Auto merge of #954 - ebfull:fix-cpourtx-structure, r=ebfull
CPourTx structural changes * Enable binary serialization of proofs and the proving key (closes #799) and make the proofs fixed-size. * Reorder fields of CPourTx to match the spec (closes #927)
This commit is contained in:
zkbot
@@ -416,7 +416,7 @@ libzcash_a_SOURCES = \
|
||||
zcash/prf.cpp \
|
||||
zcash/util.cpp
|
||||
|
||||
libzcash_a_CPPFLAGS = -fPIC -DCURVE_ALT_BN128 -DBOOST_SPIRIT_THREADSAFE -DHAVE_BUILD_INFO -D__STDC_FORMAT_MACROS $(HARDENED_CPPFLAGS) -std=c++11 -pipe -O2 -O0 -g -Wstack-protector -fstack-protector-all -fPIE -fvisibility=hidden -DSTATIC $(BITCOIN_INCLUDES)
|
||||
libzcash_a_CPPFLAGS = -fPIC -DBINARY_OUTPUT -DCURVE_ALT_BN128 -DBOOST_SPIRIT_THREADSAFE -DHAVE_BUILD_INFO -D__STDC_FORMAT_MACROS $(HARDENED_CPPFLAGS) -pipe -O2 -O0 -g -Wstack-protector -fstack-protector-all -fPIE -fvisibility=hidden -DSTATIC $(BITCOIN_INCLUDES)
|
||||
|
||||
# bitcoinconsensus library #
|
||||
if BUILD_BITCOIN_LIBS
|
||||
|
||||
@@ -11,6 +11,8 @@ zcash_gtest_SOURCES = \
|
||||
gtest/test_merkletree.cpp \
|
||||
gtest/test_circuit.cpp
|
||||
|
||||
zcash_gtest_CPPFLAGS = -DBINARY_OUTPUT -DCURVE_ALT_BN128 -DSTATIC
|
||||
|
||||
zcash_gtest_LDADD = -lgtest $(LIBBITCOIN_SERVER) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBBITCOIN_UNIVALUE) $(LIBLEVELDB) $(LIBMEMENV) \
|
||||
$(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1)
|
||||
if ENABLE_WALLET
|
||||
|
||||
@@ -33,7 +33,7 @@ void test_full_api(ZCJoinSplit* js)
|
||||
boost::array<uint256, 2> commitments;
|
||||
uint256 rt = tree.root();
|
||||
boost::array<ZCNoteEncryption::Ciphertext, 2> ciphertexts;
|
||||
std::string proof;
|
||||
boost::array<unsigned char, ZKSNARK_PROOF_SIZE> proof;
|
||||
|
||||
{
|
||||
boost::array<JSInput, 2> inputs = {
|
||||
|
||||
@@ -603,8 +603,8 @@ static void ZC_LoadParams()
|
||||
struct timeval tv_start, tv_end;
|
||||
float elapsed;
|
||||
|
||||
boost::filesystem::path pk_path = ZC_GetParamsDir() / "z3-proving.key";
|
||||
boost::filesystem::path vk_path = ZC_GetParamsDir() / "z3-verification.key";
|
||||
boost::filesystem::path pk_path = ZC_GetParamsDir() / "z4-proving.key";
|
||||
boost::filesystem::path vk_path = ZC_GetParamsDir() / "z4-verification.key";
|
||||
|
||||
pzcashParams = ZCJoinSplit::Unopened();
|
||||
|
||||
|
||||
@@ -44,15 +44,15 @@ public:
|
||||
// to spend it.
|
||||
boost::array<uint256, ZC_NUM_JS_OUTPUTS> commitments;
|
||||
|
||||
// Ephemeral key
|
||||
uint256 ephemeralKey;
|
||||
|
||||
// Ciphertexts
|
||||
// These contain trapdoors, values and other information
|
||||
// that the recipient needs, including a memo field. It
|
||||
// is encrypted using the scheme implemented in crypto/NoteEncryption.cpp
|
||||
boost::array<ZCNoteEncryption::Ciphertext, ZC_NUM_JS_OUTPUTS> ciphertexts;
|
||||
|
||||
// Ephemeral key
|
||||
uint256 ephemeralKey;
|
||||
|
||||
// Random seed
|
||||
uint256 randomSeed;
|
||||
|
||||
@@ -63,7 +63,7 @@ public:
|
||||
|
||||
// Pour proof
|
||||
// This is a zk-SNARK which ensures that this pour is valid.
