/******************************************************************************
* Copyright © 2014 - 2016 The SuperNET Developers . *
* *
* See the AUTHORS , DEVELOPER - AGREEMENT and LICENSE files at *
* the top - level directory of this distribution for the individual copyright *
* holder information and the developer policies on copyright and licensing . *
* *
* Unless otherwise agreed in a custom licensing agreement , no part of the *
* SuperNET software , including this file may be copied , modified , propagated *
* or distributed except according to the terms contained in the LICENSE file *
* *
* Removal or modification of this copyright notice is prohibited . *
* *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
// BTCoffer:
// sends NXT assetid, volume and desired
// request:
// other node sends (othercoin, othercoinaddr, otherNXT and reftx that expires well before phasedtx)
// proposal:
// NXT node submits phasedtx that refers to it, but it wont confirm
// approve:
// other node verifies unconfirmed has phasedtx and broadcasts cltv, also to NXT node, releases trigger
// confirm:
// NXT node verifies bitcoin txbytes has proper payment and cashes in with onetimepubkey
// BTC* node approves phased tx with onetimepubkey
char * instantdex_PAXswap ( struct supernet_info * myinfo , struct exchange_info * exchange , struct instantdex_accept * ap , char * cmdstr , struct instantdex_msghdr * msg , cJSON * argjson , char * remoteaddr , uint64_t signerbits , uint8_t * data , int32_t datalen ) // receiving side
{
char * retstr = 0 ;
return ( clonestr ( " { \" error \" : \" PAX swap is not yet \" } " ) ) ;
if ( strcmp ( cmdstr , " offer " ) = = 0 )
{
}
else if ( strcmp ( cmdstr , " proposal " ) = = 0 )
{
}
else if ( strcmp ( cmdstr , " accept " ) = = 0 )
{
}
else if ( strcmp ( cmdstr , " confirm " ) = = 0 )
{
}
else retstr = clonestr ( " { \" error \" : \" PAX swap got unrecognized command \" } " ) ;
return ( retstr ) ;
}
# include "../../includes/secp256k1.h"
//#include "../../crypto777/secp256k1/modules/rangeproof/pedersen_impl.h"
//#include "../../crypto777/secp256k1/modules/rangeproof/borromean_impl.h"
//#include "../../crypto777/secp256k1/modules/rangeproof/rangeproof_impl.h"
void secp256k1_pedersen_context_initialize ( secp256k1_context_t * ctx ) ;
int secp256k1_pedersen_commit ( const secp256k1_context_t * ctx , unsigned char * commit , unsigned char * blind , uint64_t value ) ;
int secp256k1_pedersen_blind_sum ( const secp256k1_context_t * ctx , unsigned char * blind_out , const unsigned char * const * blinds , int n , int npositive ) ;
int secp256k1_pedersen_verify_tally ( const secp256k1_context_t * ctx , const unsigned char * const * commits , int pcnt , const unsigned char * const * ncommits , int ncnt , int64_t excess ) ;
// ./configure --enable-module-ecdh --enable-module-schnorr --enable-module-rangeproof
void CHECK ( int32_t val ) { if ( val ! = 1 ) printf ( " error \n " ) , getchar ( ) ; }
typedef struct {
uint64_t d [ 4 ] ;
} secp256k1_scalar_t ;
static void secp256k1_scalar_get_b32 ( unsigned char * bin , const secp256k1_scalar_t * a ) {
