mpt-crypto-tmp/secp256k1__mpt_8h_source.html

#ifndef SECP256K1_MPT_H

#define SECP256K1_MPT_H


#include <secp256k1.h>

#include <stdint.h>


#ifdef __cplusplus

extern "C" {

#endif


SECP256K1_API int secp256k1_elgamal_generate_keypair(

        const secp256k1_context* ctx,

        unsigned char* privkey,

        secp256k1_pubkey* pubkey

);


SECP256K1_API int secp256k1_elgamal_encrypt(

        const secp256k1_context* ctx,

        secp256k1_pubkey* c1,

        secp256k1_pubkey* c2,

        const secp256k1_pubkey* pubkey_Q,

        uint64_t amount,

        const unsigned char* blinding_factor

);


SECP256K1_API int secp256k1_elgamal_decrypt(

        const secp256k1_context* ctx,

        uint64_t* amount,

        const secp256k1_pubkey* c1,

        const secp256k1_pubkey* c2,

        const unsigned char* privkey

);


SECP256K1_API int secp256k1_elgamal_add(

        const secp256k1_context* ctx,

        secp256k1_pubkey* sum_c1,

        secp256k1_pubkey* sum_c2,

        const secp256k1_pubkey* a_c1,

        const secp256k1_pubkey* a_c2,

        const secp256k1_pubkey* b_c1,

        const secp256k1_pubkey* b_c2

);


SECP256K1_API int secp256k1_elgamal_subtract(

        const secp256k1_context* ctx,

        secp256k1_pubkey* diff_c1,

        secp256k1_pubkey* diff_c2,

        const secp256k1_pubkey* a_c1,

        const secp256k1_pubkey* a_c2,

        const secp256k1_pubkey* b_c1,

        const secp256k1_pubkey* b_c2

);


SECP256K1_API int generate_canonical_encrypted_zero(

        const secp256k1_context* ctx,

        secp256k1_pubkey* enc_zero_c1,

        secp256k1_pubkey* enc_zero_c2,

        const secp256k1_pubkey* pubkey,

        const unsigned char* account_id,     // 20 bytes

        const unsigned char* mpt_issuance_id // 24 bytes

);


// ... (includes and previous ElGamal declarations) ...


/*

================================================================================

|                                                                              |

|           PROOF OF KNOWLEDGE OF PLAINTEXT AND RANDOMNESS                     |

|                (Chaum-Pedersen Equality Proof)                               |

================================================================================

*/


SECP256K1_API int secp256k1_equality_plaintext_prove(

        const secp256k1_context* ctx,

        unsigned char* proof,              // Output: 98 bytes

        const secp256k1_pubkey* c1,

        const secp256k1_pubkey* c2,

        const secp256k1_pubkey* pk_recipient,

        uint64_t amount,

        const unsigned char* randomness_r, // Secret input

        const unsigned char* tx_context_id // 32 bytes

);


SECP256K1_API int secp256k1_equality_plaintext_verify(

        const secp256k1_context* ctx,

        const unsigned char* proof,        // Input: 98 bytes

        const secp256k1_pubkey* c1,

        const secp256k1_pubkey* c2,

        const secp256k1_pubkey* pk_recipient,

        uint64_t amount,

        const unsigned char* tx_context_id // 32 bytes

);


// ... (rest of header, #endif etc.)


/*

================================================================================

|                                                                              |

|           PROOF OF EQUALITY OF SECRET PLAINTEXTS                             |

|                (Multi-Statement Chaum-Pedersen)                              |

================================================================================

*/


SECP256K1_API int secp256k1_mpt_prove_same_plaintext(

        const secp256k1_context* ctx,

        unsigned char* proof_out,          // Output: 261 bytes

        const secp256k1_pubkey* R1, const secp256k1_pubkey* S1, const secp256k1_pubkey* P1,

        const secp256k1_pubkey* R2, const secp256k1_pubkey* S2, const secp256k1_pubkey* P2,

        uint64_t amount_m,

        const unsigned char* randomness_r1,

        const unsigned char* randomness_r2,

        const unsigned char* tx_context_id

);


