several improvements to libbolt
This commit is contained in:
parent
703946362a
commit
364794f2c6
|
@ -12,10 +12,11 @@ license = "MIT License"
|
|||
[dependencies]
|
||||
bn = "0.4.3"
|
||||
rand = "~0.3.14"
|
||||
bincode = "0.5.9"
|
||||
bincode = "0.6.1"
|
||||
sodiumoxide = "0.0.16"
|
||||
serde = "1.0"
|
||||
serde_derive = "1.0"
|
||||
time = "*"
|
||||
|
||||
[dev-dependencies.bincode]
|
||||
version = "~0.6.0"
|
||||
|
|
5
Makefile
5
Makefile
|
@ -1,9 +1,12 @@
|
|||
.PHONY: all test doc clean
|
||||
.PHONY: all bench test doc clean
|
||||
|
||||
all:
|
||||
cargo build
|
||||
cargo run
|
||||
|
||||
bench:
|
||||
cargo bench
|
||||
|
||||
test:
|
||||
# runs the unit test suite
|
||||
cargo test
|
||||
|
|
36
bin/bolt.rs
36
bin/bolt.rs
|
@ -5,6 +5,7 @@ extern crate bincode;
|
|||
#[macro_use]
|
||||
extern crate serde_derive;
|
||||
extern crate serde;
|
||||
extern crate time;
|
||||
|
||||
use std::fmt;
|
||||
use bn::{Group, Fr, G1, G2, pairing};
|
||||
|
@ -16,6 +17,7 @@ use libbolt::sym;
|
|||
use libbolt::ote;
|
||||
use libbolt::clsigs;
|
||||
use libbolt::commit_scheme;
|
||||
use time::PreciseTime;
|
||||
|
||||
#[doc(hidden)]
|
||||
#[macro_export]
|
||||
|
@ -338,6 +340,40 @@ fn main() {
|
|||
assert!(m.m1 == orig_m.m1 && m.m2 == orig_m.m2);
|
||||
println!("OTE scheme works as expected!");
|
||||
|
||||
// Test the CL sigs
|
||||
// CL sig tests
|
||||
let mpk = clsigs::setupD();
|
||||
let l = 3;
|
||||
let keypair = clsigs::keygenD(&mpk, l);
|
||||
//println!("{}", keypair.pk);
|
||||
|
||||
// let msg1 = libbolt::RefundMessage::new(alice_sk, 10).hash(); // TODO: add ck (l-bit key)
|
||||
// let msg2 = libbolt::RefundMessage::new(alice_sk, 11).hash(); // TODO: add ck (l-bit key)
|
||||
let mut m1 : Vec<Fr> = Vec::new();
|
||||
let mut m2 : Vec<Fr> = Vec::new();
|
||||
let mut m3 : Vec<Fr> = Vec::new();
|
||||
|
||||
for i in 0 .. l+1 {
|
||||
m1.push(Fr::random(rng));
|
||||
m2.push(Fr::random(rng));
|
||||
m3.push(Fr::random(rng));
|
||||
}
|
||||
|
||||
let signature = clsigs::signD(&keypair.sk, &m1);
|
||||
//println!("{}", signature);
|
||||
let start1 = PreciseTime::now();
|
||||
assert!(clsigs::verifyD(&mpk, &keypair.pk, &m1, &signature) == true);
|
||||
let end1 = PreciseTime::now();
|
||||
assert!(clsigs::verifyD(&mpk, &keypair.pk, &m2, &signature) == false);
|
||||
let end2 = PreciseTime::now();
|
||||
// assert!(clsigs::verifyD(&mpk, &keypair.pk, &m1, &signature) == true);
|
||||
// assert!(clsigs::verifyD(&mpk, &keypair.pk, &m3, &signature) == false);
|
||||
|
||||
println!("CL signatures verified!");
|
||||
println!("{} seconds for verifying valid signatures.", start1.to(end1));
|
||||
println!("{} seconds for verifying invalid signatures.", end1.to(end2));
|
||||
|
||||
|
||||
// let rng = &mut rand::thread_rng();
|
||||
// let G = G1::random(rng); // &dalek_constants::RISTRETTO_BASEPOINT_POINT;
