Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use ZKSigma in stead of built in crypto.go #2

Merged
merged 5 commits into from Mar 8, 2019
Merged
Changes from 1 commit
Commits
File filter...
Filter file types
Jump to…
Jump to file or symbol
Failed to load files and symbols.

Always

Just for now

@@ -1,4 +1,4 @@
package zkledger
package apl

This comment has been minimized.

Copy link
@narula

narula Feb 28, 2019

Member

should be zkledger


import (
"fmt"
@@ -7,6 +7,8 @@ import (
"net"
"net/rpc"
"sync"

"github.com/mit-dci/zksigma"
)

type Auditor struct {
@@ -18,8 +20,8 @@ type Auditor struct {
Done chan bool
banks []BankClient
pki *PKI
CommsCache []ECPoint
RTokenCache []ECPoint
CommsCache []zksigma.ECPoint
RTokenCache []zksigma.ECPoint
Setup chan struct{}
}

@@ -34,11 +36,11 @@ func MakeAuditor(num int, pki *PKI) *Auditor {
pki: pki,
Setup: make(chan struct{}),
}
a.CommsCache = make([]ECPoint, a.num)
a.RTokenCache = make([]ECPoint, a.num)
a.CommsCache = make([]zksigma.ECPoint, a.num)
a.RTokenCache = make([]zksigma.ECPoint, a.num)
for i := 0; i < a.num; i++ {
a.CommsCache[i] = EC.Zero()
a.RTokenCache[i] = EC.Zero()
a.CommsCache[i] = zksigma.Zero

This comment has been minimized.

Copy link
@narula

narula Mar 7, 2019

Member

how is this safe? it means all the caches are using the same underlying big ints, right?

This comment has been minimized.

Copy link
@gertjaap

gertjaap Mar 8, 2019

Author Contributor

As far as I can tell, the only operation done on these cache points is Add. And an Add to Zero will return the point you're adding. But even an Add between two non-zero points returns new BigInts. So the Zero point will never be modified.

