def MLSAG_Gen(pk, xx, index ): rows = len(xx) cols = len(pk[0]) print("Generating MG sig of size ", rows, "x", cols) c= [None] * cols alpha = skvGen(rows) I = keyImageV(xx) L = keyMatrix(rows, cols) R = keyMatrix(rows, cols) s = keyMatrix(rows, cols) m = ''.join(pk[0]) for i in range(1, cols): m = m + ''.join(pk[i]) L[index] = [MiniNero.scalarmultBase(aa) for aa in alpha] #L = aG Hi = hashKeyVector(pk[index]) R[index] = [MiniNero.scalarmultKey(Hi[ii], alpha[ii]) for ii in range(0, rows)] #R = aI oldi = index i = (index + 1) % cols c[i] = MiniNero.cn_fast_hash(m+''.join(L[oldi]) + ''.join(R[oldi])) while i != index: s[i] = skvGen(rows) L[i] = [MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows)] Hi = hashKeyVector(pk[i]) R[i] = [MiniNero.addKeys2( s[i][j], Hi[j], c[i], I[j]) for j in range(0, rows)] oldi = i i = (i + 1) % cols c[i] = MiniNero.cn_fast_hash(m+''.join(L[oldi]) + ''.join(R[oldi])) print("L", L) print("R", R) s[index] = [MiniNero.sc_mulsub_keys(alpha[j], c[index], xx[j]) for j in range(0, rows)] #alpha - c * x return I, c[0], s
def LLW_Sig(pk, xx, index): n = len(pk) print("Generating LLW sig of length ", n) L = [None] * n R = [None] * n c = [None] * n s = [PaperWallet.skGen() for i in range(0, n)] HP = [MiniNero.hashToPoint_ct(i) for i in pk] pj = ''.join(pk) keyimage = keyImage(xx) #ok s[index] = MiniNero.mul_8(s[index]) L[index] = MiniNero.scalarmultBase(s[index]) R[index] = MiniNero.scalarmultKey(HP[index], s[index]) #aH j = (index + 1) % n c[j] = MiniNero.cn_fast_hash(pj + L[index] + R[index]) while j != index: L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]), MiniNero.scalarmultKey(pk[j], c[j])) #Lj = sG + cxG R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]), MiniNero.scalarmultKey(keyimage, c[j])) #Rj = sH + cxH cj = (j + 1) % n c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j]) #c j+1 = H(pk + Lj + Rj j = cj #increment j s[index] = MiniNero.sc_mulsub_keys(s[index], c[index], xx) #si = a - c x so a = s + c x print("sigma = ", keyimage, c[0], s[:]) return keyimage, c[0], s[:]
def ecdhDecode(masked, receiverSk): rv = ecdhTuple() #compute shared secret sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(masked.senderPk, receiverSk)) sharedSec2 = MiniNero.cn_fast_hash(sharedSec1) #encode rv.mask = MiniNero.sc_sub_keys(masked.mask, sharedSec1) rv.amount = MiniNero.sc_sub_keys(masked.amount, sharedSec1) return rv
def ecdhEncode(unmasked, receiverPk): rv = ecdhTuple() #compute shared secret esk, rv.senderPk = PaperWallet.skpkGen() sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(receiverPk, esk)) sharedSec2 = MiniNero.cn_fast_hash(sharedSec1) #encode rv.mask = MiniNero.sc_add_keys(unmasked.mask, sharedSec1) rv.amount = MiniNero.sc_add_keys(unmasked.amount, sharedSec1) return rv
def ecdhDecode(masked, receiverSk): rv = ecdhTuple() #compute shared secret sharedSec1 = MiniNero.cn_fast_hash( MiniNero.scalarmultKey(masked.senderPk, receiverSk)) sharedSec2 = MiniNero.cn_fast_hash(sharedSec1) #encode rv.mask = MiniNero.sc_sub_keys(masked.mask, sharedSec1) rv.amount = MiniNero.sc_sub_keys(masked.amount, sharedSec1) return rv