bin [ 0 ] = a - > d [ 3 ] > > 56 ; bin [ 1 ] = a - > d [ 3 ] > > 48 ; bin [ 2 ] = a - > d [ 3 ] > > 40 ; bin [ 3 ] = a - > d [ 3 ] > > 32 ; bin [ 4 ] = a - > d [ 3 ] > > 24 ; bin [ 5 ] = a - > d [ 3 ] > > 16 ; bin [ 6 ] = a - > d [ 3 ] > > 8 ; bin [ 7 ] = a - > d [ 3 ] ;
bin [ 8 ] = a - > d [ 2 ] > > 56 ; bin [ 9 ] = a - > d [ 2 ] > > 48 ; bin [ 10 ] = a - > d [ 2 ] > > 40 ; bin [ 11 ] = a - > d [ 2 ] > > 32 ; bin [ 12 ] = a - > d [ 2 ] > > 24 ; bin [ 13 ] = a - > d [ 2 ] > > 16 ; bin [ 14 ] = a - > d [ 2 ] > > 8 ; bin [ 15 ] = a - > d [ 2 ] ;
bin [ 16 ] = a - > d [ 1 ] > > 56 ; bin [ 17 ] = a - > d [ 1 ] > > 48 ; bin [ 18 ] = a - > d [ 1 ] > > 40 ; bin [ 19 ] = a - > d [ 1 ] > > 32 ; bin [ 20 ] = a - > d [ 1 ] > > 24 ; bin [ 21 ] = a - > d [ 1 ] > > 16 ; bin [ 22 ] = a - > d [ 1 ] > > 8 ; bin [ 23 ] = a - > d [ 1 ] ;
bin [ 24 ] = a - > d [ 0 ] > > 56 ; bin [ 25 ] = a - > d [ 0 ] > > 48 ; bin [ 26 ] = a - > d [ 0 ] > > 40 ; bin [ 27 ] = a - > d [ 0 ] > > 32 ; bin [ 28 ] = a - > d [ 0 ] > > 24 ; bin [ 29 ] = a - > d [ 0 ] > > 16 ; bin [ 30 ] = a - > d [ 0 ] > > 8 ; bin [ 31 ] = a - > d [ 0 ] ;
}
# define SECP256K1_N_0 ((uint64_t)0xBFD25E8CD0364141ULL)
# define SECP256K1_N_1 ((uint64_t)0xBAAEDCE6AF48A03BULL)
# define SECP256K1_N_2 ((uint64_t)0xFFFFFFFFFFFFFFFEULL)
# define SECP256K1_N_3 ((uint64_t)0xFFFFFFFFFFFFFFFFULL)
/* Limbs of 2^256 minus the secp256k1 order. */
# define SECP256K1_N_C_0 (~SECP256K1_N_0 + 1)
# define SECP256K1_N_C_1 (~SECP256K1_N_1)
# define SECP256K1_N_C_2 (1)
static int secp256k1_scalar_check_overflow ( const secp256k1_scalar_t * a ) {
int yes = 0 ;
int no = 0 ;
no | = ( a - > d [ 3 ] < SECP256K1_N_3 ) ; /* No need for a > check. */
no | = ( a - > d [ 2 ] < SECP256K1_N_2 ) ;
yes | = ( a - > d [ 2 ] > SECP256K1_N_2 ) & ~ no ;
no | = ( a - > d [ 1 ] < SECP256K1_N_1 ) ;
yes | = ( a - > d [ 1 ] > SECP256K1_N_1 ) & ~ no ;
yes | = ( a - > d [ 0 ] > = SECP256K1_N_0 ) & ~ no ;
return yes ;
}
typedef unsigned uint128_t __attribute__ ( ( mode ( TI ) ) ) ;
static int secp256k1_scalar_reduce ( secp256k1_scalar_t * r , unsigned int overflow ) {
uint128_t t ;
t = ( uint128_t ) r - > d [ 0 ] + overflow * SECP256K1_N_C_0 ;
r - > d [ 0 ] = t & 0xFFFFFFFFFFFFFFFFULL ; t > > = 64 ;
t + = ( uint128_t ) r - > d [ 1 ] + overflow * SECP256K1_N_C_1 ;
r - > d [ 1 ] = t & 0xFFFFFFFFFFFFFFFFULL ; t > > = 64 ;
t + = ( uint128_t ) r - > d [ 2 ] + overflow * SECP256K1_N_C_2 ;
r - > d [ 2 ] = t & 0xFFFFFFFFFFFFFFFFULL ; t > > = 64 ;
t + = ( uint64_t ) r - > d [ 3 ] ;
r - > d [ 3 ] = t & 0xFFFFFFFFFFFFFFFFULL ;
return overflow ;
}
static void secp256k1_scalar_set_b32 ( secp256k1_scalar_t * r , const unsigned char * b32 , int * overflow ) {
int over ;
r - > d [ 0 ] = ( uint64_t ) b32 [ 31 ] | ( uint64_t ) b32 [ 30 ] < < 8 | ( uint64_t ) b32 [ 29 ] < < 16 | ( uint64_t ) b32 [ 28 ] < < 24 | ( uint64_t ) b32 [ 27 ] < < 32 | ( uint64_t ) b32 [ 26 ] < < 40 | ( uint64_t ) b32 [ 25 ] < < 48 | ( uint64_t ) b32 [ 24 ] < < 56 ;
