zecfoundation
/
libbolt
mirror of https://github.com/ZcashFoundation/libbolt.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

i64: change values to i64 and update range proof params

This commit is contained in:
Gijs Van Laer 2019-09-27 13:02:31 -04:00
parent 10ad13aacd
commit 576de0beb6
10 changed files with 99 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -33,7 +33,7 @@ pythontests:
cargo +nightly update cargo +nightly update
cargo +nightly build --release cargo +nightly build --release
python py/libbolt.py python py/libbolt.py
python py/tests.py python py/libbolt_tests.py
cpptests: cpptests:
@cargo +nightly build --release @cargo +nightly build --release

16
go/libbolt.go
View File

@ -32,7 +32,7 @@ type setupResp struct {
type ChannelState struct { type ChannelState struct {
R int `json:"R"` R int `json:"R"`
TxFee int `json:"tx_fee"` TxFee int64 `json:"tx_fee"`
Cp interface{} `json:"cp"` Cp interface{} `json:"cp"`
Name string `json:"name"` Name string `json:"name"`
PayInit bool `json:"pay_init"` PayInit bool `json:"pay_init"`
@ -55,8 +55,8 @@ type CustState struct {
Name string `json:"name"` Name string `json:"name"`
PkC string `json:"pk_c"` PkC string `json:"pk_c"`
SkC string `json:"sk_c"` SkC string `json:"sk_c"`
CustBalance int `json:"cust_balance"` CustBalance int64 `json:"cust_balance"`
MerchBalance int `json:"merch_balance"` MerchBalance int64 `json:"merch_balance"`
Wpk string `json:"wpk"` Wpk string `json:"wpk"`
Wsk string `json:"wsk"` Wsk string `json:"wsk"`
OldKP *KP `json:"old_kp,omitempty"` OldKP *KP `json:"old_kp,omitempty"`
@ -80,8 +80,8 @@ type Commitment struct {
type Wallet struct { type Wallet struct {
Pkc []string `json:"pkc"` Pkc []string `json:"pkc"`
Wpk []string `json:"wpk"` Wpk []string `json:"wpk"`
Bc int `json:"bc"` Bc int64 `json:"bc"`
Bm int `json:"bm"` Bm int64 `json:"bm"`
Close []string `json:"close"` Close []string `json:"close"`
} }
@ -193,7 +193,7 @@ func BidirectionalInitCustomer(channelToken ChannelToken, balanceCustomer int, b
if err != nil { if err != nil {
return ChannelToken{}, CustState{}, err return ChannelToken{}, CustState{}, err
} }
resp := C.GoString(C.ffishim_bidirectional_init_customer(C.CString(string(serChannelToken)), C.int(balanceCustomer), C.int(balanceMerchant), C.CString(nameCustomer))) resp := C.GoString(C.ffishim_bidirectional_init_customer(C.CString(string(serChannelToken)), C.longlong(balanceCustomer), C.longlong(balanceMerchant), C.CString(nameCustomer)))
r, err := processCResponse(resp) r, err := processCResponse(resp)
if err != nil { if err != nil {
return ChannelToken{}, CustState{}, err return ChannelToken{}, CustState{}, err
@ -256,7 +256,7 @@ func BidirectionalEstablishMerchantIssueCloseToken(channelState ChannelState, co
if err != nil { if err != nil {
return Signature{}, err return Signature{}, err
} }
resp := C.GoString(C.ffishim_bidirectional_establish_merchant_issue_close_token(C.CString(string(serChannelState)), C.CString(string(serCom)), C.CString(string(serComProof)), C.CString(pkc), C.int(initCustBal), C.int(initMerchBal), C.CString(string(serMerchState)))) resp := C.GoString(C.ffishim_bidirectional_establish_merchant_issue_close_token(C.CString(string(serChannelState)), C.CString(string(serCom)), C.CString(string(serComProof)), C.CString(pkc), C.longlong(initCustBal), C.longlong(initMerchBal), C.CString(string(serMerchState))))
r, err := processCResponse(resp) r, err := processCResponse(resp)
if err != nil { if err != nil {
return Signature{}, err return Signature{}, err
@ -350,7 +350,7 @@ func BidirectionalPayGeneratePaymentProof(channelState ChannelState, custState C
if err != nil { if err != nil {
return "", CustState{}, err return "", CustState{}, err
} }
resp := C.GoString(C.ffishim_bidirectional_pay_generate_payment_proof(C.CString(string(serChannelState)), C.CString(string(serCustState)), C.int(amount))) resp := C.GoString(C.ffishim_bidirectional_pay_generate_payment_proof(C.CString(string(serChannelState)), C.CString(string(serCustState)), C.longlong(amount)))
r, err := processCResponse(resp) r, err := processCResponse(resp)
if err != nil { if err != nil {
return "", CustState{}, err return "", CustState{}, err

