org.ergoplatform.wallet.interpreter
- secrets used by the prover
- ergo network parameters at the moment of proving
- optionally, public keys corresponding to the BIP32-related secrets (to not to recompute them)
Activated script version, 0 is for Ergo mainnet since block #1 until 417,792, 1 for Ergo mainnet since 417,792, etc.
Activated script version, 0 is for Ergo mainnet since block #1 until 417,792, 1 for Ergo mainnet since 417,792, etc. Note: version N of ErgoProtocol corresponds to version N-1 of ErgoTree (aka script version)
Extract hints from (supposedly, partially) signed transaction.
Extract hints from (supposedly, partially) signed transaction. Useful for distributed signing.
- signed transaction
- input boxes the transaction are spending
- read-only inputs of the transaction
- context used for signing
- public images of secrets used in signing
- public images of simulated secrets
hints for (further) transaction signing
- optionally, public keys corresponding to the BIP32-related secrets (to not to recompute them)
Checks that expired box is spent in a proper way
Checks that expired box is spent in a proper way
- box being spent
- newly created box when storage fee covered, otherwise any output box
- current height of the blockchain (at the moment of spending)
whether the box is spent properly according to the storage fee rule
A method which is generating commitments to randomness.
A method which is generating commitments to randomness. A commitment is about a first step of a zero-knowledge proof-of-knowledge knowledge protocol.
Method checks whether secret is known to the prover, and returns None if the secret is not known.
- transaction to be signed with commitments to be generated first
- boxes the transaction is spending
- read-only inputs of the transaction
- context used for signing
- hints for signing transaction
Only secrets corresponding to hierarchical deterministic scheme (BIP-32 impl)
Only public keys corresponding to hierarchical deterministic scheme (BIP-32 impl)
- secrets used by the prover
Interpreter's secrets, in form of sigma protocols private inputs
Interpreter's secrets, in form of sigma protocols private inputs
requires unsignedTx
and boxesToSpend
have the same boxIds in the same order.
Checks that given exp evaluates to true
.
Checks that given exp evaluates to true
.
- environment to use during expression evaluation
- expression to check
- expression evaluation context
- cryptographic proof
- message
Produces updated instance of ErgoProvingInterpreter with a new secret included
Produces updated instance of ErgoProvingInterpreter with a new secret included
- new secret to add
modified prover
Produces updated instance of ErgoProvingInterpreter with updated parameters
Produces updated instance of ErgoProvingInterpreter with updated parameters
- updated parameters
modified prover
A class which is holding secrets and signing transactions. Signing a transaction means producing spending proofs for all of the input boxes of the transaction.
This interpreter also acts as a wallet, in the sense that it is a vault holding user's secrets.
There are two basic types of secrets, hierarchical deterministic keys corresponding to BIP-32 implementation, and also "primitive" keys, such as just secret exponent for a Schnorr signature scheme done in Ergo.
It is considered that there could be very many hierarchical deterministic keys (for example, if we are talking about an exchange there could be thousands of them), and not so many primitive keys. Optimizations are centered around this assumption.