aboutsummaryrefslogtreecommitdiff
path: root/tests/core_tests/bulletproofs.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'tests/core_tests/bulletproofs.cpp')
-rw-r--r--tests/core_tests/bulletproofs.cpp339
1 files changed, 339 insertions, 0 deletions
diff --git a/tests/core_tests/bulletproofs.cpp b/tests/core_tests/bulletproofs.cpp
new file mode 100644
index 000000000..3f2a2567c
--- /dev/null
+++ b/tests/core_tests/bulletproofs.cpp
@@ -0,0 +1,339 @@
+// Copyright (c) 2014-2018, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#include "ringct/rctSigs.h"
+#include "ringct/bulletproofs.h"
+#include "chaingen.h"
+#include "bulletproofs.h"
+#include "device/device.hpp"
+
+using namespace epee;
+using namespace crypto;
+using namespace cryptonote;
+
+//----------------------------------------------------------------------------------------------------------------------
+// Tests
+
+bool gen_bp_tx_validation_base::generate_with(std::vector<test_event_entry>& events,
+ const int *out_idx, int mixin, size_t n_txes, const uint64_t *amounts_paid, bool valid, const bool *multi_out,
+ const std::function<bool(std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations, size_t tx_idx)> &pre_tx,
+ const std::function<bool(transaction &tx, size_t tx_idx)> &post_tx) const
+{
+ uint64_t ts_start = 1338224400;
+
+ GENERATE_ACCOUNT(miner_account);
+ MAKE_GENESIS_BLOCK(events, blk_0, miner_account, ts_start);
+
+ // create 8 miner accounts, and have them mine the next 8 blocks
+ cryptonote::account_base miner_accounts[8];
+ const cryptonote::block *prev_block = &blk_0;
+ cryptonote::block blocks[8 + CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW];
+ for (size_t n = 0; n < 8; ++n) {
+ miner_accounts[n].generate();
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blocks[n], *prev_block, miner_accounts[n],
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_hf_version,
+ 2, 2, prev_block->timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), std::vector<crypto::hash>(), 0, 0, 2),
+ false, "Failed to generate block");
+ events.push_back(blocks[n]);
+ prev_block = blocks + n;
+ LOG_PRINT_L0("Initial miner tx " << n << ": " << obj_to_json_str(blocks[n].miner_tx));
+ }
+
+ // rewind
+ cryptonote::block blk_r, blk_last;
+ {
+ blk_last = blocks[7];
+ for (size_t i = 0; i < CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW; ++i)
+ {
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blocks[8+i], blk_last, miner_account,
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_hf_version,
+ 2, 2, blk_last.timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), std::vector<crypto::hash>(), 0, 0, 2),
+ false, "Failed to generate block");
+ events.push_back(blocks[8+i]);
+ blk_last = blocks[8+i];
+ }
+ blk_r = blk_last;
+ }
+
+ // create 4 txes from these miners in another block, to generate some rct outputs
+ std::vector<transaction> rct_txes;
+ cryptonote::block blk_txes;
+ std::vector<crypto::hash> starting_rct_tx_hashes;
+ static const uint64_t input_amounts_available[] = {5000000000000, 30000000000000, 100000000000, 80000000000};
+ for (size_t n = 0; n < n_txes; ++n)
+ {
+ std::vector<tx_source_entry> sources;
+
+ sources.resize(1);
+ tx_source_entry& src = sources.back();
+
+ const uint64_t needed_amount = input_amounts_available[n];
+ src.amount = input_amounts_available[n];
+ size_t real_index_in_tx = 0;
+ for (size_t m = 0; m < 7; ++m) {
+ size_t index_in_tx = 0;
+ for (size_t i = 0; i < blocks[m].miner_tx.vout.size(); ++i)
+ if (blocks[m].miner_tx.vout[i].amount == needed_amount)
+ index_in_tx = i;
+ CHECK_AND_ASSERT_MES(blocks[m].miner_tx.vout[index_in_tx].amount == needed_amount, false, "Expected amount not found");
+ src.push_output(m, boost::get<txout_to_key>(blocks[m].miner_tx.vout[index_in_tx].target).key, src.amount);
+ if (m == n)
+ real_index_in_tx = index_in_tx;
+ }
+ src.real_out_tx_key = cryptonote::get_tx_pub_key_from_extra(blocks[n].miner_tx);
+ src.real_output = n;
+ src.real_output_in_tx_index = real_index_in_tx;
+ src.mask = rct::identity();
+ src.rct = false;
+
+ //fill outputs entry
+ tx_destination_entry td;
+ td.addr = miner_accounts[n].get_keys().m_account_address;
+ std::vector<tx_destination_entry> destinations;
