package bulletproofs import ( "cwtch.im/tapir/primitives/core" "encoding/hex" "encoding/json" "git.openprivacy.ca/openprivacy/libricochet-go/log" "github.com/gtank/ristretto255" "golang.org/x/crypto/sha3" "testing" ) func TestProove(t *testing.T) { log.SetLevel(log.LevelDebug) proverTranscript := core.NewTranscript("rangeproof") verifierTranscript := core.NewTranscript("rangeproof") rangeproof, _ := GenerateRangeProof(10, Setup(32, proverTranscript), proverTranscript) if VerifyRangeProof(rangeproof, Setup(32, verifierTranscript), verifierTranscript) == true { t.Logf("Range Proof Passed!") t.Logf("%v\n\n%v\n", proverTranscript.OutputTranscriptToAudit(), verifierTranscript.OutputTranscriptToAudit()) jsonProof, _ := json.Marshal(rangeproof) t.Logf("RangeProof: %s", jsonProof) } else { t.Logf("%v\n\n%v\n", proverTranscript.OutputTranscriptToAudit(), verifierTranscript.OutputTranscriptToAudit()) t.Fatalf("Failed to Verify Range Proof") } } func byteToPoint(in []byte) *ristretto255.Element { element := ristretto255.NewElement() element.Decode(in) return element } func byteToScalar(in []byte) *ristretto255.Scalar { scalar := ristretto255.NewScalar() scalar.Decode(in[0:32]) return scalar } func decodeInnerProduct(in []byte) *InnerProductProof { num_elements := len(in) / 32 lg_n := (num_elements - 2) / 2 lvec := make(core.PointVector, lg_n) rvec := make(core.PointVector, lg_n) for i := 0; i < lg_n; i++ { pos := 2 * i * 32 lvec[i] = byteToPoint(in[pos : pos+32]) rvec[i] = byteToPoint(in[pos+32 : pos+64]) } pos := 2 * lg_n * 32 a := byteToScalar(in[pos : pos+32]) b := byteToScalar(in[pos+32 : pos+64]) return &InnerProductProof{lvec, rvec, a, b} } func TestDalek(t *testing.T) { log.SetLevel(log.LevelDebug) t.Logf("Testing dalek-cryptography bulletproofs test vector...") rp, _ := hex.DecodeString("46b6ea8b6a9710c41c2622d4b353dbcf5f89afe8ed66c469f192bec19dc71d23c0442827f97fc9085a89caa87d294b0a21e7b8957732ec4951f6bf7d3aa2c66e7af3b7b956c7dcb3bed1223575a217a30642b603b6bf1d4138ed95e3458c524510b42c8d82958f40b447a84242b1ba1eeea54013f80bad643048eeb0b17c292a057cb6ae1c42338837c05eaa6336a17d60fa141204e015a1df15b28c1318c709d7eb35569cde89c0bf37eace54880a151498b38da54c6d739564f46f01b73601e518355ea06c9ef58a45fcb3baadbd1ac54e0838c471a6b91845f123d569fa0c46ef94471b7b826230e8576146beec08ac3e6683998815c576581f4c0e493433480f95f6495210636eaa2e32b577e1c363e35e522db85b18a56d57eb626f9e2b50578e0d7ee7b74b328e158b366bb9d117db725820a2fec3b1508212d75823345a801c0b602bfa05919d7e3bb8e71944587072badc363f334b08ba90d13e077ad24b82bacd51fc668d2b880daabd3b87e6bdc9584af66523026a30aadfc359283891bb65cca502f47421ffeee1fb5a5237bfa965b66a8b8ca5d6954f4f8222244c6a5340dc81e8d781d092cae2a763f185dd0b89965b1dd2506807b5d3e5a305fd9a68e60b91389dcffae6f85538713aa7ed272b8174e2f0b9730ebb6c464d06") t.Logf("Deserializing dalek-cryptography bulletproofs test vector...%x", rp) A := byteToPoint(rp[0:32]) S := byteToPoint(rp[32:64]) T1 := byteToPoint(rp[64:96]) T2 := byteToPoint(rp[96:128]) TX := byteToScalar(rp[128:160]) TX_blinding := byteToScalar(rp[160:192]) micro := byteToScalar(rp[192 : 192+32]) ipp := decodeInnerProduct(rp[192+32:]) vbytes := []string{ "90b0c2fe57934dff9f5396e135e7d72b82b3c5393e1843178918eb2cf28a5f3c", "74256a3e2a7fe948210c4095195ae4db3e3498c6c5fddc2afb226c0f1e97e468", "7e348def6d03dc7bcbe7e03736ca2898e2efa9f6ff8ae4ed1cb5252ec1744075", "861859f5d4c14f5d6d7ad88dcf43c9a98064a7d8702ffc9bad9eba2ed766702a", "4c09b1260c833fefe25b1c3d3becc80979beca5e864d57fcb410bb15c7ba5c14", "08cf26bfdf2e6b731536f5e48b4c0ac7b5fc846d36aaa3fe0d28f07c207f0814", "a6e2d1c2770333c9a8a5ac10d9eb28e8609d5954428261335b2fd6ff0e0e8d69", "30beef3b58fd2c18dde771d5c77e32f8dc01361e284aef517bce54a5c74c4665", } V := make([]*ristretto255.Element, len(vbytes)) for i, v := range vbytes { V[i] = ristretto255.NewElement() vdec, _ := hex.DecodeString(v) V[i].Decode(vdec) } rangeProof := RangeProof{A, S, T1, T2, TX_blinding, TX, micro, *ipp, V[0:1]} json, _ := json.Marshal(rangeProof) t.Logf("RangeProof: %s", json) t.Logf("Deserialized Range Proof: %s", json) t.Logf("Generating dalek-cryptography pedersen generators....") params := CommitmentsParams{} params.g = ristretto255.NewElement().Base() params.h = ristretto255.NewElement() h := sha3.Sum512(params.g.Encode([]byte{})) params.h = ristretto255.NewElement().FromUniformBytes(h[:]) params.max = 8 params.G = make(core.GeneratorVector, params.max) params.H = make(core.GeneratorVector, params.max) labelG := []byte{'G', 0, 0, 0, 0} shake := sha3.NewShake256() shake.Write([]byte("GeneratorsChain")) shake.Write(labelG[:]) labelH := []byte{'H', 0, 0, 0, 0} shakeH := sha3.NewShake256() shakeH.Write([]byte("GeneratorsChain")) shakeH.Write(labelH[:]) t.Logf("Generating dalek-cryptography BP generators....") for i := 0; i < 8; i++ { b := make([]byte, 64) shake.Read(b) params.G[i] = ristretto255.NewElement() params.G[i].FromUniformBytes(b) //t.Logf("G: %x", params.G[i].Encode([]byte{})) bH := make([]byte, 64) shakeH.Read(bH) params.H[i] = ristretto255.NewElement() params.H[i].FromUniformBytes(bH) // t.Logf("H: %x", params.H[i].Encode([]byte{})) } //t.Logf("parmas: %v", params) verifierTranscript := core.NewTranscript("Deserialize-And-Verify Test") t.Logf("Verification Result: %v", VerifyRangeProof(rangeProof, params, verifierTranscript)) t.Logf("Transcript: %s\n", verifierTranscript.OutputTranscriptToAudit()) }