zecfoundation
/
libbolt
mirror of https://github.com/ZcashFoundation/libbolt.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

minor updates

This commit is contained in:
J. Ayo Akinyele 2018-06-15 01:18:20 -04:00
parent d9471ca850
commit 17254d9710
4 changed files with 53 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
bin/bolt.rs
View File

@ -389,7 +389,7 @@ fn main() {
let balance = 100;
let r = Fr::random(rng);
let cid = Fr::random(rng);
let refund_message1 = libbolt::RefundMessage::new(String::from("refundUnsigned"), cid, wpk, balance, Some(r), None);
let refund_message1 = libbolt::RefundMessage::new(String::from("refundUnsigned"), wpk, balance, Some(r), None);
let rm1 = refund_message1.hash();
println!("RefundMessage => {}", refund_message1.msgtype);
for i in 0 .. rm1.len() {
@ -397,7 +397,7 @@ fn main() {
libbolt::debug_elem_in_hex(&p, &rm1[i]);
}
let refund_message2 = libbolt::RefundMessage::new(String::from("refundToken"), cid, wpk, balance+15, None, Some(signature));
let refund_message2 = libbolt::RefundMessage::new(String::from("refundToken"), wpk, balance+15, None, Some(signature));
let rm2 = refund_message2.hash();
println!("RefundMessage (token) => {}", refund_message2.msgtype);
for i in 0 .. rm2.len() {
@ -565,4 +565,24 @@ fn main() {
assert_eq!(updated_merch_bal, merch_wallet.balance);
}
println!("Pay protocol complete!");
println!("******************************************");
println!("Testing the dispute algorithms...");
{
let cust_wallet = &init_cust_data.csk;
// get channel closure message
let rc_c = bidirectional::customer_refund(&pp, &channel, &merch_keypair.pk, &cust_wallet);
println!("Obtained the channel closure message: {}", rc_c.message.msgtype);
let channel_token = &init_cust_data.T;
let rc_m = bidirectional::merchant_refute(&pp, &channel_token, &init_merch_data, &mut channel, &rc_c, &rv_w1.signature);
println!("Merchant has refuted the refund request!");
let (new_b0_cust, new_b0_merch) = bidirectional::resolve(&pp, &init_cust_data, &init_merch_data,
Some(rc_c), rc_m, Some(rt_w1));
println!("Resolved! Customer = {}, Merchant = {}", new_b0_cust, new_b0_merch);
}
}

8
docs/bolt_design.tex
View File

@ -635,8 +635,8 @@ The customer obtains a new wallet $w_{\sf new} := (B - \epsilon, wpk', wsk', r',
% Refund algorithm description
\item ${\sf Refund}({\sf PP}, {\sf T}_{M}, csk_{C}, w) \rightarrow (m, \sigma)$.
\begin{enumerate}
\item If the customer has not invoked the {\sf Pay} protocol, then $m := ({\sf refundUnsigned}, ({\sf cID}, wpk, B), r)$.
\item Otherwise, set $m := ({\sf refundToken}, ({\sf cID}, wpk, B), rt_w)$.
\item If the customer has not invoked the {\sf Pay} protocol, then $m := ({\sf refundUnsigned}, (wpk, B), r)$.
\item Otherwise, set $m := ({\sf refundToken}, (wpk, B), rt_w)$.
\item Compute $\sigma = {\sf Sign}(sk_c, m)$.
\item Output ${\sf rc}_{C} = (m, \sigma)$.
\end{enumerate}
@ -669,8 +669,8 @@ The customer obtains a new wallet $w_{\sf new} := (B - \epsilon, wpk', wsk', r',
\item If verification check fails, then output ${B_{\sf final}^{\sf cust}} = B_{\sf total}$ and ${B_{\sf final}^{\sf merch}} = 0$.
\item Check the refund validity:
\begin{enumerate}
\item[a.] If ${\sf type} = {\sf refundUnsigned}$, check ${\sf wCom} = {\sf Commit}({\sf cID}, wpk, B; {\sf Token})$ and that merchant's token contains $\sigma_{rev}$.
\item[b.] If ${\sf type} = {\sf refundToken}$, check ${\sf Token}$ is a valid refund token on $({\sf cID}, wpk, B)$.
\item[a.] If ${\sf type} = {\sf refundUnsigned}$, check ${\sf wCom} = {\sf Commit}(wpk, B; {\sf Token})$ and that merchant's token contains $\sigma_{rev}$.
\item[b.] If ${\sf type} = {\sf refundToken}$, check ${\sf Token}$ is a valid refund token on $(wpk, B)$.
\item[c.] If either {\bf (a)} or {\bf (b)} fails, abort and output ${B_{\sf final}^{\sf cust}} = 0$ and ${B_{\sf final}^{\sf merch}} = B_{\sf total}$.
\end{enumerate}
\item Check the refutation's validity by checking that ${\sf Verify}(wpk, {\sf revoke}||wpk, \sigma_{rev}) = 1$.

