Core/grin
0
0
Fork 0
mirror of https://github.com/mimblewimble/grin.git synced 2025-01-21 03:21:08 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Refactor kernel sig msg creation (#1954)

Browse source 
* refactor kernel msg creation

* rustfmt

* Error not secp::Error

* fix tests for refactored errors
This commit is contained in:
Antioch Peverell 2018-11-10 16:24:11 +01:00 committed by GitHub
parent 29b2c3384c
commit 183d9c9f3e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 206 additions and 189 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
core/src/core/transaction.rs
View file

@ -21,6 +21,8 @@ use std::sync::Arc;
use std::{error, fmt}; use std::{error, fmt};
use util::RwLock; use util::RwLock;
use byteorder::{BigEndian, ByteOrder};
use consensus::{self, VerifySortOrder}; use consensus::{self, VerifySortOrder};
use core::hash::Hashed; use core::hash::Hashed;
use core::verifier_cache::VerifierCache; use core::verifier_cache::VerifierCache;
@ -28,9 +30,9 @@ use core::{committed, Committed};
use keychain::{self, BlindingFactor}; use keychain::{self, BlindingFactor};
use ser::{self, read_multi, FixedLength, PMMRable, Readable, Reader, Writeable, Writer}; use ser::{self, read_multi, FixedLength, PMMRable, Readable, Reader, Writeable, Writer};
use util; use util;
use util::secp;
use util::secp::pedersen::{Commitment, RangeProof}; use util::secp::pedersen::{Commitment, RangeProof};
use util::secp::{self, Message, Signature}; use util::static_secp_instance;
use util::{kernel_sig_msg, static_secp_instance};
bitflags! { bitflags! {
/// Options for a kernel's structure or use /// Options for a kernel's structure or use
@ -81,6 +83,8 @@ pub enum Error {
/// Validation error relating to kernel features. /// Validation error relating to kernel features.
/// It is invalid for a transaction to contain a coinbase kernel, for example. /// It is invalid for a transaction to contain a coinbase kernel, for example.
InvalidKernelFeatures, InvalidKernelFeatures,
/// Signature verification error.
IncorrectSignature,
} }
impl error::Error for Error { impl error::Error for Error {
@ -143,7 +147,7 @@ pub struct TxKernel {
pub excess: Commitment, pub excess: Commitment,
/// The signature proving the excess is a valid public key, which signs /// The signature proving the excess is a valid public key, which signs
/// the transaction fee. /// the transaction fee.
pub excess_sig: Signature, pub excess_sig: secp::Signature,
} }
hashable_ord!(TxKernel); hashable_ord!(TxKernel);
@ -179,7 +183,7 @@ impl Readable for TxKernel {
fee: reader.read_u64()?, fee: reader.read_u64()?,
lock_height: reader.read_u64()?, lock_height: reader.read_u64()?,
excess: Commitment::read(reader)?, excess: Commitment::read(reader)?,
excess_sig: Signature::read(reader)?, excess_sig: secp::Signature::read(reader)?,
}) })
} }
} }
@ -190,11 +194,17 @@ impl TxKernel {
self.excess self.excess
} }
/// The msg signed as part of the tx kernel.
/// Consists of the fee and the lock_height.
pub fn msg_to_sign(&self) -> Result<secp::Message, Error> {
let msg = kernel_sig_msg(self.fee, self.lock_height)?;
Ok(msg)
}
/// Verify the transaction proof validity. Entails handling the commitment /// Verify the transaction proof validity. Entails handling the commitment
/// as a public key and checking the signature verifies with the fee as /// as a public key and checking the signature verifies with the fee as
/// message. /// message.
pub fn verify(&self) -> Result<(), secp::Error> { pub fn verify(&self) -> Result<(), Error> {
let msg = Message::from_slice(&kernel_sig_msg(self.fee, self.lock_height))?;
let secp = static_secp_instance(); let secp = static_secp_instance();
let secp = secp.lock(); let secp = secp.lock();
let sig = &self.excess_sig; let sig = &self.excess_sig;
@ -203,14 +213,14 @@ impl TxKernel {
if !secp::aggsig::verify_single( if !secp::aggsig::verify_single(
&secp, &secp,
&sig, &sig,
&msg, &self.msg_to_sign()?,
None, None,
&pubkey, &pubkey,
Some(&pubkey), Some(&pubkey),
None, None,
false, false,
) { ) {
return Err(secp::Error::IncorrectSignature); return Err(Error::IncorrectSignature);
} }
Ok(()) Ok(())
} }
@ -222,7 +232,7 @@ impl TxKernel {
fee: 0, fee: 0,
lock_height: 0, lock_height: 0,
excess: Commitment::from_vec(vec![0; 33]), excess: Commitment::from_vec(vec![0; 33]),
excess_sig: Signature::from_raw_data(&[0; 64]).unwrap(), excess_sig: secp::Signature::from_raw_data(&[0; 64]).unwrap(),
} }
} }
@ -1194,6 +1204,15 @@ impl Readable for OutputIdentifier {
} }
} }
/// Construct msg from tx fee and lock_height.
pub fn kernel_sig_msg(fee: u64, lock_height: u64) -> Result<secp::Message, Error> {
let mut bytes = [0; 32];
BigEndian::write_u64(&mut bytes[16..24], fee);
BigEndian::write_u64(&mut bytes[24..], lock_height);
let msg = secp::Message::from_slice(&bytes)?;
Ok(msg)
}
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use super::*; use super::*;