def ecdhEncode(unmasked, receiverPk): rv = ecdhTuple() #compute shared secret esk, rv.senderPk = PaperWallet.skpkGen() sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(receiverPk, esk)); sharedSec2 = MiniNero.cn_fast_hash(sharedSec1) #encode rv.mask = MiniNero.sc_add_keys(unmasked.mask, sharedSec1) rv.amount = MiniNero.sc_add_keys(unmasked.amount, sharedSec1) return rv
def VerSchnorrNonLinkable(P1, P2, L1, s1, s2): c2 = MiniNero.cn_fast_hash(L1) L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2), MiniNero.scalarmultKey(P2, c2)) c1 = MiniNero.cn_fast_hash(L2) L1p = MiniNero.addKeys(MiniNero.scalarmultBase(s1), MiniNero.scalarmultKey(P1, c1)) if L1 == L1p: print"Verified" return 0 else: print "Didn't verify" print(L1,"!=", L1p) return -1
def VerSchnorrNonLinkable(P1, P2, L1, s1, s2): c2 = MiniNero.cn_fast_hash(L1) L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2), MiniNero.scalarmultKey(P2, c2)) c1 = MiniNero.cn_fast_hash(L2) L1p = MiniNero.addKeys(MiniNero.scalarmultBase(s1), MiniNero.scalarmultKey(P1, c1)) if L1 == L1p: print "Verified" return 0 else: print "Didn't verify" print(L1, "!=", L1p) return -1
def MLSAG_Ver(pk, keyimage, c1, s ): rows = len(pk) cols = len(pk[0]) print("verifying MLSAG sig of dimensions ",rows ,"x ", cols) L = [[None]*cols] R = [[None]*cols] pj = ''.join(pk[0]) for i in range(1, rows): L.append([None] * cols) R.append([None] * cols) pj = pj + ''.join(pk[i]) c= [None]*(cols+1) #you do an extra one, and then check the wrap around HP = [[MiniNero.hashToPoint_cn(i) for i in pk[0]]] for j in range(1, rows): HP.append([MiniNero.hashToPoint_cn(i) for i in pk[j]]) c[0] = c1 j = 0 while j < cols: tohash = pj for i in range(0, rows): L[i][j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[i][j]), MiniNero.scalarmultKey(pk[i][j], c[j])) R[i][j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[i][j], s[i][j]), MiniNero.scalarmultKey(keyimage[i], c[j])) tohash = tohash + L[i][j] + R[i][j] j = j + 1 c[j] = MiniNero.cn_fast_hash(tohash) rv = (c[0] == c[cols]) print("c", c) print("sig verifies?", rv) return rv
def MLSAG_Ver(pk, I, c0, s ): rows = len(pk) cols = len(pk[0]) print("verifying MG sig of dimensions ",rows ,"x ", cols) c= [None] * (cols + 1) c[0] = c0 L = keyMatrix(rows, cols) R = keyMatrix(rows, cols) m = ''.join(pk[0]) for i in range(1, cols): m = m + ''.join(pk[i]) i = 0 while i < cols: L[i] = [MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows)] Hi = hashKeyVector(pk[i]) R[i] = [MiniNero.addKeys2( s[i][j], Hi[j], c[i], I[j]) for j in range(0, rows)] oldi = i i = i + 1 c[i] = MiniNero.cn_fast_hash(m+''.join(L[oldi]) + ''.join(R[oldi])) print("L", L) print("R", R) print("c", c) return (c0 == c[cols])
def VerSchnorr(hash_prefix, pub, r, c): #hash_prefix = binascii.hexlify(prefix) check1 = MiniNero.toPoint(pub) comm = MiniNero.addKeys(MiniNero.scalarmultKey(pub,c), MiniNero.scalarmultBase(r)) c2 = MiniNero.cn_fast_hash(hash_prefix + pub + comm) print(MiniNero.sc_sub_keys(c, c2) == "0000000000000000000000000000000000000000000000000000000000000000") return (MiniNero.sc_sub_keys(c, c2) == "0000000000000000000000000000000000000000000000000000000000000000")
def MLSAG_Ver(pk, I, c0, s): rows = len(pk[0]) cols = len(pk) print("verifying MG sig of dimensions ", rows, "x ", cols) c = [None] * (cols + 1) c[0] = c0 L = keyMatrix(rows, cols) R = keyMatrix(rows, cols) m = ''.join(pk[0]) for i in range(1, cols): m = m + ''.join(pk[i]) i = 0 while i < cols: L[i] = [ MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows) ] Hi = hashKeyVector(pk[i]) R[i] = [ MiniNero.addKeys2(s[i][j], Hi[j], c[i], I[j]) for j in range(0, rows) ] oldi = i i = i + 1 c[i] = MiniNero.cn_fast_hash(m + ''.join(L[oldi]) + ''.join(R[oldi])) print("L", L) print("R", R) print("c", c) return (c0 == c[cols])
