Commit Graph

76 Commits

Author SHA1 Message Date
Thomas Eizinger
523ee6088c
Extract blinding factor and key recovery into functions on Transaction 2021-05-14 13:00:25 +10:00
Thomas Eizinger
91f54bf6b5
Use upstreamed functionality for clsag and signature hash 2021-05-14 12:59:17 +10:00
Thomas Eizinger
04e7d1c111
Use recover_key function to compute actual signing key 2021-05-14 10:57:11 +10:00
Thomas Eizinger
507e2670ac
Change sign API back to taking signing key separately 2021-05-13 17:32:54 +10:00
Thomas Eizinger
7d3633e3ac
WIP sign2 2021-05-13 16:13:32 +10:00
Thomas Eizinger
ced4daedf9
Test sign and verify clsag for every index 2021-05-13 15:57:26 +10:00
Thomas Eizinger
e63ced6a22
Print C++ test code in static-assert test 2021-05-13 14:21:59 +10:00
Thomas Eizinger
de1830f825
Add TODO to be resolved 2021-05-13 14:21:16 +10:00
Thomas Eizinger
558cc3492a
Use key-image variable 2021-05-13 13:53:20 +10:00
Thomas Eizinger
6b026efc7a
Compute actual_signing_key as early as possible 2021-05-13 13:49:39 +10:00
Thomas Eizinger
0a04b9a55c
Fix unit tests to not pass zero z 2021-05-13 13:12:57 +10:00
Lucas Soriano del Pino
83042c4148
OMG Monero transactions!!!!!!!! 2021-05-13 12:35:34 +10:00
Lucas Soriano del Pino
56128bb3a8
Some fixes
- Use correct key image for both signing and constructing transaction.
- Sort ring and commitment ring according to key offset order.
- Given the new order of items in the ring, allow asigning index
  values different to 0. This breaks signature verification, both
  locally and against Monero!
2021-05-13 11:34:58 +10:00
Thomas Eizinger
1e973e5bbd
Rewrite verify to use izip! 2021-05-12 20:47:58 +10:00
Thomas Eizinger
2c6e917554
Compute message to be signed differently 2021-05-12 20:47:57 +10:00
Thomas Eizinger
370718ab66
Put correct key-image into transaction prefix 2021-05-12 20:34:13 +10:00
Thomas Eizinger
58074fc083
ONLY PARTIALLY WORKING: Allow signing algorithm to be given signing key index
At the moment this works only if the index is 0.
2021-05-12 19:01:30 +10:00
Thomas Eizinger
3d9aee932c
Remove Ring datatype
We no longer need it now that we do this within hash_to_scalar
2021-05-12 12:02:42 +10:00
Thomas Eizinger
16d7094df0
Fix signature creation to output correct h_0 and s_0 2021-05-12 00:42:30 +10:00
Thomas Eizinger
e5b59ee67e
Make it typesafe to hash only slices of 32 bytes 2021-05-11 21:21:07 +10:00
Lucas Soriano del Pino
32cb801fc7
Add 0 bytes to end of domain tags (and other debugging) 2021-05-11 21:14:13 +10:00
Thomas Eizinger
7f2bc9d0bf
Use clsag module in integration test 2021-05-11 17:47:59 +10:00
Thomas Eizinger
08e591f54c
IT WORKS 2021-05-11 17:27:25 +10:00
Thomas Eizinger
ddddc4d1ac
Move code so it stays with the pre-computed things 2021-05-11 15:09:33 +10:00
Thomas Eizinger
fbf9d456ae
Use a closure to not duplicate the common parts of ring element 2021-05-11 15:08:20 +10:00
Thomas Eizinger
c0f4b566c4
Impl Sub for Ring to pre-compute adjusted commitment ring 2021-05-11 15:03:30 +10:00
Thomas Eizinger
5342eb5564
Make Ring an implementation detail of clsag 2021-05-11 14:53:35 +10:00
Thomas Eizinger
c6b36449dc
Deconstruct signature in parameter
This removes the intermediary variable I.
2021-05-11 14:51:15 +10:00
Thomas Eizinger
87ca636ddb
Use Cow to compress EdwardsPoint on the fly in hash function
This allows us to pass EdwardsPoint to hash_to_scalar without compressing
them a priori. As a result, we can remove a bunch of intermediary variables.
2021-05-11 14:48:37 +10:00
Thomas Eizinger
06f1ada2b1
Import tiny_keccak inside hash function 2021-05-11 14:39:48 +10:00
Thomas Eizinger
bf8bc68816
Inline AggregationHashes 2021-05-11 14:38:31 +10:00
Thomas Eizinger
e62c67753a
Inline clsag_round_hash_prefix fn 2021-05-11 14:30:35 +10:00
Thomas Eizinger
52939ad217
Redesign macro to use || as separator 2021-05-11 14:21:28 +10:00
Thomas Eizinger
cf32828739
Make hash_to_scalar a macro so we can pass different types 2021-05-11 14:14:08 +10:00
Thomas Eizinger
53916aab6b
Make Ring an implementation detail of clsag module 2021-05-11 12:47:20 +10:00
Thomas Eizinger
f9cac4b6c9
Don't take Rings by value if we don't consume them 2021-05-11 12:40:37 +10:00
Thomas Eizinger
6a4961a472
Add missing arguments to verify fn 2021-05-11 12:39:31 +10:00
Thomas Eizinger
9255cc8f68
Add dedicated test to clsag module 2021-05-11 12:34:58 +10:00
Thomas Eizinger
1bd8eb83d1
Move Signature::verify to clsag::verify 2021-05-11 12:32:47 +10:00
Thomas Eizinger
874179685a
Move Signature::verify under sign 2021-05-11 12:31:37 +10:00
Thomas Eizinger
07d544adde
Reorder and rename for clarification 2021-05-11 12:25:56 +10:00
Thomas Eizinger
4933d7f1b7
Extract INV_EIGHT constant 2021-05-11 12:21:10 +10:00
Thomas Eizinger
a73024ccfc
Inline AggregationHashes::hash 2021-05-11 12:17:22 +10:00
Thomas Eizinger
a4077d13e5
Inline challenge function 2021-05-11 12:13:14 +10:00
Thomas Eizinger
fb36b7fe4f
Extract hasher utility function 2021-05-11 12:09:15 +10:00
Thomas Eizinger
be7cdb23c3
Re-order arguments of clsag::sign 2021-05-11 12:00:51 +10:00
Thomas Eizinger
c68fe77211
Remove Result return value because we can never fail 2021-05-11 11:57:36 +10:00
Thomas Eizinger
a9e60515a1
Inline const's that are only used once 2021-05-11 11:56:27 +10:00
Thomas Eizinger
0658520ad6
Re-order clsag module to have pub fns first 2021-05-11 11:54:39 +10:00
Thomas Eizinger
ec3c358795
Extract clsag module 2021-05-11 11:51:29 +10:00