[zk-token-sdk] Allow all zero auditor pubkey in proofs (#33106)
* allow auditor ElGamal public key to be all zero * remove test components on all zero auditor ElGamal pubkey
This commit is contained in:
parent
931665551e
commit
a4ceea32d7
|
@ -840,7 +840,7 @@ mod test {
|
|||
|
||||
assert!(fee_data.verify_proof().is_ok());
|
||||
|
||||
// Case 4: invalid destination, auditor, or withdraw authority pubkeys
|
||||
// Case 4: destination pubkey invalid
|
||||
let spendable_balance: u64 = 120;
|
||||
let spendable_ciphertext = source_keypair.pubkey().encrypt(spendable_balance);
|
||||
|
||||
|
@ -871,47 +871,5 @@ mod test {
|
|||
.unwrap();
|
||||
|
||||
assert!(fee_data.verify_proof().is_err());
|
||||
|
||||
// auditor pubkey invalid
|
||||
let destination_keypair = ElGamalKeypair::new_rand();
|
||||
let destination_pubkey = destination_keypair.pubkey();
|
||||
|
||||
let auditor_pubkey = pod::ElGamalPubkey::zeroed().try_into().unwrap();
|
||||
|
||||
let withdraw_withheld_authority_keypair = ElGamalKeypair::new_rand();
|
||||
let withdraw_withheld_authority_pubkey = withdraw_withheld_authority_keypair.pubkey();
|
||||
|
||||
let fee_data = TransferWithFeeData::new(
|
||||
transfer_amount,
|
||||
(spendable_balance, &spendable_ciphertext),
|
||||
&source_keypair,
|
||||
(destination_pubkey, &auditor_pubkey),
|
||||
fee_parameters,
|
||||
withdraw_withheld_authority_pubkey,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert!(fee_data.verify_proof().is_err());
|
||||
|
||||
// withdraw authority invalid
|
||||
let destination_keypair = ElGamalKeypair::new_rand();
|
||||
let destination_pubkey = destination_keypair.pubkey();
|
||||
|
||||
let auditor_keypair = ElGamalKeypair::new_rand();
|
||||
let auditor_pubkey = auditor_keypair.pubkey();
|
||||
|
||||
let withdraw_withheld_authority_pubkey = pod::ElGamalPubkey::zeroed().try_into().unwrap();
|
||||
|
||||
let fee_data = TransferWithFeeData::new(
|
||||
transfer_amount,
|
||||
(spendable_balance, &spendable_ciphertext),
|
||||
&source_keypair,
|
||||
(destination_pubkey, auditor_pubkey),
|
||||
fee_parameters,
|
||||
&withdraw_withheld_authority_pubkey,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert!(fee_data.verify_proof().is_err());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -524,13 +524,11 @@ mod test {
|
|||
|
||||
assert!(transfer_data.verify_proof().is_ok());
|
||||
|
||||
// Case 4: invalid destination or auditor pubkey
|
||||
// Case 4: destination pubkey is invalid
|
||||
let spendable_balance: u64 = 0;
|
||||
let spendable_ciphertext = source_keypair.pubkey().encrypt(spendable_balance);
|
||||
|
||||
let transfer_amount: u64 = 0;
|
||||
|
||||
// destination pubkey invalid
|
||||
let dest_pk = pod::ElGamalPubkey::zeroed().try_into().unwrap();
|
||||
let auditor_keypair = ElGamalKeypair::new_rand();
|
||||
let auditor_pk = auditor_keypair.pubkey();
|
||||
|
@ -544,21 +542,6 @@ mod test {
|
|||
.unwrap();
|
||||
|
||||
assert!(transfer_data.verify_proof().is_err());
|
||||
|
||||
// auditor pubkey invalid
|
||||
let dest_keypair = ElGamalKeypair::new_rand();
|
||||
let dest_pk = dest_keypair.pubkey();
|
||||
let auditor_pk = pod::ElGamalPubkey::zeroed().try_into().unwrap();
|
||||
|
||||
let transfer_data = TransferData::new(
|
||||
transfer_amount,
|
||||
(spendable_balance, &spendable_ciphertext),
|
||||
&source_keypair,
|
||||
(dest_pk, &auditor_pk),
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert!(transfer_data.verify_proof().is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
|
@ -134,7 +134,8 @@ impl GroupedCiphertext2HandlesValidityProof {
|
|||
// include Y_0, Y_1, Y_2 to transcript and extract challenges
|
||||
transcript.validate_and_append_point(b"Y_0", &self.Y_0)?;
|
||||
transcript.validate_and_append_point(b"Y_1", &self.Y_1)?;
|
||||
transcript.validate_and_append_point(b"Y_2", &self.Y_2)?;
|
||||
// Y_2 can be an all zero point if the auditor public key is all zero
|
||||
transcript.append_point(b"Y_2", &self.Y_2);
|
||||
|
||||
let c = transcript.challenge_scalar(b"c");
|
||||
let w = transcript.challenge_scalar(b"w");
|
||||
|
@ -301,37 +302,6 @@ mod test {
|
|||
)
|
||||
.is_err());
|
||||
|
||||
// if auditor public key zeroed, then the proof should always reject
|
||||
let destination_keypair = ElGamalKeypair::new_rand();
|
||||
let destination_pubkey = destination_keypair.pubkey();
|
||||
|
||||
let auditor_pubkey = ElGamalPubkey::from_bytes(&[0u8; 32]).unwrap();
|
||||
|
||||
let amount: u64 = 55;
|
||||
let (commitment, opening) = Pedersen::new(amount);
|
||||
|
||||
let destination_handle = destination_pubkey.decrypt_handle(&opening);
|
||||
let auditor_handle = auditor_pubkey.decrypt_handle(&opening);
|
||||
|
||||
let mut prover_transcript = Transcript::new(b"Test");
|
||||
let mut verifier_transcript = Transcript::new(b"Test");
|
||||
|
||||
let proof = GroupedCiphertext2HandlesValidityProof::new(
|
||||
(destination_pubkey, &auditor_pubkey),
|
||||
amount,
|
||||
&opening,
|
||||
&mut prover_transcript,
|
||||
);
|
||||
|
||||
assert!(proof
|
||||
.verify(
|
||||
&commitment,
|
||||
(destination_pubkey, &auditor_pubkey),
|
||||
(&destination_handle, &auditor_handle),
|
||||
&mut verifier_transcript,
|
||||
)
|
||||
.is_err());
|
||||
|
||||
// all zeroed ciphertext should still be valid
|
||||
let destination_keypair = ElGamalKeypair::new_rand();
|
||||
let destination_pubkey = destination_keypair.pubkey();
|
||||
|
|
Loading…
Reference in New Issue