Add initial issuance boilerplate

src/Makefile.am

@@ -129,6 +129,7 @@ BITCOIN_CORE_H = \
   interfaces/handler.h \
   interfaces/node.h \
   interfaces/wallet.h \
+  issuance.h \
   key.h \
   key_io.h \
   keystore.h \
@@ -414,6 +415,7 @@ libbitcoin_common_a_SOURCES = \
   compressor.cpp \
   core_read.cpp \
   core_write.cpp \
+  issuance.cpp \
   key.cpp \
   key_io.cpp \
   keystore.cpp \

src/issuance.cpp

@@ -0,0 +1,48 @@
+
+#include <issuance.h>
+
+#include <primitives/transaction.h>
+#include <amount.h>
+
+void GenerateAssetEntropy(uint256& entropy, const COutPoint& prevout, const uint256& contracthash)
+{
+    // E : entropy
+    // I : prevout
+    // C : contract
+    // E = H( H(I) || H(C) )
+    std::vector<uint256> leaves;
+    leaves.reserve(2);
+    leaves.push_back(SerializeHash(prevout, SER_GETHASH, 0));
+    leaves.push_back(contracthash);
+    entropy = ComputeFastMerkleRoot(leaves);
+}
+
+void CalculateAsset(CAsset& asset, const uint256& entropy)
+{
+    static const uint256 kZero = uint256S("0x0000000000000000000000000000000000000000000000000000000000000000");
+    // H_a : asset tag
+    // E   : entropy
+    // H_a = H( E || 0 )
+    std::vector<uint256> leaves;
+    leaves.reserve(2);
+    leaves.push_back(entropy);
+    leaves.push_back(kZero);
+    asset = CAsset(ComputeFastMerkleRoot(leaves));
+}
+
+void CalculateReissuanceToken(CAsset& reissuanceToken, const uint256& entropy, bool fConfidential)
+{
+    static const uint256 kOne = uint256S("0x0000000000000000000000000000000000000000000000000000000000000001");
+    static const uint256 kTwo = uint256S("0x0000000000000000000000000000000000000000000000000000000000000002");
+    // H_a : asset reissuance tag
+    // E   : entropy
+    // if not fConfidential:
+    //     H_a = H( E || 1 )
+    // else
+    //     H_a = H( E || 2 )
+    std::vector<uint256> leaves;
+    leaves.reserve(2);
+    leaves.push_back(entropy);
+    leaves.push_back(fConfidential ? kTwo : kOne);
+    reissuanceToken = CAsset(ComputeFastMerkleRoot(leaves));
+}

src/issuance.h

@@ -0,0 +1,46 @@
+
+#ifndef BITCOIN_ISSUANCE_H
+#define BITCOIN_ISSUANCE_H
+
+#include <primitives/transaction.h>
+#include <amount.h>
+#include <hash.h>
+#include <consensus/merkle.h>
+
+/**
+ * Calculate the asset entropy from an COutPoint and a tx-author specified
+ * Ricardian contract. See Definition 18 of the confidential assets paper.
+ *
+ * @param[out]  entropy       The asset entropy, which is used as input to
+ *                            CalculateAsset and CalculateReissuanceToken.
+ * @param[in]   prevout       Reference to the UTXO being spent.
+ * @param[in]   contracthash  Root hash of the issuer-specified Ricardian
+ *                            contract.
+ */
+void GenerateAssetEntropy(uint256& entropy, const COutPoint& prevout, const uint256& contracthash);
+
+/**
+ * Derive the asset from the entropy. See Definintion 19 of the confidential
+ * assets paper.
+ *
+ * @param[out]  asset    The nonce used as auxiliary input to the Pedersen
+ *                       commitment setup to derive the unblinded asset tag.
+ * @param[in]   entropy  The asset entropy returned by GenerateAssetEntropy.
+ */
+void CalculateAsset(CAsset& asset, const uint256& entropy);
+
+/**
+ * Derive the asset reissuance token asset from the entropy and reissuance
+ * parameters (confidential or explicit). See Definition 21 of the confidential
+ * assets paper.
+ *
+ * @param[out]  reissuanceToken  The nonce used as auxiliary input to the
+ *                               Pedersen commitment setup to derive the
+ *                               unblinded reissuance asset tag.
+ * @param[in]   entropy          The asset entropy returned by GenerateAssetEntropy.
+ * @param[in]   fConfidential    Set to true if the initial issuance was blinded,
+ *                               false otherwise.
+ */
+void CalculateReissuanceToken(CAsset& reissuanceToken, const uint256& entropy, bool fConfidential);
+
+#endif // BITCOIN_ISSUANCE_H