4
src/clsigs.rs
View File

@ -247,7 +247,7 @@ pub fn keygenD(mpk : &PublicParams, l: usize) -> KeyPairD {
}
pub fn signD(mpk: &PublicParams, sk: &SecretKeyD, m: &Vec<Fr>) -> SignatureD {
assert_eq!(m.len(), sk.z.len()+1);
assert!(m.len() <= sk.z.len()+1);
let l = m.len();
let rng = &mut rand::thread_rng();
@ -617,5 +617,5 @@ pub fn vs_verify_blind_sig(mpk: &PublicParams, pk: &PublicKeyD, proof: &ProofVS,
println!("ERROR: Failed to verify pairing eq 3");
}
return result1 && result2 && result3;
return result && result1 && result2 && result3;
}

54
src/lib.rs
View File

@ -665,7 +665,6 @@ fn convertStrToFr<'a>(input: &'a str) -> Fr {
#[derive(Clone)]
pub struct RefundMessage {
pub msgtype: String, // purpose type of message
pub cid: Fr, // channel identifier
pub wpk: secp256k1::PublicKey,
pub balance: usize, // the balance
pub r: Option<Fr>, // randomness from customer wallet
@ -673,10 +672,10 @@ pub struct RefundMessage {
}
impl RefundMessage {
pub fn new(_msgtype: String, _cid: Fr, _wpk: secp256k1::PublicKey,
pub fn new(_msgtype: String, _wpk: secp256k1::PublicKey,
_balance: usize, _r: Option<Fr>, _rt: Option<clsigs::SignatureD>) -> RefundMessage {
RefundMessage {
msgtype: _msgtype, cid: _cid, wpk: _wpk, balance: _balance, r: _r, rt: _rt
msgtype: _msgtype, wpk: _wpk, balance: _balance, r: _r, rt: _rt
}
}
@ -686,8 +685,6 @@ impl RefundMessage {
input_buf.extend_from_slice(self.msgtype.as_bytes());
v.push(convertToFr(&input_buf));
v.push(self.cid.clone());
v.push(hashPubKeyToFr(&self.wpk));
// encoee the balance as a hex string
@ -717,11 +714,11 @@ impl RefundMessage {
pub struct RevokedMessage {
pub msgtype: String,
pub wpk: secp256k1::PublicKey,
pub sig: Option<Vec<u8>> // represents revocation token serialized compact bytes
pub sig: Option<[u8; 64]> // represents revocation token serialized compact bytes
}
impl RevokedMessage {
pub fn new(_msgtype: String, _wpk: secp256k1::PublicKey, _sig: Option<Vec<u8>>) -> RevokedMessage {
pub fn new(_msgtype: String, _wpk: secp256k1::PublicKey, _sig: Option<[u8; 64]>) -> RevokedMessage {
RevokedMessage {
msgtype: _msgtype, wpk: _wpk, sig: _sig
}
@ -737,7 +734,7 @@ impl RevokedMessage {
if (!self.sig.is_none()) {
// TODO: make sure we can call hashBufferToFr with sig
// v.push(hashBufferToFr(self.msgtype, self.sig.unwrap()));
v.push(hashBufferToFr(&self.msgtype, &self.sig.unwrap()));
}
return v;
}
@ -957,7 +954,7 @@ pub mod bidirectional {
}
pub struct ChannelClosure_C {
message: RefundMessage,
pub message: RefundMessage,
signature: clsigs::SignatureD
}
@ -1230,6 +1227,7 @@ pub mod bidirectional {
let rt_w = clsigs::bs_compute_blind_signature(&pp.cl_mpk, &sk_m, c_refund, proof_cv.num_secrets + 1); // proof_cv.C
println!("pay_by_merchant_phase1 - Proof of knowledge of commitment on new wallet is valid");
update_merchant_state(&mut state, &proof.wpk, None);
state.pay_init = true;
return rt_w;
}
@ -1309,18 +1307,17 @@ pub mod bidirectional {
///// end of pay protocol
// for customer => on input a wallet w, it outputs a customer channel closure message rc_c
pub fn customer_refund(pp: &PublicParams, state: &ChannelState, m_data: &InitMerchantData,
c_data: &InitCustomerData) -> ChannelClosure_C {
pub fn customer_refund(pp: &PublicParams, state: &ChannelState, pk_m: &clsigs::PublicKeyD,
w: &CustomerWallet) -> ChannelClosure_C {
println!("Run Refund...");
let m;
let w = &c_data.csk; // get wallet
let balance = w.balance as usize;
if !state.pay_init {
// pay protocol not invoked so take the balane
m = RefundMessage::new(String::from("refundUnsigned"), state.cid, w.wpk, balance, Some(w.r), None);
m = RefundMessage::new(String::from("refundUnsigned"), w.wpk, balance, Some(w.r), None);
} else {
// if channel has already been activated, then take unspent funds
