initial clsag implementation for carrot

2025-05-28 17:50:16 +03:00
parent a3a05a24e4
commit 3878e389fe
10 changed files with 390 additions and 8 deletions
@@ -33,6 +33,7 @@
 #include "device_default.hpp"
 #include "int-util.h"
 #include "crypto/wallet/crypto.h"
+#include "crypto/generators.h"
 #include "cryptonote_basic/account.h"
 #include "cryptonote_basic/subaddress_index.h"
 #include "cryptonote_core/cryptonote_tx_utils.h"
@@ -424,6 +425,19 @@ namespace hw {
            return true;
        }

+        bool device_default::clsag_prepare_carrot(const rct::key &p, const rct::key &z, rct::key &I, rct::key &D, const rct::key &H, rct::key &a, rct::key &aG, rct::key &b, rct::key &bT, rct::key &aH) {
+            rct::skpkGen(a,aG); // aG = a*G
+            rct::scalarmultKey(aH,H,a); // aH = a*H
+            rct::scalarmultKey(I,H,p); // I = p*H
+            rct::scalarmultKey(D,H,z); // D = z*H
+
+            // bT = b*T
+            rct::skGen(b);
+            bT = rct::scalarmultKey(b, rct::pk2rct(crypto::get_T()));
+
+            return true;
+        }
+
        bool device_default::clsag_hash(const rct::keyV &data, rct::key &hash) {
            hash = rct::hash_to_scalar(data);
            return true;
@@ -432,9 +446,10 @@ namespace hw {
        bool device_default::clsag_sign(const rct::key &c, const rct::key &a, const rct::key &p, const rct::key &z, const rct::key &mu_P, const rct::key &mu_C, rct::key &s) {
            rct::key s0_p_mu_P;
            sc_mul(s0_p_mu_P.bytes,mu_P.bytes,p.bytes);
+            
            rct::key s0_add_z_mu_C;
-            sc_muladd(s0_add_z_mu_C.bytes,mu_C.bytes,z.bytes,s0_p_mu_P.bytes);
-            sc_mulsub(s.bytes,c.bytes,s0_add_z_mu_C.bytes,a.bytes);
+            sc_muladd(s0_add_z_mu_C.bytes, mu_C.bytes, z.bytes, s0_p_mu_P.bytes);
+            sc_mulsub(s.bytes, c.bytes, s0_add_z_mu_C.bytes, a.bytes);

            return true;
        }