2
core/tests/core.rs
View file

@ -75,7 +75,7 @@ fn tx_double_ser_deser() {
} }
#[test] #[test]
#[should_panic(expected = "InvalidSecretKey")] #[should_panic(expected = "Keychain Error")]
fn test_zero_commit_fails() { fn test_zero_commit_fails() {
let keychain = ExtKeychain::from_random_seed().unwrap(); let keychain = ExtKeychain::from_random_seed().unwrap();
let key_id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0); let key_id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);

9
util/src/lib.rs
View file

@ -58,7 +58,6 @@ pub use types::{LogLevel, LoggingConfig};
pub mod macros; pub mod macros;
// other utils // other utils
use byteorder::{BigEndian, ByteOrder};
#[allow(unused_imports)] #[allow(unused_imports)]
use std::ops::Deref; use std::ops::Deref;
use std::sync::Arc; use std::sync::Arc;
@ -113,14 +112,6 @@ where
} }
} }
/// Construct msg bytes from tx fee and lock_height
pub fn kernel_sig_msg(fee: u64, lock_height: u64) -> [u8; 32] {
let mut bytes = [0; 32];
BigEndian::write_u64(&mut bytes[16..24], fee);
BigEndian::write_u64(&mut bytes[24..], lock_height);
bytes
}
/// Encode an utf8 string to a base64 string /// Encode an utf8 string to a base64 string
pub fn to_base64(s: &str) -> String { pub fn to_base64(s: &str) -> String {
base64::encode(s) base64::encode(s)