|
||||
// let H = G1::random(rng); // RistrettoPoint::hash_from_bytes::<Sha256>(G.compress().as_bytes());
|
||||
|
|
|
@ -4,7 +4,7 @@ use std::fmt;
|
|||
use std::str;
|
||||
//use std::default;
|
||||
use rand;
|
||||
use bn::{Group, Fr, G1, G2, pairing};
|
||||
use bn::{Group, Fr, G1, G2, Gt, pairing};
|
||||
//use debug_elem_in_hex;
|
||||
use bincode::SizeLimit::Infinite;
|
||||
use bincode::rustc_serialize::encode;
|
||||
|
@ -55,11 +55,13 @@ impl SecretKey {
|
|||
}
|
||||
}
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct KeyPair {
|
||||
pub sk: SecretKey,
|
||||
pub pk: PublicKey
|
||||
}
|
||||
|
||||
|
||||
pub struct Signature {
|
||||
a: G2,
|
||||
b: G2,
|
||||
|
@ -140,7 +142,7 @@ pub fn verify_A(mpk: &PublicParams, pk: &PublicKey, m: Fr, sig: &Signature) -> b
|
|||
//}
|
||||
|
||||
// scheme D - for a vector of messages
|
||||
#[derive(Copy, Clone)]
|
||||
#[derive(Clone)]
|
||||
pub struct PublicKeyD {
|
||||
X: G1,
|
||||
Y: G1,
|
||||
|
@ -148,14 +150,20 @@ pub struct PublicKeyD {
|
|||
W: Vec<G1>
|
||||
}
|
||||
|
||||
#[derive(Copy, Clone)]
|
||||
#[derive(Clone)]
|
||||
pub struct SecretKeyD {
|
||||
x: Fr,
|
||||
y: Fr,
|
||||
z: Vec<Fr>
|
||||
}
|
||||
|
||||
#[derive(Copy, Clone)]
|
||||
#[derive(Clone)]
|
||||
pub struct KeyPairD {
|
||||
pub sk: SecretKeyD,
|
||||
pub pk: PublicKeyD
|
||||
}
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct SignatureD {
|
||||
a: G2,
|
||||
A: Vec<G2>,
|
||||
|
@ -172,7 +180,7 @@ pub fn setupD() -> PublicParams {
|
|||
return mpk;
|
||||
}
|
||||
|
||||
pub fn keygenD(mpk : &PublicParams, l: i32) -> KeyPair {
|
||||
pub fn keygenD(mpk : &PublicParams, l: i32) -> KeyPairD {
|
||||
let rng = &mut rand::thread_rng();
|
||||
let x = Fr::random(rng);
|
||||
let y = Fr::random(rng);
|
||||
|
@ -182,7 +190,7 @@ pub fn keygenD(mpk : &PublicParams, l: i32) -> KeyPair {
|
|||
let mut Z: Vec<G1> = Vec::new();
|
||||
let mut W: Vec<G1> = Vec::new();
|
||||
// generate the vector ck of sym keys
|
||||
for i in 1 .. l {
|
||||
for i in 0 .. l {
|
||||
let _z = Fr::random(rng);
|
||||
let _Z = mpk.g * _z;
|
||||
let _W = Y * _z;
|
||||
|
@ -196,8 +204,8 @@ pub fn keygenD(mpk : &PublicParams, l: i32) -> KeyPair {
|
|||
return KeyPairD { sk: sk, pk: pk }
|
||||
}
|
||||
|
||||
pub fn signD(sk: &SecretKeyD, m: Vec<Fr>) -> Signature {
|
||||
assert_eq!(m.len(), sk.z.len());
|
||||
pub fn signD(sk: &SecretKeyD, m: &Vec<Fr>) -> SignatureD {
|
||||
assert_eq!(m.len(), sk.z.len()+1);
|
||||
let l = m.len();
|
||||
|
||||
let rng = &mut rand::thread_rng();
|
||||
|
@ -207,45 +215,54 @@ pub fn signD(sk: &SecretKeyD, m: Vec<Fr>) -> Signature {
|
|||
let mut B: Vec<G2> = Vec::new();
|
||||
let mut c = (a * (sk.x + (m[0] * sk.x * sk.y)));
|
||||
|
||||
for i in 1 .. l {
|
||||
let _A = a * z[i];
|
||||
for i in 0 .. l-1 {
|
||||
let _A = a * sk.z[i];
|
||||
