public ClientRevelation Reveal(ServerCommitment[] commitments) { if (commitments == null) { throw new ArgumentNullException(nameof(commitments)); } if (commitments.Length != Parameters.GetTotalTransactionsCount()) { throw new ArgumentException("Expecting " + Parameters.GetTotalTransactionsCount() + " commitments"); } AssertState(PromiseClientStates.WaitingCommitments); List <uint256> salts = new List <uint256>(); List <int> indexes = new List <int>(); foreach (var fakeHash in _Hashes.OfType <FakeHash>()) { salts.Add(fakeHash.Salt); indexes.Add(fakeHash.Index); } for (int i = 0; i < commitments.Length; i++) { _Hashes[i].Commitment = commitments[i]; } InternalState.Status = PromiseClientStates.WaitingCommitmentsProof; return(new ClientRevelation(indexes.ToArray(), InternalState.IndexSalt, salts.ToArray())); }
public ServerCommitment[][] SignHashes(SignaturesRequest sigRequest) { // Almost done, just need to confirm a typo and a function. // Step 5 if (sigRequest == null) { throw new ArgumentNullException(nameof(sigRequest)); } var hashesCount = sigRequest.Hashes.Select(a => a.Length).Sum(); if (hashesCount != Parameters.GetTotalTransactionsCount()) { throw new ArgumentException($"Incorrect number of hashes, expected {Parameters.GetTotalTransactionsCount()}"); } AssertState(PromiseServerStates.WaitingHashes); // 2D array of pairs of puzzles and promises (z_i, c_i). var promises = new ServerCommitment[Parameters.PaymentsCount][]; // 2D array of encrypted signatures with their solutions. var encryptedSignatures = new EncryptedSignature[Parameters.PaymentsCount][]; // 1-D array is used to store the epsilons for each column to be used when Hashing. var previousSolutions = new byte[Parameters.GetTotalTransactionsCountPerLevel()][]; previousSolutions = previousSolutions.Select(a => new byte[0]).ToArray(); // Initialize to empty array of bytes for (int i = 0; i < Parameters.PaymentsCount; i++) { promises[i] = new ServerCommitment[sigRequest.Hashes[i].Length]; // Initialization encryptedSignatures[i] = new EncryptedSignature[promises[i].Length]; // Initialization for (int j = 0; j < promises[i].Length; j++) { var hash = sigRequest.Hashes[i][j]; // Sign the hash value var ecdsa = InternalState.EscrowKey.Sign(hash); // Convert Signature to Bytes. var ecdsaDER = ecdsa.ToDER(); // This can be replaced by "Utils.GenerateEncryptableInteger(Key)" if padding when XORing is not important. var key = (new XORKey(Parameters.ServerKey)).ToBytes(); // This just generates a random epsilon. // Append the new epsilon to the list of epsilons we have for that column to create "epsilon_{i-1,j}|| . . . , epsilon_{0,j}". previousSolutions[j] = Utils.Combine(key, previousSolutions[j]); // Create the padded solution with the following format "i||j||epsilon_{i,j}||epsilon_{i-1,j}|| . . . , epsilon_{0,j}" var paddedSolutions = new PuzzleSolution(Utils.Combine(NBitcoin.Utils.ToBytes((uint)i, true), NBitcoin.Utils.ToBytes((uint)j, true), previousSolutions[j])); // Hash and XOR the padded solution with the signature we have. var promise = XORKey.XOR(paddedSolutions._Value.ToByteArrayUnsigned(), ecdsaDER); // This function needs to be approved "XOR". PuzzleSolution solution = new PuzzleSolution(key); // Epsilon // Encrypt the epsilon value using RSA var puzzle = Parameters.ServerKey.GeneratePuzzle(ref solution); promises[i][j] = new ServerCommitment(puzzle.PuzzleValue, promise); encryptedSignatures[i][j] = new EncryptedSignature(ecdsa, hash, solution); } } InternalState.Status = PromiseServerStates.WaitingRevelation; InternalState.EncryptedSignatures = encryptedSignatures; InternalState.FakeIndexesHash = sigRequest.FakeIndexesHash; return(promises); }
public ClientRevelation Reveal(ServerCommitment[][] commitments) { // Step 6 if (commitments == null) { throw new ArgumentNullException(nameof(commitments)); } var CommitmentsCount = commitments.Select(a => a.Length).Sum(); // sums the number of commitments var TransactionsCountPerLevel = Parameters.GetTotalTransactionsCountPerLevel(); if (CommitmentsCount != Parameters.GetTotalTransactionsCount()) { throw new ArgumentException($"Expecting {Parameters.GetTotalTransactionsCount()} commitments"); } AssertState(PromiseClientStates.WaitingCommitments); uint256[][] salts = new uint256[_Parameters.PaymentsCount][]; Money[][] feeVariations = new Money[_Parameters.PaymentsCount][]; List <int> fakeIndices = new List <int>(); // This figures out the indices of fake hashes. for (int i = 0; i < TransactionsCountPerLevel; i++) { if (_Hashes.First()[i] is FakeHash) { fakeIndices.Add(i); } } for (int i = 0; i < _Parameters.PaymentsCount; i++) { salts[i] = new uint256[_Parameters.FakeTransactionCountPerLevel]; feeVariations[i] = new Money[_Parameters.RealTransactionCountPerLevel]; int fakeJ = 0, realJ = 0; for (int j = 0; j < TransactionsCountPerLevel; j++) { if (_Hashes[i][j] is FakeHash fake) { salts[i][fakeJ++] = fake.Salt; } if (_Hashes[i][j] is RealHash real) { feeVariations[i][realJ++] = real.FeeVariation; } _Hashes[i][j].Commitment = commitments[i][j]; } } InternalState.Status = PromiseClientStates.WaitingCommitmentsProof; return(new ClientRevelation(fakeIndices.ToArray(), InternalState.IndexSalt, salts, feeVariations)); }
public ServerCommitment[] SignHashes(SignaturesRequest sigRequest) { if (sigRequest == null) { throw new ArgumentNullException(nameof(sigRequest)); } if (sigRequest.Hashes.Length != Parameters.GetTotalTransactionsCount()) { throw new ArgumentException("Incorrect number of hashes, expected " + sigRequest.Hashes.Length); } AssertState(PromiseServerStates.WaitingHashes); List <ServerCommitment> promises = new List <ServerCommitment>(); List <EncryptedSignature> encryptedSignatures = new List <EncryptedSignature>(); foreach (var hash in sigRequest.Hashes) { var ecdsa = InternalState.EscrowKey.Sign(hash); var ecdsaDER = ecdsa.ToDER(); var key = new XORKey(Parameters.ServerKey); var promise = key.XOR(ecdsaDER); PuzzleSolution solution = new PuzzleSolution(key.ToBytes()); var puzzle = Parameters.ServerKey.GeneratePuzzle(ref solution); promises.Add(new ServerCommitment(puzzle.PuzzleValue, promise)); encryptedSignatures.Add(new EncryptedSignature(ecdsa, hash, solution)); } InternalState.Status = PromiseServerStates.WaitingRevelation; InternalState.EncryptedSignatures = encryptedSignatures.ToArray(); InternalState.FakeIndexesHash = sigRequest.FakeIndexesHash; return(promises.ToArray()); }