def ECVRF_proof2hash(pi): ''' returns hash value beta from VRF proof pi''' (gamma, c,s) = ECVRF_decode_proof(pi) if gamma is INVALID : return INVALID beta = SHA256(EC2OSP(gamma^cofactor)) return beta
def ECVRF_hash_points(ecp_list): '''returns hashe of a number of EC points''' P=b'' for p_i in ecp_list: P += EC2OSP(p_i) h1 = SHA256(P) h2 = h1[0:n] h = OS2IP(h2) return h
def ECVRF_hash_to_curve(y, alpha): ''' returns a EC point in G given input string alpha and public key''' ctr=0 pk = EC2OSP(y) h=INVALID while h is INVALID or h is infinity: CTR = I2OSP(ctr, 4) ctr += 1 attempted_hash = SHA256(pk + alpha + CTR) h = RS2ECP(attempted_hash) if h is not INVALID and cofactor >1: h = h^cofactor return h
def transaction_is_valid(txHashChain, tx):
# Alright, so we need a 'for' loop to iterate through the sections
# If we come across a signature, hash the catted bytes of all previous
# Sections and assert that it matches the first data point in
# Preliminary version: Only works with non-wildcard shuffles
# A set of the owners of non-wildcard inputs
owners = {}
# A mapping of colors to quantity of coins
inputs = {}
# A mapping of colors to quantities. We don't care about recipients because
# -- well, we don't care about recipients. The point of this is to make
# sure that coins aren't created out of nowhere
outputs = {}
# A set of sections that we pass by. Note that we don't allow duplicate
# sections -- being dumb has a direct consequence (i.e. storing txchain) to
# the MCM maintainer.
seen_secs = {}
# A bytearray of catted section bytes that we've passed by so far. When we
# encounter a signature, we hash seen_bytes and use that for the sigs.
seen_bytes = bytearray([])
# Takes a set of sectionTypes and a sectionType
# Fails if (new in seen)
# Else returns seen.add(new)
def check_section_duplicate(seen, new):
seenP = seen
if (new in seenP):
# Fail
print("Duplicate section: ", new)
# How do we fail again?
seenP.add(new)
return seenP
for sx in tx.sections:
if (sx.type == sectionType.INPUT):
seen_secs = check_section_duplicate(seen_secs, sx.type)
for dx in sx.data:
if (not input_datum_well_formed(dx)):
# Fail
print("Malformed input ", dx)
# How do we fail again?
quote = txHashChain.find_owner_and_quantity_by_quote(dx)
owner = quote[0]
color = quote[1]
quantity = int(quote[2])
if color in inputs.keys:
inputs[color] += quantity
else:
inputs[color] = quantity
owners.add(owner)
seen_bytes += [sx.sx_to_bytes()]
elif (sx.type == sectionType.OUTPUT):
seen_secs = check_section_duplicate(seen_secs, sx.type)
if (sectionType.INPUT not in seen_secs):
# Fail
print("Output comes before input! ")
# How do we fail again?
for dx in sx.data:
if (not output_datum_well_formed(dx)):
# Fail
print("Malformed output ", dx)
# How do we fail again?
recipient = dx[0]
color = dx[1]
quantity = int(dx[2])
if (color in outputs):
outputs[color] += quantity
else:
outputs[color] = quantity
seen_bytes += [sx.sx_to_bytes()]
elif (sx.type == sectionType.SIGNATURES):
seen_secs = check_section_duplicate(seen_secs, sx.type)
if (sectionType.OUTPUT not in seen_secs
or sectionType.INPUT not in seen_secs):
# Fail
print("Missing outputs or inputs ", sx)
# How do we fail again?
running_hash = SHA256(seen_bytes)
