拉宾签名 (Rabin Signature)

拉宾签名 是比特币中使用的 ECDSA 的另一种数字签名形式。

contract RabinSignature {
    public function verifySig(int sig, bytes msg, bytes padding, int n) {
        int h = this.fromLEUnsigned(this.hash(msg + padding));
        require((sig * sig) % n == h % n);
    }

    function hash(bytes x): bytes {
        // expand into 512 bit hash
        bytes hx = sha256(x);
        int idx = len(hx) / 2;
        return sha256(hx[:idx]) + sha256(hx[idx:]);
    }

    function fromLEUnsigned(bytes b): int {
        // append positive sign byte. This does not hurt even when sign bit is already positive
        return unpack(b + b'00');
    }
}