chore: Update libs, reorder files, internalize private headers

15 files changed, 575 insertions, 413 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 958b038..e859e2b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -40,7 +40,7 @@ if(NC_FETCH_SECP256K1)
 	set(SECP256K1_BUILD_EXAMPLES OFF)
 	set(SECP256K1_BUILD_EXHAUSTIVE_TESTS OFF)
 	set(SECP256K1_ENABLE_MODULE_ECDH ON)
-	set(SECP256K1_ENABLE_MODULE_RECOVERY ON)
+	set(SECP256K1_ENABLE_MODULE_RECOVERY OFF)
 	set(SECP256K1_ENABLE_MODULE_SCHNORRSIG ON)
 	set(SECP256K1_ENABLE_MODULE_EXTRAKEYS ON)
 	set(SECP256K1_ENABLE_MODULE_ELLSWIFT OFF)
@@ -50,7 +50,7 @@ if(NC_FETCH_SECP256K1)
 	FetchContent_Declare(
 	  libsecp256k1
 	  GIT_REPOSITORY		https://github.com/bitcoin-core/secp256k1
-	  GIT_TAG				1ad5185cd42c0636104129fcc9f6a4bf9c67cc40 # release-0.4.1
+	  GIT_TAG				e3a885d42a7800c1ccebad94ad1e2b82c4df5c65 # release-0.5.0
 	  GIT_PROGRESS			TRUE
 	)
 
@@ -79,23 +79,22 @@ endif()
 #		MAIN PROJECT
 #-----------------------------
 
-include_directories(include)				#include the 'include' directory for the project
 set(CMAKE_C_STANDARD 90)					#Setup the compiler options for c90 shared library
 set(CMAKE_C_STANDARD_REQUIRED ON)
 set(CMAKE_C_EXTENSIONS OFF)
 
 set(NOSCRYPT_SRCS 
 	"src/noscrypt.c"	
-	"src/crypto/hkdf.c"
-	"src/crypto/nc-crypto.c"				#pulls in c impl files as needed
+	"src/hkdf.c"
+	"src/nc-crypto.c"				#pulls in c impl files as needed
 )
 
 set(NOSCRYPT_HEADERS
 	"include/noscrypt.h"
 	"include/platform.h"
-	"include/nc-util.h"
-	"include/hkdf.h"
-	"include/nc-crypto.h"
+	"src/nc-util.h"
+	"src/hkdf.h"
+	"src/nc-crypto.h"
 )
 
 #static/shared library
@@ -104,6 +103,9 @@ add_library(${_NC_PROJ_NAME}_static STATIC ${NOSCRYPT_SRCS} ${NOSCRYPT_HEADERS})
 target_compile_features(${_NC_PROJ_NAME} PUBLIC c_std_90)	#force compiler to use c90 standard for library
 set_target_properties(${_NC_PROJ_NAME} PROPERTIES POSITION_INDEPENDENT_CODE ON)
 
+target_include_directories(${_NC_PROJ_NAME} PRIVATE include)
+target_include_directories(${_NC_PROJ_NAME}_static PRIVATE include)
+
 #link libsecp256k1
 target_link_libraries(${_NC_PROJ_NAME} PRIVATE secp256k1)
 target_link_libraries(${_NC_PROJ_NAME}_static PRIVATE secp256k1)
@@ -343,6 +345,7 @@ if(NC_BUILD_TESTS)
 	add_executable(nctest tests/test.c)
 	target_link_libraries(nctest ${_NC_PROJ_NAME})
 	target_include_directories(nctest PRIVATE include)
+	target_include_directories(nctest PRIVATE src)	#allow access to internal headers
 
 	#enable c11 for testing
 	target_compile_features(nctest PRIVATE c_std_11)
diff --git a/Taskfile.yaml b/Taskfile.yaml
index a917f1c..eb16de0 100644
--- a/Taskfile.yaml
+++ b/Taskfile.yaml
@@ -178,4 +178,19 @@ tasks:
      - git clone --branch {{ .OPENSSL_GIT_BRANCH }} {{ .OPENSSL_GIT_URL }} '{{ .TMP_DIR }}' 
      
      - for: [ 'include/openssl' ]
-       cmd: powershell cp -Recurse -Force '{{ .TMP_DIR }}/{{ .ITEM }}' '{{.OPENSSL_DIR}}/include/'
\ No newline at end of file
+       cmd: powershell cp -Recurse -Force '{{ .TMP_DIR }}/{{ .ITEM }}' '{{.OPENSSL_DIR}}/include/'
+
+  dev-set-secp256-headers:
+    vars:
+      SECP256_GIT_URL: 'https://github.com/bitcoin-core/secp256k1'
+      SECP256_GIT_BRANCH: 'v0.5.0'
+      SECP256_DIR: 'vendor/secp256k1'
+      TMP_DIR: '.update/openssl'
+    cmds:
+     - cmd: powershell mkdir '{{.TMP_DIR}}' -Force
+       ignore_error: true
+     
+     - git clone --branch {{ .SECP256_GIT_BRANCH }} {{ .SECP256_GIT_URL }} '{{ .TMP_DIR }}' 
+     
+     - for: [ 'include/*' ]
+       cmd: powershell cp -Recurse -Force '{{ .TMP_DIR }}/{{ .ITEM }}' '{{.SECP256_DIR}}/include/secp256k1/'
\ No newline at end of file
diff --git a/src/crypto/hkdf.c b/src/hkdf.c
index 0d91d14..0d91d14 100644
--- a/src/crypto/hkdf.c
+++ b/src/hkdf.c
diff --git a/include/hkdf.h b/src/hkdf.h
index 460e203..460e203 100644
--- a/include/hkdf.h
+++ b/src/hkdf.h
diff --git a/src/crypto/nc-crypto.c b/src/nc-crypto.c
index 587d59d..97b59cb 100644
--- a/src/crypto/nc-crypto.c
+++ b/src/nc-crypto.c
@@ -20,6 +20,7 @@
 
 #include "nc-util.h"
 #include "nc-crypto.h"
+#include "hkdf.h"
 
 /*
 *  Functions are not forced inline, just suggested.
@@ -52,19 +53,19 @@
 /*
 * Prioritize embedded builds with mbedtls
 */
-#include "impl/mbedtls.c"
+#include "providers/mbedtls.c"
 
 /*
 * Include openssl as an alternative default 
 * implementation
 */
-#include "impl/openssl.c"
+#include "providers/openssl.c"
 
 /*
 * Include win32 platform specific fallback support 
 * using bcrypt.
 */
-#include "impl/bcrypt.c"
+#include "providers/bcrypt.c"
 
 /*
 * Handle default implementations of secure 
@@ -95,7 +96,7 @@
 * and portable, but not optimized for any specific
 * platform.
 */
-#include "impl/monocypher.c"
+#include "providers/monocypher.c"
 