SECP256K1_API int secp256k1_mpt_verify_same_plaintext(

        const secp256k1_context* ctx,

        const unsigned char* proof,        // Input: 261 bytes

        const secp256k1_pubkey* R1, const secp256k1_pubkey* S1, const secp256k1_pubkey* P1,

        const secp256k1_pubkey* R2, const secp256k1_pubkey* S2, const secp256k1_pubkey* P2,

        const unsigned char* tx_context_id

);


SECP256K1_API size_t secp256k1_mpt_prove_same_plaintext_multi_size(size_t n_ciphertexts);


SECP256K1_API int secp256k1_mpt_prove_same_plaintext_multi(

        const secp256k1_context* ctx,

        unsigned char* proof_out,

        size_t* proof_len,

        uint64_t amount_m,

        size_t n_ciphertexts,

        const secp256k1_pubkey* R_array,

        const secp256k1_pubkey* S_array,

        const secp256k1_pubkey* Pk_array,

        const unsigned char* r_array, // Flat array: r1 || r2 || ... (N * 32 bytes)

        const unsigned char* tx_context_id

);


SECP256K1_API int secp256k1_mpt_verify_same_plaintext_multi(

        const secp256k1_context* ctx,

        const unsigned char* proof,

        size_t proof_len,

        size_t n_ciphertexts,

        const secp256k1_pubkey* R_array,

        const secp256k1_pubkey* S_array,

        const secp256k1_pubkey* Pk_array,

        const unsigned char* tx_context_id

);


SECP256K1_API int secp256k1_bulletproof_create_commitment(

        const secp256k1_context* ctx,

        secp256k1_pubkey* commitment_C,

        uint64_t value,

        const unsigned char* blinding_factor,

        const secp256k1_pubkey* pk_base

);


int secp256k1_bulletproof_prove(

        const secp256k1_context* ctx,

        unsigned char* proof_out,

        size_t* proof_len,

        uint64_t value,

        const unsigned char* blinding_factor,

        const secp256k1_pubkey* pk_base,

        const unsigned char* context_id,    /* <--- AND HERE */

        unsigned int proof_type

);


int secp256k1_bulletproof_verify(

        const secp256k1_context* ctx,

        const secp256k1_pubkey* G_vec,

        const secp256k1_pubkey* H_vec,

        const unsigned char* proof,

        size_t proof_len,

        const secp256k1_pubkey* commitment_C,

        const secp256k1_pubkey* pk_base, /* This is generator H */

        const unsigned char* context_id

);

int secp256k1_elgamal_pedersen_link_prove(

        const secp256k1_context* ctx,

        unsigned char* proof,

        const secp256k1_pubkey* c1,

        const secp256k1_pubkey* c2,

        const secp256k1_pubkey* pk,

        const secp256k1_pubkey* pcm,

        uint64_t amount,

        const unsigned char* r,

        const unsigned char* rho,

        const unsigned char* context_id);


int secp256k1_elgamal_pedersen_link_verify(

        const secp256k1_context* ctx,

        const unsigned char* proof,

        const secp256k1_pubkey* c1,

        const secp256k1_pubkey* c2,

        const secp256k1_pubkey* pk,

        const secp256k1_pubkey* pcm,

        const unsigned char* context_id);


int secp256k1_elgamal_verify_encryption(

        const secp256k1_context* ctx,

        const secp256k1_pubkey* c1,

        const secp256k1_pubkey* c2,

        const secp256k1_pubkey* pubkey_Q,

        uint64_t amount,

        const unsigned char* blinding_factor

);


int secp256k1_mpt_pok_sk_prove(

        const secp256k1_context* ctx,

        unsigned char* proof,           /* Expected size: 65 bytes */

        const secp256k1_pubkey* pk,

        const unsigned char* sk,

        const unsigned char* context_id

);


