feat(owners): blind owners in dbccontent

maidsafe · May 28, 2021 · f63454b · f63454b
1 parent ea90500
commit f63454b
Show file tree

Hide file tree

Showing 5 changed files with 156 additions and 98 deletions.
diff --git a/src/dbc.rs b/src/dbc.rs
@@ -85,12 +85,12 @@ mod tests {
 
         let outputs =
             HashSet::from_iter(divide(dbc.amount(), n_ways).enumerate().map(|(i, amount)| {
-                DbcContent {
-                    parents: input_hashes.clone(),
+                DbcContent::new(
+                    input_hashes.clone(),
                     amount,
-                    output_number: i as u8,
-                    owner: output_owner.clone(),
-                }
+                    i as u8,
+                    output_owner.public_key(),
+                )
             }));
 
         let transaction = MintTransaction { inputs, outputs };
@@ -106,18 +106,21 @@ mod tests {
 
         MintRequest {
             transaction,
-            input_ownership_proofs: HashMap::from_iter(vec![(dbc.name(), sig)]),
+            input_ownership_proofs: HashMap::from_iter(vec![(
+                dbc.name(),
+                (dbc_owner.public_key_set.public_key(), sig),
+            )]),
         }
     }
 
     #[test]
     fn test_dbc_without_inputs_is_invalid() {
-        let input_content = DbcContent {
-            parents: Default::default(),
-            amount: 100,
-            output_number: 0,
-            owner: crate::bls_dkg_id().public_key_set,
-        };
+        let input_content = DbcContent::new(
+            Default::default(),
+            100,
+            0,
+            crate::bls_dkg_id().public_key_set.public_key(),
+        );
 
         let input_content_hashes = BTreeSet::from_iter(vec![input_content.hash()]);
 
@@ -181,30 +184,30 @@ mod tests {
 
         let input_hashes = BTreeSet::from_iter(inputs.iter().map(|in_dbc| in_dbc.name()));
 
-        let content = DbcContent {
-            parents: input_hashes.clone(),
+        let content = DbcContent::new(
+            input_hashes.clone(),
             amount,
-            output_number: 0,
-            owner: crate::bls_dkg_id().public_key_set,
-        };
+            0,
+            crate::bls_dkg_id().public_key_set.public_key(),
+        );
         let outputs = HashSet::from_iter(vec![content]);
 
         let transaction = MintTransaction { inputs, outputs };
         let sig_share = input_owner
             .secret_key_share
             .sign(&transaction.blinded().hash());
 
-        let sig = input_owner
-            .public_key_set
+        let input_owner_key_set = input_owner.public_key_set;
+        let sig = input_owner_key_set
             .combine_signatures(vec![(0, &sig_share)])
             .unwrap();
 
-        let input_ownership_proofs = HashMap::from_iter(
-            transaction
-                .inputs
-                .iter()
-                .map(|input| (input.name(), sig.clone())),
-        );
+        let input_ownership_proofs = HashMap::from_iter(transaction.inputs.iter().map(|input| {
+            (
+                input.name(),
+                (input_owner_key_set.public_key(), sig.clone()),
+            )
+        }));
 
         let mint_request = MintRequest {
             transaction,
@@ -228,12 +231,12 @@ mod tests {
                 ),
         );
 
-        let fuzzed_content = DbcContent {
-            parents: fuzzed_parents,
-            amount: amount + extra_output_amount.coerce::<u64>(),
-            output_number: 0,
-            owner: crate::bls_dkg_id().public_key_set,
-        };
+        let fuzzed_content = DbcContent::new(
+            fuzzed_parents,
+            amount + extra_output_amount.coerce::<u64>(),
+            0,
+            crate::bls_dkg_id().public_key_set.public_key(),
+        );
 
         let mut fuzzed_transaction_sigs = BTreeMap::new();
 

diff --git a/src/dbc_content.rs b/src/dbc_content.rs
@@ -8,17 +8,43 @@
 use std::collections::BTreeSet;
 
 use serde::{Deserialize, Serialize};
-use threshold_crypto::PublicKeySet;
+use threshold_crypto::PublicKey;
 use tiny_keccak::{Hasher, Sha3};
 
