Only construct proof system once

The proof system is a static element and can be reused several times.
This commit is contained in:
Thomas Eizinger 2021-02-19 12:22:55 +11:00
parent 84bc2c82b7
commit cabf0efb8c
No known key found for this signature in database
GPG Key ID: 651AC83A6C6C8B96
3 changed files with 22 additions and 32 deletions

View File

@ -1,6 +1,20 @@
use conquer_once::Lazy;
use ecdsa_fun::fun::marker::Mark;
use sha2::Sha256;
use sigma_fun::{ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQ, HashTranscript};
pub mod alice; pub mod alice;
pub mod bob; pub mod bob;
pub static CROSS_CURVE_PROOF_SYSTEM: Lazy<
CrossCurveDLEQ<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>,
> = Lazy::new(|| {
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
)
});
#[derive(Debug, Copy, Clone)] #[derive(Debug, Copy, Clone)]
pub struct StartingBalances { pub struct StartingBalances {
pub xmr: crate::monero::Amount, pub xmr: crate::monero::Amount,

View File

@ -11,19 +11,19 @@ use crate::{
protocol::{ protocol::{
alice::{Message1, Message3, TransferProof}, alice::{Message1, Message3, TransferProof},
bob::{EncryptedSignature, Message0, Message2, Message4}, bob::{EncryptedSignature, Message0, Message2, Message4},
CROSS_CURVE_PROOF_SYSTEM,
}, },
}; };
use anyhow::{anyhow, bail, Context, Result}; use anyhow::{anyhow, bail, Context, Result};
use ecdsa_fun::{ use ecdsa_fun::{
adaptor::{Adaptor, HashTranscript}, adaptor::{Adaptor, HashTranscript},
fun::marker::Mark,
nonce::Deterministic, nonce::Deterministic,
}; };
use libp2p::PeerId; use libp2p::PeerId;
use rand::{CryptoRng, RngCore}; use rand::{CryptoRng, RngCore};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use sha2::Sha256; use sha2::Sha256;
use sigma_fun::ext::dl_secp256k1_ed25519_eq::{CrossCurveDLEQ, CrossCurveDLEQProof}; use sigma_fun::ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQProof;
use std::fmt; use std::fmt;
#[derive(Debug)] #[derive(Debug)]
@ -116,14 +116,8 @@ impl State0 {
let redeem_address = bitcoin_wallet.new_address().await?; let redeem_address = bitcoin_wallet.new_address().await?;
let punish_address = redeem_address.clone(); let punish_address = redeem_address.clone();
let dleq_proof_system =
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let s_a = monero::Scalar::random(rng); let s_a = monero::Scalar::random(rng);
let (dleq_proof_s_a, (S_a_bitcoin, S_a_monero)) = dleq_proof_system.prove(&s_a, rng); let (dleq_proof_s_a, (S_a_bitcoin, S_a_monero)) = CROSS_CURVE_PROOF_SYSTEM.prove(&s_a, rng);
Ok(Self { Ok(Self {
a, a,
@ -144,13 +138,7 @@ impl State0 {
} }
pub fn receive(self, msg: Message0) -> Result<State1> { pub fn receive(self, msg: Message0) -> Result<State1> {
let dleq_proof_system = let valid = CROSS_CURVE_PROOF_SYSTEM.verify(
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let valid = dleq_proof_system.verify(
&msg.dleq_proof_s_b, &msg.dleq_proof_s_b,
( (
msg.S_b_bitcoin.into(), msg.S_b_bitcoin.into(),

View File

@ -12,12 +12,12 @@ use crate::{
protocol::{ protocol::{
alice::{Message1, Message3}, alice::{Message1, Message3},
bob::{EncryptedSignature, Message0, Message2, Message4}, bob::{EncryptedSignature, Message0, Message2, Message4},
CROSS_CURVE_PROOF_SYSTEM,
}, },
}; };
use anyhow::{anyhow, bail, Result}; use anyhow::{anyhow, bail, Result};
use ecdsa_fun::{ use ecdsa_fun::{
adaptor::{Adaptor, HashTranscript}, adaptor::{Adaptor, HashTranscript},
fun::marker::Mark,
nonce::Deterministic, nonce::Deterministic,
Signature, Signature,
}; };
@ -25,7 +25,7 @@ use monero_harness::rpc::wallet::BlockHeight;
use rand::{CryptoRng, RngCore}; use rand::{CryptoRng, RngCore};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use sha2::Sha256; use sha2::Sha256;
use sigma_fun::ext::dl_secp256k1_ed25519_eq::{CrossCurveDLEQ, CrossCurveDLEQProof}; use sigma_fun::ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQProof;
use std::fmt; use std::fmt;
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
@ -109,13 +109,7 @@ impl State0 {
let s_b = monero::Scalar::random(rng); let s_b = monero::Scalar::random(rng);
let v_b = monero::PrivateViewKey::new_random(rng); let v_b = monero::PrivateViewKey::new_random(rng);
let dleq_proof_system = let (dleq_proof_s_b, (S_b_bitcoin, S_b_monero)) = CROSS_CURVE_PROOF_SYSTEM.prove(&s_b, rng);
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let (dleq_proof_s_b, (S_b_bitcoin, S_b_monero)) = dleq_proof_system.prove(&s_b, rng);
Self { Self {
b, b,
@ -150,13 +144,7 @@ impl State0 {
where where
W: BuildTxLockPsbt + GetNetwork, W: BuildTxLockPsbt + GetNetwork,
{ {
let dleq_proof_system = let valid = CROSS_CURVE_PROOF_SYSTEM.verify(
CrossCurveDLEQ::<HashTranscript<Sha256, rand_chacha::ChaCha20Rng>>::new(
(*ecdsa_fun::fun::G).mark::<ecdsa_fun::fun::marker::Normal>(),
curve25519_dalek::constants::ED25519_BASEPOINT_POINT,
);
let valid = dleq_proof_system.verify(
&msg.dleq_proof_s_a, &msg.dleq_proof_s_a,
( (
msg.S_a_bitcoin.clone().into(), msg.S_a_bitcoin.clone().into(),