsorted keys and returns a single aggregated key as specified by the musig2 key aggregation algorithm.

AggregateNonces aggregates the set of a pair of public nonces for each party into a single aggregated nonces to be used for multi-signing.

CombineSigs combines the set of public keys given the final aggregated nonce, and the series of partial signatures for each nonce.

GenNonces generates the secret nonces, as well as the public nonces which correspond to an EC point generated using the secret nonce as a private key.

NewContext creates a new signing context with the passed singing key and set of public keys for each of the other signers.

NewPartialSignature returns a new instances of the partial sig struct.

Sign generates a musig2 partial signature given the passed key set, secret nonce, public nonce, and private keys.

WithBIP86KeyTweak specifies that then during key aggregation, the BIP 86 tweak which just commits to the hash of the serialized public key should be used.

WithBip86SignTweak allows a caller to specify a tweak that should be used in a bip 340 manner when signing, factoring in BIP 86 as well.

WithBip86TweakCtx specifies that within this context, the final key should use the taproot tweak as defined in BIP 341, with the BIP 86 modification: outputKey = internalKey + h_tapTweak(internalKey)*G.

WithBip86TweakedCombine is similar to the WithTaprootTweakedCombine option, but assumes a BIP 341 + BIP 86 context where the final tweaked key is to be used as the output key, where the internal key is the aggregated key pre-tweak.

WithCustomRand allows a caller to use a custom random number generator in place for crypto/rand.

WithEarlyNonceGen allow a caller to specify that a nonce should be generated early, before the session is created.

WithFastSign forces signing to skip the extra verification step at the end.

WithKeysHash allows key aggregation to be optimize, by allowing the caller to specify the hash of all the keys.

WithKeyTweaks allows a caller to specify a series of 32-byte tweaks that should be applied to the final aggregated public key.

WithKnownSigners is an optional parameter that should be used if a session can be created as soon as all the singers are known.

WithNonceAuxInput is a set of auxiliary randomness, similar to BIP 340 that can be used to further augment the nonce generation process.

WithNonceCombinedKeyAux allows a caller to optionally specify the combined key used in this signing session to further augment the randomness used to generate nonces.

WithNonceMessageAux allows a caller to optionally specify a message to be mixed into the randomness generated to create the nonce.

WithNonceSecretKeyAux allows a caller to optionally specify a secret key that should be used to augment the randomness used to generate the nonces.

WithNumSigners is a functional option used to specify that a context should be created without knowing all the signers.

WithPreGeneratedNonce allows a caller to start a session using a nonce they've generated themselves.

WithPublicKey is the mandatory public key that will be mixed into the nonce generation.

WithSortedKeys determines if the set of signing public keys are to be sorted or not before doing key aggregation.

WithTaprootKeyTweak specifies that within this context, the final key should use the taproot tweak as defined in BIP 341: outputKey = internalKey + h_tapTweak(internalKey || scriptRoot).

WithTaprootSignTweak allows a caller to specify a tweak that should be used in a bip 340 manner when signing.

WithTaprootTweakCtx specifies that within this context, the final key should use the taproot tweak as defined in BIP 341: outputKey = internalKey + h_tapTweak(internalKey || scriptRoot).

WithTaprootTweakedCombine is similar to the WithTweakedCombine option, but assumes a BIP 341 context where the final tweaked key is to be used as the output key, where the internal key is the aggregated key pre-tweak.

WithTweakedCombine is a functional option that allows callers to specify that the signature was produced using a tweaked aggregated public key.

WithTweakedContext specifies that within the context, the aggregated public key should be tweaked with the specified tweaks.

WithTweaks determines if the aggregated public key used should apply a series of tweaks before key aggregation.

WithUniqueKeyIndex allows the caller to specify the index of the second unique key.

PubNonceSize is the size of the public nonces.

SecNonceSize is the size of the secret nonces for musig2.

ChallengeHashTag is the tag used to construct the challenge hash.

ErrAlredyHaveAllNonces is returned when a caller attempts to register a signer, once we already have the total set of known signers.

ErrAlredyHaveAllNonces is called when RegisterPubNonce is called too many times for a given signing session.

ErrAlredyHaveAllSigs is called when CombineSig is called too many times for a given signing session.

ErrCombinedNonceUnavailable is returned when a caller attempts to sign a partial signature, without first having collected all the required combined nonces.

ErrFinalSigInvalid is returned when the combined signature turns out to be invalid.

ErrNotEnoughSigners is returned if a caller attempts to obtain an early nonce when it wasn't specified.

ErrNoncePointAtInfinity is returned if during signing, the fully combined public nonce is the point at infinity.

ErrNotEnoughSigners is returned when a caller attempts to create a session from a context, but before all the required signers are known.

ErrPartialSigInvalid is returned when a partial is found to be invalid.

ErrPrivKeyZero is returned when the private key for signing is actually zero.

ErrPubkeyInvalid is returned when the pubkey of the WithPublicKey option is not passed or of invalid length.

ErrPubkeyNotIncluded is returned when the signers pubkey is not included in the list of pubkeys.

ErrSecNoncePubkey is returned when the signing key does not match the sec nonce pubkey.

ErrSecretNonceZero is returned when a secret nonce is passed in a zero.

ErrSignerNotInKeySet is returned when a the private key for a signer isn't included in the set of signing public keys.

ErrSignersNotSpecified is returned when a caller attempts to create a context without specifying either the total number of signers, or the complete set of singers.

ErrSigningContextReuse is returned if a user attempts to sign using the same signing context more than once.

ErrTaprootInternalKeyUnavailable is returned when a user attempts to obtain the.

ErrTweakedKeyIsInfinity is returned if while tweaking a key, we end up with the point at infinity.

ErrTweakedKeyOverflows is returned if a tweaking key is larger than 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141.

KeyAggTagCoeff is the tagged hash tag used to compute the key aggregation coefficient for each key.

KeyAggTagList is the tagged hash tag used to compute the hash of the list of sorted public keys.

NonceAuxTag is the tag used to optionally mix in the secret key with the set of aux randomness.

NonceBlindTag is that tag used to construct the value b, which blinds the second public nonce of each party.

NonceGenTag is used to generate the value (from a set of required an optional field) that will be used as the part of the secret nonce.

AggregateKey is a final aggregated key along with a possible version of the key without any tweaks applied.

Context is a managed signing context for musig2.

KeyTweakDesc describes a tweak to be applied to the aggregated public key generation and signing process.

Nonces holds the public and secret nonces required for musig2.

PartialSignature reprints a partial (s-only) musig2 multi-signature.

Session represents a musig2 signing session.

CombineOption is a functional option argument that allows callers to modify the way we combine musig2 schnorr signatures.

ContextOption is a functional option argument that allows callers to modify the musig2 signing is done within a context.

KeyAggOption is a functional option argument that allows callers to specify more or less information that has been pre-computed to the main routine.

NonceGenOption is a function option that allows callers to modify how nonce generation happens.

SessionOption is a functional option argument that allows callers to modify the musig2 signing is done within a session.

SignOption is a functional option argument that allows callers to modify the way we generate musig2 schnorr signatures.