Git-Mirrors/xmr-btc-swap
1
0
Fork 0
mirror of https://github.com/comit-network/xmr-btc-swap.git synced 2025-01-09 06:37:57 -05:00
Code Issues Packages Projects Releases Wiki Activity

Invert D where necessary

Browse Source
This commit is contained in:
Thomas Eizinger 2021-05-11 11:15:00 +10:00
parent 345154ab3e
commit 41310d860c
No known key found for this signature in database
GPG Key ID: 651AC83A6C6C8B96
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
monero-adaptor/src/lib.rs
View File

@ -101,12 +101,13 @@ fn challenge(
s_i: Scalar, s_i: Scalar,
pk_i: EdwardsPoint, pk_i: EdwardsPoint,
adjusted_commitment_i: EdwardsPoint, adjusted_commitment_i: EdwardsPoint,
D: EdwardsPoint,
h_prev: Scalar, h_prev: Scalar,
I: EdwardsPoint, I: EdwardsPoint,
mus: &AggregationHashes, mus: &AggregationHashes,
) -> Result<Scalar> { ) -> Result<Scalar> {
let L_i = compute_L(h_prev, mus, s_i, pk_i, adjusted_commitment_i); let L_i = compute_L(h_prev, mus, s_i, pk_i, adjusted_commitment_i);
let R_i = compute_R(h_prev, mus, pk_i, s_i, I, adjusted_commitment_i); let R_i = compute_R(h_prev, mus, pk_i, s_i, I, D);
let mut hasher = Keccak::v256(); let mut hasher = Keccak::v256();
hasher.update(prefix); hasher.update(prefix);
@ -140,14 +141,14 @@ fn compute_R(
pk_i: EdwardsPoint, pk_i: EdwardsPoint,
s_i: Scalar, s_i: Scalar,
I: EdwardsPoint, I: EdwardsPoint,
z_key_image: EdwardsPoint, D: EdwardsPoint,
) -> EdwardsPoint { ) -> EdwardsPoint {
let c_p = h_prev * mus.mu_P; let c_p = h_prev * mus.mu_P;
let c_c = h_prev * mus.mu_C; let c_c = h_prev * mus.mu_C;
let H_p_pk_i = hash_point_to_point(pk_i); let H_p_pk_i = hash_point_to_point(pk_i);
(s_i * H_p_pk_i) + (c_p * I) + c_c * z_key_image (s_i * H_p_pk_i) + (c_p * I) + c_c * D
} }
/// Compute the prefix for the hash common to every iteration of the ring /// Compute the prefix for the hash common to every iteration of the ring
@ -193,6 +194,8 @@ fn final_challenge(
I: EdwardsPoint, I: EdwardsPoint,
msg: &[u8], msg: &[u8],
) -> Result<(Scalar, Scalar)> { ) -> Result<(Scalar, Scalar)> {
let D_inv_8 = D * Scalar::from(8u8).invert();
let prefix = clsag_round_hash_prefix( let prefix = clsag_round_hash_prefix(
ring.as_ref(), ring.as_ref(),
commitment_ring.as_ref(), commitment_ring.as_ref(),
@ -220,7 +223,7 @@ fn final_challenge(
let adjusted_commitment_i = commitment_ring[i] - pseudo_output_commitment; let adjusted_commitment_i = commitment_ring[i] - pseudo_output_commitment;
// TODO: Do not unwrap here // TODO: Do not unwrap here
challenge(&prefix, *s_i, pk_i, adjusted_commitment_i, h_prev, I, &mus).unwrap() challenge(&prefix, *s_i, pk_i, adjusted_commitment_i, D_inv_8, h_prev, I, &mus, ).unwrap()
}); });
Ok((h_last, h_0)) Ok((h_last, h_0))
@ -284,6 +287,7 @@ impl Signature {
*s_i, *s_i,
pk_i, pk_i,
todo!(), todo!(),
todo!(),
h, h,
self.I, self.I,
todo!(), todo!(),