privacy

package
Version: v0.0.0-...-7037f4e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 25, 2021 License: GPL-3.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PubKeyBytesLenCompressed   = 33
	PubKeyBytesLenUncompressed = 65
	PubKeyBytesLenHybrid       = 65
)

These constants define the lengths of serialized public keys.

Variables

View Source
var MAX_64_BITS = new(big.Int).SetUint64(0xFFFFFFFFFFFFFFFF)
View Source
var VecLength = 512 // support maximum 8 spending value, each 64 bit (gwei is unit)

Functions

func CalculateL

func CalculateL(aL, sL []*big.Int, z, x *big.Int) []*big.Int

Calculates (aL - z*1^n) + sL*x

func CalculateLMRP

func CalculateLMRP(aL, sL []*big.Int, z, x *big.Int) []*big.Int

Calculates (aL - z*1^n) + sL*x

func CalculateR

func CalculateR(aR, sR, y, po2 []*big.Int, z, x *big.Int) []*big.Int

func CalculateRMRP

func CalculateRMRP(aR, sR, y, zTimesTwo []*big.Int, z, x *big.Int) []*big.Int

func Delta

func Delta(y []*big.Int, z *big.Int) *big.Int

func DeltaMRP

func DeltaMRP(y []*big.Int, z *big.Int, m int) *big.Int

func DeserializeCompressed

func DeserializeCompressed(curve elliptic.Curve, b []byte) *ecdsa.PublicKey

func GenKeyImage

func GenKeyImage(privkey *ecdsa.PrivateKey) *ecdsa.PublicKey

calculate key image I = x * H_p(P) where H_p is a hash function that returns a point H_p(P) = sha3(P) * G

func GenKeyRing

func GenKeyRing(ring []*ecdsa.PublicKey, privkey *ecdsa.PrivateKey, s int) ([]*ecdsa.PublicKey, error)

takes public key ring and places the public key corresponding to `privkey` in index s of the ring returns a key ring of type []*ecdsa.PublicKey

func GenNewKeyRing

func GenNewKeyRing(size int, privkey *ecdsa.PrivateKey, s int) ([]*ecdsa.PublicKey, error)

creates a ring with size specified by `size` and places the public key corresponding to `privkey` in index s of the ring returns a new key ring of type []*ecdsa.PublicKey

func GenerateNewParams

func GenerateNewParams(G, H []ECPoint, x *big.Int, L, R, P ECPoint) ([]ECPoint, []ECPoint, ECPoint)

func HashPoint

func HashPoint(p *ecdsa.PublicKey) (*big.Int, *big.Int)

func HashPointsToBytes

func HashPointsToBytes(points []ECPoint) []byte

func InnerProduct

func InnerProduct(a []*big.Int, b []*big.Int) *big.Int

The length here always has to be a power of two

func InnerProductVerify

func InnerProductVerify(c *big.Int, P, U ECPoint, G, H []ECPoint, ipp InnerProdArg) bool
Inner Product Verify

Given a inner product proof, verifies the correctness of the proof Since we're using the Fiat-Shamir transform, we need to verify all x hash computations, all g' and h' computations P : the Pedersen commitment we are verifying is a commitment to the innner product ipp : the proof

func InnerProductVerifyFast

func InnerProductVerifyFast(c *big.Int, P, U ECPoint, G, H []ECPoint, ipp InnerProdArg) bool
func Link(sig_a *RingSignature, sig_b *RingSignature) bool

func MRPVerify

func MRPVerify(mrp *MultiRangeProof) bool

MultiRangeProof Verify Takes in a MultiRangeProof and verifies its correctness

func PadLeft

func PadLeft(str, pad string, l int) string

from here: https://play.golang.org/p/zciRZvD0Gr with a fix

func PadTo32Bytes

func PadTo32Bytes(in []byte) (out []byte)

func PowerVector

func PowerVector(l int, base *big.Int) []*big.Int

func RandVector

func RandVector(l int) []*big.Int

func STRNot

func STRNot(str string) string

func ScalarVectorMul

func ScalarVectorMul(v []*big.Int, s *big.Int) []*big.Int

func SerializeCompressed

func SerializeCompressed(p *ecdsa.PublicKey) []byte

SerializeCompressed serializes a public key in a 33-byte compressed format.

