Documentation ¶
Index ¶
Constants ¶
const OnChainResponseLength = ProofLength + 32
OnChainResponseLength is the length of the MarshaledOnChainResponse. The extra 32 bytes are for blocknumber (as a uint256), which goes at the end. The seed is rewritten with the preSeed. (See MarshalForVRFCoordinator and ProofResponse#ActualProof.)
const ProofLength = 64 + 64 + 32 + 32 + 32 + 32 + 64 + 64 + 32 // zInv (Leave Output out, because that can be efficiently calculated)
Length of marshaled proof, in bytes
Variables ¶
This section is empty.
Functions ¶
func FinalSeed ¶
func FinalSeed(s PreSeedData) (finalSeed *big.Int)
FinalSeed is the seed which is actually passed to the VRF proof generator, given the pre-seed and the hash of the block in which the VRFCoordinator emitted the log for the request this is responding to.
Types ¶
type MarshaledOnChainResponse ¶
type MarshaledOnChainResponse [OnChainResponseLength]byte
MarshaledOnChainResponse is the flat bytes which are sent back to the VRFCoordinator.
func GenerateProofResponse ¶
func GenerateProofResponse(keystore *keystore.VRF, key secp256k1.PublicKey, s PreSeedData) ( MarshaledOnChainResponse, error)
func GenerateProofResponseFromProof ¶
func GenerateProofResponseFromProof(proof vrfkey.Proof, s PreSeedData) (MarshaledOnChainResponse, error)
type MarshaledProof ¶
type MarshaledProof [ProofLength]byte
MarshaledProof contains a VRF proof for randomValueFromVRFProof.
NB: when passing one of these to randomValueFromVRFProof via the geth blockchain simulator, it must be passed as a slice ("proof[:]"). Passing it as-is sends hundreds of single bytes, each padded to their own 32-byte word.
func MarshalForSolidityVerifier ¶
func MarshalForSolidityVerifier(p *vrfkey.Proof) (MarshaledProof, error)
MarshalForSolidityVerifier renders p as required by randomValueFromVRFProof
func (MarshaledProof) String ¶
func (m MarshaledProof) String() string
String returns m as 0x-hex bytes
type PreSeedData ¶
type PreSeedData struct { PreSeed Seed // Seed to be mixed with hash of containing block BlockHash common.Hash // Hash of block containing VRF request BlockNum uint64 // Cardinal number of block containing VRF request }
PreSeedData contains the data the VRF provider needs to compute the final VRF output and marshal the proof for transmission to the VRFCoordinator contract.
func TestXXXSeedData ¶
type ProofResponse ¶
type ProofResponse struct { // Approximately the proof which will be checked on-chain. Note that this // contains the pre-seed in place of the final seed. That should be computed // as in FinalSeed. P vrfkey.Proof PreSeed Seed // Seed received during VRF request BlockNum uint64 // Height of the block in which tihs request was made }
ProofResponse is the data which is sent back to the VRFCoordinator, so that it can verify that the seed the oracle finally used is correct.
func UnmarshalProofResponse ¶
func UnmarshalProofResponse(m MarshaledOnChainResponse) (*ProofResponse, error)
UnmarshalProofResponse returns the ProofResponse represented by the bytes in m
func (ProofResponse) CryptoProof ¶
func (p ProofResponse) CryptoProof(s PreSeedData) (vrfkey.Proof, error)
CryptoProof returns the proof implied by p, with the correct seed
func (*ProofResponse) MarshalForVRFCoordinator ¶
func (p *ProofResponse) MarshalForVRFCoordinator() ( response MarshaledOnChainResponse, err error)
MarshalForVRFCoordinator constructs the flat bytes which are sent to the VRFCoordinator.
type Seed ¶
type Seed [32]byte
Seed represents a VRF seed as a serialized uint256
func BytesToSeed ¶
BytesToSeed returns the Seed corresponding to b, or an error if b is too long
type SolidityProof ¶
type SolidityProof struct { P *vrfkey.Proof // The core proof UWitness common.Address // Address of P.C*P.PK+P.S*G CGammaWitness, SHashWitness kyber.Point // P.C*P.Gamma, P.S*HashToCurve(P.Seed) ZInv *big.Int // Inverse of Z coord from ProjectiveECAdd(CGammaWitness, SHashWitness) }
SolidityProof contains precalculations which VRF.sol needs to verifiy proofs
func SolidityPrecalculations ¶
func SolidityPrecalculations(p *vrfkey.Proof) (*SolidityProof, error)
SolidityPrecalculations returns the precomputed values needed by the solidity verifier, or an error on failure.
func (*SolidityProof) MarshalForSolidityVerifier ¶
func (p *SolidityProof) MarshalForSolidityVerifier() (proof MarshaledProof)
MarshalForSolidityVerifier renders p as required by randomValueFromVRFProof
func (*SolidityProof) String ¶
func (p *SolidityProof) String() string
String returns the values in p, in hexadecimal format