def MLSAG_Gen(pk, xx, index): rows = len(xx) cols = len(pk) print("Generating MG sig of size ", rows, "x", cols) print("index is:", index) print("checking if I can actually sign") print(pk[index]) print([MiniNero.scalarmultBase(x) for x in xx]) c = [None] * cols alpha = skvGen(rows) I = keyImageV(xx) L = keyMatrix(rows, cols) R = keyMatrix(rows, cols) s = keyMatrix(rows, cols) m = ''.join(pk[0]) for i in range(1, cols): m = m + ''.join(pk[i]) L[index] = [MiniNero.scalarmultBase(aa) for aa in alpha] #L = aG Hi = hashKeyVector(pk[index]) R[index] = [ MiniNero.scalarmultKey(Hi[ii], alpha[ii]) for ii in range(0, rows) ] #R = aI oldi = index i = (index + 1) % cols c[i] = MiniNero.cn_fast_hash(m + ''.join(L[oldi]) + ''.join(R[oldi])) while i != index: s[i] = skvGen(rows) L[i] = [ MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows) ] Hi = hashKeyVector(pk[i]) R[i] = [ MiniNero.addKeys2(s[i][j], Hi[j], c[i], I[j]) for j in range(0, rows) ] oldi = i i = (i + 1) % cols c[i] = MiniNero.cn_fast_hash(m + ''.join(L[oldi]) + ''.join(R[oldi])) print("L", L) print("R", R) s[index] = [ MiniNero.sc_mulsub_keys(alpha[j], c[index], xx[j]) for j in range(0, rows) ] #alpha - c * x return I, c[0], s
def GenSchnorrNonLinkable(x, P1, P2, index): if index == 0: a = PaperWallet.skGen() L1 = MiniNero.scalarmultBase(a) s2 = PaperWallet.skGen() c2 = MiniNero.cn_fast_hash(L1) L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2), MiniNero.scalarmultKey(P2, c2)) c1 = MiniNero.cn_fast_hash(L2) s1 = MiniNero.sc_mulsub_keys(a, x, c1) if index == 1: a = PaperWallet.skGen() L2 = MiniNero.scalarmultBase(a) s1 = PaperWallet.skGen() c1 = MiniNero.cn_fast_hash(L2) L1 = MiniNero.addKeys(MiniNero.scalarmultBase(s1), MiniNero.scalarmultKey(P1, c1)) c2 = MiniNero.cn_fast_hash(L1) s2 = MiniNero.sc_mulsub_keys(a, x, c2) return L1, s1, s2,
def deterministicVK(): while True: print('.'), tmp = MiniNero.intToHex(rand.getrandbits(64 * 8)) # 8 bits to a byte ... sk = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(tmp)) #s = "3c817618dcbfed122a64e592bb441d73300da9123686224a84e0eab1f075117e"; for testing #sk = MiniNero.sc_reduce_key(s) vk = MiniNero.getViewMM(sk) #note this is the sc_reduced version.. worked = 1 try: MiniNero.toPoint(vk) except: worked = 0 print("bad vk") if vk == MiniNero.sc_reduce_key( vk) and worked == 1: #already reduced + vk on curve break print("found keys") print("secret spend key:", sk) print("secret view key:", vk) vk2 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 2)) print("secret view key2:", vk2) vk3 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 3)) print("secret view key3:", vk3) pk = MiniNero.publicFromSecret(sk) print("public spend key:", pk) pvk = MiniNero.publicFromSecret(vk) print("public view key:", pvk) pvk2 = MiniNero.publicFromSecret(vk2) print("public view key2:", pvk2) pvk3 = MiniNero.publicFromSecret(vk3) print("public view key3:", pvk3) addr = MiniNero.getAddrMM(sk) print("in future this will get all addresses") print("receiving address", addr) wl = mnemonic.mn_encode(s) cks = MiniNero.electrumChecksum(wl) print(cks) print("mnemonic:", wl + " " + cks)
