def ctskpkGen(amount): sk = ctkey() pk = ctkey() sk.dest, pk.dest = PaperWallet.skpkGen() sk.mask, pk.mask = PaperWallet.skpkGen() am = MiniNero.intToHex(amount) aH = MiniNero.scalarmultKey(getHForCT(), am) pk.mask = MiniNero.addKeys(pk.mask, aH) return sk, pk
def ecdhEncode(unmasked, receiverPk): rv = ecdhTuple() #compute shared secret esk, rv.senderPk = PaperWallet.skpkGen() sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(receiverPk, esk)) sharedSec2 = MiniNero.cn_fast_hash(sharedSec1) #encode rv.mask = MiniNero.sc_add_keys(unmasked.mask, sharedSec1) rv.amount = MiniNero.sc_add_keys(unmasked.amount, sharedSec1) return rv
def ecdhEncode(unmasked, receiverPk): rv = ecdhTuple() #compute shared secret esk, rv.senderPk = PaperWallet.skpkGen() sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(receiverPk, esk)); sharedSec2 = MiniNero.cn_fast_hash(sharedSec1) #encode rv.mask = MiniNero.sc_add_keys(unmasked.mask, sharedSec1) rv.amount = MiniNero.sc_add_keys(unmasked.amount, sharedSec1) return rv
print(MiniNero.getAddr(sk)) if sys.argv[1] == "seed": seed = "3c817618dcbfed122a64e592bb441d73300da9123686224a84e0eab1f075117e"; a = MiniNero.hexToInt(seed) b = a // l print(b) if sys.argv[1] == "HCT": for i in [1, 12, 123, 1234, 12345, 123456]: A = MiniNero.publicFromInt(i) print(i, MiniNero.hashToPoint_ct(A)) if sys.argv[1] == "RingCTSimple": #see below for ring ct with sliding exponents exponent = 9 H_ct = RingCT.getHForCT() print("H", H_ct) sr, Pr = PaperWallet.skpkGen() #receivers private/ public se, pe, ss1, ss2 = Ecdh.ecdhGen(Pr) #compute shared secret ss digits = 32 #in practice it could will be 32 (from .0001 monero to ~400k monero) all other amounts can be represented by full 64 if necessary, otherwise you can use the sliding implementation of RingCT given below. print("inputs") a = 10000 Cia, L1a, s2a, sa, ska = RingCT.genRangeProof(10000, digits) print("outputs") b = 7000 Cib, L1b, s2b, sb, skb = RingCT.genRangeProof(7000, digits) c = 3000 Cic, L1c, s2c, sc, skc = RingCT.genRangeProof(3000, digits) print("verifying range proofs of outputs") RingCT.verRangeProof(Cib, L1b, s2b, sb) RingCT.verRangeProof(Cic, L1c, s2c, sc) x, P1 = PaperWallet.skpkGen() P2 = PaperWallet.pkGen()
print(MiniNero.getAddr(sk)) if sys.argv[1] == "seed": seed = "3c817618dcbfed122a64e592bb441d73300da9123686224a84e0eab1f075117e" a = MiniNero.hexToInt(seed) b = a // l print(b) if sys.argv[1] == "HCT": for i in [1, 12, 123, 1234, 12345, 123456]: A = MiniNero.publicFromInt(i) print(i, MiniNero.hashToPoint_ct(A)) if sys.argv[1] == "RingCTSimple": #see below for ring ct with sliding exponents exponent = 9 H_ct = RingCT.getHForCT() print("H", H_ct) sr, Pr = PaperWallet.skpkGen() #receivers private/ public se, pe, ss1, ss2 = Ecdh.ecdhGen(Pr) #compute shared secret ss digits = 32 #in practice it could will be 32 (from .0001 byterub to ~400k byterub) all other amounts can be represented by full 64 if necessary, otherwise you can use the sliding implementation of RingCT given below. print("inputs") a = 10000 Cia, L1a, s2a, sa, ska = RingCT.genRangeProof(10000, digits) print("outputs") b = 7000 Cib, L1b, s2b, sb, skb = RingCT.genRangeProof(7000, digits) c = 3000 Cic, L1c, s2c, sc, skc = RingCT.genRangeProof(3000, digits) print("verifying range proofs of outputs") RingCT.verRangeProof(Cib, L1b, s2b, sb) RingCT.verRangeProof(Cic, L1c, s2c, sc) x, P1 = PaperWallet.skpkGen() P2 = PaperWallet.pkGen()
def ecdhGen(P): ephembytes, ephempub = PaperWallet.skpkGen() sspub = MiniNero.scalarmultKey(P, ephembytes) #(receiver pub) * (sender ecdh sk) ss1 = MiniNero.cn_fast_hash(sspub) ss2 = MiniNero.cn_fast_hash(ss1) return ephembytes, ephempub, ss1, ss2
import MiniNero import mnemonic import PaperWallet import Ecdh import ASNL import MLSAG import MLSAG2 import LLW_Sigs import RingCT import Crypto.Random.random as rand import Translator import binascii import RingCT2 #Schnorr NonLinkable true one and false one x, P1 = PaperWallet.skpkGen() P2 = PaperWallet.pkGen() P3 = PaperWallet.pkGen() L1, s1, s2 = ASNL.GenSchnorrNonLinkable(x, P1, P2, 0) print("Testing Schnorr Non-linkable!") print("This one should verify!") print(ASNL.VerSchnorrNonLinkable(P1, P2, L1, s1, s2)) print("") print("This one should NOT verify!") print(ASNL.VerSchnorrNonLinkable(P1, P3, L1, s1, s2)) #ASNL true one, false one, C != sum Ci, and one out of the range.. print("\n\n\nTesting ASNL")
def ecdhGen(P): ephembytes, ephempub = PaperWallet.skpkGen() sspub = MiniNero.scalarmultKey(P, ephembytes) # (receiver pub) * (sender ecdh sk) ss1 = MiniNero.cn_fast_hash(sspub) ss2 = MiniNero.cn_fast_hash(ss1) return ephembytes, ephempub, ss1, ss2