From 4db7ac166800af50985547e9d80908fd9550b852 Mon Sep 17 00:00:00 2001
From: sowle <crypto.sowle@gmail.com>
Date: Tue, 25 Oct 2022 04:16:25 +0200
Subject: [PATCH] pos block builder: WIP

---
 src/crypto/zarcanum.cpp                |  2 ++
 src/wallet/wallet2.cpp                 |  7 +++--
 tests/core_tests/pos_block_builder.cpp | 41 +++++++++++++++++++++++---
 tests/core_tests/pos_block_builder.h   |  3 ++
 4 files changed, 46 insertions(+), 7 deletions(-)

diff --git a/src/crypto/zarcanum.cpp b/src/crypto/zarcanum.cpp
index 43f1620d..c1f58a9a 100644
--- a/src/crypto/zarcanum.cpp
+++ b/src/crypto/zarcanum.cpp
@@ -169,6 +169,8 @@ namespace crypto
   {
     bool r = false;
 
+    // TODO @#@#
+
     std::vector<point_t> E_for_range_proof = { point_t(sig.E) };
     std::vector<bppe_sig_commit_ref_t> range_proofs = { bppe_sig_commit_ref_t(sig.E_range_proof, E_for_range_proof) };
     CHECK_AND_FAIL_WITH_ERROR_IF_FALSE(bppe_verify<bpp_crypto_trait_zano<128>>(range_proofs), 10);
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 63b844dc..ba0f215a 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -3799,17 +3799,18 @@ bool wallet2::prepare_and_sign_pos_block(const mining_context& cxt, currency::bl
   }
   #endif
 
+  // calculate secret_x
   crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
   r = crypto::generate_key_derivation(source_tx_pub_key, m_account.get_keys().view_secret_key, derivation);
   WLT_CHECK_AND_ASSERT_MES(r, false, "generate_key_derivation failed, tid: " << pe.wallet_index << ", pe.tx_id: " << pe.tx_id);
   crypto::secret_key secret_x = AUTO_VAL_INIT(secret_x);
   crypto::derive_secret_key(derivation, pe.tx_out_index, m_account.get_keys().spend_secret_key, secret_x);
 
-  crypto::hash tx_hash_for_sig = get_transaction_hash(b.miner_tx); // TODO @#@# consider adding more input data to this hash
+  crypto::hash tx_hash_for_sig = get_transaction_hash(b.miner_tx); // TODO @#@# change to block hash
 
   uint8_t err = 0;
-  r = crypto::zarcanum_generate_proof(tx_hash_for_sig, cxt.kernel_hash, ring, cxt.last_pow_block_id_hashed, pe.keyimage,
-    secret_x, cxt.secret_q, secret_index, blinding_masks_sum, td.m_amount, *td.m_opt_blinding_mask,
+  r = crypto::zarcanum_generate_proof(tx_hash_for_sig, cxt.kernel_hash, ring, cxt.last_pow_block_id_hashed, cxt.sk.kimage,
+    secret_x, cxt.secret_q, secret_index, blinding_masks_sum, cxt.stake_amount, cxt.stake_out_blinding_mask,
     static_cast<crypto::zarcanum_proof&>(sig), &err);
   WLT_CHECK_AND_ASSERT_MES(r, false, "zarcanum_generate_proof failed, err: " << (int)err);
 
diff --git a/tests/core_tests/pos_block_builder.cpp b/tests/core_tests/pos_block_builder.cpp
index 23d91b0b..d2fcc99d 100644
--- a/tests/core_tests/pos_block_builder.cpp
+++ b/tests/core_tests/pos_block_builder.cpp
@@ -199,23 +199,56 @@ void pos_block_builder::step4_generate_coinbase_tx(size_t median_size,
 void pos_block_builder::step5_sign(const crypto::public_key& stake_tx_pub_key, size_t stake_tx_out_index, const crypto::public_key& stake_tx_out_pub_key, const currency::account_base& stakeholder_account)
 {
   CHECK_AND_ASSERT_THROW_MES(m_step == 4, "pos_block_builder: incorrect step sequence");
+  if (m_context.zarcanum) { LOG_PRINT_YELLOW("pos_block_builder::step5_sign() is called for seemingly zarcanum block", LOG_LEVEL_0); }
 
   crypto::key_derivation pos_coin_derivation = AUTO_VAL_INIT(pos_coin_derivation);
-  bool r = crypto::generate_key_derivation(stake_tx_pub_key, stakeholder_account.get_keys().view_secret_key, pos_coin_derivation); // derivation(tx_pub; view_sec)
+  bool r = crypto::generate_key_derivation(stake_tx_pub_key, stakeholder_account.get_keys().view_secret_key, pos_coin_derivation); // v * 8 * R
   CHECK_AND_ASSERT_THROW_MES(r, "generate_key_derivation failed");
 
