示例#1
0
        public static RangeProof range_proof(this Secp256K1 self, ulong min, ulong value, SecretKey blind,
                                             Commitment commit, ProofMessage message)
        {
            var retried = false;
            var proof   = new byte[Constants.Constants.MaxProofSize];
            var plen    = Constants.Constants.MaxProofSize;
            // IntPtr proofPtr= Marshal.AllocHGlobal(proof.Length);

            var proofPtr = Marshal.AllocCoTaskMem(plen);

            Marshal.Copy(proof, 0, proofPtr, proof.Length);
            // Marshal.Copy(proof, 0, proofPtr, proof.Length);


            // use a "known key" as the nonce, specifically the blinding factor
            // of the commitment for which we are generating the range proof
            // so we can later recover the value and the message by unwinding the range proof
            // with the same nonce
            var nonce = blind.Clone();

            var extraCommit = ByteUtil.Get_bytes(0, 33);

            // TODO - confirm this reworked retry logic works as expected
            // pretty sure the original approach retried on success (so twice in total)
            // and just kept looping forever on error


            do
            {
                var success = Proxy.secp256k1_rangeproof_sign(
                    self.Ctx,
                    proofPtr,
                    ref plen,
                    min,
                    commit.Value,
                    blind.Value,
                    nonce.Value,
                    0,
                    64,
                    value,
                    message.Value,
                    message.Value.Length,
                    extraCommit,
                    0,
                    Constants.Constants.GeneratorH) == 1;

                if (success || retried)
                {
                    break;
                }
                retried = true;
            } while (true);

            var proof2 = new byte[plen];


            Marshal.Copy(proofPtr, proof2, 0, plen);
            Marshal.FreeCoTaskMem(proofPtr);


            return(new RangeProof(proof2, plen));
        }