r - > d [ 1 ] = ( uint64_t ) b32 [ 23 ] | ( uint64_t ) b32 [ 22 ] < < 8 | ( uint64_t ) b32 [ 21 ] < < 16 | ( uint64_t ) b32 [ 20 ] < < 24 | ( uint64_t ) b32 [ 19 ] < < 32 | ( uint64_t ) b32 [ 18 ] < < 40 | ( uint64_t ) b32 [ 17 ] < < 48 | ( uint64_t ) b32 [ 16 ] < < 56 ;
r - > d [ 2 ] = ( uint64_t ) b32 [ 15 ] | ( uint64_t ) b32 [ 14 ] < < 8 | ( uint64_t ) b32 [ 13 ] < < 16 | ( uint64_t ) b32 [ 12 ] < < 24 | ( uint64_t ) b32 [ 11 ] < < 32 | ( uint64_t ) b32 [ 10 ] < < 40 | ( uint64_t ) b32 [ 9 ] < < 48 | ( uint64_t ) b32 [ 8 ] < < 56 ;
r - > d [ 3 ] = ( uint64_t ) b32 [ 7 ] | ( uint64_t ) b32 [ 6 ] < < 8 | ( uint64_t ) b32 [ 5 ] < < 16 | ( uint64_t ) b32 [ 4 ] < < 24 | ( uint64_t ) b32 [ 3 ] < < 32 | ( uint64_t ) b32 [ 2 ] < < 40 | ( uint64_t ) b32 [ 1 ] < < 48 | ( uint64_t ) b32 [ 0 ] < < 56 ;
over = secp256k1_scalar_reduce ( r , secp256k1_scalar_check_overflow ( r ) ) ;
if ( overflow ) {
* overflow = over ;
}
}
void random_scalar_order ( secp256k1_scalar_t * num ) {
do {
unsigned char b32 [ 32 ] ;
int overflow = 0 ;
OS_randombytes ( b32 , sizeof ( b32 ) ) ;
//secp256k1_rand256(b32);
secp256k1_scalar_set_b32 ( num , b32 , & overflow ) ;
if ( overflow ! = 0 | | bits256_nonz ( * ( bits256 * ) num ) = = 0 )
continue ;
break ;
} while ( 1 ) ;
}
bits256 rand_secp ( )
{
bits256 s , ret ;
random_scalar_order ( ( void * ) & s ) ;
secp256k1_scalar_get_b32 ( ( void * ) & ret , ( void * ) & s ) ;
return ( ret ) ;
}
void test_pedersen ( void ) {
secp256k1_context_t * ctx ;
ctx = secp256k1_context_create ( SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY ) ;
secp256k1_pedersen_context_initialize ( ctx ) ;
unsigned char commits [ 33 * 19 ] ;
const unsigned char * cptr [ 19 ] ;
unsigned char blinds [ 32 * 19 ] ;
const unsigned char * bptr [ 19 ] ;
uint64_t values [ 19 ] ;
int64_t totalv ;
secp256k1_scalar_t s ;
int i ; uint8_t r , r2 ;
int inputs ;
int outputs ;
int total ;
OS_randombytes ( ( void * ) & r , sizeof ( r ) ) ;
OS_randombytes ( ( void * ) & r2 , sizeof ( r2 ) ) ;
inputs = ( r & 7 ) + 1 ;
outputs = ( r2 & 7 ) + 2 ;
total = inputs + outputs ;
printf ( " inputs.%d outputs.%d \n " , inputs , outputs ) ;
for ( i = 0 ; i < 19 ; i + + ) {
cptr [ i ] = & commits [ i * 33 ] ;
bptr [ i ] = & blinds [ i * 32 ] ;
}
totalv = 0 ;
for ( i = 0 ; i < inputs ; i + + ) {
OS_randombytes ( ( void * ) & r , sizeof ( r ) ) ;
values [ i ] = r ;
totalv + = values [ i ] ;
}
if ( 1 ) { //rand() & 1) {
for ( i = 0 ; i < outputs ; i + + ) {
int64_t max = INT64_MAX ;
if ( totalv < 0 ) {
max + = totalv ;
}
OS_randombytes ( ( void * ) & r , sizeof ( r ) ) ;
values [ i + inputs ] = r ;
totalv - = values [ i + inputs ] ;
}
} else {
for ( i = 0 ; i < outputs - 1 ; i + + ) {
OS_randombytes ( ( void * ) & r , sizeof ( r ) ) ;
values [ i + inputs ] = r ;
totalv - = values [ i + inputs ] ;
}
values [ total - 1 ] = totalv > > ( rand ( ) & 1 ) ;
totalv - = values [ total - 1 ] ;
}
for ( i = 0 ; i < total - 1 ; i + + ) {
random_scalar_order ( & s ) ;
secp256k1_scalar_get_b32 ( & blinds [ i * 32 ] , & s ) ;
}
CHECK ( secp256k1_pedersen_blind_sum ( ctx , & blinds [ ( total - 1 ) * 32 ] , bptr , total - 1 , inputs ) ) ;
printf ( " sum total.%d %lld \n " , total , ( long long ) values [ total - 1 ] ) ;