 
 #ifdef _IMPL_CRYPTO_SHA256_HMAC
diff --git a/include/nc-crypto.h b/src/nc-crypto.h
index f04ebe0..f04ebe0 100644
--- a/include/nc-crypto.h
+++ b/src/nc-crypto.h
diff --git a/include/nc-util.h b/src/nc-util.h
index 8fb74ff..8fb74ff 100644
--- a/include/nc-util.h
+++ b/src/nc-util.h
diff --git a/src/crypto/impl/bcrypt.c b/src/providers/bcrypt.c
index 9b01cac..d1b9aa5 100644
--- a/src/crypto/impl/bcrypt.c
+++ b/src/providers/bcrypt.c
@@ -31,9 +31,6 @@
 #include <Windows.h>
 #include <bcrypt.h>
 
-#include "nc-util.h"
-#include "hkdf.h"
-
 #define IF_BC_FAIL(x) if(!BCRYPT_SUCCESS(x)) 
 #define BC_FAIL(x) if(!BCRYPT_SUCCESS(x)) return CSTATUS_FAIL;
 
diff --git a/src/crypto/impl/mbedtls.c b/src/providers/mbedtls.c
index df5201f..df5201f 100644
--- a/src/crypto/impl/mbedtls.c
+++ b/src/providers/mbedtls.c
diff --git a/src/crypto/impl/monocypher.c b/src/providers/monocypher.c
index 7c9faea..8ffe048 100644
--- a/src/crypto/impl/monocypher.c
+++ b/src/providers/monocypher.c
@@ -31,8 +31,6 @@
 
 #include <monocypher.h>
 
-#include "nc-util.h"
-
 /* Export secure memse0 */
 #ifndef _IMPL_SECURE_ZERO_MEMSET
 
diff --git a/src/crypto/impl/openssl.c b/src/providers/openssl.c
index 132c643..1f31796 100644
--- a/src/crypto/impl/openssl.c
+++ b/src/providers/openssl.c
@@ -22,7 +22,6 @@
 /* Setup openssl */
 #ifdef OPENSSL_CRYPTO_LIB
 
-#include "nc-util.h"
 #include <openssl/crypto.h>
 
 #define _OSSL_FAIL(x) if(!(x)) return CSTATUS_FAIL;
@@ -114,7 +113,6 @@
 #ifndef _IMPL_CRYPTO_SHA256_HKDF_EXPAND
 	
 	#include <openssl/hmac.h>
-	#include "hkdf.h"
 
 	#define _IMPL_CRYPTO_SHA256_HKDF_EXPAND		_ossl_sha256_hkdf_expand
 
@@ -189,6 +187,8 @@
 
 #ifndef _IMPL_CHACHA20_CRYPT
 
+    #include <openssl/evp.h>
+
 	#define _IMPL_CHACHA20_CRYPT _ossl_chacha20_crypt
 
 	_IMPLSTB cstatus_t _ossl_chacha20_crypt(
diff --git a/vendor/secp256k1/include/secp256k1/secp256k1.h b/vendor/secp256k1/include/secp256k1/secp256k1.h
index f4053f2..cfbdd52 100644
--- a/vendor/secp256k1/include/secp256k1/secp256k1.h
+++ b/vendor/secp256k1/include/secp256k1/secp256k1.h
@@ -474,6 +474,20 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_cmp(
     const secp256k1_pubkey *pubkey2
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
 
+/** Sort public keys using lexicographic (of compressed serialization) order
+ *
+ *  Returns: 0 if the arguments are invalid. 1 otherwise.
+ *
+ *  Args:     ctx: pointer to a context object
+ *  In:   pubkeys: array of pointers to pubkeys to sort
+ *      n_pubkeys: number of elements in the pubkeys array
+ */
+SECP256K1_API int secp256k1_ec_pubkey_sort(
+    const secp256k1_context *ctx,
+    const secp256k1_pubkey **pubkeys,
+    size_t n_pubkeys
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);
+
 /** Parse an ECDSA signature in compact (64 bytes) format.
  *
  *  Returns: 1 when the signature could be parsed, 0 otherwise.
diff --git a/vendor/secp256k1/include/secp256k1/secp256k1_extrakeys.h b/vendor/secp256k1/include/secp256k1/secp256k1_extrakeys.h
index 4cc6d4f..ad70b92 100644
--- a/vendor/secp256k1/include/secp256k1/secp256k1_extrakeys.h
+++ b/vendor/secp256k1/include/secp256k1/secp256k1_extrakeys.h
@@ -7,241 +7,241 @@
 extern "C" {
 #endif
 