6
include/libbolt.h
View File

@ -18,17 +18,17 @@ extern "C" {
// channel init // channel init
char* ffishim_bidirectional_channel_setup(const char *channel_name, unsigned int third_party_support); char* ffishim_bidirectional_channel_setup(const char *channel_name, unsigned int third_party_support);
char* ffishim_bidirectional_init_merchant(const char *ser_channel_state, const char *name_ptr); char* ffishim_bidirectional_init_merchant(const char *ser_channel_state, const char *name_ptr);
char* ffishim_bidirectional_init_customer(const char *ser_channel_token, int balance_customer, int balance_merchant, const char *name_ptr); char* ffishim_bidirectional_init_customer(const char *ser_channel_token, long long int balance_customer, long long int balance_merchant, const char *name_ptr);
// channel establish protocol routines // channel establish protocol routines
char* ffishim_bidirectional_establish_customer_generate_proof(const char *ser_channel_token, const char *ser_customer_wallet); char* ffishim_bidirectional_establish_customer_generate_proof(const char *ser_channel_token, const char *ser_customer_wallet);
char* ffishim_bidirectional_establish_merchant_issue_close_token(const char *ser_channel_state, const char *ser_com, const char *ser_com_proof, const char *ser_pk_c, int init_cust_bal, int init_merch_bal, const char *ser_merch_state); char* ffishim_bidirectional_establish_merchant_issue_close_token(const char *ser_channel_state, const char *ser_com, const char *ser_com_proof, const char *ser_pk_c, long long int init_cust_bal, long long int init_merch_bal, const char *ser_merch_state);
char* ffishim_bidirectional_establish_merchant_issue_pay_token(const char *ser_channel_state, const char *ser_com, const char *ser_merch_state); char* ffishim_bidirectional_establish_merchant_issue_pay_token(const char *ser_channel_state, const char *ser_com, const char *ser_merch_state);
char* ffishim_bidirectional_verify_close_token(const char *ser_channel_state, const char *ser_customer_wallet, const char *ser_close_token); char* ffishim_bidirectional_verify_close_token(const char *ser_channel_state, const char *ser_customer_wallet, const char *ser_close_token);
char* ffishim_bidirectional_establish_customer_final(const char *ser_channel_state, const char *ser_customer_wallet, const char *ser_pay_token); char* ffishim_bidirectional_establish_customer_final(const char *ser_channel_state, const char *ser_customer_wallet, const char *ser_pay_token);
// channel pay protocol routines // channel pay protocol routines
char* ffishim_bidirectional_pay_generate_payment_proof(const char *ser_channel_state, const char *ser_customer_wallet, int amount); char* ffishim_bidirectional_pay_generate_payment_proof(const char *ser_channel_state, const char *ser_customer_wallet, long long int amount);
char* ffishim_bidirectional_pay_verify_payment_proof(const char *ser_channel_state, const char *ser_pay_proof, const char *ser_merch_state); char* ffishim_bidirectional_pay_verify_payment_proof(const char *ser_channel_state, const char *ser_pay_proof, const char *ser_merch_state);
char* ffishim_bidirectional_pay_generate_revoke_token(const char *ser_channel_state, const char *ser_cust_state, const char *ser_new_cust_state, const char *ser_close_token); char* ffishim_bidirectional_pay_generate_revoke_token(const char *ser_channel_state, const char *ser_cust_state, const char *ser_new_cust_state, const char *ser_close_token);
char* ffishim_bidirectional_pay_verify_revoke_token(const char *ser_revoke_token, const char *ser_merch_state); char* ffishim_bidirectional_pay_verify_revoke_token(const char *ser_revoke_token, const char *ser_merch_state);

