Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Split out dleq proof from parameters #153

Merged
merged 5 commits into from
Oct 6, 2021
Merged

Split out dleq proof from parameters #153

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d2c9424
split out DLEQ proof from {Bob/Alice}Parameters
Lederstrumpf Oct 4, 2021
06c8a12
add commit&reveal structs for proofs
Lederstrumpf Oct 4, 2021
887ae23
Remove superfluous AliceProof/BobProof distinction
Lederstrumpf Oct 5, 2021
9a7186c
Also remove Alice/Bob proof protocol messages
Lederstrumpf Oct 5, 2021
65a4948
Remove proof commitment
Lederstrumpf Oct 6, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 28 additions & 8 deletions src/bundle.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,34 @@ use crate::crypto::{Keys, SharedKeyId, SharedSecretKeys, Signatures, TaggedEleme
use crate::protocol_message;
use crate::swap::Swap;

#[derive(Debug, Clone, Display)]
#[display(Debug)]
pub struct Proof<Ctx: Swap> {
pub proof: Ctx::Proof,
}

impl<Ctx> Encodable for Proof<Ctx>
where
Ctx: Swap,
{
fn consensus_encode<W: io::Write>(&self, s: &mut W) -> Result<usize, io::Error> {
self.proof.as_canonical_bytes().consensus_encode(s)
}
}

impl<Ctx> Decodable for Proof<Ctx>
where
Ctx: Swap,
{
fn consensus_decode<D: io::Read>(d: &mut D) -> Result<Self, consensus::Error> {
Ok(Self {
proof: Ctx::Proof::from_canonical_bytes(unwrap_vec_ref!(d).as_ref())?,
})
}
}

impl_strict_encoding!(Proof<Ctx>, Ctx: Swap);

/// Alice parameters required for the initialization step of a swap and used to generate the
/// [`CommitAliceParameters`] and [`RevealAliceParameters`] protocol messages in the commit/reveal
/// round.
Expand All @@ -37,7 +65,6 @@ pub struct AliceParameters<Ctx: Swap> {
pub accordant_shared_keys:
Vec<TaggedElement<SharedKeyId, <Ctx::Ac as SharedSecretKeys>::SharedSecretKey>>,
pub destination_address: <Ctx::Ar as Address>::Address,
pub proof: Ctx::Proof,
pub cancel_timelock: Option<<Ctx::Ar as Timelock>::Timelock>,
pub punish_timelock: Option<<Ctx::Ar as Timelock>::Timelock>,
pub fee_strategy: Option<FeeStrategy<<Ctx::Ar as Fee>::FeeUnit>>,
Expand All @@ -62,7 +89,6 @@ where
.destination_address
.as_canonical_bytes()
.consensus_encode(s)?;
len += self.proof.as_canonical_bytes().consensus_encode(s)?;
len += self.cancel_timelock.consensus_encode(s)?;
len += self.punish_timelock.consensus_encode(s)?;
Ok(len + self.fee_strategy.consensus_encode(s)?)
Expand Down Expand Up @@ -96,7 +122,6 @@ where
destination_address: <Ctx::Ar as Address>::Address::from_canonical_bytes(
unwrap_vec_ref!(d).as_ref(),
)?,
proof: Ctx::Proof::from_canonical_bytes(unwrap_vec_ref!(d).as_ref())?,
cancel_timelock: Decodable::consensus_decode(d)?,
punish_timelock: Decodable::consensus_decode(d)?,
fee_strategy: Decodable::consensus_decode(d)?,
Expand All @@ -123,7 +148,6 @@ where
extra_accordant_keys: msg.extra_accordant_keys,
accordant_shared_keys: msg.accordant_shared_keys,
destination_address: msg.address,
proof: msg.proof,
cancel_timelock: None,
punish_timelock: None,
fee_strategy: None,
Expand Down Expand Up @@ -152,7 +176,6 @@ pub struct BobParameters<Ctx: Swap> {
pub accordant_shared_keys:
Vec<TaggedElement<SharedKeyId, <Ctx::Ac as SharedSecretKeys>::SharedSecretKey>>,
pub refund_address: <Ctx::Ar as Address>::Address,
pub proof: Ctx::Proof,
pub cancel_timelock: Option<<Ctx::Ar as Timelock>::Timelock>,
pub punish_timelock: Option<<Ctx::Ar as Timelock>::Timelock>,
pub fee_strategy: Option<FeeStrategy<<Ctx::Ar as Fee>::FeeUnit>>,
Expand All @@ -176,7 +199,6 @@ where
.refund_address
.as_canonical_bytes()
.consensus_encode(s)?;
len += self.proof.as_canonical_bytes().consensus_encode(s)?;
len += self.cancel_timelock.consensus_encode(s)?;
len += self.punish_timelock.consensus_encode(s)?;
Ok(len + self.fee_strategy.consensus_encode(s)?)
Expand Down Expand Up @@ -207,7 +229,6 @@ where
refund_address: <Ctx::Ar as Address>::Address::from_canonical_bytes(
unwrap_vec_ref!(d).as_ref(),
)?,
proof: Ctx::Proof::from_canonical_bytes(unwrap_vec_ref!(d).as_ref())?,
cancel_timelock: Decodable::consensus_decode(d)?,
punish_timelock: Decodable::consensus_decode(d)?,
fee_strategy: Decodable::consensus_decode(d)?,
Expand All @@ -233,7 +254,6 @@ where
extra_accordant_keys: msg.extra_accordant_keys,
accordant_shared_keys: msg.accordant_shared_keys,
refund_address: msg.address,
proof: msg.proof,
cancel_timelock: None,
punish_timelock: None,
fee_strategy: None,
Expand Down
76 changes: 64 additions & 12 deletions src/protocol_message.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ fn verify_vec_of_commitments<T: Eq, K: CanonicalBytes, C: Clone + Eq>(
.map(|_| ())
}