def VerASNL(P1, P2, L1, s2, s): #Aggregate Schnorr Non-Linkable print("Verifying Aggregate Schnorr Non-linkable Ring Signature") n = len(P1) LHS = MiniNero.scalarmultBase(MiniNero.intToHex(0)) RHS = MiniNero.scalarmultBase(s) for j in range(0, n): c2 = MiniNero.cn_fast_hash(L1[j]) L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2[j]), MiniNero.scalarmultKey(P2[j], c2)) LHS = MiniNero.addKeys(LHS, L1[j]) c1 = MiniNero.cn_fast_hash(L2) RHS = MiniNero.addKeys(RHS, MiniNero.scalarmultKey(P1[j], c1)) if LHS == RHS: print"Verified" return 0 else: print "Didn't verify" print(LHS,"!=", RHS) return -1
def deterministicVK(): while True: print("."), tmp = MiniNero.intToHex(rand.getrandbits(64 * 8)) # 8 bits to a byte ... sk = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(tmp)) # s = "3c817618dcbfed122a64e592bb441d73300da9123686224a84e0eab1f075117e"; for testing # sk = MiniNero.sc_reduce_key(s) vk = MiniNero.getViewMM(sk) # note this is the sc_reduced version.. worked = 1 try: MiniNero.toPoint(vk) except: worked = 0 print("bad vk") if vk == MiniNero.sc_reduce_key(vk) and worked == 1: # already reduced + vk on curve break print("found keys") print("secret spend key:", sk) print("secret view key:", vk) vk2 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 2)) print("secret view key2:", vk2) vk3 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 3)) print("secret view key3:", vk3) pk = MiniNero.publicFromSecret(sk) print("public spend key:", pk) pvk = MiniNero.publicFromSecret(vk) print("public view key:", pvk) pvk2 = MiniNero.publicFromSecret(vk2) print("public view key2:", pvk2) pvk3 = MiniNero.publicFromSecret(vk3) print("public view key3:", pvk3) addr = MiniNero.getAddrMM(sk) print("in future this will get all addresses") print("receiving address", addr) wl = mnemonic.mn_encode(s) cks = MiniNero.electrumChecksum(wl) print(cks) print("mnemonic:", wl + " " + cks)
def VerSchnorr(hash_prefix, pub, r, c): #hash_prefix = binascii.hexlify(prefix) check1 = MiniNero.toPoint(pub) comm = MiniNero.addKeys(MiniNero.scalarmultKey(pub, c), MiniNero.scalarmultBase(r)) c2 = MiniNero.cn_fast_hash(hash_prefix + pub + comm) print( MiniNero.sc_sub_keys(c, c2) == "0000000000000000000000000000000000000000000000000000000000000000") return (MiniNero.sc_sub_keys(c, c2) == "0000000000000000000000000000000000000000000000000000000000000000")
def VerASNL(P1, P2, L1, s2, s): #Aggregate Schnorr Non-Linkable print("Verifying Aggregate Schnorr Non-linkable Ring Signature") n = len(P1) LHS = MiniNero.scalarmultBase(MiniNero.intToHex(0)) RHS = MiniNero.scalarmultBase(s) for j in range(0, n): c2 = MiniNero.cn_fast_hash(L1[j]) L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2[j]), MiniNero.scalarmultKey(P2[j], c2)) LHS = MiniNero.addKeys(LHS, L1[j]) c1 = MiniNero.cn_fast_hash(L2) RHS = MiniNero.addKeys(RHS, MiniNero.scalarmultKey(P1[j], c1)) if LHS == RHS: print "Verified" return 0 else: print "Didn't verify" print(LHS, "!=", RHS) return -1