212
util/src/macros.rs
View file

@ -30,122 +30,138 @@
#[macro_export] #[macro_export]
macro_rules! impl_array_newtype { macro_rules! impl_array_newtype {
($thing:ident, $ty:ty, $len:expr) => { ($thing:ident, $ty:ty, $len:expr) => {
impl $thing { impl $thing {
#[inline] #[inline]
/// Converts the object to a raw pointer /// Converts the object to a raw pointer
pub fn as_ptr(&self) -> *const $ty { pub fn as_ptr(&self) -> *const $ty {
let &$thing(ref dat) = self; let &$thing(ref dat) = self;
dat.as_ptr() dat.as_ptr()
} }
#[inline] #[inline]
/// Converts the object to a mutable raw pointer /// Converts the object to a mutable raw pointer
pub fn as_mut_ptr(&mut self) -> *mut $ty { pub fn as_mut_ptr(&mut self) -> *mut $ty {
let &mut $thing(ref mut dat) = self; let &mut $thing(ref mut dat) = self;
dat.as_mut_ptr() dat.as_mut_ptr()
} }
#[inline] #[inline]
/// Returns the length of the object as an array /// Returns the length of the object as an array
pub fn len(&self) -> usize { $len } pub fn len(&self) -> usize {
$len
}
#[inline] #[inline]
/// Returns whether the object, as an array, is empty. Always false. /// Returns whether the object, as an array, is empty. Always false.
pub fn is_empty(&self) -> bool { false } pub fn is_empty(&self) -> bool {
false
}
#[inline] #[inline]
/// Returns the underlying bytes. /// Returns the underlying bytes.
pub fn as_bytes(&self) -> &[$ty; $len] { &self.0 } pub fn as_bytes(&self) -> &[$ty; $len] {
&self.0
}
#[inline] #[inline]
/// Returns the underlying bytes. /// Returns the underlying bytes.
pub fn to_bytes(&self) -> [$ty; $len] { self.0.clone() } pub fn to_bytes(&self) -> [$ty; $len] {
self.0.clone()
}
#[inline] #[inline]
/// Returns the underlying bytes. /// Returns the underlying bytes.
pub fn into_bytes(self) -> [$ty; $len] { self.0 } pub fn into_bytes(self) -> [$ty; $len] {
} self.0
}
}
impl<'a> From<&'a [$ty]> for $thing { impl<'a> From<&'a [$ty]> for $thing {
fn from(data: &'a [$ty]) -> $thing { fn from(data: &'a [$ty]) -> $thing {
assert_eq!(data.len(), $len); assert_eq!(data.len(), $len);
let mut ret = [0; $len]; let mut ret = [0; $len];
ret.copy_from_slice(&data[..]); ret.copy_from_slice(&data[..]);
$thing(ret) $thing(ret)
} }
} }
impl ::std::ops::Index<usize> for $thing { impl ::std::ops::Index<usize> for $thing {
type Output = $ty; type Output = $ty;
#[inline] #[inline]
fn index(&self, index: usize) -> &$ty { fn index(&self, index: usize) -> &$ty {
let &$thing(ref dat) = self; let &$thing(ref dat) = self;
&dat[index] &dat[index]
} }
} }
impl_index_newtype!($thing, $ty); impl_index_newtype!($thing, $ty);
impl PartialEq for $thing { impl PartialEq for $thing {
#[inline] #[inline]
fn eq(&self, other: &$thing) -> bool { fn eq(&self, other: &$thing) -> bool {
&self[..] == &other[..] &self[..] == &other[..]
} }
} }
impl Eq for $thing {} impl Eq for $thing {}
impl PartialOrd for $thing { impl PartialOrd for $thing {
#[inline] #[inline]
fn partial_cmp(&self, other: &$thing) -> Option<::std::cmp::Ordering> { fn partial_cmp(&self, other: &$thing) -> Option<::std::cmp::Ordering> {
Some(self.cmp(&other)) Some(self.cmp(&other))
} }
} }
impl Ord for $thing { impl Ord for $thing {
#[inline] #[inline]
fn cmp(&self, other: &$thing) -> ::std::cmp::Ordering { fn cmp(&self, other: &$thing) -> ::std::cmp::Ordering {
// manually implement comparison to get little-endian ordering // manually implement comparison to get little-endian ordering
// (we need this for our numeric types; non-numeric ones shouldn't // (we need this for our numeric types; non-numeric ones shouldn't
// be ordered anyway except to put them in BTrees or whatever, and // be ordered anyway except to put them in BTrees or whatever, and
// they don't care how we order as long as we're consisistent). // they don't care how we order as long as we're consisistent).
for i in 0..$len { for i in 0..$len {
if self[$len - 1 - i] < other[$len - 1 - i] { return ::std::cmp::Ordering::Less; } if self[$len - 1 - i] < other[$len - 1 - i] {
if self[$len - 1 - i] > other[$len - 1 - i] { return ::std::cmp::Ordering::Greater; } return ::std::cmp::Ordering::Less;
} }
::std::cmp::Ordering::Equal if self[$len - 1 - i] > other[$len - 1 - i] {
} return ::std::cmp::Ordering::Greater;
} }
}
::std::cmp::Ordering::Equal
}
}
#[cfg_attr(feature = "clippy", allow(expl_impl_clone_on_copy))] // we don't define the `struct`, we have to explicitly impl #[cfg_attr(feature = "clippy", allow(expl_impl_clone_on_copy))] // we don't define the `struct`, we have to explicitly impl
impl Clone for $thing { impl Clone for $thing {
#[inline] #[inline]
fn clone(&self) -> $thing { fn clone(&self) -> $thing {
$thing::from(&self[..]) $thing::from(&self[..])
} }
} }
impl Copy for $thing {} impl Copy for $thing {}
impl ::std::hash::Hash for $thing { impl ::std::hash::Hash for $thing {
#[inline] #[inline]
fn hash<H>(&self, state: &mut H) fn hash<H>(&self, state: &mut H)
where H: ::std::hash::Hasher where
{ H: ::std::hash::Hasher,
(&self[..]).hash(state); {
} (&self[..]).hash(state);
}
fn hash_slice<H>(data: &[$thing], state: &mut H) fn hash_slice<H>(data: &[$thing], state: &mut H)
where H: ::std::hash::Hasher where
{ H: ::std::hash::Hasher,
for d in data.iter() { {
(&d[..]).hash(state); for d in data.iter() {
} (&d[..]).hash(state);
} }
} }
} }
};
} }
#[macro_export] #[macro_export]