for ( i = 0 ; i < total ; i + + ) {
printf ( " %llu " , ( long long ) values [ i ] ) ;
CHECK ( secp256k1_pedersen_commit ( ctx , & commits [ i * 33 ] , & blinds [ i * 32 ] , values [ i ] ) ) ;
}
printf ( " commits totalv.%lld \n " , ( long long ) totalv ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , cptr , inputs , & cptr [ inputs ] , outputs , totalv ) ) ;
printf ( " tally \n " ) ;
CHECK ( ! secp256k1_pedersen_verify_tally ( ctx , cptr , inputs , & cptr [ inputs ] , outputs , totalv + 1 ) ) ;
printf ( " !tally \n " ) ;
getchar ( ) ;
return ;
for ( i = 0 ; i < 4 ; i + + ) {
//OS_randombytes(&blinds[i * 32],32);
* ( bits256 * ) & blinds [ i * 32 ] = rand_secp ( ) ;
}
values [ 0 ] = INT64_MAX ;
values [ 1 ] = 0 ;
values [ 2 ] = 1 ;
for ( i = 0 ; i < 3 ; i + + ) {
CHECK ( secp256k1_pedersen_commit ( ctx , & commits [ i * 33 ] , & blinds [ i * 32 ] , values [ i ] ) ) ;
}
printf ( " a \n " ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , & cptr [ 1 ] , 1 , & cptr [ 2 ] , 1 , - 1 ) ) ;
printf ( " b \n " ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , & cptr [ 2 ] , 1 , & cptr [ 1 ] , 1 , 1 ) ) ;
printf ( " c \n " ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , & cptr [ 0 ] , 1 , & cptr [ 0 ] , 1 , 0 ) ) ;
printf ( " d \n " ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , & cptr [ 0 ] , 1 , & cptr [ 1 ] , 1 , INT64_MAX ) ) ;
printf ( " e \n " ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , & cptr [ 1 ] , 1 , & cptr [ 1 ] , 1 , 0 ) ) ;
printf ( " f \n " ) ;
CHECK ( secp256k1_pedersen_verify_tally ( ctx , & cptr [ 1 ] , 1 , & cptr [ 0 ] , 1 , - INT64_MAX ) ) ;
printf ( " g \n " ) ;
}
void ztest ( )
{
# ifdef __APPLE__
printf ( " ztests \n " ) ;
//test_pedersen();
secp256k1_context_t * ctx ; uint8_t commits [ 13 ] [ 33 ] , blinds [ 13 ] [ 32 ] ; int32_t i , j , ret , retvals [ 13 ] ; int64_t val , excess = 0 ; const uint8_t * commitptrs [ 13 ] , * blindptrs [ 13 ] ; bits256 s ;
ctx = secp256k1_context_create ( SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY ) ;
secp256k1_pedersen_context_initialize ( ctx ) ;
for ( j = 0 ; j < 13 ; j + + )
{
blindptrs [ j ] = blinds [ j ] ;
commitptrs [ j ] = commits [ j ] ;
s = rand_secp ( ) ;
memcpy ( blinds [ j ] , s . bytes , sizeof ( s ) ) ;
//OS_randombytes(blinds[j],sizeof(blinds[j]));
}
ret = secp256k1_pedersen_blind_sum ( ctx , blinds [ 12 ] , blindptrs , 12 , 12 ) ;
for ( i = 0 ; i < 32 ; i + + )
printf ( " %02x " , blindptrs [ 12 ] [ i ] ) ;
printf ( " blindsum.%d \n " , ret ) ;
for ( j = 0 ; j < 13 ; j + + )
{
val = ( j < 12 ) ? ( j + 1 ) : - excess ;
while ( 1 )
{
retvals [ j ] = secp256k1_pedersen_commit ( ctx , commits [ j ] , blinds [ j ] , val ) ;
//if ( commits[j][0] == 0x02 )
break ;
}
if ( j < 12 )
excess + = val ;
for ( i = 0 ; i < 33 ; i + + )
printf ( " %02x " , commits [ j ] [ i ] ) ;
printf ( " pederson commit.%d val.%lld \n " , retvals [ j ] , ( long long ) val ) ;
}
ret = secp256k1_pedersen_verify_tally ( ctx , commitptrs , 12 , & commitptrs [ 12 ] , 1 , 0 ) ;
printf ( " tally.%d vs %lld \n " , ret , ( long long ) excess ) ;
//getchar();
# endif
}