func StrToBigIntArray

func StrToBigIntArray(str string) []*big.Int

func TestRingSignature

func TestRingSignature() (bool, []byte)

func VectorAdd

func VectorAdd(v []*big.Int, w []*big.Int) []*big.Int

func VectorAddScalar

func VectorAddScalar(v []*big.Int, s *big.Int) []*big.Int

func VectorHadamard

func VectorHadamard(v, w []*big.Int) []*big.Int

func VectorSum

func VectorSum(y []*big.Int) *big.Int

func Verify

func Verify(sig *RingSignature, verifyMes bool) bool

verify ring signature contained in RingSignature struct returns true if a valid signature, false otherwise

Types

type Bulletproof

type Bulletproof struct {
	// contains filtered or unexported fields
}

type CryptoParams

type CryptoParams struct {
	C   elliptic.Curve      // curve
	KC  *btcec.KoblitzCurve // curve
	BPG []ECPoint           // slice of gen 1 for BP
	BPH []ECPoint           // slice of gen 2 for BP
	N   *big.Int            // scalar prime
	U   ECPoint             // a point that is a fixed group element with an unknown discrete-log relative to g,h
	V   int                 // Vector length
	G   ECPoint             // G value for commitments of a single value
	H   ECPoint             // H value for commitments of a single value
}
var EC CryptoParams

func NewECPrimeGroupKey

func NewECPrimeGroupKey(n int) CryptoParams

NewECPrimeGroupKey returns the curve (field), Generator 1 x&y, Generator 2 x&y, order of the generators

func (CryptoParams) Zero

func (c CryptoParams) Zero() ECPoint

type ECPoint

type ECPoint struct {
	X, Y *big.Int
}

Implementation of BulletProofs

func TwoVectorPCommit

func TwoVectorPCommit(a []*big.Int, b []*big.Int) ECPoint

Two Vector P Commit Given an array of values, we commit the array with different generators for each element and for each randomness.

func TwoVectorPCommitWithGens

func TwoVectorPCommitWithGens(G, H []ECPoint, a, b []*big.Int) ECPoint

Vector Pedersen Commitment with Gens Given an array of values, we commit the array with different generators for each element and for each randomness. We also pass in the Generators we want to use

func VectorPCommit

func VectorPCommit(value []*big.Int) (ECPoint, []*big.Int)

Vector Pedersen Commitment Given an array of values, we commit the array with different generators for each element and for each randomness.

func (ECPoint) Add

func (p ECPoint) Add(p2 ECPoint) ECPoint

Add adds points p and p2 and returns the resulting point

func (ECPoint) Equal

func (p ECPoint) Equal(p2 ECPoint) bool

Equal returns true if points p (self) and p2 (arg) are the same.

func (ECPoint) Mult

func (p ECPoint) Mult(s *big.Int) ECPoint

Mult multiplies point p by scalar s and returns the resulting point

func (ECPoint) Neg

func (p ECPoint) Neg() ECPoint

Neg returns the additive inverse of point p

type InnerProdArg

type InnerProdArg struct {
	L []ECPoint
	R []ECPoint
	A *big.Int
	B *big.Int

	Challenges []*big.Int
}

InnerProd Proof This stores the argument values

func InnerProductProve

func InnerProductProve(a []*big.Int, b []*big.Int, c *big.Int, P, U ECPoint, G, H []ECPoint) InnerProdArg

rpresult.IPP = InnerProductProve(left, right, that, P, EC.U, EC.BPG, HPrime)

func InnerProductProveSub

func InnerProductProveSub(proof InnerProdArg, G, H []ECPoint, a []*big.Int, b []*big.Int, u ECPoint, P ECPoint) InnerProdArg
Inner Product Argument