-    /** Opaque data structure that holds a parsed and valid "x-only" public key.
-     *  An x-only pubkey encodes a point whose Y coordinate is even. It is
-     *  serialized using only its X coordinate (32 bytes). See BIP-340 for more
-     *  information about x-only pubkeys.
-     *
-     *  The exact representation of data inside is implementation defined and not
-     *  guaranteed to be portable between different platforms or versions. It is
-     *  however guaranteed to be 64 bytes in size, and can be safely copied/moved.
-     *  If you need to convert to a format suitable for storage, transmission, use
-     *  use secp256k1_xonly_pubkey_serialize and secp256k1_xonly_pubkey_parse. To
-     *  compare keys, use secp256k1_xonly_pubkey_cmp.
-     */
-    typedef struct {
-        unsigned char data[64];
-    } secp256k1_xonly_pubkey;
-
-    /** Opaque data structure that holds a keypair consisting of a secret and a
-     *  public key.
-     *
-     *  The exact representation of data inside is implementation defined and not
-     *  guaranteed to be portable between different platforms or versions. It is
-     *  however guaranteed to be 96 bytes in size, and can be safely copied/moved.
-     */
-    typedef struct {
-        unsigned char data[96];
-    } secp256k1_keypair;
-
-    /** Parse a 32-byte sequence into a xonly_pubkey object.
-     *
-     *  Returns: 1 if the public key was fully valid.
-     *           0 if the public key could not be parsed or is invalid.
-     *
-     *  Args:   ctx: pointer to a context object.
-     *  Out: pubkey: pointer to a pubkey object. If 1 is returned, it is set to a
-     *               parsed version of input. If not, it's set to an invalid value.
-     *  In: input32: pointer to a serialized xonly_pubkey.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_parse(
-        const secp256k1_context* ctx,
-        secp256k1_xonly_pubkey* pubkey,
-        const unsigned char* input32
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
-
-    /** Serialize an xonly_pubkey object into a 32-byte sequence.
-     *
-     *  Returns: 1 always.
-     *
-     *  Args:     ctx: pointer to a context object.
-     *  Out: output32: pointer to a 32-byte array to place the serialized key in.
-     *  In:    pubkey: pointer to a secp256k1_xonly_pubkey containing an initialized public key.
-     */
-    SECP256K1_API int secp256k1_xonly_pubkey_serialize(
-        const secp256k1_context* ctx,
-        unsigned char* output32,
-        const secp256k1_xonly_pubkey* pubkey
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
-
-    /** Compare two x-only public keys using lexicographic order
-     *
-     *  Returns: <0 if the first public key is less than the second
-     *           >0 if the first public key is greater than the second
-     *           0 if the two public keys are equal
-     *  Args: ctx:      pointer to a context object.
-     *  In:   pubkey1:  first public key to compare
-     *        pubkey2:  second public key to compare
-     */
-    SECP256K1_API int secp256k1_xonly_pubkey_cmp(
-        const secp256k1_context* ctx,
-        const secp256k1_xonly_pubkey* pk1,
-        const secp256k1_xonly_pubkey* pk2
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
-
-    /** Converts a secp256k1_pubkey into a secp256k1_xonly_pubkey.
-     *
-     *  Returns: 1 always.
-     *
-     *  Args:         ctx: pointer to a context object.
-     *  Out: xonly_pubkey: pointer to an x-only public key object for placing the converted public key.
-     *          pk_parity: Ignored if NULL. Otherwise, pointer to an integer that
-     *                     will be set to 1 if the point encoded by xonly_pubkey is
-     *                     the negation of the pubkey and set to 0 otherwise.
-     *  In:        pubkey: pointer to a public key that is converted.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_from_pubkey(
-        const secp256k1_context* ctx,
-        secp256k1_xonly_pubkey* xonly_pubkey,
-        int* pk_parity,
-        const secp256k1_pubkey* pubkey
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4);
-
-    /** Tweak an x-only public key by adding the generator multiplied with tweak32
-     *  to it.
-     *
-     *  Note that the resulting point can not in general be represented by an x-only
-     *  pubkey because it may have an odd Y coordinate. Instead, the output_pubkey
-     *  is a normal secp256k1_pubkey.
-     *
-     *  Returns: 0 if the arguments are invalid or the resulting public key would be
-     *           invalid (only when the tweak is the negation of the corresponding
-     *           secret key). 1 otherwise.
-     *
-     *  Args:           ctx: pointer to a context object.
-     *  Out:  output_pubkey: pointer to a public key to store the result. Will be set
-     *                       to an invalid value if this function returns 0.
-     *  In: internal_pubkey: pointer to an x-only pubkey to apply the tweak to.
-     *              tweak32: pointer to a 32-byte tweak, which must be valid
-     *                       according to secp256k1_ec_seckey_verify or 32 zero
-     *                       bytes. For uniformly random 32-byte tweaks, the chance of
-     *                       being invalid is negligible (around 1 in 2^128).
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add(
-        const secp256k1_context* ctx,
-        secp256k1_pubkey* output_pubkey,
-        const secp256k1_xonly_pubkey* internal_pubkey,
-        const unsigned char* tweak32
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
-
-    /** Checks that a tweaked pubkey is the result of calling
-     *  secp256k1_xonly_pubkey_tweak_add with internal_pubkey and tweak32.
-     *
-     *  The tweaked pubkey is represented by its 32-byte x-only serialization and
-     *  its pk_parity, which can both be obtained by converting the result of
-     *  tweak_add to a secp256k1_xonly_pubkey.
-     *
-     *  Note that this alone does _not_ verify that the tweaked pubkey is a
-     *  commitment. If the tweak is not chosen in a specific way, the tweaked pubkey
-     *  can easily be the result of a different internal_pubkey and tweak.
-     *
-     *  Returns: 0 if the arguments are invalid or the tweaked pubkey is not the
-     *           result of tweaking the internal_pubkey with tweak32. 1 otherwise.
-     *  Args:            ctx: pointer to a context object.
-     *  In: tweaked_pubkey32: pointer to a serialized xonly_pubkey.
-     *     tweaked_pk_parity: the parity of the tweaked pubkey (whose serialization
-     *                        is passed in as tweaked_pubkey32). This must match the
-     *                        pk_parity value that is returned when calling
-     *                        secp256k1_xonly_pubkey with the tweaked pubkey, or
-     *                        this function will fail.
-     *       internal_pubkey: pointer to an x-only public key object to apply the tweak to.
-     *               tweak32: pointer to a 32-byte tweak.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add_check(
-        const secp256k1_context* ctx,
