Rating:
# signature-server
1. Convert the secret recovery to Hidden Number Problem(HNP)
2. Convert the HNP to Closest Vector Problem(CVP)
3. Convert the CVP to Shortest Vector Problem(SVP)
4. Solve the SVP by LLL and capture the flag!
May the third step is not necessary according to the paper, but I think it can simplify the code because the answer is just showed in the matrix after LLL:)
