frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,018 Commits 14 Branches 0 Tags
Commit Graph

2018 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Nick
13ad32e814 norm arg: add tests for zero length and zero vectors 2023-02-13 22:15:47 -08:00
Jonas Nick
34c4847a6a ci: add bulletproofs 2023-02-13 22:15:47 -08:00
sanket1729
2574516483 Add testcases for bulletproofs++ norm arugment 2023-02-13 22:15:47 -08:00
sanket1729
46c7391154 Add norm argument verify API 2023-02-13 22:15:46 -08:00
Jonas Nick
b43dd83b43
musig: add missing static keyword to function 2023-02-13 14:03:51 +00:00
Jonas Nick
068e6a036a
musig: add test vectors from BIP MuSig 2023-02-13 14:03:51 +00:00
Jonas Nick
36621d13be
musig: update to BIP v1.0.0-rc.2 "Add ''pk'' arg to ''NonceGen''" 2023-02-13 14:03:51 +00:00
Jonas Nick
d717a4980b
musig: update to BIP v0.8 "Switch from X-only to plain pk inputs." 2023-02-13 14:03:51 +00:00
Jonas Nick
304f1bc96d
extrakeys: add pubkey_sort test vectors from BIP MuSig2 2023-02-13 14:03:51 +00:00
Jonas Nick
ae89051547
extrakeys: replace xonly_sort with pubkey_sort 2023-02-13 14:03:51 +00:00
Jonas Nick
98242fcdd9
extrakeys: add secp256k1_pubkey_cmp 2023-02-13 14:03:51 +00:00
Jonas Nick
73d5b6654d
musig: update to BIP v0.7.0 (NonceGen) 
- 0.7.0: Change ''NonceGen'' such that output when message is not present is different from when message is present but has length 0.
- 0.6.0: Change order of arguments and serialization of the message in the ''NonceGen'' hash function
 2023-02-13 14:03:51 +00:00
Jonas Nick
060887e9d7
musig: update to BIP v0.5.1 "Rename ordinary tweaking to plain" 2023-02-13 14:03:51 +00:00
sanket1729
d9145455bb Add bulletproofs++ norm argument prove API 2023-02-08 13:07:05 -08:00
sanket1729
8638f0e0ce Add internal BP++ commit API 2023-02-08 13:07:05 -08:00
sanket1729
412f8f66a0 Add utility functions required in norm argument 2023-02-08 03:09:11 -08:00
sanket1729
420353d7da Add utilities for log2 2023-02-08 03:09:11 -08:00
sanket1729
17417d44f3 Add utilities from uncompressed Bulletproofs PR 
Add a transcript module for doing a generic Fiat Shamir
 2023-02-08 03:09:11 -08:00
Andrew Poelstra
48563c8c79 bulletproofs: add API functionality to generate a large set of generators 2023-02-08 03:09:11 -08:00
Andrew Poelstra
048f9f8642 bulletproofs: add new empty module 2023-02-08 03:09:11 -08:00
Andrew Poelstra
6162d577fe generator: cleanups in Pedersen/generator code 
Silence a compiler warning about an unitialized use of a scalar in case
the user tries to provide a 0-length list of commitments.

Also ensures that commitments have normalized field elements when they
are loaded into ges.
 2023-02-08 03:09:11 -08:00
Andrew Poelstra
0a6006989f Revert "Remove unused scalar_sqr" 
This reverts commit 5437e7bdfbffddf69fdf7b4af7e997c78f5dafbf.
 2023-01-23 10:18:21 -08:00
Andrew Poelstra
87373f5145 MOVE ONLY: move Pedersen commitment stuff to generator module from rangeproof module 
You can verify this commit with `git diff --color-moved=zebra`
 2023-01-23 10:18:21 -08:00
Jonas Nick
b1f1675375
Merge elementsproject/secp256k1-zkp#214: sync-upstream: Fix $REPRODUCE_COMMAND for "select" 
e04c660b11cb744b8fc0611117c0d6c1a3e1e3dd sync-upstream: Fix $REPRODUCE_COMMAND for "select" (Tim Ruffing)

Pull request description:

ACKs for top commit:
  jonasnick:
    utACK e04c660b11cb744b8fc0611117c0d6c1a3e1e3dd

Tree-SHA512: 898b56f5931ef3a8e84546e5d2c0bd1a644cb7492aac4ecf80090edc250663b79b1bf4295a516868960c3a13113272f6fc50744b5daf0c90d5b9d9f561913c0b
 2023-01-23 09:40:20 +00:00
Jonas Nick
cbe2815633
musig: update to BIP v0.4 "Allow the output of NonceAgg to be inf" 2023-01-23 09:36:46 +00:00
Jonas Nick
206017d67d
musig: update to BIP v0.3 (NonceGen) 
- 0.3.0: Hash i - 1 instead of i in NonceGen
- 0.2.0: Change order of arguments in NonceGen hash function
 2023-01-23 09:36:45 +00:00
Jonas Nick
d800dd55db
musig: remove test vectors 
These vectors are superseded by test vectors in BIP MuSig2 which will be added
in a later commit.
 2023-01-23 09:36:45 +00:00
Jonas Nick
a58c7d29bd
Merge elementsproject/secp256k1-zkp#213: Update macOS image for CI 
3b2c675955874a077482f6c8983970194fcbc3ed Update macOS image for CI (Pieter Wuille)

Pull request description:

ACKs for top commit:
  real-or-random:
    utACK 3b2c675955874a077482f6c8983970194fcbc3ed
  jonasnick:
    ACK 3b2c675955874a077482f6c8983970194fcbc3ed

Tree-SHA512: 21987ea64929f7b43ea9a6f7eaa98bf47345aa03af10c45c0aa7a6e19b3a21c4a5d2aef0f6b99d6ddb4bf97752c8e2cdaeec619d4ef105e5d931790479de8ef5
 2023-01-23 09:35:36 +00:00
Tim Ruffing
e04c660b11
sync-upstream: Fix $REPRODUCE_COMMAND for "select" 2023-01-20 17:09:18 +01:00
Pieter Wuille
3b2c675955 Update macOS image for CI 2023-01-20 07:08:50 -08:00
Jonas Nick
c2ee9175e9
Merge bitcoin-core/secp256k1#1146: ci: prevent "-v/--version: not found" irrelevant error 
49ae843592650ca02b33c188cf2aff7aa78985d3 ci: mostly prevent "-v/--version: not found" irrelevant error (Jonas Nick)

Pull request description:

ACKs for top commit:
  real-or-random:
    ACK 49ae843592650ca02b33c188cf2aff7aa78985d3

Tree-SHA512: 2e048b037826dff372e26103f198e0d490494e7909d17d8632b51f6d9e0629b51bcd0b55b65b2c21d63d522394ccfed481ce126cea165c087df670556bc8ccf6
 2022-11-08 13:26:06 +00:00
Jonas Nick
e13fae487e
Merge bitcoin-core/secp256k1#1150: ci: always cat test_env.log 
5c9f1a5c3774192f77c97474431bb70a124c7b0c ci: always cat all logs_snippets (Jonas Nick)

Pull request description:

ACKs for top commit:
  real-or-random:
    ACK 5c9f1a5c3774192f77c97474431bb70a124c7b0c

Tree-SHA512: fc715c5fc4006d80a4b0c2faa8ef81ed23c4479614945ffa7c96665a3acc38fe956dd6d148bcf97043232ceee055b724ea9490e4ac4142a210e4488fed8dd299
 2022-11-08 13:24:29 +00:00
Jonas Nick
5c9f1a5c37
ci: always cat all logs_snippets 2022-11-07 20:12:33 +00:00
Jonas Nick
49ae843592
ci: mostly prevent "-v/--version: not found" irrelevant error 
$CC, $WRAPPER_CMD and valgrind are not necessarily defined
 2022-11-02 17:13:21 +00:00
Jonas Nick
a43e982bca
Merge bitcoin-core/secp256k1#1144: Cleanup .gitignore file 
f5039cb66c9f49d1c78fa59c0e83d0d122292697 Cleanup `.gitignore` file (Hennadii Stepanov)
798727ae1edc1b07257f7a884f8e57021063a089 Revert "Add test logs to gitignore" (Hennadii Stepanov)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f5039cb66c9f49d1c78fa59c0e83d0d122292697
  real-or-random:
    ACK f5039cb66c9f49d1c78fa59c0e83d0d122292697