def GenSchnorr(hash_prefix, pub, sec, k): #modified from original algorithm to match Monero better #see the ag schnorr pdf for original alg. #Note in Monero, hash prefix is always 32 bytes.. #hash_prefix = binascii.hexlify(prefix) #k = PaperWallet.skGen() #comment for testing comm = MiniNero.scalarmultBase(k) print("comm", "hash_prefix", comm, hash_prefix) if MiniNero.scalarmultBase(sec) != pub: print"error in genSchnorr" return -1 if MiniNero.sc_check(sec) == False: print "fail in geSchnorr" return -1 c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm)) r = MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec)) #uncomment to test malleability c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm)) r = MiniNero.sc_unreduce_key(MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec))) return r, c
def GenSchnorr(hash_prefix, pub, sec, k): #modified from original algorithm to match ByteRub better #see the ag schnorr pdf for original alg. #Note in ByteRub, hash prefix is always 32 bytes.. #hash_prefix = binascii.hexlify(prefix) #k = PaperWallet.skGen() #comment for testing comm = MiniNero.scalarmultBase(k) print("comm", "hash_prefix", comm, hash_prefix) if MiniNero.scalarmultBase(sec) != pub: print "error in genSchnorr" return -1 if MiniNero.sc_check(sec) == False: print "fail in geSchnorr" return -1 c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm)) r = MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec)) #uncomment to test malleability c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm)) r = MiniNero.sc_unreduce_key( MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec))) return r, c
def MLSAG_Sign(pk, xx, index): rows = len(xx) cols = len(pk[0]) print("Generating MLSAG sig of dimensions ",rows ,"x ", cols) L = [[None] * cols] #list of keyvectors? except it's indexed by cols... it's kind of internal actually R = [[None] * cols] s = [[PaperWallet.skGen() for i in range(0, cols)] ] #first index is rows, second is cols, wonder if I should switch that.. HP = [[MiniNero.hashToPoint_cn(i) for i in pk[0]]] pj = ''.join(pk[0]) for i in range(1, rows): L.append([None] * cols) R.append([None] * cols) s.append([PaperWallet.skGen() for j in range(0, cols)]) HP.append([MiniNero.hashToPoint_cn(j) for j in pk[i]]) pj = pj + ''.join(pk[i]) c= [None] * cols #1-dimensional keyimage = keyImage(xx, rows) #ok for i in range(0, rows): L[i][index] = MiniNero.scalarmultBase(s[i][index]) #aG R[i][index] = MiniNero.scalarmultKey(HP[i][index], s[i][index]) #aH j = (index + 1) % cols tohash = pj for i in range(0, rows): tohash = tohash + L[i][index] + R[i][index] c[j] = MiniNero.cn_fast_hash(tohash) while j != index: tohash = pj for i in range(0, rows): L[i][j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[i][j]), MiniNero.scalarmultKey(pk[i][j], c[j])) #Lj = sG + cxG R[i][j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[i][j], s[i][j]), MiniNero.scalarmultKey(keyimage[i], c[j])) #Rj = sH + cxH tohash = tohash + L[i][j] + R[i][j] j = (j + 1) % cols c[j] = MiniNero.cn_fast_hash(tohash) for i in range(0, rows): s[i][index] = MiniNero.sc_mulsub_keys(s[i][index], c[index], xx[i]) #si = a - c x so a = s + c x return keyimage, c[0], s
