def ECVRF_proof2hash(pi): ''' returns hash value beta from VRF proof pi''' (gamma, c,s) = ECVRF_decode_proof(pi) if gamma is INVALID : return INVALID beta = SHA256(EC2OSP(gamma^cofactor)) return beta
def ECVRF_hash_points(ecp_list): '''returns hashe of a number of EC points''' P=b'' for p_i in ecp_list: P += EC2OSP(p_i) h1 = SHA256(P) h2 = h1[0:n] h = OS2IP(h2) return h
def ECVRF_hash_to_curve(y, alpha): ''' returns a EC point in G given input string alpha and public key''' ctr=0 pk = EC2OSP(y) h=INVALID while h is INVALID or h is infinity: CTR = I2OSP(ctr, 4) ctr += 1 attempted_hash = SHA256(pk + alpha + CTR) h = RS2ECP(attempted_hash) if h is not INVALID and cofactor >1: h = h^cofactor return h
def transaction_is_valid(txHashChain, tx): # Alright, so we need a 'for' loop to iterate through the sections # If we come across a signature, hash the catted bytes of all previous # Sections and assert that it matches the first data point in # Preliminary version: Only works with non-wildcard shuffles # A set of the owners of non-wildcard inputs owners = {} # A mapping of colors to quantity of coins inputs = {} # A mapping of colors to quantities. We don't care about recipients because # -- well, we don't care about recipients. The point of this is to make # sure that coins aren't created out of nowhere outputs = {} # A set of sections that we pass by. Note that we don't allow duplicate # sections -- being dumb has a direct consequence (i.e. storing txchain) to # the MCM maintainer. seen_secs = {} # A bytearray of catted section bytes that we've passed by so far. When we # encounter a signature, we hash seen_bytes and use that for the sigs. seen_bytes = bytearray([]) # Takes a set of sectionTypes and a sectionType # Fails if (new in seen) # Else returns seen.add(new) def check_section_duplicate(seen, new): seenP = seen if (new in seenP): # Fail print("Duplicate section: ", new) # How do we fail again? seenP.add(new) return seenP for sx in tx.sections: if (sx.type == sectionType.INPUT): seen_secs = check_section_duplicate(seen_secs, sx.type) for dx in sx.data: if (not input_datum_well_formed(dx)): # Fail print("Malformed input ", dx) # How do we fail again? quote = txHashChain.find_owner_and_quantity_by_quote(dx) owner = quote[0] color = quote[1] quantity = int(quote[2]) if color in inputs.keys: inputs[color] += quantity else: inputs[color] = quantity owners.add(owner) seen_bytes += [sx.sx_to_bytes()] elif (sx.type == sectionType.OUTPUT): seen_secs = check_section_duplicate(seen_secs, sx.type) if (sectionType.INPUT not in seen_secs): # Fail print("Output comes before input! ") # How do we fail again? for dx in sx.data: if (not output_datum_well_formed(dx)): # Fail print("Malformed output ", dx) # How do we fail again? recipient = dx[0] color = dx[1] quantity = int(dx[2]) if (color in outputs): outputs[color] += quantity else: outputs[color] = quantity seen_bytes += [sx.sx_to_bytes()] elif (sx.type == sectionType.SIGNATURES): seen_secs = check_section_duplicate(seen_secs, sx.type) if (sectionType.OUTPUT not in seen_secs or sectionType.INPUT not in seen_secs): # Fail print("Missing outputs or inputs ", sx) # How do we fail again? running_hash = SHA256(seen_bytes)