-        const unsigned char* tweaked_pubkey32,
-        int tweaked_pk_parity,
-        const secp256k1_xonly_pubkey* internal_pubkey,
-        const unsigned char* tweak32
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5);
-
-    /** Compute the keypair for a secret key.
-     *
-     *  Returns: 1: secret was valid, keypair is ready to use
-     *           0: secret was invalid, try again with a different secret
-     *  Args:    ctx: pointer to a context object (not secp256k1_context_static).
-     *  Out: keypair: pointer to the created keypair.
-     *  In:   seckey: pointer to a 32-byte secret key.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_create(
-        const secp256k1_context* ctx,
-        secp256k1_keypair* keypair,
-        const unsigned char* seckey
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
-
-    /** Get the secret key from a keypair.
-     *
-     *  Returns: 1 always.
-     *  Args:   ctx: pointer to a context object.
-     *  Out: seckey: pointer to a 32-byte buffer for the secret key.
-     *  In: keypair: pointer to a keypair.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_sec(
-        const secp256k1_context* ctx,
-        unsigned char* seckey,
-        const secp256k1_keypair* keypair
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
-
-    /** Get the public key from a keypair.
-     *
-     *  Returns: 1 always.
-     *  Args:   ctx: pointer to a context object.
-     *  Out: pubkey: pointer to a pubkey object, set to the keypair public key.
-     *  In: keypair: pointer to a keypair.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_pub(
-        const secp256k1_context* ctx,
-        secp256k1_pubkey* pubkey,
-        const secp256k1_keypair* keypair
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
-
-    /** Get the x-only public key from a keypair.
-     *
-     *  This is the same as calling secp256k1_keypair_pub and then
-     *  secp256k1_xonly_pubkey_from_pubkey.
-     *
-     *  Returns: 1 always.
-     *  Args:   ctx: pointer to a context object.
-     *  Out: pubkey: pointer to an xonly_pubkey object, set to the keypair
-     *               public key after converting it to an xonly_pubkey.
-     *    pk_parity: Ignored if NULL. Otherwise, pointer to an integer that will be set to the
-     *               pk_parity argument of secp256k1_xonly_pubkey_from_pubkey.
-     *  In: keypair: pointer to a keypair.
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_pub(
-        const secp256k1_context* ctx,
-        secp256k1_xonly_pubkey* pubkey,
-        int* pk_parity,
-        const secp256k1_keypair* keypair
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4);
-
-    /** Tweak a keypair by adding tweak32 to the secret key and updating the public
-     *  key accordingly.
-     *
-     *  Calling this function and then secp256k1_keypair_pub results in the same
-     *  public key as calling secp256k1_keypair_xonly_pub and then
-     *  secp256k1_xonly_pubkey_tweak_add.
-     *
-     *  Returns: 0 if the arguments are invalid or the resulting keypair would be
-     *           invalid (only when the tweak is the negation of the keypair's
-     *           secret key). 1 otherwise.
-     *
-     *  Args:       ctx: pointer to a context object.
-     *  In/Out: keypair: pointer to a keypair to apply the tweak to. Will be set to
-     *                   an invalid value if this function returns 0.
-     *  In:     tweak32: pointer to a 32-byte tweak, which must be valid according to
-     *                   secp256k1_ec_seckey_verify or 32 zero bytes. For uniformly
-     *                   random 32-byte tweaks, the chance of being invalid is
-     *                   negligible (around 1 in 2^128).
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_tweak_add(
-        const secp256k1_context* ctx,
-        secp256k1_keypair* keypair,
-        const unsigned char* tweak32
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+/** Opaque data structure that holds a parsed and valid "x-only" public key.
+ *  An x-only pubkey encodes a point whose Y coordinate is even. It is
+ *  serialized using only its X coordinate (32 bytes). See BIP-340 for more
+ *  information about x-only pubkeys.
+ *
+ *  The exact representation of data inside is implementation defined and not
+ *  guaranteed to be portable between different platforms or versions. It is
+ *  however guaranteed to be 64 bytes in size, and can be safely copied/moved.
+ *  If you need to convert to a format suitable for storage, transmission, use
+ *  use secp256k1_xonly_pubkey_serialize and secp256k1_xonly_pubkey_parse. To
+ *  compare keys, use secp256k1_xonly_pubkey_cmp.
+ */
+typedef struct {
+    unsigned char data[64];
+} secp256k1_xonly_pubkey;
+
+/** Opaque data structure that holds a keypair consisting of a secret and a
+ *  public key.
+ *
+ *  The exact representation of data inside is implementation defined and not
+ *  guaranteed to be portable between different platforms or versions. It is
+ *  however guaranteed to be 96 bytes in size, and can be safely copied/moved.
+ */
+typedef struct {
+    unsigned char data[96];
+} secp256k1_keypair;
+
+/** Parse a 32-byte sequence into a xonly_pubkey object.
+ *
+ *  Returns: 1 if the public key was fully valid.
+ *           0 if the public key could not be parsed or is invalid.
+ *
+ *  Args:   ctx: pointer to a context object.
+ *  Out: pubkey: pointer to a pubkey object. If 1 is returned, it is set to a
+ *               parsed version of input. If not, it's set to an invalid value.
+ *  In: input32: pointer to a serialized xonly_pubkey.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_parse(
+    const secp256k1_context *ctx,
+    secp256k1_xonly_pubkey *pubkey,
+    const unsigned char *input32
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Serialize an xonly_pubkey object into a 32-byte sequence.
+ *
+ *  Returns: 1 always.
+ *
+ *  Args:     ctx: pointer to a context object.
+ *  Out: output32: pointer to a 32-byte array to place the serialized key in.
+ *  In:    pubkey: pointer to a secp256k1_xonly_pubkey containing an initialized public key.
+ */
+SECP256K1_API int secp256k1_xonly_pubkey_serialize(
+    const secp256k1_context *ctx,
+    unsigned char *output32,
+    const secp256k1_xonly_pubkey *pubkey
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Compare two x-only public keys using lexicographic order
+ *
+ *  Returns: <0 if the first public key is less than the second
+ *           >0 if the first public key is greater than the second
+ *           0 if the two public keys are equal
+ *  Args: ctx:      pointer to a context object.
+ *  In:   pubkey1:  first public key to compare
+ *        pubkey2:  second public key to compare
+ */
+SECP256K1_API int secp256k1_xonly_pubkey_cmp(
+    const secp256k1_context *ctx,
+    const secp256k1_xonly_pubkey *pk1,
+    const secp256k1_xonly_pubkey *pk2
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Converts a secp256k1_pubkey into a secp256k1_xonly_pubkey.
+ *
+ *  Returns: 1 always.
+ *
+ *  Args:         ctx: pointer to a context object.
