Skip to content
Permalink
Browse files

fix some warnings

  • Loading branch information...
gijsvl committed Aug 30, 2019
1 parent 07c7179 commit 527868ec09a9d3363dbbc3624fe560f9c3752ccb
Showing with 35 additions and 41 deletions.
  1. +2 −1 .gitignore
  2. +5 −11 src/ccs08.rs
  3. +1 −1 src/channels.rs
  4. +14 −15 src/nizk.rs
  5. +13 −13 src/ped92.rs
@@ -1,3 +1,4 @@
.idea/
target
Cargo.lock
Cargo.lock
py/__pycache__/
@@ -7,16 +7,13 @@ Asiacrypt 2008
extern crate pairing;
extern crate rand;

use rand::{thread_rng, Rng};
use rand::Rng;
use super::*;
use cl::{KeyPair, Signature, PublicParams, setup, BlindKeyPair, ProofState, SignatureProof};
use cl::{Signature, PublicParams, setup, BlindKeyPair, ProofState, SignatureProof};
use ped92::{Commitment, CSMultiParams};
use pairing::{Engine, CurveProjective};
use ff::PrimeField;
use std::collections::HashMap;
use std::fmt::Display;
use std::mem::transmute;
use util::fmt_bytes_to_int;

/**
paramsUL contains elements generated by the verifier, which are necessary for the prover.
@@ -339,9 +336,6 @@ impl<E: Engine> RPPublicParams<E> {
let loglogb = logb.log2();
if loglogb > 0.0 {
let mut u = (logb / loglogb) as i32;
if u < 2 {
u = 2;
}
u = 57; //TODO: optimize u?
let l = (b as f32).log(u as f32).ceil() as i32;

@@ -412,7 +406,7 @@ impl<E: Engine> RPPublicParams<E> {
first & &second
}

fn compute_challenge(&self, proof: &RangeProof<E>) -> E::Fr {
pub fn compute_challenge(&self, proof: &RangeProof<E>) -> E::Fr {
let mut a = Vec::<E::Fqk>::with_capacity(self.p.l as usize);
for i in 0..proof.p1.sigProofs.len() {
a.push(proof.p1.sigProofs[i].a);
@@ -426,7 +420,7 @@ impl<E: Engine> RPPublicParams<E> {
#[cfg(test)]
mod tests {
use super::*;
use pairing::bls12_381::{Bls12, G1, Fq12, Fr};
use pairing::bls12_381::{Bls12, G1, Fr};
use time::PreciseTime;
use std::ops::Add;
use core::mem;
@@ -576,7 +570,7 @@ mod tests {
let mut averageProofSize = 0;
let mut averageVerify = time::Duration::nanoseconds(0);
let iter = 5;
for i in 0..iter {
for _i in 0..iter {
let a = rng.gen_range(0, 1000000);
let b = rng.gen_range(a, 1000000);
let x = rng.gen_range(a, b);
@@ -378,7 +378,7 @@ impl<E: Engine> CustomerState<E> {
let prev_pay_token = self.pay_tokens.get(&i).unwrap();
//println!("Found prev pay token: {}", prev_pay_token);

let pay_proof = cp.pub_params.prove(csprng, self.t.clone(), old_wallet, new_wallet.clone(),
let pay_proof = cp.pub_params.prove(csprng, old_wallet, new_wallet.clone(),
new_wcom.clone(), new_t, &prev_pay_token);

// update internal state after proof has been verified by remote
@@ -3,10 +3,9 @@ extern crate rand;

use super::*;
use rand::Rng;
use cl::{KeyPair, Signature, PublicParams, setup, BlindKeyPair, ProofState, SignatureProof, BlindPublicKey};
use ped92::{CSParams, Commitment, CSMultiParams, CommitmentProof};
use cl::{Signature, PublicParams, setup, BlindKeyPair, SignatureProof};
use ped92::{Commitment, CSMultiParams, CommitmentProof};
use pairing::{Engine, CurveProjective};
use ff::PrimeField;
use wallet::Wallet;
use ccs08::{RPPublicParams, RangeProof};
use serde::{Serialize, Deserialize};
@@ -67,16 +66,15 @@ impl<E: Engine> NIZKPublicParams<E> {
/** This method can be called to create the proof during the payment and closing protocol
Input:
rng: random generator
r: randomness of commitment of old wallet (TODO: still necessary?)
oldWallet: This is the wallet before payment occurs
newWallet: This is the new state of the wallet after payment
newWalletCom: A commitment of the new wallet
rPrime: randomness of commitment of new wallet
rPrime: blinding value of commitment of new wallet
paymentToken: A blind signature on the old wallet
Output:
NIZKProof: a proof that can be verified by the merchant during payment or closing protocol
*/
pub fn prove<R: Rng>(&self, rng: &mut R, r: E::Fr, oldWallet: Wallet<E>, newWallet: Wallet<E>,
pub fn prove<R: Rng>(&self, rng: &mut R, oldWallet: Wallet<E>, newWallet: Wallet<E>,
newWalletCom: Commitment<E>, rPrime: E::Fr, paymentToken: &Signature<E>) -> NIZKProof<E> {
//Commitment phase
//commit commitment
@@ -87,7 +85,7 @@ impl<E: Engine> NIZKPublicParams<E> {
false => self.comParams.pub_bases.len()
};

let (D, t, rt, mut reveal_wallet) = CommitmentProof::<E>::prove_commitment(rng, &self.comParams, &newWallet.as_fr_vec(), &vec! {});
let (D, t, rt) = CommitmentProof::<E>::prove_commitment(rng, &self.comParams, &newWallet.as_fr_vec(), &vec! {});

//commit signature
let zero = E::Fr::zero();
@@ -111,7 +109,7 @@ impl<E: Engine> NIZKPublicParams<E> {

//response commitment
let newWalletVec = newWallet.as_fr_vec();
let comProof = CommitmentProof::<E>::prove_response(&newWalletVec, &rPrime, &vec! {}, D, &t, rt, reveal_wallet.borrow_mut(), &challenge);
let comProof = CommitmentProof::<E>::prove_response(&newWalletVec, &rPrime, &vec! {}, D, &t, rt, &challenge);

//response range proof
let mut vec01 = newWalletVec[0..2].to_vec();
@@ -228,6 +226,8 @@ mod tests {
use super::*;
use pairing::bls12_381::{Bls12, Fr};
use util::convert_int_to_fr;
use rand::thread_rng;
use ff::PrimeField;

#[test]
fn nizk_proof_works() {
@@ -253,7 +253,7 @@ mod tests {
let blindPaymentToken = pubParams.keypair.sign_blind(rng, &pubParams.mpk, commitment1.clone());
let paymentToken = pubParams.keypair.unblind(&r, &blindPaymentToken);

let proof = pubParams.prove(rng, r, wallet1, wallet2,
let proof = pubParams.prove(rng, wallet1, wallet2,
commitment2.clone(), rprime, &paymentToken);
let fr = convert_int_to_fr::<Bls12>(*epsilon);
assert_eq!(pubParams.verify(proof, fr, &commitment2, wpk), true);
@@ -283,7 +283,7 @@ mod tests {
let blindPaymentToken = pubParams.keypair.sign_blind(rng, &pubParams.mpk, commitment1.clone());
let paymentToken = pubParams.keypair.unblind(&r, &blindPaymentToken);

let proof = pubParams.prove(rng, r, wallet1, wallet2,
let proof = pubParams.prove(rng, wallet1, wallet2,
commitment2.clone(), rprime, &paymentToken);
let fr = convert_int_to_fr::<Bls12>(*epsilon);
assert_eq!(pubParams.verify(proof, fr, &commitment2, wpk), true);
@@ -324,7 +324,7 @@ mod tests {
println!("close => {}", &wallet2);
assert!(pk.verify(&pubParams.mpk, &wallet2.as_fr_vec(), &closeToken));

let proof = pubParams.prove(rng, r, wallet1, wallet2,
let proof = pubParams.prove(rng, wallet1, wallet2,
commitment2.clone(), rprime, &paymentToken);

assert_eq!(pubParams.verify(proof, Fr::from_str(&epsilon.to_string()).unwrap(), &commitment2, wpk), true);
@@ -348,26 +348,25 @@ mod tests {

