mirror of
https://github.com/serai-dex/serai.git
synced 2025-12-08 12:19:24 +00:00
Files meant for the previous commit
This commit is contained in:
Luke Parker
@@ -19,8 +19,8 @@ curve25519-dalek = { version = "3.2", features = ["std", "simd_backend"] }
|
|||||||
|
|
||||||
ff = { version = "0.11", optional = true }
|
ff = { version = "0.11", optional = true }
|
||||||
group = { version = "0.11", optional = true }
|
group = { version = "0.11", optional = true }
|
||||||
dalek-ff-group = { path = "../dalek-ff-group", optional = true }
|
dalek-ff-group = { path = "../../sign/dalek-ff-group", optional = true }
|
||||||
frost = { path = "../frost", optional = true }
|
frost = { path = "../../sign/frost", optional = true }
|
||||||
|
|
||||||
monero = "0.16.0" # Locked to this specific patch version due to a bug we compensate for
|
monero = "0.16.0" # Locked to this specific patch version due to a bug we compensate for
|
||||||
|
|
||||||
|
|||||||
@@ -38,7 +38,8 @@ fn main() {
|
|||||||
println!("cargo:rerun-if-env-changed=OUT_DIR");
|
println!("cargo:rerun-if-env-changed=OUT_DIR");
|
||||||
if !Path::new(
|
if !Path::new(
|
||||||
&format!(
|
&format!(
|
||||||
"c/monero/src/crypto/{}cncrypto.{}",
|
"{}/{}cncrypto.{}",
|
||||||
|
out_dir,
|
||||||
&env::consts::DLL_PREFIX,
|
&env::consts::DLL_PREFIX,
|
||||||
&env::consts::DLL_EXTENSION
|
&env::consts::DLL_EXTENSION
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
use rand_core::{RngCore, CryptoRng};
|
use rand_core::{RngCore, CryptoRng};
|
||||||
|
|
||||||
use blake2::{Digest, Blake2b512};
|
use blake2::{digest::Update, Digest, Blake2b512};
|
||||||
|
|
||||||
use curve25519_dalek::{
|
use curve25519_dalek::{
|
||||||
constants::ED25519_BASEPOINT_TABLE,
|
constants::ED25519_BASEPOINT_TABLE,
|
||||||
@@ -154,7 +154,7 @@ impl Algorithm<Ed25519> for Multisig {
|
|||||||
) -> dfg::Scalar {
|
) -> dfg::Scalar {
|
||||||
// Use everyone's commitments to derive a random source all signers can agree upon
|
// Use everyone's commitments to derive a random source all signers can agree upon
|
||||||
// Cannot be manipulated to effect and all signers must, and will, know this
|
// Cannot be manipulated to effect and all signers must, and will, know this
|
||||||
let rand_source = Keccak::v512()
|
let rand_source = Blake2b512::new()
|
||||||
.chain("clsag_randomness")
|
.chain("clsag_randomness")
|
||||||
.chain(&self.b)
|
.chain(&self.b)
|
||||||
.finalize()
|
.finalize()
|
||||||
@@ -191,7 +191,7 @@ impl Algorithm<Ed25519> for Multisig {
|
|||||||
|
|
||||||
let mut clsag = interim.clsag.clone();
|
let mut clsag = interim.clsag.clone();
|
||||||
clsag.s[self.ssr.i] = Key { key: s.to_bytes() };
|
clsag.s[self.ssr.i] = Key { key: s.to_bytes() };
|
||||||
if verify(&clsag, self.image, &self.ssr.ring, &self.msg, interim.C_out).is_ok() {
|
if verify(&clsag, self.image, &self.msg, &self.ssr.ring, interim.C_out).is_ok() {
|
||||||
return Some((clsag, interim.C_out));
|
return Some((clsag, interim.C_out));
|
||||||
}
|
}
|
||||||
return None;
|
return None;
|
||||||
|
|||||||
@@ -2,7 +2,7 @@ use core::convert::TryInto;
|
|||||||
|
|
||||||
use rand_core::{RngCore, CryptoRng};
|
use rand_core::{RngCore, CryptoRng};
|
||||||
|
|
||||||
use blake2::{Digest, Blake2b512};
|
use blake2::{digest::Update, Digest, Blake2b512};
|
||||||
|
|
||||||
use curve25519_dalek::{
|
use curve25519_dalek::{
|
||||||
constants::ED25519_BASEPOINT_TABLE as DTable,
|
constants::ED25519_BASEPOINT_TABLE as DTable,
|
||||||
@@ -49,7 +49,7 @@ impl Curve for Ed25519 {
|
|||||||
}
|
}
|
||||||
|
|
||||||
fn hash_msg(msg: &[u8]) -> Vec<u8> {
|
fn hash_msg(msg: &[u8]) -> Vec<u8> {
|
||||||
Blake2b512::digest(msg)
|
Blake2b512::digest(msg).to_vec()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn hash_to_F(data: &[u8]) -> Self::F {
|
fn hash_to_F(data: &[u8]) -> Self::F {
|
||||||
@@ -120,13 +120,13 @@ impl DLEqProof {
|
|||||||
let R1 = &DTable * &r;
|
let R1 = &DTable * &r;
|
||||||
let R2 = r * H;
|
let R2 = r * H;
|
||||||
|
|
||||||
let c = DScalar::from_hash(
|
let c = dfg::Scalar::from_hash(
|
||||||
Blake2b512::new()
|
Blake2b512::new()
|
||||||
.chain(R1.compress().to_bytes())
|
.chain(R1.compress().to_bytes())
|
||||||
.chain(R2.compress().to_bytes())
|
.chain(R2.compress().to_bytes())
|
||||||
.chain((secret * &DTable).compress().to_bytes())
|
.chain((secret * &DTable).compress().to_bytes())
|
||||||
.chain(alt.compress().to_bytes())
|
.chain(alt.compress().to_bytes())
|
||||||
);
|
).0;
|
||||||
let s = r + (c * secret);
|
let s = r + (c * secret);
|
||||||
|
|
||||||
DLEqProof { s, c }
|
DLEqProof { s, c }
|
||||||
@@ -144,13 +144,13 @@ impl DLEqProof {
|
|||||||
let R1 = (&s * &DTable) - (c * primary);
|
let R1 = (&s * &DTable) - (c * primary);
|
||||||
let R2 = (s * H) - (c * alt);
|
let R2 = (s * H) - (c * alt);
|
||||||
|
|
||||||
let expected_c = DScalar::from_hash(
|
let expected_c = dfg::Scalar::from_hash(
|
||||||
Blake2b512::new()
|
Blake2b512::new()
|
||||||
.chain(R1.compress().to_bytes())
|
.chain(R1.compress().to_bytes())
|
||||||
.chain(R2.compress().to_bytes())
|
.chain(R2.compress().to_bytes())
|
||||||
.chain(primary.compress().to_bytes())
|
.chain(primary.compress().to_bytes())
|
||||||
.chain(alt.compress().to_bytes())
|
.chain(alt.compress().to_bytes())
|
||||||
);
|
).0;
|
||||||
|
|
||||||
// Take the opportunity to ensure a lack of torsion in key images/randomness commitments
|
// Take the opportunity to ensure a lack of torsion in key images/randomness commitments
|
||||||
if (!primary.is_torsion_free()) || (!alt.is_torsion_free()) || (c != expected_c) {
|
if (!primary.is_torsion_free()) || (!alt.is_torsion_free()) || (c != expected_c) {
|
||||||
|
|||||||
Reference in New Issue
Block a user