Proves that <a,b>=c This is a building block for BulletProofs

func (*InnerProdArg) Deserialize

func (ipp *InnerProdArg) Deserialize(proof []byte, numChallenges int) error

func (*InnerProdArg) Serialize

func (ipp *InnerProdArg) Serialize() []byte

type MultiRangeProof

type MultiRangeProof struct {
	Comms []ECPoint
	A     ECPoint
	S     ECPoint
	T1    ECPoint
	T2    ECPoint
	Tau   *big.Int
	Th    *big.Int
	Mu    *big.Int
	IPP   InnerProdArg

	// challenges
	Cy *big.Int
	Cz *big.Int
	Cx *big.Int
}

func MRPProve

func MRPProve(values []*big.Int) (MultiRangeProof, error)

func (*MultiRangeProof) Deserialize

func (mrp *MultiRangeProof) Deserialize(proof []byte) error

func (*MultiRangeProof) Serialize

func (mrp *MultiRangeProof) Serialize() []byte

type PrivateSendVerifier

type PrivateSendVerifier struct {
	// contains filtered or unexported fields
}

The proof contains pretty much stuffs The proof contains pretty much stuffs Ring size rs: 1 byte => proof[0] num input: number of real inputs: 1 byte => proof[1] List of inputs/UTXO index typed uint64 => total size = rs * numInput * 8 = proof[0]*proof[1]*8 List of key images: total size = numInput * 33 = proof[1] * 33 number of output n: 1 byte List of output => n * 130 bytes transaction fee: uint256 => 32 byte ringCT proof size ctSize: uint16 => 2 byte ringCT proof: ctSize bytes bulletproofs: bp

type RangeProof

type RangeProof struct {
	Comm ECPoint
	A    ECPoint
	S    ECPoint
	T1   ECPoint
	T2   ECPoint
	Tau  *big.Int
	Th   *big.Int
	Mu   *big.Int
	IPP  InnerProdArg

	// challenges
	Cy *big.Int
	Cz *big.Int
	Cx *big.Int
}

type Ring

type Ring []*ecdsa.PublicKey

func GenerateMultiRingParams

func GenerateMultiRingParams(numRing int, ringSize int, s int) (rings []Ring, privkeys []*ecdsa.PrivateKey, m [32]byte, err error)

function returns(mutiple rings, private keys, message, error)

func (Ring) Bytes

func (r Ring) Bytes() (b []byte)

bytes returns the public key ring as a byte slice.

type RingSignature

type RingSignature struct {
	NumRing        int
	Size           int                // size of ring
	M              [32]byte           // message
	C              *big.Int           // ring signature value, 1 element
	S              [][]*big.Int       // ring signature values: [NumRing][Size]
	Ring           []Ring             // array of rings of pubkeys: [NumRing]
	I              []*ecdsa.PublicKey // key images, size = the number of rings [NumRing]
	Curve          elliptic.Curve
	SerializedRing []byte //temporary memory stored the raw ring ct used in case of verifying ringCT with message verification
}

func Deserialize

func Deserialize(r []byte) (*RingSignature, error)

deserializes the byteified signature into a RingSignature struct

func Sign

func Sign(m [32]byte, rings []Ring, privkeys []*ecdsa.PrivateKey, s int) (*RingSignature, error)

create ring signature from list of public keys given inputs: msg: byte array, message to be signed ring: array of *ecdsa.PublicKeys to be included in the ring privkey: *ecdsa.PrivateKey of signer s: index of signer in ring

func (*RingSignature) Serialize

func (r *RingSignature) Serialize() ([]byte, error)

converts the signature to a byte array this is the format that will be used when passing EVM bytecode

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL