Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Psetv2 signer, finaliser and extractor #184

Closed
wants to merge 54 commits into from
Closed

Psetv2 signer, finaliser and extractor #184

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
54 commits
Select commit Hold shift + click to select a range
3d67bf2
added factory method FromPublicKeys for creating multiscript payment
sekulicd May 20, 2020
cc3bf1f
fix merge conflicts
sekulicd May 20, 2020
46662ff
Merge remote-tracking branch 'upstream/master'
sekulicd May 21, 2020
4c8baee
Merge remote-tracking branch 'upstream/master'
sekulicd May 27, 2020
c46b796
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 1, 2020
c7665a1
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 1, 2020
50ed1cc
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 3, 2020
a4c66c3
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 3, 2020
33e70ef
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 3, 2020
84f5e8e
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 4, 2020
eb921b6
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 8, 2020
3a8583f
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 9, 2020
b8c87cc
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 10, 2020
1efdee4
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 12, 2020
97e95fc
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 12, 2020
fe6bffd
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 12, 2020
0798fd1
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 16, 2020
b69eb30
merge with master
sekulicd Jun 26, 2020
b13d220
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 30, 2020
831f1ac
Merge remote-tracking branch 'upstream/master'
sekulicd Jul 20, 2020
5f3c1d3
Merge remote-tracking branch 'upstream/master'
sekulicd Jul 22, 2020
9b78b6b
Merge remote-tracking branch 'upstream/master'
sekulicd Aug 27, 2020
4cbd8fb
Merge remote-tracking branch 'upstream/master'
sekulicd Nov 24, 2020
78a1cbb
Merge remote-tracking branch 'upstream/master'
sekulicd Mar 30, 2021
6e453bb
Merge remote-tracking branch 'upstream/master'
sekulicd May 6, 2021
ed46ed5
Merge remote-tracking branch 'upstream/master'
sekulicd Jun 15, 2021
85762c0
Merge remote-tracking branch 'upstream/master'
sekulicd Sep 13, 2021
36dd71b
define psetv2 format
sekulicd Sep 29, 2021
1d36428
pset desr - untested version
sekulicd Oct 7, 2021
423f3a8
fixes added - not verified
sekulicd Oct 7, 2021
8a96dfe
validation
sekulicd Oct 8, 2021
035fcdc
first version passing test case
sekulicd Oct 8, 2021
973a426
psetv2 serialization
sekulicd Oct 15, 2021
0ef8afa
refactor
sekulicd Oct 19, 2021
3c9c361
creator and constructor role
sekulicd Oct 27, 2021
46db8c1
blinder role
sekulicd Nov 17, 2021
b49e4cf
updater role
sekulicd Nov 17, 2021
9cb2ce3
signer
sekulicd Nov 25, 2021
0abcdf2
fix
sekulicd Nov 26, 2021
5b595b1
add nigiri gh action
sekulicd Nov 26, 2021
9cf1341
separate signer role from updater
sekulicd Nov 26, 2021
cc874fa
finalizer role added
sekulicd Nov 26, 2021
0415d30
extractor role added
sekulicd Nov 29, 2021
36c5642
Merge remote-tracking branch 'upstream/master' into psetv2-signer
sekulicd Nov 29, 2021
4fe15d4
fix timelock validation
sekulicd Nov 29, 2021
c0686e1
signer validation added
sekulicd Nov 30, 2021
a6028db
CreateAssetBlindProof
sekulicd Dec 1, 2021
50b9823
decouple psetv2 from confidential
sekulicd Dec 1, 2021
5495d3f
decouple blindProofsValid from confidential pkg
sekulicd Dec 1, 2021
1ef3cb6
verify blinding, pset to unsigned tx, bugs
sekulicd Dec 10, 2021
f557b75
bug fixing
sekulicd Dec 14, 2021
9ea6b91
fix bugs
sekulicd Dec 15, 2021
84e7ac7
fix bug
sekulicd Dec 16, 2021
24e6431
fix ComputeAndAddToScalarOffset bug
sekulicd Dec 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions confidential/blind_service.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ func (b blinder) RangeProof(
exp int,
minBits int,
) ([]byte, error) {

rangeProofArgs := RangeProofArgs{
Value: value,
Nonce: nonce,
Expand Down
165 changes: 138 additions & 27 deletions confidential/confidential.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -606,14 +606,26 @@ func CalculateScalarOffset(
) ([]byte, error) {
var result []byte

var ab []byte
if assetBlinder != nil {
ab = make([]byte, len(assetBlinder))
copy(ab, assetBlinder)
}

var vb []byte
if valueBlinder != nil {
vb = make([]byte, len(valueBlinder))
copy(vb, valueBlinder)
}

ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)

if assetBlinder == nil {
return valueBlinder, nil
if ab == nil {
return vb, nil
}

result = assetBlinder
result = ab

val := make([]byte, 32)
binary.BigEndian.PutUint64(val[24:], amount)
Expand All @@ -625,11 +637,11 @@ func CalculateScalarOffset(
return nil, ErrPrivKeyMult
}

if valueBlinder == nil {
if vb == nil {
return nil, ErrInvalidValueBlinder
}

r, err = secp256k1.EcPrivKeyTweakAdd(ctx, result, valueBlinder)
r, err = secp256k1.EcPrivKeyTweakAdd(ctx, result, vb)
if err != nil {
return nil, err
}
Expand All @@ -642,14 +654,26 @@ func CalculateScalarOffset(

// SubtractScalars subtract b from a in place
func SubtractScalars(a []byte, b []byte) ([]byte, error) {
var aa []byte
if a != nil {
aa = make([]byte, len(a))
copy(aa, a)
}

var bb []byte
if b != nil {
bb = make([]byte, len(b))
copy(bb, b)
}

ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)

if b == nil {
return a, nil
}

r, err := secp256k1.EcPrivKeyNegate(ctx, b)
r, err := secp256k1.EcPrivKeyNegate(ctx, bb)
if err != nil {
return nil, err
}
Expand All @@ -661,7 +685,7 @@ func SubtractScalars(a []byte, b []byte) ([]byte, error) {
return b, nil
}

r, err = secp256k1.EcPrivKeyTweakAdd(ctx, a, b)
r, err = secp256k1.EcPrivKeyTweakAdd(ctx, aa, bb)
if err != nil {
return nil, err
}
Expand All @@ -679,24 +703,42 @@ func ComputeAndAddToScalarOffset(
assetBlinder []byte,
valueBlinder []byte,
) ([]byte, error) {
var s []byte
if scalar != nil {
s = make([]byte, len(scalar))
copy(s, scalar)
}

var ab []byte
if assetBlinder != nil {
ab = make([]byte, len(assetBlinder))
copy(ab, assetBlinder)
}

var vb []byte
if valueBlinder != nil {
vb = make([]byte, len(valueBlinder))
copy(vb, valueBlinder)
}

// If both asset and value blinders are null, 0 is added to the offset, so nothing actually happens
if assetBlinder == nil && valueBlinder == nil {
return scalar, nil
if ab == nil && vb == nil {
return s, nil
}

scalarOffset, err := CalculateScalarOffset(value, assetBlinder, valueBlinder)
scalarOffset, err := CalculateScalarOffset(value, ab, vb)
if err != nil {
return nil, err
}

// When we start out, the result (a) is 0, so just set it to the scalar we just computed.
if scalar == nil {
if s == nil {
return scalarOffset, nil
} else {
// If we have a, then add the scalar to it.
ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)
r, err := secp256k1.EcPrivKeyTweakAdd(ctx, scalar, scalarOffset)
r, err := secp256k1.EcPrivKeyTweakAdd(ctx, s, scalarOffset)
if err != nil {
return nil, err
}
Expand All @@ -715,6 +757,24 @@ func CreateBlindValueProof(
valueCommitment []byte,
assetCommitment []byte,
) ([]byte, error) {
var vbf []byte
if valueBlindingFactor != nil {
vbf = make([]byte, len(valueBlindingFactor))
copy(vbf, valueBlindingFactor)
}

var vc []byte
if valueCommitment != nil {
vc = make([]byte, len(valueCommitment))
copy(vc, valueCommitment)
}

var ac []byte
if assetCommitment != nil {
ac = make([]byte, len(assetCommitment))
copy(ac, assetCommitment)
}

ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)