+ *  Out: xonly_pubkey: pointer to an x-only public key object for placing the converted public key.
+ *          pk_parity: Ignored if NULL. Otherwise, pointer to an integer that
+ *                     will be set to 1 if the point encoded by xonly_pubkey is
+ *                     the negation of the pubkey and set to 0 otherwise.
+ *  In:        pubkey: pointer to a public key that is converted.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_from_pubkey(
+    const secp256k1_context *ctx,
+    secp256k1_xonly_pubkey *xonly_pubkey,
+    int *pk_parity,
+    const secp256k1_pubkey *pubkey
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4);
+
+/** Tweak an x-only public key by adding the generator multiplied with tweak32
+ *  to it.
+ *
+ *  Note that the resulting point can not in general be represented by an x-only
+ *  pubkey because it may have an odd Y coordinate. Instead, the output_pubkey
+ *  is a normal secp256k1_pubkey.
+ *
+ *  Returns: 0 if the arguments are invalid or the resulting public key would be
+ *           invalid (only when the tweak is the negation of the corresponding
+ *           secret key). 1 otherwise.
+ *
+ *  Args:           ctx: pointer to a context object.
+ *  Out:  output_pubkey: pointer to a public key to store the result. Will be set
+ *                       to an invalid value if this function returns 0.
+ *  In: internal_pubkey: pointer to an x-only pubkey to apply the tweak to.
+ *              tweak32: pointer to a 32-byte tweak, which must be valid
+ *                       according to secp256k1_ec_seckey_verify or 32 zero
+ *                       bytes. For uniformly random 32-byte tweaks, the chance of
+ *                       being invalid is negligible (around 1 in 2^128).
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add(
+    const secp256k1_context *ctx,
+    secp256k1_pubkey *output_pubkey,
+    const secp256k1_xonly_pubkey *internal_pubkey,
+    const unsigned char *tweak32
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
+
+/** Checks that a tweaked pubkey is the result of calling
+ *  secp256k1_xonly_pubkey_tweak_add with internal_pubkey and tweak32.
+ *
+ *  The tweaked pubkey is represented by its 32-byte x-only serialization and
+ *  its pk_parity, which can both be obtained by converting the result of
+ *  tweak_add to a secp256k1_xonly_pubkey.
+ *
+ *  Note that this alone does _not_ verify that the tweaked pubkey is a
+ *  commitment. If the tweak is not chosen in a specific way, the tweaked pubkey
+ *  can easily be the result of a different internal_pubkey and tweak.
+ *
+ *  Returns: 0 if the arguments are invalid or the tweaked pubkey is not the
+ *           result of tweaking the internal_pubkey with tweak32. 1 otherwise.
+ *  Args:            ctx: pointer to a context object.
+ *  In: tweaked_pubkey32: pointer to a serialized xonly_pubkey.
+ *     tweaked_pk_parity: the parity of the tweaked pubkey (whose serialization
+ *                        is passed in as tweaked_pubkey32). This must match the
+ *                        pk_parity value that is returned when calling
+ *                        secp256k1_xonly_pubkey with the tweaked pubkey, or
+ *                        this function will fail.
+ *       internal_pubkey: pointer to an x-only public key object to apply the tweak to.
+ *               tweak32: pointer to a 32-byte tweak.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add_check(
+    const secp256k1_context *ctx,
+    const unsigned char *tweaked_pubkey32,
+    int tweaked_pk_parity,
+    const secp256k1_xonly_pubkey *internal_pubkey,
+    const unsigned char *tweak32
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5);
+
+/** Compute the keypair for a secret key.
+ *
+ *  Returns: 1: secret was valid, keypair is ready to use
+ *           0: secret was invalid, try again with a different secret
+ *  Args:    ctx: pointer to a context object (not secp256k1_context_static).
+ *  Out: keypair: pointer to the created keypair.
+ *  In:   seckey: pointer to a 32-byte secret key.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_create(
+    const secp256k1_context *ctx,
+    secp256k1_keypair *keypair,
+    const unsigned char *seckey
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Get the secret key from a keypair.
+ *
+ *  Returns: 1 always.
+ *  Args:   ctx: pointer to a context object.
+ *  Out: seckey: pointer to a 32-byte buffer for the secret key.
+ *  In: keypair: pointer to a keypair.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_sec(
+    const secp256k1_context *ctx,
+    unsigned char *seckey,
+    const secp256k1_keypair *keypair
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Get the public key from a keypair.
+ *
+ *  Returns: 1 always.
+ *  Args:   ctx: pointer to a context object.
+ *  Out: pubkey: pointer to a pubkey object, set to the keypair public key.
+ *  In: keypair: pointer to a keypair.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_pub(
+    const secp256k1_context *ctx,
+    secp256k1_pubkey *pubkey,
+    const secp256k1_keypair *keypair
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Get the x-only public key from a keypair.
+ *
+ *  This is the same as calling secp256k1_keypair_pub and then
+ *  secp256k1_xonly_pubkey_from_pubkey.
+ *
+ *  Returns: 1 always.
+ *  Args:   ctx: pointer to a context object.
+ *  Out: pubkey: pointer to an xonly_pubkey object, set to the keypair
+ *               public key after converting it to an xonly_pubkey.
+ *    pk_parity: Ignored if NULL. Otherwise, pointer to an integer that will be set to the
+ *               pk_parity argument of secp256k1_xonly_pubkey_from_pubkey.
+ *  In: keypair: pointer to a keypair.
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_pub(
+    const secp256k1_context *ctx,
+    secp256k1_xonly_pubkey *pubkey,
+    int *pk_parity,
+    const secp256k1_keypair *keypair
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4);
+
+/** Tweak a keypair by adding tweak32 to the secret key and updating the public
+ *  key accordingly.
+ *
+ *  Calling this function and then secp256k1_keypair_pub results in the same
+ *  public key as calling secp256k1_keypair_xonly_pub and then
+ *  secp256k1_xonly_pubkey_tweak_add.
+ *
+ *  Returns: 0 if the arguments are invalid or the resulting keypair would be
+ *           invalid (only when the tweak is the negation of the keypair's
+ *           secret key). 1 otherwise.
+ *
+ *  Args:       ctx: pointer to a context object.
+ *  In/Out: keypair: pointer to a keypair to apply the tweak to. Will be set to
+ *                   an invalid value if this function returns 0.
+ *  In:     tweak32: pointer to a 32-byte tweak, which must be valid according to
+ *                   secp256k1_ec_seckey_verify or 32 zero bytes. For uniformly
+ *                   random 32-byte tweaks, the chance of being invalid is
+ *                   negligible (around 1 in 2^128).
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_tweak_add(
+    const secp256k1_context *ctx,
+    secp256k1_keypair *keypair,
+    const unsigned char *tweak32
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
 