// CommitAliceParameters

/// Forces Alice to commit to the result of her cryptographic setup before receiving Bob's setup.
/// This is done to remove adaptive behavior in the cryptographic parameters.
#[derive(Clone, Debug, Display)]
Expand Down Expand Up @@ -188,6 +190,8 @@ where
type Strategy = AsStrict;
}

// CommitBobParameters

/// Forces Bob to commit to the result of his cryptographic setup before receiving Alice's setup.
/// This is done to remove adaptive behavior in the cryptographic parameters.
#[derive(Clone, Debug, Display)]
Expand Down Expand Up @@ -318,6 +322,63 @@ where
type Strategy = AsStrict;
}

// RevealProof

/// Reveals the proof.
#[derive(Clone, Debug, Display)]
#[display(Debug)]
pub struct RevealProof<Ctx: Swap> {
/// The swap identifier related to this message.
pub swap_id: SwapId,
/// Reveal the cross-group discrete logarithm zero-knowledge proof.
pub proof: Ctx::Proof,
}

impl<Ctx> Encodable for RevealProof<Ctx>
where
Ctx: Swap,
{
fn consensus_encode<W: io::Write>(&self, s: &mut W) -> Result<usize, io::Error> {
let len = self.swap_id.consensus_encode(s)?;
Ok(len + self.proof.as_canonical_bytes().consensus_encode(s)?)
}
}

impl<Ctx> Decodable for RevealProof<Ctx>
where
Ctx: Swap,
{
fn consensus_decode<D: io::Read>(d: &mut D) -> Result<Self, consensus::Error> {
Ok(Self {
swap_id: Decodable::consensus_decode(d)?,
proof: Ctx::Proof::from_canonical_bytes(unwrap_vec_ref!(d).as_ref())?,
})
}
}

impl_strict_encoding!(RevealProof<Ctx>, Ctx: Swap);

impl<Ctx> Strategy for RevealProof<Ctx>
where
Ctx: Swap,
{
type Strategy = AsStrict;
}

impl<Ctx> From<(SwapId, bundle::Proof<Ctx>)> for RevealProof<Ctx>
where
Ctx: Swap,
{
fn from(bundle: (SwapId, bundle::Proof<Ctx>)) -> Self {
Self {
swap_id: bundle.0,
proof: bundle.1.proof,
}
}
}

