def test_clsag_invalid_P(self):
res = self.gen_clsag_sig(ring_size=11, index=5)
msg, scalars, sc1, sI, sD, ring2, Cp = res
with self.assertRaises(ValueError):
ring2[5].commitment = crypto.encodepoint(
crypto.point_mul8(crypto.decodepoint(ring2[5].dest)))
mlsag2.verify_clsag(msg, scalars, sc1, sI, sD, ring2, Cp)
async def prove_range_bp(amount, last_mask=None):
mask = last_mask if last_mask is not None else crypto.random_scalar()
bp_proof = await prove_range_bp_batch([amount], [mask])
C = crypto.decodepoint(bp_proof.V[0])
C = crypto.point_mul8(C)
gc.collect()
# Return as struct as the hash(BP_struct) != hash(BP_serialized)
# as the original hashing does not take vector lengths into account which are dynamic
# in the serialization scheme (and thus extraneous)
return C, mask, bp_proof
def test_pointadd(self):
a = crypto.random_scalar()
A = crypto.scalarmult_base(a)
A2 = crypto.point_add(A, A)
A3 = crypto.point_add(A2, A)
A4 = crypto.point_add(A3, A)
A8 = crypto.scalarmult(A4, crypto.sc_init(2))
A8p = crypto.point_mul8(A)
self.assertTrue(crypto.point_eq(A8p, A8))
self.assertTrue(
crypto.point_eq(A4, crypto.scalarmult(A, crypto.sc_init(4))))
self.assertTrue(
crypto.point_eq(A3, crypto.scalarmult(A, crypto.sc_init(3))))
def test_clsag_invalid_sI(self):
res = self.gen_clsag_sig(ring_size=11, index=5)
msg, scalars, sc1, sI, sD, ring2, Cp = res
with self.assertRaises(ValueError):
sI = crypto.point_mul8(sI)
mlsag2.verify_clsag(msg, scalars, sc1, sI, sD, ring2, Cp)