 #ifdef __cplusplus
 }
 #endif
 
-#endif /* SECP256K1_EXTRAKEYS_H */
\ No newline at end of file
+#endif /* SECP256K1_EXTRAKEYS_H */
diff --git a/vendor/secp256k1/include/secp256k1/secp256k1_preallocated.h b/vendor/secp256k1/include/secp256k1/secp256k1_preallocated.h
new file mode 100644
index 0000000..f2d95c2
--- /dev/null
+++ b/vendor/secp256k1/include/secp256k1/secp256k1_preallocated.h
@@ -0,0 +1,134 @@
+#ifndef SECP256K1_PREALLOCATED_H
+#define SECP256K1_PREALLOCATED_H
+
+#include "secp256k1.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* The module provided by this header file is intended for settings in which it
+ * is not possible or desirable to rely on dynamic memory allocation. It provides
+ * functions for creating, cloning, and destroying secp256k1 context objects in a
+ * contiguous fixed-size block of memory provided by the caller.
+ *
+ * Context objects created by functions in this module can be used like contexts
+ * objects created by functions in secp256k1.h, i.e., they can be passed to any
+ * API function that expects a context object (see secp256k1.h for details). The
+ * only exception is that context objects created by functions in this module
+ * must be destroyed using secp256k1_context_preallocated_destroy (in this
+ * module) instead of secp256k1_context_destroy (in secp256k1.h).
+ *
+ * It is guaranteed that functions in this module will not call malloc or its
+ * friends realloc, calloc, and free.
+ */
+
+/** Determine the memory size of a secp256k1 context object to be created in
+ *  caller-provided memory.
+ *
+ *  The purpose of this function is to determine how much memory must be provided
+ *  to secp256k1_context_preallocated_create.
+ *
+ *  Returns: the required size of the caller-provided memory block
+ *  In:      flags:    which parts of the context to initialize.
+ */
+SECP256K1_API size_t secp256k1_context_preallocated_size(
+    unsigned int flags
+) SECP256K1_WARN_UNUSED_RESULT;
+
+/** Create a secp256k1 context object in caller-provided memory.
+ *
+ *  The caller must provide a pointer to a rewritable contiguous block of memory
+ *  of size at least secp256k1_context_preallocated_size(flags) bytes, suitably
+ *  aligned to hold an object of any type.
+ *
+ *  The block of memory is exclusively owned by the created context object during
+ *  the lifetime of this context object, which begins with the call to this
+ *  function and ends when a call to secp256k1_context_preallocated_destroy
+ *  (which destroys the context object again) returns. During the lifetime of the
+ *  context object, the caller is obligated not to access this block of memory,
+ *  i.e., the caller may not read or write the memory, e.g., by copying the memory
+ *  contents to a different location or trying to create a second context object
+ *  in the memory. In simpler words, the prealloc pointer (or any pointer derived
+ *  from it) should not be used during the lifetime of the context object.
+ *
+ *  Returns: pointer to newly created context object.
+ *  In:      prealloc: pointer to a rewritable contiguous block of memory of
+ *                     size at least secp256k1_context_preallocated_size(flags)
+ *                     bytes, as detailed above.
+ *           flags:    which parts of the context to initialize.
+ *
+ *  See secp256k1_context_create (in secp256k1.h) for further details.
+ *
+ *  See also secp256k1_context_randomize (in secp256k1.h)
+ *  and secp256k1_context_preallocated_destroy.
+ */
+SECP256K1_API secp256k1_context *secp256k1_context_preallocated_create(
+    void *prealloc,
+    unsigned int flags
+) SECP256K1_ARG_NONNULL(1) SECP256K1_WARN_UNUSED_RESULT;
+
+/** Determine the memory size of a secp256k1 context object to be copied into
+ *  caller-provided memory.
+ *
+ *  Returns: the required size of the caller-provided memory block.
+ *  In:      ctx: pointer to a context to copy.
+ */
+SECP256K1_API size_t secp256k1_context_preallocated_clone_size(
+    const secp256k1_context *ctx
+) SECP256K1_ARG_NONNULL(1) SECP256K1_WARN_UNUSED_RESULT;
+
+/** Copy a secp256k1 context object into caller-provided memory.
+ *
+ *  The caller must provide a pointer to a rewritable contiguous block of memory
+ *  of size at least secp256k1_context_preallocated_size(flags) bytes, suitably
+ *  aligned to hold an object of any type.
+ *
+ *  The block of memory is exclusively owned by the created context object during
+ *  the lifetime of this context object, see the description of
+ *  secp256k1_context_preallocated_create for details.
+ *
+ *  Cloning secp256k1_context_static is not possible, and should not be emulated by
+ *  the caller (e.g., using memcpy). Create a new context instead.
+ *
+ *  Returns: pointer to a newly created context object.
+ *  Args:    ctx:      pointer to a context to copy (not secp256k1_context_static).
+ *  In:      prealloc: pointer to a rewritable contiguous block of memory of
+ *                     size at least secp256k1_context_preallocated_size(flags)
+ *                     bytes, as detailed above.
+ */
+SECP256K1_API secp256k1_context *secp256k1_context_preallocated_clone(
+    const secp256k1_context *ctx,
+    void *prealloc
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_WARN_UNUSED_RESULT;
+
+/** Destroy a secp256k1 context object that has been created in
+ *  caller-provided memory.
+ *
+ *  The context pointer may not be used afterwards.
+ *
+ *  The context to destroy must have been created using
+ *  secp256k1_context_preallocated_create or secp256k1_context_preallocated_clone.
+ *  If the context has instead been created using secp256k1_context_create or
+ *  secp256k1_context_clone, the behaviour is undefined. In that case,
+ *  secp256k1_context_destroy must be used instead.
+ *
+ *  If required, it is the responsibility of the caller to deallocate the block
+ *  of memory properly after this function returns, e.g., by calling free on the
+ *  preallocated pointer given to secp256k1_context_preallocated_create or
+ *  secp256k1_context_preallocated_clone.
+ *
+ *  Args:   ctx: pointer to a context to destroy, constructed using
+ *               secp256k1_context_preallocated_create or
+ *               secp256k1_context_preallocated_clone
+ *               (i.e., not secp256k1_context_static).
+ */
+SECP256K1_API void secp256k1_context_preallocated_destroy(
+    secp256k1_context *ctx
+) SECP256K1_ARG_NONNULL(1);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* SECP256K1_PREALLOCATED_H */
diff --git a/vendor/secp256k1/include/secp256k1/secp256k1_schnorrsig.h b/vendor/secp256k1/include/secp256k1/secp256k1_schnorrsig.h
index 5c338f4..23163de 100644
--- a/vendor/secp256k1/include/secp256k1/secp256k1_schnorrsig.h
+++ b/vendor/secp256k1/include/secp256k1/secp256k1_schnorrsig.h
@@ -8,82 +8,82 @@
 extern "C" {
 #endif
 
-    /** This module implements a variant of Schnorr signatures compliant with
-     *  Bitcoin Improvement Proposal 340 "Schnorr Signatures for secp256k1"
-     *  (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).
-     */
+/** This module implements a variant of Schnorr signatures compliant with
+ *  Bitcoin Improvement Proposal 340 "Schnorr Signatures for secp256k1"
+ *  (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).
+ */
 
-     /** A pointer to a function to deterministically generate a nonce.
-      *
-      *  Same as secp256k1_nonce function with the exception of accepting an
-      *  additional pubkey argument and not requiring an attempt argument. The pubkey
-      *  argument can protect signature schemes with key-prefixed challenge hash
-      *  inputs against reusing the nonce when signing with the wrong precomputed
-      *  pubkey.
-      *
-      *  Returns: 1 if a nonce was successfully generated. 0 will cause signing to
-      *           return an error.
-      *  Out:  nonce32: pointer to a 32-byte array to be filled by the function
-      *  In:       msg: the message being verified. Is NULL if and only if msglen
-      *                 is 0.
-      *         msglen: the length of the message
-      *          key32: pointer to a 32-byte secret key (will not be NULL)
-      *     xonly_pk32: the 32-byte serialized xonly pubkey corresponding to key32
-      *                 (will not be NULL)
-      *           algo: pointer to an array describing the signature
-      *                 algorithm (will not be NULL)
-      *        algolen: the length of the algo array
-      *           data: arbitrary data pointer that is passed through
-      *
-      *  Except for test cases, this function should compute some cryptographic hash of
-      *  the message, the key, the pubkey, the algorithm description, and data.
-      */
-    typedef int (*secp256k1_nonce_function_hardened)(
-        unsigned char* nonce32,
-        const unsigned char* msg,
-        size_t msglen,
-        const unsigned char* key32,
-        const unsigned char* xonly_pk32,
-        const unsigned char* algo,
-        size_t algolen,
-        void* data
-        );
+/** A pointer to a function to deterministically generate a nonce.
+ *
+ *  Same as secp256k1_nonce function with the exception of accepting an
+ *  additional pubkey argument and not requiring an attempt argument. The pubkey
+ *  argument can protect signature schemes with key-prefixed challenge hash
+ *  inputs against reusing the nonce when signing with the wrong precomputed
+ *  pubkey.
+ *
+ *  Returns: 1 if a nonce was successfully generated. 0 will cause signing to
+ *           return an error.
+ *  Out:  nonce32: pointer to a 32-byte array to be filled by the function
+ *  In:       msg: the message being verified. Is NULL if and only if msglen
+ *                 is 0.
+ *         msglen: the length of the message
+ *          key32: pointer to a 32-byte secret key (will not be NULL)
+ *     xonly_pk32: the 32-byte serialized xonly pubkey corresponding to key32
+ *                 (will not be NULL)
+ *           algo: pointer to an array describing the signature
+ *                 algorithm (will not be NULL)
+ *        algolen: the length of the algo array
+ *           data: arbitrary data pointer that is passed through
+ *
+ *  Except for test cases, this function should compute some cryptographic hash of
+ *  the message, the key, the pubkey, the algorithm description, and data.
+ */
+typedef int (*secp256k1_nonce_function_hardened)(
+    unsigned char *nonce32,
+    const unsigned char *msg,
+    size_t msglen,
+    const unsigned char *key32,
+    const unsigned char *xonly_pk32,
+    const unsigned char *algo,
+    size_t algolen,
+    void *data
+);
 