def LLW_Sig(pk, xx, index ): n = len(pk) print("Generating LLW sig of length ", n) L = [None] * n R = [None] * n c= [None] * n s = [PaperWallet.skGen() for i in range(0, n)] HP = [MiniNero.hashToPoint_ct(i) for i in pk] pj = ''.join(pk) keyimage = keyImage(xx) #ok s[index] = MiniNero.mul_8(s[index]) L[index] = MiniNero.scalarmultBase(s[index]) R[index] = MiniNero.scalarmultKey(HP[index], s[index]) #aH j = (index + 1) % n c[j] = MiniNero.cn_fast_hash(pj+L[index]+R[index]) while j != index: L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]), MiniNero.scalarmultKey(pk[j], c[j])) #Lj = sG + cxG R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]), MiniNero.scalarmultKey(keyimage, c[j])) #Rj = sH + cxH cj = (j + 1) % n c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j]) #c j+1 = H(pk + Lj + Rj j = cj #increment j s[index] = MiniNero.sc_mulsub_keys(s[index], c[index], xx) #si = a - c x so a = s + c x print("sigma = ", keyimage, c[0], s[:]) return keyimage, c[0], s[:]
def LLW_Ver(pk, keyimage, c1, s): n= len(pk) #ok print("verifying LLW sig of length", n) L = [None]*n R = [None]*n c= [None]*(n+1) pj = ''.join(pk) HP = [MiniNero.hashToPoint_ct(i) for i in pk] c[0] = c1 j = 0 while j < n: L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]), MiniNero.scalarmultKey(pk[j], c[j])) R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]), MiniNero.scalarmultKey(keyimage, c[j])) cj = j + 1 c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j]) j = cj rv = (c[0] == c[n]) print("sig verifies complete", rv) print("c", c) print("L", L) print("R", R) return rv
def LLW_Ver(pk, keyimage, c1, s): n = len(pk) #ok print("verifying LLW sig of length", n) L = [None] * n R = [None] * n c = [None] * (n + 1) pj = ''.join(pk) HP = [MiniNero.hashToPoint_ct(i) for i in pk] c[0] = c1 j = 0 while j < n: L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]), MiniNero.scalarmultKey(pk[j], c[j])) R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]), MiniNero.scalarmultKey(keyimage, c[j])) cj = j + 1 c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j]) j = cj rv = (c[0] == c[n]) print("sig verifies complete", rv) print("c", c) print("L", L) print("R", R) return rv
#you += hash(pubkey || index) to both the private scalar and public point #<tacotime> [02:35:38] so to get priv_i and pub_i #<tacotime> [02:36:06] priv_i = (priv + hash) mod N #<tacotime> [02:37:17] pub_i = (pub + scalarbasemult(hash)) import MiniNero import PaperWallet sk, vk, pk, pvk, addr, wl, cks = PaperWallet.keysBoth() print("making keychain") for i in range(1, 600): index = MiniNero.intToHex(i) has = MiniNero.cn_fast_hash(pk + index) sk1 = MiniNero.sc_add_keys(sk, has) pk1 = MiniNero.addKeys(pk, MiniNero.scalarmultBase(has)) pk1_check = MiniNero.publicFromSecret(sk1) print("Check", pk1== pk1_check) print(sk1) #print("i, sk, pk", i, sk1, pk1)
def ecdhRetrieve(x, pk): sspub = MiniNero.scalarmultKey(pk, x) ss1 = MiniNero.cn_fast_hash(sspub) ss2 = MiniNero.cn_fast_hash(ss1) return ss1, ss2
def cnHashOfFile(filepath): #c.f. github.com/ShenNoether/btcProof sha256OfFile bin_data = open(filepath, 'rb').read() hex_data = binascii.hexlify(bin_data) print(hex_data) return MiniNero.cn_fast_hash(hex_data)
