 |
PRCYCoin
2.0.0.7rc1
P2P Digital Currency
|
|
PRCYCoin
2.0.0.7rc1
P2P Digital Currency
|
#include "group.h"#include "modules/commitment/main_impl.h"#include "modules/rangeproof/borromean_impl.h"#include "modules/rangeproof/rangeproof_impl.h"Go to the source code of this file.
Functions | |
| int | secp256k1_rangeproof_info (const secp256k1_context2 *ctx, int *exp, int *mantissa, uint64_t *min_value, uint64_t *max_value, const unsigned char *proof, size_t plen) |
| Extract some basic information from a range-proof. More... | |
| int | secp256k1_rangeproof_rewind (const secp256k1_context2 *ctx, unsigned char *blind_out, uint64_t *value_out, unsigned char *message_out, size_t *outlen, const unsigned char *nonce, uint64_t *min_value, uint64_t *max_value, const secp256k1_pedersen_commitment *commit, const unsigned char *proof, size_t plen, const unsigned char *extra_commit, size_t extra_commit_len, const secp256k1_generator *gen) |
| Verify a range proof proof and rewind the proof to recover information sent by its author. More... | |
| int | secp256k1_rangeproof_verify (const secp256k1_context2 *ctx, uint64_t *min_value, uint64_t *max_value, const secp256k1_pedersen_commitment *commit, const unsigned char *proof, size_t plen, const unsigned char *extra_commit, size_t extra_commit_len, const secp256k1_generator *gen) |
| Verify a proof that a committed value is within a range. More... | |
| int | secp256k1_rangeproof_sign (const secp256k1_context2 *ctx, unsigned char *proof, size_t *plen, uint64_t min_value, const secp256k1_pedersen_commitment *commit, const unsigned char *blind, const unsigned char *nonce, int exp, int min_bits, uint64_t value, const unsigned char *message, size_t msg_len, const unsigned char *extra_commit, size_t extra_commit_len, const secp256k1_generator *gen) |
| Author a proof that a committed value is within a range. More... | |
| int secp256k1_rangeproof_info | ( | const secp256k1_context2 * | ctx, |
| int * | exp, | ||
| int * | mantissa, | ||
| uint64_t * | min_value, | ||
| uint64_t * | max_value, | ||
| const unsigned char * | proof, | ||
| size_t | plen | ||
| ) |
Extract some basic information from a range-proof.
Returns 1: Information successfully extracted. 0: Decode failed. In: ctx: pointer to a context object proof: pointer to character array with the proof. plen: length of proof in bytes. Out: exp: Exponent used in the proof (-1 means the value isn't private). mantissa: Number of bits covered by the proof. min_value: pointer to an unsigned int64 which will be updated with the minimum value that commit could have. (cannot be NULL) max_value: pointer to an unsigned int64 which will be updated with the maximum value that commit could have. (cannot be NULL)
Definition at line 17 of file main_impl.h.
| int secp256k1_rangeproof_rewind | ( | const secp256k1_context2 * | ctx, |
| unsigned char * | blind_out, | ||
| uint64_t * | value_out, | ||
| unsigned char * | message_out, | ||
| size_t * | outlen, | ||
| const unsigned char * | nonce, | ||
| uint64_t * | min_value, | ||
| uint64_t * | max_value, | ||
| const secp256k1_pedersen_commitment * | commit, | ||
| const unsigned char * | proof, | ||
| size_t | plen, | ||
| const unsigned char * | extra_commit, | ||
| size_t | extra_commit_len, | ||
| const secp256k1_generator * | gen | ||
| ) |
Verify a range proof proof and rewind the proof to recover information sent by its author.