34
src/ccs08.rs
View File

@ -30,11 +30,11 @@ pub struct ParamsUL<E: Engine> {
// u determines the amount of signatures we need in the public params. // u determines the amount of signatures we need in the public params.
// Each signature can be compressed to just 1 field element of 256 bits. // Each signature can be compressed to just 1 field element of 256 bits.
// Then the parameters have minimum size equal to 256*u bits. // Then the parameters have minimum size equal to 256*u bits.
u: i32, u: i64,
// l determines how many pairings we need to compute, then in order to improve // l determines how many pairings we need to compute, then in order to improve
// verifier`s performance we want to minize it. // verifier`s performance we want to minize it.
// Namely, we have 2*l pairings for the prover and 3*l for the verifier. // Namely, we have 2*l pairings for the prover and 3*l for the verifier.
l: i32, l: i64,
} }
/** /**
@ -51,7 +51,7 @@ pub struct SecretParamsUL<E: Engine> {
#[derive(Clone)] #[derive(Clone)]
pub struct ProofULState<E: Engine> { pub struct ProofULState<E: Engine> {
pub decx: Vec<i32>, pub decx: Vec<i64>,
pub proofStates: Vec<ProofState<E>>, pub proofStates: Vec<ProofState<E>>,
pub V: Vec<Signature<E>>, pub V: Vec<Signature<E>>,
pub D: E::G1, pub D: E::G1,
@ -118,8 +118,8 @@ This must be computed in a trusted setup.
#[serde(bound(deserialize = "<E as ff::ScalarEngine>::Fr: serde::Deserialize<'de>, <E as pairing::Engine>::G1: serde::Deserialize<'de>, <E as pairing::Engine>::G2: serde::Deserialize<'de>"))] #[serde(bound(deserialize = "<E as ff::ScalarEngine>::Fr: serde::Deserialize<'de>, <E as pairing::Engine>::G1: serde::Deserialize<'de>, <E as pairing::Engine>::G2: serde::Deserialize<'de>"))]
pub struct RPPublicParams<E: Engine> { pub struct RPPublicParams<E: Engine> {
pub p: ParamsUL<E>, pub p: ParamsUL<E>,
pub a: i32, pub a: i64,
pub b: i32, pub b: i64,
} }
/** /**
@ -140,7 +140,7 @@ impl<E: Engine> SecretParamsUL<E> {
The value of u should be roughly b/log(b), but we can choose smaller values in The value of u should be roughly b/log(b), but we can choose smaller values in
order to get smaller parameters, at the cost of having worse performance. order to get smaller parameters, at the cost of having worse performance.
*/ */
pub fn setup_ul<R: Rng>(rng: &mut R, u: i32, l: i32, csParams: CSMultiParams<E>) -> Self { pub fn setup_ul<R: Rng>(rng: &mut R, u: i64, l: i64, csParams: CSMultiParams<E>) -> Self {
let mpk = setup(rng); let mpk = setup(rng);
let kp = BlindKeyPair::<E>::generate(rng, &mpk, 1); let kp = BlindKeyPair::<E>::generate(rng, &mpk, 1);
@ -220,7 +220,7 @@ impl<E: Engine> ParamsUL<E> {
/** /**
prove_ul method is used to produce the ZKRP proof that secret x belongs to the interval [0,U^L). prove_ul method is used to produce the ZKRP proof that secret x belongs to the interval [0,U^L).
*/ */
pub fn prove_ul<R: Rng>(&self, rng: &mut R, x: i32, r: E::Fr, C: Commitment<E>, k: usize, otherM: Vec<E::Fr>) -> ProofUL<E> { pub fn prove_ul<R: Rng>(&self, rng: &mut R, x: i64, r: E::Fr, C: Commitment<E>, k: usize, otherM: Vec<E::Fr>) -> ProofUL<E> {
let proofUlState = self.prove_ul_commitment(rng, x, k, None, None); let proofUlState = self.prove_ul_commitment(rng, x, k, None, None);
// Fiat-Shamir heuristic // Fiat-Shamir heuristic
@ -233,8 +233,8 @@ impl<E: Engine> ParamsUL<E> {
self.prove_ul_response(r, C, &proofUlState, c, k, otherM) self.prove_ul_response(r, C, &proofUlState, c, k, otherM)
} }
pub fn prove_ul_commitment<R: Rng>(&self, rng: &mut R, x: i32, k: usize, sOptional: Option<Vec<E::Fr>>, mOptional: Option<E::Fr>) -> ProofULState<E> { pub fn prove_ul_commitment<R: Rng>(&self, rng: &mut R, x: i64, k: usize, sOptional: Option<Vec<E::Fr>>, mOptional: Option<E::Fr>) -> ProofULState<E> {
if x > self.u.pow(self.l as u32) || x < 0 { if x > self.u.pow(self.l as u32) - 1 || x < 0 {
panic!("x is not within the range."); panic!("x is not within the range.");
} }
let decx = decompose(x, self.u, self.l); let decx = decompose(x, self.u, self.l);
@ -340,7 +340,7 @@ fn hash<E: Engine>(a: Vec<E::Fqk>, D: Vec<E::G1>) -> E::Fr {
Decompose receives as input an integer x and outputs an array of integers such that Decompose receives as input an integer x and outputs an array of integers such that
x = sum(xi.u^i), i.e. it returns the decomposition of x into base u. x = sum(xi.u^i), i.e. it returns the decomposition of x into base u.
*/ */
fn decompose(x: i32, u: i32, l: i32) -> Vec<i32> { fn decompose(x: i64, u: i64, l: i64) -> Vec<i64> {
let mut result = Vec::with_capacity(l as usize); let mut result = Vec::with_capacity(l as usize);
let mut decomposer = x.clone(); let mut decomposer = x.clone();
for _i in 0..l { for _i in 0..l {
@ -354,7 +354,7 @@ impl<E: Engine> RPSecretParams<E> {
/** /**
Setup receives integers a and b, and configures the parameters for the rangeproof scheme. Setup receives integers a and b, and configures the parameters for the rangeproof scheme.
*/ */
pub fn setup<R: Rng>(rng: &mut R, a: i32, b: i32, csParams: CSMultiParams<E>) -> Self { pub fn setup<R: Rng>(rng: &mut R, a: i64, b: i64, csParams: CSMultiParams<E>) -> Self {
// Compute optimal values for u and l // Compute optimal values for u and l
if a > b { if a > b {
panic!("a must be less than or equal to b"); panic!("a must be less than or equal to b");
@ -363,9 +363,9 @@ impl<E: Engine> RPSecretParams<E> {
let logb = (b as f32).log2(); let logb = (b as f32).log2();
let loglogb = logb.log2(); let loglogb = logb.log2();
if loglogb > 0.0 { if loglogb > 0.0 {
let mut u = (logb / loglogb) as i32; let mut u = (logb / loglogb) as i64;
u = 57; //TODO: optimize u? u = 57; //TODO: optimize u?
let l = (b as f32).log(u as f32).ceil() as i32; let l = (b as f64).log(u as f64).ceil() as i64;
let secParamsOut = SecretParamsUL::<E>::setup_ul(rng, u, l, csParams.clone()); let secParamsOut = SecretParamsUL::<E>::setup_ul(rng, u, l, csParams.clone());
let pubParams = RPPublicParams { p: secParamsOut.pubParams.clone(), a, b }; let pubParams = RPPublicParams { p: secParamsOut.pubParams.clone(), a, b };
@ -398,7 +398,7 @@ impl<E: Engine> RPPublicParams<E> {
/** /**
Prove method is responsible for generating the zero knowledge range proof. Prove method is responsible for generating the zero knowledge range proof.
*/ */
pub fn prove<R: Rng>(&self, rng: &mut R, x: i32, C: Commitment<E>, r: E::Fr, k: usize, otherM: Vec<E::Fr>) -> RangeProof<E> { pub fn prove<R: Rng>(&self, rng: &mut R, x: i64, C: Commitment<E>, r: E::Fr, k: usize, otherM: Vec<E::Fr>) -> RangeProof<E> {
let rpState = self.prove_commitment(rng, x, C, k, None, None); let rpState = self.prove_commitment(rng, x, C, k, None, None);
let mut a = Vec::<E::Fqk>::with_capacity(self.p.l as usize); let mut a = Vec::<E::Fqk>::with_capacity(self.p.l as usize);
@ -411,7 +411,7 @@ impl<E: Engine> RPPublicParams<E> {
self.prove_response(r, &rpState, ch, k, otherM) self.prove_response(r, &rpState, ch, k, otherM)
} }
pub fn prove_commitment<R: Rng>(&self, rng: &mut R, x: i32, C: Commitment<E>, k: usize, sOptional: Option<Vec<E::Fr>>, mOptional: Option<E::Fr>) -> RangeProofState<E> { pub fn prove_commitment<R: Rng>(&self, rng: &mut R, x: i64, C: Commitment<E>, k: usize, sOptional: Option<Vec<E::Fr>>, mOptional: Option<E::Fr>) -> RangeProofState<E> {
if x > self.b || x < self.a { if x > self.b || x < self.a {
panic!("x is not within the range."); panic!("x is not within the range.");
} }
@ -646,14 +646,14 @@ mod tests {
let vec1 = decompose(25, 3, 5); let vec1 = decompose(25, 3, 5);
let mut result = 0; let mut result = 0;
for i in 0..5 { for i in 0..5 {
result += vec1[i] * 3i32.pow(i as u32); result += vec1[i] * 3i64.pow(i as u32);
} }
assert_eq!(result, 25); assert_eq!(result, 25);
let vec1 = decompose(143225, 6, 7); let vec1 = decompose(143225, 6, 7);
let mut result = 0; let mut result = 0;
for i in 0..7 { for i in 0..7 {
result += vec1[i] * 6i32.pow(i as u32); result += vec1[i] * 6i64.pow(i as u32);
} }
assert_eq!(result, 143225); assert_eq!(result, 143225);
} }