Tree-SHA512: 3586329e77958a9bfa06dd84e5b121cd456e93332670d5afc1a6691e165cdfa5a6fd6a61f82be12ec33f2a58b26a13adfedeb177ae1056202e53a530949fc549
 2022-11-01 16:32:30 +00:00
Hennadii Stepanov
f5039cb66c
Cleanup .gitignore file 
The removed line was introduced for `obj/.gitignore` file. Since the
`obj` directory has been removed, it is not longer required.
 2022-10-28 16:30:20 +01:00
Hennadii Stepanov
798727ae1e
Revert "Add test logs to gitignore" 
This reverts commit bceefd6547635132ba17f022a52db18f17e00df6.
 2022-10-28 16:10:46 +01:00
Jonas Nick
d22774e248
Merge elementsproject/secp256k1-zkp#203: MuSig doc fixes 
dd83e72d52da0873e0c1a64c5554efa9000a3454 Add ordinary tweak info (Jesse Posner)
d26100cab266b08fd131503ba8e37d9bf091adbb Exclude nonce_process from pre-processing steps (Jesse Posner)
b7607f93f23a1a342b4fba552598e2a578f50527 Fix reference to xonly_tweak_add (Jesse Posner)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK dd83e72d52da0873e0c1a64c5554efa9000a3454

Tree-SHA512: b5b94e94625e235557d4a0d9973b14ef74be153b6bdd9a0701add9aa8af4a54411344030db2e65aaac701e3e6a0c1f46190f0d760f7314d426d077959271b615
 2022-09-02 12:20:12 +00:00
Jesse Posner
dd83e72d52
Add ordinary tweak info 2022-09-01 22:39:34 -07:00
Jesse Posner
d26100cab2
Exclude nonce_process from pre-processing steps 2022-09-01 22:39:22 -07:00
Jesse Posner
b7607f93f2
Fix reference to xonly_tweak_add 2022-09-01 22:38:03 -07:00
Jonas Nick
f7e9a8544f
Merge elementsproject/secp256k1-zkp#201: rangeproof: add secp256k1_rangeproof_max_size function to estimate rangeproof size 
6b6ced9839f2576898ba334e7ed2d550a2062b32 rangeproof: add more max_size tests (Jonas Nick)
34876ecb5facfc274580c0549df14e6664c03d82 rangeproof: add more static test vectors (Jonas Nick)
310e5170619b03977d471e9f7461bbaf5b607ca9 rangeproof: add a bunch more testing (Andrew Poelstra)
f1410cb67a2de45f8b1b1c14862656c0ae09ff87 rangeproof: add secp256k1_rangeproof_max_size function to estimate rangeproof size (Andrew Poelstra)

Pull request description:

ACKs for top commit:
  real-or-random:
    tACK 6b6ced9839f2576898ba334e7ed2d550a2062b32
  jonasnick:
    ACK 6b6ced9839f2576898ba334e7ed2d550a2062b32

Tree-SHA512: 421dfb0824f67f3822be729dc7f11e4654a21e32e3a6c5565e09b191ec57710b33a73c3d09c08f1d767d769f0957006ac257eabe00a2f37f88b99377644e8741
 2022-08-25 20:21:47 +00:00
Jonas Nick
6b6ced9839 rangeproof: add more max_size tests 2022-08-25 14:26:02 +00:00
Jonas Nick
34876ecb5f rangeproof: add more static test vectors 
Fixes #42
 2022-08-25 14:26:02 +00:00
Andrew Poelstra
310e517061 rangeproof: add a bunch more testing 
Add two new fixed rangeproof vectors; check that various extracted
values are correct; add a test for creating and verifying single-value
proofs.
 2022-08-25 14:26:02 +00:00
Andrew Poelstra
f1410cb67a rangeproof: add secp256k1_rangeproof_max_size function to estimate rangeproof size 
Provides a method that will give an upper bound on the size of a rangeproof,
given an upper bound on the value to be passed in and an upper bound on the
min_bits parameter.

