trezor-firmware/core/tests/test_apps.zcash.orchard.crypto.redpallas.py

from common import *

from trezor.crypto.hashlib import blake2b
from trezor.crypto.pallas import to_scalar, Point, Scalar

from apps.zcash.orchard.crypto.generators import SPENDING_KEY_BASE as G
from apps.zcash.orchard.random import ActionShieldingRng

if not utils.BITCOIN_ONLY:
    from apps.zcash.orchard.crypto.redpallas import sign_spend_auth


def H_star(x: bytes) -> Scalar:
    digest = blake2b(personal=b"Zcash_RedPallasH", data=x).digest()
    return to_scalar(digest)


def verify(signature, message, vk_):
    R_, S_ = signature[:32], signature[32:]
    R = Point(R_)
    S = Scalar(S_)
    vk = Point(vk_)
    c = H_star(R_ + vk_ + message)
    if R.to_bytes() != R_:
        return False
    if S.to_bytes() != S_:
        return False
    return ((-S) * G + R + c * vk).is_identity()


@unittest.skipUnless(not utils.BITCOIN_ONLY, "altcoin")
class TestZcashRedPallas(unittest.TestCase):
    def test_redpallas(self):
        message = b"hello"
        sk = Scalar(32 * b"\x01")
        vk = sk * G
        rng = ActionShieldingRng(32 * b"\x00")
        sig = sign_spend_auth(sk, message, rng)
        self.assertEqual(verify(sig, message, vk.to_bytes()), True)
        print()
        print("vk:", list(vk.to_bytes()))
        print("message:", list(message))
        print("sig:", list(sig))
        print("===")
        print(list(vk.to_bytes()), ",", list(sig), ", &", list(message))
        print("===")


if __name__ == "__main__":
    unittest.main()
feat(core): add Zcash shielded transactions 2022-11-17 04:58:19 +00:00			`from common import *`

			`from trezor.crypto.hashlib import blake2b`
			`from trezor.crypto.pallas import to_scalar, Point, Scalar`

			`from apps.zcash.orchard.crypto.generators import SPENDING_KEY_BASE as G`
			`from apps.zcash.orchard.random import ActionShieldingRng`

			`if not utils.BITCOIN_ONLY:`
			`from apps.zcash.orchard.crypto.redpallas import sign_spend_auth`


			`def H_star(x: bytes) -> Scalar:`
			`digest = blake2b(personal=b"Zcash_RedPallasH", data=x).digest()`
			`return to_scalar(digest)`


			`def verify(signature, message, vk_):`
			`R_, S_ = signature[:32], signature[32:]`
			`R = Point(R_)`
			`S = Scalar(S_)`
			`vk = Point(vk_)`
			`c = H_star(R_ + vk_ + message)`
			`if R.to_bytes() != R_:`
			`return False`
			`if S.to_bytes() != S_:`
			`return False`
			`return ((-S) * G + R + c * vk).is_identity()`


			`@unittest.skipUnless(not utils.BITCOIN_ONLY, "altcoin")`
			`class TestZcashRedPallas(unittest.TestCase):`
			`def test_redpallas(self):`
			`message = b"hello"`
			`sk = Scalar(32 * b"\x01")`
			`vk = sk * G`
			`rng = ActionShieldingRng(32 * b"\x00")`
			`sig = sign_spend_auth(sk, message, rng)`
			`self.assertEqual(verify(sig, message, vk.to_bytes()), True)`
			`print()`
			`print("vk:", list(vk.to_bytes()))`
			`print("message:", list(message))`
			`print("sig:", list(sig))`
			`print("===")`
			`print(list(vk.to_bytes()), ",", list(sig), ", &", list(message))`
			`print("===")`


			`if __name__ == "__main__":`
			`unittest.main()`