20
src/channels.rs
View File

@ -85,7 +85,7 @@ pub struct ChannelParams<E: Engine> {
))] ))]
pub struct ChannelState<E: Engine> { pub struct ChannelState<E: Engine> {
R: i32, R: i32,
tx_fee: i32, tx_fee: i64,
pub cp: Option<ChannelParams<E>>, pub cp: Option<ChannelParams<E>>,
pub name: String, pub name: String,
pub pay_init: bool, pub pay_init: bool,
@ -184,12 +184,12 @@ impl<E: Engine> ChannelState<E> {
// load external params // load external params
} }
pub fn set_channel_fee(&mut self, fee: i32) { pub fn set_channel_fee(&mut self, fee: i64) {
self.tx_fee = fee; self.tx_fee = fee;
} }
pub fn get_channel_fee(&self) -> i32 { pub fn get_channel_fee(&self) -> i64 {
return self.tx_fee as i32; return self.tx_fee as i64;
} }
} }
@ -215,9 +215,9 @@ pub struct CustomerState<E: Engine> {
pub name: String, pub name: String,
pub pk_c: secp256k1::PublicKey, pub pk_c: secp256k1::PublicKey,
sk_c: secp256k1::SecretKey, sk_c: secp256k1::SecretKey,
pub cust_balance: i32, pub cust_balance: i64,
// //
pub merch_balance: i32, pub merch_balance: i64,
pub wpk: secp256k1::PublicKey, pub wpk: secp256k1::PublicKey,
// keypair bound to the wallet // keypair bound to the wallet
wsk: secp256k1::SecretKey, wsk: secp256k1::SecretKey,
@ -235,7 +235,7 @@ pub struct CustomerState<E: Engine> {
} }
impl<E: Engine> CustomerState<E> { impl<E: Engine> CustomerState<E> {
pub fn new<R: Rng>(csprng: &mut R, channel_token: &mut ChannelToken<E>, cust_bal: i32, merch_bal: i32, name: String) -> Self { pub fn new<R: Rng>(csprng: &mut R, channel_token: &mut ChannelToken<E>, cust_bal: i64, merch_bal: i64, name: String) -> Self {
let mut kp = secp256k1::Secp256k1::new(); let mut kp = secp256k1::Secp256k1::new();
kp.randomize(csprng); kp.randomize(csprng);
@ -358,7 +358,7 @@ impl<E: Engine> CustomerState<E> {
} }
// for channel pay // for channel pay
pub fn generate_payment<R: Rng>(&self, csprng: &mut R, channel: &ChannelState<E>, amount: i32) -> (NIZKProof<E>, Commitment<E>, secp256k1::PublicKey, CustomerState<E>) { pub fn generate_payment<R: Rng>(&self, csprng: &mut R, channel: &ChannelState<E>, amount: i64) -> (NIZKProof<E>, Commitment<E>, secp256k1::PublicKey, CustomerState<E>) {
// 1 - chooose new wpk/wsk pair // 1 - chooose new wpk/wsk pair
let mut kp = secp256k1::Secp256k1::new(); let mut kp = secp256k1::Secp256k1::new();
kp.randomize(csprng); kp.randomize(csprng);
@ -559,7 +559,7 @@ impl<E: Engine> MerchantState<E> {
return self.keypair.sign_blind(csprng, &cp.pub_params.mpk, pay_com); return self.keypair.sign_blind(csprng, &cp.pub_params.mpk, pay_com);
} }
pub fn verify_proof<R: Rng>(&self, csprng: &mut R, channel: &ChannelState<E>, com: &Commitment<E>, com_proof: &CommitmentProof<E>, pkc: &E::Fr, cust_balance: i32, merch_balance: i32) -> ResultBoltType<(Signature<E>, Signature<E>)> { pub fn verify_proof<R: Rng>(&self, csprng: &mut R, channel: &ChannelState<E>, com: &Commitment<E>, com_proof: &CommitmentProof<E>, pkc: &E::Fr, cust_balance: i64, merch_balance: i64) -> ResultBoltType<(Signature<E>, Signature<E>)> {
let is_valid = nizk::verify_opening(&self.comParams, &com.c, &com_proof, &pkc, cust_balance, merch_balance); let is_valid = nizk::verify_opening(&self.comParams, &com.c, &com_proof, &pkc, cust_balance, merch_balance);
let cp = channel.cp.as_ref().unwrap(); let cp = channel.cp.as_ref().unwrap();
if is_valid { if is_valid {
@ -581,7 +581,7 @@ impl<E: Engine> MerchantState<E> {
return self.pay_tokens.get(&wpk_str).unwrap().clone(); return self.pay_tokens.get(&wpk_str).unwrap().clone();
} }
pub fn verify_payment<R: Rng>(&mut self, csprng: &mut R, channel: &ChannelState<E>, proof: &NIZKProof<E>, com: &Commitment<E>, wpk: &secp256k1::PublicKey, amount: i32) -> ResultBoltType<Signature<E>> { pub fn verify_payment<R: Rng>(&mut self, csprng: &mut R, channel: &ChannelState<E>, proof: &NIZKProof<E>, com: &Commitment<E>, wpk: &secp256k1::PublicKey, amount: i64) -> ResultBoltType<Signature<E>> {
let cp = channel.cp.as_ref().unwrap(); let cp = channel.cp.as_ref().unwrap();
let pay_proof = proof.clone(); let pay_proof = proof.clone();
let prev_wpk = hash_pubkey_to_fr::<E>(&wpk); let prev_wpk = hash_pubkey_to_fr::<E>(&wpk);

