mimblewimble · yeastplume · Jun 25, 2018 · Jun 25, 2018
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/core/src/core/transaction.rs b/core/src/core/transaction.rs
@@ -917,114 +917,6 @@ impl Readable for OutputIdentifier {
 	}
 }
 
-/// A structure which contains fields that are to be committed to within
-/// an Output's range (bullet) proof.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq)]
-pub struct ProofMessageElements {
-	/// The amount, stored to allow for wallet reconstruction as
-	/// rewinding isn't supported in bulletproofs just yet
-	/// This is going to be written 3 times, to facilitate checking
-	/// values on rewind
-	/// Note that rewinding with only the nonce will give you back
-	/// the first 32 bytes of the message. To get the second
-	/// 32 bytes, you need to provide the correct blinding factor as well
-	value: u64,
-	/// another copy of the value, to check on rewind
-	value_copy_1: u64,
-	/// another copy of the value
-	value_copy_2: u64,
-	/// the first 8 bytes of the blinding factor, used to avoid having to grind
-	/// through a proof each time you want to check against key possibilities
-	bf_first_8: Vec<u8>,
-	/// unused portion of message, used to test whether we have both nonce
-	/// and blinding correct
-	zeroes: Vec<u8>,
-}
-
-impl Writeable for ProofMessageElements {
-	fn write<W: Writer>(&self, writer: &mut W) -> Result<(), ser::Error> {
-		writer.write_u64(self.value)?;
-		writer.write_u64(self.value_copy_1)?;
-		writer.write_u64(self.value_copy_2)?;
-		writer.write_fixed_bytes(&self.bf_first_8)?;
-		for i in 0..32 {
-			let _ = writer.write_u8(self.zeroes[i]);
-		}
-		Ok(())
-	}
-}
-
-impl Readable for ProofMessageElements {
-	fn read(reader: &mut Reader) -> Result<ProofMessageElements, ser::Error> {
-		// if the value isn't repeated 3 times, it's most likely not the value,
-		// so reject
-		Ok(ProofMessageElements {
-			value: reader.read_u64()?,
-			value_copy_1: reader.read_u64()?,
-			value_copy_2: reader.read_u64()?,
-			bf_first_8: reader.read_fixed_bytes(8)?,
-			zeroes: reader.read_fixed_bytes(32)?,
-		})
-	}
-}
-
-impl ProofMessageElements {
-	/// Create a new proof message
-	pub fn new(value: u64, blinding: &keychain::Identifier) -> ProofMessageElements {
-		ProofMessageElements {
-			value: value,
-			value_copy_1: value,
-			value_copy_2: value,
-			bf_first_8: blinding.to_bytes()[0..8].to_vec(),
-			zeroes: [0u8; 32].to_vec(),
-		}
-	}
-
-	/// Return the value if it's valid, an error otherwise
-	pub fn value(&self) -> Result<u64, Error> {
-		if self.value == self.value_copy_1 && self.value == self.value_copy_2 {
-			Ok(self.value)
-		} else {
-			Err(Error::InvalidProofMessage)
-		}
-	}
-
-	/// Compare given identifier with first 8 bytes of what's stored
-	pub fn compare_bf_first_8(&self, in_id: &keychain::Identifier) -> bool {
-		let in_id_vec = in_id.to_bytes()[0..8].to_vec();
-		for i in 0..8 {
-			if in_id_vec[i] != self.bf_first_8[i] {
-				return false;
-			}
-		}
-		true
-	}
-
-	/// Whether our remainder is zero (as it should be if the BF and nonce used
-	/// to unwind are correct
-	pub fn zeroes_correct(&self) -> bool {
-		for i in 0..self.zeroes.len() {
-			if self.zeroes[i] != 0 {
-				return false;
-			}
-		}
-		true
-	}
-
-	/// Serialize and return a ProofMessage
-	pub fn to_proof_message(&self) -> ProofMessage {
-		ProofMessage::from_bytes(&ser_vec(self).unwrap())
-	}
-
-	/// Deserialize and return the message elements
-	pub fn from_proof_message(
-		proof_message: &ProofMessage,
-	) -> Result<ProofMessageElements, ser::Error> {
-		let mut c = Cursor::new(proof_message.as_bytes());
-		ser::deserialize::<ProofMessageElements>(&mut c)
-	}
-}
-
 #[cfg(test)]
 mod test {
 	use super::*;

diff --git a/core/tests/block.rs b/core/tests/block.rs
@@ -233,7 +233,7 @@ fn empty_block_serialized_size() {
 	let b = new_block(vec![], &keychain, &prev, &key_id);
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &b).expect("serialization failed");
-	let target_len = 1_265;
+	let target_len = 1_266;
 	assert_eq!(vec.len(), target_len,);
 }
 
