Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate to Rust #15

Draft
wants to merge 31 commits into
base: master
Choose a base branch
from
Draft
Changes from 1 commit
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
f763269
scalar
lollerfirst Dec 5, 2024
efdf34a
arithmetic and equality for Scalars
lollerfirst Dec 6, 2024
5e5e22a
trying modular inversion
lollerfirst Dec 6, 2024
922bb0f
fix arithmetic
lollerfirst Dec 7, 2024
6bbe139
fix const modular inversion
lollerfirst Dec 7, 2024
ddd4be7
modinv
lollerfirst Dec 7, 2024
a662fed
`GroupElement` + clone-less arithmetic
lollerfirst Dec 7, 2024
6f20af6
remove unused imports + cargo fmt
lollerfirst Dec 7, 2024
2fc3dc9
generators + hash_to_curve
lollerfirst Dec 8, 2024
4b1422d
generators
lollerfirst Dec 9, 2024
8a25b99
init models
lollerfirst Dec 14, 2024
27cd82f
MAC
lollerfirst Dec 14, 2024
8173a3e
more MAC
lollerfirst Dec 14, 2024
6af8631
typo
lollerfirst Dec 14, 2024
d7faa44
RandomizedCredentials
lollerfirst Dec 15, 2024
9660c34
AsRef for Scalar and GroupElement + adjustments.
lollerfirst Dec 15, 2024
b473715
`Coin` and `RandomizedCoin`
lollerfirst Dec 16, 2024
c232e5c
SchnorrProver + SchnorrVerifier + MerlinTranscripts + models
lollerfirst Dec 16, 2024
a719411
Merge remote-tracking branch 'origin/master' into rustify
lollerfirst Dec 16, 2024
29acd15
BootstrapStatement + IParamsStatement
lollerfirst Dec 16, 2024
93fe23b
iparamsproof
lollerfirst Dec 17, 2024
f4a425f
tests
lollerfirst Dec 17, 2024
cb73673
test_wrong_iparams
lollerfirst Dec 17, 2024
b904428
MacProof
lollerfirst Dec 17, 2024
ada652d
test mac proof
lollerfirst Dec 17, 2024
a56a220
test wrong mac
lollerfirst Dec 17, 2024
42712d7
balanceproof + `UnsignedCoin`
lollerfirst Dec 17, 2024
a83fa2e
test balance proof
lollerfirst Dec 18, 2024
83b7422
ScriptEqualityProof
lollerfirst Dec 18, 2024
d7e3fe2
script equality test
lollerfirst Dec 18, 2024
5dd68bf
Merge remote-tracking branch 'origin/master' into rustify
lollerfirst Dec 18, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
MAC
  • Loading branch information
lollerfirst committed Dec 14, 2024
commit 27cd82f018cae80a3cee84570eaae28a18bc6cff
41 changes: 21 additions & 20 deletions src/generators.rs
Original file line number Diff line number Diff line change
@@ -33,17 +33,18 @@ pub fn hash_to_curve(message: &[u8]) -> Result<GroupElement, Error> {
Err(Error::InvalidPoint)
}

#[allow(non_snake_case)]
pub struct Generators {
pub w: GroupElement,
pub w_: GroupElement,
pub x0: GroupElement,
pub x1: GroupElement,
pub gz_mac: GroupElement,
pub gz_attribute: GroupElement,
pub gz_script: GroupElement,
pub g_amount: GroupElement,
pub g_script: GroupElement,
pub g_blind: GroupElement,
pub W: GroupElement,
pub W_: GroupElement,
pub X0: GroupElement,
pub X1: GroupElement,
pub Gz_mac: GroupElement,
pub Gz_attribute: GroupElement,
pub Gz_script: GroupElement,
pub G_amount: GroupElement,
pub G_script: GroupElement,
pub G_blind: GroupElement,
}

impl Generators {
@@ -60,16 +61,16 @@ impl Generators {
let g_blind = hash_to_curve(b"G_blind").expect("Failed to hash to curve");

Generators {
w,
w_,
x0,
x1,
gz_mac,
gz_attribute,
gz_script,
g_amount,
g_script,
g_blind,
W: w,
W_: w_,
X0: x0,
X1: x1,
Gz_mac: gz_mac,
Gz_attribute: gz_attribute,
Gz_script: gz_script,
G_amount: g_amount,
G_script: g_script,
G_blind: g_blind,
}
}
}
140 changes: 117 additions & 23 deletions src/models.rs
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
use crate::{generators::GENERATORS, secp::{GroupElement, Scalar}};
use crate::{errors::Error, generators::{hash_to_curve, GENERATORS}, secp::{GroupElement, Scalar, GROUP_ELEMENT_ZERO}};
use bitcoin::hashes::sha256::Hash as Sha256Hash;
use bitcoin::hashes::Hash;

pub const RANGE_LIMIT: u64 = 32_u64;
pub const RANGE_LIMIT: u64 = std::u32::MAX as u64;

#[allow(non_snake_case)]
pub struct MintPrivateKey {
pub w: Scalar,
pub w_: Scalar,
@@ -13,8 +14,8 @@ pub struct MintPrivateKey {
pub ys: Scalar,

// Public parameters
pub cw: Option<GroupElement>,
pub i: Option<GroupElement>
pub Cw: Option<GroupElement>,
pub I: Option<GroupElement>
}

impl MintPrivateKey {
@@ -28,8 +29,8 @@ impl MintPrivateKey {
x1,
ya,
ys,
cw: None,
i: None,
Cw: None,
I: None,
}
}