m = RefundMessage::new(String::from("refundToken"), state.cid, w.wpk, balance, None, w.refund_token.clone());
m = RefundMessage::new(String::from("refundToken"), w.wpk, balance, None, w.refund_token.clone());
}
// generate signature on the balance/channel id, etc to obtain funds back
@ -1366,7 +1363,7 @@ pub mod bidirectional {
// for merchant => on input the merchant's current state S_old and a customer channel closure message,
// outputs a merchant channel closure message rc_m and updated merchant state S_new
pub fn merchant_refute(pp: &PublicParams, T_c: &ChannelToken, m_data: &InitMerchantData,
state: &mut ChannelState, rc_c: ChannelClosure_C, rv_token: &secp256k1::Signature) -> Option<ChannelClosure_M> {
state: &mut ChannelState, rc_c: &ChannelClosure_C, rv_token: &secp256k1::Signature) -> Option<ChannelClosure_M> {
println!("Run Refute...");
let is_valid = clsigs::verifyD(&pp.cl_mpk, &T_c.pk, &rc_c.message.hash(), &rc_c.signature);
@ -1374,10 +1371,9 @@ pub mod bidirectional {
let wpk = rc_c.message.wpk;
let balance = rc_c.message.balance;
if exist_in_merchant_state(&state, &wpk, Some(*rv_token)) {
// let mut s = Secp256k1::new();
// let sig = rv_token.serialize_compact(&s);
// TODO: convert rv_w into a slice
let rm = RevokedMessage::new(String::from("revoked"), wpk, None);
let mut s = secp256k1::Secp256k1::new();
let ser_rv_token = rv_token.serialize_compact(&s);
let rm = RevokedMessage::new(String::from("revoked"), wpk, Some(ser_rv_token));
// sign the revoked message
let signature = clsigs::signD(&pp.cl_mpk, &m_data.csk.sk, &rm.hash());
return Some(ChannelClosure_M { message: rm, signature: signature });
@ -1393,8 +1389,9 @@ pub mod bidirectional {
// on input th ecustmomer and merchant channel tokens T_c, T_m
// along with closure messages rc_c, rc_m
pub fn resolve<'a>(pp: &PublicParams, c: &InitCustomerData, m: &InitMerchantData, // cust and merch
rc_c: Option<ChannelClosure_C>, rc_m: Option<ChannelClosure_M>) -> (i32, i32) {
pub fn resolve(pp: &PublicParams, c: &InitCustomerData, m: &InitMerchantData, // cust and merch
rc_c: Option<ChannelClosure_C>, rc_m: Option<ChannelClosure_M>,
rt_w: Option<clsigs::SignatureD>) -> (i32, i32) {
println!("Run Resolve...");
let total_balance = c.csk.balance + m.csk.balance;
if (rc_c.is_none() && rc_m.is_none()) {
@ -1412,8 +1409,8 @@ pub mod bidirectional {
// _ => return (0, 0);
// }
let pk_c = &c.T.pk;
let pk_m = &m.T;
let pk_c = &c.T.pk; // get public key for customer
let pk_m = &m.T; // get public key for merchant
let rc_cust = rc_c.unwrap();
let rcc_valid = clsigs::verifyD(&pp.cl_mpk, &pk_c, &rc_cust.message.hash(), &rc_cust.signature);
@ -1425,9 +1422,8 @@ pub mod bidirectional {
if msg.msgtype == "refundUnsigned" {
// assert the validity of the w_com
let bases = c.bases.clone();
let g2 = pp.cl_mpk.g2.clone();
let cm_csp = commit_scheme::setup(pp.l, bases, g2);
let cm_csp = generate_commit_setup(&pp, &pk_m);
let h_wpk = hashPubKeyToFr(&c.csk.wpk);
// convert balance into Fr
let balance = Fr::from_str(c.csk.balance.to_string().as_str()).unwrap();
@ -1441,12 +1437,12 @@ pub mod bidirectional {
// check that w_com is a valid commitment
if !commit_scheme::decommit(&cm_csp, &w_com, &x) {
// if this fails, then customer gets 0 and merchant gets full channel balance
println!("resolve - failed verify commitment on wallet");
return (0, total_balance);
}
} else if msg.msgtype == "refundToken" {
// TODO: check that rt_w is a valid refund token on wpk and balance
let rt_w = &rc_cust.signature; // TODO: replace with real rt_w
let rt_valid = clsigs::verifyD(&pp.cl_mpk, &pk_c, &msg.hash(), &rt_w);
// check that the refund token for specified wallet is valid
let rt_valid = clsigs::verifyD(&pp.cl_mpk, &pk_c, &msg.hash(), &rt_w.unwrap());
if !rt_valid {
// refund token signature not valid, so pay full channel balance to merchant
return (0, total_balance)