Documentation ¶
Index ¶
- Constants
- Variables
- func CalculateL(aL, sL []*big.Int, z, x *big.Int) []*big.Int
- func CalculateLMRP(aL, sL []*big.Int, z, x *big.Int) []*big.Int
- func CalculateR(aR, sR, y, po2 []*big.Int, z, x *big.Int) []*big.Int
- func CalculateRMRP(aR, sR, y, zTimesTwo []*big.Int, z, x *big.Int) []*big.Int
- func Delta(y []*big.Int, z *big.Int) *big.Int
- func DeltaMRP(y []*big.Int, z *big.Int, m int) *big.Int
- func DeserializeCompressed(curve elliptic.Curve, b []byte) *ecdsa.PublicKey
- func GenKeyImage(privkey *ecdsa.PrivateKey) *ecdsa.PublicKey
- func GenKeyRing(ring []*ecdsa.PublicKey, privkey *ecdsa.PrivateKey, s int) ([]*ecdsa.PublicKey, error)
- func GenNewKeyRing(size int, privkey *ecdsa.PrivateKey, s int) ([]*ecdsa.PublicKey, error)
- func GenerateNewParams(G, H []ECPoint, x *big.Int, L, R, P ECPoint) ([]ECPoint, []ECPoint, ECPoint)
- func HashPoint(p *ecdsa.PublicKey) (*big.Int, *big.Int)
- func HashPointsToBytes(points []ECPoint) []byte
- func InnerProduct(a []*big.Int, b []*big.Int) *big.Int
- func InnerProductVerify(c *big.Int, P, U ECPoint, G, H []ECPoint, ipp InnerProdArg) bool
- func InnerProductVerifyFast(c *big.Int, P, U ECPoint, G, H []ECPoint, ipp InnerProdArg) bool
- func Link(sig_a *RingSignature, sig_b *RingSignature) bool
- func MRPVerify(mrp *MultiRangeProof) bool
- func PadLeft(str, pad string, l int) string
- func PadTo32Bytes(in []byte) (out []byte)
- func PowerVector(l int, base *big.Int) []*big.Int
- func RandVector(l int) []*big.Int
- func STRNot(str string) string
- func ScalarVectorMul(v []*big.Int, s *big.Int) []*big.Int
- func SerializeCompressed(p *ecdsa.PublicKey) []byte
- func StrToBigIntArray(str string) []*big.Int
- func TestRingSignature() (bool, []byte)
- func VectorAdd(v []*big.Int, w []*big.Int) []*big.Int
- func VectorAddScalar(v []*big.Int, s *big.Int) []*big.Int
- func VectorHadamard(v, w []*big.Int) []*big.Int
- func VectorSum(y []*big.Int) *big.Int
- func Verify(sig *RingSignature, verifyMes bool) bool
- type Bulletproof
- type CryptoParams
- type ECPoint
- type InnerProdArg
- type MultiRangeProof
- type PrivateSendVerifier
- type RangeProof
- type Ring
- type RingSignature
Constants ¶
const ( PubKeyBytesLenCompressed = 33 PubKeyBytesLenUncompressed = 65 PubKeyBytesLenHybrid = 65 )
These constants define the lengths of serialized public keys.
Variables ¶
var MAX_64_BITS = new(big.Int).SetUint64(0xFFFFFFFFFFFFFFFF)
var VecLength = 512 // support maximum 8 spending value, each 64 bit (gwei is unit)
Functions ¶
func CalculateL ¶
Calculates (aL - z*1^n) + sL*x
func CalculateLMRP ¶
Calculates (aL - z*1^n) + sL*x
func DeserializeCompressed ¶
func GenKeyImage ¶
func GenKeyImage(privkey *ecdsa.PrivateKey) *ecdsa.PublicKey
calculate key image I = x * H_p(P) where H_p is a hash function that returns a point H_p(P) = sha3(P) * G
func GenKeyRing ¶
func GenKeyRing(ring []*ecdsa.PublicKey, privkey *ecdsa.PrivateKey, s int) ([]*ecdsa.PublicKey, error)
takes public key ring and places the public key corresponding to `privkey` in index s of the ring returns a key ring of type []*ecdsa.PublicKey
func GenNewKeyRing ¶
creates a ring with size specified by `size` and places the public key corresponding to `privkey` in index s of the ring returns a new key ring of type []*ecdsa.PublicKey
func GenerateNewParams ¶
func HashPointsToBytes ¶
func InnerProduct ¶
The length here always has to be a power of two
func InnerProductVerify ¶
Inner Product Verify
Given a inner product proof, verifies the correctness of the proof Since we're using the Fiat-Shamir transform, we need to verify all x hash computations, all g' and h' computations P : the Pedersen commitment we are verifying is a commitment to the innner product ipp : the proof
func InnerProductVerifyFast ¶
func Link ¶
func Link(sig_a *RingSignature, sig_b *RingSignature) bool
func MRPVerify ¶
func MRPVerify(mrp *MultiRangeProof) bool
MultiRangeProof Verify Takes in a MultiRangeProof and verifies its correctness
func PadLeft ¶
from here: https://play.golang.org/p/zciRZvD0Gr with a fix
func PadTo32Bytes ¶
func RandVector ¶
func SerializeCompressed ¶
SerializeCompressed serializes a public key in a 33-byte compressed format.