20
wallet/src/libtx/aggsig.rs
View file

@ -13,9 +13,9 @@
// limitations under the License. // limitations under the License.
//! Aggsig helper functions used in transaction creation.. should be only //! Aggsig helper functions used in transaction creation.. should be only
//! interface into the underlying secp library //! interface into the underlying secp library
use keychain::{BlindingFactor, Identifier, Keychain}; use keychain::{BlindingFactor, Identifier, Keychain};
use libtx::error::{Error, ErrorKind}; use libtx::error::{Error, ErrorKind};
use util::kernel_sig_msg;
use util::secp::key::{PublicKey, SecretKey}; use util::secp::key::{PublicKey, SecretKey};
use util::secp::pedersen::Commitment; use util::secp::pedersen::Commitment;
use util::secp::{self, aggsig, Message, Secp256k1, Signature}; use util::secp::{self, aggsig, Message, Secp256k1, Signature};
@ -34,12 +34,8 @@ pub fn calculate_partial_sig(
sec_nonce: &SecretKey, sec_nonce: &SecretKey,
nonce_sum: &PublicKey, nonce_sum: &PublicKey,
pubkey_sum: Option<&PublicKey>, pubkey_sum: Option<&PublicKey>,
fee: u64, msg: &secp::Message,
lock_height: u64,
) -> Result<Signature, Error> { ) -> Result<Signature, Error> {
// Add public nonces kR*G + kS*G
let msg = secp::Message::from_slice(&kernel_sig_msg(fee, lock_height))?;
//Now calculate signature using message M=fee, nonce in e=nonce_sum //Now calculate signature using message M=fee, nonce in e=nonce_sum
let sig = aggsig::sign_single( let sig = aggsig::sign_single(
secp, secp,
@ -61,10 +57,8 @@ pub fn verify_partial_sig(
pub_nonce_sum: &PublicKey, pub_nonce_sum: &PublicKey,
pubkey: &PublicKey, pubkey: &PublicKey,
pubkey_sum: Option<&PublicKey>, pubkey_sum: Option<&PublicKey>,
fee: u64, msg: &secp::Message,
lock_height: u64,
) -> Result<(), Error> { ) -> Result<(), Error> {
let msg = secp::Message::from_slice(&kernel_sig_msg(fee, lock_height))?;
if !verify_single( if !verify_single(
secp, secp,
sig, sig,
@ -114,7 +108,7 @@ pub fn verify_single_from_commit(
commit: &Commitment, commit: &Commitment,
) -> Result<(), Error> { ) -> Result<(), Error> {
let pubkey = commit.to_pubkey(secp)?; let pubkey = commit.to_pubkey(secp)?;
if !verify_single(secp, sig, &msg, None, &pubkey, Some(&pubkey), false) { if !verify_single(secp, sig, msg, None, &pubkey, Some(&pubkey), false) {
Err(ErrorKind::Signature( Err(ErrorKind::Signature(
"Signature validation error".to_string(), "Signature validation error".to_string(),
))? ))?
@ -128,11 +122,9 @@ pub fn verify_sig_build_msg(
sig: &Signature, sig: &Signature,
pubkey: &PublicKey, pubkey: &PublicKey,
pubkey_sum: Option<&PublicKey>, pubkey_sum: Option<&PublicKey>,
fee: u64, msg: &secp::Message,
lock_height: u64,
) -> Result<(), Error> { ) -> Result<(), Error> {
let msg = secp::Message::from_slice(&kernel_sig_msg(fee, lock_height))?; if !verify_single(secp, sig, msg, None, pubkey, pubkey_sum, true) {
if !verify_single(secp, sig, &msg, None, pubkey, pubkey_sum, true) {
Err(ErrorKind::Signature( Err(ErrorKind::Signature(
"Signature validation error".to_string(), "Signature validation error".to_string(),
))? ))?