@@ -246,7 +246,7 @@ fn block_single_tx_serialized_size() {
 	let b = new_block(vec![&tx1], &keychain, &prev, &key_id);
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &b).expect("serialization failed");
-	let target_len = 2_845;
+	let target_len = 2_848;
 	assert_eq!(vec.len(), target_len);
 }
 
@@ -258,7 +258,7 @@ fn empty_compact_block_serialized_size() {
 	let b = new_block(vec![], &keychain, &prev, &key_id);
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &b.as_compact_block()).expect("serialization failed");
-	let target_len = 1_273;
+	let target_len = 1_274;
 	assert_eq!(vec.len(), target_len,);
 }
 
@@ -271,7 +271,7 @@ fn compact_block_single_tx_serialized_size() {
 	let b = new_block(vec![&tx1], &keychain, &prev, &key_id);
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &b.as_compact_block()).expect("serialization failed");
-	let target_len = 1_279;
+	let target_len = 1_280;
 	assert_eq!(vec.len(), target_len,);
 }
 
@@ -290,7 +290,7 @@ fn block_10_tx_serialized_size() {
 	let b = new_block(txs.iter().collect(), &keychain, &prev, &key_id);
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &b).expect("serialization failed");
-	let target_len = 17_065;
+	let target_len = 17_086;
 	assert_eq!(vec.len(), target_len,);
 }
 
@@ -308,7 +308,7 @@ fn compact_block_10_tx_serialized_size() {
 	let b = new_block(txs.iter().collect(), &keychain, &prev, &key_id);
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &b.as_compact_block()).expect("serialization failed");
-	let target_len = 1_333;
+	let target_len = 1_334;
 	assert_eq!(vec.len(), target_len,);
 }
 

diff --git a/core/tests/core.rs b/core/tests/core.rs
@@ -36,7 +36,7 @@ fn simple_tx_ser() {
 	let tx = tx2i1o();
 	let mut vec = Vec::new();
 	ser::serialize(&mut vec, &tx).expect("serialization failed");
-	let target_len = 954;
+	let target_len = 955;
 	assert_eq!(vec.len(), target_len,);
 }
 

diff --git a/core/tests/transaction.rs b/core/tests/transaction.rs
@@ -23,16 +23,14 @@ pub mod common;
 use grin_core::core::{Output, OutputFeatures};
 use grin_core::ser;
 use keychain::{ExtKeychain, Keychain};
-use util::secp;
 use wallet::libtx::proof;
 
 #[test]
 fn test_output_ser_deser() {
 	let keychain = ExtKeychain::from_random_seed().unwrap();
 	let key_id = keychain.derive_key_id(1).unwrap();
 	let commit = keychain.commit(5, &key_id).unwrap();
-	let msg = secp::pedersen::ProofMessage::empty();
-	let proof = proof::create(&keychain, 5, &key_id, commit, None, msg).unwrap();
+	let proof = proof::create(&keychain, 5, &key_id, commit, None).unwrap();
 
 	let out = Output {
 		features: OutputFeatures::DEFAULT_OUTPUT,

diff --git a/util/Cargo.toml b/util/Cargo.toml
@@ -20,6 +20,6 @@ zip = "0.4"
 
 [dependencies.secp256k1zkp]
 git = "https://github.com/mimblewimble/rust-secp256k1-zkp"
-tag = "grin_integration_19"
+branch = "testnet3"
 #path = "../../rust-secp256k1-zkp"
 features = ["bullet-proof-sizing"]
diff --git a/wallet/src/libtx/build.rs b/wallet/src/libtx/build.rs
@@ -29,7 +29,7 @@ use util::{kernel_sig_msg, secp};
 
 use core::core::hash::Hash;
 use core::core::merkle_proof::MerkleProof;
-use core::core::{Input, Output, OutputFeatures, ProofMessageElements, Transaction, TxKernel};
+use core::core::{Input, Output, OutputFeatures, Transaction, TxKernel};
 use keychain::{self, BlindSum, BlindingFactor, Identifier, Keychain};
 use libtx::{aggsig, proof};
 use util::LOGGER;
@@ -118,15 +118,12 @@ where
 			let commit = build.keychain.commit(value, &key_id).unwrap();
 			trace!(LOGGER, "Builder - Pedersen Commit is: {:?}", commit,);
 