7
src/ffishim.rs
View File

@ -120,7 +120,7 @@ pub mod ffishim {
} }
#[no_mangle] #[no_mangle]
pub extern fn ffishim_bidirectional_init_customer(ser_channel_token: *mut c_char, balance_customer: i32, balance_merchant: i32, name_ptr: *const c_char) -> *mut c_char { pub extern fn ffishim_bidirectional_init_customer(ser_channel_token: *mut c_char, balance_customer: i64, balance_merchant: i64, name_ptr: *const c_char) -> *mut c_char {
let rng = &mut rand::thread_rng(); let rng = &mut rand::thread_rng();
// Deserialize the channel token // Deserialize the channel token
let channel_token_result: ResultSerdeType<bidirectional::ChannelToken<Bls12>> = deserialize_result_object(ser_channel_token); let channel_token_result: ResultSerdeType<bidirectional::ChannelToken<Bls12>> = deserialize_result_object(ser_channel_token);
@ -162,7 +162,7 @@ pub mod ffishim {
} }
#[no_mangle] #[no_mangle]
pub extern fn ffishim_bidirectional_establish_merchant_issue_close_token(ser_channel_state: *mut c_char, ser_com: *mut c_char, ser_com_proof: *mut c_char, ser_pk_c: *mut c_char, init_cust_bal: i32, init_merch_bal: i32, ser_merch_state: *mut c_char) -> *mut c_char { pub extern fn ffishim_bidirectional_establish_merchant_issue_close_token(ser_channel_state: *mut c_char, ser_com: *mut c_char, ser_com_proof: *mut c_char, ser_pk_c: *mut c_char, init_cust_bal: i64, init_merch_bal: i64, ser_merch_state: *mut c_char) -> *mut c_char {
let rng = &mut rand::thread_rng(); let rng = &mut rand::thread_rng();
// Deserialize the channel state // Deserialize the channel state
let channel_state_result: ResultSerdeType<bidirectional::ChannelState<Bls12>> = deserialize_result_object(ser_channel_state); let channel_state_result: ResultSerdeType<bidirectional::ChannelState<Bls12>> = deserialize_result_object(ser_channel_state);
@ -266,7 +266,7 @@ pub mod ffishim {
// PAY // PAY
#[no_mangle] #[no_mangle]
pub extern fn ffishim_bidirectional_pay_generate_payment_proof(ser_channel_state: *mut c_char, ser_customer_state: *mut c_char, amount: i32) -> *mut c_char { pub extern fn ffishim_bidirectional_pay_generate_payment_proof(ser_channel_state: *mut c_char, ser_customer_state: *mut c_char, amount: i64) -> *mut c_char {
let rng = &mut rand::thread_rng(); let rng = &mut rand::thread_rng();
// Deserialize the channel state // Deserialize the channel state
let channel_state_result: ResultSerdeType<bidirectional::ChannelState<Bls12>> = deserialize_result_object(ser_channel_state); let channel_state_result: ResultSerdeType<bidirectional::ChannelState<Bls12>> = deserialize_result_object(ser_channel_state);
@ -277,6 +277,7 @@ pub mod ffishim {
let cust_state = handle_errors!(cust_state_result); let cust_state = handle_errors!(cust_state_result);
// Generate the payment proof // Generate the payment proof
println!("{}", amount);
let (payment, new_cust_state) = bidirectional::generate_payment_proof(rng, &channel_state, &cust_state, amount); let (payment, new_cust_state) = bidirectional::generate_payment_proof(rng, &channel_state, &cust_state, amount);
// Serialize the results and return to caller // Serialize the results and return to caller
let ser = ["{\'payment\':\'", serde_json::to_string(&payment).unwrap().as_str(), let ser = ["{\'payment\':\'", serde_json::to_string(&payment).unwrap().as_str(),