let _B = _A * sk.y;
|
||||
A.push(_A);
|
||||
B.push(_B);
|
||||
c = c + (_A * (m[i] * sk.x * sk.y));
|
||||
c = c + (_A * (m[i+1] * sk.x * sk.y));
|
||||
}
|
||||
|
||||
let sig = SignatureD { a: a, A: A, b: b, B: B, c: c };
|
||||
// Ok(sig);
|
||||
return sig;
|
||||
}
|
||||
|
||||
pub fn verifyD(mpk: &PublicParams, pk: &PublicKeyD, m: Vec<Fr>, sig: &SignatureD) -> bool {
|
||||
assert_eq!(m.len(), sig.A.len());
|
||||
assert_eq!(m.len(), sig.B.len());
|
||||
pub fn verifyD(mpk: &PublicParams, pk: &PublicKeyD, m: &Vec<Fr>, sig: &SignatureD) -> bool {
|
||||
assert_eq!(m.len(), sig.A.len()+1);
|
||||
assert_eq!(m.len(), sig.B.len()+1);
|
||||
|
||||
let l = m.len();
|
||||
let lhs1 = pairing(pk.Z, sig.a);
|
||||
let rhs1 = pairing(mpk.g, sig.b);
|
||||
|
||||
let lhs2a = pairing(pk.Y, a);
|
||||
// lhs2a and rhs2a checks that sig.b was formed correctly
|
||||
let lhs2a = pairing(pk.Y, sig.a);
|
||||
let rhs2a = pairing(mpk.g, sig.b);
|
||||
|
||||
let mut result1 = true;
|
||||
let mut result2b = true;
|
||||
for i in 1 .. l {
|
||||
// lhs3 and rhs3 checks that sig.c was formed correctly
|
||||
let mut lhs3 = pairing(pk.X, sig.a) * pairing(pk.X, sig.b * m[0]);
|
||||
let rhs3 = pairing(mpk.g, sig.c);
|
||||
|
||||
for i in 0 .. l-1 {
|
||||
// checks that {sig.A}_i was formed correctly
|
||||
let lhs1 = pairing(pk.Z[i], sig.a);
|
||||
let rhs1 = pairing(mpk.g, sig.A[i]);
|
||||
if (lhs1 != rhs1) {
|
||||
result1 = false;
|
||||
}
|
||||
let lhs2b = pairing(pk.Y, sig.A[i]);
|
||||
let rhs2b = pairing(mpk.g, sig.B[i]);
|
||||
if lhs2b != rhs2b {
|
||||
result2b = false;
|
||||
}
|
||||
lhs3 = lhs3 * pairing(pk.X, sig.B[i] * m[i+1]);
|
||||
}
|
||||
|
||||
let mut lhs3 = pairing(pk.X, sig.a) * pairing(pk.X, sig.b * m[0]);
|
||||
for i in 1 .. l {
|
||||
lhs3 = lhs3 * pairing(pk.X, sig.B[i] * m[i]);
|
||||
}
|
||||
let rhs3 = pairing(mpk.g, sig.c);
|
||||
|
||||
return (lhs1 == rhs1) && (lhs2a == rhs2a) && (result2b == true) && (lhs3 == rhs3);
|
||||
// let mut lhs3 = pairing(pk.X, sig.a) * pairing(pk.X, sig.b * m[0]);
|
||||
// for i in 1 .. l {
|
||||
// lhs3 = lhs3 * pairing(pk.X, sig.B[i] * m[i]);
|
||||
// }
|
||||
return (result1 == true) && (lhs2a == rhs2a) && (result2b == true) && (lhs3 == rhs3);
|
||||
}
|
||||
|
||||
// NIZK protocol for proving knowledge of a signature
|
||||
|
@ -261,7 +278,10 @@ pub fn prover_gen_blind(sig: &SignatureD) -> SignatureD {
|
|||
let c = (sig.c * r) * rpr;
|
||||
let mut A: Vec<G2> = Vec::new();
|
||||
let mut B: Vec<G2> = Vec::new();
|
||||
for i in 1 .. l {
|
||||
assert!(sig.A.len() == sig.B.len());
|
||||
let l = sig.A.len();
|
||||
|
||||
for i in 0 .. l {
|
||||
A.push(sig.A[i] * r);
|
||||
B.push(sig.B[i] * r);
|
||||
}
|
||||
|
@ -271,11 +291,14 @@ pub fn prover_gen_blind(sig: &SignatureD) -> SignatureD {
|
|||
}
|
||||
|
||||
pub fn verify_proof_for_blind_sigs(mpk: &PublicParams, pk: &PublicKeyD, sig: &SignatureD) {
