aboutsummaryrefslogtreecommitdiff
path: root/src/ringct
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-07-18 22:24:53 +0100
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-09-11 13:38:07 +0000
commit5ffb2ff9b7c301eda5811a939c705f26627c4735 (patch)
treeac1ed0c55f69db9e65ebca9567bf3013e55c3bb6 /src/ringct
parentbulletproofs: a few fixes from the Kudelski review (diff)
downloadmonero-5ffb2ff9b7c301eda5811a939c705f26627c4735.tar.xz
v8: per byte fee, pad bulletproofs, fixed 11 ring size
Diffstat (limited to 'src/ringct')
-rw-r--r--src/ringct/rctSigs.cpp15
-rw-r--r--src/ringct/rctTypes.cpp47
-rw-r--r--src/ringct/rctTypes.h7
3 files changed, 64 insertions, 5 deletions
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp
index d2dc87e27..dbbf29fd1 100644
--- a/src/ringct/rctSigs.cpp
+++ b/src/ringct/rctSigs.cpp
@@ -758,7 +758,20 @@ namespace rct {
std::vector<uint64_t> proof_amounts;
size_t n_amounts = outamounts.size();
size_t amounts_proved = 0;
- while (amounts_proved < n_amounts)
+ if (range_proof_type == RangeProofPaddedBulletproof)
+ {
+ rct::keyV C, masks;
+ rv.p.bulletproofs.push_back(proveRangeBulletproof(C, masks, outamounts));
+ #ifdef DBG
+ CHECK_AND_ASSERT_THROW_MES(verBulletproof(rv.p.bulletproofs.back()), "verBulletproof failed on newly created proof");
+ #endif
+ for (i = 0; i < outamounts.size(); ++i)
+ {
+ rv.outPk[i].mask = C[i];
+ outSk[i].mask = masks[i];
+ }
+ }
+ else while (amounts_proved < n_amounts)
{
size_t batch_size = 1;
if (range_proof_type == RangeProofMultiOutputBulletproof)
diff --git a/src/ringct/rctTypes.cpp b/src/ringct/rctTypes.cpp
index 5dd59aec3..90ed65df0 100644
--- a/src/ringct/rctTypes.cpp
+++ b/src/ringct/rctTypes.cpp
@@ -29,6 +29,7 @@
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "misc_log_ex.h"
+#include "cryptonote_config.h"
#include "rctTypes.h"
using namespace crypto;
using namespace std;
@@ -233,11 +234,29 @@ namespace rct {
}
}
+ bool is_rct_borromean(int type)
+ {
+ switch (type)
+ {
+ case RCTTypeSimple:
+ case RCTTypeFull:
+ return true;
+ default:
+ return false;
+ }
+ }
+
size_t n_bulletproof_amounts(const Bulletproof &proof)
{
CHECK_AND_ASSERT_MES(proof.L.size() >= 6, 0, "Invalid bulletproof L size");
- CHECK_AND_ASSERT_MES(proof.L.size() <= 31, 0, "Insane bulletproof L size");
- return 1 << (proof.L.size() - 6);
+ CHECK_AND_ASSERT_MES(proof.L.size() == proof.R.size(), 0, "Mismatched bulletproof L/R size");
+ static const size_t extra_bits = 4;
+ static_assert((1 << extra_bits) == BULLETPROOF_MAX_OUTPUTS, "log2(BULLETPROOF_MAX_OUTPUTS) is out of date");
+ CHECK_AND_ASSERT_MES(proof.L.size() <= 6 + extra_bits, 0, "Invalid bulletproof L size");
+ CHECK_AND_ASSERT_MES(proof.V.size() <= (1u<<(proof.L.size()-6)), 0, "Invalid bulletproof V/L");
+ CHECK_AND_ASSERT_MES(proof.V.size() * 2 > (1u<<(proof.L.size()-6)), 0, "Invalid bulletproof V/L");
+ CHECK_AND_ASSERT_MES(proof.V.size() > 0, 0, "Empty bulletproof");
+ return proof.V.size();
}
size_t n_bulletproof_amounts(const std::vector<Bulletproof> &proofs)
@@ -254,4 +273,28 @@ namespace rct {
return n;
}
+ size_t n_bulletproof_max_amounts(const Bulletproof &proof)
+ {
+ CHECK_AND_ASSERT_MES(proof.L.size() >= 6, 0, "Invalid bulletproof L size");
+ CHECK_AND_ASSERT_MES(proof.L.size() == proof.R.size(), 0, "Mismatched bulletproof L/R size");
+ static const size_t extra_bits = 4;
+ static_assert((1 << extra_bits) == BULLETPROOF_MAX_OUTPUTS, "log2(BULLETPROOF_MAX_OUTPUTS) is out of date");
+ CHECK_AND_ASSERT_MES(proof.L.size() <= 6 + extra_bits, 0, "Invalid bulletproof L size");
+ return 1 << (proof.L.size() - 6);
+ }
+
+ size_t n_bulletproof_max_amounts(const std::vector<Bulletproof> &proofs)
+ {
+ size_t n = 0;
+ for (const Bulletproof &proof: proofs)
+ {
+ size_t n2 = n_bulletproof_max_amounts(proof);
+ CHECK_AND_ASSERT_MES(n2 < std::numeric_limits<uint32_t>::max() - n, 0, "Invalid number of bulletproofs");
+ if (n2 == 0)
+ return 0;
+ n += n2;
+ }
+ return n;
+ }
+
}
diff --git a/src/ringct/rctTypes.h b/src/ringct/rctTypes.h
index 894f747b8..5c02f92aa 100644
--- a/src/ringct/rctTypes.h
+++ b/src/ringct/rctTypes.h
@@ -214,7 +214,9 @@ namespace rct {
};
size_t n_bulletproof_amounts(const Bulletproof &proof);
+ size_t n_bulletproof_max_amounts(const Bulletproof &proof);
size_t n_bulletproof_amounts(const std::vector<Bulletproof> &proofs);
+ size_t n_bulletproof_max_amounts(const std::vector<Bulletproof> &proofs);
//A container to hold all signatures necessary for RingCT
// rangeSigs holds all the rangeproof data of a transaction
@@ -229,7 +231,7 @@ namespace rct {
RCTTypeSimple = 2,
RCTTypeBulletproof = 3,
};
- enum RangeProofType { RangeProofBorromean, RangeProofBulletproof, RangeProofMultiOutputBulletproof };
+ enum RangeProofType { RangeProofBorromean, RangeProofBulletproof, RangeProofMultiOutputBulletproof, RangeProofPaddedBulletproof };
struct rctSigBase {
uint8_t type;
key message;
@@ -324,7 +326,7 @@ namespace rct {
if (nbp - i > 1)
ar.delimit_array();
}
- if (n_bulletproof_amounts(bulletproofs) != outputs)
+ if (n_bulletproof_max_amounts(bulletproofs) < outputs)
return false;
ar.end_array();
}
@@ -528,6 +530,7 @@ namespace rct {
bool is_rct_simple(int type);
bool is_rct_bulletproof(int type);
+ bool is_rct_borromean(int type);
static inline const rct::key &pk2rct(const crypto::public_key &pk) { return (const rct::key&)pk; }
static inline const rct::key &sk2rct(const crypto::secret_key &sk) { return (const rct::key&)sk; }