fcmp++: proof len from inputs *AND merkle tree depth

j-berman · Aug 14, 2024 · 47d47bd · 47d47bd
1 parent ee19361
commit 47d47bd
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 7 deletions.
diff --git a/src/cryptonote_basic/cryptonote_boost_serialization.h b/src/cryptonote_basic/cryptonote_boost_serialization.h
@@ -357,7 +357,10 @@ namespace boost
     if (ver >= 1u)
       a & x.CLSAGs;
     if (ver >= 3u)
+    {
+      a & x.curve_trees_tree_depth;
       a & x.fcmp_pp;
+    }
     if (x.rangeSigs.empty())
       a & x.pseudoOuts;
   }
@@ -391,7 +394,10 @@ namespace boost
     if (ver >= 1u)
       a & x.p.CLSAGs;
     if (ver >= 3u)
+    {
+      a & x.p.curve_trees_tree_depth;
       a & x.p.fcmp_pp;
+    }
     if (x.type == rct::RCTTypeBulletproof || x.type == rct::RCTTypeBulletproof2 || x.type == rct::RCTTypeCLSAG || x.type == rct::RCTTypeBulletproofPlus || x.type == rct::RCTTypeFcmpPlusPlus)
       a & x.p.pseudoOuts;
   }

diff --git a/src/fcmp_pp/proof.h b/src/fcmp_pp/proof.h
@@ -36,10 +36,11 @@ namespace fcmp_pp
 // Byte buffer containing the fcmp++ proof
 using FcmpPpProof = std::vector<uint8_t>;
 
-static inline std::size_t proof_len(const std::size_t n_inputs)
+static inline std::size_t proof_len(const std::size_t n_inputs, const uint8_t curve_trees_tree_depth)
 {
     // TODO: implement
-    return n_inputs * 4;
+    static_assert(sizeof(std::size_t) >= sizeof(uint8_t), "unexpected size of size_t");
+    return n_inputs * (std::size_t)curve_trees_tree_depth * 2;
 };
 
 }//namespace fcmp_pp
diff --git a/src/ringct/rctTypes.h b/src/ringct/rctTypes.h
@@ -426,6 +426,7 @@ namespace rct {
         std::vector<mgSig> MGs; // simple rct has N, full has 1
         std::vector<clsag> CLSAGs;
         keyV pseudoOuts; //C - for simple rct
+        uint8_t curve_trees_tree_depth; // for fcmp++
         fcmp_pp::FcmpPpProof fcmp_pp;
 
         // when changing this function, update cryptonote::get_pruned_transaction_weight
@@ -501,9 +502,10 @@ namespace rct {
 
           if (type == RCTTypeFcmpPlusPlus)
           {
+            FIELD(curve_trees_tree_depth)
             ar.tag("fcmp_pp");
             ar.begin_object();
-            const std::size_t proof_len = fcmp_pp::proof_len(inputs);
+            const std::size_t proof_len = fcmp_pp::proof_len(inputs, curve_trees_tree_depth);
             if (!typename Archive<W>::is_saving())
               fcmp_pp.resize(proof_len);
             if (fcmp_pp.size() != proof_len)
@@ -628,6 +630,7 @@ namespace rct {
           FIELD(bulletproofs_plus)
           FIELD(MGs)
           FIELD(CLSAGs)
+          FIELD(curve_trees_tree_depth)
           FIELD(fcmp_pp)
           FIELD(pseudoOuts)
         END_SERIALIZE()

diff --git a/tests/unit_tests/serialization.cpp b/tests/unit_tests/serialization.cpp
@@ -1311,8 +1311,11 @@ TEST(Serialization, tx_fcmp_pp)
 
   const std::size_t n_inputs = 2;
   const std::size_t n_outputs = 3;
+  const uint8_t curve_trees_tree_depth = 3;
 
-  const auto make_dummy_fcmp_pp_tx = []() -> transaction
+  const std::size_t proof_len = fcmp_pp::proof_len(n_inputs, curve_trees_tree_depth);
+
+  const auto make_dummy_fcmp_pp_tx = [curve_trees_tree_depth, proof_len]() -> transaction
   {
     transaction tx;
 
@@ -1369,9 +1372,11 @@ TEST(Serialization, tx_fcmp_pp)
     const crypto::hash referenceBlock{0x01};
     tx.rct_signatures.referenceBlock = referenceBlock;
 
+    // Set the curve trees merkle tree depth
+    tx.rct_signatures.p.curve_trees_tree_depth = curve_trees_tree_depth;
+
     // 1 fcmp++ proof
     fcmp_pp::FcmpPpProof fcmp_pp;
-    const std::size_t proof_len = fcmp_pp::proof_len(n_inputs);
     fcmp_pp.reserve(proof_len);
     for (std::size_t i = 0; i < proof_len; ++i)
       fcmp_pp.push_back(i);
@@ -1399,7 +1404,7 @@ TEST(Serialization, tx_fcmp_pp)
     transaction tx = make_dummy_fcmp_pp_tx();
 
     // Extend fcmp++ proof
-    ASSERT_TRUE(tx.rct_signatures.p.fcmp_pp.size() == fcmp_pp::proof_len(n_inputs));
+    ASSERT_TRUE(tx.rct_signatures.p.fcmp_pp.size() == proof_len);
     tx.rct_signatures.p.fcmp_pp.push_back(0x01);
 
     string blob;
@@ -1411,7 +1416,7 @@ TEST(Serialization, tx_fcmp_pp)
     transaction tx = make_dummy_fcmp_pp_tx();
 
     // Shorten the fcmp++ proof
-    ASSERT_TRUE(tx.rct_signatures.p.fcmp_pp.size() == fcmp_pp::proof_len(n_inputs));
+    ASSERT_TRUE(tx.rct_signatures.p.fcmp_pp.size() == proof_len);
     ASSERT_TRUE(tx.rct_signatures.p.fcmp_pp.size() > 1);
     tx.rct_signatures.p.fcmp_pp.pop_back();