|
||||
assert!(sig.A.len() == sig.B.len());
|
||||
let l = sig.A.len();
|
||||
|
||||
let vx = pairing(pk.X, sig.a);
|
||||
let vxy = pairing(pk.X, sig.b);
|
||||
// generate vector
|
||||
let mut vxyi: Vec<GT> = Vec::new();
|
||||
for i in 1 .. l {
|
||||
let mut vxyi: Vec<Gt> = Vec::new();
|
||||
for i in 0 .. l {
|
||||
vxyi.push(pairing(pk.X, sig.B[i]));
|
||||
}
|
||||
let vs = pairing(mpk.g, sig.c);
|
||||
|
|
|
@ -12,10 +12,10 @@ use sodiumoxide::crypto::hash::sha512;
|
|||
// define some structures here
|
||||
#[derive(Copy, Clone)]
|
||||
pub struct PublicParams {
|
||||
g1: G1,
|
||||
g2: G1,
|
||||
g3: G1,
|
||||
h: G1
|
||||
pub g1: G1,
|
||||
pub g2: G1,
|
||||
pub g3: G1,
|
||||
pub h: G1
|
||||
}
|
||||
|
||||
|
||||
|
@ -135,11 +135,11 @@ pub fn setup() -> PublicParams {
|
|||
let g4 = G1::random(rng);
|
||||
let h = G1::random(rng);
|
||||
let pp = PublicParams { g1: g1, g2: g2, g3: g3, h: h };
|
||||
println!("{}", pp);
|
||||
//println!("{}", pp);
|
||||
return pp;
|
||||
}
|
||||
|
||||
pub fn commit(pp: &PublicParams, channelId: Fr, wpk: G1, balance: u32, R: Option<Fr>) -> Commitment {
|
||||
pub fn commit(pp: &PublicParams, channelId: Fr, wpk: Fr, balance: Fr, R: Option<Fr>) -> Commitment {
|
||||
let rng = &mut rand::thread_rng();
|
||||
|
||||
let r = R.unwrap_or(Fr::random(rng));
|
||||
|
@ -147,7 +147,7 @@ pub fn commit(pp: &PublicParams, channelId: Fr, wpk: G1, balance: u32, R: Option
|
|||
let p = "commit -> cid";
|
||||
debug_elem_in_hex(p, &channelId);
|
||||
// c = g^m * h^r
|
||||
let c = (pp.g1 * channelId) + (pp.g2 + wpk) + (pp.g3 * balance) + (pp.h * r);
|
||||
let c = (pp.g1 * channelId) + (pp.g2 * wpk) + (pp.g3 * balance) + (pp.h * r);
|
||||
// return (c, r) <- d=r
|
||||
let commitment = Commitment { c: c, d: r };
|
||||
|
||||
|
@ -156,9 +156,9 @@ pub fn commit(pp: &PublicParams, channelId: Fr, wpk: G1, balance: u32, R: Option
|
|||
return commitment;
|
||||
}
|
||||
|
||||
pub fn decommit(pp: &PublicParams, cm: &Commitment, channelId: Fr, wpk: G1, balance: u32) -> bool {
|
||||
pub fn decommit(pp: &PublicParams, cm: &Commitment, channelId: Fr, wpk: Fr, balance: Fr) -> bool {
|
||||
let p = "decommit -> cid";
|
||||
debug_elem_in_hex(p, &channelId);
|
||||
let dm = (pp.g1 * channelId) + (pp.g2 + wpk) + (pp.g3 * balance) + (pp.h * cm.d);
|
||||
let dm = (pp.g1 * channelId) + (pp.g2 * wpk) + (pp.g3 * balance) + (pp.h * cm.d);
|
||||
return dm == cm.c;
|
||||
}
|
||||
|
|
110
src/lib.rs
110
src/lib.rs
|
@ -6,7 +6,7 @@ extern crate sodiumoxide;
|
|||
use std::fmt;
|
||||
use std::str;
|
||||
use std::default;
|
||||
use bn::{Group, Fr, G1, G2, pairing};
|
||||
use bn::{Group, Fr, G1, G2, Gt, pairing};
|
||||
use bincode::SizeLimit::Infinite;
|
||||
use bincode::rustc_serialize::{encode, decode};
|
||||
use sodiumoxide::randombytes;
|
||||