+ for (int o = 0; amounts_paid[o] != (uint64_t)-1; ++o)
+ {
+ td.amount = amounts_paid[o];
+ destinations.push_back(td);
+ }
+
+ if (pre_tx && !pre_tx(sources, destinations, n))
+ {
+ MDEBUG("pre_tx returned failure");
+ return false;
+ }
+
+ crypto::secret_key tx_key;
+ std::vector<crypto::secret_key> additional_tx_keys;
+ std::unordered_map<crypto::public_key, cryptonote::subaddress_index> subaddresses;
+ subaddresses[miner_accounts[n].get_keys().m_account_address.m_spend_public_key] = {0,0};
+ rct_txes.resize(rct_txes.size() + 1);
+ bool r = construct_tx_and_get_tx_key(miner_accounts[n].get_keys(), subaddresses, sources, destinations, cryptonote::account_public_address{}, std::vector<uint8_t>(), rct_txes.back(), 0, tx_key, additional_tx_keys, true, multi_out[n] ? rct::RangeProofMultiOutputBulletproof : rct::RangeProofBulletproof);
+ CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction");
+
+ if (post_tx && !post_tx(rct_txes.back(), n))
+ {
+ MDEBUG("post_tx returned failure");
+ return false;
+ }
+
+ //events.push_back(rct_txes.back());
+ starting_rct_tx_hashes.push_back(get_transaction_hash(rct_txes.back()));
+ LOG_PRINT_L0("Test tx: " << obj_to_json_str(rct_txes.back()));
+
+ for (int o = 0; amounts_paid[o] != (uint64_t)-1; ++o)
+ {
+ crypto::key_derivation derivation;
+ bool r = crypto::generate_key_derivation(destinations[o].addr.m_view_public_key, tx_key, derivation);
+ CHECK_AND_ASSERT_MES(r, false, "Failed to generate key derivation");
+ crypto::secret_key amount_key;
+ crypto::derivation_to_scalar(derivation, o, amount_key);
+ rct::key rct_tx_mask;
+ if (rct_txes.back().rct_signatures.type == rct::RCTTypeSimple || rct_txes.back().rct_signatures.type == rct::RCTTypeBulletproof)
+ rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
+ else
+ rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
+ }
+
+ while (amounts_paid[0] != (size_t)-1)
+ ++amounts_paid;
+ ++amounts_paid;
+ }
+ if (!valid)
+ DO_CALLBACK(events, "mark_invalid_tx");
+ events.push_back(rct_txes);
+
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blk_txes, blk_last, miner_account,
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_tx_hashes | test_generator::bf_hf_version | test_generator::bf_max_outs,
+ 8, 8, blk_last.timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), starting_rct_tx_hashes, 0, 6, 8),
+ false, "Failed to generate block");
+ if (!valid)
+ DO_CALLBACK(events, "mark_invalid_block");
+ events.push_back(blk_txes);
+ blk_last = blk_txes;
+
+ return true;
+}
+
+bool gen_bp_tx_validation_base::check_bp(const cryptonote::transaction &tx, size_t tx_idx, const size_t *sizes, const char *context) const
+{
+ DEFINE_TESTS_ERROR_CONTEXT(context);
+ CHECK_TEST_CONDITION(tx.version >= 2);
+ CHECK_TEST_CONDITION(rct::is_rct_bulletproof(tx.rct_signatures.type));
+ size_t n_sizes = 0, n_amounts = 0;
+ for (size_t n = 0; n < tx_idx; ++n)
+ {
+ while (sizes[0] != (size_t)-1)
+ ++sizes;
+ ++sizes;
+ }
+ while (sizes[n_sizes] != (size_t)-1)
+ n_amounts += sizes[n_sizes++];
+ CHECK_TEST_CONDITION(tx.rct_signatures.p.bulletproofs.size() == n_sizes);
+ CHECK_TEST_CONDITION(rct::n_bulletproof_amounts(tx.rct_signatures.p.bulletproofs) == n_amounts);
+ for (size_t n = 0; n < n_sizes; ++n)
+ CHECK_TEST_CONDITION(rct::n_bulletproof_amounts(tx.rct_signatures.p.bulletproofs[n]) == sizes[n]);
+ return true;
+}
+
+bool gen_bp_tx_valid_1::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {10000, (uint64_t)-1};
+ const size_t bp_sizes[] = {1, (size_t)-1};
+ const bool multi_out[] = {false};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_tx_valid_1"); });
+}
+
+bool gen_bp_tx_valid_1_1::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {5000, 5000, (uint64_t)-1};
+ const size_t bp_sizes[] = {1, 1, (size_t)-1};
+ const bool multi_out[] = {false};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_tx_valid_1_1"); });
+}
+
+bool gen_bp_tx_valid_2::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {5000, 5000, (uint64_t)-1};
+ const size_t bp_sizes[] = {2, (size_t)-1};
+ const bool multi_out[] = {true};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_tx_valid_2"); });
+}
+
+bool gen_bp_tx_valid_4_2_1::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {1000, 1000, 1000, 1000, 1000, 1000, 1000, (uint64_t)-1};