|
||||
std::string proof;
|
||||
boost::array<unsigned char, ZKSNARK_PROOF_SIZE> proof;
|
||||
|
||||
CPourTx(): vpub_old(0), vpub_new(0) { }
|
||||
|
||||
@@ -91,8 +91,8 @@ public:
|
||||
READWRITE(anchor);
|
||||
READWRITE(serials);
|
||||
READWRITE(commitments);
|
||||
READWRITE(ciphertexts);
|
||||
READWRITE(ephemeralKey);
|
||||
READWRITE(ciphertexts);
|
||||
READWRITE(randomSeed);
|
||||
READWRITE(macs);
|
||||
READWRITE(proof);
|
||||
@@ -106,8 +106,8 @@ public:
|
||||
a.anchor == b.anchor &&
|
||||
a.serials == b.serials &&
|
||||
a.commitments == b.commitments &&
|
||||
a.ciphertexts == b.ciphertexts &&
|
||||
a.ephemeralKey == b.ephemeralKey &&
|
||||
a.ciphertexts == b.ciphertexts &&
|
||||
a.randomSeed == b.randomSeed &&
|
||||
a.macs == b.macs &&
|
||||
a.proof == b.proof
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -133,16 +133,9 @@ void static RandomTransaction(CMutableTransaction &tx, bool fSingle) {
|
||||
pourtx.randomSeed = GetRandHash();
|
||||
randombytes_buf(pourtx.ciphertexts[0].begin(), pourtx.ciphertexts[0].size());
|
||||
randombytes_buf(pourtx.ciphertexts[1].begin(), pourtx.ciphertexts[1].size());
|
||||
randombytes_buf(pourtx.proof.begin(), pourtx.proof.size());
|
||||
pourtx.macs[0] = GetRandHash();
|
||||
pourtx.macs[1] = GetRandHash();
|
||||
{
|
||||
std::vector<unsigned char> txt;
|
||||
int prooflen = insecure_rand() % 1000;
|
||||
for (int i = 0; i < prooflen; i++) {
|
||||
txt.push_back(insecure_rand() % 256);
|
||||
}
|
||||
pourtx.proof = std::string(txt.begin(), txt.end());
|
||||
}
|
||||
|
||||
tx.vpour.push_back(pourtx);
|
||||
}
|
||||
|
||||
@@ -126,7 +126,7 @@ public:
|
||||
JoinSplitCircuit() {}
|
||||
|
||||
bool verify(
|
||||
const std::string& proof,
|
||||
const boost::array<unsigned char, ZKSNARK_PROOF_SIZE>& proof,
|
||||
const uint256& pubKeyHash,
|
||||
const uint256& randomSeed,
|
||||
const boost::array<uint256, NumInputs>& macs,
|
||||
@@ -142,7 +142,8 @@ public:
|
||||
|
||||
r1cs_ppzksnark_proof<ppzksnark_ppT> r1cs_proof;
|
||||
std::stringstream ss;
|
||||
ss.str(proof);
|
||||
std::string proof_str(proof.begin(), proof.end());
|
||||
ss.str(proof_str);
|
||||
ss >> r1cs_proof;
|
||||
|
||||
uint256 h_sig = this->h_sig(randomSeed, nullifiers, pubKeyHash);
|
||||
@@ -160,7 +161,7 @@ public:
|
||||
return r1cs_ppzksnark_verifier_strong_IC<ppzksnark_ppT>(*vk, witness, r1cs_proof);
|
||||
}
|
||||
|
||||
std::string prove(
|
||||
boost::array<unsigned char, ZKSNARK_PROOF_SIZE> prove(
|
||||
const boost::array<JSInput, NumInputs>& inputs,
|
||||
const boost::array<JSOutput, NumOutputs>& outputs,
|
||||
boost::array<Note, NumOutputs>& out_notes,
|
||||
@@ -266,8 +267,14 @@ public:
|
||||
|
||||
std::stringstream ss;
|
||||
ss << proof;
|
||||
std::string serialized_proof = ss.str();
|
||||
|
||||
return ss.str();
|
||||
boost::array<unsigned char, ZKSNARK_PROOF_SIZE> result_proof;
|
||||
//std::cout << "proof size in bytes when serialized: " << serialized_proof.size() << std::endl;
|
||||
assert(serialized_proof.size() == ZKSNARK_PROOF_SIZE);
|
||||
memcpy(&result_proof[0], &serialized_proof[0], ZKSNARK_PROOF_SIZE);
|
||||
|
||||
return result_proof;
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
@@ -59,7 +59,7 @@ public:
|
||||
virtual void loadVerifyingKey(std::string path) = 0;
|
||||
virtual void saveVerifyingKey(std::string path) = 0;
|
||||
|
||||
virtual std::string prove(
|
||||
virtual boost::array<unsigned char, ZKSNARK_PROOF_SIZE> prove(
|
||||
const boost::array<JSInput, NumInputs>& inputs,
|
||||
const boost::array<JSOutput, NumOutputs>& outputs,
|
||||
boost::array<Note, NumOutputs>& out_notes,
|
||||
@@ -76,7 +76,7 @@ public:
|
||||
) = 0;
|
||||
|
||||
virtual bool verify(
|
||||
const std::string& proof,
|
||||
const boost::array<unsigned char, ZKSNARK_PROOF_SIZE>& proof,
|
||||
const uint256& pubKeyHash,
|
||||
const uint256& randomSeed,
|
||||
const boost::array<uint256, NumInputs>& hmacs,
|
||||
|
||||
@@ -12,4 +12,6 @@
|
||||
#define ZC_R_SIZE 32
|
||||
#define ZC_MEMO_SIZE 128
|
||||
|
||||
#define ZKSNARK_PROOF_SIZE 584
|
||||
|
||||
#endif // _ZCCONSTANTS_H_
|
||||
|
||||
@@ -44,8 +44,8 @@ double benchmark_sleep()
|
||||
double benchmark_parameter_loading()
|
||||
{
|
||||
// FIXME: this is duplicated with the actual loading code
|
||||
boost::filesystem::path pk_path = ZC_GetParamsDir() / "z3-proving.key";
|
||||
boost::filesystem::path vk_path = ZC_GetParamsDir() / "z3-verification.key";
|
||||
boost::filesystem::path pk_path = ZC_GetParamsDir() / "z4-proving.key";
|
||||
boost::filesystem::path vk_path = ZC_GetParamsDir() / "z4-verification.key";
|
||||
|
||||
timer_start();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user