int secp256k1_mpt_pok_sk_verify(

        const secp256k1_context* ctx,

        const unsigned char* proof,     /* Expected size: 65 bytes */

        const secp256k1_pubkey* pk,

        const unsigned char* context_id

);


int secp256k1_mpt_pedersen_commit(

        const secp256k1_context* ctx,

        secp256k1_pubkey* commitment,

        uint64_t amount,

        const unsigned char* blinding_factor_rho  /* 32 bytes */

);


int secp256k1_mpt_get_h_generator(const secp256k1_context* ctx, secp256k1_pubkey* h);


int secp256k1_mpt_get_generator_vector(

        const secp256k1_context* ctx,

        secp256k1_pubkey* vec,

        size_t n,

        const unsigned char* label,

        size_t label_len

);


void secp256k1_mpt_scalar_add(unsigned char *res, const unsigned char *a, const unsigned char *b);

void secp256k1_mpt_scalar_mul(unsigned char *res, const unsigned char *a, const unsigned char *b);

void secp256k1_mpt_scalar_inverse(unsigned char *res, const unsigned char *in);

void secp256k1_mpt_scalar_negate(unsigned char *res, const unsigned char *in);

void secp256k1_mpt_scalar_reduce32(unsigned char out32[32], const unsigned char in32[32]);


size_t secp256k1_mpt_proof_equality_shared_r_size(size_t n);


int secp256k1_mpt_prove_equality_shared_r(

        const secp256k1_context* ctx,

        unsigned char* proof_out,

        uint64_t amount,

        const unsigned char* r_shared,

        size_t n,

        const secp256k1_pubkey* C1,

        const secp256k1_pubkey* C2_vec,

        const secp256k1_pubkey* Pk_vec,

        const unsigned char* context_id

);


int secp256k1_mpt_verify_equality_shared_r(

        const secp256k1_context* ctx,

        const unsigned char* proof,

        size_t n,

        const secp256k1_pubkey* C1,

        const secp256k1_pubkey* C2_vec,

        const secp256k1_pubkey* Pk_vec,

        const unsigned char* context_id

);


int secp256k1_bulletproof_prove_agg(

        const secp256k1_context* ctx,

        unsigned char* proof_out,

        size_t* proof_len,

        const uint64_t* values,

        const unsigned char* blindings_flat,

        size_t m,

        const secp256k1_pubkey* pk_base,

        const unsigned char* context_id

);

int secp256k1_bulletproof_verify_agg(

        const secp256k1_context* ctx,

        const secp256k1_pubkey* G_vec,              /* length n = 64*m */

        const secp256k1_pubkey* H_vec,              /* length n = 64*m */

        const unsigned char* proof,

        size_t proof_len,

        const secp256k1_pubkey* commitment_C_vec,   /* length m */

        size_t m,

        const secp256k1_pubkey* pk_base,

        const unsigned char* context_id

);


#ifdef __cplusplus

}

#endif


#endif // SECP256K1_MPT_H

secp256k1_elgamal_generate_keypair
SECP256K1_API int secp256k1_elgamal_generate_keypair(const secp256k1_context *ctx, unsigned char *privkey, secp256k1_pubkey *pubkey)
Generates a new secp256k1 key pair.
Definition elgamal.c:61

secp256k1_mpt_proof_equality_shared_r_size
size_t secp256k1_mpt_proof_equality_shared_r_size(size_t n)
Definition proof_same_plaintext_multi_shared_r.c:61

secp256k1_bulletproof_verify_agg
int secp256k1_bulletproof_verify_agg(const secp256k1_context *ctx, const secp256k1_pubkey *G_vec, const secp256k1_pubkey *H_vec, const unsigned char *proof, size_t proof_len, const secp256k1_pubkey *commitment_C_vec, size_t m, const secp256k1_pubkey *pk_base, const unsigned char *context_id)
Definition bulletproof_aggregated.c:1715

