45fd72b0d7
Updated paper references
2019-10-28 12:34:44 -04:00
277003f145
Minor prover simplification
2019-10-28 09:34:49 -04:00
9447e7276d
cryptonote: add function to get weight from a pruned tx
...
The weight of the prunable data is deterministic from the
unpruned data, so it can be determined from a pruned tx
2019-10-11 12:08:36 +00:00
85014813cf
Merge pull request #5707
...
3a0451a
2019-08-28 02:22:00 -05:00
3a0451a8be
MLSAG speedup and additional checks
2019-08-27 16:22:44 -04:00
e3de4aa68b
Merge pull request #5502
...
25a7cfd1a66a86
2019-07-24 13:57:06 -05:00
1387549e90
serialization: check stream good flag at the end
...
just in case
2019-06-14 08:47:23 +00:00
1a66a86f94
remove unused code
2019-04-29 20:52:40 +00:00
ac8e2a7819
Merge pull request #5437
...
acb68dba
2019-04-16 22:44:00 +02:00
acb68dbaa9
bulletproofs: cut down on keyV allocations
2019-04-13 22:37:08 +00:00
93bb2f48f7
ringct: prevent use of full ringct signatures for more than one input
2019-04-11 19:44:06 +00:00
b8ab510f23
Merge pull request #5332
...
7c44091598fdcb2a3a981a33
2019-04-01 17:35:12 +02:00
7ec799c542
Merge pull request #5287
...
1d14b3f0
2019-04-01 17:19:32 +02:00
98fdcb2aa5
Add support for V11 protocol with BulletProofV2 and short amount.
...
New scheme key destination contrfol
Fix dummy decryption in debug mode
2019-03-28 18:26:15 +01:00
1d14b3f072
ringct: fix capitalization for scaler mult
2019-03-25 13:00:14 +08:00
1f2930ce0b
Update 2019 copyright
2019-03-05 22:05:34 +01:00
ef93b0995c
various: remove unused variables
2019-03-04 22:24:49 +00:00
9d415495bf
Merge pull request #5082
...
1bc5f9fa
2019-03-04 21:18:53 +02:00
b6534c40e6
ringct: remove unused senderPk from ecdhTuple
...
This was an early ringct field, which was never used in production
2019-01-22 23:17:42 +00:00
7d37598158
ringct: the commitment mask is now deterministic
...
saves space in the tx and is safe
Found by knaccc
2019-01-22 23:17:39 +00:00
99d946e619
ringct: encode 8 byte amount, saving 24 bytes per output
...
Found by knaccc
2019-01-22 23:17:31 +00:00
cdc3ccec5f
ringct: save 3 bytes on bulletproof size
...
Found by luigi1111
2019-01-22 23:17:27 +00:00
f931e16c6e
add a bulletproof version, new bulletproof type, and rct config
...
This makes it easier to modify the bulletproof format
2019-01-22 23:17:24 +00:00
1bc5f9fa4b
bulletproofs: speed up vector_power_sum
...
found by sarang
2019-01-19 00:18:34 +00:00
5753d71922
Merge pull request #5050
...
07cb574c
2019-01-18 19:02:01 +02:00
07cb574ca4
ringct: remove duplicate rv.mixRing = mixRing; in genRctSimple
2019-01-08 11:51:35 +09:00
aaafa8a946
ringct: avoid repeated point conversion
2018-12-12 12:48:10 +00:00
6bc0c7e685
Merge pull request #4927
...
6456cb41
2018-12-12 12:01:31 +02:00
e9aa886d9e
Merge pull request #4921
...
ac665418
2018-12-12 11:59:56 +02:00
81418cb281
Merge pull request #4894
...
aee7a4e31a0733e50dac3c645d9915abd4f50cb16116397130023074
2018-12-04 17:33:19 +02:00
6d1c2a9304
Merge pull request #4892
...
c28e3d2d
2018-12-04 17:32:42 +02:00
c00ac446fd
Merge pull request #4854
...
bd98e99c
2018-12-04 17:08:42 +02:00
6456cb415a
Bulletproof: Initialize members in default construtor.
...
Fixing a build warning on g++ 7.3.0
2018-12-01 13:03:32 +00:00
ac665418f0
ringct: fix dummy bulletproofs on ledger in fake mode
...
Ledger does some basic checks on them
2018-11-30 13:33:29 +00:00
3e2abc9eaa
Merge pull request #4834
...
