Rating: 0

We're given the Python implementation for a server which implements a "bank" with cryptographic signatures, and a host/port for the server.
The server uses Schnorr signatures over an elliptic curve to verify messages. You can provide your own public key, then either provide a signed message for a DEPOSIT command (to deposit one "coin") or a multi-signed message for a WITHDRAW command which gives you a flag.
The multi-signed message must be signed with a combination of your key and the "bank manager"'s key; you get their public key.

**Full writeup:** [https://github.com/pwning/public-writeup/blob/master/rwctf2019/crypto_bank](https://github.com/pwning/public-writeup/blob/master/rwctf2019/crypto_bank)