secp256k1_elgamal_verify_encryption
int secp256k1_elgamal_verify_encryption(const secp256k1_context *ctx, const secp256k1_pubkey *c1, const secp256k1_pubkey *c2, const secp256k1_pubkey *pubkey_Q, uint64_t amount, const unsigned char *blinding_factor)
Definition elgamal.c:262

secp256k1_mpt_scalar_negate
void secp256k1_mpt_scalar_negate(unsigned char *res, const unsigned char *in)
Definition mpt_scalar.c:96

secp256k1_bulletproof_verify
int secp256k1_bulletproof_verify(const secp256k1_context *ctx, const secp256k1_pubkey *G_vec, const secp256k1_pubkey *H_vec, const unsigned char *proof, size_t proof_len, const secp256k1_pubkey *commitment_C, const secp256k1_pubkey *pk_base, const unsigned char *context_id)

secp256k1_equality_plaintext_prove
SECP256K1_API int secp256k1_equality_plaintext_prove(const secp256k1_context *ctx, unsigned char *proof, const secp256k1_pubkey *c1, const secp256k1_pubkey *c2, const secp256k1_pubkey *pk_recipient, uint64_t amount, const unsigned char *randomness_r, const unsigned char *tx_context_id)
Generates a proof that an ElGamal ciphertext correctly encrypts a known plaintext m and that the prov...
Definition equality_proof.c:115

secp256k1_mpt_prove_same_plaintext_multi_size
SECP256K1_API size_t secp256k1_mpt_prove_same_plaintext_multi_size(size_t n_ciphertexts)
Calculates the expected proof size for a given number of ciphertexts.
Definition proof_same_plaintext_multi.c:130

secp256k1_mpt_pok_sk_prove
int secp256k1_mpt_pok_sk_prove(const secp256k1_context *ctx, unsigned char *proof, const secp256k1_pubkey *pk, const unsigned char *sk, const unsigned char *context_id)
Definition proof_pok_sk.c:92

secp256k1_mpt_verify_same_plaintext_multi
SECP256K1_API int secp256k1_mpt_verify_same_plaintext_multi(const secp256k1_context *ctx, const unsigned char *proof, size_t proof_len, size_t n_ciphertexts, const secp256k1_pubkey *R_array, const secp256k1_pubkey *S_array, const secp256k1_pubkey *Pk_array, const unsigned char *tx_context_id)
Verifies a proof that N ciphertexts encrypt the same secret amount.
Definition proof_same_plaintext_multi.c:250

secp256k1_mpt_get_generator_vector
int secp256k1_mpt_get_generator_vector(const secp256k1_context *ctx, secp256k1_pubkey *vec, size_t n, const unsigned char *label, size_t label_len)
Generates a vector of N independent NUMS generators.
Definition commitments.c:124

secp256k1_elgamal_decrypt
SECP256K1_API int secp256k1_elgamal_decrypt(const secp256k1_context *ctx, uint64_t *amount, const secp256k1_pubkey *c1, const secp256k1_pubkey *c2, const unsigned char *privkey)
Decrypts an ElGamal ciphertext to recover the amount.
Definition elgamal.c:111

secp256k1_mpt_get_h_generator
int secp256k1_mpt_get_h_generator(const secp256k1_context *ctx, secp256k1_pubkey *h)
Derives the secondary base point (H) for Pedersen commitments.
Definition commitments.c:108

secp256k1_mpt_pedersen_commit
int secp256k1_mpt_pedersen_commit(const secp256k1_context *ctx, secp256k1_pubkey *commitment, uint64_t amount, const unsigned char *blinding_factor_rho)
Creates a Pedersen Commitment C = amount*G + rho*H.
Definition commitments.c:149