let pubParams = NIZKPublicParams::<Bls12>::setup(rng, 4);
let wallet1 = Wallet { pkc, wpk, bc, bm, close: None };
let wallet2 = Wallet::<Bls12> { pkc, wpk: wpkprime, bc: bc2, bm: bm2, close: None };

let bc2Prime = bc.clone();
let wallet3 = Wallet { pkc, wpk: wpkprime, bc: bc2Prime, bm: bm2, close: None };
let commitment1 = pubParams.comParams.commit(&wallet1.as_fr_vec().clone(), &r);
let commitment2 = pubParams.comParams.commit(&wallet3.as_fr_vec(), &rprime);
let blindPaymentToken = pubParams.keypair.sign_blind(rng, &pubParams.mpk, commitment1.clone());
let paymentToken = pubParams.keypair.unblind(&r, &blindPaymentToken);
let proof = pubParams.prove(rng, r, wallet1.clone(), wallet3, commitment2.clone(), rprime, &paymentToken);
let proof = pubParams.prove(rng, wallet1.clone(), wallet3, commitment2.clone(), rprime, &paymentToken);
assert_eq!(pubParams.verify(proof, Fr::from_str(&epsilon.to_string()).unwrap(), &commitment2, wpk), false);

let bm2Prime = bm.clone();
let wallet4 = Wallet { pkc, wpk: wpkprime, bc: bc2, bm: bm2Prime, close: None };
let commitment2 = pubParams.comParams.commit(&wallet4.as_fr_vec(), &rprime);
let proof = pubParams.prove(rng, r, wallet1.clone(), wallet4, commitment2.clone(), rprime, &paymentToken);
let proof = pubParams.prove(rng, wallet1.clone(), wallet4, commitment2.clone(), rprime, &paymentToken);
assert_eq!(pubParams.verify(proof, Fr::from_str(&epsilon.to_string()).unwrap(), &commitment2, wpk), false);

let wallet5 = Wallet { pkc: Fr::rand(rng), wpk: wpkprime, bc: bc2, bm: bm2, close: None };
let commitment2 = pubParams.comParams.commit(&wallet5.as_fr_vec(), &rprime);
let proof = pubParams.prove(rng, r, wallet1.clone(), wallet5, commitment2.clone(), rprime, &paymentToken);
let proof = pubParams.prove(rng, wallet1.clone(), wallet5, commitment2.clone(), rprime, &paymentToken);
assert_eq!(pubParams.verify(proof, Fr::from_str(&epsilon.to_string()).unwrap(), &commitment2, wpk), false);
}

@@ -1,5 +1,5 @@
// ped92.rs
use rand::{thread_rng, Rng};
use rand::Rng;
use pairing::{Engine, CurveProjective};
use ff::{Rand, Field, PrimeField};
use std::fmt;
@@ -116,7 +116,7 @@ impl<E: Engine> CSMultiParams<E> {
pub fn setup_gen_params<R: Rng>(rng: &mut R, len: usize) -> Self {
let mut p: Vec<E::G1> = Vec::new();
// 1 extra base element for the random parameter
for i in 0..len + 1 {
for _i in 0..len + 1 {
p.push(E::G1::rand(rng));
}
CSMultiParams { pub_bases: p }
@@ -194,23 +194,21 @@ pub struct CommitmentProof<E: Engine> {

impl<E: Engine> CommitmentProof<E> {
pub fn new<R: Rng>(csprng: &mut R, com_params: &CSMultiParams<E>, com: &E::G1, wallet: &Vec<E::Fr>, r: &E::Fr, reveal_index: &Vec<usize>) -> Self {
let (Tvals, t, rt, mut reveal_wallet) = CommitmentProof::<E>::prove_commitment::<R>(csprng, com_params, wallet, reveal_index);
let (Tvals, t, rt) = CommitmentProof::<E>::prove_commitment::<R>(csprng, com_params, wallet, reveal_index);

// compute the challenge
let x: Vec<E::G1> = vec![Tvals, com.clone()];
let challenge = util::hash_g1_to_fr::<E>(&x);

