def _create_zeth_notes( phi: bytes, hsig: bytes, output0: Tuple[OwnershipPublicKey, int], output1: Tuple[OwnershipPublicKey, int]) -> Tuple[ZethNote, ZethNote]: """ Create two ordered ZethNotes. Used to generate new output notes to be passed to the prover server. """ (recipient0, value0) = output0 (recipient1, value1) = output1 rho0 = _compute_rho_i(phi, hsig, 0) trap_r0 = _trap_r_randomness() note0 = ZethNote(apk=ownership_key_as_hex(recipient0), value=int64_to_hex(value0), rho=rho0.hex(), trap_r=trap_r0) rho1 = _compute_rho_i(phi, hsig, 1) trap_r1 = _trap_r_randomness() note1 = ZethNote(apk=ownership_key_as_hex(recipient1), value=int64_to_hex(value1), rho=rho1.hex(), trap_r=trap_r1) return note0, note1
def create_prover_inputs( mix_call_desc: MixCallDescription ) -> Tuple[api.ProofInputs, signing.SigningKeyPair]: """ Given the basic parameters for a mix call, compute the input to the prover server, and the signing key pair. """ # Compute Merkle paths mk_tree = mix_call_desc.mk_tree sender_ask = mix_call_desc.sender_ownership_keypair.a_sk def _create_api_input(input_address: int, input_note: api.ZethNote) -> api.JoinsplitInput: mk_path = compute_merkle_path(input_address, mk_tree) input_nullifier = compute_nullifier(input_note, sender_ask) return create_api_joinsplit_input(mk_path, input_address, input_note, sender_ask, input_nullifier) inputs = mix_call_desc.inputs api_inputs = [_create_api_input(addr, note) for addr, note in inputs] mk_root = mk_tree.get_root() # Extract (<ownership-address>, <value>) tuples outputs_with_a_pk = \ [(zeth_addr.a_pk, to_zeth_units(value)) for (zeth_addr, value) in mix_call_desc.outputs] # Public input and output values as Zeth units public_in_value_zeth_units = to_zeth_units(mix_call_desc.v_in) public_out_value_zeth_units = to_zeth_units(mix_call_desc.v_out) # Generate the signing key signing_keypair = signing.gen_signing_keypair() # Use the specified or default h_sig computation compute_h_sig_cb = mix_call_desc.compute_h_sig_cb or compute_h_sig h_sig = compute_h_sig_cb( [bytes.fromhex(input.nullifier) for input in api_inputs], signing_keypair.vk) phi = _phi_randomness() # Create the api.ZethNote objects api_outputs = _create_api_zeth_notes(phi, h_sig, outputs_with_a_pk) proof_inputs = api.ProofInputs( mk_root=mk_root.hex(), js_inputs=api_inputs, js_outputs=api_outputs, pub_in_value=int64_to_hex(public_in_value_zeth_units), pub_out_value=int64_to_hex(public_out_value_zeth_units), h_sig=h_sig.hex(), phi=phi.hex()) return (proof_inputs, signing_keypair)
def _create_api_zeth_note(out_index: int, recipient: OwnershipPublicKey, value: int) -> api.ZethNote: rho = _compute_rho_i(phi, hsig, out_index) trap_r = _trap_r_randomness() return api.ZethNote(apk=ownership_key_as_hex(recipient), value=int64_to_hex(value), rho=rho.hex(), trap_r=trap_r)
def compute_joinsplit2x2_inputs( mk_root: bytes, input0: Tuple[int, ZethNote], mk_path0: List[str], input1: Tuple[int, ZethNote], mk_path1: List[str], sender_ask: OwnershipSecretKey, output0: Tuple[OwnershipPublicKey, int], output1: Tuple[OwnershipPublicKey, int], public_in_value_zeth_units: int, public_out_value_zeth_units: int, sign_vk: JoinsplitSigVerificationKey, compute_h_sig_cb: Optional[ComputeHSigCB] = None) -> ProofInputs: """ Create a ProofInput object for joinsplit parameters """ (input_address0, input_note0) = input0 (input_address1, input_note1) = input1 input_nullifier0 = compute_nullifier(input_note0, sender_ask) input_nullifier1 = compute_nullifier(input_note1, sender_ask) js_inputs: List[JoinsplitInput] = [ create_joinsplit_input(mk_path0, input_address0, input_note0, sender_ask, input_nullifier0), create_joinsplit_input(mk_path1, input_address1, input_note1, sender_ask, input_nullifier1) ] # Use the specified or default h_sig computation compute_h_sig_cb = compute_h_sig_cb or compute_h_sig h_sig = compute_h_sig_cb(input_nullifier0, input_nullifier1, sign_vk) phi = _phi_randomness() output_note0, output_note1 = create_zeth_notes(phi, h_sig, output0, output1) js_outputs = [output_note0, output_note1] return ProofInputs(mk_root=mk_root.hex(), js_inputs=js_inputs, js_outputs=js_outputs, pub_in_value=int64_to_hex(public_in_value_zeth_units), pub_out_value=int64_to_hex(public_out_value_zeth_units), h_sig=h_sig.hex(), phi=phi)
def create_prover_inputs( mix_call_desc: MixCallDescription ) -> Tuple[ProofInputs, signing.SigningKeyPair]: """ Given the basic parameters for a mix call, compute the input to the prover server, and the signing key pair. """ # Compute Merkle paths mk_tree = mix_call_desc.mk_tree mk_root = mk_tree.get_root() inputs = mix_call_desc.inputs mk_paths = [compute_merkle_path(addr, mk_tree) for addr, _ in inputs] # Extract (<ownership-address>, <value>) tuples outputs_with_a_pk = \ [(zeth_addr.a_pk, to_zeth_units(value)) for (zeth_addr, value) in mix_call_desc.outputs] output0 = outputs_with_a_pk[0] output1 = outputs_with_a_pk[1] # Public input and output values as Zeth units public_in_value_zeth_units = to_zeth_units(mix_call_desc.v_in) public_out_value_zeth_units = to_zeth_units(mix_call_desc.v_out) # Generate the signing key signing_keypair = signing.gen_signing_keypair() sender_ask = mix_call_desc.sender_ownership_keypair.a_sk # Compute the input note nullifiers (input_address0, input_note0) = mix_call_desc.inputs[0] (input_address1, input_note1) = mix_call_desc.inputs[1] input_nullifier0 = compute_nullifier(input_note0, sender_ask) input_nullifier1 = compute_nullifier(input_note1, sender_ask) # Convert to JoinsplitInput objects js_inputs: List[JoinsplitInput] = [ create_joinsplit_input(mk_paths[0], input_address0, input_note0, sender_ask, input_nullifier0), create_joinsplit_input(mk_paths[1], input_address1, input_note1, sender_ask, input_nullifier1) ] # Use the specified or default h_sig computation compute_h_sig_cb = mix_call_desc.compute_h_sig_cb or compute_h_sig h_sig = compute_h_sig_cb(input_nullifier0, input_nullifier1, signing_keypair.vk) phi = _phi_randomness() # Joinsplit Output Notes output_note0, output_note1 = _create_zeth_notes( phi, h_sig, output0, output1) js_outputs = [output_note0, output_note1] proof_inputs = ProofInputs( mk_root=mk_root.hex(), js_inputs=js_inputs, js_outputs=js_outputs, pub_in_value=int64_to_hex(public_in_value_zeth_units), pub_out_value=int64_to_hex(public_out_value_zeth_units), h_sig=h_sig.hex(), phi=phi.hex()) return (proof_inputs, signing_keypair)