2016-12-14 01:59:48 +03:00
|
|
|
package shachain
|
|
|
|
|
|
|
|
import (
|
2017-02-23 06:13:56 +03:00
|
|
|
"io"
|
|
|
|
|
2016-12-14 01:59:48 +03:00
|
|
|
"github.com/roasbeef/btcd/chaincfg/chainhash"
|
|
|
|
)
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// Producer is an interface which serves as an abstraction over the data
|
|
|
|
// structure responsible for efficiently generating the secrets for a
|
|
|
|
// particular index based on a root seed. The generation of secrets should be
|
|
|
|
// made in such way that secret store might efficiently store and retrieve the
|
|
|
|
// secrets. This is typically implemented as a tree-based PRF.
|
2016-12-14 01:59:48 +03:00
|
|
|
type Producer interface {
|
2017-02-23 06:13:56 +03:00
|
|
|
// AtIndex produces a secret by evaluating using the initial seed and a
|
|
|
|
// particular index.
|
2016-12-14 01:59:48 +03:00
|
|
|
AtIndex(uint64) (*chainhash.Hash, error)
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// Encode writes a binary serialization of the Producer implementation
|
|
|
|
// to the passed io.Writer.
|
|
|
|
Encode(io.Writer) error
|
2016-12-14 01:59:48 +03:00
|
|
|
}
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// RevocationProducer is an implementation of Producer interface using the
|
|
|
|
// shachain PRF construct. Starting with a single 32-byte element generated
|
|
|
|
// from a CSPRNG, shachain is able to efficiently generate a nearly unbounded
|
|
|
|
// number of secrets while maintaining a constant amount of storage. The
|
|
|
|
// original description of shachain can be found here:
|
2016-12-14 01:59:48 +03:00
|
|
|
// https://github.com/rustyrussell/ccan/blob/master/ccan/crypto/shachain/design.txt
|
2017-02-23 06:13:56 +03:00
|
|
|
// with supplementary material here:
|
|
|
|
// https://github.com/lightningnetwork/lightning-rfc/blob/master/03-transactions.md#per-commitment-secret-requirements
|
2016-12-14 01:59:48 +03:00
|
|
|
type RevocationProducer struct {
|
|
|
|
// root is the element from which we may generate all hashes which
|
|
|
|
// corresponds to the index domain [281474976710655,0].
|
|
|
|
root *element
|
|
|
|
}
|
|
|
|
|
|
|
|
// A compile time check to ensure RevocationProducer implements the Producer
|
|
|
|
// interface.
|
|
|
|
var _ Producer = (*RevocationProducer)(nil)
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// NewRevocationProducer creates new instance of shachain producer.
|
|
|
|
func NewRevocationProducer(root chainhash.Hash) *RevocationProducer {
|
2016-12-14 01:59:48 +03:00
|
|
|
return &RevocationProducer{
|
|
|
|
root: &element{
|
|
|
|
index: rootIndex,
|
2017-02-23 06:13:56 +03:00
|
|
|
hash: root,
|
2016-12-14 01:59:48 +03:00
|
|
|
}}
|
|
|
|
}
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// NewRevocationProducerFromBytes deserializes an instance of a
|
|
|
|
// RevocationProducer encoded in the passed byte slice, returning a fully
|
|
|
|
// initialized instance of a RevocationProducer.
|
2016-12-14 01:59:48 +03:00
|
|
|
func NewRevocationProducerFromBytes(data []byte) (*RevocationProducer, error) {
|
|
|
|
root, err := chainhash.NewHash(data)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return &RevocationProducer{
|
|
|
|
root: &element{
|
|
|
|
index: rootIndex,
|
|
|
|
hash: *root,
|
|
|
|
},
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// AtIndex produces a secret by evaluating using the initial seed and a
|
|
|
|
// particular index.
|
|
|
|
//
|
2016-12-14 01:59:48 +03:00
|
|
|
// NOTE: Part of the Producer interface.
|
|
|
|
func (p *RevocationProducer) AtIndex(v uint64) (*chainhash.Hash, error) {
|
|
|
|
ind := newIndex(v)
|
|
|
|
|
|
|
|
element, err := p.root.derive(ind)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return &element.hash, nil
|
|
|
|
}
|
|
|
|
|
2017-02-23 06:13:56 +03:00
|
|
|
// Encode writes a binary serialization of the Producer implementation to the
|
|
|
|
// passed io.Writer.
|
|
|
|
//
|
2016-12-14 01:59:48 +03:00
|
|
|
// NOTE: Part of the Producer interface.
|
2017-02-23 06:13:56 +03:00
|
|
|
func (p *RevocationProducer) Encode(w io.Writer) error {
|
|
|
|
if _, err := w.Write(p.root.hash[:]); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
2016-12-14 01:59:48 +03:00
|
|
|
}
|