14
wallet/src/libtx/build.rs
View file

@ -25,10 +25,9 @@
//! build::transaction(vec![input_rand(75), output_rand(42), output_rand(32), //! build::transaction(vec![input_rand(75), output_rand(42), output_rand(32),
//! with_fee(1)]) //! with_fee(1)])
use util::{kernel_sig_msg, secp};
use core::core::{Input, Output, OutputFeatures, Transaction, TxKernel}; use core::core::{Input, Output, OutputFeatures, Transaction, TxKernel};
use keychain::{self, BlindSum, BlindingFactor, Identifier, Keychain}; use keychain::{BlindSum, BlindingFactor, Identifier, Keychain};
use libtx::Error;
use libtx::{aggsig, proof}; use libtx::{aggsig, proof};
/// Context information available to transaction combinators. /// Context information available to transaction combinators.
@ -187,7 +186,7 @@ where
pub fn partial_transaction<K>( pub fn partial_transaction<K>(
elems: Vec<Box<Append<K>>>, elems: Vec<Box<Append<K>>>,
keychain: &K, keychain: &K,
) -> Result<(Transaction, BlindingFactor), keychain::Error> ) -> Result<(Transaction, BlindingFactor), Error>
where where
K: Keychain, K: Keychain,
{ {
@ -207,10 +206,7 @@ where
} }
/// Builds a complete transaction. /// Builds a complete transaction.
pub fn transaction<K>( pub fn transaction<K>(elems: Vec<Box<Append<K>>>, keychain: &K) -> Result<Transaction, Error>
elems: Vec<Box<Append<K>>>,
keychain: &K,
) -> Result<Transaction, keychain::Error>
where where
K: Keychain, K: Keychain,
{ {
@ -227,7 +223,7 @@ where
let k2 = split.blind_2; let k2 = split.blind_2;
// Construct the message to be signed. // Construct the message to be signed.
let msg = secp::Message::from_slice(&kernel_sig_msg(kern.fee, kern.lock_height))?; let msg = kern.msg_to_sign()?;
// Generate kernel excess and excess_sig using the split key k1. // Generate kernel excess and excess_sig using the split key k1.
let skey = k1.secret_key(&keychain.secp())?; let skey = k1.secret_key(&keychain.secp())?;

5
wallet/src/libtx/reward.rs
View file

@ -17,11 +17,12 @@
use keychain::{Identifier, Keychain}; use keychain::{Identifier, Keychain};
use core::consensus::reward; use core::consensus::reward;
use core::core::transaction::kernel_sig_msg;
use core::core::KernelFeatures; use core::core::KernelFeatures;
use core::core::{Output, OutputFeatures, TxKernel}; use core::core::{Output, OutputFeatures, TxKernel};
use libtx::error::Error; use libtx::error::Error;
use libtx::{aggsig, proof}; use libtx::{aggsig, proof};
use util::{kernel_sig_msg, secp, static_secp_instance}; use util::static_secp_instance;
/// output a reward output /// output a reward output
pub fn output<K>( pub fn output<K>(
@ -59,7 +60,7 @@ where
// not the lock_height of the tx (there is no tx for a coinbase output). // not the lock_height of the tx (there is no tx for a coinbase output).
// This output will not be spendable earlier than lock_height (and we sign this // This output will not be spendable earlier than lock_height (and we sign this
// here). // here).
let msg = secp::Message::from_slice(&kernel_sig_msg(0, height))?; let msg = kernel_sig_msg(0, height)?;
let sig = aggsig::sign_from_key_id(&secp, keychain, &msg, &key_id, Some(&pubkey))?; let sig = aggsig::sign_from_key_id(&secp, keychain, &msg, &key_id, Some(&pubkey))?;
let proof = TxKernel { let proof = TxKernel {

19
wallet/src/libtx/slate.rs
View file

@ -17,10 +17,10 @@
use rand::thread_rng; use rand::thread_rng;
use std::sync::Arc; use std::sync::Arc;
use util::RwLock;
use uuid::Uuid; use uuid::Uuid;
use core::core::committed::Committed; use core::core::committed::Committed;
use core::core::transaction::kernel_sig_msg;
use core::core::verifier_cache::LruVerifierCache; use core::core::verifier_cache::LruVerifierCache;
use core::core::{amount_to_hr_string, Transaction}; use core::core::{amount_to_hr_string, Transaction};
use keychain::{BlindSum, BlindingFactor, Keychain}; use keychain::{BlindSum, BlindingFactor, Keychain};
@ -30,6 +30,7 @@ use libtx::{aggsig, build, tx_fee};
use util::secp; use util::secp;
use util::secp::key::{PublicKey, SecretKey}; use util::secp::key::{PublicKey, SecretKey};
use util::secp::Signature; use util::secp::Signature;
use util::RwLock;
/// Public data for each participant in the slate /// Public data for each participant in the slate
@ -144,6 +145,13 @@ impl Slate {
Ok(()) Ok(())
} }
// This is the msg that we will sign as part of the tx kernel.
// Currently includes the fee and the lock_height.
fn msg_to_sign(&self) -> Result<secp::Message, Error> {
let msg = kernel_sig_msg(self.fee, self.lock_height)?;
Ok(msg)
}
/// Completes caller's part of round 2, completing signatures /// Completes caller's part of round 2, completing signatures
pub fn fill_round_2<K>( pub fn fill_round_2<K>(
&mut self, &mut self,
@ -164,8 +172,7 @@ impl Slate {
sec_nonce, sec_nonce,
&self.pub_nonce_sum(keychain.secp())?, &self.pub_nonce_sum(keychain.secp())?,
Some(&self.pub_blind_sum(keychain.secp())?), Some(&self.pub_blind_sum(keychain.secp())?),
self.fee, &self.msg_to_sign()?,
self.lock_height,
)?; )?;
self.participant_data[participant_id].part_sig = Some(sig_part); self.participant_data[participant_id].part_sig = Some(sig_part);
Ok(()) Ok(())
@ -307,8 +314,7 @@ impl Slate {
&self.pub_nonce_sum(secp)?, &self.pub_nonce_sum(secp)?,
&p.public_blind_excess, &p.public_blind_excess,
Some(&self.pub_blind_sum(secp)?), Some(&self.pub_blind_sum(secp)?),
self.fee, &self.msg_to_sign()?,
self.lock_height,
)?; )?;
} }
} }
@ -352,8 +358,7 @@ impl Slate {
&final_sig, &final_sig,
&final_pubkey, &final_pubkey,
Some(&final_pubkey), Some(&final_pubkey),
self.fee, &self.msg_to_sign()?,
self.lock_height,
)?; )?;
Ok(final_sig) Ok(final_sig)