|
@ -494,11 +494,11 @@ pub struct SpendMessage<'a> {
|
|||
s: G1,
|
||||
u: G1,
|
||||
pi: Proof,
|
||||
ck: SymKey
|
||||
ck: sym::SymKey
|
||||
}
|
||||
|
||||
impl<'a> SpendMessage<'a> {
|
||||
pub fn new(_j: i32, _s: G1, _u: G1, _pi: Proof, _ck: SymKey) -> SpendMessage<'a> {
|
||||
pub fn new(_j: i32, _s: G1, _u: G1, _pi: Proof, _ck: sym::SymKey) -> SpendMessage<'a> {
|
||||
SpendMessage {
|
||||
prefix: "spend", j: _j, s: _s, u: _u, pi: _pi, ck: _ck,
|
||||
}
|
||||
|
@ -506,6 +506,8 @@ impl<'a> SpendMessage<'a> {
|
|||
|
||||
pub fn hash(&self) -> Fr {
|
||||
// hash into a Fr element
|
||||
let rng = &mut rand::thread_rng();
|
||||
return Fr::random(rng);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -572,29 +574,52 @@ pub struct Proof {
|
|||
s2: Fr
|
||||
}
|
||||
|
||||
pub fn hash(g: &G1, h: &G1, X: &G1, Y: &G1, ) -> Fr {
|
||||
pub fn hash(g: &G1, h: &G1, X: &G1, Y: &G1, T: &Gt) -> Fr {
|
||||
let g_vec: Vec<u8> = encode(&g, Infinite).unwrap();
|
||||
|
||||
// TODO: fix this
|
||||
return Fr::from_str("1234567890").unwrap();
|
||||
}
|
||||
|
||||
pub fn create_nizk_proof_one(pp: &PublicParams, pk: &PublicKey, sk: &SecretKey) -> Proof {
|
||||
let rng = &mut rand::thread_rng();
|
||||
pub fn hashG1ToFr(x: &G1) -> Fr {
|
||||
// TODO: change to serde (instead of rustc_serialize)
|
||||
let x_vec: Vec<u8> = encode(&x, Infinite).unwrap();
|
||||
let sha2_digest = sha512::hash(x_vec.as_slice());
|
||||
|
||||
let t1 = Fr::random(rng);
|
||||
let t2 = Fr::random(rng);
|
||||
|
||||
let T = (pk.g * t1) + (pk.h * t2);
|
||||
|
||||
let c = hash(pp.g, pp.h, pk.X, pk.Y, T);
|
||||
|
||||
let s1 = (sk.x * c) + t1;
|
||||
let s2 = (sk.y * c) + t2;
|
||||
|
||||
return Proof { T: T, c: c, s1: s1, s2: s2 };
|
||||
let mut hash_buf: [u8; 64] = [0; 64];
|
||||
hash_buf.copy_from_slice(&sha2_digest[0..64]);
|
||||
return Fr::interpret(&hash_buf);
|
||||
}
|
||||
|
||||
//pub fn hashStrToFr(x: &str) -> Fr {
|
||||
// // TODO: change to serde (instead of rustc_serialize)
|
||||
// let sha2_digest = sha512::hash(x.as_slice());
|
||||
//
|
||||
// let mut hash_buf: [u8; 64] = [0; 64];
|
||||
// hash_buf.copy_from_slice(&sha2_digest[0..64]);
|
||||
// return Fr::interpret(&hash_buf);
|
||||
//}
|
||||
|
||||
|
||||
//pub fn create_nizk_proof_one(pp: &PublicParams, pk: &clsigs::PublicKeyD, sk: &clsigs::SecretKeyD) -> Proof {
|
||||
// let rng = &mut rand::thread_rng();
|
||||
//
|
||||
// let t1 = Fr::random(rng);
|
||||
// let t2 = Fr::random(rng);
|
||||
//
|
||||
// let T = (pk.g * t1) + (pk.h * t2);
|
||||
//
|
||||
// let c = hash(pp.g, pp.h, pk.X, pk.Y, T);
|
||||
//
|
||||
// let s1 = (sk.x * c) + t1;
|
||||
// let s2 = (sk.y * c) + t2;
|
||||
//
|
||||
// return Proof { T: T, c: c, s1: s1, s2: s2 };
|
||||
//}
|
||||
|
||||
pub fn verify_nizk_proof_one(proof: &Proof) -> bool {
|
||||
// how do we verify the proof?