func StrToBigIntArray ¶
func TestRingSignature ¶
func Verify ¶
func Verify(sig *RingSignature, verifyMes bool) bool
verify ring signature contained in RingSignature struct returns true if a valid signature, false otherwise
Types ¶
type Bulletproof ¶
type Bulletproof struct {
// contains filtered or unexported fields
}
type CryptoParams ¶
type CryptoParams struct { C elliptic.Curve // curve KC *btcec.KoblitzCurve // curve BPG []ECPoint // slice of gen 1 for BP BPH []ECPoint // slice of gen 2 for BP N *big.Int // scalar prime U ECPoint // a point that is a fixed group element with an unknown discrete-log relative to g,h V int // Vector length G ECPoint // G value for commitments of a single value H ECPoint // H value for commitments of a single value }
var EC CryptoParams
func NewECPrimeGroupKey ¶
func NewECPrimeGroupKey(n int) CryptoParams
NewECPrimeGroupKey returns the curve (field), Generator 1 x&y, Generator 2 x&y, order of the generators
func (CryptoParams) Zero ¶
func (c CryptoParams) Zero() ECPoint
type ECPoint ¶
Implementation of BulletProofs
func TwoVectorPCommit ¶
Two Vector P Commit Given an array of values, we commit the array with different generators for each element and for each randomness.
func TwoVectorPCommitWithGens ¶
Vector Pedersen Commitment with Gens Given an array of values, we commit the array with different generators for each element and for each randomness. We also pass in the Generators we want to use
func VectorPCommit ¶
Vector Pedersen Commitment Given an array of values, we commit the array with different generators for each element and for each randomness.
type InnerProdArg ¶
InnerProd Proof This stores the argument values
func InnerProductProve ¶
func InnerProductProve(a []*big.Int, b []*big.Int, c *big.Int, P, U ECPoint, G, H []ECPoint) InnerProdArg
rpresult.IPP = InnerProductProve(left, right, that, P, EC.U, EC.BPG, HPrime)
func InnerProductProveSub ¶
func InnerProductProveSub(proof InnerProdArg, G, H []ECPoint, a []*big.Int, b []*big.Int, u ECPoint, P ECPoint) InnerProdArg
Inner Product Argument
Proves that <a,b>=c This is a building block for BulletProofs
func (*InnerProdArg) Deserialize ¶
func (ipp *InnerProdArg) Deserialize(proof []byte, numChallenges int) error
func (*InnerProdArg) Serialize ¶
func (ipp *InnerProdArg) Serialize() []byte
type MultiRangeProof ¶
type MultiRangeProof struct { Comms []ECPoint A ECPoint S ECPoint T1 ECPoint T2 ECPoint Tau *big.Int Th *big.Int Mu *big.Int IPP InnerProdArg // challenges Cy *big.Int Cz *big.Int Cx *big.Int }
func (*MultiRangeProof) Deserialize ¶
func (mrp *MultiRangeProof) Deserialize(proof []byte) error
func (*MultiRangeProof) Serialize ¶
func (mrp *MultiRangeProof) Serialize() []byte
type PrivateSendVerifier ¶
type PrivateSendVerifier struct {
// contains filtered or unexported fields
}
The proof contains pretty much stuffs The proof contains pretty much stuffs Ring size rs: 1 byte => proof[0] num input: number of real inputs: 1 byte => proof[1] List of inputs/UTXO index typed uint64 => total size = rs * numInput * 8 = proof[0]*proof[1]*8 List of key images: total size = numInput * 33 = proof[1] * 33 number of output n: 1 byte List of output => n * 130 bytes transaction fee: uint256 => 32 byte ringCT proof size ctSize: uint16 => 2 byte ringCT proof: ctSize bytes bulletproofs: bp
type RangeProof ¶
type Ring ¶
func GenerateMultiRingParams ¶
func GenerateMultiRingParams(numRing int, ringSize int, s int) (rings []Ring, privkeys []*ecdsa.PrivateKey, m [32]byte, err error)
function returns(mutiple rings, private keys, message, error)
type RingSignature ¶
type RingSignature struct { NumRing int Size int // size of ring M [32]byte // message C *big.Int // ring signature value, 1 element S [][]*big.Int // ring signature values: [NumRing][Size] Ring []Ring // array of rings of pubkeys: [NumRing] I []*ecdsa.PublicKey // key images, size = the number of rings [NumRing] Curve elliptic.Curve SerializedRing []byte //temporary memory stored the raw ring ct used in case of verifying ringCT with message verification }
func Deserialize ¶
func Deserialize(r []byte) (*RingSignature, error)
deserializes the byteified signature into a RingSignature struct
func Sign ¶
func Sign(m [32]byte, rings []Ring, privkeys []*ecdsa.PrivateKey, s int) (*RingSignature, error)
create ring signature from list of public keys given inputs: msg: byte array, message to be signed ring: array of *ecdsa.PublicKeys to be included in the ring privkey: *ecdsa.PrivateKey of signer s: index of signer in ring
func (*RingSignature) Serialize ¶
func (r *RingSignature) Serialize() ([]byte, error)
converts the signature to a byte array this is the format that will be used when passing EVM bytecode