77
wallet/tests/libwallet.rs
View file

@ -20,9 +20,10 @@ extern crate grin_wallet as wallet;
extern crate rand; extern crate rand;
extern crate uuid; extern crate uuid;
use core::core::transaction::kernel_sig_msg;
use keychain::{BlindSum, BlindingFactor, ExtKeychain, Keychain}; use keychain::{BlindSum, BlindingFactor, ExtKeychain, Keychain};
use util::secp;
use util::secp::key::{PublicKey, SecretKey}; use util::secp::key::{PublicKey, SecretKey};
use util::{kernel_sig_msg, secp};
use wallet::libtx::{aggsig, proof}; use wallet::libtx::{aggsig, proof};
use wallet::libwallet::types::Context; use wallet::libwallet::types::Context;
@ -105,14 +106,14 @@ fn aggsig_sender_receiver_interaction() {
], ],
).unwrap(); ).unwrap();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_part = aggsig::calculate_partial_sig( let sig_part = aggsig::calculate_partial_sig(
&keychain.secp(), &keychain.secp(),
&rx_cx.sec_key, &rx_cx.sec_key,
&rx_cx.sec_nonce, &rx_cx.sec_nonce,
&pub_nonce_sum, &pub_nonce_sum,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
).unwrap(); ).unwrap();
(pub_excess, pub_nonce, sig_part) (pub_excess, pub_nonce, sig_part)
}; };
@ -121,14 +122,14 @@ fn aggsig_sender_receiver_interaction() {
// received in the response back from the receiver // received in the response back from the receiver
{ {
let keychain = sender_keychain.clone(); let keychain = sender_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_verifies = aggsig::verify_partial_sig( let sig_verifies = aggsig::verify_partial_sig(
&keychain.secp(), &keychain.secp(),
&rx_sig_part, &rx_sig_part,
&pub_nonce_sum, &pub_nonce_sum,
&receiver_pub_excess, &receiver_pub_excess,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
); );
assert!(!sig_verifies.is_err()); assert!(!sig_verifies.is_err());
} }
@ -136,14 +137,14 @@ fn aggsig_sender_receiver_interaction() {
// now sender signs with their key // now sender signs with their key
let sender_sig_part = { let sender_sig_part = {
let keychain = sender_keychain.clone(); let keychain = sender_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_part = aggsig::calculate_partial_sig( let sig_part = aggsig::calculate_partial_sig(
&keychain.secp(), &keychain.secp(),
&s_cx.sec_key, &s_cx.sec_key,
&s_cx.sec_nonce, &s_cx.sec_nonce,
&pub_nonce_sum, &pub_nonce_sum,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
).unwrap(); ).unwrap();
sig_part sig_part
}; };
@ -152,14 +153,14 @@ fn aggsig_sender_receiver_interaction() {
// received by the sender // received by the sender
{ {
let keychain = receiver_keychain.clone(); let keychain = receiver_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_verifies = aggsig::verify_partial_sig( let sig_verifies = aggsig::verify_partial_sig(
&keychain.secp(), &keychain.secp(),
&sender_sig_part, &sender_sig_part,
&pub_nonce_sum, &pub_nonce_sum,
&sender_pub_excess, &sender_pub_excess,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
); );
assert!(!sig_verifies.is_err()); assert!(!sig_verifies.is_err());
} }
@ -168,14 +169,14 @@ fn aggsig_sender_receiver_interaction() {
let (final_sig, final_pubkey) = { let (final_sig, final_pubkey) = {
let keychain = receiver_keychain.clone(); let keychain = receiver_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let our_sig_part = aggsig::calculate_partial_sig( let our_sig_part = aggsig::calculate_partial_sig(
&keychain.secp(), &keychain.secp(),
&rx_cx.sec_key, &rx_cx.sec_key,
&rx_cx.sec_nonce, &rx_cx.sec_nonce,
&pub_nonce_sum, &pub_nonce_sum,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
).unwrap(); ).unwrap();
// Receiver now generates final signature from the two parts // Receiver now generates final signature from the two parts
@ -200,6 +201,7 @@ fn aggsig_sender_receiver_interaction() {
