diff --git a/core/.changelog.d/2570.changed b/core/.changelog.d/2570.changed new file mode 100644 index 0000000000..304c435702 --- /dev/null +++ b/core/.changelog.d/2570.changed @@ -0,0 +1 @@ +Remove old BulletProof code from Monero diff --git a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h index 2a01e2f820..d7237709f0 100644 --- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h +++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h @@ -1239,526 +1239,6 @@ STATIC const mp_obj_type_t mod_trezorcrypto_monero_hasher_type = { .locals_dict = (void *)&mod_trezorcrypto_monero_hasher_locals_dict, }; -/// BP_GI_PRE: bytes -STATIC const mp_obj_str_t mod_trezorcrypto_monero_BP_GI_PRE_obj = {{&mp_type_bytes}, 0, 4096, (const byte*)"" -"\x0b\x48\xbe\x50\xe4\x9c\xad\x13\xfb\x3e\x01\x4f\x3f\xa7\xd6\x8b" -"\xac\xa7\xc8\xa9\x10\x83\xdc\x9c\x59\xb3\x79\xaa\xab\x21\x8f\x15" -"\xdf\x01\xa5\xd6\x3b\x3e\x3a\x38\x38\x2a\xfb\xd7\xbc\x68\x5f\x34" -"\x3d\x61\x92\xda\x16\xed\x4b\x45\x1f\x15\xfd\xda\xb1\x70\xe2\x2d" -"\x73\x69\xc8\xd5\xa7\x45\x42\x3d\x26\x06\x23\xa1\xf7\x5f\xae\x1f" -"\xb1\xf8\x1b\x16\x9d\x42\x2a\xcd\x85\x58\xe9\xd5\x74\x25\x48\xbd" -"\x81\xc0\x7d\x2b\xd8\x77\x1e\xb4\xbd\x84\x15\x5d\x38\xd7\x05\x31" -"\xfe\x66\x2b\x78\xf0\xc4\x4a\x9a\xea\xea\x2e\xd2\xd6\xf0\xeb\xe1" -"\x08\x96\xc5\xc2\x2f\x00\x70\xeb\xf0\x55\xdf\xe8\xdc\x1c\xb2\x05" -"\x42\xef\x29\x15\x1a\xa0\x77\x1e\x58\x1e\x68\xfe\x78\x18\xef\x42" -"\x35\xc8\xdf\x1a\x32\xae\xce\xed\xef\xcb\xdf\x6d\x91\xd5\x24\x92" -"\x9b\x84\x02\xa0\x26\xcb\x85\x74\xe0\xe3\xa3\x34\x2c\xe2\x11\xbc" -"\xd9\x67\xbc\x14\xe7\xab\xda\x6c\x17\xc2\xf2\x2a\x38\x1b\x84\xc2" -"\x49\x75\x78\x52\xe9\x9d\x62\xc4\x5f\x16\x0e\x89\x15\xec\x21\xd4" -"\xc8\xa3\x83\x1d\x7c\x2f\x24\x58\x1e\xc9\xd1\x50\x13\xdf\xcc\xb5" -"\xeb\xa6\x9d\xf6\x91\xa0\x80\x02\xb3\x3d\x4f\x2f\xb0\x6c\xa9\xf2" -"\x9c\xfb\xc7\x0d\xb0\x23\xa4\x8e\x45\x35\xf5\x83\x8f\x5e\xa2\x7f" -"\x70\x98\x0d\x11\xec\xd9\x35\xb4\x78\x25\x8e\x2a\x4f\x10\x06\xb3" -"\x2d\xa6\x38\x72\x92\x25\x9e\x69\xac\x0a\x82\x9e\xf3\x47\x69\x98" -"\x96\x72\x8c\x0c\xc0\xca\xdc\x74\x6d\xae\x46\xfb\x31\x86\x4a\x59" -"\xa5\xb9\xa1\x54\x9c\x77\xe4\xcf\x8a\xb8\xb2\x55\xa3\xa0\xae\xfa" -"\xa4\xca\xd1\x25\xd2\x19\x94\x9c\x0a\xef\xf0\xc3\x56\x0a\xb1\x58" -"\xed\x67\x17\x48\xa1\x75\x56\x41\x9e\xc9\x42\xe1\x6b\x90\x1d\xbb" -"\x2f\xc6\xdf\x96\x60\x32\x4f\xcb\xcd\x6e\x40\xf2\x35\xd7\x5b\x76" -"\x4f\xaf\xf6\x1c\x19\x05\x22\x2b\xaf\x87\xd5\x1d\x45\xf3\x55\x81" -"\x38\xc8\x7c\xe5\x4c\x46\x4c\xc6\x40\xb9\x55\xe7\xfa\x33\x10\xf8" -"\x3b\x13\xdd\x7b\x24\x73\x19\xe1\x3c\xe6\x19\x95\xbc\x77\x1e\xe1" -"\xed\xe7\x36\x35\x99\xf0\x8f\xc5\xcf\xda\x89\x0e\xa8\x03\xe0\xec" -"\xa7\x0a\x97\x70\x7e\x90\x56\x29\xa5\xe0\x6d\x18\x6a\x96\x4f\x32" -"\x2f\xff\xba\xa7\xed\x2e\x78\x1d\x4d\x3f\xed\xe0\x74\x61\xf4\x4b" -"\x2d\x98\xdb\xcc\x0c\xaa\x20\x55\x14\x6e\x13\xf5\x0e\xcf\x75\x49" -"\x1d\xad\xd3\x6a\xd2\xba\xac\x56\xbc\x08\x56\x2e\xc6\x6c\xe1\x10" -"\xb5\x44\x83\x1d\xbd\x34\xc6\xc2\x52\x95\x81\x51\xc4\x9a\x73\x4c" -"\x6e\x62\x5e\x42\x60\x8c\x00\x5e\x79\x7e\xdb\x6d\x0a\x89\x34\xb3" -"\x24\xa0\xe4\xd3\x1c\xba\x01\x57\x83\x50\x1e\xcd\xfa\x7a\x8e\xba" -"\xe3\xa6\xbf\xd3\x2e\x6d\x1a\x36\x14\xb1\x11\x83\xc8\x09\x80\xd4" -"\x54\x6c\xc3\xee\x5d\xb4\x7b\xfe\x97\x05\xaa\x95\xe2\xda\x29\xf2" -"\x28\x23\x03\x53\x91\x7e\x5d\x2b\x19\x32\xfe\x48\x2f\xbc\xfe\xd7" -"\x13\x4d\x55\x6d\x0c\x27\xf6\xcc\x6b\xf3\x01\x5c\x06\x61\x16\x25" -"\x73\x9d\x88\x9c\x57\x89\xfa\x75\xb3\xc8\x39\x69\xcb\x88\xb1\xdf" -"\x01\xc0\xac\xa4\x70\xf6\x65\xeb\x71\x82\xe0\x72\xbc\xa8\x9b\xc6" -"\x69\xff\xe5\xb0\x29\x6f\xe2\x13\x43\xa8\xc3\x27\xc8\xa8\x41\x75" -"\x02\x85\x5a\x25\xcc\xb7\x5b\x2f\x8e\xea\xc5\xd1\xdb\x25\x04\x4b" -"\x0a\xea\xd2\xcf\x77\x02\x1e\xd9\x4f\x79\xf3\x00\x1e\x7b\x8e\x9d" -"\xb7\x31\x1d\xb2\x8c\x45\xc9\x0d\x80\xa1\xe3\xd5\xb2\x7b\x43\xf8" -"\xe3\x80\x21\x4d\x6a\x2c\x40\x46\xc8\xd4\x0f\x52\x4d\x47\x83\x53" -"\x20\x4d\x01\xa1\x7c\x4f\xb7\xb1\x8c\x2f\x48\x27\x01\x50\xdb\x67" -"\xd4\xb0\xb9\xce\x87\x86\xe0\x3c\x95\x50\xc5\x47\xfb\x18\x02\x9e" -"\xf1\x6e\x56\x29\xe9\xa1\xc6\x68\xe1\xaa\x79\xc7\x88\x73\x55\xf5" -"\xf5\x1b\x0c\xbb\x1f\x08\x35\xe0\x4e\x7a\xcc\x53\xac\x55\xa3\x57" -"\x41\x97\xb5\x4c\x5a\xaa\xad\x47\xbe\x24\xdb\xbc\x11\xc1\xbd\x3e" -"\xeb\x62\x46\x54\x2d\x2f\x5a\xe5\xf4\x39\x8d\xd4\xa7\x60\x17\x03" -"\xcb\xbf\xd5\x9b\xad\xdd\x3a\x7c\xe6\xe3\x75\xe7\xd9\x00\x50\xe2" -"\x71\xb1\x3f\x13\x2d\xf8\x5e\x1c\x12\xbe\x54\xfe\x66\xde\x81\xf6" -"\x8a\x1c\x8f\x69\x6f\x3e\x77\x3c\x7e\xef\x57\xac\x13\x89\xbd\x02" -"\x80\xd5\x58\xea\x78\x62\xf0\x1b\x64\x1e\xc6\xda\x0e\xfe\xfb\xee" -"\xd0\x50\x9c\x53\x8a\x8c\x36\x16\x68\x1d\x76\x1a\xe5\xc6\xf9\xd2" -"\xaa\xde\xd7\x18\x90\xda\x24\x96\x15\x60\x43\x08\x21\x82\xec\x85" -"\x9c\x3a\xe4\x86\x93\xf9\x13\x43\xd0\xa5\xf0\xec\xbb\x7d\xec\x9b" -"\x97\x3b\xf2\x13\x67\x8a\x65\x3b\x0d\x9d\xf5\x10\x65\x2a\x23\xc0" -"\xb8\x06\x53\x67\x92\x4a\x4c\xfc\x78\x60\x36\xc0\x66\xca\xa7\x38" -"\x34\x9c\xf1\xcd\xa7\x0d\xbf\xa8\x5c\xce\xb4\xa0\x9f\x85\x03\x9b" -"\x6f\x77\x27\x4f\xa6\xe2\x79\x35\xbf\x89\xae\x37\x3a\x3b\x5a\xda" -"\x58\x24\xbd\x4b\x2a\xec\x22\x2a\xeb\xd7\xfe\xe7\xa4\x82\xe9\xc1" -"\x33\x58\xea\xb2\x5f\x94\x22\x36\xf3\xf4\xb6\xeb\xaf\xe1\xc3\xee" -"\xee\xf7\x93\x83\x66\x80\x66\x7c\x66\x94\x64\xc3\xd4\xa0\x84\x7d" -"\xf3\x02\x4b\xd5\xdf\x2a\xa4\xaa\x4d\x19\xe5\x51\xed\xe9\x3d\xd0" -"\x75\xf7\x95\x3a\xca\xe5\x3f\x0f\x9e\x8a\x38\x4e\x49\x6c\x52\x50" -"\xb0\x7e\x76\x17\xe8\x9e\x28\xf9\x53\xd0\x96\xec\x29\x87\xeb\xd8" -"\xf3\xe7\x4d\x93\x39\x63\xb8\x27\x73\xd3\x7a\xb1\xb7\xa3\x60\x1d" -"\xc8\x97\x13\x34\x82\x5d\xd1\xd6\x7e\x4c\x48\x29\x72\x92\xa0\x7a" -"\x40\x62\x96\x75\xb3\xe8\x78\x8e\xfc\x68\x73\x85\x30\x04\x81\xae" -"\x69\x74\x06\xd2\x4e\xf8\x8e\xbf\x9c\xa1\x97\x2c\x1d\x52\x84\x78" -"\x85\x8e\xad\x85\x78\x2e\xd4\x10\xeb\xbc\x1f\x3d\xa4\x8b\xa8\x07" -"\x83\x62\x36\xaa\xc0\xa8\xf0\x8a\x50\x29\x11\x5d\x57\xe7\xef\x18" -"\xcb\x27\xcc\xe8\xd2\xc1\x57\xa9\xf4\xf5\x61\x5d\xcc\x34\x8a\xea" -"\xc8\x0d\x0f\x28\xdf\x33\xba\xbe\x39\xf6\xec\xbd\x19\xa4\xa6\xaf" -"\xa8\x53\xaa\x4d\xa0\x3b\x6b\xd7\xa8\x06\x22\x9d\xed\x76\xd2\xc5" -"\xb9\xde\x11\x76\xd5\x19\xa7\x93\x94\x67\x92\xb5\x41\x7e\xaf\x7d" -"\x2d\x51\x26\x97\x7c\x57\x04\xfc\x0f\xcd\x8e\x1b\x2f\x58\x9b\x1d" -"\x41\x8d\x19\xdd\x28\xf7\xe9\x4c\x51\xa1\x78\x2d\x32\x2e\x03\xcb" -"\xa4\x78\x85\x74\x24\x49\x7b\x4a\x37\x3f\xde\x0f\xba\xe4\xcc\xd9" -"\x38\xcb\xbf\xa0\xf4\xad\x23\x97\xee\xd7\xf7\x6d\xc3\xcd\xb6\xb0" -"\x6a\x36\x66\x0c\x07\x75\xd3\x91\xca\x47\x21\x33\x41\xf6\x59\xe9" -"\x01\x4f\x70\x28\x4e\xfa\xa5\xfa\xab\xa4\xbb\x83\x79\xce\x02\x04" -"\xf5\xae\xdc\x28\x26\x8d\x82\x43\x8b\x5b\x88\x1f\xdf\x2d\xee\x4a" -"\xd7\xd4\x0e\xd1\x3d\xad\x57\xca\x92\x96\x14\xa6\x3a\x00\xfe\x3a" -"\x78\xf3\x3b\x30\xb6\xfd\x5f\x39\xe4\x43\x70\x36\xdc\xed\x8d\x87" -"\xaf\x43\x28\x2f\x43\xfa\x14\xab\xaf\x6c\x84\x15\xfc\x05\xee\x1a" -"\xd1\x71\xd8\x1f\xaa\x46\x7d\xdf\xe5\xe0\x2e\xb6\x89\x5e\x56\x88" -"\xde\xc0\x48\xf6\x66\x0e\x3a\x2f\xd8\xbd\xec\x60\x2a\xf5\x95\x90" -"\xec\x4c\x6e\xab\x83\x4c\xc0\xde\xc8\x62\x1e\xb5\x10\xfb\xa6\xf7" -"\xad\xf4\x76\x93\xc2\xfd\x57\x4d\x82\x20\xa2\xe7\x0e\x73\xad\x68" -"\xe4\xc3\x32\x48\x8e\xb8\xe7\x31\xfe\x60\x0d\x1e\x9f\x6b\x8f\x5c" -"\xbf\x69\x9c\x18\xd0\x6b\xcd\x73\xb7\xcf\xce\xf4\x2e\x68\xaf\x7a" -"\xe6\x7f\xea\x46\xe9\x46\xde\x6a\x61\xfa\xa4\x2c\x53\x5c\xfc\xae" -"\xaa\xd5\x33\x4f\xc1\xa9\xba\xd4\xa5\x3e\x57\xd1\x1c\x6a\xcc\xfc" -"\xef\xd2\xe8\xab\x44\xcb\x12\xfb\x2e\x66\x4f\xcb\xdf\x5c\x82\xb2" -"\x12\x89\x62\x6a\xc2\xa1\x40\x2b\xde\x7a\x86\x9e\xb9\xed\x78\x07" -"\x33\x8d\xd3\xb2\xba\x82\x37\x84\x5d\xb9\x67\x71\xcc\x98\x80\x08" -"\x1a\xcf\x05\x3d\x9b\xd5\x1c\x01\x01\x94\x1c\x4c\x26\xf6\x6a\xa5" -"\xdb\xad\x3f\x53\x54\x60\x85\x77\xf9\xe5\x1a\xfe\x74\x3a\xdd\x50" -"\xf1\xb5\x90\x1b\xea\x7b\xeb\x5a\xe7\x80\xb6\xec\xe9\x77\xf6\x5b" -"\x9c\x62\x8e\x1d\xce\x0a\xd1\xe0\x78\xc7\x46\xc2\xf3\x8d\x0e\x7f" -"\x06\xb0\x88\x70\x8a\xe9\xac\x11\x17\xe3\xa3\x79\x99\xc1\xd7\x5a" -"\x62\xe9\xc9\xe0\x17\x01\x8e\x08\x8a\xeb\xfb\x37\x8d\xe2\x9c\x78" -"\x93\xac\xf1\x09\x42\x58\x4b\xf5\x58\xa2\xd0\x2d\x75\x1e\x34\xf3" -"\xf4\x84\xb0\x01\xe3\x19\x24\xcc\x21\x84\x8b\xf0\xdd\xaf\x1f\x3d" -"\x8a\x31\x00\x49\x73\x6f\xf7\xf0\x49\x29\x4d\x8a\x59\x5f\x2c\xa7" -"\x26\x3a\x36\x13\x84\x0c\x14\xb3\x3e\xf4\x83\xcd\xca\x5b\xbb\x8a" -"\x4c\x70\x04\xcc\xb8\xf6\x71\x56\x26\x7e\xe3\x5f\x28\x0d\xb1\x26" -"\x45\xde\x8e\x55\x2a\x93\x12\xdf\x57\x69\xa0\x30\xa6\xb4\x6d\x80" -"\xdb\x2e\x6c\x06\xb3\xc7\x6c\x1a\xda\x42\x37\x3b\x29\xa0\x59\x1f" -"\x39\x85\x67\x49\xdf\xdf\xb2\x66\x81\x16\x6a\x28\x6f\xb4\xf2\x09" -"\x7a\x3b\x6f\x8f\xeb\xdb\xe4\x41\x3b\x67\xb5\x58\x68\x9c\x2e\x7c" -"\x1d\x6d\x64\x08\xf4\x6a\x60\x94\xc7\x4b\x22\x81\xe7\x96\xe1\xd9" -"\x00\xcc\x83\x53\x37\xa3\x1b\x53\x50\xca\xa9\xc4\x44\xc6\x70\xf7" -"\x8f\x86\x6e\x03\xef\x6e\xc2\xcb\xcb\xc1\x79\x97\x41\x45\xb2\x39" -"\xb9\x09\x12\xbb\xee\xf8\xf5\x76\x96\x1b\x5e\xfc\x69\x64\x1f\x7a" -"\x71\x51\x70\x87\x75\xb6\x7c\x9e\x65\xed\x9b\xb9\xf5\xa8\x7b\xb7" -"\x90\xda\x20\x35\x57\xbe\xd2\x67\x40\x55\xe8\xa6\xab\x36\x46\xc4" -"\xe1\xa8\x45\xea\x53\xd8\x61\x4a\xe4\x90\x06\x5d\xef\x75\x76\x15" -"\xa2\x65\xf2\xab\x98\x38\x80\x29\xae\xc3\xaf\xb5\xcc\xa3\xa6\x66" -"\xab\x29\xb6\xd2\xc0\x02\x97\x9c\x63\x6a\x3b\x41\xb8\x83\x7a\x43" -"\x2a\x81\xd6\xdb\x55\xcf\x40\x6b\x1f\x58\x42\xb0\xa8\x87\xfe\x6b" -"\x2b\xd8\x8e\x46\x29\x8e\xd3\xec\xc3\x87\x4c\x98\x37\x73\x46\x33" -"\x1f\xde\x7a\x2f\xf7\xf1\x04\x26\x5b\xbd\x2d\x02\x74\xc0\x33\xc7" -"\x58\x38\x51\x00\x1d\xcd\xb3\xde\xd9\x0a\x9c\x09\x77\xc1\xf8\x6d" -"\x58\x46\x47\x55\x73\x30\xce\xe5\x0a\x53\xbb\x15\xab\x2b\x5a\x8d" -"\x8a\x2b\x5f\xb2\x9f\xfd\xa0\xe1\x54\xb2\x63\x67\xe5\xba\x1c\x67" -"\xa8\x79\xdd\xdb\x61\xd4\x08\x67\xb6\xcd\xf5\xe3\x8e\x0f\xcb\xdb" -"\x9a\x92\x5f\x62\x2c\x7d\xe9\x34\xa3\x08\x23\x90\x67\xda\x11\x65" -"\xdc\x9b\xa8\x91\xfd\x29\xbb\x9d\x9d\xff\x2c\x46\xc6\x0f\x95\x39" -"\x0d\x3d\xda\x52\xaf\x9e\xf6\x4f\xf6\x3d\x2d\xf7\x22\x25\x38\x3b" -"\x92\xbe\x1b\xa4\x8b\x17\x40\x56\x78\xd2\x24\x35\x65\xbb\x58\x86" -"\x9b\xc4\xb2\xb8\x79\xcc\xc8\x99\xd2\xf9\x36\xc2\xb8\x19\x5f\xd4" -"\x74\x05\xd8\x6f\xfb\x46\x97\x55\xb7\x72\xe4\xb5\xfb\xe7\xe4\xa2" -"\x93\xb5\xdb\x71\x00\x08\xc9\x00\x6d\xab\xd6\xa9\xab\xec\xdf\x60" -"\x9a\x3c\x78\x9a\xcf\xe2\xf2\x33\xae\x14\x21\x93\x1e\xf6\x63\x34" -"\xfe\x74\x3f\x48\x77\xbf\xcd\x3a\x63\x71\xfb\xe3\x78\x46\x5b\xd6" -"\x3b\xf5\xda\xee\x92\x0b\x1a\x64\x13\xa4\x6c\x69\x69\x3f\x72\xfc" -"\x87\x9f\xff\xe1\xa9\x17\x38\x08\x4d\xf8\x46\xbe\x95\x43\x89\x28" -"\x93\x95\x83\x44\xa0\x01\x58\x1e\xe3\x2c\x21\xa7\x28\xe8\x05\x04" -"\x69\x95\x3b\xda\xb7\x83\xee\xae\xc5\x56\xa2\xa5\xab\x1c\xf3\xd0" -"\x8c\x2b\x92\x33\xf5\xf3\x64\x1b\xcd\x76\x08\x7c\xf2\x95\x5b\x60" -"\xae\x14\x1e\xd4\xca\xde\x54\x5d\xf6\x0a\x61\x9a\x55\x60\x71\xd2" -"\xef\x3d\xea\x09\xe7\xbf\x54\x60\x50\xe5\xdf\x3a\x8f\xdf\x04\xf6" -"\x63\x16\xf6\xda\xa4\xdb\xb8\xcb\xd2\x42\xd0\x6a\xae\xcb\x1f\x1d" -"\xbb\x4d\xae\x42\xc1\x58\x9c\x32\x83\x02\x77\xd2\x09\xbe\x16\x0d" -"\xaf\x62\x8b\x5b\x19\x92\xf2\xb1\xc5\xf0\xea\xcd\xa1\xe3\x8e\x00" -"\x87\xb7\xca\x8d\xab\x93\x50\x15\x40\x48\x5a\xd1\x8f\xf8\x69\xab" -"\x4f\x4b\x8b\x01\x6f\x45\x43\xc6\xa7\xa9\x36\xfd\x35\x1f\xa5\xcc" -"\x62\x7d\x24\xeb\xbb\x30\xd8\x18\x9c\x42\x58\x86\x45\xcb\xf1\xff" -"\x87\xee\xc9\xb7\xd7\x09\xc0\x5e\x64\x9d\x9b\x64\x01\xa9\x9b\x3a" -"\xca\xb8\xaf\xc1\xc6\x9b\x85\xea\xaf\x3f\xf3\x68\x67\xde\x12\x50" -"\xd9\x8a\xcf\x2d\xc6\xb2\xe1\xd7\x1c\xd3\x2e\xf0\xc7\x14\x02\xcd" -"\x66\x5f\x03\x05\x3d\x22\xa9\xc5\x8d\xe0\x81\xc4\xec\x3a\x5e\xae" -"\x8a\x20\xeb\xe8\x08\x56\x19\x78\xae\x45\x59\x43\xc6\x54\x2d\x03" -"\x19\x86\x4c\xf7\x75\x4f\x64\x9a\xe4\x64\x69\x69\xbe\x65\x18\x5f" -"\xb7\x59\xe6\x98\x27\x4b\x45\x6b\x74\x8b\x9a\x51\xf7\xfd\xef\xd4" -"\xcd\x48\x60\x9c\xbe\x64\x60\xa3\x19\x76\x52\x9f\xe4\xb6\xfc\x64" -"\x37\x45\xfd\x2d\xd3\x63\x1c\x8f\x75\x76\xbc\x80\x52\xbd\x32\x90" -"\x5f\xbd\x42\x65\x94\x79\xbf\x79\xde\x2d\x3b\xe3\xcb\x19\xe3\xd4" -"\xd0\x28\x83\x44\x9b\xe1\x37\x4b\x6e\x24\x3a\xaa\x87\x14\x94\x77" -"\xc2\x5f\xf6\x82\xe5\xc8\x4a\x03\x03\xf1\x12\x31\x08\x6e\x4a\x57" -"\x8f\xf5\x2b\x63\x06\x00\xfc\xbb\xe7\x1f\xb7\x19\xc3\x03\xb9\x16" -"\x31\x05\x81\xb3\x2e\xf2\xdc\x89\xf4\x09\x4e\x0b\x37\x0b\x08\x3b" -"\xd3\x21\x4a\x0f\x3f\x45\x04\xfc\xb3\x72\xd3\xad\x4a\xe2\x06\xbd" -"\x8e\x34\xd1\xe2\x0f\xce\x72\xa8\xab\x40\xc1\xca\x4e\x45\x46\x35" -"\xee\xbf\xe7\x2d\xea\x80\xfd\x95\xf9\xc6\x53\xe3\x2e\xde\x81\x6b" -"\x43\x2b\xa4\x8e\x38\xbe\x49\x57\x0c\xf5\x55\x0b\x7e\x82\x67\xfc" -"\x2f\x15\x64\xbc\x4b\x64\xef\xee\x9b\xe2\xb5\x81\xf9\x0e\xb9\x6e" -"\xd0\x1d\x