|
||||
return true;
|
||||
}
|
||||
////////////////////////////////// NIZKP //////////////////////////////////
|
||||
|
||||
|
@ -706,11 +731,12 @@ pub fn verify_nizk_proof_one(proof: &Proof) -> bool {
|
|||
pub mod bidirectional {
|
||||
use std::fmt;
|
||||
use rand;
|
||||
use bn::{Group, Fr};
|
||||
use bn::{Group, Fr, G1};
|
||||
use sym;
|
||||
use commit_scheme;
|
||||
use clsigs;
|
||||
use Message;
|
||||
use hashG1ToFr;
|
||||
use sodiumoxide::randombytes;
|
||||
|
||||
pub struct PublicParams {
|
||||
|
@ -722,22 +748,22 @@ pub mod bidirectional {
|
|||
|
||||
pub struct ChannelToken {
|
||||
w_com: commit_scheme::Commitment,
|
||||
pk: clsigs::PublicKey
|
||||
pk: clsigs::PublicKeyD
|
||||
}
|
||||
|
||||
pub struct CustSecretKey {
|
||||
sk: clsigs::SecretKey, // the secret key for the signature scheme (Is it possible to make this a generic field?)
|
||||
sk: clsigs::SecretKeyD, // the secret key for the signature scheme (Is it possible to make this a generic field?)
|
||||
cid: Fr, // channel Id
|
||||
wpk: G1, // signature verification key
|
||||
wsk: Fr, // signature private key
|
||||
r: Fr, // random coins for commitment scheme
|
||||
balance: u32, // the balance for the user
|
||||
balance: i32, // the balance for the user
|
||||
ck_vec: Vec<sym::SymKey>
|
||||
}
|
||||
|
||||
pub struct MerchSecretKey {
|
||||
sk: clsigs::SecretKey,
|
||||
balance: u32
|
||||
sk: clsigs::SecretKeyD,
|
||||
balance: i32
|
||||
}
|
||||
|
||||
pub struct InitCustomerData {
|
||||
|
@ -746,28 +772,28 @@ pub mod bidirectional {
|
|||
}
|
||||
|
||||
pub struct InitMerchantData {
|
||||
T: clsigs::PublicKey,
|
||||
T: clsigs::PublicKeyD,
|
||||
csk: MerchSecretKey
|
||||
}
|
||||
|
||||
pub fn setup() -> PublicParams {
|
||||
// TODO: provide option for generating CRS parameters
|
||||
let cm_pp = commit_scheme::setup();
|
||||
let cl_mpk = clsigs::setup();
|
||||
let cl_mpk = clsigs::setupD();
|
||||
let l = 256;
|
||||
// let nizk = "nizk proof system";
|
||||
let pp = PublicParams { cm_mpk: cm_pp, cl_mpk: cl_mpk, l_bits: l };
|
||||
return pp;
|
||||
}
|
||||
|
||||
pub fn keygen(pp: &PublicParams) -> clsigs::KeyPair {
|
||||
pub fn keygen(pp: &PublicParams) -> clsigs::KeyPairD {
|
||||
// TODO: figure out what we need from public params to generate keys
|
||||
println!("Run Keygen...");
|
||||
let keypair = clsigs::keygen(&pp.cl_mpk);
|
||||
let keypair = clsigs::keygenD(&pp.cl_mpk, 3);
|
||||
return keypair;
|
||||
}
|
||||
|
||||
pub fn init_customer(pp: &PublicParams, channelId: Fr, b0_customer: u32, keypair: &clsigs::KeyPair) -> InitCustomerData {
|
||||
pub fn init_customer(pp: &PublicParams, channelId: Fr, b0_customer: i32, keypair: &clsigs::KeyPairD) -> InitCustomerData {
|
||||
println!("Run Init customer...");
|
||||
sym::init();
|
||||
let rng = &mut rand::thread_rng();
|
||||
|
@ -776,6 +802,8 @@ pub mod bidirectional {
|
|||
// keygen for wallet
|
||||
let wsk = Fr::random(rng);