// Receiver checks the final signature verifies // Receiver checks the final signature verifies
{ {
let keychain = receiver_keychain.clone(); let keychain = receiver_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
// Receiver check the final signature verifies // Receiver check the final signature verifies
let sig_verifies = aggsig::verify_sig_build_msg( let sig_verifies = aggsig::verify_sig_build_msg(
@ -207,8 +209,7 @@ fn aggsig_sender_receiver_interaction() {
&final_sig, &final_sig,
&final_pubkey, &final_pubkey,
Some(&final_pubkey), Some(&final_pubkey),
0, &msg,
0,
); );
assert!(!sig_verifies.is_err()); assert!(!sig_verifies.is_err());
} }
@ -216,9 +217,7 @@ fn aggsig_sender_receiver_interaction() {
// Check we can verify the sig using the kernel excess // Check we can verify the sig using the kernel excess
{ {
let keychain = ExtKeychain::from_random_seed().unwrap(); let keychain = ExtKeychain::from_random_seed().unwrap();
let msg = kernel_sig_msg(0, 0).unwrap();
let msg = secp::Message::from_slice(&kernel_sig_msg(0, 0)).unwrap();
let sig_verifies = let sig_verifies =
aggsig::verify_single_from_commit(&keychain.secp(), &final_sig, &msg, &kernel_excess); aggsig::verify_single_from_commit(&keychain.secp(), &final_sig, &msg, &kernel_excess);
@ -247,11 +246,11 @@ fn aggsig_sender_receiver_interaction_offset() {
let blinding_factor = keychain let blinding_factor = keychain
.blind_sum( .blind_sum(
&BlindSum::new() &BlindSum::new()
.sub_blinding_factor(BlindingFactor::from_secret_key(skey1)) .sub_blinding_factor(BlindingFactor::from_secret_key(skey1))
.add_blinding_factor(BlindingFactor::from_secret_key(skey2)) .add_blinding_factor(BlindingFactor::from_secret_key(skey2))
// subtract the kernel offset here like as would when // subtract the kernel offset here like as would when
// verifying a kernel signature // verifying a kernel signature
.sub_blinding_factor(BlindingFactor::from_secret_key(kernel_offset)), .sub_blinding_factor(BlindingFactor::from_secret_key(kernel_offset)),
).unwrap(); ).unwrap();
keychain keychain
@ -273,10 +272,10 @@ fn aggsig_sender_receiver_interaction_offset() {
let blinding_factor = keychain let blinding_factor = keychain
.blind_sum( .blind_sum(
&BlindSum::new() &BlindSum::new()
.sub_blinding_factor(BlindingFactor::from_secret_key(skey)) .sub_blinding_factor(BlindingFactor::from_secret_key(skey))
// subtract the kernel offset to create an aggsig context // subtract the kernel offset to create an aggsig context
// with our "split" key // with our "split" key
.sub_blinding_factor(BlindingFactor::from_secret_key(kernel_offset)), .sub_blinding_factor(BlindingFactor::from_secret_key(kernel_offset)),
).unwrap(); ).unwrap();
let blind = blinding_factor.secret_key(&keychain.secp()).unwrap(); let blind = blinding_factor.secret_key(&keychain.secp()).unwrap();
@ -314,14 +313,14 @@ fn aggsig_sender_receiver_interaction_offset() {
], ],
).unwrap(); ).unwrap();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_part = aggsig::calculate_partial_sig( let sig_part = aggsig::calculate_partial_sig(
&keychain.secp(), &keychain.secp(),
&rx_cx.sec_key, &rx_cx.sec_key,
&rx_cx.sec_nonce, &rx_cx.sec_nonce,
&pub_nonce_sum, &pub_nonce_sum,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
).unwrap(); ).unwrap();
(pub_excess, pub_nonce, sig_part) (pub_excess, pub_nonce, sig_part)
}; };
@ -330,14 +329,14 @@ fn aggsig_sender_receiver_interaction_offset() {
// received in the response back from the receiver // received in the response back from the receiver
{ {
let keychain = sender_keychain.clone(); let keychain = sender_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_verifies = aggsig::verify_partial_sig( let sig_verifies = aggsig::verify_partial_sig(
