xmr: bulletproofs added to signer

ph4r05 · Aug 18, 2018 · 3f3e31f · 3f3e31f
1 parent d23d928
commit 3f3e31f
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 17 deletions.
diff --git a/src/apps/monero/protocol/tsx_sign_builder.py b/src/apps/monero/protocol/tsx_sign_builder.py
@@ -922,9 +922,6 @@ async def range_proof(self, idx, dest_pub_key, amount, amount_key):
         """
         from apps.monero.xmr import ring_ct
 
-        rsig = bytearray(32 * (64 + 64 + 64 + 1))
-        rsig_mv = memoryview(rsig)
-
         out_pk = misc.StdObj(dest=dest_pub_key, mask=None)
         is_last = idx + 1 == self.num_dests()
         last_mask = (
@@ -937,30 +934,37 @@ async def range_proof(self, idx, dest_pub_key, amount, amount_key):
         C, mask, rsig = None, 0, None
 
         # Rangeproof
-        gc.collect()
+        self._log_trace("pre-rproof", collect=True)
+
         if self.use_bulletproof:
-            raise ValueError("Bulletproof not yet supported")
+            self._log_trace("pre-bp", collect=True)
+            C, mask, rsig = ring_ct.prove_range_bp(amount, last_mask)
+            self._log_trace("post-bp", collect=True)
 
         else:
+            rsig_buff = bytearray(32 * (64 + 64 + 64 + 1))
+            rsig_mv = memoryview(rsig_buff)
+
             C, mask, rsig = ring_ct.prove_range(
                 amount, last_mask, backend_impl=True, byte_enc=True, rsig=rsig_mv
             )
             rsig = memoryview(rsig)
 
-            self.assrt(
-                crypto.point_eq(
-                    C,
-                    crypto.point_add(
-                        crypto.scalarmult_base(mask), crypto.scalarmult_h(amount)
-                    ),
+        self.assrt(
+            crypto.point_eq(
+                C,
+                crypto.point_add(
+                    crypto.scalarmult_base(mask), crypto.scalarmult_h(amount)
                 ),
-                "rproof",
-            )
+            ),
+            "rproof",
+        )
+
+        # Incremental hashing
+        await self.full_message_hasher.rsig_val(
+            rsig, self.use_bulletproof, raw=True
+        )
 
-            # Incremental hashing
-            await self.full_message_hasher.rsig_val(
-                rsig, self.use_bulletproof, raw=True
-            )
         gc.collect()
         self._log_trace("rproof")
 

diff --git a/src/apps/monero/xmr/ring_ct.py b/src/apps/monero/xmr/ring_ct.py
@@ -3,9 +3,29 @@
 # Author: https://github.com/monero-project/mininero
 # Author: Dusan Klinec, ph4r05, 2018
 
+import gc
+
 from apps.monero.xmr import crypto
 
 
+def prove_range_bp(amount, last_mask=None):
+    from apps.monero.xmr import bulletproof as bp
+    bpi = bp.BulletProofBuilder()
+
+    mask = crypto.random_scalar()
+    if last_mask is not None:
+        mask = crypto.sc_sub(last_mask, last_mask)
+
+    bpi.set_input(amount, mask)
+    bp_proof = bpi.prove()
+    C = bp_proof.V[0]
+
+    gc.collect()
+    from apps.monero.controller.misc import dump_msg
+    bp_ser = dump_msg(bp_proof, preallocate=9*32 + 2*6*32 + 64)
+    return C, mask, bp_ser
+
+
 def prove_range(
     amount, last_mask=None, decode=False, backend_impl=True, byte_enc=True, rsig=None
 ):