Only construct proof system once

The proof system is a static element and can be reused several times.
This commit is contained in:
Thomas Eizinger 2021-02-19 12:22:55 +11:00
parent 84bc2c82b7
commit cabf0efb8c
No known key found for this signature in database
GPG Key ID: 651AC83A6C6C8B96
3 changed files with 22 additions and 32 deletions

View File

@ -1,6 +1,20 @@
use conquer_once::Lazy;
use ecdsa_fun::fun::marker::Mark;
use sha2::Sha256;
use sigma_fun::{ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQ, HashTranscript};
pub mod alice;
pub mod bob;
pub static CROSS_CURVE_PROOF_SYSTEM: Lazy<
CrossCurveDLEQ<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>,
> = Lazy::new(|| {
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
)
});
#[derive(Debug, Copy, Clone)]
pub struct StartingBalances {
pub xmr: crate::monero::Amount,

View File

@ -11,19 +11,19 @@ use crate::{
protocol::{
alice::{Message1, Message3, TransferProof},
bob::{EncryptedSignature, Message0, Message2, Message4},
CROSS_CURVE_PROOF_SYSTEM,
},
};
use anyhow::{anyhow, bail, Context, Result};
use ecdsa_fun::{
adaptor::{Adaptor, HashTranscript},
fun::marker::Mark,
nonce::Deterministic,
};
use libp2p::PeerId;
use rand::{CryptoRng, RngCore};
use serde::{Deserialize, Serialize};
use sha2::Sha256;
use sigma_fun::ext::dl_secp256k1_ed25519_eq::{CrossCurveDLEQ, CrossCurveDLEQProof};
use sigma_fun::ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQProof;
use std::fmt;
#[derive(Debug)]
@ -116,14 +116,8 @@ impl State0 {
let redeem_address = bitcoin_wallet.new_address().await?;
let punish_address = redeem_address.clone();
let dleq_proof_system =
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let s_a = monero::Scalar::random(rng);
let (dleq_proof_s_a, (S_a_bitcoin, S_a_monero)) = dleq_proof_system.prove(&s_a, rng);
let (dleq_proof_s_a, (S_a_bitcoin, S_a_monero)) = CROSS_CURVE_PROOF_SYSTEM.prove(&s_a, rng);
Ok(Self {
a,
@ -144,13 +138,7 @@ impl State0 {
}
pub fn receive(self, msg: Message0) -> Result<State1> {
let dleq_proof_system =
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let valid = dleq_proof_system.verify(
let valid = CROSS_CURVE_PROOF_SYSTEM.verify(
&msg.dleq_proof_s_b,
(
msg.S_b_bitcoin.into(),

View File

@ -12,12 +12,12 @@ use crate::{
protocol::{
alice::{Message1, Message3},
bob::{EncryptedSignature, Message0, Message2, Message4},
CROSS_CURVE_PROOF_SYSTEM,
},
};
use anyhow::{anyhow, bail, Result};
use ecdsa_fun::{
adaptor::{Adaptor, HashTranscript},
fun::marker::Mark,
nonce::Deterministic,
Signature,
};
@ -25,7 +25,7 @@ use monero_harness::rpc::wallet::BlockHeight;
use rand::{CryptoRng, RngCore};
use serde::{Deserialize, Serialize};
use sha2::Sha256;
use sigma_fun::ext::dl_secp256k1_ed25519_eq::{CrossCurveDLEQ, CrossCurveDLEQProof};
use sigma_fun::ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQProof;
use std::fmt;
#[derive(Debug, Clone)]
@ -109,13 +109,7 @@ impl State0 {
let s_b = monero::Scalar::random(rng);
let v_b = monero::PrivateViewKey::new_random(rng);
let dleq_proof_system =
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let (dleq_proof_s_b, (S_b_bitcoin, S_b_monero)) = dleq_proof_system.prove(&s_b, rng);
let (dleq_proof_s_b, (S_b_bitcoin, S_b_monero)) = CROSS_CURVE_PROOF_SYSTEM.prove(&s_b, rng);
Self {
b,
@ -150,13 +144,7 @@ impl State0 {
where
W: BuildTxLockPsbt + GetNetwork,
{
let dleq_proof_system =
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let valid = dleq_proof_system.verify(
let valid = CROSS_CURVE_PROOF_SYSTEM.verify(
&msg.dleq_proof_s_a,
(
msg.S_a_bitcoin.clone().into(),