-			let msg = ProofMessageElements::new(value, &key_id);
-
 			let rproof = proof::create(
 				build.keychain,
 				value,
 				&key_id,
 				commit,
 				None,
-				msg.to_proof_message(),
 			).unwrap();
 
 			(

diff --git a/wallet/src/libtx/proof.rs b/wallet/src/libtx/proof.rs
@@ -17,7 +17,6 @@
 use blake2;
 use keychain::{Identifier, Keychain};
 use libtx::error::{Error, ErrorKind};
-use util::logger::LOGGER;
 use util::secp::key::SecretKey;
 use util::secp::pedersen::{Commitment, ProofInfo, ProofMessage, RangeProof};
 use util::secp::{self, Secp256k1};
@@ -42,35 +41,21 @@ where
 	}
 }
 
-/// So we want this to take an opaque structure that can be called
-/// back to get the sensitive data
-
+/// Create a bulletproof
 pub fn create<K>(
 	k: &K,
 	amount: u64,
 	key_id: &Identifier,
 	_commit: Commitment,
 	extra_data: Option<Vec<u8>>,
-	msg: ProofMessage,
 ) -> Result<RangeProof, Error>
 where
 	K: Keychain,
 {
 	let commit = k.commit(amount, key_id)?;
 	let skey = k.derived_key(key_id)?;
 	let nonce = create_nonce(k, &commit)?;
-	if msg.len() == 0 {
-		return Ok(k.secp().bullet_proof(amount, skey, nonce, extra_data, None));
-	} else {
-		if msg.len() != 64 {
-			error!(LOGGER, "Bullet proof message must be 64 bytes.");
-			return Err(ErrorKind::RangeProof(
-				"Bullet proof message must be 64 bytes".to_string(),
-			))?;
-		}
-	}
-	return Ok(k.secp()
-		.bullet_proof(amount, skey, nonce, extra_data, Some(msg)));
+	Ok(k.secp().bullet_proof(amount, skey, nonce, extra_data))
 }
 
 /// Verify a proof
@@ -90,33 +75,23 @@ pub fn verify(
 /// Rewind a rangeproof to retrieve the amount
 pub fn rewind<K>(
 	k: &K,
-	key_id: &Identifier,
 	commit: Commitment,
 	extra_data: Option<Vec<u8>>,
 	proof: RangeProof,
 ) -> Result<ProofInfo, Error>
 where
 	K: Keychain,
 {
-	let skey = k.derived_key(key_id)?;
 	let nonce = create_nonce(k, &commit)?;
 	let proof_message = k.secp()
-		.unwind_bullet_proof(commit, skey, nonce, extra_data, proof);
+		.rewind_bullet_proof(commit, nonce, extra_data, proof);
 	let proof_info = match proof_message {
-		Ok(p) => ProofInfo {
-			success: true,
-			value: 0,
-			message: p,
-			mlen: 0,
-			min: 0,
-			max: 0,
-			exp: 0,
-			mantissa: 0,
-		},
+		Ok(p) => p,
 		Err(_) => ProofInfo {
 			success: false,
 			value: 0,
 			message: ProofMessage::empty(),
+			blinding: SecretKey([0; secp::constants::SECRET_KEY_SIZE]),
 			mlen: 0,
 			min: 0,
 			max: 0,

diff --git a/wallet/src/libtx/reward.rs b/wallet/src/libtx/reward.rs
@@ -18,7 +18,7 @@ use keychain::{Identifier, Keychain};
 
 use core::consensus::reward;
 use core::core::KernelFeatures;
-use core::core::{Output, OutputFeatures, ProofMessageElements, TxKernel};
+use core::core::{Output, OutputFeatures, TxKernel};
 use libtx::error::Error;
 use libtx::{aggsig, proof};
 use util::{kernel_sig_msg, secp, static_secp_instance, LOGGER};
@@ -35,7 +35,6 @@ where
 {
 	let value = reward(fees);
 	let commit = keychain.commit(value, key_id)?;
-	let msg = ProofMessageElements::new(value, key_id);
 
 	trace!(LOGGER, "Block reward - Pedersen Commit is: {:?}", commit,);
 
@@ -45,7 +44,6 @@ where
 		key_id,
 		commit,
 		None,
-		msg.to_proof_message(),
 	)?;
 
 	let output = Output {