from prover import generate_witness, generate_transfer_proof
from contract_deploy import contract_deploy
from classes import SignedTransferTransaction
from utils import createLeaf, hashPadded
from SparseMerkleTree import SparseMerkleTree
nWallets = 4
alice = [ os.environ['ALICE_PK_X'], os.environ['ALICE_PX_Y'] ]
bob = [ os.environ['BOB_PK_X'], os.environ['BOB_PX_Y'] ]
RHS_LEAF = os.environ['RHS_LEAF']
TREE_DEPTH = ops.environ['TREE_DEPTH']
if __name__ == "__main__":
# give nft 2 to alice and 3 to bob
leaves = { 2: createLeaf(alice, rhs_leaf), 3: createLeaf(bob, rhs_leaf) }
tree = SparseMerkleTree(2, leaves)
root = tree.root
old_leaf = []
new_leaf = []
roll_up = contract_deploy(
TREE_DEPTH,
"../depends/roll_up/keys/vk.json",
root,
"../depends/roll_up/contracts",
)
# Wallet array
wallets = []
txs = []
# Iterate over transactions on the merkle tree
for j in range(1, noTx + 1):
leaves.append([])
# create a random pub key from priv key
sk.append(genSalt(64))
public_key.append(ed.publickey(sk[j]))
# create a random new leaf
# This is just a filler message for test purpose (e.g. 11111111... , 22222211111...)
rhs_leaf.append(hashPadded(hex(j)[2] * 64, "1" * 64)[2:])
# The old leaf is previous pubkey + previous message
old_leaf.append(createLeaf(public_key[j - 1], rhs_leaf[j - 1]))
# The new leaf is current pubkey with current message
new_leaf.append(createLeaf(public_key[j], rhs_leaf[j]))
# The message to sign is the previous leaf with the new leaf
message = hashPadded(old_leaf[j - 1], new_leaf[j - 1])
# Remove '0x' from byte
message = message[2:]
# Obtain Signature
r, s = getSignature(message, sk[j - 1], public_key[j - 1])
# check the signature is correct
ed.checkvalid(r, s, message, public_key[j - 1])
def generate_transfer_proof(self, transactions):
return 42
pub_x = []
pub_y = []
leaves = []
R_x = []
R_y = []
S = []
previous_owners = []
new_owners = []
address = []
public_key = []
# Public key of sender from first tx
public_key.append(tx.senderPubKey)
# Iterate over transactions. each tx is an object from classes.py
for j in range(1, len(transactions) + 1):
tx = transactions[i]
leaves.append([])
# Append sender pubkey
public_key.append(tx.senderPubKey)
# The old owner is previous pubkey + RHS # TODO add rhs_leaf /
# replace with stub
previous_owners.append(createLeaf(tx.senderPubKey, rhs_leaf))
# The new leaf is current pubkey with RHS
new_owners.append(createLeaf(tx.receiverPubKey, rhs_leaf))
# The message to sign is the previous leaf with the new leaf
message = hashPadded(previous_owners[j - 1], new_owners[j - 1])
# Remove '0x' from byte
message = message[2:]
# Check the signer is correct
ed.checkvalid(tx.R, tx.S, message, tx.senderPubKey)
# Now we reverse the puplic key by bit
# we have to reverse the bits so that the
# unpacker in libsnark will return us the
# correct field element
# To put into little-endian
pub_key_x = hex(
int(
''.join(
str(e)
for e in hexToBinary(hex(public_key[j - 1][0]))[::-1]), 2))
pub_key_y = hex(
int(
''.join(
str(e)
for e in hexToBinary(hex(public_key[j - 1][1]))[::-1]), 2))
tx.R[0] = hex(
int(''.join(str(e) for e in hexToBinary(hex(tx.R[0]))[::-1]), 2))
tx.R[1] = hex(
int(''.join(str(e) for e in hexToBinary(hex(tx.R[1]))[::-1]), 2))
# Two r on x and y axis of curve
R_x.append(tx.R[0])
R_y.append(tx.R[1])
# Store s
S.append(s)
# Store public key
pub_x.append(pub_key_x)
pub_y.append(pub_key_y)
#
leaves[j - 1].append(previous_owners[j - 1])
#
address.append(0)
# Get zk proof and Merkle root
proof, root = generate_witness(leaves, pub_x, pub_y, address, tree_depth,
rhs_leaf, new_owners, R_x, R_y, S)
#Build proof for contract
proof["a"] = hex2int(proof["a"])
proof["a_p"] = hex2int(proof["a_p"])
proof["b"] = [hex2int(proof["b"][0]), hex2int(proof["b"][1])]
proof["b_p"] = hex2int(proof["b_p"])
proof["c"] = hex2int(proof["c"])
proof["c_p"] = hex2int(proof["c_p"])
proof["h"] = hex2int(proof["h"])
proof["k"] = hex2int(proof["k"])
proof["input"] = hex2int(proof["input"])
return proof