print(aG) print(MiniNero.scalarmultKey(aG, a)) if sys.argv[1] == "add": #once it's good A = PaperWallet.pkGen() A = "75819750158570adc58ad6f932c3704661d6cd8eafd3a14818293a17790fbf71" B = PaperWallet.pkGen() B = "5fbc56c82c6e40596c673e301b63e100f08b97723ead425ed38f2b55c7a6454f" AB = MiniNero.addKeys(A, B) Translator.hexToC(A) Translator.hexToC(B) print(AB) AAB = MiniNero.addKeys(AB, A) print("AAB", AAB) print("hash") print(MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(A))) aAbB = MiniNero.addKeys(MiniNero.scalarmultKey(A, A), MiniNero.scalarmultKey(B, B)) print("testing addKeys3") print(aAbB) if sys.argv[1] == "rs": #once it's good sk = MiniNero.randomScalar() if sys.argv[1] == "mn": #checking decoding mnemonic #seed = "code elope foiled knapsack abyss fishing wayside also joining auburn robot sonic inquest obnoxious pact gave smash itches fierce darted owed queen pool fruit auburn" seed = "down hairy tattoo ointment austere lush fossil symptoms vary sonic ultimate onslaught pioneer aerial kept linen unnoticed ahead weavers injury buzzer inquest justice nightly symptoms" seed = "unzip festival cease fences value anchor waking tomorrow ritual hookup guarded antics cease" sk = MiniNero.recoverSK(seed) print("sk", sk) print("addr my monero", MiniNero.getAddr(sk))
def ecdhGen(P): ephembytes, ephempub = PaperWallet.skpkGen() sspub = MiniNero.scalarmultKey(P, ephembytes) # (receiver pub) * (sender ecdh sk) ss1 = MiniNero.cn_fast_hash(sspub) ss2 = MiniNero.cn_fast_hash(ss1) return ephembytes, ephempub, ss1, ss2
#you += hash(pubkey || index) to both the private scalar and public point #<tacotime> [02:35:38] so to get priv_i and pub_i #<tacotime> [02:36:06] priv_i = (priv + hash) mod N #<tacotime> [02:37:17] pub_i = (pub + scalarbasemult(hash)) import MiniNero import PaperWallet sk, vk, pk, pvk, addr, wl, cks = PaperWallet.keysBoth() print("making keychain") for i in range(1, 600): index = MiniNero.intToHex(i) has = MiniNero.cn_fast_hash(pk + index) sk1 = MiniNero.sc_add_keys(sk, has) pk1 = MiniNero.addKeys(pk, MiniNero.scalarmultBase(has)) pk1_check = MiniNero.publicFromSecret(sk1) print("Check", pk1 == pk1_check) print(sk1) #print("i, sk, pk", i, sk1, pk1)
def ecdhGen(P): ephembytes, ephempub = PaperWallet.skpkGen() sspub = MiniNero.scalarmultKey(P, ephembytes) #(receiver pub) * (sender ecdh sk) ss1 = MiniNero.cn_fast_hash(sspub) ss2 = MiniNero.cn_fast_hash(ss1) return ephembytes, ephempub, ss1, ss2
print(aG) print(MiniNero.scalarmultKey(aG, a)) if sys.argv[1] == "add": #once it's good A = PaperWallet.pkGen() A = "75819750158570adc58ad6f932c3704661d6cd8eafd3a14818293a17790fbf71" B = PaperWallet.pkGen() B = "5fbc56c82c6e40596c673e301b63e100f08b97723ead425ed38f2b55c7a6454f" AB = MiniNero.addKeys(A, B) Translator.hexToC(A) Translator.hexToC(B) print(AB) AAB = MiniNero.addKeys(AB, A) print("AAB", AAB) print("hash") print(MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(A))) aAbB = MiniNero.addKeys(MiniNero.scalarmultKey(A, A), MiniNero.scalarmultKey(B, B)) print("testing addKeys3") print(aAbB) if sys.argv[1] == "rs": #once it's good sk = MiniNero.randomScalar() if sys.argv[1] == "mn": #checking decoding mnemonic #seed = "code elope foiled knapsack abyss fishing wayside also joining auburn robot sonic inquest obnoxious pact gave smash itches fierce darted owed queen pool fruit auburn" seed = "down hairy tattoo ointment austere lush fossil symptoms vary sonic ultimate onslaught pioneer aerial kept linen unnoticed ahead weavers injury buzzer inquest justice nightly symptoms" seed = "unzip festival cease fences value anchor waking tomorrow ritual hookup guarded antics cease" sk = MiniNero.recoverSK(seed) print("sk", sk)