|
||||
let wpk = pp.cm_mpk.g2 * wsk;
|
||||
let h_wpk = hashG1ToFr(&wpk);
|
||||
let b0 = Fr::from_str(b0_customer.to_string().as_str()).unwrap();
|
||||
let r = Fr::random(rng);
|
||||
//let msg = Message::new(keypair.sk, k1, k2, b0_customer).hash();
|
||||
|
||||
|
@ -785,21 +813,23 @@ pub mod bidirectional {
|
|||
let ck = sym::keygen(l);
|
||||
ck_vec.push(ck);
|
||||
}
|
||||
let w_com = commit_scheme::commit(&pp.cm_pp, channelId, wpk, b0_customer, Some(r));
|
||||
let t_c = ChannelToken { w_com: w_com, pk: keypair.pk };
|
||||
let csk_c = CustSecretKey { sk: keypair.sk, cid: channelId, wpk: wpk, wsk: wsk,
|
||||
|
||||
// TODO: hash (wpk) and convert b0_customer into Fr
|
||||
let w_com = commit_scheme::commit(&pp.cm_mpk, channelId, h_wpk, b0, Some(r));
|
||||
let t_c = ChannelToken { w_com: w_com, pk: keypair.pk.clone() };
|
||||
let csk_c = CustSecretKey { sk: keypair.sk.clone(), cid: channelId, wpk: wpk, wsk: wsk,
|
||||
r: r, balance: b0_customer, ck_vec: ck_vec };
|
||||
return InitCustomerData { T: t_c, csk: csk_c };
|
||||
}
|
||||
|
||||
pub fn init_merchant(pp: &PublicParams, b0_merchant: u32, keypair: &clsigs::KeyPair) -> InitMerchantData {
|
||||
pub fn init_merchant(pp: &PublicParams, b0_merchant: i32, keypair: &clsigs::KeyPairD) -> InitMerchantData {
|
||||
println!("Run Init merchant...");
|
||||
let csk_m = MerchSecretKey { sk: keypair.sk, balance: b0_merchant };
|
||||
return InitMerchantData { T: keypair.pk, csk: csk_m };
|
||||
let csk_m = MerchSecretKey { sk: keypair.sk.clone(), balance: b0_merchant };
|
||||
return InitMerchantData { T: keypair.pk.clone(), csk: csk_m };
|
||||
}
|
||||
|
||||
// TODO: requires NIZK proof system
|
||||
pub fn establish_customer(pp: &PublicParams, t_m: &clsigs::PublicKey, csk_c: &CustSecretKey) {
|
||||
pub fn establish_customer(pp: &PublicParams, t_m: &clsigs::PublicKeyD, csk_c: &CustSecretKey) {
|
||||
println ! ("Run establish_customer algorithm...");
|
||||
// set sk_0 to random bytes of length l
|
||||
// let sk_0 = random_bytes(pp.l);
|
||||
|
@ -807,7 +837,7 @@ pub mod bidirectional {
|
|||
let mut sk0 = vec![0; buf_len];
|
||||
randombytes::randombytes_into(&mut sk0);
|
||||
|
||||
let pi1 = create_nizk_proof_one(csk_c.sk, csk_c.k1, csk_c.k2, );
|
||||
//let pi1 = create_nizk_proof_one(csk_c.sk, csk_c.k1, csk_c.k2, );
|
||||
}
|
||||
|
||||
// the merchant calls this method after obtaining
|
||||
|
@ -816,8 +846,12 @@ pub mod bidirectional {
|
|||
}
|
||||
|
||||
// TODO: requires NIZK proof system calls
|
||||
pub fn pay() {
|
||||
println!("Run pay algorithm...");
|
||||
pub fn pay_by_customer() {
|
||||
println!("Run pay algorithm by Customer - phase 1.");
|
||||
}
|
||||
|
||||
pub fn pay_by_merchant() {
|
||||
println!("Run pay algorithm by Merchant - phase 1");
|
||||
}
|
||||
|
||||
// pub fn refund(pp: &PublicParams, imd : &InitMerchantData, w: Wallet) {
|
||||
|
|
Loading…
Reference in New Issue