feat: add verification for fee proof
This commit is contained in:
parent
e561fbc25a
commit
826c3bee4a
|
@ -1,9 +1,6 @@
|
||||||
#[cfg(not(target_arch = "bpf"))]
|
#[cfg(not(target_arch = "bpf"))]
|
||||||
use {
|
use {
|
||||||
crate::encryption::{
|
crate::encryption::pedersen::{PedersenBase, PedersenCommitment, PedersenOpening},
|
||||||
elgamal::{ElGamalCiphertext, ElGamalPubkey},
|
|
||||||
pedersen::{PedersenBase, PedersenCommitment, PedersenOpening},
|
|
||||||
},
|
|
||||||
rand::rngs::OsRng,
|
rand::rngs::OsRng,
|
||||||
};
|
};
|
||||||
use {
|
use {
|
||||||
|
@ -25,9 +22,11 @@ pub struct FeeProof {
|
||||||
#[allow(non_snake_case, dead_code)]
|
#[allow(non_snake_case, dead_code)]
|
||||||
#[cfg(not(target_arch = "bpf"))]
|
#[cfg(not(target_arch = "bpf"))]
|
||||||
impl FeeProof {
|
impl FeeProof {
|
||||||
|
#[allow(clippy::too_many_arguments)]
|
||||||
pub fn new(
|
pub fn new(
|
||||||
amount_fee: u64,
|
amount_fee: u64,
|
||||||
max_fee: u64,
|
max_fee: u64,
|
||||||
|
delta_fee: u64,
|
||||||
commitment_fee: &PedersenCommitment,
|
commitment_fee: &PedersenCommitment,
|
||||||
opening_fee: &PedersenOpening,
|
opening_fee: &PedersenOpening,
|
||||||
commitment_delta_real: &PedersenCommitment,
|
commitment_delta_real: &PedersenCommitment,
|
||||||
|
@ -40,7 +39,7 @@ impl FeeProof {
|
||||||
let G = PedersenBase::default().G;
|
let G = PedersenBase::default().G;
|
||||||
let H = PedersenBase::default().H;
|
let H = PedersenBase::default().H;
|
||||||
|
|
||||||
let x = Scalar::from(amount_fee);
|
let x = Scalar::from(delta_fee);
|
||||||
let m = Scalar::from(max_fee);
|
let m = Scalar::from(max_fee);
|
||||||
|
|
||||||
let C_max = commitment_fee.get_point();
|
let C_max = commitment_fee.get_point();
|
||||||
|
@ -93,6 +92,8 @@ impl FeeProof {
|
||||||
let c = transcript.challenge_scalar(b"c");
|
let c = transcript.challenge_scalar(b"c");
|
||||||
let c_equality = c - c_max;
|
let c_equality = c - c_max;
|
||||||
|
|
||||||
|
transcript.challenge_scalar(b"w");
|
||||||
|
|
||||||
let z_x = c_equality * x + y_x;
|
let z_x = c_equality * x + y_x;
|
||||||
let z_delta_real = c_equality * r_delta_real + y_delta_real;
|
let z_delta_real = c_equality * r_delta_real + y_delta_real;
|
||||||
let z_delta_claimed = c_equality * r_delta_claimed + y_delta_claimed;
|
let z_delta_claimed = c_equality * r_delta_claimed + y_delta_claimed;
|
||||||
|
@ -147,6 +148,8 @@ impl FeeProof {
|
||||||
let c = transcript.challenge_scalar(b"c");
|
let c = transcript.challenge_scalar(b"c");
|
||||||
let c_max = c - c_equality;
|
let c_max = c - c_equality;
|
||||||
|
|
||||||
|
transcript.challenge_scalar(b"w");
|
||||||
|
|
||||||
let z_max = c_max * r_max + y_max;
|
let z_max = c_max * r_max + y_max;
|
||||||
|
|
||||||
let fee_max_proof = FeeMaxProof {
|
let fee_max_proof = FeeMaxProof {
|
||||||
|
@ -220,9 +223,40 @@ impl FeeProof {
|
||||||
let c_max = self.fee_max_proof.c_max;
|
let c_max = self.fee_max_proof.c_max;
|
||||||
let c_equality = c - c_max;
|
let c_equality = c - c_max;
|
||||||
|
|
||||||
|
let w = transcript.challenge_scalar(b"w");
|
||||||
|
let ww = w * w;
|
||||||
|
|
||||||
|
println!("{:?}", C_delta_real.compress());
|
||||||
|
|
||||||
let check = RistrettoPoint::vartime_multiscalar_mul(
|
let check = RistrettoPoint::vartime_multiscalar_mul(
|
||||||
vec![c_max, -c_max * m, -z_max, Scalar::one()],
|
vec![
|
||||||
vec![C_max, G, H, Y_max],
|
c_max,
|
||||||
|
-c_max * m,
|
||||||
|
-z_max,
|
||||||
|
Scalar::one(),
|
||||||
|
w * z_x,
|
||||||
|
w * z_delta_real,
|
||||||
|
-w * c_equality,
|
||||||
|
-w,
|
||||||
|
ww * z_x,
|
||||||
|
ww * z_delta_claimed,
|
||||||
|
-ww * c_equality,
|
||||||
|
-ww,
|
||||||
|
],
|
||||||
|
vec![
|
||||||
|
C_max,
|
||||||
|
G,
|
||||||
|
H,
|
||||||
|
Y_max,
|
||||||
|
G,
|
||||||
|
H,
|
||||||
|
C_delta_real,
|
||||||
|
Y_delta_real,
|
||||||
|
G,
|
||||||
|
H,
|
||||||
|
C_delta_claimed,
|
||||||
|
Y_delta_claimed,
|
||||||
|
],
|
||||||
);
|
);
|
||||||
|
|
||||||
if check.is_identity() {
|
if check.is_identity() {
|
||||||
|
@ -282,6 +316,7 @@ mod test {
|
||||||
let proof = FeeProof::new(
|
let proof = FeeProof::new(
|
||||||
amount_fee,
|
amount_fee,
|
||||||
max_fee,
|
max_fee,
|
||||||
|
delta_fee,
|
||||||
&commitment_fee,
|
&commitment_fee,
|
||||||
&opening_fee,
|
&opening_fee,
|
||||||
&commitment_delta_real,
|
&commitment_delta_real,
|
||||||
|
|
Loading…
Reference in New Issue