-    /** An implementation of the nonce generation function as defined in Bitcoin
-     *  Improvement Proposal 340 "Schnorr Signatures for secp256k1"
-     *  (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).
-     *
-     *  If a data pointer is passed, it is assumed to be a pointer to 32 bytes of
-     *  auxiliary random data as defined in BIP-340. If the data pointer is NULL,
-     *  the nonce derivation procedure follows BIP-340 by setting the auxiliary
-     *  random data to zero. The algo argument must be non-NULL, otherwise the
-     *  function will fail and return 0. The hash will be tagged with algo.
-     *  Therefore, to create BIP-340 compliant signatures, algo must be set to
-     *  "BIP0340/nonce" and algolen to 13.
-     */
-    SECP256K1_API const secp256k1_nonce_function_hardened secp256k1_nonce_function_bip340;
+/** An implementation of the nonce generation function as defined in Bitcoin
+ *  Improvement Proposal 340 "Schnorr Signatures for secp256k1"
+ *  (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).
+ *
+ *  If a data pointer is passed, it is assumed to be a pointer to 32 bytes of
+ *  auxiliary random data as defined in BIP-340. If the data pointer is NULL,
+ *  the nonce derivation procedure follows BIP-340 by setting the auxiliary
+ *  random data to zero. The algo argument must be non-NULL, otherwise the
+ *  function will fail and return 0. The hash will be tagged with algo.
+ *  Therefore, to create BIP-340 compliant signatures, algo must be set to
+ *  "BIP0340/nonce" and algolen to 13.
+ */
+SECP256K1_API const secp256k1_nonce_function_hardened secp256k1_nonce_function_bip340;
 
-    /** Data structure that contains additional arguments for schnorrsig_sign_custom.
-     *
-     *  A schnorrsig_extraparams structure object can be initialized correctly by
-     *  setting it to SECP256K1_SCHNORRSIG_EXTRAPARAMS_INIT.
-     *
-     *  Members:
-     *      magic: set to SECP256K1_SCHNORRSIG_EXTRAPARAMS_MAGIC at initialization
-     *             and has no other function than making sure the object is
-     *             initialized.
-     *    noncefp: pointer to a nonce generation function. If NULL,
-     *             secp256k1_nonce_function_bip340 is used
-     *      ndata: pointer to arbitrary data used by the nonce generation function
-     *             (can be NULL). If it is non-NULL and
-     *             secp256k1_nonce_function_bip340 is used, then ndata must be a
-     *             pointer to 32-byte auxiliary randomness as per BIP-340.
-     */
-    typedef struct {
-        unsigned char magic[4];
-        secp256k1_nonce_function_hardened noncefp;
-        void* ndata;
-    } secp256k1_schnorrsig_extraparams;
+/** Data structure that contains additional arguments for schnorrsig_sign_custom.
+ *
+ *  A schnorrsig_extraparams structure object can be initialized correctly by
+ *  setting it to SECP256K1_SCHNORRSIG_EXTRAPARAMS_INIT.
+ *
+ *  Members:
+ *      magic: set to SECP256K1_SCHNORRSIG_EXTRAPARAMS_MAGIC at initialization
+ *             and has no other function than making sure the object is
+ *             initialized.
+ *    noncefp: pointer to a nonce generation function. If NULL,
+ *             secp256k1_nonce_function_bip340 is used
+ *      ndata: pointer to arbitrary data used by the nonce generation function
+ *             (can be NULL). If it is non-NULL and
+ *             secp256k1_nonce_function_bip340 is used, then ndata must be a
+ *             pointer to 32-byte auxiliary randomness as per BIP-340.
+ */
+typedef struct {
+    unsigned char magic[4];
+    secp256k1_nonce_function_hardened noncefp;
+    void *ndata;
+} secp256k1_schnorrsig_extraparams;
 
 #define SECP256K1_SCHNORRSIG_EXTRAPARAMS_MAGIC { 0xda, 0x6f, 0xb3, 0x8c }
 #define SECP256K1_SCHNORRSIG_EXTRAPARAMS_INIT {\
@@ -92,96 +92,96 @@ extern "C" {
     NULL\
 }
 
-    /** Create a Schnorr signature.
-     *
-     *  Does _not_ strictly follow BIP-340 because it does not verify the resulting
-     *  signature. Instead, you can manually use secp256k1_schnorrsig_verify and
-     *  abort if it fails.
-     *
-     *  This function only signs 32-byte messages. If you have messages of a
-     *  different size (or the same size but without a context-specific tag
-     *  prefix), it is recommended to create a 32-byte message hash with
-     *  secp256k1_tagged_sha256 and then sign the hash. Tagged hashing allows
-     *  providing an context-specific tag for domain separation. This prevents
-     *  signatures from being valid in multiple contexts by accident.
-     *
-     *  Returns 1 on success, 0 on failure.
-     *  Args:    ctx: pointer to a context object (not secp256k1_context_static).
-     *  Out:   sig64: pointer to a 64-byte array to store the serialized signature.
-     *  In:    msg32: the 32-byte message being signed.
-     *       keypair: pointer to an initialized keypair.
-     *    aux_rand32: 32 bytes of fresh randomness. While recommended to provide
-     *                this, it is only supplemental to security and can be NULL. A
-     *                NULL argument is treated the same as an all-zero one. See
-     *                BIP-340 "Default Signing" for a full explanation of this
-     *                argument and for guidance if randomness is expensive.
-     */
-    SECP256K1_API int secp256k1_schnorrsig_sign32(
-        const secp256k1_context* ctx,
-        unsigned char* sig64,
-        const unsigned char* msg32,
-        const secp256k1_keypair* keypair,
-        const unsigned char* aux_rand32
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
+/** Create a Schnorr signature.
+ *
+ *  Does _not_ strictly follow BIP-340 because it does not verify the resulting
+ *  signature. Instead, you can manually use secp256k1_schnorrsig_verify and
+ *  abort if it fails.
+ *
+ *  This function only signs 32-byte messages. If you have messages of a
+ *  different size (or the same size but without a context-specific tag
+ *  prefix), it is recommended to create a 32-byte message hash with
+ *  secp256k1_tagged_sha256 and then sign the hash. Tagged hashing allows
+ *  providing an context-specific tag for domain separation. This prevents
+ *  signatures from being valid in multiple contexts by accident.
+ *
+ *  Returns 1 on success, 0 on failure.
+ *  Args:    ctx: pointer to a context object (not secp256k1_context_static).
+ *  Out:   sig64: pointer to a 64-byte array to store the serialized signature.
+ *  In:    msg32: the 32-byte message being signed.
+ *       keypair: pointer to an initialized keypair.
+ *    aux_rand32: 32 bytes of fresh randomness. While recommended to provide
+ *                this, it is only supplemental to security and can be NULL. A
+ *                NULL argument is treated the same as an all-zero one. See
+ *                BIP-340 "Default Signing" for a full explanation of this
+ *                argument and for guidance if randomness is expensive.
+ */
+SECP256K1_API int secp256k1_schnorrsig_sign32(
+    const secp256k1_context *ctx,
+    unsigned char *sig64,
+    const unsigned char *msg32,
+    const secp256k1_keypair *keypair,
+    const unsigned char *aux_rand32
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
 