5f\x34\xe3\x42\x62\x31\x4c\x87\xf6\x02\xc9\xb1\xd3\x1c" -"\xce\x77\x2c\x1a\x02\x3c\x2c\x02\x95\x28\xcf\x8d\x6f\x9e\xa1\xb3" -"\x3b\x61\x26\xc4\xa8\xc2\x87\x72\x38\x8f\x38\x2a\x7a\x87\x56\xe1" -"\xe2\xfc\xca\x54\x9b\x00\x85\x8d\xe2\x82\x9f\x87\xaa\x20\xeb\x08" -"\x30\xa0\x04\xbd\x8a\xe7\xd5\xb3\xe3\x36\x31\xaa\x57\xcf\x07\x18" -"\x26\x2c\x0e\x76\x80\x62\xeb\x36\xa0\x37\xf8\xf0\xab\x7c\xca\x79" -"\x29\xf7\x8f\x03\xc9\x17\x27\x17\x4e\x53\xe6\x02\x47\x39\xbe\x73" -"\x24\xfe\xc9\xb4\x50\xf4\xab\x82\xd1\x05\xbb\x3a\xcb\x69\x33\x27" -"\x55\x8f\x80\x96\x89\xd4\x52\xe9\xa4\x6e\x3d\xe7\xda\xfa\xdf\x87" -"\x92\x1f\x17\xfa\x24\xce\x87\x4d\x3e\xf2\xa5\x56\x10\x0a\x0c\x88" -"\x4f\x84\x40\x48\x1f\x97\x4d\xeb\x9e\x17\x86\xe5\xfa\x8e\x14\x19" -"\x1b\x6f\x79\x7d\xbc\x0c\x86\x42\xa1\xf7\x34\xbe\xd7\xcd\x72\xb2" -"\x15\xd0\xb2\xb5\xb9\x87\xd2\x30\xdf\x63\x74\x2b\xbc\x4b\x10\x17" -"\x6a\x99\x15\xcf\xc7\x49\x8d\x48\xb3\xfd\x30\x47\x57\xb2\xa1\xf5" -"\x9e\x08\x97\x88\x18\xcf\x04\x3a\x6e\x9c\xdc\xe9\xbe\xaf\x09\xd6" -"\x15\x30\xde\x06\x1f\xd7\xad\xc9\xd4\x7d\x23\xe7\x52\x88\xd0\x92" -"\x91\xc6\x01\xba\xd4\xa7\x6d\xa8\xdf\xf2\x62\xa7\x23\x46\xc0\x77" -"\xee\x25\x15\x62\x1d\xf9\x07\xaa\xbc\xfd\xbc\x14\x59\x04\xff\xfd" -"\x9f\x8b\x04\xe2\x47\x65\xa0\xfb\xb0\xb4\x34\xab\xd3\xb7\x86\xd5" -"\x60\xec\xea\xb5\xf9\xfc\xe4\x2a\x85\xec\x05\xe8\x85\xe1\xc6\x6b" -"\xaf\xdd\x0f\x6e\xb7\xde\x3a\xb1\x45\x11\xda\x69\xc7\x72\x3d\xec" -"\x82\x92\xbb\x3f\xf2\x01\xff\xe6\x0d\xf6\xe2\xc5\x24\x0d\x1a\xd7" -"\xcc\x0c\x51\xa3\xdc\xb2\xf6\xaf\x1f\x30\xe3\xa9\x7a\xf1\xf3\x2f" -"\x30\xda\x0c\x7d\x6c\xeb\x89\x71\x99\xc9\x36\x7d\x4d\xad\xd7\xa8" -"\x43\xcd\x2f\xbd\xa1\x36\x14\x69\x2b\xa4\x92\xbb\xb3\x7c\xea\xe1" -"\x51\xd5\x6f\x81\x53\x2f\xeb\x37\x8a\x18\x6c\xca\x0f\xc8\xf1\x36" -"\x63\xce\x01\x7e\x2c\x7c\x21\x99\x76\xc7\x6b\x93\xfe\xc4\x0b\x52" -"\x72\xb2\x59\x72\xba\x14\x67\x2e\x7b\x72\x00\x05\xdf\xfd\x08\xf7" -"\x82\x18\x8c\xc1\x6e\x37\x1a\x3b\x9e\x98\x5f\x9f\x51\x90\x7c\x49" -"\xb0\x17\xa4\xa8\x8a\x14\xe3\x2b\x67\x36\x4e\xf0\xde\x7a\x12\xed" -"\x65\x88\x33\x4b\xdf\xbf\xe2\xe4\xea\xd9\x9e\x7b\xe5\xbe\x31\x93" -"\x34\xe0\x75\x52\x9a\x84\x37\xc7\x24\xf6\x1e\x6c\xc5\x16\xd3\xb2" -"\xaa\xb6\xb4\xf9\x35\x35\x1f\x01\xa8\x37\xb0\xb3\xe6\x4e\xac\x92" -"\xee\xb8\xa1\x46\xaf\x9b\xe9\x76\x61\x02\x2c\xf9\xc6\x6b\x98\x3b" -"\xb1\x55\x7c\x42\xd9\xbe\xd4\x12\x34\xe9\x93\x6b\x31\x86\x64\xd8" -"\xcb\x24\x06\xe8\xa4\xdb\x92\x67\x8a\xe1\x2f\x94\x0f\x3c\xa3\x3b" -"\xe2\x7b\x37\x5d\x29\x65\x05\xd3\x7d\xb1\xf3\x7b\x45\x7f\xe4\x45" -"\x6a\x92\xda\x58\x4a\x66\xd0\xbd\x4d\x57\x6e\x07\xcd\x4b\x1b\x50" -"\x97\xf4\x01\xe1\x88\xab\x16\xbc\x92\xc8\x23\xac\x02\xf2\xae\x41" -"\xe2\x2f\xb5\xd4\xce\x56\x25\x7c\x55\x27\xd0\x88\x92\x49\x3e\x33" -"\xe8\xa1\xc2\x9a\x91\x55\x83\x1f\x5c\x86\x98\x96\x81\xb6\x9d\x83" -"\xd7\x38\xb1\x5b\x75\xc6\x9e\x38\x62\xce\xdd\xb9\x0b\x96\x97\xf7" -"\x27\xe0\xca\x28\xc8\x67\x38\xc4\x2f\x4d\x2e\xb8\x4d\xe2\x3a\x3c" -"\x5c\x32\xc8\x6d\xdc\x8c\xe2\x6f\x0b\xa1\xca\xd9\x9d\xb4\x2e\x34" -"\x6a\xc1\xae\x59\x23\x21\x43\xb9\x39\x24\xbf\xd2\xf1\x59\x05\x42" -"\x03\xb8\x40\xb8\x60\x47\x24\xf9\x81\x94\xe1\x3a\x7a\x42\x07\xb4" -"\x1b\x37\xe0\xb3\xfa\xd4\x1c\x24\x4b\x19\xe7\xc2\x5f\x22\x76\x4d" -"\x88\x8c\x5c\x8c\x61\xe1\x15\x57\x6d\xea\x39\x9e\xf2\xa2\x73\x2f" -"\xd8\xc2\x4c\xc6\xaa\x0f\x72\x5f\xe4\x91\x6c\x4e\x23\x4e\x92\x4c" -"\xb4\xf7\x08\x4d\x2d\xf1\x9c\x06\xbd\xc3\x24\x86\x6d\xbd\x5b\x4a" -"\x16\x54\x29\x61\x9f\x2e\x99\xf0\x30\xef\xb2\x23\x30\x1c\x47\x56" -"\x5a\x48\xa9\xa2\x8f\xc5\x39\xc1\x82\xcf\xc9\x0c\x44\x06\xba\xfc" -"\xa7\x4f\xe4\x58\x22\x85\xa3\x79\x1e\x3c\xbe\xbf\x2a\x1a\xca\xdb" -"\xe8\x7d\xa6\x55\xc9\xce\xe9\x4d\xe6\x8f\xd1\x34\x61\xf0\x1f\x5d" -"\x22\x5e\x06\x1f\xcf\x05\x17\x12\x26\xde\x40\xa3\x9b\xd2\xb0\x17" -"\x7e\xa0\xde\xae\xd2\x36\x10\xad\xe4\x1e\xee\x1e\xa3\x25\xdf\xe4" -"\x3c\xca\x28\x00\x0d\xaf\xcd\x79\x6c\xb2\x8c\x23\xcf\xd9\xbd\x9e" -"\x8b\x6a\xfb\xb2\x1d\x33\x34\xc3\x96\xca\xfd\x23\xf6\x7d\xd8\xcd" -"\xcd\x58\x66\xf9\x36\xf1\x29\x70\xb3\xa1\xfb\x4b\xd7\x38\x6e\xec" -"\x4f\xaf\xff\x64\xff\x65\x8d\x14\xfc\xe9\x2d\x81\x1f\x93\xe9\xde" -"\x6d\x01\x24\x1c\x85\x1c\xf3\xef\xbe\x72\xbb\x17\x7e\x81\x8f\x62" -"\x45\xfc\x7e\x8f\xb8\x57\x1f\x0f\x48\x04\x01\x49\x2f\x11\x0e\xed" -"\xe8\x4d\x5e\xe2\xf4\x25\x2c\x56\x23\x6a\x0f\x5a\x8f\x93\xdd\xfc" -"\xf2\x22\x40\xdf\x56\xe5\x8c\xf9\xe5\xa6\x64\x7b\x69\x7e\xd1\xf5" -"\x87\x19\x55\xa2\xfb\xce\x9e\x11\xca\x26\xc1\x3a\xde\x04\xea\xbb" -"\x67\x5d\x69\xf4\xce\x3e\x60\x9c\xe5\x06\xf3\x7a\x03\x97\x8c\xe5" -"\x26\x01\xba\x4a\xe9\xbb\x28\xb0\x5a\xb7\xb2\x4e\x93\xb9\xfe\x6a" -"\x21\x59\xab\x58\x9a\xb5\xf5\xe3\x4b\x9e\xea\xc4\x6f\xd6\x7c\x97" -"\xa5\x9d\x08\xd0\xc9\xdc\x89\x7f\x89\x45\x95\x24\x00\x7b\x62\x21" -"\x70\x0f\xfa\x78\xf6\xfe\xdf\xb1\x73\xc0\xc3\xf5\xe4\x10\x5b\x7e" -"\x25\xfa\x5f\xa4\x3d\x66\xe6\x6e\xd8\x0a\x0d\x0a\xbf\xab\xd9\x41" -"\x12\xe1\x58\x31\x89\x92\x49\xef\x96\xb9\xdf\x1f\xa1\x76\xad\x3b" -"\x44\x23\x70\x8c\x3f\xcd\x4e\xd8\x8e\x92\xe5\xcc\x9b\x69\xb7\xd4" -"\x69\xaf\x43\x12\x07\xe0\x0a\x0f\x0f\x99\xa0\xb8\xca\x94\xbc\x12" -"\xb6\x78\x08\xe3\xf2\xc7\xdc\xc2\x4b\xa5\x82\xcd\xb8\xcb\x33\xa8" -"\xf4\x15\x23\x47\xf0\x49\xca\xe5\x99\x45\xd7\x02\x7a\x2c\x27\xbd" -"\x88\x4a\xbf\x2e\x02\x13\x0b\xaf\xe9\x33\xf3\xc7\xff\xc1\x6d\x61" -"\xf6\x8a\xd0\x6d\x01\x7b\xc6\xb1\x01\x5a\x12\xab\xf3\xb1\x4d\xf5" -"\xb7\xe2\x1f\x34\x03\x74\x62\x05\x6c\xe8\xc3\x98\x65\x7d\xc9\x8f" -"\x20\xbc\x62\xa5\x4f\x83\xfd\x4a\x67\x73\xc6\x54\x95\xe8\x1e\x97" -"\x9a\x6e\x04\x40\xd1\x72\x25\x79\x4e\x05\x7f\x76\x65\x7d\x58\x19" -"\xbf\x6c\x9a\x42\x87\x32\x13\x02\xe4\x2f\xb0\xbb\x92\xd4\x0b\xfd" -"\xc2\x3d\x5e\x96\x04\xaa\xd6\x74\xf1\x8c\xab\xd4\xdf\x79\xf8\x57" -"\xca\x8b\xf6\xcd\xe8\x65\x9b\xed\x37\xc9\x58\x3a\x5f\x1b\x3d\x01" -}; - -/// BP_HI_PRE: bytes -STATIC const mp_obj_str_t mod_trezorcrypto_monero_BP_HI_PRE_obj = {{&mp_type_bytes}, 0, 4096, (const byte*)"" -"\x42\xba\x66\x8a\x00\x7d\x0f\xcd\x6f\xea\x40\x09\xde\x8a\x64\x37" -"\x24\x8f\x2d\x44\x52\x30\xaf\x00\x4a\x89\xfd\x04\x27\x9b\xc2\x97" -"\xe5\x22\x4e\xf8\x71\xee\xb8\x72\x11\x51\x1d\x2a\x5c\xb8\x1e\xea" -"\xa1\x60\xa8\xa5\x40\x8e\xab\x5d\xea\xeb\x9d\x45\x58\x78\x09\x47" -"\x8f\xc5\x47\xc0\xc5\x2e\x90\xe0\x1e\xcd\x2c\xe4\x1b\xfc\x62\x40" -"\x86\xf0\xec\xdc\x26\x0c\xf3\x0e\x1b\x9c\xae\x3b\x18\xed\x6b\x2c" -"\x9f\x11\x04\x41\x45\xda\x98\xe3\x11\x1b\x40\xa1\x07\x8e\xa9\x04" -"\x57\xb2\x8b\x01\x46\x2c\x90\xe3\xd8\x47\x94\x9e\xd8\xc1\xd3\x1d" -"\x17\x96\x37\xec\x75\x65\xf7\x6f\xa2\x0a\xcc\x47\x1b\x16\x94\xb7" -"\x95\xca\x44\x61\x8e\x4c\xc6\x8e\x0a\x46\xb2\x0f\x91\xe8\x67\x77" -"\x25\x1d\xad\x91\xf0\xd5\xd4\x51\xd7\xe9\x4b\xfc\xd4\x13\x93\x4c" -"\x1d\xa1\x73\xa9\x2d\xdc\x0d\x5e\x0e\x4c\x2c\xfb\xe5\x92\x5b\x0b" -"\x88\x9c\x80\x22\xf3\xa7\xe4\x2f\xcf\xd4\xea\xcd\x06\x31\x63\x15" -"\xc8\xc0\x6c\xb6\x67\x17\x6e\x8f\xd6\x75\xe1\x8a\x22\x96\x10\x0a" -"\xd3\x42\x06\xfc\xf4\x44\x35\x7b\xe1\xe9\x87\x2f\x59\xd7\x1c\x4e" -"\x66\xaf\xdf\x7c\x19\x6b\x6a\x59\x6b\xe2\x89\x0c\x0a\xea\x92\x8a" -"\x9c\x69\xd2\xc4\xdf\x3b\x9c\x52\x8b\xce\x2c\x0c\x30\x6b\x62\x91" -"\xde\xa2\x8d\xe1\xc0\x23\x32\x87\x19\xe9\xa1\xba\x1d\x84\x9c\x1b" -"\xb4\x46\xbc\x0b\x0d\x37\x76\x25\x0d\xd6\x6d\x97\x27\xc2\x5d\x0e" -"\xfe\xb0\xf9\x31\xfc\x53\x7a\xb2\xbd\x9f\x89\x78\x21\x6f\x6e\xb6" -"\xe4\x23\xfa\xe0\xd3\x74\xd3\x4a\x20\x69\x4e\x39\x7a\x70\xb8\x4b" -"\x75\xe3\xbe\x14\xb2\xcf\x53\x01\xc7\xcb\xc6\x62\x50\x96\x71\xa5" -"\xe5\x93\x73\x6f\x61\x13\xc3\xf2\x88\xec\x00\xa1\xcc\x2f\xc7\x15" -"\x6f\x4f\xff\xa1\x74\x8e\x9b\x2c\x2d\xdf\x2f\x43\x03\xbb\xfe\x7f" -"\xfc\xee\x5e\x57\xb3\xb8\x42\x06\xa9\x1b\xcf\x32\xf7\x12\xc7\x5e" -"\x5f\xa5\x10\x87\x85\xb8\xcc\x24\x47\x99\x83\x12\xca\x31\xab\x85" -"\x00\xc8\x2c\x62\x68\x45\x39\xa2\x70\x01\xfb\x17\xf2\xa5\x64\x9d" -"\xb2\xe2\xd6\x4b\x6b\x88\xf0\xd6\x81\x00\x9a\xe7\x8e\xae\xce\x9c" -"\x73\x57\x80\x2c\x6c\x1c\xd8\x1e\xf6\x24\x86\x89\x85\x40\x89\xaa" -"\xd6\x94\x47\x33\x91\xba\xd6\x18\xef\x01\xdf\xd6\x80\x98\x1a\x78" -"\x97\x18\xe9\xd7\xca\xef\x06\x3d\xeb\x2d\x67\x5f\xe8\x43\xea\x63" -"\x4d\xcf\x96\x77\xc1\xd3\xee\x92\x51\x39\x71\xb7\x24\xc7\x88\xe4" -"\x10\x7a\x42\x40\xfe\x26\xe5\xfb\x36\xcc\x00\x7e\x76\x58\x96\x48" -"\x82\xf7\x69\xf1\x8c\x78\x6a\xb1\x52\xf2\x5c\x5d\x2a\xe4\x72\xf7" -"\x1e\x40\x13\xc4\xb0\xc5\x78\x7d\xc1\xd7\x8b\xdc\x8d\x52\x33\x10" -"\x39\xaf\x41\x24\x11\x2e\xe9\x34\x6f\x11\x0a\x4e\x81\x18\xe8\x64" -"\x11\x5d\x49\xb0\x82\xc8\x38\x51\xd4\xd5\xe1\x10\xa4\xab\xda\xdd" -"\xbd\xa9\xb0\x22\x7f\x5b\x26\xbf\x52\xd5\xa2\x25\x25\x23\x59\x72" -"\x84\x3d\xe9\x1d\x99\xd0\x09\x1f\x17\xf4\x78\x2d\x4f\xeb\x2b\x76" -"\x0c\xd5\x8b\x6f\x24\x76\xe8\xb0\x2d\x90\x8a\x15\x15\x07\x8a\xa8" -"\x08\xaa\x3a\x56\x5e\xfc\xb7\x16\x9f\xe0\xcb\xf7\x2c\x12\xce\x17" -"\x50\xf2\x86\x1f\xb6\xc6\x85\x16\x13\xcb\xe9\x74\xef\xc1\x68\x4a" -"\xeb\xbe\x8b\x8a\x52\x2a\xbb\xe7\x82\x77\xd0\xda\xa7\x89\x2d\x9d" -"\xa8\x7c\x27\xbe\xcd\x3e\xc0\x38\x95\x23\x3a\xd4\x66\x31\x8c\x44" -"\x3c\x4d\x6d\x5c\xf1\x2e\xba\x7d\xbd\x3e\x84\x32\x9d\xf6\x1a\xfc" -"\x9b\x7e\x08\xfc\x13\x32\xa6\x82\x34\x42\x73\x39\x6e\xc7\xdc\xdc" -"\xbe\xae\x48\xff\x70\xa1\x9a\x31\xd6\x62\x44\x3c\xce\x57\xf7\x7a" -"\xfe\x05\x0b\x81\x22\x48\x60\x25\x5b\xcb\xc8\xf4\x80\xc4\x3c\xfd" -"\xeb\xb1\xb2\xa6\x89\x72\xb7\xd3\x32\x3b\x03\x61\xf3\xa1\x14\x2f" -"\x8b\x45\x2e\x92\x98\x77\x3d\xef\x56\x35\xc2\xe2\xef\xa3\x70\x0e" -"\x4c\xc9\xe5\xd8\xde\x78\x96\x7e\x57\x35\x82\xcf\x7c\x74\x97\x7c" -"\x30\xb5\x46\x9b\x2c\x0b\xac\xe8\xec\x25\x9f\x71\xba\x25\xc8\xdd" -"\x1c\x51\xe5\xb0\x24\x1c\xca\x7c\x86\xf7\x18\xb7\xd2\xc3\xd4\x57" -"\xa6\xe5\xe0\xb3\x9f\x1f\x39\xeb\xaf\xbb\x08\x83\xd4\x27\xd9\x36" -"\x47\x60\x15\xad\x88\xb7\x92\xa0\x31\xe4\xdd\x98\x37\x57\xc9\x9a" -"\xea\x39\x12\xe8\xf8\xc2\xf6\x59\xde\x4b\xc1\xa2\x20\x4c\xea\x13" -"\x2e\x4f\x9e\xf7\x17\x77\x11\x91\x53\x63\x9a\x71\xff\x24\x17\xf5" -"\x22\xfe\x41\xb8\x7e\x9c\x1c\xb7\x66\x9f\x40\xf9\xd6\x85\x88\x7d" -"\xff\x81\x92\x7a\xa4\x2e\xda\x7f\x2a\x69\x67\x89\x09\x10\x33\xcf" -"\x5b\xe2\xfc\x1f\x5f\x3a\x2d\xe2\x27\x15\xeb\x33\xd6\x28\x28\x92" -"\x2d\xac\x86\x2e\xfc\x7f\xc6\xd5\x4c\x99\xe6\xec\x6e\x58\xc0\xb6" -"\x4d\xa9\x57\xe7\x36\xd3\x00\x93\xc8\x67\xa1\x20\xd5\xdb\xfc\x55" -"\x03\xca\x27\x64\x05\xdf\x4b\x2d\xbe\x6c\xfe\x7c\x2c\x56\xbc\xd2" -"\x66\x9f\x1b\x7d\x82\xc9\xf9\x29\x91\xbf\x41\x02\xaf\x61\x10\xbf" -"\x1b\xf5\xbd\xae\x89\x7f\x9a\x06\x42\x09\xcf\x31\x29\x96\x53\x13" -"\x7e\x86\x5f\x90\x5c\x89\x29\x44\x91\x39\x54\x5a\xc8\x25\x3c\x32" -"\xbe\x19\xcc\x8b\xd8\x54\xca\x7c\xdb\x07\xc2\xae\xba\x12\xa1\x4c" -"\xcf\xa3\x08\x5f\x9f\xfd\x9f\x75\x39\x80\xc9\xd4\x5b\x7b\x4e\x0f" -"\x5b\xe4\x6d\xf3\xae\x5c\x10\xc1\x89\xf1\xdc\x9e\xd2\x59\x2e\x24" -"\x6b\xd2\x44\x9a\xa0\xda\xae\x45\x8a\xe8\xbf\xbd\x52\xf9\x83\xc3" -"\xde\x44\x12\x37\x26\x71\x9c\x08\xd4\xc3\x7c\x8c\x9b\x0b\xe1\x7b" -"\x6b\x49\x82\x61\x36\xaa\x7b\x90\x85\x31\xbc\x91\x73\x2b\x08\x7a" -"\x41\x36\x03\x0b\xad\x7b\x5b\x1c\xfa\x7d\x9c\x98\xa9\xdc\x34\x7a" -"\x92\x65\x1f\x29\xc2\xe1\x10\xaf\xf8\x89\x7f\x26\x7c\x04\x22\x10" -"\xa6\xb7\x0a\x31\x3c\xc0\x6a\xfa\x2b\xd9\xc2\x91\x15\x37\xd6\x09" -"\xd6\x8b\xec\x94\x32\xe8\x4b\x96\x79\x52\x7d\x6a\xbb\x58\x8b\xa7" -"\x2b\xb2\x14\x98\x70\x69\xd8\x0b\x0a\xbc\x2b\xbd\x68\xeb\xa0\x33" -"\x1e\x3a\xe5\xf4\x10\x6f\x7f\xc1\xe2\xe7\xb8\xd6\xe5\x37\x0e\x32" -"\x01\xcc\xe2\xa0\x36\xb6\x8e\xd3\x54\x31\x63\x39\xf0\x92\xde\xc7" -"\x66\x2b\xce\xbd\xd2\x06\x61\x11\xd1\x6c\xe5\x5a\x93\x7e\x2c\x61" -"\x90\x7b\xc3\x66\xc8\x85\xda\xa3\x74\x95\xbe\x67\x1e\xf6\xc2\xf2" -"\xe5\x54\xed\xe3\xb5\x3c\xe2\x80\xcb\xe8\x8a\x48\xb9\xd9\x74\x0e" -"\x98\x0c\xea\xf8\x04\xed\xcd\x8c\x96\x85\x81\x93\xe6\xd5\x17\x8b" -"\xf6\x04\xcc\x73\xbd\x8f\xaa\xd5\x0d\x53\x15\x49\x99\x31\x97\xcc" -"\x27\x28\x27\x21\x6d\x1a\xf9\xdc\xc6\xe9\x86\x2a\x6e\x53\xa0\xa2" -"\xc7\x32\x98\xe1\xfa\xdc\x0f\x91\x48\xcb\xc8\x5e\xc0\x56\x7c\x38" -"\x76\x9c\x27\x65\xd6\x54\xc4\x26\x9f\x6e\xf1\x39\x47\xf1\x3c\x23" -"\x9c\xbb\x08\xb7\xcf\x67\xa2\x5b\xac\x03\x0a\xd1\xb8\x92\xc4\x34" -"\x79\x24\x64\x49\xf5\x32\x8d\xac\x31\x41\xd3\xd7\xc8\xa9\xa2\x54" -"\x0d\xca\xc2\xcb\xc9\x8e\x27\x84\x31\x43\xe7\xd4\xb9\x6d\xde\x75" -"\x21\xfc\x70\xb3\x28\x0a\x2a\x4c\x5f\x39\x28\x7f\x5d\x24\xd7\xa7" -"\x59\xea\x03\x7b\x11\x44\x87\x39\xee\x2a\x28\xfc\x4b\x16\x0e\xac" -"\x40\x61\x08\xae\xe6\xb5\x80\x62\x13\x11\xfe\x03\x0b\xf0\x8b\x4f" -"\x6e\xed\x3d\x7d\x3d\x86\x93\xd3\xac\x52\x4d\xa2\xb4\xeb\xf1\x9e" -"\x25\x59\xdc\x50\xff\x35\xe6\x2d\xa6\x20\xdc\x0a\x02\xed\xcb\xe4" -"\xf3\x98\xb1\xbd\x86\xea\x15\x4b\x6a\x94\x00\x57\x9e\x3f\x1c\xd5" -"\x7f\xdc\x2f\x10\xbd\x8c\xdb\x16\x7c\x0b\x28\x3f\x90\x07\xe6\x20" -"\xd9\xca\x28\x06\x