40
src/lib.rs
View File

@ -39,6 +39,16 @@ extern crate libc;
extern crate rand_xorshift; extern crate rand_xorshift;
extern crate core; extern crate core;
pub mod sym;
pub mod cl;
pub mod ccs08;
pub mod ped92;
pub mod channels;
pub mod nizk;
pub mod util;
pub mod wallet;
pub mod ffishim;
use std::fmt; use std::fmt;
use std::str; use std::str;
use bincode::SizeLimit::Infinite; use bincode::SizeLimit::Infinite;
@ -52,16 +62,6 @@ use ff::{Rand, Field};
use serde::{Serialize, Deserialize}; use serde::{Serialize, Deserialize};
use serde::de::{Deserializer, Unexpected, Error}; use serde::de::{Deserializer, Unexpected, Error};
pub mod sym;
pub mod cl;
pub mod ccs08;
pub mod ped92;
pub mod channels;
pub mod nizk;
pub mod util;
pub mod wallet;
pub mod ffishim;
////////////////////////////////// Utilities ////////////////////////////////// ////////////////////////////////// Utilities //////////////////////////////////
struct HexSlice<'a>(&'a [u8]); struct HexSlice<'a>(&'a [u8]);
@ -163,7 +163,7 @@ pub mod bidirectional {
proof: NIZKProof<E>, proof: NIZKProof<E>,
com: Commitment<E>, com: Commitment<E>,
wpk: secp256k1::PublicKey, wpk: secp256k1::PublicKey,
amount: i32, amount: i64,
} }
#[derive(Clone, Serialize, Deserialize)] #[derive(Clone, Serialize, Deserialize)]
@ -196,7 +196,7 @@ pub mod bidirectional {
/// and wallet commitment. /// and wallet commitment.
/// ///
pub fn init_customer<'a, R: Rng, E: Engine>(csprng: &mut R, channel_token: &mut ChannelToken<E>, pub fn init_customer<'a, R: Rng, E: Engine>(csprng: &mut R, channel_token: &mut ChannelToken<E>,
b0_cust: i32, b0_merch: i32, name: &'a str) -> CustomerState<E> { b0_cust: i64, b0_merch: i64, name: &'a str) -> CustomerState<E> {
assert!(b0_cust >= 0); assert!(b0_cust >= 0);
assert!(b0_merch >= 0); assert!(b0_merch >= 0);
@ -221,7 +221,7 @@ pub mod bidirectional {
/// ///
pub fn establish_merchant_issue_close_token<R: Rng, E: Engine>(csprng: &mut R, channel_state: &ChannelState<E>, pub fn establish_merchant_issue_close_token<R: Rng, E: Engine>(csprng: &mut R, channel_state: &ChannelState<E>,
com: &Commitment<E>, com_proof: &CommitmentProof<E>, com: &Commitment<E>, com_proof: &CommitmentProof<E>,
pkc: &E::Fr, init_cust_balance: i32, init_merch_balance: i32, pkc: &E::Fr, init_cust_balance: i64, init_merch_balance: i64,
merch_state: &MerchantState<E>) -> BoltResult<cl::Signature<E>> { merch_state: &MerchantState<E>) -> BoltResult<cl::Signature<E>> {
// verifies proof of committed values and derives blind signature on the committed values to the customer's initial wallet // verifies proof of committed values and derives blind signature on the committed values to the customer's initial wallet
match merch_state.verify_proof(csprng, channel_state, com, com_proof, pkc, init_cust_balance, init_merch_balance) { match merch_state.verify_proof(csprng, channel_state, com, com_proof, pkc, init_cust_balance, init_merch_balance) {
@ -270,7 +270,7 @@ pub mod bidirectional {
/// PoK of the committed values in new wallet and PoK of old wallet. Return new channel token, /// PoK of the committed values in new wallet and PoK of old wallet. Return new channel token,
/// new wallet (minus blind signature and refund token) and payment proof. /// new wallet (minus blind signature and refund token) and payment proof.
/// ///
pub fn generate_payment_proof<R: Rng, E: Engine>(csprng: &mut R, channel_state: &ChannelState<E>, cust_state: &CustomerState<E>, amount: i32) -> (Payment<E>, CustomerState<E>) { pub fn generate_payment_proof<R: Rng, E: Engine>(csprng: &mut R, channel_state: &ChannelState<E>, cust_state: &CustomerState<E>, amount: i64) -> (Payment<E>, CustomerState<E>) {
let tx_fee = channel_state.get_channel_fee(); let tx_fee = channel_state.get_channel_fee();
let payment_amount = match tx_fee > 0 { let payment_amount = match tx_fee > 0 {
true => amount + tx_fee, true => amount + tx_fee,
@ -305,7 +305,7 @@ pub mod bidirectional {
/// ///
/// Verify third party payment proof from two bi-directional channel payments with intermediary /// Verify third party payment proof from two bi-directional channel payments with intermediary
/// ///
// pub fn verify_third_party_payment(pp: &PublicParams, fee: i32, proof1: &BalanceProof, proof2: &BalanceProof) -> bool { // pub fn verify_third_party_payment(pp: &PublicParams, fee: i64, proof1: &BalanceProof, proof2: &BalanceProof) -> bool {
// if proof1.third_party && proof2.third_party { // if proof1.third_party && proof2.third_party {
// let vcom1 = &proof1.proof_vcom.as_ref().unwrap(); // let vcom1 = &proof1.proof_vcom.as_ref().unwrap();
// let vcom2 = &proof2.proof_vcom.as_ref().unwrap(); // let vcom2 = &proof2.proof_vcom.as_ref().unwrap();
@ -528,7 +528,7 @@ mod tests {
use util::hash_pubkey_to_fr; use util::hash_pubkey_to_fr;
fn setup_new_channel_helper(channel_state: &mut bidirectional::ChannelState<Bls12>, fn setup_new_channel_helper(channel_state: &mut bidirectional::ChannelState<Bls12>,
init_cust_bal: i32, init_merch_bal: i32) init_cust_bal: i64, init_merch_bal: i64)
-> (bidirectional::ChannelToken<Bls12>, bidirectional::MerchantState<Bls12>, bidirectional::CustomerState<Bls12>, bidirectional::ChannelState<Bls12>) { -> (bidirectional::ChannelToken<Bls12>, bidirectional::MerchantState<Bls12>, bidirectional::CustomerState<Bls12>, bidirectional::ChannelState<Bls12>) {
let mut rng = &mut rand::thread_rng(); let mut rng = &mut rand::thread_rng();
let merch_name = "Bob"; let merch_name = "Bob";
@ -550,8 +550,8 @@ mod tests {
fn execute_establish_protocol_helper(channel_state: &mut bidirectional::ChannelState<Bls12>, fn execute_establish_protocol_helper(channel_state: &mut bidirectional::ChannelState<Bls12>,
channel_token: &mut bidirectional::ChannelToken<Bls12>, channel_token: &mut bidirectional::ChannelToken<Bls12>,
cust_balance: i32, cust_balance: i64,
merch_balance: i32, merch_balance: i64,
merch_state: &mut bidirectional::MerchantState<Bls12>, merch_state: &mut bidirectional::MerchantState<Bls12>,
cust_state: &mut bidirectional::CustomerState<Bls12>) { cust_state: &mut bidirectional::CustomerState<Bls12>) {
let mut rng = &mut rand::thread_rng(); let mut rng = &mut rand::thread_rng();
@ -584,7 +584,7 @@ mod tests {
channel_token: &mut bidirectional::ChannelToken<Bls12>, channel_token: &mut bidirectional::ChannelToken<Bls12>,
merch_state: &mut bidirectional::MerchantState<Bls12>, merch_state: &mut bidirectional::MerchantState<Bls12>,
cust_state: &mut bidirectional::CustomerState<Bls12>, cust_state: &mut bidirectional::CustomerState<Bls12>,
payment_increment: i32) { payment_increment: i64) {
let mut rng = &mut rand::thread_rng(); let mut rng = &mut rand::thread_rng();
let (payment, new_cust_state) = bidirectional::generate_payment_proof(rng, channel_state, &cust_state, payment_increment); let (payment, new_cust_state) = bidirectional::generate_payment_proof(rng, channel_state, &cust_state, payment_increment);
@ -823,7 +823,7 @@ mod tests {
// merch2_data: &mut bidirectional::InitMerchantData, // merch2_data: &mut bidirectional::InitMerchantData,
// cust1_keys: &cl::KeyPairD, cust1_data: &mut bidirectional::InitCustomerData, // cust1_keys: &cl::KeyPairD, cust1_data: &mut bidirectional::InitCustomerData,
// cust2_keys: &cl::KeyPairD, cust2_data: &mut bidirectional::InitCustomerData, // cust2_keys: &cl::KeyPairD, cust2_data: &mut bidirectional::InitCustomerData,
// payment_increment: i32) { // payment_increment: i64) {
// // let's test the pay protocol // // let's test the pay protocol
// bidirectional::pay_by_customer_phase1_precompute(&pp, &cust1_data.channel_token, &merch_keys.pk, &mut cust1_data.csk); // bidirectional::pay_by_customer_phase1_precompute(&pp, &cust1_data.channel_token, &merch_keys.pk, &mut cust1_data.csk);
// bidirectional::pay_by_customer_phase1_precompute(&pp, &cust2_data.channel_token, &merch_keys.pk, &mut cust2_data.csk); // bidirectional::pay_by_customer_phase1_precompute(&pp, &cust2_data.channel_token, &merch_keys.pk, &mut cust2_data.csk);

