Thomas Eizinger
523ee6088c
Extract blinding factor and key recovery into functions on Transaction
2021-05-14 13:00:25 +10:00
Thomas Eizinger
91f54bf6b5
Use upstreamed functionality for clsag and signature hash
2021-05-14 12:59:17 +10:00
Thomas Eizinger
04e7d1c111
Use recover_key
function to compute actual signing key
2021-05-14 10:57:11 +10:00
Thomas Eizinger
507e2670ac
Change sign API back to taking signing key separately
2021-05-13 17:32:54 +10:00
Thomas Eizinger
7d3633e3ac
WIP sign2
2021-05-13 16:13:32 +10:00
Thomas Eizinger
ced4daedf9
Test sign and verify clsag for every index
2021-05-13 15:57:26 +10:00
Thomas Eizinger
e63ced6a22
Print C++ test code in static-assert test
2021-05-13 14:21:59 +10:00
Thomas Eizinger
de1830f825
Add TODO to be resolved
2021-05-13 14:21:16 +10:00
Thomas Eizinger
558cc3492a
Use key-image variable
2021-05-13 13:53:20 +10:00
Thomas Eizinger
6b026efc7a
Compute actual_signing_key as early as possible
2021-05-13 13:49:39 +10:00
Thomas Eizinger
0a04b9a55c
Fix unit tests to not pass zero z
2021-05-13 13:12:57 +10:00
Lucas Soriano del Pino
83042c4148
OMG Monero transactions!!!!!!!!
2021-05-13 12:35:34 +10:00
Lucas Soriano del Pino
56128bb3a8
Some fixes
...
- Use correct key image for both signing and constructing transaction.
- Sort ring and commitment ring according to key offset order.
- Given the new order of items in the ring, allow asigning index
values different to 0. This breaks signature verification, both
locally and against Monero!
2021-05-13 11:34:58 +10:00
Thomas Eizinger
1e973e5bbd
Rewrite verify to use izip!
2021-05-12 20:47:58 +10:00
Thomas Eizinger
2c6e917554
Compute message to be signed differently
2021-05-12 20:47:57 +10:00
Thomas Eizinger
370718ab66
Put correct key-image into transaction prefix
2021-05-12 20:34:13 +10:00
Thomas Eizinger
58074fc083
ONLY PARTIALLY WORKING: Allow signing algorithm to be given signing key index
...
At the moment this works only if the index is 0.
2021-05-12 19:01:30 +10:00
Thomas Eizinger
3d9aee932c
Remove Ring datatype
...
We no longer need it now that we do this within hash_to_scalar
2021-05-12 12:02:42 +10:00
Thomas Eizinger
16d7094df0
Fix signature creation to output correct h_0 and s_0
2021-05-12 00:42:30 +10:00
Thomas Eizinger
e5b59ee67e
Make it typesafe to hash only slices of 32 bytes
2021-05-11 21:21:07 +10:00
Lucas Soriano del Pino
32cb801fc7
Add 0 bytes to end of domain tags (and other debugging)
2021-05-11 21:14:13 +10:00
Thomas Eizinger
7f2bc9d0bf
Use clsag module in integration test
2021-05-11 17:47:59 +10:00
Thomas Eizinger
08e591f54c
IT WORKS
2021-05-11 17:27:25 +10:00
Thomas Eizinger
ddddc4d1ac
Move code so it stays with the pre-computed things
2021-05-11 15:09:33 +10:00
Thomas Eizinger
fbf9d456ae
Use a closure to not duplicate the common parts of ring element
2021-05-11 15:08:20 +10:00
Thomas Eizinger
c0f4b566c4
Impl Sub for Ring to pre-compute adjusted commitment ring
2021-05-11 15:03:30 +10:00
Thomas Eizinger
5342eb5564
Make Ring an implementation detail of clsag
2021-05-11 14:53:35 +10:00
Thomas Eizinger
c6b36449dc
Deconstruct signature in parameter
...
This removes the intermediary variable I.
2021-05-11 14:51:15 +10:00
Thomas Eizinger
87ca636ddb
Use Cow to compress EdwardsPoint on the fly in hash function
...
This allows us to pass EdwardsPoint to hash_to_scalar without compressing
them a priori. As a result, we can remove a bunch of intermediary variables.
2021-05-11 14:48:37 +10:00
Thomas Eizinger
06f1ada2b1
Import tiny_keccak inside hash function
2021-05-11 14:39:48 +10:00
Thomas Eizinger
bf8bc68816
Inline AggregationHashes
2021-05-11 14:38:31 +10:00
Thomas Eizinger
e62c67753a
Inline clsag_round_hash_prefix fn
2021-05-11 14:30:35 +10:00
Thomas Eizinger
52939ad217
Redesign macro to use || as separator
2021-05-11 14:21:28 +10:00
Thomas Eizinger
cf32828739
Make hash_to_scalar a macro so we can pass different types
2021-05-11 14:14:08 +10:00
Thomas Eizinger
53916aab6b
Make Ring
an implementation detail of clsag module
2021-05-11 12:47:20 +10:00
Thomas Eizinger
f9cac4b6c9
Don't take Rings by value if we don't consume them
2021-05-11 12:40:37 +10:00
Thomas Eizinger
6a4961a472
Add missing arguments to verify fn
2021-05-11 12:39:31 +10:00
Thomas Eizinger
9255cc8f68
Add dedicated test to clsag module
2021-05-11 12:34:58 +10:00
Thomas Eizinger
1bd8eb83d1
Move Signature::verify to clsag::verify
2021-05-11 12:32:47 +10:00
Thomas Eizinger
874179685a
Move Signature::verify under sign
2021-05-11 12:31:37 +10:00
Thomas Eizinger
07d544adde
Reorder and rename for clarification
2021-05-11 12:25:56 +10:00
Thomas Eizinger
4933d7f1b7
Extract INV_EIGHT constant
2021-05-11 12:21:10 +10:00
Thomas Eizinger
a73024ccfc
Inline AggregationHashes::hash
2021-05-11 12:17:22 +10:00
Thomas Eizinger
a4077d13e5
Inline challenge function
2021-05-11 12:13:14 +10:00
Thomas Eizinger
fb36b7fe4f
Extract hasher utility function
2021-05-11 12:09:15 +10:00
Thomas Eizinger
be7cdb23c3
Re-order arguments of clsag::sign
2021-05-11 12:00:51 +10:00
Thomas Eizinger
c68fe77211
Remove Result return value because we can never fail
2021-05-11 11:57:36 +10:00
Thomas Eizinger
a9e60515a1
Inline const's that are only used once
2021-05-11 11:56:27 +10:00
Thomas Eizinger
0658520ad6
Re-order clsag module to have pub fns first
2021-05-11 11:54:39 +10:00
Thomas Eizinger
ec3c358795
Extract clsag module
2021-05-11 11:51:29 +10:00