Returns 1: Value is within the range [0..2^64), the specifically proven range is in the min/max value outputs, and the value and blinding were recovered. 0: Proof failed, rewind failed, or other error. In: ctx: pointer to a context object, initialized for range-proof and Pedersen commitment (cannot be NULL) commit: the commitment being proved. (cannot be NULL) proof: pointer to character array with the proof. (cannot be NULL) plen: length of proof in bytes. nonce: 32-byte secret nonce used by the prover (cannot be NULL) extra_commit: additional data covered in rangeproof signature extra_commit_len: length of extra_commit byte array (0 if NULL) gen: additional generator 'h' In/Out: blind_out: storage for the 32-byte blinding factor used for the commitment value_out: pointer to an unsigned int64 which has the exact value of the commitment. message_out: pointer to a 4096 byte character array to receive message data from the proof author. outlen: length of message data written to message_out. min_value: pointer to an unsigned int64 which will be updated with the minimum value that commit could have. (cannot be NULL) max_value: pointer to an unsigned int64 which will be updated with the maximum value that commit could have. (cannot be NULL)
Definition at line 32 of file main_impl.h.
| int secp256k1_rangeproof_sign | ( | const secp256k1_context2 * | ctx, |
| unsigned char * | proof, | ||
| size_t * | plen, | ||
| uint64_t | min_value, | ||
| const secp256k1_pedersen_commitment * | commit, | ||
| const unsigned char * | blind, | ||
| const unsigned char * | nonce, | ||
| int | exp, | ||
| int | min_bits, | ||
| uint64_t | value, | ||
| const unsigned char * | message, | ||
| size_t | msg_len, | ||
| const unsigned char * | extra_commit, | ||
| size_t | extra_commit_len, | ||
| const secp256k1_generator * | gen | ||
| ) |
Author a proof that a committed value is within a range.
Returns 1: Proof successfully created. 0: Error In: ctx: pointer to a context object, initialized for range-proof, signing, and Pedersen commitment (cannot be NULL) proof: pointer to array to receive the proof, can be up to 5134 bytes. (cannot be NULL) min_value: constructs a proof where the verifer can tell the minimum value is at least the specified amount. commit: the commitment being proved. blind: 32-byte blinding factor used by commit. nonce: 32-byte secret nonce used to initialize the proof (value can be reverse-engineered out of the proof if this secret is known.) exp: Base-10 exponent. Digits below above will be made public, but the proof will be made smaller. Allowed range is -1 to 18. (-1 is a special case that makes the value public. 0 is the most private.) min_bits: Number of bits of the value to keep private. (0 = auto/minimal, - 64). value: Actual value of the commitment. message: pointer to a byte array of data to be embedded in the rangeproof that can be recovered by rewinding the proof msg_len: size of the message to be embedded in the rangeproof extra_commit: additional data to be covered in rangeproof signature extra_commit_len: length of extra_commit byte array (0 if NULL) gen: additional generator 'h' In/out: plen: point to an integer with the size of the proof buffer and the size of the constructed proof.
If min_value or exp is non-zero then the value must be on the range [0, 2^63) to prevent the proof range from spanning past 2^64.
If exp is -1 the value is revealed by the proof (e.g. it proves that the proof is a blinding of a specific value, without revealing the blinding key.)
This can randomly fail with probability around one in 2^100. If this happens, buy a lottery ticket and retry with a different nonce or blinding.
Definition at line 73 of file main_impl.h.
| int secp256k1_rangeproof_verify | ( | const secp256k1_context2 * | ctx, |
| uint64_t * | min_value, | ||
| uint64_t * | max_value, | ||
| const secp256k1_pedersen_commitment * | commit, | ||
| const unsigned char * | proof, | ||
| size_t | plen, | ||
| const unsigned char * | extra_commit, | ||
| size_t | extra_commit_len, | ||
| const secp256k1_generator * | gen | ||
| ) |
Verify a proof that a committed value is within a range.
Returns 1: Value is within the range [0..2^64), the specifically proven range is in the min/max value outputs. 0: Proof failed or other error. In: ctx: pointer to a context object, initialized for range-proof and commitment (cannot be NULL) commit: the commitment being proved. (cannot be NULL) proof: pointer to character array with the proof. (cannot be NULL) plen: length of proof in bytes. extra_commit: additional data covered in rangeproof signature extra_commit_len: length of extra_commit byte array (0 if NULL) gen: additional generator 'h' Out: min_value: pointer to a unsigned int64 which will be updated with the minimum value that commit could have. (cannot be NULL) max_value: pointer to a unsigned int64 which will be updated with the maximum value that commit could have. (cannot be NULL)
Definition at line 55 of file main_impl.h.
1.8.17