66
src/nizk.rs
View File

@ -72,8 +72,8 @@ impl<E: Engine> NIZKSecretParams<E> {
let mpk = setup(rng); let mpk = setup(rng);
let keypair = BlindKeyPair::<E>::generate(rng, &mpk, messageLength); let keypair = BlindKeyPair::<E>::generate(rng, &mpk, messageLength);
let comParams = keypair.generate_cs_multi_params(&mpk); let comParams = keypair.generate_cs_multi_params(&mpk);
let u = 57; //TODO: optimize u? let u = 128; //TODO: make u and l configurable
let l = (std::i16::MAX as f32).log(u as f32).floor() as i32; let l = 9;
let rpParams = SecretParamsUL::setup_ul(rng, u, l, comParams.clone()); let rpParams = SecretParamsUL::setup_ul(rng, u, l, comParams.clone());
let pubParams = NIZKPublicParams { mpk, pk: keypair.public.clone(), comParams, rpParams: rpParams.pubParams.clone() }; let pubParams = NIZKPublicParams { mpk, pk: keypair.public.clone(), comParams, rpParams: rpParams.pubParams.clone() };
@ -203,12 +203,12 @@ impl<E: Engine> NIZKPublicParams<E> {
/// ///
/// Verify PoK for the opening of a commitment during the establishment protocol /// Verify PoK for the opening of a commitment during the establishment protocol
/// ///
pub fn verify_opening<E: Engine>(com_params: &CSMultiParams<E>, com: &E::G1, proof: &CommitmentProof<E>, pkc: &E::Fr, init_cust: i32, init_merch: i32) -> bool { pub fn verify_opening<E: Engine>(com_params: &CSMultiParams<E>, com: &E::G1, proof: &CommitmentProof<E>, pkc: &E::Fr, init_cust: i64, init_merch: i64) -> bool {
let xvec: Vec<E::G1> = vec![proof.T.clone(), com.clone()]; let xvec: Vec<E::G1> = vec![proof.T.clone(), com.clone()];
let challenge = util::hash_g1_to_fr::<E>(&xvec); let challenge = util::hash_g1_to_fr::<E>(&xvec);
// compute the // compute the
let com_equal = proof.verify_proof(com_params, com, &challenge, Some(vec!{None, Some(pkc.clone()), None, Some(util::convert_int_to_fr::<E>(init_cust)), Some(util::convert_int_to_fr::<E>(init_merch))})); let com_equal = proof.verify_proof(com_params, com, &challenge, Some(vec!{None, Some(pkc.clone()), None, Some(util::convert_int_to_fr::<E>(init_cust as i64)), Some(util::convert_int_to_fr::<E>(init_merch as i64))}));
return com_equal; return com_equal;
} }
@ -228,13 +228,13 @@ mod tests {
let pkc = Fr::rand(rng); let pkc = Fr::rand(rng);
let wpk = Fr::rand(rng); let wpk = Fr::rand(rng);
let wpkprime = Fr::rand(rng); let wpkprime = Fr::rand(rng);
let bc = rng.gen_range(100, 1000); let bc = rng.gen_range(100, 1000) as i64;
let mut bc2 = bc.clone(); let mut bc2 = bc.clone();
let bm = rng.gen_range(100, 1000); let bm = rng.gen_range(100, 1000) as i64;
let mut bm2 = bm.clone(); let mut bm2 = bm.clone();
let epsilon = &rng.gen_range(1, 100); let epsilon = rng.gen_range(1, 100) as i64;
bc2 -= epsilon; bc2 = (bc2 as i64 - epsilon) as i64;
bm2 += epsilon; bm2 = (bm2 as i64 + epsilon) as i64;
let r = Fr::rand(rng); let r = Fr::rand(rng);
let rprime = Fr::rand(rng); let rprime = Fr::rand(rng);
@ -248,7 +248,7 @@ mod tests {
let proof = secParams.pubParams.prove(rng, wallet1, wallet2, let proof = secParams.pubParams.prove(rng, wallet1, wallet2,
commitment2.clone(), rprime, &paymentToken); commitment2.clone(), rprime, &paymentToken);
let fr = convert_int_to_fr::<Bls12>(*epsilon); let fr = convert_int_to_fr::<Bls12>(epsilon);
assert_eq!(secParams.verify(proof, fr, &commitment2, wpk), true); assert_eq!(secParams.verify(proof, fr, &commitment2, wpk), true);
} }
@ -258,13 +258,13 @@ mod tests {
let pkc = Fr::rand(rng); let pkc = Fr::rand(rng);
let wpk = Fr::rand(rng); let wpk = Fr::rand(rng);
let wpkprime = Fr::rand(rng); let wpkprime = Fr::rand(rng);
let bc = rng.gen_range(100, 1000); let bc = rng.gen_range(100, 1000) as i64;
let mut bc2 = bc.clone(); let mut bc2 = bc.clone();
let bm = rng.gen_range(100, 1000); let bm = rng.gen_range(100, 1000) as i64;
let mut bm2 = bm.clone(); let mut bm2 = bm.clone();
let epsilon = &rng.gen_range(-100, -1); let epsilon = rng.gen_range(-100, -1) as i64;
bc2 -= epsilon; bc2 = (bc2 as i64 - epsilon) as i64;
bm2 += epsilon; bm2 = (bm2 as i64 + epsilon) as i64;
let r = Fr::rand(rng); let r = Fr::rand(rng);
let rprime = Fr::rand(rng); let rprime = Fr::rand(rng);
@ -278,7 +278,7 @@ mod tests {
let proof = secParams.pubParams.prove(rng, wallet1, wallet2, let proof = secParams.pubParams.prove(rng, wallet1, wallet2,
commitment2.clone(), rprime, &paymentToken); commitment2.clone(), rprime, &paymentToken);
let fr = convert_int_to_fr::<Bls12>(*epsilon); let fr = convert_int_to_fr::<Bls12>(epsilon);