Expand All @@ -726,18 +786,18 @@ func CreateBlindValueProof(
var nonce [32]byte
copy(nonce[:], r)

commit, err := secp256k1.CommitmentParse(ctx, valueCommitment)
commit, err := secp256k1.CommitmentParse(ctx, vc)
if err != nil {
return nil, err
}

gen, err := secp256k1.GeneratorParse(ctx, assetCommitment)
gen, err := secp256k1.GeneratorParse(ctx, ac)
if err != nil {
return nil, err
}

var vbf32 [32]byte
copy(vbf32[:], valueBlindingFactor)
copy(vbf32[:], vbf)

return secp256k1.RangeProofSign(
ctx,
Expand All @@ -759,10 +819,28 @@ func CreateBlindAssetProof(
assetCommitment []byte,
assetBlinder []byte,
) ([]byte, error) {
var a []byte
if asset != nil {
a = make([]byte, len(asset))
copy(a, asset)
}

var ac []byte
if assetCommitment != nil {
ac = make([]byte, len(assetCommitment))
copy(ac, assetCommitment)
}

var ab []byte
if assetBlinder != nil {
ab = make([]byte, len(assetBlinder))
copy(ab, assetBlinder)
}

ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)

fixedAssetTag, err := secp256k1.FixedAssetTagParse(asset)
fixedAssetTag, err := secp256k1.FixedAssetTagParse(a)
if err != nil {
return nil, err
}
Expand All @@ -781,13 +859,13 @@ func CreateBlindAssetProof(
return nil, err
}

gen, err := secp256k1.GeneratorGenerate(ctx, asset)
gen, err := secp256k1.GeneratorGenerate(ctx, a)
if err != nil {
return nil, err
}
assetGen := []*secp256k1.Generator{gen}

blindedAssetGen, err := secp256k1.GeneratorParse(ctx, assetCommitment)
blindedAssetGen, err := secp256k1.GeneratorParse(ctx, ac)
if err != nil {
return nil, err
}
Expand All @@ -799,7 +877,7 @@ func CreateBlindAssetProof(
blindedAssetGen,
inputIndex,
Zero,
assetBlinder,
ab,
)
if err != nil {
return nil, err
Expand All @@ -811,7 +889,7 @@ func CreateBlindAssetProof(
assetGen,
blindedAssetGen,
) {
return nil, err
return nil, errors.New("invalid surjection proof")
}

return proof.Bytes(), nil
Expand All @@ -823,22 +901,40 @@ func VerifyBlindValueProof(
blindValueProof []byte,
assetCommitment []byte,
) (bool, error) {
var vc []byte
if valueCommitment != nil {
vc = make([]byte, len(valueCommitment))
copy(vc, valueCommitment)
}

var bvp []byte
if blindValueProof != nil {
bvp = make([]byte, len(blindValueProof))
copy(bvp, blindValueProof)
}

var ac []byte
if assetCommitment != nil {
ac = make([]byte, len(assetCommitment))
copy(ac, assetCommitment)
}

ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)

commitment, err := secp256k1.CommitmentParse(ctx, valueCommitment)
commitment, err := secp256k1.CommitmentParse(ctx, vc)
if err != nil {
return false, err
}

assetGenerator, err := secp256k1.GeneratorParse(ctx, assetCommitment)
assetGenerator, err := secp256k1.GeneratorParse(ctx, ac)
if err != nil {
return false, err
}

valid, minValue, _ := secp256k1.RangeProofVerify(
ctx,
blindValueProof,
bvp,
commitment,
nil,
assetGenerator,
Expand All @@ -852,15 +948,27 @@ func VerifyBlindAssetProof(
blindAssetProof []byte,
assetCommitment []byte,
) (bool, error) {
var bap []byte
if blindAssetProof != nil {
bap = make([]byte, len(blindAssetProof))
copy(bap, blindAssetProof)
}

var ac []byte
if assetCommitment != nil {
ac = make([]byte, len(assetCommitment))
copy(ac, assetCommitment)
}

ctx, _ := secp256k1.ContextCreate(secp256k1.ContextBoth)
defer secp256k1.ContextDestroy(ctx)

surjectionProof, err := secp256k1.SurjectionProofParse(ctx, blindAssetProof)
surjectionProof, err := secp256k1.SurjectionProofParse(ctx, bap)
if err != nil {
return false, err
}

blindAssetGen, err := secp256k1.GeneratorParse(ctx, assetCommitment)
blindAssetGen, err := secp256k1.GeneratorParse(ctx, ac)
if err != nil {
return false, err
}
Expand All @@ -871,6 +979,9 @@ func VerifyBlindAssetProof(
}
generators := []*secp256k1.Generator{assetGen}

secp256k1.SurjectionProofVerify(ctx, surjectionProof, generators, blindAssetGen)
return false, nil
if !secp256k1.SurjectionProofVerify(ctx, surjectionProof, generators, blindAssetGen) {
return false, nil
}

return true, nil
}
Loading