7f\xe2\xb0\x15\xed\x65\x7c\x91\x53\xb8\x44\x3d" -"\x77\xe8\xe2\x5f\xf3\x48\xf4\xdf\x78\xbb\xc1\xce\x20\xa7\xba\xbd" -"\xe4\x0e\xd2\xbd\xbe\xaf\x2b\x5c\xd9\x8e\x52\x02\xba\xf7\xe3\xdc" -"\xf1\x8b\xa1\x15\x62\x0c\x51\xae\x8b\x58\xb4\x92\x3b\x9a\x86\x94" -"\xc9\x3d\xf6\x4b\x17\x8c\x4c\xd2\xf9\xf6\xef\xc5\x1f\x45\x8b\x0c" -"\x5e\xe8\x60\xa4\x0a\xc8\xce\xc3\x50\x6e\xc8\x5b\x99\xdc\x71\x6b" -"\x95\xcb\xb3\x42\xdb\x91\xad\xe4\xb6\x1e\x17\x7f\x60\xf9\xfa\xbb" -"\xff\x2c\x9b\xad\xee\x04\xcf\xd7\x41\xd6\x6d\x2f\x26\x32\x1e\x2c" -"\xf5\x0a\x3c\xd0\x21\xf6\x28\x88\x63\xde\x2d\xad\xf8\xd5\x2d\x1f" -"\x8b\x9f\x51\x42\x43\x05\xa3\xd4\x07\x96\x29\x63\xc1\xd0\xbe\xeb" -"\x81\x13\xf8\x03\x07\xec\xc2\x19\x23\x94\x7f\xe8\xcb\xaf\x5c\x2c" -"\x05\xae\x63\x69\x85\x21\x99\xc5\x2a\x17\x97\xb9\xaf\xf2\xa9\x24" -"\x5d\x7a\x8b\x91\x72\xd5\x72\xb4\x43\x2f\x63\x44\x1f\xf5\x1c\x4a" -"\x4e\x27\x0e\x3b\x61\xea\xe6\xe1\x3e\xef\xe3\x5e\x85\x42\x7b\xc7" -"\x58\xef\x4a\xf4\xc0\x0f\x9c\x77\x52\x1c\x03\x61\xd2\x99\x43\x1f" -"\x9d\x8e\x29\x8c\x13\x41\x4c\x46\x17\x0a\x1d\x82\xa1\x38\x0f\xba" -"\xfe\x53\x1c\xa7\x01\x84\xab\x89\x65\xc4\xc8\x07\x06\x0e\x80\x39" -"\xfe\xc4\x61\x5e\x59\x09\xd2\x7a\xc5\xca\x80\x41\xe3\xf9\x5b\x27" -"\xf1\xc3\xd4\xd4\x06\xa2\x04\x8b\x1e\x6c\xe1\xe6\x37\xcb\x87\xc0" -"\xf9\x7d\x36\x17\xd4\x6a\xef\xfd\xd1\xe8\x13\xc2\x55\xfb\x8b\x3e" -"\xf9\x39\xa2\xc5\xfa\xd4\xd1\x09\x73\xc0\x8c\x05\x5f\x79\x13\xc5" -"\x16\x64\x58\x9d\xa5\x14\x5a\x9c\x59\x72\xf4\xb2\x12\xeb\xf5\x11" -"\x71\xd9\x23\x43\x83\x3a\x08\x95\x3c\xd8\x0c\xd0\xd9\x08\x90\x4c" -"\x56\x3e\xdc\x34\x29\x42\x21\x86\x56\x33\xd8\xcf\x6f\xf5\x04\x44" -"\xb9\xd2\x9b\xeb\x05\xa4\x7b\x8b\xb1\x21\xcb\x11\x8d\x6c\xb1\x6b" -"\x24\xc4\x45\x09\x8a\xa9\x0e\x6d\x5a\x10\xea\xe0\xa0\xf3\x97\x7a" -"\x28\x08\xf7\x9c\xaf\xe8\xf8\x70\x52\x97\xbd\x91\xeb\xbf\x27\x92" -"\xa1\x89\x2c\xb0\x09\xdb\x0b\x7a\xc3\x51\xd0\x35\x3f\x43\xfe\x3a" -"\xa9\x71\x92\xe8\xb9\xd7\xfe\xf5\xba\xec\x41\x5b\x0c\xa4\x8c\x92" -"\x0e\x7c\xdd\x78\xf9\x24\x6a\xd2\x54\xe8\x7e\xe1\xb0\x65\x84\xb8" -"\x60\xb0\xb8\x80\x0a\xae\xe1\x78\x96\xf0\x29\x0c\xb7\x89\xb0\xd7" -"\x9e\xcd\x7d\x04\xcd\xed\xa7\x10\xef\xa5\x5e\x76\xe4\x73\x14\x85" -"\xba\x1f\xf8\x6a\x31\xfa\xad\xfa\xf5\x62\x8f\xbf\x17\x11\x34\x6d" -"\x57\x32\x54\xba\x0f\x56\xb5\x38\xf7\x5b\x6f\xc4\x32\x17\x45\xed" -"\x42\xa3\x19\xa8\xef\xb8\x68\xa6\xf3\x5a\x64\xa6\xc7\x44\xa6\x96" -"\xc9\x1a\x61\x12\x5f\xad\x25\x92\x02\x02\x56\xfa\x8a\x61\x41\xa7" -"\x4b\x9d\x49\x62\xde\xec\x53\xab\x75\x14\xca\x3a\xce\xde\xd5\x24" -"\x99\x7a\x9a\xeb\x7c\x43\x0f\xbf\x01\xd9\x36\xfd\xc7\x6f\x55\xee" -"\xcb\x74\x96\x32\x48\xdf\xb4\xa1\x5f\x71\xf7\xa9\x30\x35\x14\x3c" -"\x8f\x42\xe3\x1a\xed\x71\xbd\xec\xd9\x53\x54\x24\xe7\x7d\x31\x48" -"\x49\x1f\xf7\xe4\x63\xf6\x38\xa6\x2d\xad\x56\x95\xef\x93\x4e\x96" -"\xfd\x5e\x21\x30\x4a\xce\x05\xc4\x2a\xf9\x86\x60\x77\x81\xab\x57" -"\x66\xc1\x83\x83\x07\x1f\xe3\x5f\x16\xa5\x89\xd4\xe4\x81\xa9\x32" -"\x21\x7c\x3b\xc5\x62\x8d\x67\x29\x3f\x50\xbf\xfe\x46\x98\x8e\xe1" -"\x0c\x3e\x30\x58\x6c\x77\x45\x1b\xa7\x58\x08\x46\x4d\xc1\xac\x64" -"\x50\x2e\x8f\xde\x87\xb5\xd3\xc8\x97\x7e\xe9\x0d\x63\x7d\x4b\x2d" -"\xb9\x2a\xce\xd2\x0c\xdc\xaf\x5d\xa0\xad\x15\x4a\xdc\x68\x2d\xd7" -"\x2f\x0f\x33\xbc\xf6\xbd\xcc\xe6\xfe\x17\x8c\x82\xca\x18\x3d\xce" -"\x8c\x82\x37\xf9\xf5\x8f\x84\xb4\xb1\x08\xf7\x97\x85\x71\x08\x31" -"\x17\x66\x84\x02\x97\xca\xcb\x0d\x7d\x2a\x28\xb4\x47\x55\x5f\x39" -"\xa1\xda\x0d\xda\x87\x5e\x9d\x06\xe0\xa4\x8e\x2b\x63\x7a\x8f\xd3" -"\x6f\x34\xe5\x6e\x30\x28\xde\xeb\x36\x36\xc1\x4f\x53\x87\xcc\x83" -"\x2b\xee\xe7\xad\xd4\x1d\x8a\xbd\x1f\x6a\x50\x3d\xbf\x2e\xf9\xca" -"\x55\xe5\xdb\x15\x9a\x02\x4f\xb4\x6f\xa8\x9c\x00\x32\x23\x30\xa0" -"\xee\xc9\xd8\x67\x3a\x8c\xf5\x60\x0d\xb4\x77\xac\xae\xd4\xaf\xa2" -"\x41\x13\x42\x9e\x21\x24\xda\x81\x07\xda\xe9\x46\x7c\x5f\x97\x6e" -"\xb0\x1d\x36\xad\x57\x5e\xe4\x48\x6e\xbd\x2c\xa6\xb0\xd9\x34\xe1" -"\xf4\xcd\x6e\xcc\x0f\x0f\x10\xa5\x44\x43\x88\x03\x15\xce\xb9\x7f" -"\xcd\x3f\xa2\x09\x3d\xbe\xab\xef\xe5\xd4\x9b\xe6\x7e\xca\x9f\x4a" -"\xf0\x2f\x64\xa8\x13\xc3\xa3\x75\xbe\x11\x50\xa2\x8c\x45\x27\xff" -"\x67\x5d\xc0\x76\xf4\x4c\xe1\x9c\x6f\xa2\x81\x06\xb7\x97\xc9\xc0" -"\xcb\x32\xc5\x90\xf7\x6c\xaa\xa9\x51\xa6\x70\x9d\xc3\x75\x26\xcc" -"\xc3\x06\x16\x53\x94\x3d\x4b\x4f\xc6\x1a\xc6\x02\x2a\x63\xde\x69" -"\x5a\xd2\x3d\x95\x26\x62\x9a\x6b\xf6\xff\x33\x82\xd4\xbe\x95\x49" -"\x11\x27\x53\x1b\xb6\x9e\xa3\x69\x9c\xac\x5f\x21\xfe\x65\x2e\x10" -"\x8e\xcc\xd0\x5d\x9a\x10\xc0\x42\x3f\x72\x2f\x97\x1c\x84\x1d\x0f" -"\xe0\x2a\x82\xce\x3f\x65\xca\x23\xd0\xde\xde\x39\x26\x4b\xf2\x7f" -"\x9c\x70\x52\x66\x36\xfa\x49\x3e\xbc\xe0\x6e\xd2\x90\x5b\xeb\x2d" -"\x66\x32\xe8\x09\x7c\xc1\xc4\x6a\x48\x79\x33\xf4\x63\x30\xa0\x48" -"\x58\x20\x21\xb0\xab\x0c\x6d\xf2\x4c\x54\x7b\x99\xe9\x8a\x19\xfe" -"\xcd\x8d\x18\x67\xd9\x99\xf4\xf5\x9d\x7b\xca\x19\x13\xb2\xcf\x74" -"\x6d\xd3\xbe\xa6\xec\x65\xb1\xed\xc2\x0c\xde\x46\xad\x02\xcf\x55" -"\x59\x97\xf0\xb1\x88\xc0\xeb\x02\xab\x4c\x8a\xff\x11\xc2\x02\xc1" -"\x9f\x16\x07\xcf\x2e\x8d\x64\xa7\xbf\x6f\x21\xc2\x4f\x1e\xb1\x25" -"\xbc\xc6\x26\x4a\x35\xb7\x81\x72\xe4\xf9\xd3\x4b\x12\x0a\x36\xf2" -"\x54\x9f\x6b\xac\xa4\x56\x85\x20\xb5\x7a\xe0\xd0\xb1\xce\x5d\x3b" -"\x2b\x79\x32\xb8\x11\x0f\xae\xcd\xab\xb3\x64\x55\xeb\x5a\xd3\xec" -"\x87\x5d\x16\x34\xf6\xc5\xb6\xb9\xa5\xb0\xd3\xa0\x32\x6a\x79\xc0" -"\x34\x08\xb8\x18\xe7\x30\xe1\x9c\x22\xe9\xfb\xda\x0a\xd0\xee\xb7" -"\x85\x19\x8e\x18\xad\x6e\x98\xe4\x44\xbd\xd5\xde\xda\x8c\xe9\x0b" -"\xa9\xe8\xfd\x27\x6f\x4e\x13\x5a\xe5\xb2\x75\x1e\xc4\x0b\xf3\x5d" -"\xb6\xc3\xd2\x75\x33\x8b\xb9\x59\xa0\x75\x0d\xe7\x00\xb0\x74\xab" -"\xc4\x1b\x12\x6c\x69\x0c\xae\xed\x54\xa2\x96\xd9\x01\x22\xdc\xf4" -"\x8a\x7a\x81\xe1\x3f\x40\x1b\x7a\x58\x52\x68\x58\x68\x39\xf7\xca" -"\x16\x6a\x46\xf2\x98\x9b\x72\x25\x8d\xc8\x28\xc2\x3d\x40\xaf\x74" -"\x9b\x4d\xb9\x45\xd3\xfa\xe8\x83\x3c\xcf\x22\xe5\xf4\xc3\xa2\xe9" -"\xab\xf2\x27\xdc\x00\x4c\x1f\xc5\xe4\x96\x97\x65\x57\xed\xd7\x09" -"\xd4\x1a\x7e\xd6\xaf\x6b\xe4\x8d\x7e\xde\x5e\x8e\x6d\xe3\x1d\x2f" -"\xe8\x12\xd7\x77\xeb\x0d\x59\xa6\xe9\x15\x52\x20\xb2\x0d\xd8\xd4" -"\x3a\xa3\xaf\x50\x99\x49\x3b\x25\xfb\xa1\x33\x7d\x4e\x79\xec\x2c" -"\x10\xb4\x8f\xad\xbb\x4c\x93\xb9\x32\xe8\x06\xcb\x49\xd9\xfa\x17" -"\xb1\xd8\x63\x17\xc0\x98\x03\x2e\x16\x46\x63\xc4\x66\x9a\xcb\xee" -"\xb4\x38\x45\xdd\x2d\xed\x34\x1a\x5f\x05\x6b\x8a\x2b\x71\x02\xfe" -"\xc1\x8c\xaf\x25\x04\xbc\x37\xc0\xd4\xc9\xb3\x8f\x1b\xf3\x62\x38" -"\x1e\x13\xa5\xa3\x93\x9a\xe3\x06\xe8\x21\x62\x0d\x07\xa9\x00\x88" -"\x01\xe9\x69\xad\x40\x86\xc1\x11\xa6\xa1\xfb\xd2\x29\xb8\xfd\x06" -"\x09\xcf\xd0\x8a\x01\x9c\x0f\x46\x38\x2a\x7a\x91\x89\xe2\x96\x8f" -"\x00\x12\xb7\x0f\xc7\x73\x45\x1c\xed\x06\x5c\x0f\x80\x48\x17\x1c" -"\x0f\x5d\xfc\x96\x5b\x22\x60\x53\x0f\xb0\x50\x47\x5b\x00\xea\x42" -"\xcf\x37\xf0\xd4\x28\xe0\x1e\x76\x1f\x17\x29\x29\x4f\x07\x0e\xaa" -"\x8e\x15\x5e\x2e\xa0\xd9\x6c\x96\x54\x81\x8a\x6e\x5f\x15\x23\xac" -"\x3b\xd8\x7b\xf2\x56\x34\x86\x1d\x6a\x9e\x28\x6a\x3f\xa3\xfb\x26" -"\xaf\xb4\xe5\x54\x45\x85\x31\x9c\xf0\x23\x08\x73\x07\x16\x91\x5e" -"\x70\xb3\x67\xb2\xba\xa9\x50\x2c\xb7\x1d\xe0\xcb\xc4\xc4\xde\xab" -"\x33\xc4\xb9\x81\xd8\xf8\x0c\x95\x5d\x9e\x0d\xaf\x9b\xb6\x1b\x05" -"\xb4\xc7\xe5\xe1\xf9\xa8\x09\x36\xd3\x4b\xb8\x64\x57\x59\x26\xe7" -"\x46\xd7\xd3\x4e\x76\x71\xe0\xb8\x24\xb1\x8e\x7a\x31\x61\x67\xee" -"\xc9\x87\xf1\x4b\x95\x5e\x35\x7f\x99\x1c\x89\xd2\xfa\xfa\x2a\xc6" -"\xdb\x87\x6c\x7f\x35\x7f\x06\xe4\x82\x36\x5e\xe9\x1c\x15\xa9\x23" -"\x95\xa1\xa7\x63\xa1\x3b\xff\x1a\x36\xde\xd2\x10\xc6\x1f\xc7\xac" -"\x8c\xf4\x44\x8d\xbb\xb4\x93\x5e\x84\x0b\xc6\xbf\x11\x3f\xd2\x43" -"\xbd\xf8\x74\xac\x91\x64\xa3\x14\x31\xcc\x4d\xaa\xf5\xc0\x3d\xb9" -"\xbc\x80\xd9\x1e\x4f\x2c\xaa\x8c\xec\xe5\x8d\x41\x5f\x26\xb0\x03" -"\xbf\x5b\x74\xa1\x7d\x8b\x8e\x52\x9a\x64\xe4\x14\xd0\xbd\x88\x49" -"\xa6\x2a\x88\x45\xe7\x51\xcc\x3c\xba\xa4\x21\xc4\x67\x90\x0e\x52" -"\x99\x0c\x35\x86\xda\x11\xab\x33\x77\x2d\x9e\x13\x44\x6c\x71\x4c" -"\x66\x78\x00\x4d\x72\x5e\x02\x87\xda\xad\x19\x6d\xa1\x23\xab\x11" -"\x38\x60\xce\x49\xf5\x0b\x12\xe6\xdf\xaf\xa0\xc0\xa8\xce\x79\x9c" -"\x8c\x40\xd1\xe6\x8d\xef\x09\xec\x1d\x62\x63\xe5\xe8\x52\x08\x77" -"\x28\xd5\x50\x8e\xdb\xbe\x17\xa3\x76\x87\x13\xa4\xb7\x5e\x49\xd6" -"\x99\xd8\x30\xc7\x59\xcc\x83\xd5\xa8\x95\xe9\x6e\x42\xdd\x26\x8f" -"\x0b\x7c\x14\x73\x3d\xba\x87\xb1\xa9\x47\xe3\xc0\x0e\x7e\x22\x8b" -"\x63\x07\x06\xd4\x62\x93\x88\x9e\x9f\x53\x9b\x58\x93\x3b\xbd\xea" -"\x70\x8c\x30\x10\xc1\x8a\x01\xb4\x5e\xb0\x3e\xa5\x06\x37\xb7\xb3" -"\x3a\x07\x9f\x3c\x73\x06\x09\xab\xa4\x20\x12\xcd\xab\x7f\x79\x11" -"\x17\xf6\xdb\xe4\x3d\x1a\x6f\x06\x1e\xee\x27\x0f\x3e\x4e\xc2\xfb" -"\xfd\x7c\xab\x58\x45\xff\xdc\xa3\xd4\x5c\x5d\x3d\x99\xda\x7d\x74" -"\xe9\xb5\x55\xa6\x59\x7c\x43\x72\xe1\x79\x61\x6c\x36\xdf\xe9\xcc" -"\x48\x7a\x97\xa7\x9b\x6f\xf0\x2a\xa8\x12\xa6\xad\x55\x37\xba\x99" -"\x15\x35\x03\x25\x4d\x00\xe2\x33\x53\xc6\x0a\xf1\xe1\xc4\x8a\xac" -"\x02\x38\x17\x6d\xff\x63\x73\x04\x73\x35\xaa\xd4\x16\xae\x20\x50" -"\x59\xef\xf6\x67\x14\x8d\xe2\x9d\x2a\x6d\x24\x42\xd7\x76\x1c\x91" -"\x9b\x3d\x11\x07\x30\x4a\xa6\x54\x0a\xf0\x55\x20\x70\xd8\x3e\xa5" -"\xe3\x49\xc3\x6e\x80\x2c\xbc\x05\x35\xdb\x5c\x55\xa0\x3c\x10\xe3" -"\xd5\xc5\x61\xa4\xb7\x1f\xcb\x25\x03\x0f\x04\xfd\x00\x5d\x31\xfb" -"\xe2\xc4\x89\x96\xc6\x28\x5b\x74\x3d\x8d\x62\xb1\x3b\x7f\x58\xb9" -"\x2f\xf3\x9e\x58\xe7\x04\x4a\x8d\x39\xa0\x69\xb4\x3a\xbe\xe2\x59" -"\x2e\x28\x71\x81\xb0\x17\xeb\x2b\x91\xa8\xb1\x48\xbd\x71\x3b\xd6" -"\xe1\xc5\x2b\x2f\x08\x8e\x38\xec\xe1\xdc\x9c\x0f\x92\xe9\xa5\x39" -"\x65\xa0\x8f\x19\x5e\xb5\x1a\x74\x36\xc1\x2a\x68\xd6\xc6\xee\xec" -"\xe2\x6f\xc8\x32\xc8\x51\x81\x51\x39\x78\xfc\x4d\xa4\x63\x61\x8b" -"\xda\x41\x27\x37\x03\xb2\xee\x10\x7c\x3c\xf0\x24\x55\xcc\x32\xc4" -"\x4b\xc1\x8a\x7a\x1b\xb4\xf6\xf3\xff\x6f\x7d\x03\x89\x6f\x6c\xea" -"\x1a\x8f\x5b\x1b\xf7\x49\x68\x69\x44\x7b\xaf\x5f\x8f\x34\xb8\x75" -"\x30\x0a\x6f\xc7\xde\xb9\xf4\x67\x29\xc8\x36\xaa\xb0\xfc\x82\xb3" -"\x24\x1b\xde\x63\x4b\x3b\x95\x78\xf8\x0f\x08\x4b\x8f\x17\xcb\x85" -"\xee\x39\x2a\x79\xec\x92\x8a\x6a\x57\xd1\xba\x9a\x64\x8a\x00\x9f" -"\x21\xbb\x21\xc1\xf3\x59\x68\xe9\x70\x46\x13\xa0\x9c\x53\x5a\x27" -"\xb6\x7b\xb6\xd8\xdd\x3b\xff\xe2\xdb\x01\x10\xce\x90\x8f\x24\x70" -"\x0b\x31\xc0\xdb\x03\x1c\x50\x98\x43\x41\xc3\xe2\x51\xf3\xea\x2d" -"\x5b\x81\x35\xd1\x81\xd2\xb6\xd2\x62\x60\x93\x5d\x70\xe3\xcc\xf6" -"\xa2\x2b\x54\x0f\x5c\xac\x73\x05\x91\xe0\x8c\x72\xa2\x05\x69\x8c" -"\x9b\x2d\x3c\xf9\xa0\x4d\xf9\x94\x1c\xb4\x85\x45\x4e\xac\x12\x14" -"\x24\xd7\xfe\x86\x56\x82\xd3\x82\xaa\x31\x1b\x38\x56\xdc\x28\x9f" -"\x91\xf4\x5e\xef\xe0\xb8\x19\xd5\xdb\x86\xe8\xac\x5e\x8b\x54\x7e" -"\xa2\xbe\xbf\xb8\xac\xf1\xbc\xa2\x92\xac\x1c\x84\xb6\xa3\xa3\x28" -"\x30\xc8\x4d\xd5\x45\x14\x75\x74\xf6\x97\x8c\x04\x62\xc2\xcf\x43" -"\x90\xe8\xe5\x94\xf1\xcf\x0e\x3c\x58\x28\xfa\xfd\xdb\x4b\x8a\x36" -"\x82\x3d\x1c\x38\x9c\x30\x4f\x9c\x20\x5f\xda\x6a\x7e\x88\x44\x7e" -}; - /// BP_GI_PLUS_PRE: bytes STATIC const mp_obj_str_t mod_trezorcrypto_monero_BP_PLUS_GI_PRE_obj = {{&mp_type_bytes}, 0, 8192, (const byte*)"" "\x38\xc5\xd4\xdb\x53\xae\xb8\x6f\x5a\x80\xde\xf9\xbe\x49\x53\xf2" @@ -2881,10 +2361,6 @@ STATIC const mp_rom_map_elem_t mod_trezorcrypto_monero_globals_table[] = { {MP_ROM_QSTR(MP_QSTR_ct_equals), MP_ROM_PTR(&mod_trezorcrypto_ct_equals_obj)}, // bulletproof constants - {MP_ROM_QSTR(MP_QSTR_BP_GI_PRE), - MP_ROM_PTR(&mod_trezorcrypto_monero_BP_GI_PRE_obj)}, - {MP_ROM_QSTR(MP_QSTR_BP_HI_PRE), - MP_ROM_PTR(&mod_trezorcrypto_monero_BP_HI_PRE_obj)}, {MP_ROM_QSTR(MP_QSTR_BP_PLUS_GI_PRE), MP_ROM_PTR(&mod_trezorcrypto_monero_BP_PLUS_GI_PRE_obj)}, {MP_ROM_QSTR(MP_QSTR_BP_PLUS_HI_PRE), diff --git a/core/mocks/generated/trezorcrypto/monero.pyi b/core/mocks/generated/trezorcrypto/monero.pyi index 05a8ddfcb0..a4da402f2b 100644 --- a/core/mocks/generated/trezorcrypto/monero.pyi +++ b/core/mocks/generated/trezorcrypto/monero.pyi @@ -374,7 +374,5 @@ def ct_equals(a: bytes, b: bytes) -> bool: """ Constant time buffer comparison """ -BP_GI_PRE: bytes -BP_HI_PRE: bytes BP_GI_PLUS_PRE: bytes BP_HI_PLUS_PRE: bytes diff --git a/core/src/apps/monero/signing/__init__.py b/core/src/apps/monero/signing/__init__.py index 8b5fcf3ca9..5c3b2ee9c8 100644 --- a/core/src/apps/monero/signing/__init__.py +++ b/core/src/apps/monero/signing/__init__.py @@ -16,9 +16,7 @@ class NotEnoughOutputsError(wire.DataError): class RctType: """ There are several types of monero Ring Confidential Transactions - like RCTTypeFull and RCTTypeSimple but currently we use only CLSAG - and RCTTypeBulletproofPlus + like RCTTypeFull and RCTTypeSimple, but