olegabu / go-mimblewimble Goto Github PK
View Code? Open in Web Editor NEWLibrary for forming and validating transactions in mimblewimble protocol
License: Apache License 2.0
Library for forming and validating transactions in mimblewimble protocol
License: Apache License 2.0
For testing purposes a special version of Context is needed, particularly a trivial key generator is needed instead of a random one. As of now the Context is a struct, so neither extending nor overloading is available. It might be useful to make Context an interface to be able to overload it for special cases. The same idea is implemented in Grin wallet/core.
E[2020-04-22|13:33:48.155] Error on catchup replay. Proceeding to start ConsensusState anyway module=consensus err="WAL should not contain #ENDHEIGHT 1"
E[2020-04-22|13:33:48.155] Failed to save AddrBook to file module=p2p book=config/addrbook.json file=config/addrbook.json err="open config/write-file-atomic-02577231406141211588: no such file or directory"
Alice has an input AIC
with value vai
with blinding factor rai
Bob has and input BIC
with value vib
with blinding factor rbi
They generate a multisig (output) commitment MC
with a blinding factor rm = ram + rbm
, such that MC = H*(vam+vbm) + G*(ram+rbm) = H*vm + MR = APC + BPC
. Besides from multisig Alice and Bob create change outputs CAO, CBO
Alice calculates partial commitment APC = H * vam + G * ram
, bulletproof for ACO = ACO_proof
, partial excess = G*(ram+rac-rai)
Alice calculates partial signature APS = (ka*G,ka + e*(ram+rac-rai))
Alice calculate common nonce CN
for later bulletproofs generation
Alice sends Bob APC
,APS
, CN
Bob calculates partial commitment BPC = H * vbm + G * rbm
Bob calculates MC = APC + BPC
, bulletproof for BCO = BCO_proof
Bob calculates TB1,TB2 = bullet_proof_multisig(MC, CN, rbm)
Bob sends TB1
, TB2
, MC to Alice
Alice calculates TA1,TA2 = bullet_proof_multisig(MC, CN, ram)
Alice calculates Tau_X_A = bullet_proof_multisig(MC, CN, ram)
Alice sends Tau_X_A
,ACO_proof
to Bob
Bob calculates Tau_X_B
Bob calculate Tau_X
= Tau_X_A
+ Tau_X_B
Bob calculates partial signature BPS = (kb*G,kb + e*(rbm+rbc-rbi))
Bob calculates final signature FS
= BPS
+ APS
Bob publishes TX:
{
"Inputs": ["AIC", "BIC"],
"Outputs" : [{
"Commitment":"MC",
"proof":"Tau_X"
},
{
"Commitment":"ACO",
"proof:":"CAO_proof"
},
{
"Commitment":"BCO",
"proof":"CBO_proof"
}],
"Kernel" :{
"Signature":"FS",
"excess":"excess"
}
}
Validate transaction submitted to the network. Use an existing transaction from Grin explorer to test.
E[2020-04-22|13:54:30.242] Error closing connection module=rpc-server protocol=websocket remote=127.0.0.1:60690 err="close tcp 127.0.0.1:26657->127.0.0.1:60690: use of closed network connection"
Create a test wallet (context, inputs, purchases, expenses, fee) Slate, PrivateOutput[], Error
Provided with typical set of arguments the function must calculate output values, generate secrets, create a serializable version of a slate to be sent to the counterparty
H
необходимо генерировать точки H_1
,...,H_n
по количеству токеновH_i
вычислять Token Commitment TC_i = H_i + r_TC_i * G
, где r_i
- blinding factor для типа токена, который выбирает его владелец при формировании транзакции (его необходимо хранить, как и blinding factor для value){
"Inputs": [
{
"Commitment": " ",
"Token Commitment": " "
},
{
"Commitment": " ",
"Token Commitment": " "
}],
"Outputs" : [
{
"Commitment": " ",
"Token Commitment": " ",
"proof": " ",
"surjectionproof": " "
},
{
"Commitment": " ",
"Token Commitment": " ",
"proof": " ",
"surjectionproof": " "
}}],
"Kernel" :{
"Signature": " ",
"excess": " "
}
}
Суть транзакции - перевод:
v_1
токенов типа 1 (точка H_1
, token commitment H_1a = H_1 + r_TCI_1 * G
) от пользователя A (ACI = v_1 * H_1a + r_01 * G
) к пользователю B,v_2
токенов типа 2 (точка H_2
, token commitment H_2b = H_2 + r_TCI_2 * G
) от пользователя B (BCI = v_2 * H_2b + r_02 * G
) к пользователю A.k_a
, вычислить k_a * G = K_a
r_a2
, вычислить R_a = (r_a2 - r_01) * G
ACI
, r_TCI_1
, v_1
, v_2
, K_a
, R_a
k_b
, вычислить k_b * G = K_b
r_b1
, вычислить R_b = (r_b1 - r_02) * G
r_TC_1
, вычислить token commitment H_1b = H_1 + r_TCO_1 * G
BCO = v_1 * H_1b + r_b1 * G
и RangeProof BCO_proof
S_b = (k_b + e * (r_b1 - r_02), K_b)
BCI
, r_TCI_2
, BCO
, BCO_proof
, H_1b
, r_TCO_1
, K_b
, R_b
, s_b
r_TCO_2
, вычислить token commitment H_2a = H_2 + r_TCO_2 * G
ACO = v_2 * H_2a + r_a2 * G
и RangeProof ACO_proof
H_2a_proof = surjectionproof_generate({H_1a,H_2b}, H_2a, input index (2), r_TCI_2, r_TCO_2 )
, H_1b_proof = surjectionproof_generate({H_1a,H_2b}, H_1b, input index (1), r_TCI_1, r_TCO_1 )
S_a = (k_a + e * (r_a2 - r_01), K_a)
S = S_a + S_b
R = R_a + R_b
{
"Inputs": [
{
"Commitment": "ACI",
"Token Commitment": "H_1a"
},
{
"Commitment": "BCI",
"Token Commitment": "H_2b"
}],
"Outputs" : [
{
"Commitment": "ACO",
"Token Commitment": "H_2a",
"proof": "ACO_proof",
"surjectionproof": "H_2a_proof"
},
{
"Commitment": "BCO",
"Token Commitment": "H_1b",
"proof": "BCO_proof",
"surjectionproof": "H_1b_proof"
}}],
"Kernel" :{
"Signature": "S",
"excess": "R"
}
}
E[2020-04-22|14:04:52.644] Failed to write response module=rpc-server protocol=websocket remote=127.0.0.1:60832 err="websocket: close sent"
E[2020-04-22|14:04:52.644] Error closing connection module=rpc-server protocol=websocket remote=127.0.0.1:60832 err="close tcp 127.0.0.1:26657->127.0.0.1:60832: use of closed network connection"
Consider rt - asset blinding factor, rv - value blinding factor, v - value, G - generator, H - generator for a specific asset type ( aka 'fixed asset tag')
With the concept of atomic multiasset DVP we bring a new way to hide asset type with via an 'ephemeral asset tag' = (H+rt*G)
Commitment scheme and excess formula must be changed correspondingly:
Commitment = H*v+rv*G
public blinded excess = G* (Sum_for_all_inputs( rv ) - Sum_for_all_outputs ( outputBlinds))
Commitment = (H+rt*G)*v + rv*G
public blinded excess = G * ( Sum_for_all_inputs( v*rt + rv)- Sum_for_all_outputs( v*rt + rv))
Particularly, v*rt
and + rv
has to be made as scalar multiplication modulo p. This has to be done with built-in secp256k1 functions
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.