forked from wrv/bp-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpedersen.go
134 lines (99 loc) · 3.27 KB
/
pedersen.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
package bp_go
import (
"crypto/rand"
"crypto/sha256"
"fmt"
"math/big"
"github.com/decred/dcrd/dcrec/secp256k1"
)
// Commitment - this contains the details for each commitment
type Commitment struct {
Comm ECPoint
// encrypted values
EncValue []byte
Blind *big.Int
}
/*
VectorPCommit - Vector Pedersen Commit
Given an array of values, we commit the array with different generators
for each element and for each randomness.
*/
func VectorPCommit(value []*big.Int) (ECPoint, []*big.Int) {
R := make([]*big.Int, EC.V)
commitment := EC.Zero()
for i := 0; i < EC.V; i++ {
r, err := rand.Int(rand.Reader, EC.N)
check(err)
R[i] = r
modValue := new(big.Int).Mod(value[i], EC.N)
// mG, rH
lhsX, lhsY := EC.C.ScalarMult(EC.BPG[i].X, EC.BPG[i].Y, modValue.Bytes())
rhsX, rhsY := EC.C.ScalarMult(EC.BPH[i].X, EC.BPH[i].Y, r.Bytes())
commitment = commitment.Add(ECPoint{lhsX, lhsY}).Add(ECPoint{rhsX, rhsY})
}
return commitment, R
}
/*
TwoVectorPCommit - Two Vector P Commit
Given an array of values, we commit the array with different generators
for each element and for each randomness.
*/
func TwoVectorPCommit(a []*big.Int, b []*big.Int) ECPoint {
if len(a) != len(b) {
fmt.Println("TwoVectorPCommit: Uh oh! Arrays not of the same length")
fmt.Printf("len(a): %d\n", len(a))
fmt.Printf("len(b): %d\n", len(b))
}
commitment := EC.Zero()
for i := 0; i < EC.V; i++ {
commitment = commitment.Add(EC.BPG[i].Mult(a[i])).Add(EC.BPH[i].Mult(b[i]))
}
return commitment
}
/*
TwoVectorPCommitWithGens - Vector Pedersen Commitment with Gens
Given an array of values, we commit the array with different generators
for each element and for each randomness.
We also pass in the Generators we want to use
*/
func TwoVectorPCommitWithGens(G, H []ECPoint, a, b []*big.Int) ECPoint {
if len(G) != len(H) || len(G) != len(a) || len(a) != len(b) {
fmt.Println("TwoVectorPCommitWithGens: Uh oh! Arrays not of the same length")
fmt.Printf("len(G): %d\n", len(G))
fmt.Printf("len(H): %d\n", len(H))
fmt.Printf("len(a): %d\n", len(a))
fmt.Printf("len(b): %d\n", len(b))
}
commitment := EC.Zero()
for i := 0; i < len(G); i++ {
modA := new(big.Int).Mod(a[i], EC.N)
modB := new(big.Int).Mod(b[i], EC.N)
commitment = commitment.Add(G[i].Mult(modA)).Add(H[i].Mult(modB))
}
return commitment
}
/*
VectorPCommitTrans -Vector Pedersen Commit with Gens and BF
This modified method is to be used with input and output transactions
*/
func VectorPCommitTrans(pubkey *secp256k1.PublicKey, value []*big.Int, sSecret *big.Int) (ECPoint, []*big.Int, [][]byte) {
R := make([]*big.Int, EC.V)
commitment := EC.Zero()
encValues := make([][]byte, EC.V)
for i := 0; i < EC.V; i++ {
hash := sha256.Sum256(value[i].Bytes())
r := secp256k1.NonceRFC6979(sSecret, hash[:], nil, nil)
R[i] = r
// create the encrypted hash
fmt.Printf("values are %s\n", value[i])
ciphertext, err := secp256k1.Encrypt(pubkey, []byte(value[i].String()))
check(err)
encValues[i] = ciphertext
modValue := new(big.Int).Mod(value[i], EC.N)
// mG, rH
lhsX, lhsY := EC.C.ScalarMult(EC.BPG[i].X, EC.BPG[i].Y, modValue.Bytes())
rhsX, rhsY := EC.C.ScalarMult(EC.BPH[i].X, EC.BPH[i].Y, r.Bytes())
commitment = commitment.Add(ECPoint{lhsX, lhsY}).Add(ECPoint{rhsX, rhsY})
}
return commitment, R, encValues
}