-  crypto::secret_key derived_secret_ephemeral_key = AUTO_VAL_INIT(derived_secret_ephemeral_key);
-  crypto::derive_secret_key(pos_coin_derivation, stake_tx_out_index, stakeholder_account.get_keys().spend_secret_key, derived_secret_ephemeral_key); // derivation.derive(spend_sec, out_idx) => input ephemeral secret key
+  crypto::secret_key secret_x = AUTO_VAL_INIT(secret_x);
+  crypto::derive_secret_key(pos_coin_derivation, stake_tx_out_index, stakeholder_account.get_keys().spend_secret_key, secret_x); // x = s + Hs(v * 8 * R, i)
 
   // sign block actually in coinbase transaction
   crypto::hash block_hash = currency::get_block_hash(m_block);
   std::vector<const crypto::public_key*> keys_ptrs(1, &stake_tx_out_pub_key);
-  crypto::generate_ring_signature(block_hash, m_context.sk.kimage, keys_ptrs, derived_secret_ephemeral_key, 0, &boost::get<currency::NLSAG_sig>(m_block.miner_tx.signatures[0]).s[0]);
+  crypto::generate_ring_signature(block_hash, m_context.sk.kimage, keys_ptrs, secret_x, 0, &boost::get<currency::NLSAG_sig>(m_block.miner_tx.signatures[0]).s[0]);
 
   m_step = 5;
 }
 
 
+void pos_block_builder::step5_sign_zarcanum(const crypto::public_key& stake_tx_pub_key, size_t stake_tx_out_index, const currency::account_base& stakeholder_account)
+{
+  CHECK_AND_ASSERT_THROW_MES(m_step == 4, "pos_block_builder: incorrect step sequence");
+
+  CHECK_AND_ASSERT_THROW_MES(m_block.miner_tx.signatures.size() == 1, "pos_block_builder: incorrect size of miner_tx signatures: " << m_block.miner_tx.signatures.size());
+  zarcanum_sig& sig = boost::get<zarcanum_sig>(m_block.miner_tx.signatures[0]);
+
+  crypto::key_derivation pos_coin_derivation{};
+  bool r = crypto::generate_key_derivation(stake_tx_pub_key, stakeholder_account.get_keys().view_secret_key, pos_coin_derivation); // v * 8 * R
+  CHECK_AND_ASSERT_THROW_MES(r, "generate_key_derivation failed");
+  crypto::secret_key secret_x{};
+  crypto::derive_secret_key(pos_coin_derivation, stake_tx_out_index, stakeholder_account.get_keys().spend_secret_key, secret_x); // x = s + Hs(v * 8 * R, i)
+
+  std::vector<crypto::CLSAG_GGXG_input_ref_t> ring;
+  crypto::scalar_t stake_blinding_mask;
+  crypto::scalar_t blinding_masks_sum;
+  uint64_t secret_index = 0;
+
+
+
+  crypto::hash tx_hash_for_sig = get_transaction_hash(m_block.miner_tx); // TODO @#@# change to currency::get_block_hash(m_block);
+  uint8_t err = 0;
+  r = crypto::zarcanum_generate_proof(tx_hash_for_sig, m_context.kernel_hash, ring, m_context.last_pow_block_id_hashed, m_context.sk.kimage,
+    secret_x, m_context.secret_q, secret_index, blinding_masks_sum, m_context.stake_amount, m_context.stake_out_blinding_mask,
+    static_cast<crypto::zarcanum_proof&>(sig), &err);
+  CHECK_AND_ASSERT_THROW_MES(r, "zarcanum_generate_proof failed, err: " << (int)err);
+
+  m_step = 5;
+}
+
+
+
 bool construct_homemade_pos_miner_tx(size_t height, size_t median_size, const boost::multiprecision::uint128_t& already_generated_coins,
   size_t current_block_size,
   uint64_t fee,
diff --git a/tests/core_tests/pos_block_builder.h b/tests/core_tests/pos_block_builder.h
index a8f56514..39503805 100644
--- a/tests/core_tests/pos_block_builder.h
+++ b/tests/core_tests/pos_block_builder.h
@@ -67,6 +67,9 @@ struct pos_block_builder
 
   void step5_sign(const crypto::public_key& stake_tx_pub_key, size_t stake_tx_out_index, const crypto::public_key& stake_tx_out_pub_key, const currency::account_base& stakeholder_account);
 
+  void step5_sign_zarcanum(const crypto::public_key& stake_tx_pub_key, size_t stake_tx_out_index, const currency::account_base& stakeholder_account);
+
+
   currency::block         m_block                         {};
   size_t                  m_step                          = 0;
   size_t                  m_txs_total_size                = 0;