From 6b851591190cc3b6bfd3e96935b455fe58b4036e Mon Sep 17 00:00:00 2001 From: sowle Date: Mon, 29 Aug 2022 22:56:37 +0200 Subject: [PATCH] crypto: c_point_X; hs(char[32], hash); minor improvements for clsag implementation --- src/crypto/clsag.cpp | 2 +- src/crypto/clsag.h | 4 ++-- src/crypto/crypto-sugar.cpp | 3 +++ src/crypto/crypto-sugar.h | 9 +++++++++ tests/functional_tests/crypto_tests_clsag.h | 11 +++++++++++ 5 files changed, 26 insertions(+), 3 deletions(-) diff --git a/src/crypto/clsag.cpp b/src/crypto/clsag.cpp index bfcb3a14..be2e9f38 100644 --- a/src/crypto/clsag.cpp +++ b/src/crypto/clsag.cpp @@ -148,7 +148,7 @@ namespace crypto } // calculate aggregate key image - point_t W_key_image = agg_coeff_0 * point_t(ki) + agg_coeff_1 * point_t(sig.K1).modify_mul8(); + point_t W_key_image = agg_coeff_0 * key_image + agg_coeff_1 * point_t(sig.K1).modify_mul8(); DBG_VAL_PRINT(W_key_image); scalar_t c_prev = sig.c; diff --git a/src/crypto/clsag.h b/src/crypto/clsag.h index 66e30143..41909e7b 100644 --- a/src/crypto/clsag.h +++ b/src/crypto/clsag.h @@ -34,8 +34,8 @@ namespace crypto CLSAG_GG_input_ref_t(const public_key& stealth_address, const public_key& amount_commitment) : stealth_address(stealth_address), amount_commitment(amount_commitment) {} - const public_key& stealth_address; - const public_key& amount_commitment; + const public_key& stealth_address; // not premultiplied by 1/8, TODO @#@#: make sure it's okay + const public_key& amount_commitment; // multiplied by 1/8 }; bool generate_CLSAG_GG(const hash& m, const std::vector& ring, const point_t& pseudo_out_amount_commitment, const key_image& ki, diff --git a/src/crypto/crypto-sugar.cpp b/src/crypto/crypto-sugar.cpp index 07fcc7c7..bead23df 100644 --- a/src/crypto/crypto-sugar.cpp +++ b/src/crypto/crypto-sugar.cpp @@ -22,6 +22,9 @@ namespace crypto const point_t c_point_H = { 0x05087c1f5b9b32d6, 0x00547595f445c3b5, 0x764df64578552f2a, 0x8a49a651e0e0da45 }; // == Hp(G), this is being checked in bpp_basics const point_t c_point_H2 = { 0x70c8d1ab9dbf1cc0, 0xc561bb12639a8516, 0x3cfff1def9e5b268, 0xe0936386f3bcce1a }; // == Hp("h2_generator"), checked in bpp_basics + + const point_t c_point_X = { 0xc9d2f543dbbc253a, 0x87099e9ac33d06dd, 0x76bcf12dcf6ffcba, 0x20384a4a88752d32 }; // == Hp("X_generator"), checked in clsag_ggxg_basics + const point_t c_point_0 = point_t(point_t::tag_zero()); static_assert(sizeof(scalar_t::m_sk) == sizeof(scalar_t::m_u64) && sizeof(scalar_t::m_u64) == sizeof(scalar_t::m_s), "size missmatch"); diff --git a/src/crypto/crypto-sugar.h b/src/crypto/crypto-sugar.h index b802892a..8a3141d3 100644 --- a/src/crypto/crypto-sugar.h +++ b/src/crypto/crypto-sugar.h @@ -912,6 +912,7 @@ namespace crypto extern const point_t c_point_H; extern const point_t c_point_H2; + extern const point_t c_point_X; extern const point_t c_point_0; // @@ -1135,6 +1136,14 @@ namespace crypto return hs_calculator.calc_hash(); } + static scalar_t hs(const char(&str32)[32], const crypto::hash& h) + { + hs_t hs_calculator(2); + hs_calculator.add_32_chars(str32); + hs_calculator.add_hash(h); + return hs_calculator.calc_hash(); + } + static point_t hp(const point_t& p) { point_t result; diff --git a/tests/functional_tests/crypto_tests_clsag.h b/tests/functional_tests/crypto_tests_clsag.h index 161462fe..9530f712 100644 --- a/tests/functional_tests/crypto_tests_clsag.h +++ b/tests/functional_tests/crypto_tests_clsag.h @@ -244,3 +244,14 @@ TEST(clsag, sig_difference) return true; } + + +TEST(clsag_ggxg, basics) +{ + std::string X_hash_str("X_generator"); + point_t X = hash_helper_t::hp(X_hash_str.c_str(), X_hash_str.size()); + LOG_PRINT_L0("X = " << X.to_hex_comma_separated_uint64_str()); + ASSERT_EQ(X, c_point_X); + + return true; +} \ No newline at end of file