currently we use only RCTTypeBulletproofPlus """ - CLSAG = 5 RCTTypeBulletproofPlus = 6 diff --git a/core/src/apps/monero/signing/state.py b/core/src/apps/monero/signing/state.py index cd4e5bb71b..5700c041b2 100644 --- a/core/src/apps/monero/signing/state.py +++ b/core/src/apps/monero/signing/state.py @@ -103,7 +103,6 @@ class State: self.rsig_grouping: list[int] | None = [] # is range proof computing offloaded or not self.rsig_offload: bool | None = False - self.rsig_is_bp_plus: bool | None = False # sum of all inputs' pseudo out masks self.sumpouts_alphas: Scalar = crypto.Scalar(0) diff --git a/core/src/apps/monero/signing/step_01_init_transaction.py b/core/src/apps/monero/signing/step_01_init_transaction.py index 2d38c003a8..e4f861be0f 100644 --- a/core/src/apps/monero/signing/step_01_init_transaction.py +++ b/core/src/apps/monero/signing/step_01_init_transaction.py @@ -207,10 +207,9 @@ def _check_rsig_data(state: State, rsig_data: MoneroTransactionRsigData) -> None elif rsig_data.rsig_type not in (1, 2, 3): raise ValueError("Unknown rsig type") - state.tx_type = signing.RctType.CLSAG - if rsig_data.bp_version == 4: - state.rsig_is_bp_plus = True - state.tx_type = signing.RctType.RCTTypeBulletproofPlus + state.tx_type = signing.RctType.RCTTypeBulletproofPlus + if rsig_data.bp_version != 4: + raise ValueError("Unknown BP version") if state.output_count > 2: state.rsig_offload = True diff --git a/core/src/apps/monero/signing/step_06_set_output.py b/core/src/apps/monero/signing/step_06_set_output.py index 60740ad17b..5ce621a4e0 100644 --- a/core/src/apps/monero/signing/step_06_set_output.py +++ b/core/src/apps/monero/signing/step_06_set_output.py @@ -15,10 +15,7 @@ from .state import State if TYPE_CHECKING: from apps.monero.xmr.serialize_messages.tx_ecdh import EcdhTuple - from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import ( - Bulletproof, - BulletproofPlus, - ) + from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import BulletproofPlus from trezor.messages import ( MoneroTransactionDestinationEntry, MoneroTransactionSetOutputAck, @@ -322,7 +319,7 @@ def _rsig_bp(state: State) -> bytes: from apps.monero.xmr import range_signatures rsig = range_signatures.prove_range_bp_batch( - state.output_amounts, state.output_masks, state.rsig_is_bp_plus + state.output_amounts, state.output_masks ) state.mem_trace("post-bp" if __debug__ else None, collect=True) @@ -333,7 +330,7 @@ def _rsig_bp(state: State) -> bytes: state.full_message_hasher.rsig_val(rsig, raw=False) state.mem_trace("post-bp-hash" if __debug__ else None, collect=True) - rsig = _dump_rsig_bp_plus(rsig) if state.rsig_is_bp_plus else _dump_rsig_bp(rsig) + rsig = _dump_rsig_bp_plus(rsig) state.mem_trace( f"post-bp-ser, size: {len(rsig)}" if __debug__ else None, collect=True ) @@ -346,15 +343,9 @@ def _rsig_bp(state: State) -> bytes: def _rsig_process_bp(state: State, rsig_data: MoneroTransactionRsigData): from apps.monero.xmr import range_signatures - from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import ( - Bulletproof, - BulletproofPlus, - ) + from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import BulletproofPlus - if state.rsig_is_bp_plus: - bp_obj = serialize.parse_msg(rsig_data.rsig, BulletproofPlus) - else: - bp_obj = serialize.parse_msg(rsig_data.rsig, Bulletproof) + bp_obj = serialize.parse_msg(rsig_data.rsig, BulletproofPlus) rsig_data.rsig = None # BP is hashed with raw=False as hash does not contain L, R @@ -371,36 +362,6 @@ def _rsig_process_bp(state: State, rsig_data: MoneroTransactionRsigData): state.output_masks = [] -def _dump_rsig_bp(rsig: Bulletproof) -> bytes: - if len(rsig.L) > 127: - raise ValueError("Too large") - - # Manual serialization as the generic purpose serialize.dump_msg_gc - # is more memory intensive which is not desired in the range proof section. - - # BP: V, A, S, T1, T2, taux, mu, L, R, a, b, t - # Commitment vector V is not serialized - # Vector size under 127 thus varint occupies 1 B - buff_size = 32 * (9 + 2 * (len(rsig.L))) + 2 - buff = bytearray(buff_size) - - utils.memcpy(buff, 0, rsig.A, 0, 32) - utils.memcpy(buff, 32, rsig.S, 0, 32) - utils.memcpy(buff, 32 * 2, rsig.T1, 0, 32) - utils.memcpy(buff, 32 * 3, rsig.T2, 0, 32) - utils.memcpy(buff, 32 * 4, rsig.taux, 0, 32) - utils.memcpy(buff, 32 * 5, rsig.mu, 0, 32) - - offset = _dump_rsig_lr(buff, 32 * 6, rsig) - - utils.memcpy(buff, offset, rsig.a, 0, 32) - offset += 32 - utils.memcpy(buff, offset, rsig.b, 0, 32) - offset += 32 - utils.memcpy(buff, offset, rsig.t, 0, 32) - return buff - - def _dump_rsig_bp_plus(rsig: BulletproofPlus) -> bytes: if len(rsig.L) > 127: raise ValueError("Too large") @@ -425,9 +386,7 @@ def _dump_rsig_bp_plus(rsig: BulletproofPlus) -> bytes: return buff -def _dump_rsig_lr( - buff: bytearray, offset: int, rsig: Bulletproof | BulletproofPlus -) -> int: +def _dump_rsig_lr(buff: bytearray, offset: int, rsig: BulletproofPlus) -> int: buff[offset] = len(rsig.L) offset += 1 diff --git a/core/src/apps/monero/xmr/bulletproof.py b/core/src/apps/monero/xmr/bulletproof.py index d4a1fc3d63..e83ce7b021 100644 --- a/core/src/apps/monero/xmr/bulletproof.py +++ b/core/src/apps/monero/xmr/bulletproof.py @@ -4,7 +4,6 @@ from micropython import const from typing import TYPE_CHECKING from trezor import utils -from trezor.crypto import random from trezor.utils import memcpy as tmemcpy from apps.monero.xmr import crypto, crypto_helpers @@ -13,7 +12,7 @@ from apps.monero.xmr.serialize.int_serialize import dump_uvarint_b_into, uvarint if TYPE_CHECKING: from typing import Iterator, TypeVar, Generic - from .serialize_messages.tx_rsig_bulletproof import Bulletproof, BulletproofPlus + from .serialize_messages.tx_rsig_bulletproof import BulletproofPlus T = TypeVar("T") ScalarDst = TypeVar("ScalarDst", bytearray, crypto.Scalar) @@ -40,9 +39,6 @@ _XMR_H = b"\x8b\x65\x59\x70\x15\x37\x99\xaf\x2a\xea\xdc\x9f\xf1\xad\xd0\xea\x6c\ _XMR_HP = crypto.xmr_H() _XMR_G = b"\x58\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66" -# ip12 = inner_product(oneN, twoN); -_BP_IP12 = b"\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - _INITIAL_TRANSCRIPT = b"\x4a\x67\x7c\x90\xeb\x73\x05\x1e\x79\x0d\xa4\x55\x91\x10\x7f\x6e\xe1\x05\x90\x4d\x91\x87\xc5\xd3\x54\x71\x09\x6c\x44\x5a\x22\x75" _TWO_SIXTY_FOUR_MINUS_ONE = b"\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" @@ -295,10 +291,6 @@ def _hash_vct_to_scalar(dst, data): return dst -def _get_exponent(dst, base, idx): - return _get_exponent_univ(dst, base, idx, b"bulletproof") - - def _get_exponent_plus(dst, base, idx): return _get_exponent_univ(dst, base, idx, b"bulletproof_plus") @@ -790,56 +782,6 @@ class KeyVSliced(KeyVBase): return self.wrapped.read(self.offset + self.idxize(idx), buff, offset) -class KeyVPowers(KeyVBase): - """ - Vector of x^i. Allows only sequential access (no jumping). Resets on [0,1] access. - """ - - __slots__ = ("current_idx", "size", "x", "raw", "cur", "last_idx") - - def __init__(self, size, x, raw: int = False): - super().__init__(size) - self.x = x if not raw else crypto.decodeint_into_noreduce(None, x) - self.raw = raw - self.cur = bytearray(32) if not raw else crypto.Scalar() - self.last_idx = 0 - - def __getitem__(self, item): - prev = self.last_idx - item = self.idxize(item) - self.last_idx = item - - if item == 0: - return ( - _copy_key(self.cur, _ONE) - if not self.raw - else crypto.decodeint_into_noreduce(None, _ONE) - ) - elif item == 1: - return ( - _copy_key(self.cur, self.x) - if not self.raw - else crypto.sc_copy(self.cur, self.x) - ) - elif item == prev: - return self.cur - elif item == prev + 1: - return ( - _sc_mul(self.cur, self.cur, self.x) - if not self.raw - else crypto.sc_mul_into(self.cur, self.cur, self.x) - ) - else: - raise IndexError(f"KeyVPowers: Only linear scan allowed: {prev}, {item}") - - def set_state(self, idx: int, val): - self.last_idx = idx - if self.raw: - return crypto.sc_copy(self.cur, val) - else: - return _copy_key(self.cur, val) - - class KeyVPowersBackwards(KeyVBase): """ Vector of x^i. @@ -1122,45 +1064,6 @@ class KeyScalarFoldedVct(KeyVBase): return self.cur_sc -class KeyPow2Vct(KeyVBase): - """ - 2**i vector, note that Curve25519 has scalar order 2 ** 252 + 27742317777372353535851937790883648493 - """ - - __slots__ = ( - "size", - "raw", - "cur", - "cur_sc", - ) - - def __init__(self, size: int, raw: bool = False): - super().__init__(size) - self.raw = raw - self.cur = _ensure_dst_key() - self.cur_sc = crypto.Scalar() - - def __getitem__(self, item): - i = self.idxize(item) - if i == 0: - _copy_key(self.cur, _ONE) - elif i == 1: - _copy_key(self.cur, _TWO) - else: - _copy_key(self.cur, _ZERO) - self.cur[i >> 3] = 1 << (i & 7) - - if i < 252 and self.raw: - return crypto.decodeint_into_noreduce(self.cur_sc, self.cur) - - if i > 252: # reduction, costly - crypto.decodeint_into(self.cur_sc, self.cur) - if not self.raw: - return crypto.encodeint_into(self.cur, self.cur_sc) - - return self.cur_sc if self.raw else self.cur - - class KeyChallengeCacheVct(KeyVBase): """ Challenge cache vector for BP+ verification @@ -1210,94 +1113,6 @@ class KeyChallengeCacheVct(KeyVBase): return self.cur -class KeyR0(KeyVBase): - """ - Vector r0. Allows only sequential access (no jumping). Resets on [0,1] access. - zt_i = z^{2 + \floor{i/N}} 2^{i % N} - r0_i = ((a_{Ri} + z) y^{i}) + zt_i - - Could be composed from smaller vectors, but RAW returns are required - """ - - __slots__ = ( - "current_idx", - "size", - "N", - "aR", - "raw", - "y", - "yp", - "z", - "zt", - "p2", - "res", - "cur", - "last_idx", - ) - - def __init__(self, size, N, aR, y, z, raw: int = False, **kwargs) -> None: - super().__init__(size) - self.N = N - self.aR = aR - self.raw = raw - self.y = crypto.decodeint_into_noreduce(None, y) - self.yp = crypto.Scalar() # y^{i} - self.z = crypto.decodeint_into_noreduce(None, z) - self.zt = crypto.Scalar() # z^{2 + \floor{i/N}} - self.p2 = crypto.Scalar() # 2^{i \% N} - self.res = crypto.Scalar() # tmp_sc_1 - - self.cur = bytearray(32) if not raw else None - self.last_idx = 0 - self.reset() - - def reset(self) -> None: - crypto.decodeint_into_noreduce(self.yp, _ONE) - crypto.decodeint_into_noreduce(self.p2, _ONE) - crypto.sc_mul_into(self.zt, self.z, self.z) - - def __getitem__(self, item): - prev = self.last_idx - item = self.idxize(item) - self.last_idx = item - - # Const init for eval - if item == 0: # Reset on first item access - self.reset() - - elif item == prev + 1: - crypto.sc_mul_into(self.yp, self.yp, self.y) # ypow - if item % self.N == 0: - crypto.sc_mul_into(self.zt, self.zt, self.z) # zt - crypto.decodeint_into_noreduce(self.p2, _ONE) # p2 reset - else: - crypto.decodeint_into_noreduce(self.res, _TWO) # p2 - crypto.sc_mul_into(self.p2, self.p2, self.res) # p2 - - elif item == prev: # No advancing - pass - - else: - raise IndexError("Only linear scan allowed") - - # Eval r0[i] - if ( - item == 0 or item != prev - ): # if True not present, fails with cross dot product - crypto.decodeint_into_noreduce(self.res, self.aR.to(item)) # aR[i] - crypto.sc_add_into(self.res, self.res, self.z) # aR[i] + z - crypto.sc_mul_into(self.res, self.res, self.yp) # (aR[i] + z) * y^i - crypto.sc_muladd_into( - self.res, self.zt, self.p2, self.res - ) # (aR[i] + z) * y^i + z^{2 + \floor{i/N}} 2^{i \% N} - - if self.raw: - return self.res - - crypto.encodeint_into(self.cur, self.res) - return self.cur - - def _ensure_dst_keyvect(dst=None, size: int | None = None): if dst is None: dst = KeyV(elems=size) @@ -1307,10 +1122,6 @@ def _ensure_dst_keyvect(dst=None, size: int | None = None): return dst -def _const_vector(val, elems=_BP_N, copy: bool = True) -> KeyVConst: - return KeyVConst(elems, val, copy) - - def _vector_exponent_custom(A, B, a, b, dst=None, a_raw=None, b_raw=None): """ \\sum_{i=0}^{|A|} a_i A_i + b_i B_i @@ -1338,72 +1149,6 @@ def _vector_exponent_custom(A, B, a, b, dst=None, a_raw=None, b_raw=None): return dst -def _vector_powers(x, n, dst=None, dynamic: int = False): - """ - r_i = x^i - """ - if dynamic: - return KeyVPowers(n, x) - dst = _ensure_dst_keyvect(dst, n) - if n == 0: - return dst - dst.read(0, _ONE) - if n == 1: - return dst - dst.read(1, x) - - crypto.decodeint_into_noreduce(_tmp_sc_1, x) - crypto.decodeint_into_noreduce(_tmp_sc_2, x) - for i in range(2, n): - crypto.sc_mul_into(_tmp_sc_1, _tmp_sc_1, _tmp_sc_2) - crypto.encodeint_into(_tmp_bf_0, _tmp_sc_1) - dst.read(i, _tmp_bf_0) - _gc_iter(i) - return dst - - -def _vector_power_sum(x, n, dst=None): - """ - \\sum_{i=0}^{n-1} x^i - """ - dst = _ensure_dst_key(dst) - if n == 0: - return _copy_key(dst, _ZERO) - if n == 1: - _copy_key(dst, _ONE) - - crypto.decodeint_into_noreduce(_tmp_sc_1, x) - crypto.decodeint_into_noreduce(_tmp_sc_3, _ONE) - crypto.sc_add_into(_tmp_sc_3, _tmp_sc_3, _tmp_sc_1) - crypto.sc_copy(_tmp_sc_2, _tmp_sc_1) - - for i in range(2, n): - crypto.sc_mul_into(_tmp_sc_2, _tmp_sc_2, _tmp_sc_1) - crypto.sc_add_into(_tmp_sc_3, _tmp_sc_3, _tmp_sc_2) - _gc_iter(i) - - return crypto.encodeint_into(dst, _tmp_sc_3) - - -def _inner_product(a, b, dst=None): - """ - \\sum_{i=0}^{|a|} a_i b_i - """ - if len(a) != len(b): - raise ValueError("Incompatible sizes of a and b") - dst = _ensure_dst_key(dst) - crypto.sc_copy(_tmp_sc_1, 0) - - for i in range(len(a)): - crypto.decodeint_into_noreduce(_tmp_sc_2, a.to(i)) - crypto.decodeint_into_noreduce(_tmp_sc_3, b.to(i)) - crypto.sc_muladd_into(_tmp_sc_1, _tmp_sc_2, _tmp_sc_3, _tmp_sc_1) - _gc_iter(i) - - crypto.encodeint_into(dst, _tmp_sc_1) - return dst - - def _weighted_inner_product( dst: bytearray | None, a: KeyVBase, b: KeyVBase, y: bytearray ): @@ -1452,28 +1197,6 @@ def _hadamard_fold(v, a, b, into=None, into_offset: int = 0, vR=None, vRoff=0): return into -def _scalar_fold(v, a, b, into=None, into_offset: int = 0): - """ - ln = len(v); h = ln // 2 - v_i = a v_i + b v_{h + i} - """ - h = len(v) // 2 - crypto.decodeint_into_noreduce(_tmp_sc_1, a) - crypto.decodeint_into_noreduce(_tmp_sc_2, b) - into = into if into else v - - for i in range(h): - crypto.decodeint_into_noreduce(_tmp_sc_3, v.to(i)) - crypto.decodeint_into_noreduce(_tmp_sc_4, v.to(h + i)) - crypto.sc_mul_into(_tmp_sc_3, _tmp_sc_3, _tmp_sc_1) - crypto.sc_muladd_into(_tmp_sc_3, _tmp_sc_4, _tmp_sc_2, _tmp_sc_3) - crypto.encodeint_into(_tmp_bf_0, _tmp_sc_3) - into.read(i + into_offset, _tmp_bf_0) - _gc_iter(i) - - return into - - def _cross_inner_product(l0, r0, l1, r1): """ t1 = l0 . r1 + l1 . r0 @@ -1500,24 +1223,6 @@ def _cross_inner_product(l0, r0, l1, r1): return crypto_helpers.encodeint(sc_t1), crypto_helpers.encodeint(sc_t2) -def _vector_gen(dst, size, op): - dst = _ensure_dst_keyvect(dst, size) - for i in range(size): - dst.to(i, _tmp_bf_0) - op(i, _tmp_bf_0) - dst.read(i, _tmp_bf_0) - _gc_iter(i) - return dst - - -def _vector_dup(x, n, dst=None): - dst = _ensure_dst_keyvect(dst, n) - for i in range(n): - dst[i] = x - _gc_iter(i) - return dst - - def _hash_cache_mash(dst, hash_cache, *args): dst = _ensure_dst_key(dst) ctx = crypto_helpers.get_keccak() @@ -1602,688 +1307,6 @@ class BulletProofGenException(Exception): pass -class BulletProofBuilder: - def __init__(self) -> None: - self.use_det_masks = True - self.proof_sec = None - - # BP_GI_PRE = get_exponent(Gi[i], _XMR_H, i * 2 + 1) - self.Gprec = KeyV(buffer=crypto.BP_GI_PRE, const=True) - # BP_HI_PRE = get_exponent(Hi[i], _XMR_H, i * 2) - self.Hprec = KeyV(buffer=crypto.BP_HI_PRE, const=True) - # BP_TWO_N = vector_powers(_TWO, _BP_N); - self.twoN = KeyPow2Vct(250) - self.fnc_det_mask = None - - # aL, aR amount bitmasks, can be freed once not needed - self.aL = None - self.aR = None - - self.tmp_sc_1 = crypto.Scalar() - self.tmp_det_buff = bytearray(64 + 1 + 4) - - self.gc_fnc = gc.collect - self.gc_trace = None - - def gc(self, *args) -> None: - if self.gc_trace: - self.gc_trace(*args) - if self.gc_fnc: - self.gc_fnc() - - def aX_vcts(self, sv, MN) -> tuple: - num_inp = len(sv) - - def e_xL(idx, d=None, is_a=True): - j, i = idx // _BP_N, idx % _BP_N - r = None - if j < num_inp and sv[j][i // 8] & (1 << i % 8): - r = _ONE if is_a else _ZERO - else: - r = _ZERO if is_a else _MINUS_ONE - if d: - return _copy_key(d, r) - return r - - aL = KeyVEval(MN, lambda i, d: e_xL(i, d, True)) - aR = KeyVEval(MN, lambda i, d: e_xL(i, d, False)) - return aL, aR - - def _det_mask_init(self) -> None: - memcpy(self.tmp_det_buff, 0, self.proof_sec, 0, len(self.proof_sec)) - - def _det_mask(self, i, is_sL: bool = True, dst: bytearray | None = None): - dst = _ensure_dst_key(dst) - if self.fnc_det_mask: - return self.fnc_det_mask(i, is_sL, dst) - self.tmp_det_buff[64] = int(is_sL) - memcpy(self.tmp_det_buff, 65, _ZERO, 0, 4) - dump_uvarint_b_into(i, self.tmp_det_buff, 65) - crypto.hash_to_scalar_into(self.tmp_sc_1, self.tmp_det_buff) - crypto.encodeint_into(dst, self.tmp_sc_1) - return dst - - def _gprec_aux(self, size: int) -> KeyVPrecomp: - return KeyVPrecomp( - size, self.Gprec, lambda i, d: _get_exponent(d, _XMR_H, i * 2 + 1) - ) - - def _hprec_aux(self, size: int) -> KeyVPrecomp: - return KeyVPrecomp( - size, self.Hprec, lambda i, d: _get_exponent(d, _XMR_H, i * 2) - ) - - def _two_aux(self, size: int) -> KeyVPrecomp: - # Simple recursive exponentiation from precomputed results - lx = len(self.twoN) - - def pow_two(i: int, d=None): - if i < lx: - return self.twoN[i] - - d = _ensure_dst_key(d) - flr = i // 2 - - lw = pow_two(flr) - rw = pow_two(flr + 1 if flr != i / 2.0 else lw) - return _sc_mul(d, lw, rw) - - return KeyVPrecomp(size, self.twoN, pow_two) - - def sL_vct(self, ln=_BP_N): - return ( - KeyVEval(ln, lambda i, dst: self._det_mask(i, True, dst)) - if self.use_det_masks - else self.sX_gen(ln) - ) - - def sR_vct(self, ln=_BP_N): - return ( - KeyVEval(ln, lambda i, dst: self._det_mask(i, False, dst)) - if self.use_det_masks - else self.sX_gen(ln) - ) - - def sX_gen(self, ln=_BP_N) -> KeyV: - gc.collect() - buff = bytearray(ln * 32) - buff_mv = memoryview(buff) - sc = crypto.Scalar() - for i in range(ln): - crypto.random_scalar(sc) - crypto.encodeint_into(buff_mv[i * 32 : (i + 1) * 32], sc) - _gc_iter(i) - return KeyV(buffer=buff) - - def vector_exponent(self, a, b, dst=None, a_raw=None, b_raw=None): - return _vector_exponent_custom(self.Gprec, self.Hprec, a, b, dst, a_raw, b_raw) - - def prove(self, sv: crypto.Scalar, gamma: crypto.Scalar): - return self.prove_batch([sv], [gamma]) - - def prove_setup(self, sv: list[crypto.Scalar], gamma: list[crypto.Scalar]) -> tuple: - utils.ensure(len(sv) == len(gamma), "|sv| != |gamma|") - utils.ensure(len(sv) > 0, "sv empty") - - self.proof_sec = random.bytes(64) - self._det_mask_init() - gc.collect() - sv = [crypto_helpers.encodeint(x) for x in sv] - gamma = [crypto_helpers.encodeint(x) for x in gamma] - - M, logM = 1, 0 - while M <= _BP_M and M < len(sv): - logM += 1 - M = 1 << logM - MN = M * _BP_N - - V = _ensure_dst_keyvect(None, len(sv)) - for i in range(len(sv)): - _add_keys2(_tmp_bf_0, gamma[i], sv[i], _XMR_H) - _scalarmult_key(_tmp_bf_0, _tmp_bf_0, _INV_EIGHT) - V.read(i, _tmp_bf_0) - - self.prove_setup_aLaR(MN, None, sv) - return M, logM, V, gamma - - def prove_setup_aLaR(self, MN, sv, sv_vct=None): - sv_vct = sv_vct if sv_vct else [crypto_helpers.encodeint(x) for x in sv] - self.aL, self.aR = self.aX_vcts(sv_vct, MN) - - def prove_batch( - self, sv: list[crypto.Scalar], gamma: list[crypto.Scalar] - ) -> Bulletproof: - M, logM, V, gamma = self.prove_setup(sv, gamma) - hash_cache = _ensure_dst_key() - while True: - self.gc(10) - try: - return self._prove_batch_main(V, gamma, hash_cache, logM, M) - except BulletProofGenException: - self.prove_setup_aLaR(M * _BP_N, sv) - continue - - def _prove_batch_main(self, V, gamma, hash_cache, logM, M) -> Bulletproof: - N = _BP_N - logN = _BP_LOG_N - logMN = logM + logN - MN = M * N - _hash_vct_to_scalar(hash_cache, V) - - # PHASE 1 - A, S, T1, T2, taux, mu, t, l, r, y, x_ip, hash_cache = self._prove_phase1( - N, M, V, gamma, hash_cache - ) - - # PHASE 2 - L, R, a, b = self._prove_loop(MN, logMN, l, r, y, x_ip, hash_cache) - - from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import Bulletproof - - return Bulletproof( - V=V, A=A, S=S, T1=T1, T2=T2, taux=taux, mu=mu, L=L, R=R, a=a, b=b, t=t - ) - - def _prove_phase1(self, N, M, V, gamma, hash_cache) -> tuple: - MN = M * N - aL = self.aL - aR = self.aR - Gprec = self._gprec_aux(MN) - Hprec = self._hprec_aux(MN) - - # PAPER LINES 38-39, compute A = 8^{-1} ( \alpha G + \sum_{i=0}^{MN-1} a_{L,i} \Gi_i + a_{R,i} \Hi_i) - alpha = _sc_gen() - A = _ensure_dst_key() - _vector_exponent_custom(Gprec, Hprec, aL, aR, A) - _add_keys(A, A, _scalarmult_base(_tmp_bf_1, alpha)) - _scalarmult_key(A, A, _INV_EIGHT) - self.gc(11) - - # PAPER LINES 40-42, compute S = 8^{-1} ( \rho G + \sum_{i=0}^{MN-1} s_{L,i} \Gi_i + s_{R,i} \Hi_i) - sL = self.sL_vct(MN) - sR = self.sR_vct(MN) - rho = _sc_gen() - S = _ensure_dst_key() - _vector_exponent_custom(Gprec, Hprec, sL, sR, S) - _add_keys(S, S, _scalarmult_base(_tmp_bf_1, rho)) - _scalarmult_key(S, S, _INV_EIGHT) - self.gc(12) - - # PAPER LINES 43-45 - y = _ensure_dst_key() - _hash_cache_mash(y, hash_cache, A, S) - if y == _ZERO: - raise BulletProofGenException() - - z = _ensure_dst_key() - _hash_to_scalar(hash_cache, y) - _copy_key(z, hash_cache) - zc = crypto.decodeint_into_noreduce(None, z) - if z == _ZERO: - raise BulletProofGenException() - - # Polynomial construction by coefficients - # l0 = aL - z r0 = ((aR + z) . ypow) + zt - # l1 = sL r1 = sR . ypow - l0 = KeyVEval(MN, lambda i, d: _sc_sub(d, aL.to(i), zc)) # noqa: F821 - l1 = sL - self.gc(13) - - # This computes the ugly sum/concatenation from PAPER LINE 65 - # r0_i = ((a_{Ri} + z) y^{i}) + zt_i - # r1_i = s_{Ri} y^{i} - r0 = KeyR0(MN, N, aR, y, z) - ypow = KeyVPowers(MN, y, raw=True) - r1 = KeyVEval(MN, lambda i, d: _sc_mul(d, sR.to(i), ypow[i])) # noqa: F821 - del aR - self.gc(14) - - # Evaluate per index - # - $t_1 = l_0 . r_1 + l_1 . r0$ - # - $t_2 = l_1 . r_1$ - # - compute then T1, T2, x - t1, t2 = _cross_inner_product(l0, r0, l1, r1) - - # PAPER LINES 47-48, Compute: T1, T2 - # T1 = 8^{-1} (\tau_1G + t_1H ) - # T2 = 8^{-1} (\tau_2G + t_2H ) - tau1, tau2 = _sc_gen(), _sc_gen() - T1, T2 = _ensure_dst_key(), _ensure_dst_key() - - _add_keys2(T1, tau1, t1, _XMR_H) - _scalarmult_key(T1, T1, _INV_EIGHT) - - _add_keys2(T2, tau2, t2, _XMR_H) - _scalarmult_key(T2, T2, _INV_EIGHT) - del (t1, t2) - self.gc(16) - - # PAPER LINES 49-51, compute x - x = _ensure_dst_key() - _hash_cache_mash(x, hash_cache, z, T1, T2) - if x == _ZERO: - raise BulletProofGenException() - - # Second pass, compute l, r - # Offloaded version does this incrementally and produces l, r outs in chunks - # Message offloaded sends blinded vectors with random constants. - # - $l_i = l_{0,i} + xl_{1,i} - # - $r_i = r_{0,i} + xr_{1,i} - # - $t = l . r$ - l = _ensure_dst_keyvect(None, MN) - r = _ensure_dst_keyvect(None, MN) - ts = crypto.Scalar() - for i in range(MN): - _sc_muladd(_tmp_bf_0, x, l1.to(i), l0.to(i)) - l.read(i, _tmp_bf_0) - - _sc_muladd(_tmp_bf_1, x, r1.to(i), r0.to(i)) - r.read(i, _tmp_bf_1) - - _sc_muladd(ts, _tmp_bf_0, _tmp_bf_1, ts) - - t = crypto_helpers.encodeint(ts) - self.aL = None - self.aR = None - del (l0, l1, sL, sR, r0, r1, ypow, ts, aL) - self.gc(17) - - # PAPER LINES 52-53, Compute \tau_x - taux = _ensure_dst_key() - _sc_mul(taux, tau1, x) - _sc_mul(_tmp_bf_0, x, x) - _sc_muladd(taux, tau2, _tmp_bf_0, taux) - del (tau1, tau2) - - zpow = crypto.sc_mul_into(None, zc, zc) - for j in range(1, len(V) + 1): - _sc_muladd(taux, zpow, gamma[j - 1], taux) - crypto.sc_mul_into(zpow, zpow, zc) - del (zc, zpow) - - self.gc(18) - mu = _ensure_dst_key() - _sc_muladd(mu, x, rho, alpha) - del (rho, alpha) - self.gc(19) - - # PAPER LINES 32-33 - x_ip = _hash_cache_mash(None, hash_cache, x, taux, mu, t) - if x_ip == _ZERO: - raise BulletProofGenException() - - return A, S, T1, T2, taux, mu, t, l, r, y, x_ip, hash_cache - - def _prove_loop(self, MN, logMN, l, r, y, x_ip, hash_cache) -> tuple: - nprime = MN - aprime = l - bprime = r - - Hprec = self._hprec_aux(MN) - - yinvpowL = KeyVPowers(MN, _invert(_tmp_bf_0, y), raw=True) - yinvpowR = KeyVPowers(MN, _tmp_bf_0, raw=True) - tmp_pt = crypto.Point() - - Gprime = self._gprec_aux(MN) - HprimeL = KeyVEval( - MN, lambda i, d: _scalarmult_key(d, Hprec.to(i), None, yinvpowL[i]) - ) - HprimeR = KeyVEval( - MN, lambda i, d: _scalarmult_key(d, Hprec.to(i), None, yinvpowR[i], tmp_pt) - ) - Hprime = HprimeL - self.gc(20) - - L = _ensure_dst_keyvect(None, logMN) - R = _ensure_dst_keyvect(None, logMN) - cL = _ensure_dst_key() - cR = _ensure_dst_key() - winv = _ensure_dst_key() - w_round = _ensure_dst_key() - tmp = _ensure_dst_key() - _tmp_k_1 = _ensure_dst_key() - round = 0 - - # PAPER LINE 13 - while nprime > 1: - # PAPER LINE 15 - npr2 = nprime - nprime >>= 1 - self.gc(22) - - # PAPER LINES 16-17 - # cL = \ap_{\left(\inta\right)} \cdot \bp_{\left(\intb\right)} - # cR = \ap_{\left(\intb\right)} \cdot \bp_{\left(\inta\right)} - _inner_product( - aprime.slice_view(0, nprime), bprime.slice_view(nprime, npr2), cL - ) - - _inner_product( - aprime.slice_view(nprime, npr2), bprime.slice_view(0, nprime), cR - ) - self.gc(23) - - # PAPER LINES 18-19 - # Lc = 8^{-1} \left(\left( \sum_{i=0}^{\np} \ap_{i}\quad\Gp_{i+\np} + \bp_{i+\np}\Hp_{i} \right) - # + \left(c_L x_{ip}\right)H \right) - _vector_exponent_custom( - Gprime.slice_view(nprime, npr2), - Hprime.slice_view(0, nprime), - aprime.slice_view(0, nprime), - bprime.slice_view(nprime, npr2), - _tmp_bf_0, - ) - - # In round 0 backup the y^{prime - 1} - if round == 0: - yinvpowR.set_state(yinvpowL.last_idx, yinvpowL.cur) - - _sc_mul(tmp, cL, x_ip) - _add_keys(_tmp_bf_0, _tmp_bf_0, _scalarmultH(_tmp_k_1, tmp)) - _scalarmult_key(_tmp_bf_0, _tmp_bf_0, _INV_EIGHT) - L.read(round, _tmp_bf_0) - self.gc(24) - - # Rc = 8^{-1} \left(\left( \sum_{i=0}^{\np} \ap_{i+\np}\Gp_{i}\quad + \bp_{i}\quad\Hp_{i+\np} \right) - # + \left(c_R x_{ip}\right)H \right) - _vector_exponent_custom( - Gprime.slice_view(0, nprime), - Hprime.slice_view(nprime, npr2), - aprime.slice_view(nprime, npr2), - bprime.slice_view(0, nprime), - _tmp_bf_0, - ) - - _sc_mul(tmp, cR, x_ip) - _add_keys(_tmp_bf_0, _tmp_bf_0, _scalarmultH(_tmp_k_1, tmp)) - _scalarmult_key(_tmp_bf_0, _tmp_bf_0, _INV_EIGHT) - R.read(round, _tmp_bf_0) - self.gc(25) - - # PAPER LINES 21-22 - _hash_cache_mash(w_round, hash_cache, L.to(round), R.to(round)) - if w_round == _ZERO: - raise BulletProofGenException() - - # PAPER LINES 24-25, fold {G~, H~} - _invert(winv, w_round) - self.gc(26) - - # PAPER LINES 28-29, fold {a, b} vectors - # aprime's high part is used as a buffer for other operations - _scalar_fold(aprime, w_round, winv) - aprime.resize(nprime) - self.gc(27) - - _scalar_fold(bprime, winv, w_round) - bprime.resize(nprime) - self.gc(28) - - # First fold produced to a new buffer, smaller one (G~ on-the-fly) - Gprime_new = KeyV(nprime) if round == 0 else Gprime - Gprime = _hadamard_fold(Gprime, winv, w_round, Gprime_new, 0) - Gprime.resize(nprime) - self.gc(30) - - # Hadamard fold for H is special - linear scan only. - # Linear scan is slow, thus we have HprimeR. - if round == 0: - Hprime_new = KeyV(nprime) - Hprime = _hadamard_fold( - Hprime, w_round, winv, Hprime_new, 0, HprimeR, nprime - ) - # Hprime = _hadamard_fold_linear(Hprime, w_round, winv, Hprime_new, 0) - - else: - _hadamard_fold(Hprime, w_round, winv) - Hprime.resize(nprime) - - if round == 0: - # del (Gprec, Hprec, yinvpowL, HprimeL) - del (Hprec, yinvpowL, yinvpowR, HprimeL, HprimeR, tmp_pt) - - self.gc(31) - round += 1 - - return L, R, aprime.to(0), bprime.to(0) - - def verify(self, proof) -> bool: - return self.verify_batch([proof]) - - def verify_batch(self, proofs: list[Bulletproof], single_optim: bool = True): - """ - BP batch verification - :param proofs: - :param single_optim: single proof memory optimization - :return: - """ - max_length = 0 - for proof in proofs: - utils.ensure(_is_reduced(proof.taux), "Input scalar not in range") - utils.ensure(_is_reduced(proof.mu), "Input scalar not in range") - utils.ensure(_is_reduced(proof.a), "Input scalar not in range") - utils.ensure(_is_reduced(proof.b), "Input scalar not in range") - utils.ensure(_is_reduced(proof.t), "Input scalar not in range") - utils.ensure(len(proof.V) >= 1, "V does not have at least one element") - utils.ensure(len(proof.L) == len(proof.R), "|L| != |R|") - utils.ensure(len(proof.L) > 0, "Empty proof") - max_length = max(max_length, len(proof.L)) - - utils.ensure(max_length < 32, "At least one proof is too large") - - maxMN = 1 << max_length - logN = 6 - N = 1 << logN - tmp = _ensure_dst_key() - - # setup weighted aggregates - is_single = len(proofs) == 1 and single_optim # ph4 - z1 = _init_key(_ZERO) - z3 = _init_key(_ZERO) - m_z4 = _vector_dup(_ZERO, maxMN) if not is_single else None - m_z5 = _vector_dup(_ZERO, maxMN) if not is_single else None - m_y0 = _init_key(_ZERO) - y1 = _init_key(_ZERO) - muex_acc = _init_key(_ONE) - - Gprec = self._gprec_aux(maxMN) - Hprec = self._hprec_aux(maxMN) - - for proof in proofs: - M = 1 - logM = 0 - while M <= _BP_M and M < len(proof.V): - logM += 1 - M = 1 << logM - - utils.ensure(len(proof.L) == 6 + logM, "Proof is not the expected size") - MN = M * N - weight_y = crypto_helpers.encodeint(crypto.random_scalar()) - weight_z = crypto_helpers.encodeint(crypto.random_scalar()) - - # Reconstruct the challenges - hash_cache = _hash_vct_to_scalar(None, proof.V) - y = _hash_cache_mash(None, hash_cache, proof.A, proof.S) - utils.ensure(y != _ZERO, "y == 0") - z = _hash_to_scalar(None, y) - _copy_key(hash_cache, z) - utils.ensure(z != _ZERO, "z == 0") - - x = _hash_cache_mash(None, hash_cache, z, proof.T1, proof.T2) - utils.ensure(x != _ZERO, "x == 0") - x_ip = _hash_cache_mash(None, hash_cache, x, proof.taux, proof.mu, proof.t) - utils.ensure(x_ip != _ZERO, "x_ip == 0") - - # PAPER LINE 61 - _sc_mulsub(m_y0, proof.taux, weight_y, m_y0) - zpow = _vector_powers(z, M + 3) - - k = _ensure_dst_key() - ip1y = _vector_power_sum(y, MN) - _sc_mulsub(k, zpow.to(2), ip1y, _ZERO) - for j in range(1, M + 1): - utils.ensure(j + 2 < len(zpow), "invalid zpow index") - _sc_mulsub(k, zpow.to(j + 2), _BP_IP12, k) - - # VERIFY_line_61rl_new - _sc_muladd(tmp, z, ip1y, k) - _sc_sub(tmp, proof.t, tmp) - - _sc_muladd(y1, tmp, weight_y, y1) - weight_y8 = _init_key(weight_y) - _sc_mul(weight_y8, weight_y, _EIGHT) - - muex = MultiExpSequential(points=[pt for pt in proof.V]) - for j in range(len(proof.V)): - _sc_mul(tmp, zpow.to(j + 2), weight_y8) - muex.add_scalar(_init_key(tmp)) - - _sc_mul(tmp, x, weight_y8) - muex.add_pair(_init_key(tmp), proof.T1) - - xsq = _ensure_dst_key() - _sc_mul(xsq, x, x) - - _sc_mul(tmp, xsq, weight_y8) - muex.add_pair(_init_key(tmp), proof.T2) - - weight_z8 = _init_key(weight_z) - _sc_mul(weight_z8, weight_z, _EIGHT) - - muex.add_pair(weight_z8, proof.A) - _sc_mul(tmp, x, weight_z8) - muex.add_pair(_init_key(tmp), proof.S) - - _multiexp(tmp, muex) - _add_keys(muex_acc, muex_acc, tmp) - del muex - - # Compute the number of rounds for the inner product - rounds = logM + logN - utils.ensure(rounds > 0, "Zero rounds") - - # PAPER LINES 21-22 - # The inner product challenges are computed per round - w = _ensure_dst_keyvect(None, rounds) - for i in range(rounds): - _hash_cache_mash(_tmp_bf_0, hash_cache, proof.L[i], proof.R[i]) - w.read(i, _tmp_bf_0) - utils.ensure(w.to(i) != _ZERO, "w[i] == 0") - - # Basically PAPER LINES 24-25 - # Compute the curvepoints from G[i] and H[i] - yinvpow = _init_key(_ONE) - ypow = _init_key(_ONE) - yinv = _invert(None, y) - self.gc(61) - - winv = _ensure_dst_keyvect(None, rounds) - for i in range(rounds): - _invert(_tmp_bf_0, w.to(i)) - winv.read(i, _tmp_bf_0) - self.gc(62) - - g_scalar = _ensure_dst_key() - h_scalar = _ensure_dst_key() - twoN = self._two_aux(N) - for i in range(MN): - _copy_key(g_scalar, proof.a) - _sc_mul(h_scalar, proof.b, yinvpow) - - for j in range(rounds - 1, -1, -1): - J = len(w) - j - 1 - - if (i & (1 << j)) == 0: - _sc_mul(g_scalar, g_scalar, winv.to(J)) - _sc_mul(h_scalar, h_scalar, w.to(J)) - else: - _sc_mul(g_scalar, g_scalar, w.to(J)) - _sc_mul(h_scalar, h_scalar, winv.to(J)) - - # Adjust the scalars using the exponents from PAPER LINE 62 - _sc_add(g_scalar, g_scalar, z) - utils.ensure(2 + i // N < len(zpow), "invalid zpow index") - utils.ensure(i % N < len(twoN), "invalid twoN index") - _sc_mul(tmp, zpow.to(2 + i // N), twoN.to(i % N)) - _sc_muladd(tmp, z, ypow, tmp) - _sc_mulsub(h_scalar, tmp, yinvpow, h_scalar) - - if not is_single: # ph4 - assert m_z4 is not None and m_z5 is not None - m_z4.read(i, _sc_mulsub(_tmp_bf_0, g_scalar, weight_z, m_z4[i])) - m_z5.read(i, _sc_mulsub(_tmp_bf_0, h_scalar, weight_z, m_z5[i])) - else: - _sc_mul(tmp, g_scalar, weight_z) - _sub_keys( - muex_acc, muex_acc, _scalarmult_key(tmp, Gprec.to(i), tmp) - ) - - _sc_mul(tmp, h_scalar, weight_z) - _sub_keys( - muex_acc, muex_acc, _scalarmult_key(tmp, Hprec.to(i), tmp) - ) - - if i != MN - 1: - _sc_mul(yinvpow, yinvpow, yinv) - _sc_mul(ypow, ypow, y) - if i & 15 == 0: - self.gc(62) - - del (g_scalar, h_scalar, twoN) - self.gc(63) - - _sc_muladd(z1, proof.mu, weight_z, z1) - muex = MultiExpSequential( - point_fnc=lambda i, d: proof.L[i // 2] - if i & 1 == 0 - else proof.R[i // 2] - ) - for i in range(rounds): - _sc_mul(tmp, w.to(i), w.to(i)) - _sc_mul(tmp, tmp, weight_z8) - muex.add_scalar(tmp) - _sc_mul(tmp, winv.to(i), winv.to(i)) - _sc_mul(tmp, tmp, weight_z8) - muex.add_scalar(tmp) - - acc = _multiexp(None, muex) - _add_keys(muex_acc, muex_acc, acc) - - _sc_mulsub(tmp, proof.a, proof.b, proof.t) - _sc_mul(tmp, tmp, x_ip) - _sc_muladd(z3, tmp, weight_z, z3) - - _sc_sub(tmp, m_y0, z1) - z3p = _sc_sub(None, z3, y1) - - check2 = crypto_helpers.encodepoint( - crypto.ge25519_double_scalarmult_vartime_into( - None, - crypto.xmr_H(), - crypto_helpers.decodeint(z3p), - crypto_helpers.decodeint(tmp), - ) - ) - _add_keys(muex_acc, muex_acc, check2) - - if not is_single: # ph4 - assert m_z4 is not None and m_z5 is not None - muex = MultiExpSequential( - point_fnc=lambda i, d: Gprec.to(i // 2) - if i & 1 == 0 - else Hprec.to(i // 2) - ) - for i in range(maxMN): - muex.add_scalar(m_z4[i]) - muex.add_scalar(m_z5[i]) - _add_keys(muex_acc, muex_acc, _multiexp(None, muex)) - - if muex_acc != _ONE: - raise ValueError("Verification failure at step 2") - return True - - def _compute_LR( size: int, y: bytearray, @@ -2341,10 +1364,10 @@ class BulletProofPlusBuilder: def __init__(self, save_mem=True) -> None: self.save_mem = save_mem - # BP_GI_PRE = _get_exponent_plus(Gi[i], _XMR_H, i * 2 + 1) + # BP_PLUS_GI_PRE = _get_exponent_plus(Gi[i], _XMR_H, i * 2 + 1) self.Gprec = KeyV(buffer=crypto.BP_PLUS_GI_PRE, const=True) - # BP_HI_PRE = None #_get_exponent_plus(Hi[i], _XMR_H, i * 2) + # BP_PLUS_HI_PRE = None #_get_exponent_plus(Hi[i], _XMR_H, i * 2) self.Hprec = KeyV(buffer=crypto.BP_PLUS_HI_PRE, const=True) # aL, aR amount bitmasks, can be freed once not needed diff --git a/core/src/apps/monero/xmr/mlsag_hasher.py b/core/src/apps/monero/xmr/mlsag_hasher.py index 99cf2aed26..f5441b863a 100644 --- a/core/src/apps/monero/xmr/mlsag_hasher.py +++ b/core/src/apps/monero/xmr/mlsag_hasher.py @@ -5,7 +5,7 @@ from apps.monero.xmr.keccak_hasher import KeccakXmrArchive if TYPE_CHECKING: from trezor.utils import HashContext - from .serialize_messages.tx_rsig_bulletproof import Bulletproof, BulletproofPlus + from .serialize_messages.tx_rsig_bulletproof import BulletproofPlus class PreMlsagHasher: @@ -57,7 +57,7 @@ class PreMlsagHasher: self.rtcsig_hasher = None # type: ignore def rsig_val( - self, p: bytes | list[bytes] | Bulletproof | BulletproofPlus, raw: bool = False + self, p: bytes | list[bytes] | BulletproofPlus, raw: bool = False ) -> None: if self.state == 8: raise ValueError("State error") @@ -75,17 +75,8 @@ class PreMlsagHasher: self.rsig_hasher.update(p) return - from .serialize_messages.tx_rsig_bulletproof import Bulletproof, BulletproofPlus - - is_plus = isinstance(p, BulletproofPlus) - assert isinstance(p, Bulletproof) or is_plus - # Hash Bulletproof - fields = ( - (p.A, p.A1, p.B, p.r1, p.s1, p.d1) - if is_plus - else (p.A, p.S, p.T1, p.T2, p.taux, p.mu) - ) + fields = (p.A, p.A1, p.B, p.r1, p.s1, p.d1) for fld in fields: self.rsig_hasher.update(fld) @@ -95,11 +86,6 @@ class PreMlsagHasher: for i in range(len(p.R)): self.rsig_hasher.update(p.R[i]) - if not is_plus: - self.rsig_hasher.update(p.a) - self.rsig_hasher.update(p.b) - self.rsig_hasher.update(p.t) - def get_digest(self) -> bytes: if self.state != 6: raise ValueError("State error") diff --git a/core/src/apps/monero/xmr/range_signatures.py b/core/src/apps/monero/xmr/range_signatures.py index 9b7247c785..669626b0c9 100644 --- a/core/src/apps/monero/xmr/range_signatures.py +++ b/core/src/apps/monero/xmr/range_signatures.py @@ -15,18 +15,17 @@ from apps.monero.xmr import crypto, crypto_helpers if TYPE_CHECKING: from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import ( - Bulletproof, BulletproofPlus, ) def prove_range_bp_batch( - amounts: list[int], masks: list[crypto.Scalar], bp_plus: bool = False -) -> Bulletproof | BulletproofPlus: + amounts: list[int], masks: list[crypto.Scalar] +) -> BulletproofPlus: """Calculates Bulletproof in batches""" from apps.monero.xmr import bulletproof as bp - bpi = bp.BulletProofPlusBuilder() if bp_plus else bp.BulletProofBuilder() + bpi = bp.BulletProofPlusBuilder() bp_proof = bpi.prove_batch([crypto.Scalar(a) for a in amounts], masks) del (bpi, bp) gc.collect() @@ -35,7 +34,7 @@ def prove_range_bp_batch( def verify_bp( - bp_proof: Bulletproof | BulletproofPlus, + bp_proof: BulletproofPlus, amounts: list[int], masks: list[crypto.Scalar], ) -> bool: @@ -51,11 +50,8 @@ def verify_bp( from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import BulletproofPlus - bpi = ( - bp.BulletProofPlusBuilder() - if isinstance(bp_proof, BulletproofPlus) - else bp.BulletProofBuilder() - ) + assert isinstance(bp_proof, BulletproofPlus) + bpi = bp.BulletProofPlusBuilder() res = bpi.verify(bp_proof) gc.collect() return res diff --git a/core/src/apps/monero/xmr/serialize_messages/tx_rsig_bulletproof.py b/core/src/apps/monero/xmr/serialize_messages/tx_rsig_bulletproof.py index bce3609226..3b90db60d2 100644 --- a/core/src/apps/monero/xmr/serialize_messages/tx_rsig_bulletproof.py +++ b/core/src/apps/monero/xmr/serialize_messages/tx_rsig_bulletproof.py @@ -13,26 +13,6 @@ class _KeyV(ContainerType): ELEM_TYPE: XmrType[bytes] = ECKey -class Bulletproof(MessageType): - __slots__ = ("A", "S", "T1", "T2", "taux", "mu", "L", "R", "a", "b", "t", "V") - - @classmethod - def f_specs(cls) -> tuple: - return ( - ("A", ECKey), - ("S", ECKey), - ("T1", ECKey), - ("T2", ECKey), - ("taux", ECKey), - ("mu", ECKey), - ("L", _KeyV), - ("R", _KeyV), - ("a", ECKey), - ("b", ECKey), - ("t", ECKey), - ) - - class BulletproofPlus(MessageType): __slots__ = ("A", "A1", "B", "r1", "s1", "d1", "V", "L", "R") diff --git a/core/tests/run_tests_device_emu_monero.sh b/core/tests/run_tests_device_emu_monero.sh index c491dfffb8..f48ad09464 100755 --- a/core/tests/run_tests_device_emu_monero.sh +++ b/core/tests/run_tests_device_emu_monero.sh @@ -41,7 +41,7 @@ fi echo "Running tests" TIME_TESTS_START=$SECONDS if [[ "$OSTYPE" == "linux-gnu" && "$FORCE_DOCKER_USE" != 1 ]]; then - "$TREZOR_MONERO_TESTS_PATH" --heavy_tests --chain=$TREZOR_MONERO_TESTS_CHAIN $@ 2>&1 > "$TREZOR_MONERO_TESTS_LOG" + TEST_MAX_HF=15 TEST_MIN_HF=15 "$TREZOR_MONERO_TESTS_PATH" --heavy_tests --chain=$TREZOR_MONERO_TESTS_CHAIN $@ 2>&1 > "$TREZOR_MONERO_TESTS_LOG" error=$? elif [[ "$OSTYPE" == "darwin"* || "$FORCE_DOCKER_USE" == 1 ]]; then @@ -50,7 +50,7 @@ elif [[ "$OSTYPE" == "darwin"* || "$FORCE_DOCKER_USE" == 1 ]]; then docker exec $DOCKER_ID apt-get install --no-install-recommends --no-upgrade -qq net-tools socat 2>/dev/null >/dev/null docker exec -d $DOCKER_ID socat UDP-LISTEN:21324,reuseaddr,reuseport,fork UDP4-SENDTO:host.docker.internal:21324 docker exec -d $DOCKER_ID socat UDP-LISTEN:21325,reuseaddr,reuseport,fork UDP4-SENDTO:host.docker.internal:21325 - docker exec $DOCKER_ID "$TREZOR_MONERO_TESTS_PATH" 2>&1 > "$TREZOR_MONERO_TESTS_LOG" + docker exec -e TEST_MAX_HF=15 -e TEST_MIN_HF=15 $DOCKER_ID - "$TREZOR_MONERO_TESTS_PATH" 2>&1 > "$TREZOR_MONERO_TESTS_LOG" error=$? else diff --git a/core/tests/test_apps.monero.bulletproof.py b/core/tests/test_apps.monero.bulletproof.py index 8627ba577d..9185900053 100644 --- a/core/tests/test_apps.monero.bulletproof.py +++ b/core/tests/test_apps.monero.bulletproof.py @@ -1,8 +1,8 @@ from common import * if not utils.BITCOIN_ONLY: - from apps.monero.xmr import bulletproof as bp, crypto, monero - from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import Bulletproof, BulletproofPlus + from apps.monero.xmr import bulletproof as bp, crypto + from apps.monero.xmr.serialize_messages.tx_rsig_bulletproof import BulletproofPlus @unittest.skipUnless(not utils.BITCOIN_ONLY, "altcoin") @@ -142,271 +142,7 @@ class TestMoneroBulletproof(unittest.TestCase): self.assertEqual(b65, b65_2) self.assertEqual(b128, b128_2) - def mask_consistency_check(self, bpi): - sv = [crypto.Scalar(123)] - gamma = [crypto.Scalar(432)] - - bpi.prove_setup(sv, gamma) - x = bp._ensure_dst_key() - y = bp._ensure_dst_key() - - sL = bpi.sL_vct(64) - sR = bpi.sR_vct(64) - - self.assertEqual(sL.to(0, x), sL.to(0, y)) - self.assertEqual(sL.to(1, x), sL.to(1, y)) - self.assertEqual(sL.to(63, x), sL.to(63, y)) - self.assertNotEqual(sL.to(1, x), sL.to(0, y)) - self.assertNotEqual(sL.to(10, x), sL.to(0, y)) - - self.assertEqual(sR.to(0, x), sR.to(0, y)) - self.assertEqual(sR.to(1, x), sR.to(1, y)) - self.assertEqual(sR.to(63, x), sR.to(63, y)) - self.assertNotEqual(sR.to(1, x), sR.to(0, y)) - - self.assertNotEqual(sL.to(0, x), sR.to(0, y)) - self.assertNotEqual(sL.to(1, x), sR.to(1, y)) - self.assertNotEqual(sL.to(63, x), sR.to(63, y)) - - ve1 = bp._ensure_dst_key() - ve2 = bp._ensure_dst_key() - bpi.vector_exponent(bpi.aL, bpi.aR, ve1) - bpi.vector_exponent(bpi.aL, bpi.aR, ve2) - - bpi.vector_exponent(sL, sR, ve1) - bpi.vector_exponent(sL, sR, ve2) - self.assertEqual(ve1, ve2) - # fmt: off - def bproof_1(self): - return Bulletproof( - V=[ - unhexlify(b"3c705e1da4bbe43a0535a5ad3a8e6c148fb8c1a4118ba6b65412b2fe6511b261"), - ], - A=unhexlify(b"7372db75c0d9d409524924fff5dd13e867eb4c5789f3f5cc6ef860be68d5e4e5"), - S=unhexlify(b"be8f2d87ace0a528056d567881e74f44817a811e110cdb3890376262a2084ab3"), - T1=unhexlify(b"8dfc541c379efbe6000bb2339c3a52288ffa4300fcc0f0f0de777e54b5488160"), - T2=unhexlify(b"cf7d046c86c33bea6c5167bb6482c0a31332989dc9493eacc04a07deb6536953"), - taux=unhexlify(b"abaaf209cc9a800d933d51bb398b81ee7284efc9c92727066a640fdccc954009"), - mu=unhexlify(b"ec743e23abb555dca26164a86614306f117a733fcd395eb8675411cd31915608"), - L=[unhexlify(b"0ee1acc28126656eaf0934314a97e1cf2232a13f5636d319a233cedd58b2882f"), - unhexlify(b"cc3d2ec5635de569343bea37fc46a93413ae66bf803a4333f427f79f341d1696"), - unhexlify(b"518c80669bed0960fd03e802a9e837e1aa4a4910bb5853067447d7d22eaca325"), - unhexlify(b"251a586e8e79a5d767b89931e012acdae317c13c434a6f5f121e44b3b59240b2"), - unhexlify(b"09b41426e6c9808f6a58ded987cc39936f703f136b50493dd1c92c9b1ec4e7fc"), - unhexlify(b"984d1369c3c7f2687eebca26395576810c66623408958efde4f36b0bb63a2475"), - ], - R=[unhexlify(b"31768a0465315ff0dd1ea2228ae8c34d1474e873a863362feab7b050f29a211a"), - unhexlify(b"27d1b2533ed78d3dacc396afa50fa533cffc5d1563b679a4049a482436718d3c"), - unhexlify(b"a49388b042c8a4c6526054661fac1706cf450181ec1f9eed005b283614ec7f95"), - unhexlify(b"3f053243fe16f8fd302395c125ffedd93831829b13abbb195bf69fc139069de9"), - unhexlify(b"5a32d7f7132043d1f0cc8cd88cce94e5241337ed616c35a1d753436b2d1c4a93"), - unhexlify(b"bbd7f9b3031cf41b613a9ee726de9693457238b4be6317083d278e00717f8c14"), - ], - a=unhexlify(b"83d8d128f35aa02fc063792df9f4e9de0d4e58b8c6e7c449a672d6e4286ee309"), - b=unhexlify(b"741d679f1dfe749f7d1ede687f8dd48f7fd3b5a52a5e6a453488d5e25b3fff0e"), - t=unhexlify(b"88331e9fd7573135016629f337240225f9c0a5b70bad4157ad60d4260feb2b03") - ) - - def bproof_2(self): - return Bulletproof( - V=[ - unhexlify(b"3c705e1da4bbe43a0535a5ad3a8e6c148fb8c1a4118ba6b65412b2fe6511b261"), - unhexlify(b"de5b617501a37ff257e05b0cf93041253fdb85126549640891f7471d4ede167c"), - ], - A=unhexlify(b"447843c57f05fc8d68c5fdc96fe09d3599aacfe9b25e403d67482fdbe8ffbdbb"), - S=unhexlify(b"105b0186d1ec9a8e17e3f6f7909317458681275f888f6ac8a891ec3b5d51dfd5"), - T1=unhexlify(b"552c8f7b1e382842feb79b982738350b0d7aeed850ac06bc86ca7c99e43fbfcc"), - T2=unhexlify(b"2947b12ecc6c1667b0f0233ec1290893c992f655351edfd1ca877f8bcc070fc0"), - taux=unhexlify(b"8cceaccd9626c55166e8892fa6a7e200f9db27e3b46619f6c84e20b3c7ab200c"), - mu=unhexlify(b"c08a546e487b0c19e1e125c5dda6032bf198fe296d0dff52d58d091737a97b03"), - L=[unhexlify(b"4c5f56522c1e239ccc7edd45b6cc03c7ea46c3d521953bf529989f9d5935a01d"), - unhexlify(b"ba764db54e1ed9472df5d1527badd51be2a0223695a136d2114be631d135e1a9"), - unhexlify(b"7fecaae48171615c9f282c146ade72befc0f88c402a178be133b5f51afd3dbfc"), - unhexlify(b"3c66bbea3376133d8c571fced01b98ce96326fe233f311b4faf77564598d2021"), - unhexlify(b"1179c7e24a6d7655bff0b5017ccb85b21f39822c6d845cb1894737a33030e17a"), - unhexlify(b"461a200a1b5a7194c021faac7cda64a80388cea2ca26330ca06179aab409d6b1"), - unhexlify(b"5e5c377a648ac4d5c900a1ea527a9358083aa1c7777085c3ef81d0316ed16b47"), - ], - R=[unhexlify(b"110ea38dd587c1f53a8211198cd033a982d173c4d1cdbb0873685a37c7126cb5"), - unhexlify(b"960d6ef5dd857bb48148b4fb6927468d02f2a6474d535fd571b61c2c9b2b5613"), - unhexlify(b"dd6454b5e029fe4ff8f9647be237a68d0de9457e742df9dafe6e20c1f6ead444"), - unhexlify(b"ba9e3d1d9758184679283ee611144ed31d242700af13ac543bf5901472686d1a"), - unhexlify(b"05db7c85b62d95dd74f56fab6e3eee3b72b01514640601200770869616b123d1"), - unhexlify(b"b8b037b10f5647e79c7c5e7f735a554c8fb656037b304bd94383b769095bc17a"), - unhexlify(b"43f4bd0bc55b60c73ab73bb5c3f9376165f815364dc97ae62de2447e0b428632"), - ], - a=unhexlify(b"0f7696d2b23cfd84f9b62ce906458580db6fe73aaba1682e0e17e4cb9dae1b02"), - b=unhexlify(b"76541c70a127d08110a4bc09e6c6c6a0104956d089bcc0699f32dc5fde20ff03"), - t=unhexlify(b"66b4498e8980dafea640ce36c763367aba1b415c2d469b564c96d718ff009d0a") - ) - - def bproof_2_invalid(self): - return Bulletproof( - V=[ - unhexlify(b"3c705e1da4bbe43a0535a5ad3a8e6c148fb8c1a4118ba6b65412b2fe6511b261"), - unhexlify(b"de5b617501a37ff257e05b0cf93041253fdb85126549640891f7471d4ede167c"), - ], - A=unhexlify(b"447843c57f05fc8d68c5fdc96fe09d3599aacfe9b25e403d67482fdbe8ffbdbb"), - S=unhexlify(b"005b0186d1ec9a8e17e3f6f7909317458681275f888f6ac8a891ec3b5d51dfd5"), - T1=unhexlify(b"552c8f7b1e382842feb79b982738350b0d7aeed850ac06bc86ca7c99e43fbfcc"), - T2=unhexlify(b"2947b12ecc6c1667b0f0233ec1290893c992f655351edfd1ca877f8bcc070fc0"), - taux=unhexlify(b"8cceaccd9626c55166e8892fa6a7e200f9db27e3b46619f6c84e20b3c7ab200c"), - mu=unhexlify(b"c08a546e487b0c19e1e125c5dda6032bf198fe296d0dff52d58d091737a97b03"), - L=[unhexlify(b"4c5f56522c1e239ccc7edd45b6cc03c7ea46c3d521953bf529989f9d5935a01d"), - unhexlify(b"ba764db54e1ed9472df5d1527badd51be2a0223695a136d2114be631d135e1a9"), - unhexlify(b"7fecaae48171615c9f282c146ade72befc0f88c402a178be133b5f51afd3dbfc"), - unhexlify(b"3c66bbea3376133d8c571fced01b98ce96326fe233f311b4faf77564598d2021"), - unhexlify(b"1179c7e24a6d7655bff0b5017ccb85b21f39822c6d845cb1894737a33030e17a"), - unhexlify(b"461a200a1b5a7194c021faac7cda64a80388cea2ca26330ca06179aab409d6b1"), - unhexlify(b"5e5c377a648ac4d5c900a1ea527a9358083aa1c7777085c3ef81d0316ed16b47"), - ], - R=[unhexlify(b"110ea38dd587c1f53a8211198cd033a982d173c4d1cdbb0873685a37c7126cb5"), - unhexlify(b"960d6ef5dd857bb48148b4fb6927468d02f2a6474d535fd571b61c2c9b2b5613"), - unhexlify(b"dd6454b5e029fe4ff8f9647be237a68d0de9457e742df9dafe6e20c1f6ead444"), - unhexlify(b"ba9e3d1d9758184679283ee611144ed31d242700af13ac543bf5901472686d1a"), - unhexlify(b"05db7c85b62d95dd74f56fab6e3eee3b72b01514640601200770869616b123d1"), - unhexlify(b"b8b037b10f5647e79c7c5e7f735a554c8fb656037b304bd94383b769095bc17a"), - unhexlify(b"43f4bd0bc55b60c73ab73bb5c3f9376165f815364dc97ae62de2447e0b428632"), - ], - a=unhexlify(b"0f7696d2b23cfd84f9b62ce906458580db6fe73aaba1682e0e17e4cb9dae1b02"), - b=unhexlify(b"76541c70a127d08110a4bc09e6c6c6a0104956d089bcc0699f32dc5fde20ff03"), - t=unhexlify(b"66b4498e8980dafea640ce36c763367aba1b415c2d469b564c96d718ff009d0a") - ) - - def bproof_4(self): - return Bulletproof( - V=[ - unhexlify(b"8bb0da134d14ad399af3b3ab476afbf3a9ad39c610d770ad86be8f8fcf4d5334"), - unhexlify(b"5321769a89359b519df85e8aaf9d310920641a09796b1c07917c505dfea3c638"), - unhexlify(b"4b7dfc193c8e717f66f8811aa30ed5aa27cde9f5b64826346c96040be6311256"), - unhexlify(b"e3a5474501cef576428521ab71c17676477ea75ca2de0f1950cc62a91831bb4b"), - ], - A=unhexlify(b"d5be7a928f686ac09eaa8d18c3329e587d6e8e8cc9a35f50a747a128c94da69a"), - S=unhexlify(b"35654816c07d7537e1091bbe5768eb5733c986b642aad9e1ecf8e2d9dca5894e"), - T1=unhexlify(b"b0fcf5c8e6b23bbcbbc7e31776ba08166b01a3fb22930f871c5afae01c5bfa30"), - T2=unhexlify(b"a918af0bfb87b142ef86ef4cebff56e7ff372ac554f5bb50e11ef9cf730eb984"), - taux=unhexlify(b"f8596b4f35387c2b7bbda10bc668f4233c1c34ec9ab702e5064476182de38405"), - mu=unhexlify(b"5ebde106b2c6096808e359dddaec2d9e0dc558a38f9958fabb60dd90ba3a1701"), - L=[unhexlify(b"a98b5961c6988f9a31a9fd982e5e992f0c899edf91ba09d87f254eff45e20c88"), - unhexlify(b"81e161c3b3573fcf8f5e365a01b2882b1dbacc1dbf273eba984eb8ae575794e6"), - unhexlify(b"0b3c65d81b2d0384aa2d3ec128e880b2385f6c7de942a5f906d84d930f458798"), - unhexlify(b"38fc712591ca80d106e0d207a9342d7fea1be529909de7aeb3df1e6e805520f5"), - unhexlify(b"8cc71b0aa59c67f1f9c3f0f6f64e8feb3622406a45f9575cd96697fdfce98ba8"), - unhexlify(b"8456936b65204ec32bc5e378485d6d7931581cf9f5d734c5af34a3dde67de785"), - unhexlify(b"4fca68547aea92ab546e33d43151821b94c153cc045388a4b409276c8c52110b"), - unhexlify(b"197f85a00316bee804a89f215b91edb5e259e92b002bf7a410174fc8b5987e6c"), - ], - R=[unhexlify(b"02a06fa825460b77fb3bdc6724da7849b81ecd98602cd666720235319133673a"), - unhexlify(b"bc633534483f4e6a86133281d6d841c81d75e3305785463d55b1991c2e2d5492"), - unhexlify(b"c816c4d05b92288d0d6431513bfbcbdefd15e39cfc665ea6445ebb8903811931"), - unhexlify(b"27def4cc98f1c7c43aed78968aacc3fb06394ebf305de4495998cd3e6cbb515a"), - unhexlify(b"9a54fba6a21aafc95c3e80639558b6608257e3289dc005855b37245f6f5a0d85"), - unhexlify(b"495dd5d57df30aff8be48f538142c2c50d04675953286dbd82095cb7e9ec45f7"), - unhexlify(b"d504b4927875bf39651c4593a4dc27d78a14ff0ddc46b056c0bcd1d6ab5dce90"), - unhexlify(b"80a87eb25f02539fbb44649c477ce0044e7ec8e99410d16242796aad168f6731"), - ], - a=unhexlify(b"ae3789e27324e3d4ecc48993b83052a8843fdcc67e1e4d30221e2dba4dd3c205"), - b=unhexlify(b"4206e54ee16aaba98c43ab34ce7b094c05bc1d5c89c2cfc15436346f808fc305"), - t=unhexlify(b"91ac52bd644dd0cf47064c340a0fb7e87f66eee3f9286af0f75a910260f46406") - ) - - def