generate_canonical_encrypted_zero
SECP256K1_API int generate_canonical_encrypted_zero(const secp256k1_context *ctx, secp256k1_pubkey *enc_zero_c1, secp256k1_pubkey *enc_zero_c2, const secp256k1_pubkey *pubkey, const unsigned char *account_id, const unsigned char *mpt_issuance_id)
Generates the canonical encrypted zero for a given MPT token instance.
Definition elgamal.c:211

secp256k1_mpt_scalar_mul
void secp256k1_mpt_scalar_mul(unsigned char *res, const unsigned char *a, const unsigned char *b)
Definition mpt_scalar.c:73

secp256k1_mpt_pok_sk_verify
int secp256k1_mpt_pok_sk_verify(const secp256k1_context *ctx, const unsigned char *proof, const secp256k1_pubkey *pk, const unsigned char *context_id)
Definition proof_pok_sk.c:135

secp256k1_bulletproof_prove_agg
int secp256k1_bulletproof_prove_agg(const secp256k1_context *ctx, unsigned char *proof_out, size_t *proof_len, const uint64_t *values, const unsigned char *blindings_flat, size_t m, const secp256k1_pubkey *pk_base, const unsigned char *context_id)
Definition bulletproof_aggregated.c:1114

secp256k1_mpt_prove_same_plaintext_multi
SECP256K1_API int secp256k1_mpt_prove_same_plaintext_multi(const secp256k1_context *ctx, unsigned char *proof_out, size_t *proof_len, uint64_t amount_m, size_t n_ciphertexts, const secp256k1_pubkey *R_array, const secp256k1_pubkey *S_array, const secp256k1_pubkey *Pk_array, const unsigned char *r_array, const unsigned char *tx_context_id)
Generates a proof that N ciphertexts encrypt the same secret amount 'm'.
Definition proof_same_plaintext_multi.c:135

secp256k1_elgamal_add
SECP256K1_API int secp256k1_elgamal_add(const secp256k1_context *ctx, secp256k1_pubkey *sum_c1, secp256k1_pubkey *sum_c2, const secp256k1_pubkey *a_c1, const secp256k1_pubkey *a_c2, const secp256k1_pubkey *b_c1, const secp256k1_pubkey *b_c2)
Homomorphically adds two ElGamal ciphertexts.
Definition elgamal.c:164

secp256k1_mpt_prove_same_plaintext
SECP256K1_API int secp256k1_mpt_prove_same_plaintext(const secp256k1_context *ctx, unsigned char *proof_out, const secp256k1_pubkey *R1, const secp256k1_pubkey *S1, const secp256k1_pubkey *P1, const secp256k1_pubkey *R2, const secp256k1_pubkey *S2, const secp256k1_pubkey *P2, uint64_t amount_m, const unsigned char *randomness_r1, const unsigned char *randomness_r2, const unsigned char *tx_context_id)
Generates a proof that two ciphertexts (under different keys) encrypt the same secret amount 'm'.
Definition proof_same_plaintext.c:117

secp256k1_elgamal_subtract
SECP256K1_API int secp256k1_elgamal_subtract(const secp256k1_context *ctx, secp256k1_pubkey *diff_c1, secp256k1_pubkey *diff_c2, const secp256k1_pubkey *a_c1, const secp256k1_pubkey *a_c2, const secp256k1_pubkey *b_c1, const secp256k1_pubkey *b_c2)
Homomorphically subtracts two ElGamal ciphertexts.
Definition elgamal.c:184

secp256k1_mpt_prove_equality_shared_r
int secp256k1_mpt_prove_equality_shared_r(const secp256k1_context *ctx, unsigned char *proof_out, uint64_t amount, const unsigned char *r_shared, size_t n, const secp256k1_pubkey *C1, const secp256k1_pubkey *C2_vec, const secp256k1_pubkey *Pk_vec, const unsigned char *context_id)
Definition proof_same_plaintext_multi_shared_r.c:123

secp256k1_mpt_scalar_reduce32
void secp256k1_mpt_scalar_reduce32(unsigned char out32[32], const unsigned char in32[32])
Definition mpt_scalar.c:106

