aboutsummaryrefslogtreecommitdiff
path: root/tests/performance_tests/sig_mlsag.h
diff options
context:
space:
mode:
Diffstat (limited to 'tests/performance_tests/sig_mlsag.h')
-rw-r--r--tests/performance_tests/sig_mlsag.h200
1 files changed, 134 insertions, 66 deletions
diff --git a/tests/performance_tests/sig_mlsag.h b/tests/performance_tests/sig_mlsag.h
index c9745b504..89645e155 100644
--- a/tests/performance_tests/sig_mlsag.h
+++ b/tests/performance_tests/sig_mlsag.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2019, The Monero Project
+// Copyright (c) 2014-2020, The Monero Project
//
// All rights reserved.
//
@@ -31,74 +31,142 @@
#pragma once
#include "ringct/rctSigs.h"
-#include "cryptonote_basic/cryptonote_basic.h"
+#include "ringct/rctTypes.h"
#include "device/device.hpp"
-#include "single_tx_test_base.h"
-
using namespace rct;
-template<size_t ring_size, size_t index>
-class test_sig_mlsag : public single_tx_test_base
+template<size_t a_N, size_t a_T, size_t a_w>
+class test_sig_mlsag
{
-public:
- static const size_t N = ring_size;
- static const size_t loop_count = 1000;
- static const size_t l = index;
-
- bool init()
- {
- if (!single_tx_test_base::init())
- return false;
-
- message = skGen();
-
- // Random signing/commitment keys
- pubs.reserve(N);
- for (size_t i = 0; i < N; i++)
- {
- key sk;
- ctkey tmp;
-
- skpkGen(sk, tmp.dest);
- skpkGen(sk, tmp.mask);
-
- pubs.push_back(tmp);
- }
-
- // Signing key
- key p;
- skpkGen(p,pubs[l].dest);
-
- // Commitment key
- key t,u;
- t = skGen();
- u = skGen();
- addKeys2(pubs[l].mask,t,u,H);
-
- // Offset
- key t2;
- t2 = skGen();
- addKeys2(C_offset,t2,u,H);
-
- // Final signing keys
- ctkey insk;
- insk.dest = p;
- insk.mask = t;
-
- sig = proveRctMGSimple(message,pubs,insk,t2,C_offset,NULL,NULL,l,hw::get_device("default"));
-
- return true;
- }
-
- bool test()
- {
- return verRctMGSimple(message,sig,pubs,C_offset);
- }
-
-private:
- ctkeyV pubs;
- key C_offset;
- mgSig sig;
- key message;
+ public:
+ static const size_t loop_count = 1000;
+ static const size_t N = a_N;
+ static const size_t T = a_T;
+ static const size_t w = a_w;
+
+ bool init()
+ {
+ pubs.reserve(N);
+ pubs.resize(N);
+
+ r = keyV(w); // M[l[u]] = Com(0,r[u])
+
+ a = keyV(w); // P[l[u]] = Com(a[u],s[u])
+ s = keyV(w);
+
+ Q = keyV(T); // Q[j] = Com(b[j],t[j])
+ b = keyV(T);
+ t = keyV(T);
+
+ // Random keys
+ key temp;
+ for (size_t k = 0; k < N; k++)
+ {
+ skpkGen(temp,pubs[k].dest);
+ skpkGen(temp,pubs[k].mask);
+ }
+
+ // Signing and commitment keys (assumes fixed signing indices 0,1,...,w-1 for this test)
+ // TODO: random signing indices
+ C_offsets = keyV(w); // P[l[u]] - C_offsets[u] = Com(0,s[u]-s1[u])
+ s1 = keyV(w);
+ key a_sum = zero();
+ key s1_sum = zero();
+ messages = keyV(w);
+ for (size_t u = 0; u < w; u++)
+ {
+ skpkGen(r[u],pubs[u].dest); // M[u] = Com(0,r[u])
+
+ a[u] = skGen(); // P[u] = Com(a[u],s[u])
+ s[u] = skGen();
+ addKeys2(pubs[u].mask,s[u],a[u],H);
+
+ s1[u] = skGen(); // C_offsets[u] = Com(a[u],s1[u])
+ addKeys2(C_offsets[u],s1[u],a[u],H);
+
+ sc_add(a_sum.bytes,a_sum.bytes,a[u].bytes);
+ sc_add(s1_sum.bytes,s1_sum.bytes,s1[u].bytes);
+
+ messages[u] = skGen();
+ }
+
+ // Outputs
+ key b_sum = zero();
+ key t_sum = zero();
+ for (size_t j = 0; j < T-1; j++)
+ {
+ b[j] = skGen(); // Q[j] = Com(b[j],t[j])
+ t[j] = skGen();
+ addKeys2(Q[j],t[j],b[j],H);
+
+ sc_add(b_sum.bytes,b_sum.bytes,b[j].bytes);
+ sc_add(t_sum.bytes,t_sum.bytes,t[j].bytes);
+ }
+ // Value/mask balance for Q[T-1]
+ sc_sub(b[T-1].bytes,a_sum.bytes,b_sum.bytes);
+ sc_sub(t[T-1].bytes,s1_sum.bytes,t_sum.bytes);
+ addKeys2(Q[T-1],t[T-1],b[T-1],H);
+
+ // Build proofs
+ sigs.reserve(w);
+ sigs.resize(0);
+ ctkey sk;
+ for (size_t u = 0; u < w; u++)
+ {
+ sk.dest = r[u];
+ sk.mask = s[u];
+
+ sigs.push_back(proveRctMGSimple(messages[u],pubs,sk,s1[u],C_offsets[u],NULL,NULL,u,hw::get_device("default")));
+ }
+
+ return true;
+ }
+
+ bool test()
+ {
+ for (size_t u = 0; u < w; u++)
+ {
+ if (!verRctMGSimple(messages[u],sigs[u],pubs,C_offsets[u]))
+ {
+ return false;
+ }
+ }
+
+ // Check balanace
+ std::vector<MultiexpData> balance;
+ balance.reserve(w + T);
+ balance.resize(0);
+ key ZERO = zero();
+ key ONE = identity();
+ key MINUS_ONE;
+ sc_sub(MINUS_ONE.bytes,ZERO.bytes,ONE.bytes);
+ for (size_t u = 0; u < w; u++)
+ {
+ balance.push_back({ONE,C_offsets[u]});
+ }
+ for (size_t j = 0; j < T; j++)
+ {
+ balance.push_back({MINUS_ONE,Q[j]});
+ }
+ if (!(straus(balance) == ONE)) // group identity
+ {
+ return false;
+ }
+
+ return true;
+ }
+
+ private:
+ ctkeyV pubs;
+ keyV Q;
+ keyV r;
+ keyV s;
+ keyV s1;
+ keyV t;
+ keyV a;
+ keyV b;
+ keyV C_offsets;
+ keyV messages;
+ std::vector<mgSig> sigs;
};