public void Bullet_Proof_Extra_Commit_Wrong() { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { // Correct extra commit var extraCommit = new byte[32]; var blinding = secp256k1.CreatePrivateKey(); ulong value = 100033; var commit = pedersen.Commit(value, blinding); var @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), extraCommit, null); var success = bulletProof.Verify(commit, @struct.proof, extraCommit); Assert.True(success); //Wrong extra commit var extraCommitWrong = new byte[32]; extraCommitWrong[0] = 1; success = bulletProof.Verify(commit, @struct.proof, extraCommitWrong); Assert.False(success); } }
public void Bullet_Proof() { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { // Correct value ulong value = 300; var blinding = secp256k1.CreatePrivateKey(); var commit = pedersen.Commit(value, blinding); var @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), null, null); var success = bulletProof.Verify(commit, @struct.proof, null); Assert.True(success); // Wrong value value = 1222344; var commitWrong = pedersen.Commit(122111, blinding); @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), null, null); success = bulletProof.Verify(commit, @struct.proof, null); Assert.False(success); // Wrong binding value = 122322; commit = pedersen.Commit(value, blinding); blinding = secp256k1.CreatePrivateKey(); @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), null, null); success = bulletProof.Verify(commit, @struct.proof, null); Assert.False(success); } }
public void Bullet_Proof_Minimum_Amount() { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { int minValue = 1000; ulong value = 300; // Correct value and minimum value var blinding = secp256k1.CreatePrivateKey(); var commit = pedersen.Commit(value, blinding); var @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), null, null); var success = bulletProof.Verify(commit, @struct.proof, null); Assert.True(success); // Wrong value < 1000 and minimum value. var commitWrong = pedersen.Commit(value, blinding); @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), null, null, minValue); success = bulletProof.Verify(commit, @struct.proof, null, minValue); Assert.False(success); } }
/// <summary> /// </summary> /// <param name="transaction"></param> /// <returns></returns> public VerifyResult VerifyBulletProof(Transaction transaction) { Guard.Argument(transaction, nameof(transaction)).NotNull(); Guard.Argument(transaction.Vout, nameof(transaction)).NotNull(); try { if (transaction.Validate().Any()) { return(VerifyResult.UnableToVerify); } using var secp256K1 = new Secp256k1(); using var bulletProof = new BulletProof(); if (transaction.Bp.Select((t, i) => bulletProof.Verify(transaction.Vout[i + 2].C, t.Proof, null)) .Any(verified => !verified)) { return(VerifyResult.UnableToVerify); } } catch (Exception ex) { _logger.Here().Error(ex, "Unable to verify the bullet proof"); return(VerifyResult.UnableToVerify); } return(VerifyResult.Succeed); }
/// <summary> /// Attachs the envelope. /// </summary> /// <param name="blindSum">Blind sum.</param> /// <param name="commitSum">Commit sum.</param> /// <param name="balance">Balance.</param> /// <param name="secret">Secret.</param> /// <param name="coin">Coin.</param> private void AttachEnvelope(byte[] blindSum, byte[] commitSum, ulong balance, SecureString secret, SecureString salt, ref CoinDto coin) { var(k1, k2) = Split(blindSum, secret, salt, coin.Stamp, coin.Version); using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { coin.Envelope.Commitment = commitSum.ToHex(); coin.Envelope.Proof = k2.ToHex(); coin.Envelope.PublicKey = pedersen.ToPublicKey(pedersen.Commit(0, k1)).ToHex(); coin.Hash = Hash(coin).ToHex(); coin.Envelope.Signature = secp256k1.Sign(coin.Hash.FromHex(), k1).ToHex(); var @struct = bulletProof.ProofSingle(balance, blindSum, Cryptography.RandomBytes(), null, null, null); var success = bulletProof.Verify(commitSum, @struct.proof, null); if (!success) { throw new ArgumentOutOfRangeException(nameof(success), "Bullet proof failed."); } coin.Envelope.RangeProof = @struct.proof.ToHex(); } }
static void Main(string[] args) { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { // Correct valu int minValue = 1000; ulong value = 1000; var blinding = secp256k1.CreatePrivateKey(); var commit = pedersen.Commit(value, blinding); var @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), null, null); var success = bulletProof.Verify(commit, @struct.proof, null); } }
public void Bullet_Proof_Extra_Commit() { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { var extraCommit = new byte[32]; var blinding = secp256k1.GetSecretKey(); ulong value = 100033; var commit = pedersen.Commit(value, blinding); var @struct = bulletProof.GenProof(value, blinding, (byte[])blinding.Clone(), (byte[])blinding.Clone(), extraCommit, null); var success = bulletProof.Verify(commit, @struct.proof, extraCommit); Assert.True(success); } }
/// <summary> /// /// </summary> /// <param name="message"></param> /// <returns></returns> private bool ValidateCoinRule(ValidateCoinRuleMessage message) { if (message == null) { throw new ArgumentNullException(nameof(message)); } if (message.Coin == null) { throw new ArgumentNullException(nameof(message.Coin)); } var coinHasElements = message.Coin.Validate().Any(); if (!coinHasElements) { try { using var secp256k1 = new Secp256k1(); using var bulletProof = new BulletProof(); var success = bulletProof.Verify(message.Coin.Commitment.FromHex(), message.Coin.RangeProof.FromHex(), null); if (!success) { return(false); } } catch (Exception ex) { logger.Error($"<<< SigningProvider.ValidateRule >>>: {ex.ToString()}"); return(false); } } return(true); }