+ const size_t bp_sizes[] = {4, 2, 1, (size_t)-1};
+ const bool multi_out[] = {true};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_tx_valid_4_2_1"); });
+}
+
+bool gen_bp_tx_valid_16_16::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, (uint64_t)-1};
+ const size_t bp_sizes[] = {16, 16, (size_t)-1};
+ const bool multi_out[] = {true};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_tx_valid_16_16"); });
+}
+
+bool gen_bp_txs_valid_2_and_2::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {1000, 1000, (size_t)-1, 1000, 1000, (uint64_t)-1};
+ const size_t bp_sizes[] = {2, (size_t)-1, 2, (size_t)-1};
+ const bool multi_out[] = {true};
+ return generate_with(events, out_idx, mixin, 2, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_txs_valid_2_2"); });
+}
+
+bool gen_bp_txs_valid_1_1_and_8_2_and_16_16_1::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {1000, 1000, (uint64_t)-1, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, (uint64_t)-1, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, (uint64_t)-1};
+ const bool multi_out[] = {false, true, true};
+ const size_t bp_sizes[] = {1, 1, (size_t)-1, 8, 2, (size_t)-1, 16, 16, 1, (size_t)-1};
+ return generate_with(events, out_idx, mixin, 3, amounts_paid, true, multi_out, NULL, [&](const cryptonote::transaction &tx, size_t tx_idx){ return check_bp(tx, tx_idx, bp_sizes, "gen_bp_txs_valid_1_1_and_8_2_and_16_16_1"); });
+}
+
+bool gen_bp_tx_invalid_not_enough_proofs::generate(std::vector<test_event_entry>& events) const
+{
+ DEFINE_TESTS_ERROR_CONTEXT("gen_bp_tx_invalid_not_enough_proofs");
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {10000, (uint64_t)-1};
+ const bool multi_out[] = {false};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, false, multi_out, NULL, [&](cryptonote::transaction &tx, size_t idx){
+ CHECK_TEST_CONDITION(tx.rct_signatures.type == rct::RCTTypeBulletproof);
+ CHECK_TEST_CONDITION(!tx.rct_signatures.p.bulletproofs.empty());
+ tx.rct_signatures.p.bulletproofs.pop_back();
+ return true;
+ });
+}
+
+bool gen_bp_tx_invalid_too_many_proofs::generate(std::vector<test_event_entry>& events) const
+{
+ DEFINE_TESTS_ERROR_CONTEXT("gen_bp_tx_invalid_too_many_proofs");
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {10000, (uint64_t)-1};
+ const bool multi_out[] = {false};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, false, multi_out, NULL, [&](cryptonote::transaction &tx, size_t idx){
+ CHECK_TEST_CONDITION(tx.rct_signatures.type == rct::RCTTypeBulletproof);
+ CHECK_TEST_CONDITION(!tx.rct_signatures.p.bulletproofs.empty());
+ tx.rct_signatures.p.bulletproofs.push_back(tx.rct_signatures.p.bulletproofs.back());
+ return true;
+ });
+}
+
+bool gen_bp_tx_invalid_wrong_amount::generate(std::vector<test_event_entry>& events) const
+{
+ DEFINE_TESTS_ERROR_CONTEXT("gen_bp_tx_invalid_wrong_amount");
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {10000, (uint64_t)-1};
+ const bool multi_out[] = {false};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, false, multi_out, NULL, [&](cryptonote::transaction &tx, size_t idx){
+ CHECK_TEST_CONDITION(tx.rct_signatures.type == rct::RCTTypeBulletproof);
+ CHECK_TEST_CONDITION(!tx.rct_signatures.p.bulletproofs.empty());
+ tx.rct_signatures.p.bulletproofs.back() = rct::bulletproof_PROVE(1000, rct::skGen());
+ return true;
+ });
+}
+
+bool gen_bp_tx_invalid_switched::generate(std::vector<test_event_entry>& events) const
+{
+ DEFINE_TESTS_ERROR_CONTEXT("gen_bp_tx_invalid_switched");
+ const int mixin = 6;
+ const int out_idx[] = {1, -1};
+ const uint64_t amounts_paid[] = {5000, 5000, (uint64_t)-1};
+ const bool multi_out[] = {false};
+ return generate_with(events, out_idx, mixin, 1, amounts_paid, false, multi_out, NULL, [&](cryptonote::transaction &tx, size_t tx_idx){
+ CHECK_TEST_CONDITION(tx.rct_signatures.type == rct::RCTTypeBulletproof);
+ CHECK_TEST_CONDITION(tx.rct_signatures.p.bulletproofs.size() == 2);
+ rct::Bulletproof proof = tx.rct_signatures.p.bulletproofs[0];
+ tx.rct_signatures.p.bulletproofs[0] = tx.rct_signatures.p.bulletproofs[1];
+ tx.rct_signatures.p.bulletproofs[1] = proof;
+ return true;
+ });
+}
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-15 21:46:06 +0000