a.RTokenCache[i] = zksigma.Zero
}
go a.start()
return a
@@ -89,14 +91,14 @@ func (a *Auditor) register(hostname string, baseport int, bankHostnames []string
func (a *Auditor) start() {
<-a.Setup
Dprintf("[A] Starting audit loop...\n")
var pks []ECPoint
var pks []zksigma.ECPoint
for {
select {
case etx := <-a.receivedTxns:
Dprintf("[A][%v] Received txn...\n", etx.Index)
// Verify
if pks == nil {
pks = make([]ECPoint, a.num+1) // all the banks and the issuer
pks = make([]zksigma.ECPoint, a.num+1) // all the banks and the issuer
for i := 0; i < a.num+1; i++ {
pks[i] = a.pki.Get(i)
}
@@ -129,8 +131,8 @@ func (a *Auditor) start() {
} else if etx.Type == Issuance || etx.Type == Withdrawal {
// Only one bank for now
en := &etx.Entries[etx.Sender]
gval := EC.G.Mult(en.V)
a.CommsCache[etx.Sender] = EC.Add(a.CommsCache[etx.Sender], gval)
gval := zksigma.ZKCurve.G.Mult(en.V)
a.CommsCache[etx.Sender] = a.CommsCache[etx.Sender].Add(gval)
}
Dprintf("[A][%v] Processed txn\n", etx.Index)
a.mu.Unlock()
@@ -162,8 +164,8 @@ func (a *Auditor) computeSum(bank_i int) (*big.Int, bool) {
Dprintf("[A] Auditing bank %v \n", bank_i)
var rep AuditRep
a.banks[bank_i].Audit(&struct{}{}, &rep)
comms := EC.Zero()
rtokens := EC.Zero()
comms := zksigma.Zero
rtokens := zksigma.Zero
a.mu.Lock()
if *useCache {
comms = a.CommsCache[bank_i]
@@ -172,18 +174,18 @@ func (a *Auditor) computeSum(bank_i int) (*big.Int, bool) {
for i := 0; i < len(a.local_ledger.Transactions); i++ {
etx := &a.local_ledger.Transactions[i]
if etx.Type == Transfer {
comms = EC.Add(comms, etx.Entries[bank_i].Comm)
rtokens = EC.Add(rtokens, etx.Entries[bank_i].RToken)
comms = comms.Add(etx.Entries[bank_i].Comm)
rtokens = rtokens.Add(etx.Entries[bank_i].RToken)
} else if (etx.Type == Issuance || etx.Type == Withdrawal) && etx.Sender == bank_i {
gval := EC.G.Mult(etx.Entries[etx.Sender].V)
comms = EC.Add(comms, gval)
gval := zksigma.ZKCurve.G.Mult(etx.Entries[etx.Sender].V)
comms = comms.Add(gval)
}
}
}
a.mu.Unlock()
gv := EC.G.Mult(rep.Sum).Neg() // 1 / g^\sum{v_i}
T := EC.Add(comms, gv)
verifies := VerifyEquivalence(T, rtokens, EC.H, a.pki.Get(bank_i), rep.Eproof)
gv := zksigma.ZKCurve.G.Mult(rep.Sum).Neg() // 1 / g^\sum{v_i}
T := comms.Add(gv)
verifies, _ := rep.Eproof.Verify(T, rtokens, zksigma.ZKCurve.H, a.pki.Get(bank_i))
if !verifies {
Dprintf("[A] Bank %v proof didn't verify! Their total: %v\n", bank_i, rep.Sum)
Dprintf(" My \\sum{rtks_i}: %v\n", rtokens)
@@ -198,26 +200,26 @@ func (a *Auditor) computeSum(bank_i int) (*big.Int, bool) {
func (a *Auditor) sumOneBank(wg *sync.WaitGroup, bank_i int, totals []*big.Int, cache bool) {
var rep AuditRep
a.banks[bank_i].Audit(&struct{}{}, &rep)
comms := EC.Zero()
rtokens := EC.Zero()
comms := zksigma.Zero
rtokens := zksigma.Zero
if *useCache && cache {
comms = a.CommsCache[bank_i]
rtokens = a.RTokenCache[bank_i]
} else {
for i := 0; i < len(a.local_ledger.Transactions); i++ {
etx := &a.local_ledger.Transactions[i]
if etx.Type == Transfer {
comms = EC.Add(comms, etx.Entries[bank_i].Comm)
rtokens = EC.Add(rtokens, etx.Entries[bank_i].RToken)
comms = comms.Add(etx.Entries[bank_i].Comm)
rtokens = rtokens.Add(etx.Entries[bank_i].RToken)
} else if (etx.Type == Issuance || etx.Type == Withdrawal) && etx.Sender == bank_i {
gval := EC.G.Mult(etx.Entries[etx.Sender].V)
comms = EC.Add(comms, gval)
gval := zksigma.ZKCurve.G.Mult(etx.Entries[etx.Sender].V)
comms = comms.Add(gval)
}
}
}
gv := EC.G.Mult(rep.Sum).Neg() // 1 / g^\sum{v_i}
T := EC.Add(comms, gv)
verifies := VerifyEquivalence(T, rtokens, EC.H, a.pki.Get(bank_i), rep.Eproof)
gv := zksigma.ZKCurve.G.Mult(rep.Sum).Neg() // 1 / g^\sum{v_i}
T := comms.Add(gv)
verifies, _ := rep.Eproof.Verify(T, rtokens, zksigma.ZKCurve.H, a.pki.Get(bank_i))
if !verifies {
Dprintf("[A] Bank %v proof didn't verify! Their total: %v\n", bank_i, rep.Sum)
Dprintf(" My \\sum{rtks_i}: %v\n", rtokens)
@@ -1,4 +1,4 @@
package zkledger
package apl

import (
"fmt"
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.