lthn/blockchain
2
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

crypto: BP+ generators mapping corrected, test improved

Browse source
This commit is contained in:
sowle 2022-08-25 04:14:36 +02:00
parent a7352d8c98
commit e8ea28d085
No known key found for this signature in database
GPG key ID: C07A24B2D89D49FC
3 changed files with 43 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/crypto/crypto-sugar.cpp
View file

@ -21,7 +21,7 @@ namespace crypto
const scalar_t c_scalar_1div8 = { 0x6106e529e2dc2f79, 0x07d39db37d1cdad0, 0x0, 0x0600000000000000 };
const point_t c_point_H = { 0x05087c1f5b9b32d6, 0x00547595f445c3b5, 0x764df64578552f2a, 0x8a49a651e0e0da45 }; // == Hp(G), this is being checked in bpp_basics
const point_t c_point_H2 = { 0x70c8d1ab9dbf1cc0, 0xc561bb12639a8516, 0x3cfff1def9e5b268, 0xe0936386f3bcce1a }; // == Hp("h2_generator"), cheched in bpp_basics
const point_t c_point_H2 = { 0x70c8d1ab9dbf1cc0, 0xc561bb12639a8516, 0x3cfff1def9e5b268, 0xe0936386f3bcce1a }; // == Hp("h2_generator"), checked in bpp_basics
const point_t c_point_0 = point_t(point_t::tag_zero());
static_assert(sizeof(scalar_t::m_sk) == sizeof(scalar_t::m_u64) && sizeof(scalar_t::m_u64) == sizeof(scalar_t::m_s), "size missmatch");

6
src/crypto/range_proofs.h
View file

@ -125,12 +125,16 @@ namespace crypto
return result;
}
static const point_t& bpp_G; // NOTE! This notation follows original BP+ whitepaper, see mapping to Zano's generators below
static const point_t& bpp_H;
static const point_t& bpp_H2;
}; // struct bpp_crypto_trait_zano
template<size_t N, size_t values_max>
const point_t& bpp_crypto_trait_zano<N, values_max>::bpp_H = c_point_H;
const point_t& bpp_crypto_trait_zano<N, values_max>::bpp_G = c_point_H;
template<size_t N, size_t values_max>
const point_t& bpp_crypto_trait_zano<N, values_max>::bpp_H = c_point_G;
template<size_t N, size_t values_max>
const point_t& bpp_crypto_trait_zano<N, values_max>::bpp_H2 = c_point_H2;

50
tests/functional_tests/crypto_tests_range_proofs.h
View file

@ -68,22 +68,46 @@ TEST(bpp, basics)
LOG_PRINT_L0("Zano H = " << H << " = { " << H.to_hex_comma_separated_uint64_str() << " }");
LOG_PRINT_L0("Zano H2 = " << H2 << " = { " << H2.to_hex_comma_separated_uint64_str() << " }");
scalar_vec_t values = { 5 };
scalar_vec_t masks = { 0 };
bpp_signature bpp_sig;
std::vector<point_t> commitments_1div8;
uint8_t err = 0;
bool r = bpp_gen<bpp_crypto_trait_zano<>>(values, masks, bpp_sig, commitments_1div8, &err);
LOG_PRINT_L0("err = " << (uint16_t)err);
ASSERT_TRUE(r);
auto foo = [&](scalar_t v){
scalar_vec_t values = { v };
scalar_vec_t masks = { scalar_t::random() };
bpp_signature bpp_sig;
std::vector<point_t> commitments_1div8;
uint8_t err = 0;
std::vector<bpp_sig_commit_ref_t> sigs;
sigs.emplace_back(bpp_sig, commitments_1div8);
bool r = bpp_gen<bpp_crypto_trait_zano<>>(values, masks, bpp_sig, commitments_1div8, &err);
if (!r)
{
LOG_PRINT_L0("bpp_gen err = " << (uint16_t)err);
return false;
}
r = bpp_verify<bpp_crypto_trait_zano<>>(sigs, &err);
LOG_PRINT_L0("err = " << (uint16_t)err);
ASSERT_TRUE(r);
std::vector<bpp_sig_commit_ref_t> sigs;
sigs.emplace_back(bpp_sig, commitments_1div8);
r = bpp_verify<bpp_crypto_trait_zano<>>(sigs, &err);
if (!r)
{
LOG_PRINT_L0("bpp_verify err = " << (uint16_t)err);
return false;
}
return true;
};
ASSERT_TRUE(foo(scalar_t(0)));
ASSERT_TRUE(foo(scalar_t(1)));
ASSERT_TRUE(foo(scalar_t(5)));
ASSERT_TRUE(foo(scalar_t(UINT64_MAX)));
ASSERT_FALSE(foo(scalar_t(UINT64_MAX, 1, 0, 0)));
ASSERT_FALSE(foo(scalar_t(0, 1, 0, 0)));
ASSERT_FALSE(foo(scalar_t(0, 0, 1, 0)));
ASSERT_FALSE(foo(scalar_t(0, 0, 0, 1)));
ASSERT_FALSE(foo(c_scalar_Lm1));
ASSERT_FALSE(foo(c_scalar_L));
ASSERT_FALSE(foo(c_scalar_256m1));
return true;
}