2c7195d8
2018-11-26 20:30:15 +02:00
611639710d
a few minor (but easy) performance tweaks
...
Found by codacy.com
2018-11-23 15:36:48 +00:00
c28e3d2dae
rctOps: add braces to suppress warnings
2018-11-23 12:28:04 +09:00
0295055bcb
Merge pull request #4805
...
6a1062f5
2018-11-16 11:16:12 +02:00
cec336ecbc
Merge pull request #4804
...
00907c39
2018-11-16 11:15:56 +02:00
46f989bc49
Merge pull request #4795
...
5d7c2316
2018-11-16 11:11:10 +02:00
bd98e99c80
Removed a lot of unnecessary includes
2018-11-15 17:29:34 +01:00
2c7195d80c
bulletproofs: avoid std::vector allocations for slice
2018-11-09 19:58:11 +00:00
6a1062f560
bulletproofs: reserve vector memory when known in advance
2018-11-05 14:32:32 +00:00
00907c3987
rct: speedup commit a little
...
saves a conversion, and uses a double scalarmult instead of
two scalarmults
2018-11-05 14:25:11 +00:00
6d3d8635be
Merge pull request #4693
...
74fb3d88a6d2e246a110e6aa8b4767226f9ae5b610e5a9278629a42cfc9f7d9c4061960abf8e4b98c415df97a281b950484155d0a621d6c8a49a17614564a5d1
2018-11-04 20:46:42 +02:00
5d7c231604
rct: add a zeroCommit cache for common pre-rct case
...
This is called for every pre-rct output at blockchain sync time,
and a lot of them wil hit the cache, saving a scalarmult each.
2018-11-04 15:44:56 +00:00
29ffb6bba8
device/trezor: trezor support added
2018-11-02 21:36:39 +01:00
d6937e373b
ringct: use dummy bulletproofs when in fake mode, for speed
2018-10-23 21:03:18 +00:00
74fb3d882c
multiexp: some minor speedups
2018-10-22 16:08:26 +00:00
a6d2e246f3
bulletproofs: only enable profiling on request
2018-10-22 16:07:44 +00:00
a110e6aa18
multiexp: tune which variants to use for which number of points
2018-10-22 16:07:44 +00:00
8b4767221c
bulletproofs: speedup prover
2018-10-22 16:07:44 +00:00
6f9ae5b6eb
multiexp: handle pippenger multiexps with part precalc
2018-10-22 16:07:44 +00:00
10e5a92769
bulletproofs: maintain -z4, -z5, and -y0 to avoid subtractions
2018-10-22 16:07:44 +00:00
8629a42cf6
bulletproofs: rework flow to use sarang's fast batch inversion code
2018-10-22 16:07:44 +00:00
fc9f7d9c81
bulletproofs: merge multiexps as per sarang's new python code
2018-10-22 16:07:44 +00:00
4061960a16
multiexp: pack the digits table when STRAUS_C is 4
...
Spotted by stoffu
2018-10-22 16:07:44 +00:00
bf8e4b9870
bulletproofs: some more minor speedup
2018-10-22 16:07:44 +00:00
a281b950bf
bulletproofs: remove single value prover
...
It is now expressed in terms of the array prover
2018-10-22 16:07:44 +00:00
484155d043
bulletproofs: some more speedup
2018-10-22 16:07:44 +00:00
a621d6c8b4
bulletproofs: random minor speedups
2018-10-22 16:07:44 +00:00
a49a17618f
bulletproofs: shave off a lot of scalar muls from the g/h construction
2018-10-22 16:07:44 +00:00
4564a5d17b
bulletproofs: speedup PROVE
2018-10-22 16:07:44 +00:00
1dd5c73f62
bulletproofs: multiply points by 8 first thing in verification
...
instead of merging that with other scalar multiplications
where possible for speed, since this is not actually safe
2018-09-24 14:02:51 +00:00
4a652d6b52
Merge pull request #4379
...
607301bf
2018-09-21 20:42:41 +02:00
607301bf6d
rct: avoid repeated unnecessary conversions when accummulating
2018-09-14 10:18:01 +00:00
67a56a9f8b
rctTypes: fix incorrect serialization
2018-09-12 20:33:10 +09:00
8f418a6db0
bulletproofs: #include <openssl/bn.h>
...