secp256k1_elgamal_encrypt
SECP256K1_API int secp256k1_elgamal_encrypt(const secp256k1_context *ctx, secp256k1_pubkey *c1, secp256k1_pubkey *c2, const secp256k1_pubkey *pubkey_Q, uint64_t amount, const unsigned char *blinding_factor)
Encrypts a 64-bit amount using ElGamal.
Definition elgamal.c:79

secp256k1_mpt_verify_same_plaintext
SECP256K1_API int secp256k1_mpt_verify_same_plaintext(const secp256k1_context *ctx, const unsigned char *proof, const secp256k1_pubkey *R1, const secp256k1_pubkey *S1, const secp256k1_pubkey *P1, const secp256k1_pubkey *R2, const secp256k1_pubkey *S2, const secp256k1_pubkey *P2, const unsigned char *tx_context_id)
Verifies a proof that two ciphertexts encrypt the same secret amount.
Definition proof_same_plaintext.c:201

secp256k1_mpt_scalar_add
void secp256k1_mpt_scalar_add(unsigned char *res, const unsigned char *a, const unsigned char *b)
Definition mpt_scalar.c:60

secp256k1_equality_plaintext_verify
SECP256K1_API int secp256k1_equality_plaintext_verify(const secp256k1_context *ctx, const unsigned char *proof, const secp256k1_pubkey *c1, const secp256k1_pubkey *c2, const secp256k1_pubkey *pk_recipient, uint64_t amount, const unsigned char *tx_context_id)
Verifies a proof of knowledge of plaintext and randomness.
Definition equality_proof.c:181

secp256k1_elgamal_pedersen_link_prove
int secp256k1_elgamal_pedersen_link_prove(const secp256k1_context *ctx, unsigned char *proof, const secp256k1_pubkey *c1, const secp256k1_pubkey *c2, const secp256k1_pubkey *pk, const secp256k1_pubkey *pcm, uint64_t amount, const unsigned char *r, const unsigned char *rho, const unsigned char *context_id)
Proves the link between an ElGamal ciphertext and a Pedersen commitment.
Definition proof_link.c:108

secp256k1_bulletproof_prove
int secp256k1_bulletproof_prove(const secp256k1_context *ctx, unsigned char *proof_out, size_t *proof_len, uint64_t value, const unsigned char *blinding_factor, const secp256k1_pubkey *pk_base, const unsigned char *context_id, unsigned int proof_type)

secp256k1_mpt_verify_equality_shared_r
int secp256k1_mpt_verify_equality_shared_r(const secp256k1_context *ctx, const unsigned char *proof, size_t n, const secp256k1_pubkey *C1, const secp256k1_pubkey *C2_vec, const secp256k1_pubkey *Pk_vec, const unsigned char *context_id)
Definition proof_same_plaintext_multi_shared_r.c:234

secp256k1_elgamal_pedersen_link_verify
int secp256k1_elgamal_pedersen_link_verify(const secp256k1_context *ctx, const unsigned char *proof, const secp256k1_pubkey *c1, const secp256k1_pubkey *c2, const secp256k1_pubkey *pk, const secp256k1_pubkey *pcm, const unsigned char *context_id)
Verifies the link proof between ElGamal and Pedersen commitments.
Definition proof_link.c:212

secp256k1_mpt_scalar_inverse
void secp256k1_mpt_scalar_inverse(unsigned char *res, const unsigned char *in)
Definition mpt_scalar.c:86

secp256k1_bulletproof_create_commitment
SECP256K1_API int secp256k1_bulletproof_create_commitment(const secp256k1_context *ctx, secp256k1_pubkey *commitment_C, uint64_t value, const unsigned char *blinding_factor, const secp256k1_pubkey *pk_base)
Computes a Pedersen Commitment: C = value*G + blinding_factor*Pk_base.
Definition bulletproof_aggregated.c:1061