-    /** Same as secp256k1_schnorrsig_sign32, but DEPRECATED. Will be removed in
-     *  future versions. */
-    SECP256K1_API int secp256k1_schnorrsig_sign(
-        const secp256k1_context* ctx,
-        unsigned char* sig64,
-        const unsigned char* msg32,
-        const secp256k1_keypair* keypair,
-        const unsigned char* aux_rand32
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
-        SECP256K1_DEPRECATED("Use secp256k1_schnorrsig_sign32 instead");
+/** Same as secp256k1_schnorrsig_sign32, but DEPRECATED. Will be removed in
+ *  future versions. */
+SECP256K1_API int secp256k1_schnorrsig_sign(
+    const secp256k1_context *ctx,
+    unsigned char *sig64,
+    const unsigned char *msg32,
+    const secp256k1_keypair *keypair,
+    const unsigned char *aux_rand32
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
+  SECP256K1_DEPRECATED("Use secp256k1_schnorrsig_sign32 instead");
 
-    /** Create a Schnorr signature with a more flexible API.
-     *
-     *  Same arguments as secp256k1_schnorrsig_sign except that it allows signing
-     *  variable length messages and accepts a pointer to an extraparams object that
-     *  allows customizing signing by passing additional arguments.
-     *
-     *  Equivalent to secp256k1_schnorrsig_sign32(..., aux_rand32) if msglen is 32
-     *  and extraparams is initialized as follows:
-     *  ```
-     *  secp256k1_schnorrsig_extraparams extraparams = SECP256K1_SCHNORRSIG_EXTRAPARAMS_INIT;
-     *  extraparams.ndata = (unsigned char*)aux_rand32;
-     *  ```
-     *
-     *  Returns 1 on success, 0 on failure.
-     *  Args:   ctx: pointer to a context object (not secp256k1_context_static).
-     *  Out:  sig64: pointer to a 64-byte array to store the serialized signature.
-     *  In:     msg: the message being signed. Can only be NULL if msglen is 0.
-     *       msglen: length of the message.
-     *      keypair: pointer to an initialized keypair.
-     *  extraparams: pointer to an extraparams object (can be NULL).
-     */
-    SECP256K1_API int secp256k1_schnorrsig_sign_custom(
-        const secp256k1_context* ctx,
-        unsigned char* sig64,
-        const unsigned char* msg,
-        size_t msglen,
-        const secp256k1_keypair* keypair,
-        secp256k1_schnorrsig_extraparams* extraparams
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(5);
+/** Create a Schnorr signature with a more flexible API.
+ *
+ *  Same arguments as secp256k1_schnorrsig_sign except that it allows signing
+ *  variable length messages and accepts a pointer to an extraparams object that
+ *  allows customizing signing by passing additional arguments.
+ *
+ *  Equivalent to secp256k1_schnorrsig_sign32(..., aux_rand32) if msglen is 32
+ *  and extraparams is initialized as follows:
+ *  ```
+ *  secp256k1_schnorrsig_extraparams extraparams = SECP256K1_SCHNORRSIG_EXTRAPARAMS_INIT;
+ *  extraparams.ndata = (unsigned char*)aux_rand32;
+ *  ```
+ *
+ *  Returns 1 on success, 0 on failure.
+ *  Args:   ctx: pointer to a context object (not secp256k1_context_static).
+ *  Out:  sig64: pointer to a 64-byte array to store the serialized signature.
+ *  In:     msg: the message being signed. Can only be NULL if msglen is 0.
+ *       msglen: length of the message.
+ *      keypair: pointer to an initialized keypair.
+ *  extraparams: pointer to an extraparams object (can be NULL).
+ */
+SECP256K1_API int secp256k1_schnorrsig_sign_custom(
+    const secp256k1_context *ctx,
+    unsigned char *sig64,
+    const unsigned char *msg,
+    size_t msglen,
+    const secp256k1_keypair *keypair,
+    secp256k1_schnorrsig_extraparams *extraparams
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(5);
 
-    /** Verify a Schnorr signature.
-     *
-     *  Returns: 1: correct signature
-     *           0: incorrect signature
-     *  Args:    ctx: pointer to a context object.
-     *  In:    sig64: pointer to the 64-byte signature to verify.
-     *           msg: the message being verified. Can only be NULL if msglen is 0.
-     *        msglen: length of the message
-     *        pubkey: pointer to an x-only public key to verify with
-     */
-    SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_schnorrsig_verify(
-        const secp256k1_context* ctx,
-        const unsigned char* sig64,
-        const unsigned char* msg,
-        size_t msglen,
-        const secp256k1_xonly_pubkey* pubkey
-    ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(5);
+/** Verify a Schnorr signature.
+ *
+ *  Returns: 1: correct signature
+ *           0: incorrect signature
+ *  Args:    ctx: pointer to a context object.
+ *  In:    sig64: pointer to the 64-byte signature to verify.
+ *           msg: the message being verified. Can only be NULL if msglen is 0.
+ *        msglen: length of the message
+ *        pubkey: pointer to an x-only public key to verify with
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_schnorrsig_verify(
+    const secp256k1_context *ctx,
+    const unsigned char *sig64,
+    const unsigned char *msg,
+    size_t msglen,
+    const secp256k1_xonly_pubkey *pubkey
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(5);
 
 #ifdef __cplusplus
 }