There is a lot of design freedom here since the actual size of the rangeproof
depends on every parameter passed to rangeproof_sign, including the value to
be proven, often in quite intricate ways. For the sake of simplicity we assume
a nonzero `min_value` and that `exp` will be 0 (the default, and size-maximizing,
choice), and provide an exact value for a proof of the given value and min_bits.
 2022-08-25 14:26:00 +00:00
Jonas Nick
c137ddbdff
Merge elementsproject/secp256k1-zkp#200: build: automatically enable module dependencies 
171b294a1c7a736c1b93fa194e3af90b625259fa build: improve error message if --enable-experimental is missed (Jonas Nick)
58ab152bb4b6c8b4ab17061e90d61fcbc1be9e6c build: move all output concerning enabled modules at single place (Jonas Nick)
1493113e61eb593a18b8e2328dbe9bc1b82f68d5 build: automatically enable module dependencies (Jonas Nick)

Pull request description:

ACKs for top commit:
  real-or-random:
    utACK 171b294a1c7a736c1b93fa194e3af90b625259fa

Tree-SHA512: 644e7d96b02c1f4f0751cf84b268f313cc0bd955ea6eacdeddb932b9ba7990be8e8aca9db8c050fd91a35d0a0173061e40fe8c1bf8bfd03107b86aa1bf85e871
 2022-08-22 14:45:42 +00:00
Jonas Nick
0202d839fb
Merge elementsproject/secp256k1-zkp#199: surjectionproof: make sure that n_used_pubkeys > 0 in generate 
5ac8fb035e8f0ad012d9f54b49e77b5d1f5e713a surjectionproof: make sure that n_used_pubkeys > 0 in generate (Jonas Nick)

Pull request description:

ACKs for top commit:
  apoelstra:
    utACK 5ac8fb035e8f0ad012d9f54b49e77b5d1f5e713a

Tree-SHA512: 915f7181e69e2c4e1f830d6c2620a2d9b0af4d2ae8a63709b489b01ed9e13ccfeeaedebd4680cf2d927cd473a6ae88602cf29e2fdd116cb597fba6c0ab77720d
 2022-08-18 19:54:00 +00:00
Jonas Nick
5ac8fb035e surjectionproof: make sure that n_used_pubkeys > 0 in generate 
If the proof was generated with surjectionproof_initialize (as mandated by the
API docs), then n_used_pubkeys can never be 0. Without this commit, compilers
will (rightfully) warn that borromean_s[ring_input_index] is not initialized in
surjectionproof_generate. Therefore, this commit makes sure that n_used_pubkeys
is greater than 0 which ensures that the array is initialized at
ring_input_index.
 2022-08-15 20:01:39 +00:00
Andrew Poelstra
7ff446df8b
Merge ElementsProject/secp256k1-zkp#198: rangeproof: add a test for all-zero blinding factors 
5a40f3d99bbd879391a3fb3c038a6d49ec01bc03 replace memcmp with secp256k1_memcmp_var throughout the codebase (Andrew Poelstra)
92820d944b52d923dad57b7d5bae5fec48f28ddd rangeproof: add a test for all-zero blinding factors (Andrew Poelstra)

Pull request description:

  I was curious about under what conditions you can create a rangeproof on an "unblinded" commitment which has a zero blinding factor. Apparently the answer is "when you are proving at least 3-bits". In this case rewinding words and you can encode 32 bytes of data. (In fact I believe you can encode up to 128 but I haven't tested that.)

ACKs for top commit:
  real-or-random:
    utACK 5a40f3d99bbd879391a3fb3c038a6d49ec01bc03

Tree-SHA512: bed7f9362d082d2b56668809077d5ddde52280109c992a290d87b55cb70138a08799fcca18cafbb3b3e9efed4349418bf9bb2c0ccedacdce0567e841e6d21e13
 2022-08-12 23:55:46 +00:00