ProverUtils
Related Doc:
package interpreter
The cost of Value[T] deserialization is O(n), where n is the length of its bytes array.
The cost of Value[T] deserialization is O(n), where n is the length of its bytes array. To evaluate DeserializeContext and sigmastate.utxo.DeserializeRegister we add the following cost of deserialization for each byte.
The cost of substituting DeserializeContext and sigmastate.utxo.DeserializeRegister nodes with the deserialized expression is O(n), where n is the number of bytes in ErgoTree.
The cost of substituting DeserializeContext and sigmastate.utxo.DeserializeRegister nodes with the deserialized expression is O(n), where n is the number of bytes in ErgoTree. The following is the cost added for each ErgoTree.bytes.
Adds the cost to verify sigma protocol proposition.
Adds the cost to verify sigma protocol proposition. This is AOT part of JITC-based interpreter, it predicts the cost of crypto verification, which is asymptotically much faster and protects from spam scripts.
result of JIT-based reduction
total cost limit to check and raise exception if exceeded
computed jitRes.cost + crypto verification cost
A method which is extracting partial proofs of secret knowledge for particular secrets with their respective public images given.
A method which is extracting partial proofs of secret knowledge for particular secrets with their respective public images given. Useful for distributed signature applications.
See DistributedSigSpecification for examples of usage.
- context used to reduce the proposition
- public key (in form of a sigma-tree)
- signature for the key
- public keys of secrets with real proofs
- public keys of secrets with simulated proofs
- bag of OtherSecretProven and OtherCommitment hints
A method which is extracting partial proofs of secret knowledge for particular secrets with their respective public images given.
A method which is extracting partial proofs of secret knowledge for particular secrets with their respective public images given. Useful for distributed signature applications.
See DistributedSigSpecification for examples of usage.
- context used to reduce the proposition
- proposition to reduce
- proof for reduced proposition
- public keys of secrets with real proofs
- public keys of secrets with simulated proofs
- bag of OtherSecretProven and OtherCommitment hints
Checks the possible soft-fork condition.
Checks the possible soft-fork condition.
contract which needs to be executed
evaluation context to use for detecting soft-fork condition
None, if no soft-fork has been detected and ErgoTree execution can proceed normally
Some(true -> context.initCost), if soft-fork has been detected, but we
cannot proceed with ErgoTree, however can accept relying on 90% of upgraded
nodes (due to activation has already been done).
InterpreterException when cannot proceed and no activation yet.
Deserializes given script bytes using ValueSerializer (i.e.
Deserializes given script bytes using ValueSerializer (i.e. assuming expression tree format).
It also measures tree complexity adding to the total estimated cost of script execution.
The new returned context contains increased initCost and should be used for further processing.
The method SHOULD be called only inside trySoftForkable scope, to make deserialization soft-forkable.
NOTE: While ErgoTree is always of type SigmaProp, ValueSerializer can serialize expression of any type. So it cannot be replaced with ErgoTreeSerializer here.
Evaluation settings used by ErgoTreeEvaluator which is used by this interpreter to perform fullReduction.
Evaluation settings used by ErgoTreeEvaluator which is used by this interpreter to perform fullReduction.
Full reduction of contract proposition given in the ErgoTree form to a SigmaBoolean value which encodes either a sigma-protocol proposition or a boolean (true or false) value.
Full reduction of contract proposition given in the ErgoTree form to a SigmaBoolean value which encodes either a sigma-protocol proposition or a boolean (true or false) value. See other overload for details.
Full reduction of contract proposition given in the ErgoTree form to a SigmaBoolean value which encodes either a sigma-protocol proposition or a boolean (true or false) value.
Full reduction of contract proposition given in the ErgoTree form to a SigmaBoolean value which encodes either a sigma-protocol proposition or a boolean (true or false) value.
Works as follows: 1) parse ErgoTree instance into a typed AST 2) go bottom-up the tree to replace DeserializeContext nodes only 3) estimate cost and reduce the AST to a SigmaBoolean instance (either sigma-tree or trivial boolean value)
input ErgoTree expression to reduce
context used in reduction
script environment
reduction result as a pair of sigma boolean and the accumulated cost counter after reduction
A method which is is generating commitments for all the public keys provided.
A method which is is generating commitments for all the public keys provided.
Currently only keys in form of ProveDlog and ProveDiffieHellman are supported, not more complex subtrees.
- crypto-tree
- public keys for which commitments should be generated
generated commitments (private, containing secret randomness, and public, containing only commitments)
Generate commitments for a given ergoTree (mixed-tree) and public keys.
Generate commitments for a given ergoTree (mixed-tree) and public keys.
First, the given tree is to be reduced to crypto-tree (sigma-tree) by using context provided.
Logs the given message string.
Logs the given message string. Can be overridden in the derived interpreter classes to redefine the default behavior.
Extracts proposition for ErgoTree handing soft-fork condition.
Extracts proposition for ErgoTree handing soft-fork condition.
soft-fork handler
This method uses the new JIT costing with direct ErgoTree execution.
This method uses the new JIT costing with direct ErgoTree execution. It is used in
both prover and verifier to compute SigmaProp value.
As the first step the cost of computing the exp expression in the given context is
estimated.
If cost is above limit then exception is returned and exp is not executed
else exp is computed in the given context and the resulting SigmaBoolean returned.
the context in which exp should be executed
environment of system variables used by the interpreter internally
expression to be executed in the given context
result of script reduction
ReductionResult
call back to setup new context (with updated cost limit) to be passed next time
Executes the script in a given context.
Executes the script in a given context.
Step 1: Deserialize context variables
Step 2: Evaluate expression and produce SigmaProp value, which is zero-knowledge
statement (see also SigmaBoolean).
Step 3: Verify that the proof is presented to satisfy SigmaProp conditions.
NOTE, ergoTree.complexity is not added to the cost when v5.0 is activated
environment of system variables used by the interpreter internally
ErgoTree expression to execute in the given context and verify its result
the context in which exp should be executed
The proof of knowledge of the secrets which is expected by the resulting SigmaProp
message bytes, which are used in verification of the proof
verification result or Exception.
If if the estimated cost of execution of the exp exceeds the limit (given
in context), then exception if thrown and packed in Try.
If the first component is false, then:
1) script executed to false or
2) the given proof failed to validate resulting SigmaProp conditions.
reduceToCrypto
Verify a signature on given (arbitrary) message for a given public key.
Verify a signature on given (arbitrary) message for a given public key.
public key (represented as a tree)
message
signature for the message
optional evaluator (can be null) which is used for profiling of operations.
When E is null, then profiling is turned-off and has no effect on
the execution.
whether signature is valid or not