public void ConvertBackAndForth()
{
var converter = new UnblindedSignatureJsonConverter();
var r = new Key();
var key = new Key();
var signer = new SchnorrBlinding.Signer(key, r);
foreach (var i in Enumerable.Range(0, 100))
{
var requester = new SchnorrBlinding.Requester();
var message = new byte[256];
Random.NextBytes(message);
var blindedMessage = requester.BlindMessage(message, r.PubKey, key.PubKey);
var blindSignature = signer.Sign(blindedMessage);
var unblindedSignature = requester.UnblindSignature(blindSignature);
var sb = new StringBuilder();
using var writer = new JsonTextWriter(new StringWriter(sb));
converter.WriteJson(writer, unblindedSignature, null);
using var reader = new JsonTextReader(new StringReader(sb.ToString()));
var convertedUnblindedSignature = (UnblindedSignature)converter.ReadJson(reader, null, null, null);
Assert.Equal(unblindedSignature.C, convertedUnblindedSignature.C);
Assert.Equal(unblindedSignature.S, convertedUnblindedSignature.S);
}
}
public void CanParseUnblindedSignature()
{
var requester = new SchnorrBlinding.Requester();
var r = new Key(Encoders.Hex.DecodeData("31E151628AED2A6ABF7155809CF4F3C762E7160F38B4DA56B784D9045190CFA0"));
var key = new Key(Encoders.Hex.DecodeData("B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF"));
var signer = new SchnorrBlinding.Signer(key, r);
var message = new uint256(Encoders.Hex.DecodeData("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89"), false);
var blindedMessage = requester.BlindMessage(message, r.PubKey, key.PubKey);
var blindSignature = signer.Sign(blindedMessage);
var unblindedSignature = requester.UnblindSignature(blindSignature);
var str = unblindedSignature.ToString();
Assert.True(UnblindedSignature.TryParse(str, out var unblindedSignature2));
Assert.Equal(unblindedSignature.C, unblindedSignature2.C);
Assert.Equal(unblindedSignature.S, unblindedSignature2.S);
str += "o";
Assert.False(UnblindedSignature.TryParse(str, out _));
Assert.Throws <FormatException>(() => UnblindedSignature.Parse(str));
byte[] overflow = new byte[64];
overflow.AsSpan().Fill(255);
Assert.False(UnblindedSignature.TryParse(overflow, out _));
Assert.Throws <FormatException>(() => UnblindedSignature.Parse(overflow));
}
static void Main(string[] args)
{
var requester = new SchnorrBlinding.Requester();
var r = new Key(Encoders.Hex.DecodeData("31E151628AED2A6ABF7155809CF4F3C762E7160F38B4DA56B784D9045190CFA0"));
var key = new Key(Encoders.Hex.DecodeData("B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF"));
var message = new uint256(Encoders.Hex.DecodeData("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89"));
switch (args[0])
{
case "blind-verify":
var blindedMessage = requester.BlindMessage(message, r.PubKey, key.PubKey);
Console.WriteLine(blindedMessage);
var blindedSignatureInput = Console.ReadLine();
var blindedSignature2 = uint256.Parse(blindedSignatureInput);
var unblindedSignature = requester.UnblindSignature(blindedSignature2);
var success = SchnorrBlinding.VerifySignature(message, unblindedSignature, key.PubKey);
Console.WriteLine(success);
return;
case "sign":
var signer = new SchnorrBlinding.Signer(key, r);
var blindedMessageInput = Console.ReadLine();
var blindedMessage2 = uint256.Parse(blindedMessageInput);
var blindSignature = signer.Sign(blindedMessage2);
Console.WriteLine(blindSignature);
return;
}
}
public void BlindingSignature()
{
// Test with known values
var requester = new SchnorrBlinding.Requester();
var r = new Key(Encoders.Hex.DecodeData("31E151628AED2A6ABF7155809CF4F3C762E7160F38B4DA56B784D9045190CFA0"));
var key = new Key(Encoders.Hex.DecodeData("B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF"));
var signer = new SchnorrBlinding.Signer(key, r);
var message = new uint256(Encoders.Hex.DecodeData("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89"), false);
var blindedMessage = requester.BlindMessage(message, r.PubKey, key.PubKey);
var blindSignature = signer.Sign(blindedMessage);
var unblindedSignature = requester.UnblindSignature(blindSignature);
Assert.True(SchnorrBlinding.VerifySignature(message, unblindedSignature, key.PubKey));
Assert.False(SchnorrBlinding.VerifySignature(uint256.Zero, unblindedSignature, key.PubKey));
Assert.False(SchnorrBlinding.VerifySignature(uint256.One, unblindedSignature, key.PubKey));
// Test with unknown values
requester = new SchnorrBlinding.Requester();
signer = new SchnorrBlinding.Signer(new Key(), new Key());
message = NBitcoin.Crypto.Hashes.Hash256(Encoders.ASCII.DecodeData("Hello world!"));
blindedMessage = requester.BlindMessage(message, signer.R.PubKey, signer.Key.PubKey);
blindSignature = signer.Sign(blindedMessage);
unblindedSignature = requester.UnblindSignature(blindSignature);
Assert.True(SchnorrBlinding.VerifySignature(message, unblindedSignature, signer.Key.PubKey));
Assert.False(SchnorrBlinding.VerifySignature(uint256.One, unblindedSignature, signer.Key.PubKey));
Assert.False(SchnorrBlinding.VerifySignature(uint256.One, unblindedSignature, signer.Key.PubKey));
var newMessage = Encoders.ASCII.DecodeData("Hello, World!");
for (var i = 0; i < 1_000; i++)
{
requester = new SchnorrBlinding.Requester();
signer = new SchnorrBlinding.Signer(new Key());
blindedMessage = requester.BlindMessage(newMessage, signer.R.PubKey, signer.Key.PubKey);
blindSignature = signer.Sign(blindedMessage);
unblindedSignature = requester.UnblindSignature(blindSignature);
Assert.True(signer.VerifyUnblindedSignature(unblindedSignature, newMessage));
}
var ex = Assert.Throws <ArgumentException>(() => signer.Sign(uint256.Zero));
Assert.StartsWith("Invalid blinded message.", ex.Message);
}