ilyakooo0/urbit
1
0
Fork 0
mirror of https://github.com/ilyakooo0/urbit.git synced 2024-09-20 15:08:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

+ring runs in 2.5s with the appropriate jets on a ring of 60 participants.

Browse Source
This commit is contained in:
Elliot Glaysher 2019-06-13 13:43:43 -07:00
parent d33fc1ef3f
commit e0e536401e
3 changed files with 67 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
gen/ring.hoon
View File

@ -14,7 +14,7 @@
=| keys=(list [pk=@udpoint sk=@udscalar])
::
|-
?: =(count 58)
?: =(count 60)
keys
:: using key-num as our "secret" key.
::
@ -33,8 +33,8 @@
~& %start----------signing
::
=/ message "blah"
::=/ scope [~ [%link-scope 52]]
=/ scope ~
=/ scope [~ [%link-scope 52]]
::=/ scope ~
::
=/ signature=ring-signature
(sign message scope key-set my-public-key my-private-key eny)

76
lib/ring.hoon
View File

@ -8,17 +8,6 @@
|= input=*
:: l:ed is ecc-n
(mod (shaz (jam input)) l:ed:crypto)
:: TODO: naked +point-mul needs to be jetted, but for now I want to just see
:: how fast things are.
::
++ point-mul
|= [s=@udscalar p=@udpoint]
^- @udpoint
::
%- etch:ed:crypto
%+ scam:ed:crypto
(need (deco:ed:crypto p))
s
::
::::
::
@ -45,7 +34,7 @@
~
::
=+ [data=@ h=@udpoint]=(generate-public-linkage u.link-scope)
=/ y=@udpoint (point-mul my-private-key h)
=/ y=@udpoint (scalarmult:ed:crypto my-private-key h)
[~ data h y]
:: +generate-challenge: generate challenge from a given message
::
@ -86,16 +75,23 @@
^- (list @)
::
=/ gs=@udpoint
(double-scalarmult:ed:crypto prev-ch (snag prev-k public-keys) prev-s)
%- add-scalarmult-scalarmult-base:ed:crypto :*
prev-ch
(snag prev-k public-keys)
prev-s
==
::
=/ hs=(unit @udpoint)
:: ?~ link-state
?~ link-state
~
:: ::
:: :- ~
:: %+ point-add
:: (point-mul prev-s h.u.link-state)
:: (point-mul prev-ch y.u.link-state)
::
:- ~
%- add-double-scalarmult:ed:crypto :*
prev-s
h.u.link-state
prev-ch
y.u.link-state
==
::
=/ ch=@
(generate-challenge message gs link-state hs)
@ -110,18 +106,18 @@
ss t.ss
challenges [ch challenges]
==
:: +point-mul-h: maybe multiply u by h in linkage
:: +scalarmult-h: maybe multiply u by h in linkage
::
:: Since linkage tags are optional, we need to be able to just do the math
:: in case :linkage is set and fall through otherwise. +point-mul-h is used
:: in case :linkage is set and fall through otherwise. +scalarmult-h is used
:: to generate the (unit point) consumed by +generate-challenge.
::
++ point-mul-h
++ scalarmult-h
|= [u=@ linkage=(unit [data=@ h=@udpoint y=@udpoint])]
^- (unit @udpoint)
?~ linkage
~
[~ (point-mul u h.u.linkage)]
[~ (scalarmult:ed:crypto u h.u.linkage)]
:: +reorder: reorders a list so the ith element is first
::
++ reorder
@ -191,7 +187,7 @@
message
(scalarmult-base:ed:crypto u)
linkage
(point-mul-h u linkage)
(scalarmult-h u linkage)
==
:: Generate challenges for [ck, ..., c1, c0, ... ck + 2, ck + 1]
::
@ -210,19 +206,6 @@
=/ chk=@ (head reversed-chk-to-chk1)
:: Compute s = u - x * c mod n
::
:: TODO: I believe this part is wrong and that this is what is
:: breaking the signature verification. For some reason, this doesn't
:: result in . I must be screwing up the math here, but I don't
:: understand how.
::
:: The aos implementation is "let sK = (u - ECDSA.private_d privKey *
:: chK) `mod` n", and I believe the following is equivalent? At least
:: with smaller prime numbers, testing it in both the dojo and ghci,
:: they got the same results on simple things like `5 - 14 % 7`.
::
:: But I must be doing something wrong here because this sk doesn't
:: line up with the rest of the ring.
::
=/ sk=@ (~(dif fo l:ed:crypto) u (mul my-private-key chk))
::
=/ ordered-challenges=(list @)
@ -283,7 +266,11 @@
(lent anonymity-list)
::
=/ z0p=@udpoint
(double-scalarmult:ed:crypto ch0.signature (head anonymity-list) s0)
%- add-scalarmult-scalarmult-base:ed:crypto :*
ch0.signature
(head anonymity-list)
s0
==
:: generate the linkage using public data, and the y point from the signature
::
=/ linkage=(unit [data=@ h=@udpoint y=@udpoint])
@ -294,12 +281,15 @@
[data h (need y.signature)]
::
=/ z0pp=(unit @udpoint)
:: ?~ linkage
?~ linkage
~
:: :- ~
:: %+ point-add
:: (point-mul s0 h.u.linkage)
:: (point-mul ch0.signature y.u.linkage)
:- ~
%- add-double-scalarmult:ed:crypto :*
s0
h.u.linkage
ch0.signature
y.u.linkage
==
:: initial challenge
::
=/ ch1=@

41
sys/zuse.hoon
View File

@ -3127,6 +3127,27 @@
~% %ed + ~
|%
::
++ add
~/ %add
|= [a-point=@udpoint b-point=@udpoint]
^- @udpoint
::
=/ a-point-decoded=[@ @] (need (deco a-point))
=/ b-point-decoded=[@ @] (need (deco b-point))
::
%- etch
(ward a-point-decoded b-point-decoded)
::
++ scalarmult
~/ %scalarmult
|= [a=@udscalar a-point=@udpoint]
^- @udpoint
::
=/ a-point-decoded=[@ @] (need (deco a-point))
::
%- etch
(scam a-point-decoded a)
::
++ scalarmult-base
~/ %scalarmult-base
|= scalar=@udscalar
@ -3134,8 +3155,8 @@
%- etch
(scam bb scalar)
::
++ double-scalarmult
~/ %double-scalarmult
++ add-scalarmult-scalarmult-base
~/ %add-scalarmult-scalarmult-base
|= [a=@udscalar a-point=@udpoint b=@udscalar]
^- @udpoint
::
@ -3146,18 +3167,18 @@
(scam bb b)
(scam a-point-decoded a)
::
++ double-mult
~/ %double-mult
++ add-double-scalarmult
~/ %add-double-scalarmult
|= [a=@udscalar a-point=@udpoint b=@udscalar b-point=@udpoint]
^- @udpoint
::
=/ a-point-decoded=[@ @] (need (deco:ed a-point))
=/ b-point-decoded=[@ @] (need (deco:ed b-point))
=/ a-point-decoded=[@ @] (need (deco a-point))
=/ b-point-decoded=[@ @] (need (deco b-point))
::
%- etch:ed:crypto
%+ ward:ed
(scam:ed a-point-decoded a)
(scam:ed b-point-decoded b)
%- etch
%+ ward
(scam a-point-decoded a)
(scam b-point-decoded b)
:: :: ++puck:ed:crypto
++ puck :: public key
~/ %puck