// RevealAliceParameters

/// Reveals the parameters commited by the [`CommitAliceParameters`] protocol message.
#[derive(Clone, Debug, Display)]
#[display(Debug)]
Expand Down Expand Up @@ -348,8 +409,6 @@ pub struct RevealAliceParameters<Ctx: Swap> {
Vec<TaggedElement<SharedKeyId, <Ctx::Ac as SharedSecretKeys>::SharedSecretKey>>,
/// Reveal the destination address.
pub address: <Ctx::Ar as Address>::Address,
/// Reveal the cross-group discrete logarithm zero-knowledge proof.
pub proof: Ctx::Proof,
}

impl<Ctx> Encodable for RevealAliceParameters<Ctx>
Expand All @@ -365,11 +424,11 @@ where
len += self.adaptor.as_canonical_bytes().consensus_encode(s)?;
len += self.extra_arbitrating_keys.consensus_encode(s)?;
len += self.arbitrating_shared_keys.consensus_encode(s)?;
// this can go?
len += self.spend.as_canonical_bytes().consensus_encode(s)?;
len += self.extra_accordant_keys.consensus_encode(s)?;
len += self.accordant_shared_keys.consensus_encode(s)?;
len += self.address.as_canonical_bytes().consensus_encode(s)?;
Ok(len + self.proof.as_canonical_bytes().consensus_encode(s)?)
Ok(len + self.address.as_canonical_bytes().consensus_encode(s)?)
}
}

Expand Down Expand Up @@ -401,7 +460,6 @@ where
address: <Ctx::Ar as Address>::Address::from_canonical_bytes(
unwrap_vec_ref!(d).as_ref(),
)?,
proof: Ctx::Proof::from_canonical_bytes(unwrap_vec_ref!(d).as_ref())?,
})
}
}
Expand Down Expand Up @@ -433,7 +491,6 @@ where
extra_accordant_keys: bundle.1.extra_accordant_keys,
accordant_shared_keys: bundle.1.accordant_shared_keys,
address: bundle.1.destination_address,
proof: bundle.1.proof,
}
}
}
Expand Down Expand Up @@ -466,8 +523,6 @@ pub struct RevealBobParameters<Ctx: Swap> {
Vec<TaggedElement<SharedKeyId, <Ctx::Ac as SharedSecretKeys>::SharedSecretKey>>,
/// The refund Bitcoin address.
pub address: <Ctx::Ar as Address>::Address,
/// The cross-group discrete logarithm zero-knowledge proof.
pub proof: Ctx::Proof,
}

impl<Ctx> Encodable for RevealBobParameters<Ctx>
Expand All @@ -485,8 +540,7 @@ where
len += self.spend.as_canonical_bytes().consensus_encode(s)?;
len += self.extra_accordant_keys.consensus_encode(s)?;
len += self.accordant_shared_keys.consensus_encode(s)?;
len += self.address.as_canonical_bytes().consensus_encode(s)?;
Ok(len + self.proof.as_canonical_bytes().consensus_encode(s)?)
Ok(len + self.address.as_canonical_bytes().consensus_encode(s)?)
}
}

Expand Down Expand Up @@ -515,7 +569,6 @@ where
address: <Ctx::Ar as Address>::Address::from_canonical_bytes(
unwrap_vec_ref!(d).as_ref(),
)?,
proof: Ctx::Proof::from_canonical_bytes(unwrap_vec_ref!(d).as_ref())?,
})
}
}
Expand Down Expand Up @@ -546,7 +599,6 @@ where
extra_accordant_keys: bundle.1.extra_accordant_keys,
accordant_shared_keys: bundle.1.accordant_shared_keys,
address: bundle.1.refund_address,
proof: bundle.1.proof,
}
}
}
Expand Down
78 changes: 41 additions & 37 deletions src/role.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ use crate::blockchain::{
};
use crate::bundle::{
AliceParameters, BobParameters, CoreArbitratingTransactions, CosignedArbitratingCancel,
FullySignedBuy, FullySignedPunish, FullySignedRefund, SignedAdaptorBuy, SignedAdaptorRefund,
SignedArbitratingLock,
FullySignedBuy, FullySignedPunish, FullySignedRefund, Proof, SignedAdaptorBuy,
SignedAdaptorRefund, SignedArbitratingLock,
};
use crate::consensus::{self, Decodable, Encodable};
use crate::crypto::{
Expand Down Expand Up @@ -223,7 +223,7 @@ where
Ctx::Proof,
>,
public_offer: &PublicOffer<Ctx>,
) -> Res<AliceParameters<Ctx>> {
) -> Res<(AliceParameters<Ctx>, Proof<Ctx>)> {
let extra_arbitrating_keys: Res<TaggedExtraKeys<<Ctx::Ar as Keys>::PublicKey>> =
<Ctx::Ar as Keys>::extra_keys()
.into_iter()
Expand Down Expand Up @@ -264,23 +264,25 @@ where

let (spend, adaptor, proof) = key_gen.generate_proof()?;

