/// Generates a random keypair. Convenience function for `key::SecretKey::new` /// and `key::PublicKey::from_secret_key`; call those functions directly for /// batch key generation. Requires a signing-capable context. public (SecretKey secretKey, PublicKey publicKey) generate_keypair(RandomNumberGenerator rng) { var sk = SecretKey.New(this, rng); var pk = PublicKey.from_secret_key(this, sk); return(sk, pk); }
public void Test_commit_sum() { var secp = Secp256K1.WithCaps(ContextFlag.Commit); Commitment Commit(ulong value, SecretKey blinding) { return(secp.Commit(value, blinding)); } var blindA = SecretKey.New(secp, RandomNumberGenerator.Create()); var blindB = SecretKey.New(secp, RandomNumberGenerator.Create()); var commitA = Commit(3, blindA); var commitB = Commit(2, blindB); var blindC = secp.blind_sum(new [] { blindA, blindB }, new SecretKey[] {}); var commitC = Commit(3 + 2, blindC); var commitD = secp.commit_sum(new[] { commitA, commitB }, new Commitment[] { }); Assert.Equal(commitC.Value, commitD.Value); var blindE = secp.blind_sum(new[] { blindA }, new[] { blindB }); var commitE = Commit(3 - 2, blindE); var commitF = secp.commit_sum(new[] { commitA }, new[] { commitB }); Assert.Equal(commitE.Value, commitF.Value); }
public void Test_sign_with_pubkey_from_commitment() { var secp = Secp256K1.WithCaps(ContextFlag.Commit); var blinding = SecretKey.New(secp, RandomNumberGenerator.Create()); var commit = secp.Commit(0, blinding); var msgBytes = ByteUtil.Get_random_bytes(RandomNumberGenerator.Create(), 32); var msg = Message.from_slice(msgBytes); var sig = secp.Sign(msg, blinding); var pubkeys = commit.to_two_pubkeys(secp); // check that we can successfully verify the signature with one of the public keys try { secp.Verify(msg, sig, pubkeys[0]); } catch (Exception) { try { secp.Verify(msg, sig, pubkeys[1]); } catch (Exception ex) { throw new Exception("this is not good", ex); } } }
public void Test_to_two_pubkeys() { var secp = Secp256K1.WithCaps(ContextFlag.Commit); var blinding = SecretKey.New(secp, RandomNumberGenerator.Create()); var commit = secp.Commit(5, blinding); Assert.Equal(2, commit.to_two_pubkeys(secp).Length); }
// to_pubkey() is not currently working as secp does currently // provide an api to extract a public key from a commitment public void test_to_pubkey() { var secp = Secp256K1.WithCaps(ContextFlag.Commit); var blinding = SecretKey.New(secp, RandomNumberGenerator.Create()); var commit = secp.Commit(5, blinding); Assert.Throws <Exception>(() => { commit.to_pubkey(secp); }); }
public void Test_verify_commit_sum_random_keys() { var secp = Secp256K1.WithCaps(ContextFlag.Commit); Commitment Commit(ulong value, SecretKey blinding) { return(secp.Commit(value, blinding)); } var blindPos = SecretKey.New(secp, RandomNumberGenerator.Create()); var blindNeg = SecretKey.New(secp, RandomNumberGenerator.Create()); // now construct blinding factor to net out appropriately var blindSum = secp.blind_sum(new[] { blindPos }, new[] { blindNeg }); secp.verify_commit_sum( new [] { Commit(101, blindPos) }, new[] { Commit(75, blindNeg), Commit(26, blindSum) } ); }
public void Test_pubkey_from_slice_bad_context() { var s = Secp256K1.WithoutCaps(); var sk = SecretKey.New(s, RandomNumberGenerator.Create()); var ex = Assert.Throws <Exception>(() => { PublicKey.from_secret_key(s, sk); }); Assert.Equal("IncapableContext", ex.Message); s = Secp256K1.WithCaps(ContextFlag.VerifyOnly); ex = Assert.Throws <Exception>(() => { PublicKey.from_secret_key(s, sk); }); Assert.Equal("IncapableContext", ex.Message); s = Secp256K1.WithCaps(ContextFlag.SignOnly); PublicKey.from_secret_key(s, sk); s = Secp256K1.WithCaps(ContextFlag.Full); PublicKey.from_secret_key(s, sk); }
public void Test_range_proof() { var secp = Secp256K1.WithCaps(ContextFlag.Commit); var blinding = SecretKey.New(secp, RandomNumberGenerator.Create()); var commit = secp.Commit(7, blinding); var msg = ProofMessage.Empty(); var rangeProof = secp.range_proof(0, 7, blinding, commit, msg.Clone()); var proofRange = secp.verify_range_proof(commit, rangeProof); Assert.Equal <ulong>(0, proofRange.Min); var proofInfo = secp.range_proof_info(rangeProof); Assert.True(proofInfo.Success); Assert.Equal <ulong>(0, proofInfo.Min); //// check we get no information back for the value here Assert.Equal <ulong>(0, proofInfo.Value); proofInfo = secp.rewind_range_proof(commit, rangeProof, blinding); Assert.True(proofInfo.Success); Assert.Equal <ulong>(0, proofInfo.Min); Assert.Equal <ulong>(7, proofInfo.Value); //// check we cannot rewind a range proof without the original nonce var badNonce = SecretKey.New(secp, RandomNumberGenerator.Create()); var badInfo = secp.rewind_range_proof(commit, rangeProof, badNonce); Assert.False(badInfo.Success); Assert.Equal <ulong>(0, badInfo.Value); //// check we can construct and verify a range proof on value 0 commit = secp.Commit(0, blinding); rangeProof = secp.range_proof(0, 0, blinding, commit, msg); secp.verify_range_proof(commit, rangeProof); proofInfo = secp.rewind_range_proof(commit, rangeProof, blinding.Clone()); Assert.True(proofInfo.Success); Assert.Equal <ulong>(0, proofInfo.Min); Assert.Equal <ulong>(0, proofInfo.Value); }