absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-10 05:09:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix https://github.com/serai-dex/serai/issues/14.

Browse Source
This commit is contained in:
Luke Parker
2022-07-12 01:28:01 -04:00
parent cf28967754
commit 5eb61f3a87
11 changed files with 198 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
coins/monero/src/frost.rs
View File

@@ -7,7 +7,7 @@ use curve25519_dalek::{scalar::Scalar, edwards::EdwardsPoint};
use group::{Group, GroupEncoding};
use transcript::RecommendedTranscript;
use transcript::{Transcript, RecommendedTranscript};
use dalek_ff_group as dfg;
use dleq::{Generators, DLEqProof};
@@ -21,6 +21,10 @@ pub enum MultisigError {
InvalidKeyImage(u16)
}
fn transcript() -> RecommendedTranscript {
RecommendedTranscript::new(b"monero_key_image_dleq")
}
#[allow(non_snake_case)]
pub(crate) fn write_dleq<R: RngCore + CryptoRng>(
rng: &mut R,
@@ -35,7 +39,7 @@ pub(crate) fn write_dleq<R: RngCore + CryptoRng>(
// the proper order if they want to reach consensus
// It'd be a poor API to have CLSAG define a new transcript solely to pass here, just to try to
// merge later in some form, when it should instead just merge xH (as it does)
&mut RecommendedTranscript::new(b"DLEq Proof"),
&mut transcript(),
Generators::new(dfg::EdwardsPoint::generator(), dfg::EdwardsPoint(H)),
dfg::Scalar(x)
).serialize(&mut res).unwrap();
@@ -45,16 +49,15 @@ pub(crate) fn write_dleq<R: RngCore + CryptoRng>(
#[allow(non_snake_case)]
pub(crate) fn read_dleq(
serialized: &[u8],
start: usize,
H: EdwardsPoint,
l: u16,
xG: dfg::EdwardsPoint
) -> Result<dfg::EdwardsPoint, MultisigError> {
if serialized.len() < start + 96 {
if serialized.len() != 96 {
Err(MultisigError::InvalidDLEqProof(l))?;
}
let bytes = (&serialized[(start + 0) .. (start + 32)]).try_into().unwrap();
let bytes = (&serialized[.. 32]).try_into().unwrap();
// dfg ensures the point is torsion free
let xH = Option::<dfg::EdwardsPoint>::from(
dfg::EdwardsPoint::from_bytes(&bytes)).ok_or(MultisigError::InvalidDLEqProof(l)
@@ -64,13 +67,13 @@ pub(crate) fn read_dleq(
Err(MultisigError::InvalidDLEqProof(l))?;
}
let proof = DLEqProof::<dfg::EdwardsPoint>::deserialize(
&mut Cursor::new(&serialized[(start + 32) .. (start + 96)])
DLEqProof::<dfg::EdwardsPoint>::deserialize(
&mut Cursor::new(&serialized[32 ..])
).map_err(|_| MultisigError::InvalidDLEqProof(l))?.verify(
&mut transcript(),
Generators::new(dfg::EdwardsPoint::generator(), dfg::EdwardsPoint(H)),
(xG, xH)
).map_err(|_| MultisigError::InvalidDLEqProof(l))?;
let mut transcript = RecommendedTranscript::new(b"DLEq Proof");
proof.verify(&mut transcript, Generators::new(dfg::EdwardsPoint::generator(), dfg::EdwardsPoint(H)), (xG, xH))
.map_err(|_| MultisigError::InvalidDLEqProof(l))?;
Ok(xH)
}