-use crate::{DbcContentHash, Hash};
+use crate::{DbcContentHash, Error, Hash};
+
+#[derive(Debug, PartialEq, Eq, Hash, Clone, Serialize, Deserialize)]
+pub struct BlindedOwner(Hash);
+
+impl BlindedOwner {
+    pub fn new(
+        owner: &PublicKey,
+        parents: &BTreeSet<DbcContentHash>,
+        amount: u64,
+        output_number: u8,
+    ) -> Self {
+        let mut sha3 = Sha3::v256();
+
+        for parent in parents.iter() {
+            sha3.update(parent);
+        }
+
+        sha3.update(&amount.to_be_bytes());
+        sha3.update(&output_number.to_be_bytes());
+        sha3.update(&owner.to_bytes());
+
+        let mut hash = [0; 32];
+        sha3.finalize(&mut hash);
+        Self(Hash(hash))
+    }
+}
 
 #[derive(Debug, PartialEq, Eq, Hash, Clone, Serialize, Deserialize)]
 pub struct DbcContent {
     pub parents: BTreeSet<DbcContentHash>, // Parent DBC's, acts as a nonce
     pub amount: u64,
     pub output_number: u8,
-    pub owner: PublicKeySet, // TAI: should this be threshold_crypto::PublicKey? (PublicKeySet::public_key())
+    pub owner: BlindedOwner,
 }
 
 impl DbcContent {
@@ -27,12 +53,9 @@ impl DbcContent {
         parents: BTreeSet<DbcContentHash>,
         amount: u64,
         output_number: u8,
-        owner: PublicKeySet,
+        owner_key: PublicKey,
     ) -> Self {
-        // let mut owner = owner;
-        // for _ in 0..amount % 1000 {
-        //     owner = sha3_256(&owner); // owner not visible to mint, until out_dbc is minted.
-        // }
+        let owner = BlindedOwner::new(&owner_key, &parents, amount, output_number);
         DbcContent {
             parents,
             amount,
@@ -41,10 +64,16 @@ impl DbcContent {
         }
     }
 
-    pub fn hash(&self) -> DbcContentHash {
-        // let data = serde_json::to_string(&self)?; // use the sha3 256 of the json string repr for x platform use
-        // Ok(sha3_256(data.as_ref()))
+    pub fn validate_unblinding(&self, owner_key: &PublicKey) -> Result<(), Error> {
+        let blinded = BlindedOwner::new(owner_key, &self.parents, self.amount, self.output_number);
+        if blinded == self.owner {
+            Ok(())
+        } else {
+            Err(Error::FailedUnblinding)
+        }
+    }
 
+    pub fn hash(&self) -> DbcContentHash {
         let mut sha3 = Sha3::v256();
 
         for parent in self.parents.iter() {
@@ -53,6 +82,7 @@ impl DbcContent {
 
         sha3.update(&self.amount.to_be_bytes());
         sha3.update(&self.output_number.to_be_bytes());
+        sha3.update(&self.owner.0);
 
         let mut hash = [0; 32];
         sha3.finalize(&mut hash);

diff --git a/src/error.rs b/src/error.rs
@@ -36,6 +36,8 @@ pub enum Error {
     DbcMintRequestDoesNotBalance { input: u64, output: u64 },
     #[error("Outputs must be numbered 0..N where N = # of outputs")]
     OutputsAreNotNumberedCorrectly,
+    #[error("Failed to unblind an input DBC")]
+    FailedUnblinding,
     #[error("DBC already spent in transaction: {transaction:?}")]
     DbcAlreadySpent {
         transaction: crate::DbcTransaction,

diff --git a/src/lib.rs b/src/lib.rs
@@ -24,7 +24,7 @@ mod mint;
 
 pub use crate::{
     dbc::Dbc,
-    dbc_content::DbcContent,
+    dbc_content::{BlindedOwner, DbcContent},
     dbc_transaction::DbcTransaction,
     error::{Error, Result},
     key_manager::{ChainNode, KeyCache, KeyManager, PublicKey, Signature},