@@ -38,28 +39,28 @@ impl MintPrivateKey {
}

pub fn pubkey(&mut self) -> Vec<GroupElement> {
if !self.cw.is_some() {
self.cw = Some(GENERATORS.w.clone()*&self.w + &(GENERATORS.w_.clone()*&self.w_));
if !self.Cw.is_some() {
self.Cw = Some(GENERATORS.W.clone()*&self.w + &(GENERATORS.W_.clone()*&self.w_));
}
if !self.i.is_some() {
self.i = Some(
GENERATORS.gz_mac.clone() - &(
GENERATORS.x0.clone()*&self.x0
if !self.I.is_some() {
self.I = Some(
GENERATORS.Gz_mac.clone() - &(
GENERATORS.X0.clone()*&self.x0
+ &(
GENERATORS.x1.clone()*&self.x1
GENERATORS.X1.clone()*&self.x1
+ &(
GENERATORS.gz_attribute.clone()*&self.ya
GENERATORS.Gz_attribute.clone()*&self.ya
+ &(
GENERATORS.gz_script.clone()*&self.ys
GENERATORS.Gz_script.clone()*&self.ys
)
)
)
)
);
}
vec![
self.cw.as_ref().expect("Expected Cw").clone(),
self.i.as_ref().expect("Expected I").clone(),
self.Cw.as_ref().expect("Expected Cw").clone(),
self.I.as_ref().expect("Expected I").clone(),
]
}
}
@@ -70,19 +71,112 @@ pub struct ZKP {
pub c: Scalar
}

#[allow(non_snake_case)]
pub struct ScriptAttribute {
r: Scalar,
s: Scalar,
pub r: Scalar,
pub s: Scalar,
Ms: Option<GroupElement>,
}

/*

impl ScriptAttribute {
pub fn new(script: &[u8], blinding_factor: Option<&[u8]>) -> Self {
pub fn new(script: &[u8], blinding_factor: Option<&[u8; 32]>) -> Self {
let s = Scalar::new(&Sha256Hash::hash(&script).to_byte_array());
if let b_factor = Some(blinding_factor) {
if let Some(b_factor) = blinding_factor {
let r = Scalar::new(b_factor);

ScriptAttribute { r: r, s: s, Ms: None }
} else {
let r = Scalar::random();

ScriptAttribute { r: r, s: s, Ms: None }
}
}

pub fn commitment(&mut self) -> GroupElement {
if !self.Ms.is_some() {
self.Ms = Some(
GENERATORS.G_script.clone() * &self.s + &(
GENERATORS.G_blind.clone() * &self.r
)
)
}
self.Ms.as_ref().expect("Couldn't get ScriptAttribute Commitment").clone()
}
}

#[allow(non_snake_case)]
pub struct AmountAttribute {
pub a: Scalar,
pub r: Scalar,
Ma: Option<GroupElement>,
}

impl AmountAttribute {
pub fn new(amount: u64, blinding_factor: Option<&[u8; 32]>) -> Self {
let a = Scalar::from(amount);
if let Some(b_factor) = blinding_factor {
let r = Scalar::new(b_factor);

AmountAttribute { r: r, a: a, Ma: None }
} else {
let r = Scalar::random();

AmountAttribute { r: r, a: a, Ma: None }
}
}

pub fn commitment(&mut self) -> GroupElement{
if !self.Ma.is_some() {
self.Ma = Some(
GENERATORS.G_script.clone() * &self.a + &(
GENERATORS.G_blind.clone() * &self.r
)
)
}
self.Ma.as_ref().expect("Couldn't get ScriptAttribute Commitment").clone()
}
}

#[allow(non_snake_case)]
pub struct MAC {
pub t: Scalar,
pub V: GroupElement,
}
*/

impl MAC {
#[allow(non_snake_case)]
pub fn generate(
privkey: &MintPrivateKey,
amount_commitment: &GroupElement,
script_commitment: Option<&GroupElement>,
t_tag: Option<&[u8; 32]>,
) -> Result<Self, Error> {
let t: Scalar;
if let Some(t_tag_bytes) = t_tag {
t = Scalar::new(t_tag_bytes);
} else {
t = Scalar::random();
}
let t_bytes: [u8; 32] = t.clone().into();
let U = hash_to_curve(&t_bytes)?;
let Ma = amount_commitment.clone();
let Ms: GroupElement;
if let Some(com) = script_commitment {
Ms = com.clone();
} else {
Ms = GroupElement::new(&GROUP_ELEMENT_ZERO);
}
let V =
GENERATORS.W.clone() * &privkey.w + &(
U.clone() * &privkey.x0 + &(
U.clone() * &(t.clone() * &privkey.x1) + &(
Ma * &(privkey.ya) + &(
Ms * &(privkey.ys)
)
)
)
);
Ok(MAC { t, V })
}
}
16 changes: 8 additions & 8 deletions src/secp.rs
Original file line number Diff line number Diff line change
@@ -318,14 +318,14 @@ impl Into<String> for Scalar {
impl From<u64> for Scalar {
fn from(value: u64) -> Self {
let mut bytes = [0u8; 32];
bytes[31] = (value >> 56) as u8;
bytes[30] = (value >> 48) as u8;
bytes[29] = (value >> 40) as u8;
bytes[28] = (value >> 32) as u8;
bytes[27] = (value >> 24) as u8;
bytes[26] = (value >> 16) as u8;
bytes[25] = (value >> 8) as u8;
bytes[24] = value as u8;
bytes[24] = (value >> 56) as u8;
bytes[25] = (value >> 48) as u8;
bytes[26] = (value >> 40) as u8;
bytes[27] = (value >> 32) as u8;
bytes[28] = (value >> 24) as u8;
bytes[29] = (value >> 16) as u8;
bytes[30] = (value >> 8) as u8;
bytes[31] = value as u8;
Scalar::new(&bytes)
}
}