&keychain.secp(), &keychain.secp(),
&sig_part, &sig_part,
&pub_nonce_sum, &pub_nonce_sum,
&receiver_pub_excess, &receiver_pub_excess,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
); );
assert!(!sig_verifies.is_err()); assert!(!sig_verifies.is_err());
} }
@ -345,14 +344,14 @@ fn aggsig_sender_receiver_interaction_offset() {
// now sender signs with their key // now sender signs with their key
let sender_sig_part = { let sender_sig_part = {
let keychain = sender_keychain.clone(); let keychain = sender_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_part = aggsig::calculate_partial_sig( let sig_part = aggsig::calculate_partial_sig(
&keychain.secp(), &keychain.secp(),
&s_cx.sec_key, &s_cx.sec_key,
&s_cx.sec_nonce, &s_cx.sec_nonce,
&pub_nonce_sum, &pub_nonce_sum,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
).unwrap(); ).unwrap();
sig_part sig_part
}; };
@ -361,14 +360,14 @@ fn aggsig_sender_receiver_interaction_offset() {
// received by the sender // received by the sender
{ {
let keychain = receiver_keychain.clone(); let keychain = receiver_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let sig_verifies = aggsig::verify_partial_sig( let sig_verifies = aggsig::verify_partial_sig(
&keychain.secp(), &keychain.secp(),
&sender_sig_part, &sender_sig_part,
&pub_nonce_sum, &pub_nonce_sum,
&sender_pub_excess, &sender_pub_excess,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
); );
assert!(!sig_verifies.is_err()); assert!(!sig_verifies.is_err());
} }
@ -376,14 +375,14 @@ fn aggsig_sender_receiver_interaction_offset() {
// Receiver now builds final signature from sender and receiver parts // Receiver now builds final signature from sender and receiver parts
let (final_sig, final_pubkey) = { let (final_sig, final_pubkey) = {
let keychain = receiver_keychain.clone(); let keychain = receiver_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
let our_sig_part = aggsig::calculate_partial_sig( let our_sig_part = aggsig::calculate_partial_sig(
&keychain.secp(), &keychain.secp(),
&rx_cx.sec_key, &rx_cx.sec_key,
&rx_cx.sec_nonce, &rx_cx.sec_nonce,
&pub_nonce_sum, &pub_nonce_sum,
Some(&pub_key_sum), Some(&pub_key_sum),
0, &msg,
0,
).unwrap(); ).unwrap();
// Receiver now generates final signature from the two parts // Receiver now generates final signature from the two parts
@ -408,6 +407,7 @@ fn aggsig_sender_receiver_interaction_offset() {
// Receiver checks the final signature verifies // Receiver checks the final signature verifies
{ {
let keychain = receiver_keychain.clone(); let keychain = receiver_keychain.clone();
let msg = kernel_sig_msg(0, 0).unwrap();
// Receiver check the final signature verifies // Receiver check the final signature verifies
let sig_verifies = aggsig::verify_sig_build_msg( let sig_verifies = aggsig::verify_sig_build_msg(
@ -415,8 +415,7 @@ fn aggsig_sender_receiver_interaction_offset() {
&final_sig, &final_sig,
&final_pubkey, &final_pubkey,
Some(&final_pubkey), Some(&final_pubkey),
0, &msg,
0,
); );
assert!(!sig_verifies.is_err()); assert!(!sig_verifies.is_err());
} }
@ -424,9 +423,7 @@ fn aggsig_sender_receiver_interaction_offset() {
// Check we can verify the sig using the kernel excess // Check we can verify the sig using the kernel excess
{ {
let keychain = ExtKeychain::from_random_seed().unwrap(); let keychain = ExtKeychain::from_random_seed().unwrap();
let msg = kernel_sig_msg(0, 0).unwrap();
let msg = secp::Message::from_slice(&kernel_sig_msg(0, 0)).unwrap();
let sig_verifies = let sig_verifies =
aggsig::verify_single_from_commit(&keychain.secp(), &final_sig, &msg, &kernel_excess); aggsig::verify_single_from_commit(&keychain.secp(), &final_sig, &msg, &kernel_excess);