Skip to content

Commit

Permalink
update rpuzzle
Browse files Browse the repository at this point in the history
  • Loading branch information
@xhliu
xhliu committed Mar 26, 2021
1 parent 85cfe18 commit 69c0e50
Showing 1 changed file with 13 additions and 9 deletions.
22 changes: 13 additions & 9 deletions docs/rpuzzle.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,24 +4,28 @@ R-Puzzle

In R-puzzle, an ephemeral key ``k`` is never revealed. Instead ``r``, the x coordinate of its corresponding public key,
is revealed and from ``r`` along with the signature, the knowledge of ``k`` can be proved using existing ``checkSig``.

One crucial step in R-Puzzle is to extract ``r`` from `DER`_ encoded signature. The following is much easier than what is presented in the `R-Puzzle`_ talk.
More information can be found in the `R-Puzzle`_ talk.

.. code-block:: solidity
contract RPuzzle {
Sig s; // s = b'3045022100948c67a95f856ae875a48a2d104df9d232189897a811178a715617d4b090a7e90220616f6ced5ab219fe1bfcf9802994b3ce72afbb2db0c4b653a74c9f03fb99323f01'
Ripemd160 rhash;
constructor(Ripemd160 rhash) {
this.rhash = rhash;
}
function getSigR(Sig sig): bytes {
bytes lenBytes = sig[3:4];
function getSigR(Sig sigr): bytes {
bytes lenBytes = sigr[3:4];
int len = unpack(lenBytes);
bytes r = sig[4:4+len];
bytes r = sigr[4:4+len];
return r;
}
// r = b'00948c67a95f856ae875a48a2d104df9d232189897a811178a715617d4b090a7e9'
public function unlock(bytes r) {
require(r == this.getSigR(this.s));
public function unlock(Sig sig, PubKey pubKey, Sig sigr) {
require(this.rhash == hash160(this.getSigR(sigr)));
require(checkSig(sigr, pubKey));
require(checkSig(sig, pubKey));
}
}
Expand Down

0 comments on commit 69c0e50

Please sign in to comment.