Apparently needed for openssl 1.1.x
2018-09-11 13:38:34 +00:00
2bf636503f
bulletproofs: speed up the latest changes a bit
2018-09-11 13:38:32 +00:00
044dff5a30
bulletproofs: scale points by 8 to ensure subgroup validity
2018-09-11 13:38:31 +00:00
c83012c476
bulletproofs: match aggregated verification to sarang's latest prototype
2018-09-11 13:38:30 +00:00
463434d1f7
more comprehensive test for ge_p3 comparison to identity/point at infinity
...
Reported by QuarksLab.
2018-09-11 13:38:20 +00:00
a129bbd944
multiexp: fix maxscalar off by one
...
Reported by QuarksLab.
2018-09-11 13:38:17 +00:00
7ed496cc78
ringct: error out when hashToPoint* returns the point at infinity
...
Reported by QuarksLab.
2018-09-11 13:38:16 +00:00
61632dc166
ringct: prevent a potential very large allocation
...
Reported by QuarksLab.
2018-09-11 13:38:14 +00:00
0825e97436
multiexp: fix wrong Bos-Coster result for 1 non trivial input
...
Reported by QuarksLab.
2018-09-11 13:38:10 +00:00
a1359ad43c
Check inputs to addKeys are in range
...
Reported by QuarksLab.
2018-09-11 13:38:09 +00:00
fe0fa3b9c5
bulletproofs: reject x, y, z, or w[i] being zero
...
Also try again when we're generate a proof with those characteristics
Reported by QuarksLab.
2018-09-11 13:38:08 +00:00
5ffb2ff9b7
v8: per byte fee, pad bulletproofs, fixed 11 ring size
2018-09-11 13:38:07 +00:00
869b3bf824
bulletproofs: a few fixes from the Kudelski review
...
- fix integer overflow in n_bulletproof_amounts
- check input scalars are in range
- remove use of environment variable to tweak straus performance
- do not use implementation defined signed shift for signum
2018-09-11 13:38:05 +00:00
c429176248
bulletproofs: reject points not in the main subgroup
2018-09-11 13:38:04 +00:00
1569717718
bulletproofs: speed up a few multiplies using existing Hi cache
2018-09-11 13:38:03 +00:00
0b05a0fa74
Add Pippenger cache and limit Straus cache size
2018-09-11 13:38:02 +00:00
263431c486
Pippenger multiexp
...
Based on sarang's python code
2018-09-11 13:37:45 +00:00
1ed0ed4de4
multiexp: cut down on memory allocations
2018-09-11 13:37:44 +00:00
1b867e7f40
precalc the ge_p3 representation of H
2018-09-11 13:37:42 +00:00
7e67c52fa2
Add a define for the max number of bulletproof multi-outputs
2018-09-11 13:37:38 +00:00
2a8fcb421b
Bulletproof aggregated verification and tests
...
Also constrains bulletproofs to simple rct, for simplicity
2018-09-11 13:37:37 +00:00
126196b017
multiexp: some speedups
...
- use a raw memory block to store cache
- use aligned memory
- use doubling API where appropriate
- calculate straus in bands
2018-09-11 13:37:35 +00:00
bacf0a1e2f
bulletproofs: add aggregated verification
...
Ported from sarang's java code
2018-09-11 13:37:32 +00:00
e895c3def1
make straus cached mode thread safe, and add tests for it
2018-09-11 13:37:31 +00:00
7f48bf05d7
multiexp: bos coster now works for just one point
2018-09-11 13:37:30 +00:00
9ce9f8caf6
bulletproofs: add multi output bulletproofs to rct
2018-09-11 13:37:28 +00:00
939bc22332
add Straus multiexp
2018-09-11 13:37:25 +00:00
9ff6e6a0a7
ringct: add bos coster multiexp
2018-09-11 13:37:24 +00:00
e9164bb38b
bulletproofs: misc optimizations
...
Use double mults where possible, avoid conversions, simplify
2018-09-11 13:37:23 +00:00
aacfd6e370
bulletproofs: multi-output bulletproofs
2018-09-11 13:37:17 +00:00
7c8f95d3e2
ringct: make conversion functions return const refs
...
This might avoid unnecessary copies.
Reported by stoffu
2018-09-04 18:28:20 +00:00
5f1bbe3bce
Merge pull request #4268
...
1f2409e
2018-09-04 13:16:04 -05:00
d2e26c23f3
add and use constant time 32 byte equality function
2018-08-23 07:56:51 +00:00
Sarang Noether
moneromooo-monero
luigi1111
Riccardo Spagni
cslashm
fuwa
binaryFate
stoffu
Tadeas Moravec
Martijn Otto
Dusan Klinec