public static ProofInfo range_proof_info(this Secp256K1 self, RangeProof proof)
{
var exp = 0;
var mantissa = 0;
ulong min = 0;
ulong max = 0;
var extraCommit = new byte [33];
var success = Proxy.secp256k1_rangeproof_info(
self.Ctx,
ref exp,
ref mantissa,
ref min,
ref max,
proof.Proof,
proof.Plen,
extraCommit,
0,
Constants.Constants.GeneratorH
) == 1;
return(new
ProofInfo
{
Success = success,
Value = 0,
Message = ProofMessage.Empty(),
Mlen = 0,
Min = min,
Max = max,
Exp = exp,
Mantissa = mantissa
});
}
public static ProofInfo rewind_range_proof(this Secp256K1 self, Commitment commit, RangeProof proof,
SecretKey nonce)
{
ulong value = 0;
var blind = new byte[32];
var message = new byte[Constants.Constants.ProofMsgSize];
var mlen = (ulong)Constants.Constants.ProofMsgSize;
ulong min = 0;
ulong max = 0;
var extraCommit = new byte[33];
var success = Proxy.secp256k1_rangeproof_rewind(
self.Ctx,
blind,
ref value,
message,
ref mlen,
nonce.Value,
ref min,
ref max,
commit.Value,
proof.Proof,
proof.Plen,
extraCommit,
0,
Constants.Constants.GeneratorH
) == 1;
return(new ProofInfo
{
Success = success,
Value = value,
Message = ProofMessage.from_bytes(message),
Mlen = (int)mlen,
Min = min,
Max = max,
Exp = 0,
Mantissa = 0
});
}
public static RangeProof range_proof(this Secp256K1 self, ulong min, ulong value, SecretKey blind,
Commitment commit, ProofMessage message)
{
var retried = false;
var proof = new byte[Constants.Constants.MaxProofSize];
var plen = Constants.Constants.MaxProofSize;
// IntPtr proofPtr= Marshal.AllocHGlobal(proof.Length);
var proofPtr = Marshal.AllocCoTaskMem(plen);
Marshal.Copy(proof, 0, proofPtr, proof.Length);
// Marshal.Copy(proof, 0, proofPtr, proof.Length);
// use a "known key" as the nonce, specifically the blinding factor
// of the commitment for which we are generating the range proof
// so we can later recover the value and the message by unwinding the range proof
// with the same nonce
var nonce = blind.Clone();
var extraCommit = ByteUtil.Get_bytes(0, 33);
// TODO - confirm this reworked retry logic works as expected
// pretty sure the original approach retried on success (so twice in total)
// and just kept looping forever on error
do
{
var success = Proxy.secp256k1_rangeproof_sign(
self.Ctx,
proofPtr,
ref plen,
min,
commit.Value,
blind.Value,
nonce.Value,
0,
64,
value,
message.Value,
message.Value.Length,
extraCommit,
0,
Constants.Constants.GeneratorH) == 1;
if (success || retried)
{
break;
}
retried = true;
} while (true);
var proof2 = new byte[plen];
Marshal.Copy(proofPtr, proof2, 0, plen);
Marshal.FreeCoTaskMem(proofPtr);
return(new RangeProof(proof2, plen));
}