RFC 8391, "XMSS: eXtended Merkle Signature Scheme", May 2018

Errata ID: 8382
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Alex J Malozemoff
Date Reported: 2025-04-16

Section 3.1.4 says:

Input: WOTS+ private key sk, address ADRS, seed SEED

It should say:

Input: WOTS+ private key sk, seed SEED, address ADRS

Notes:

When `WOTS_genPK` is called in `treeHash`, it is called as `WOTS_genPK (getWOTS_SK(SK, s + i), SEED, ADRS)`. By swapping the `SEED` and `ADRS` arguments in `WOTS_genPK` this aligns with the API change from Errata ID 5572.

Report New Errata