assert_eq!(secParams.verify(proof, fr, &commitment2, wpk), true); assert_eq!(secParams.verify(proof, fr, &commitment2, wpk), true);
} }
@ -288,13 +288,13 @@ mod tests {
let pkc = Fr::rand(rng); let pkc = Fr::rand(rng);
let wpk = Fr::rand(rng); let wpk = Fr::rand(rng);
let wpkprime = Fr::rand(rng); let wpkprime = Fr::rand(rng);
let bc = rng.gen_range(100, 1000); let bc = rng.gen_range(100, 1000) as i64;
let mut bc2 = bc.clone(); let mut bc2 = bc.clone();
let bm = rng.gen_range(100, 1000); let bm = rng.gen_range(100, 1000) as i64;
let mut bm2 = bm.clone(); let mut bm2 = bm.clone();
let epsilon = &rng.gen_range(1, 100); let epsilon = rng.gen_range(1, 100) as i64;
bc2 -= epsilon; bc2 = (bc2 as i64 - epsilon) as i64;
bm2 += epsilon; bm2 = (bm2 as i64 + epsilon) as i64;
let r = Fr::rand(rng); let r = Fr::rand(rng);
let rprime = Fr::rand(rng); let rprime = Fr::rand(rng);
@ -329,13 +329,13 @@ mod tests {
let pkc = Fr::rand(rng); let pkc = Fr::rand(rng);
let wpk = Fr::rand(rng); let wpk = Fr::rand(rng);
let wpkprime = Fr::rand(rng); let wpkprime = Fr::rand(rng);
let bc = rng.gen_range(100, 1000); let bc = rng.gen_range(100, 1000) as i64;
let mut bc2 = bc.clone(); let mut bc2 = bc.clone();
let bm = rng.gen_range(100, 1000); let bm = rng.gen_range(100, 1000) as i64;
let mut bm2 = bm.clone(); let mut bm2 = bm.clone();
let epsilon = &rng.gen_range(1, 100); let epsilon = rng.gen_range(1, 100) as i64;
bc2 -= epsilon; bc2 = (bc2 as i64 - epsilon) as i64;
bm2 += epsilon; bm2 = (bm2 as i64 + epsilon) as i64;
let r = Fr::rand(rng); let r = Fr::rand(rng);
let rprime = Fr::rand(rng); let rprime = Fr::rand(rng);
@ -370,8 +370,8 @@ mod tests {
let wpk = Fr::rand(rng); let wpk = Fr::rand(rng);
let t = Fr::rand(rng); let t = Fr::rand(rng);
let bc = rng.gen_range(100, 1000); let bc = rng.gen_range(100, 1000) as i64;
let bm = rng.gen_range(100, 1000); let bm = rng.gen_range(100, 1000) as i64;
let wallet = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc, bm: bm, close: None }; let wallet = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc, bm: bm, close: None };
let secParams = NIZKSecretParams::<Bls12>::setup(rng, 4); let secParams = NIZKSecretParams::<Bls12>::setup(rng, 4);
@ -390,9 +390,9 @@ mod tests {
let wpk = Fr::rand(rng); let wpk = Fr::rand(rng);
let t = Fr::rand(rng); let t = Fr::rand(rng);
let bc = rng.gen_range(100, 1000); let bc = rng.gen_range(100, 1000) as i64;
let bc2 = rng.gen_range(100, 1000); let bc2 = rng.gen_range(100, 1000) as i64;
let bm = rng.gen_range(100, 1000); let bm = rng.gen_range(100, 1000) as i64;
let wallet1 = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc, bm: bm, close: None }; let wallet1 = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc, bm: bm, close: None };
let wallet2 = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc2, bm: bm, close: None }; let wallet2 = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc2, bm: bm, close: None };
@ -416,8 +416,8 @@ mod tests {
let mpk = setup(&mut rng); let mpk = setup(&mut rng);
let blindkeypair = BlindKeyPair::<Bls12>::generate(&mut rng, &mpk, l); let blindkeypair = BlindKeyPair::<Bls12>::generate(&mut rng, &mpk, l);
let comParams = blindkeypair.generate_cs_multi_params(&mpk); let comParams = blindkeypair.generate_cs_multi_params(&mpk);
let u = 57; //TODO: optimize u? let u = 256; //TODO: optimize u?
let l = (std::i16::MAX as f32).log(u as f32).floor() as i32; let l = 8;
let rpParams = ccs08::SecretParamsUL::setup_ul(rng, u, l, comParams.clone()); let rpParams = ccs08::SecretParamsUL::setup_ul(rng, u, l, comParams.clone());
let nizk_params = NIZKPublicParams { mpk: mpk, pk: blindkeypair.public, comParams: comParams, rpParams: rpParams.pubParams.clone() }; let nizk_params = NIZKPublicParams { mpk: mpk, pk: blindkeypair.public, comParams: comParams, rpParams: rpParams.pubParams.clone() };

2
src/util.rs
View File

@ -77,7 +77,7 @@ pub fn hash_pubkey_to_fr<E: Engine>(wpk: &secp256k1::PublicKey) -> E::Fr {
return result.unwrap(); return result.unwrap();
} }
pub fn convert_int_to_fr<E: Engine>(value: i32) -> E::Fr { pub fn convert_int_to_fr<E: Engine>(value: i64) -> E::Fr {
if value > 0 { if value > 0 {
return E::Fr::from_str(value.to_string().as_str()).unwrap(); return E::Fr::from_str(value.to_string().as_str()).unwrap();
} else { } else {

4
src/wallet.rs
View File

@ -12,8 +12,8 @@ use std::fmt;
pub struct Wallet<E: Engine> { pub struct Wallet<E: Engine> {
pub pkc: E::Fr, pub pkc: E::Fr,
pub wpk: E::Fr, pub wpk: E::Fr,
pub bc: i32, pub bc: i64,
pub bm: i32, pub bm: i64,
pub close: Option<E::Fr>, pub close: Option<E::Fr>,
} }