Ok(AliceParameters {
buy: key_gen.get_pubkey(ArbitratingKeyId::Buy)?,
cancel: key_gen.get_pubkey(ArbitratingKeyId::Cancel)?,
refund: key_gen.get_pubkey(ArbitratingKeyId::Refund)?,
punish: key_gen.get_pubkey(ArbitratingKeyId::Punish)?,
adaptor,
extra_arbitrating_keys: extra_arbitrating_keys?,
arbitrating_shared_keys: arbitrating_shared_keys?,
spend,
extra_accordant_keys: extra_accordant_keys?,
accordant_shared_keys: accordant_shared_keys?,
destination_address: self.destination_address.clone(),
proof,
cancel_timelock: Some(public_offer.offer.cancel_timelock),
punish_timelock: Some(public_offer.offer.punish_timelock),
fee_strategy: Some(public_offer.offer.fee_strategy.clone()),
})
Ok((
AliceParameters {
buy: key_gen.get_pubkey(ArbitratingKeyId::Buy)?,
cancel: key_gen.get_pubkey(ArbitratingKeyId::Cancel)?,
refund: key_gen.get_pubkey(ArbitratingKeyId::Refund)?,
punish: key_gen.get_pubkey(ArbitratingKeyId::Punish)?,
adaptor,
extra_arbitrating_keys: extra_arbitrating_keys?,
arbitrating_shared_keys: arbitrating_shared_keys?,
spend,
extra_accordant_keys: extra_accordant_keys?,
accordant_shared_keys: accordant_shared_keys?,
destination_address: self.destination_address.clone(),
cancel_timelock: Some(public_offer.offer.cancel_timelock),
punish_timelock: Some(public_offer.offer.punish_timelock),
fee_strategy: Some(public_offer.offer.fee_strategy.clone()),
},
Proof { proof },
))
}

/// Generates the witness on the [`Refundable`] transaction and adaptor sign it.
Expand Down Expand Up @@ -791,7 +793,7 @@ impl<Ctx: Swap> Bob<Ctx> {
Ctx::Proof,
>,
public_offer: &PublicOffer<Ctx>,
) -> Res<BobParameters<Ctx>> {
) -> Res<(BobParameters<Ctx>, Proof<Ctx>)> {
let extra_arbitrating_keys: Res<TaggedExtraKeys<<Ctx::Ar as Keys>::PublicKey>> =
<Ctx::Ar as Keys>::extra_keys()
.into_iter()
Expand Down Expand Up @@ -832,22 +834,24 @@ impl<Ctx: Swap> Bob<Ctx> {

let (spend, adaptor, proof) = key_gen.generate_proof()?;

Ok(BobParameters {
buy: key_gen.get_pubkey(ArbitratingKeyId::Buy)?,
cancel: key_gen.get_pubkey(ArbitratingKeyId::Cancel)?,
refund: key_gen.get_pubkey(ArbitratingKeyId::Refund)?,
adaptor,
extra_arbitrating_keys: extra_arbitrating_keys?,
arbitrating_shared_keys: arbitrating_shared_keys?,
spend,
extra_accordant_keys: extra_accordant_keys?,
accordant_shared_keys: accordant_shared_keys?,
refund_address: self.refund_address.clone(),
proof,
cancel_timelock: Some(public_offer.offer.cancel_timelock),
punish_timelock: Some(public_offer.offer.punish_timelock),
fee_strategy: Some(public_offer.offer.fee_strategy.clone()),
})
Ok((
BobParameters {
buy: key_gen.get_pubkey(ArbitratingKeyId::Buy)?,
cancel: key_gen.get_pubkey(ArbitratingKeyId::Cancel)?,
refund: key_gen.get_pubkey(ArbitratingKeyId::Refund)?,
adaptor,
extra_arbitrating_keys: extra_arbitrating_keys?,
arbitrating_shared_keys: arbitrating_shared_keys?,
spend,
extra_accordant_keys: extra_accordant_keys?,
accordant_shared_keys: accordant_shared_keys?,
refund_address: self.refund_address.clone(),
cancel_timelock: Some(public_offer.offer.cancel_timelock),
punish_timelock: Some(public_offer.offer.punish_timelock),
fee_strategy: Some(public_offer.offer.fee_strategy.clone()),
},
Proof { proof },
))
}

/// Initialize the core arbitrating transactions composed of: [`Lockable`], [`Cancelable`], and
Expand Down
Loading