// compute the response
CommitmentProof::<E>::prove_response(wallet, r, reveal_index, Tvals, &t, rt, reveal_wallet.borrow_mut(), &challenge)
CommitmentProof::<E>::prove_response(wallet, r, reveal_index, Tvals, &t, rt, &challenge)
}

pub fn prove_commitment<R: Rng>(csprng: &mut R, com_params: &CSMultiParams<E>, wallet: &Vec<E::Fr>, reveal_index: &Vec<usize>) -> (E::G1, Vec<E::Fr>, Vec<E::Fr>, Vec<E::Fr>) {
pub fn prove_commitment<R: Rng>(csprng: &mut R, com_params: &CSMultiParams<E>, wallet: &Vec<E::Fr>, reveal_index: &Vec<usize>) -> (E::G1, Vec<E::Fr>, Vec<E::Fr>) {
let mut Tvals = E::G1::zero();
assert!(wallet.len() <= com_params.pub_bases.len());
let mut t = Vec::<E::Fr>::with_capacity(wallet.len() + 1);
let mut rt: Vec<E::Fr> = Vec::new();
// t values that will be revealed
let mut reveal_wallet: Vec<E::Fr> = Vec::new();
// aspects of wallet being revealed
for i in 0..wallet.len() + 1 {
let ti = E::Fr::rand(csprng);
@@ -225,15 +223,17 @@ impl<E: Engine> CommitmentProof<E> {
gt.mul_assign(ti.into_repr());
Tvals.add_assign(&gt);
}
(Tvals, t, rt, reveal_wallet)
(Tvals, t, rt)
}

pub fn prove_response(wallet: &Vec<E::Fr>, r: &E::Fr, reveal_index: &Vec<usize>, Tvals: E::G1, t: &Vec<E::Fr>, rt: Vec<E::Fr>, reveal_wallet: &mut Vec<E::Fr>, challenge: &E::Fr) -> CommitmentProof<E> {
pub fn prove_response(wallet: &Vec<E::Fr>, r: &E::Fr, reveal_index: &Vec<usize>, Tvals: E::G1, t: &Vec<E::Fr>, rt: Vec<E::Fr>, challenge: &E::Fr) -> CommitmentProof<E> {
let mut z: Vec<E::Fr> = Vec::new();
let mut z0 = r.clone();
z0.mul_assign(&challenge);
z0.add_assign(&t[0]);
z.push(z0);
// t values that will be revealed
let mut reveal_wallet: Vec<E::Fr> = Vec::new();
reveal_wallet.push(E::Fr::zero());
for i in 1..t.len() {
let mut zi = wallet[i - 1].clone();
@@ -276,6 +276,7 @@ impl<E: Engine> CommitmentProof<E> {
mod tests {
use super::*;
use pairing::bls12_381::{Bls12, Fr, G1};
use rand::thread_rng;
use ff::Field;
use wallet::Wallet;

@@ -301,7 +302,7 @@ mod tests {
let csp = CSMultiParams::<Bls12>::setup_gen_params(rng, len);

let mut m: Vec<Fr> = Vec::new();
for i in 0..len {
for _i in 0..len {
m.push(Fr::rand(rng));
}
let r = Fr::rand(rng);
@@ -320,7 +321,7 @@ mod tests {
let csp = CSMultiParams::<Bls12>::setup_gen_params(rng, len);

let mut m1: Vec<Fr> = Vec::new();
for i in 0..len-1 {
for _i in 0..len-1 {
m1.push(Fr::rand(rng));
}
let extra_m = Fr::rand(rng);
@@ -342,7 +343,7 @@ mod tests {

#[test]
fn test_csp_basic_serialize() {
let mut rng = &mut rand::thread_rng();
let rng = &mut rand::thread_rng();
let len = 5;
let csp = CSMultiParams::<Bls12>::setup_gen_params(rng, len);

@@ -359,7 +360,6 @@ mod tests {
let t = Fr::rand(rng);

let bc = rng.gen_range(100, 1000);
let bc2 = rng.gen_range(100, 1000);
let bm = rng.gen_range(100, 1000);
let wallet = Wallet::<Bls12> { pkc: pkc, wpk: wpk, bc: bc, bm: bm, close: None };

0 comments on commit 527868e

Please sign in to comment.
You can’t perform that action at this time.