bproof_8(self): - return Bulletproof( - V=[ - unhexlify(b"8968230f6104ecadab81a61b71d7e5d35b62fb5e983ef0fa143f399e1b455556"), - unhexlify(b"3ad4c8fc2476f239767b2c98b8adbd613e1d48290577ac2f060e5eae4578bc07"), - unhexlify(b"5bfa33de351ec800057b9a94009cbe3c4b2207f8518adf338db39a4a541f99fb"), - unhexlify(b"65ad56ed1e1253f3f6d912e46ce76a59f1e0ce76133e94c6fcff06aa8e57847f"), - unhexlify(b"0b6c65c33a06a5fe402c735c5e58981e9cc5ed6d7020df746d828b203566010f"), - unhexlify(b"eb01d17406d4b71b5b01358c3a8187da02de64cd6a18dcaaff107e1c0310283b"), - unhexlify(b"5826183d16cc353b8b07778354b4d5e4bec71c9c915b8db4cd314e1a4fc8515c"), - unhexlify(b"cf980756a69c3535f9a52897e13cb3649211bc9870246b8456a55311b9d47b65"), - ], - A=unhexlify(b"9a8aa683d90464a9a02ab9d002bdaf04d306c271285caa916d0275bfed5786a8"), - S=unhexlify(b"6eee7bf4b3b9fd00b0018c4a95d9e0dbdf4a4d8d68891c212a99ae040fad12db"), - T1=unhexlify(b"d8b154556661544b0967529ddbb1650d8e82f6c43a2698f4191e36f815c44106"), - T2=unhexlify(b"21a987b97cebcc51116dcdffc0576a8d727970bc5e075d4c885c9612ec53f01a"), - taux=unhexlify(b"3f7b2ea15183fed911215d05d839907d057f324c01e630bb66dfb7f2e939f601"), - mu=unhexlify(b"86440d5b853a4d39b43a05346535f6c62d434d3543eda161c2415f8a62387403"), - L=[unhexlify(b"110ddcd1c72e576fa2a7388a31e5632779a15394a8f82c6db4a16aa12ee8c673"), - unhexlify(b"0013e290ca6453f4327d79a010d7158588e4df5da07e64913ec460ebf1992729"), - unhexlify(b"1f4af7b9e76c84fdd28ed1419f9b7d90f42c87399f8aca81b52dcf4f22dcf4db"), - unhexlify(b"2e05fcc9835dac5e6a3124068726fdcfab49e6c5215dcb0d6ccf55befacbcc10"), - unhexlify(b"0a8564bb2c7938382541e2f51996eb0d8c9a944a1c4c7abba51938fd3a2498b1"), - unhexlify(b"a3b02cdbe3af1bb9f5961cdee787b1a55ce1e083cd4377543e7c11b3aa3a4789"), - unhexlify(b"1d3301fe9b7438dcced3ca052a364aa442b1abe189f4013003e7ec8245331e5a"), - unhexlify(b"31a0387da1091c18618ffc85ae1c84774ddd3885e6f9a525e108dab92333151a"), - unhexlify(b"550e00179778a332d960438d443caab60b571c878787c3dc90a056cb102c47bb"), - ], - R=[unhexlify(b"b8d336c3521a854856bd1f78d8c7566f4cfe1441af74f38562bca947d98ab884"), - unhexlify(b"b5514c68e2765ee4c39af1c65360a42f76e2538cea04de97e4e5cfb159fa46bc"), - unhexlify(b"9f41d7fa770cae09b83600a5852ed36ef3418ec9bca566881046db6ceddaa87a"), - unhexlify(b"b9dfcd2f889ccff138b98e84aad4cbbcb1723db0722950b421f0c7f7ca550312"), - unhexlify(b"6fdcc16d2f6c202a2c386eb7d3b61dad86b8fe7d2c4d87c73a87fd87fa931828"), - unhexlify(b"90aa28db8b75a86c7a867ae8323b5e327086047fe88131230c874fcae818a711"), - unhexlify(b"398bfe592022ec1c801e13bd35577d563faa727d37f37daea5977c8abe584d69"), - unhexlify(b"7dd85aff7c63f98b65384e0439407db98df9428f0375b7d7581291e519b097ec"), - unhexlify(b"27a37d34a9f0fc5e1b7f20256a2b59b19954b52ae39f29870731750dab52bb1f"), - ], - a=unhexlify(b"de7d5bebe81a3ca0cb151e187e078ce98e7c19cc3f4ba448c2ccadee969a0f0a"), - b=unhexlify(b"f8f88ee64bc03c68fa40d855f96b3d9f0cf16e3035aef3a129f76c89196b7207"), - t=unhexlify(b"e9f0f74b2efcff21ac16c842e27b79d6615a31873be399d38e257a85bcc7c00b") - ) - - def bproof_16(self): - return Bulletproof( - V=[ - unhexlify(b"fcb9064e19894c5703f49d515ab0e6e98c87f9ec4230f0b898bc22061bb8d39f"), - unhexlify(b"507ff564c127cc2beb83c9a539408ffd2ec5f648dda711724bba1a8b79d66e32"), - unhexlify(b"dbd4de0ef0184378c483b9e821a6da2d80ed24d0c7444104efa4bbc710ed14ef"), - unhexlify(b"8baeb7c9d69946547a8f73cdb0e6fae3134fe5e1734e8bbefe8bb452da1ae59e"), - unhexlify(b"7f28196a49a4130b68b5589df47d9a2a08dc27518809016a3753ab2db4d8c453"), - unhexlify(b"708ad84f91f702dbcdeee179f7e94328314190935ada0f85eddd5db35d631c8c"), - unhexlify(b"3925935ecd1d2bb5fda9a15a822db8128c045b1b9fa017f4913231289329ff41"), - unhexlify(b"d75438e7d308bb758e68d6af7d80087755dcffc0a47255ce17c2f653501997ef"), - unhexlify(b"dd24a43fc1c31240c7d64248bd100e4ed7cefd9bd80ac05471ce947a71176de6"), - unhexlify(b"c0011f8ae31c76f3658eb971bb520cac0d051fee4e5cf3ba833d55e093643f08"), - unhexlify(b"c7b7edc4c584a1cc41b079550ce9e6ff7bc781b52d16c0c4b667988f422d66a8"), - unhexlify(b"483d8df224106bbb6f45f50becbc70b55bbcbd262c0447a42d16f62ad57c057d"), - unhexlify(b"9af16713061f6a43112092a3221a07ab7dd377145dc705611ad03f7cc407626a"), - unhexlify(b"74b066e1866043d736bde08a790879e5387838e793fbdfb1e05d11404ad4c08f"), - unhexlify(b"add0f5a30bf8111541ce5ab176bebf77f0b470f5ccac57ec5fda1dd5da641dfd"), - unhexlify(b"d74989bc336a0557a027ad440683406273ca4d04d4138eac69107074ea7e18ed"), - ], - A=unhexlify(b"a66ce244c86883c8b8ef5ad8e38b3cb8db00306698813f9858edb226d294e52d"), - S=unhexlify(b"34be5df1324bd561fd94695eb4b6e084068f188039831ca81be0e77849b639a7"), - T1=unhexlify(b"6a86c12f2c1bd2c2c43193da1a1b4c13e8829c0583318977417a6e1144e3c1e9"), - T2=unhexlify(b"f16761fd77f03a3d74854fe33143e2b02274747f27c6a4b45973622a0d1cec73"), - taux=unhexlify(b"272decc39da7103cddfa0dc7ea4042ea313ab3f740c9234d060d35db04b9700b"), - mu=unhexlify(b"acaa00e33078217cc1ee795e2886b771dded4da964ea8db682b7c4a9039c4906"), - L=[unhexlify(b"f964f4a86362e788978371d38052e825e22e17e8e52a82a5b61cff4447516d1d"), - unhexlify(b"ea7d1b2e10fb0aa15b8bf4be7300c0619036a0846bc0ae4ef62eca61fd2545f3"), - unhexlify(b"d4cdfb68a899503f317edd6050da54e85a2979c7b145c10c76f69899a1dee450"), - unhexlify(b"9c56aadad7366addf6c7ea3e39bde810056dd59ee9a6020109c92e8939734583"), - unhexlify(b"56685894507fdbb994ff007f94ac16ad5b5d7e4cec2a2de6bbc0c0532b5cb190"), - unhexlify(b"023f99b43ae8509446f625241bf263052c141a49f02356ff65d9eeec287ecd05"), - unhexlify(b"eee0982bd28d2e85f0712d043879c00c1899de69ab1362cc0ac5369b3b17f32d"), - unhexlify(b"8d4f9f498d376fda7b06a5dd95be852b32b65d6e2e38363f3e805477e996eec4"), - unhexlify(b"e5d9ee5f8910b67c1cc02232e8bb018f0c39966f76b34aee2ce3441fd2737da2"), - unhexlify(b"620ab92c82b294a97815d06548a4ac669228d04551c24d174902db1cbb8f10aa"), - ], - R=[unhexlify(b"a7b55c962351bd40dffe898a5192a3f05a6a89a0e3e61d6a2c4af27640c9cafe"), - unhexlify(b"010a1259e188677332b3e3b60030f9b8fe57ff95d4ff4a3c110a147f26a0bf07"), - unhexlify(b"891a65627a950b55428d86e2face1543b3297ec5d13839d7de684d92a9c7626b"), - unhexlify(b"382e4354aad61f42223c9ff903aee83557716130bb159645ac48e8d27485feb9"), - unhexlify(b"e8cd6098fdf7fba0f03db32e0fd41b549bfeaf489bfccf72c391fba9d5046737"), - unhexlify(b"ed15099d4d39a73dc48a338246828c6ce60c8f68b648a0d205bf65b3d5a3623b"), - unhexlify(b"8d1deb97bbfb33bec7dda8f56428a588a92512ee41ebdcb7b2f7631fc45d1a12"), - unhexlify(b"35bd424cef108222b900b58078b90387a65c70f3fd1e1367dd827ee172f393fd"), - unhexlify(b"63ecb848be5fab31d355c976876abd892cdc9d0ebc90e90cd8dab46e7f417740"), - unhexlify(b"9189a79c56400ac08d8821d283d94f1f5ebebaf6f9660a62c995fccb192431d6"), - ], - a=unhexlify(b"e43b7890911f413e0d870f099961da40d8e053d9ddd21a56f7eb3308828dbc04"), - b=unhexlify(b"dfea0fe39d9a7c5497fd01e92fc7fa8b39cda75b340322f77e0cac15194aa007"), - t=unhexlify(b"0de43b393686af8dd0d89f4832a2995cda14e6288de9ecd2b4bf2fa39baba408") - ) - def bproof_plus_2(self): return BulletproofPlus( V=[ @@ -438,53 +174,46 @@ class TestMoneroBulletproof(unittest.TestCase): unhexlify(b"66e477bd93dabb184e2738829320bf8e60f6b4b476ca0fbc1013af28e8de34c1"), ], ) - # fmt: on - def test_masks(self): - bpi = bp.BulletProofBuilder() - self.mask_consistency_check(bpi) + def bproof_plus_2_invalid(self): + return BulletproofPlus( + V=[ + unhexlify(b"e0dae61095ac728a15d4d9754f1f9f956c22d4fa2deee2c0ff1def031b083e02"), + unhexlify(b"5b424ecb1f8ea02351d324296a34a0608ecc104610feaad06e6002f61992bfe1"), + ], + A=unhexlify(b"6ae6f16a6b01cf494fb2cf368573365293f76c624cfc11152d648479238e9309"), + A1=unhexlify(b"33ad318a44df6f14a945e6d051911ab9a24841457d15d62bd1436fb3edc8a193"), + B=unhexlify(b"5f56531cb8e78dbb3450f1d599a6d4c7f5e4c04ee3e7015643c19a528bcbb109"), - # Randomized masks - bpi.use_det_masks = False - self.mask_consistency_check(bpi) + r1=unhexlify(b"40ad8a9c6b3bdd95c7fb8605e50135050e64f1ce29d1c4b37b1271e658354500"), + s1=unhexlify(b"aed959c770499134aaa7e099f566dac56ee12959d797b62a3d8d1037b790b806"), + d1=unhexlify(b"395a1e8d3df8e90e716fdeaa493090782c8db922337d09a36b50c1f02cd8e100"), - def test_verify(self): - bpi = bp.BulletProofBuilder() - self.assertTrue(bpi.verify(self.bproof_1())) - self.assertTrue(bpi.verify(self.bproof_2())) - self.assertTrue(bpi.verify(self.bproof_4())) - - def test_prove(self): - bpi = bp.BulletProofBuilder() - val = crypto.Scalar(123) - mask = crypto.Scalar(432) - - bp_res = bpi.prove(val, mask) - bpi.verify(bp_res) - - def test_prove_2(self): - bpi = bp.BulletProofBuilder() - val = crypto.Scalar((1 << 30) - 1 + 16) - mask = crypto.random_scalar() - - bp_res = bpi.prove(val, mask) - bpi.verify(bp_res) - - def test_verify_batch_1(self): - bpi = bp.BulletProofBuilder() - bpi.verify_batch([self.bproof_1()]) - bpi.verify_batch([self.bproof_2()]) - bpi.verify_batch([self.bproof_4()]) - bpi.verify_batch([self.bproof_8()]) - bpi.verify_batch([self.bproof_16()]) - with self.assertRaises(Exception): - bpi.verify_batch([self.bproof_2_invalid()]) - with self.assertRaises(Exception): - bpi.verify_batch([self.bproof_2_invalid()]) + L=[unhexlify(b"ed2d768bb9c8b5a9fa24c90b5831d3cceb3e78cef45eba90e52f89a2b3c859d2"), + unhexlify(b"7f25cc8e211783e9c1b80dd13ee286943da0ec07bd33291536639432758f6927"), + unhexlify(b"7bae3d31f4e2a6d78d74d2bcb6d0656e4222161423d635f7ce08805e96cec83e"), + unhexlify(b"c87f949f70cf569c4baa332612305733fd19a2262490c55ec88c16a68d7b5e7d"), + unhexlify(b"34d06caf0d02129ebcc8bf318da8f6a0ddfaf2c7cb85f4144726561cefc86dcd"), + unhexlify(b"ab3effd3a2706591774e013c76f5b8ece9e58abf7efc0a11b479f9d2a89d0c55"), + unhexlify(b"ebf8d34e6643533bf73b13d2dd56aeaf2113fb3017d39bc6db6a2f71bc1d53f1"), + ], + R=[unhexlify(b"27e146e61e88944246dcd90ddb4284923c7fdc6fd6a187ed2efa3dcb8c380346"), + unhexlify(b"fab99152d48d835b9a01cdbec46301db0f57ca091f6cbaa0b45c8498f18babe1"), + unhexlify(b"8467f87acd7be026a27ed798cca6cc1526b0f805ac534a9c5162a9cd75460011"), + unhexlify(b"f421fa4bda1dba042ca56c6bdce313dc8d18cee084d722af47447ce54b6ff8df"), + unhexlify(b"8dd5dabc0ad67c83f42668e96bf5ee6741bcd8e661eda1e8ce6a23d84cf0b5b5"), + unhexlify(b"fcf20a7775699b0456542930b2374b233fb3f8f79e1911428157631a20b3c3ad"), + unhexlify(b"66e477bd93dabb184e2738829320bf8e60f6b4b476ca0fbc1013af28e8de34c1"), + ], + ) + # fmt: on def test_verify_plus(self): bpi = bp.BulletProofPlusBuilder() bpi.verify_batch([self.bproof_plus_2()]) + bpi.verify_batch([self.bproof_plus_2(), self.bproof_plus_2()]) + with self.assertRaises(Exception): + bpi.verify_batch([self.bproof_plus_2_invalid()]) def test_prove_plus_1(self): bpi = bp.BulletProofPlusBuilder() @@ -507,15 +236,6 @@ class TestMoneroBulletproof(unittest.TestCase): proof = bpi.prove_batch(sv, gamma) bpi.verify_batch([proof]) - def test_prove_random_masks(self): - bpi = bp.BulletProofBuilder() - bpi.use_det_masks = False # trully randomly generated mask vectors - val = crypto.Scalar((1 << 30) - 1 + 16) - mask = crypto.random_scalar() - - bp_res = bpi.prove(val, mask) - bpi.verify(bp_res) - def ctest_multiexp(self): scalars = [0, 1, 2, 3, 4, 99] point_base = [0, 2, 4, 7, 12, 18] @@ -535,20 +255,6 @@ class TestMoneroBulletproof(unittest.TestCase): ) self.assertEqual(res, res2) - def test_prove_batch(self): - bpi = bp.BulletProofBuilder() - sv = [crypto.Scalar(123), crypto.Scalar(768)] - gamma = [crypto.Scalar(456), crypto.Scalar(901)] - proof = bpi.prove_batch(sv, gamma) - bpi.verify_batch([proof]) - - def test_prove_batch16(self): - bpi = bp.BulletProofBuilder() - sv = [crypto.Scalar(137*i) for i in range(16)] - gamma = [crypto.Scalar(991*i) for i in range(16)] - proof = bpi.prove_batch(sv, gamma) - bpi.verify_batch([proof]) - if __name__ == "__main__": unittest.main()