LBRYCommunity/bitcoinjs-lib
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

tests: improved readability for stealth address code

Browse source
This commit is contained in:
Daniel Cousens 2016-08-17 13:06:31 +10:00
parent da6aea4039
commit e74b882e54
1 changed files with 51 additions and 26 deletions

77
test/integration/stealth.js
View file

@ -6,42 +6,67 @@ var bitcoin = require('../../')
var ecurve = require('ecurve') var ecurve = require('ecurve')
var secp256k1 = ecurve.getCurveByName('secp256k1') var secp256k1 = ecurve.getCurveByName('secp256k1')
var G = secp256k1.G
var n = secp256k1.n
// c = sha256: e * (d * G)
// cQ = (d * G) + (c * G)
function stealthSend (e, Q) {
var eQ = Q.multiply(e) // shared secret
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
var cG = G.multiply(c)
var cQ = new bitcoin.ECPair(null, Q.add(cG))
return cQ
}
// c = sha256: d * (e * G)
// cQ = (d + c) * G
function stealthReceive (d, eG) {
var eQ = eG.multiply(d) // shared secret
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
var cQ = new bitcoin.ECPair(d.add(c).mod(n))
return cQ
}
describe('bitcoinjs-lib (crypto)', function () { describe('bitcoinjs-lib (crypto)', function () {
it('can generate a single-key stealth address', function () { it('can generate a single-key stealth address', function () {
var G = secp256k1.G // XXX: should be randomly generated, see next test for example
var n = secp256k1.n var recipient = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss') // private to recipient
var nonce = bitcoin.ECPair.fromWIF('KxVqB96pxbw1pokzQrZkQbLfVBjjHFfp2mFfEp8wuEyGenLFJhM9') // private to sender
function stealthSend (Q) { // ... recipient reveals public key (recipient.Q) to sender
var noncePair = bitcoin.ECPair.makeRandom() var forSender = stealthSend(nonce.d, recipient.Q)
var e = noncePair.d assert.equal(forSender.getAddress(), '1CcZWwCpACJL3AxqoDbwEt4JgDFuTHUspE')
var eQ = Q.multiply(e) // shared secret assert.throws(function () { forSender.toWIF() }, /Error: Missing private key/)
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
var cG = G.multiply(c)
var Qprime = Q.add(cG)
return { // ... sender reveals nonce public key (nonce.Q) to recipient
shared: new bitcoin.ECPair(null, Qprime), var forRecipient = stealthReceive(recipient.d, nonce.Q)
nonce: noncePair.Q assert.equal(forRecipient.getAddress(), '1CcZWwCpACJL3AxqoDbwEt4JgDFuTHUspE')
} assert.equal(forRecipient.toWIF(), 'L1yjUN3oYyCXV3LcsBrmxCNTa62bZKWCybxVJMvqjMmmfDE8yk7n')
}
function stealthReceive (d, P) { // sender and recipient, both derived same address
var dP = P.multiply(d) // shared secret assert.equal(forSender.getAddress(), forRecipient.getAddress())
var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded())) })
return new bitcoin.ECPair(d.add(c).mod(n))
}
// receiver private key it('can generate a single-key stealth address (randomly)', function () {
var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss') var recipient = bitcoin.ECPair.makeRandom() // private to recipient
var nonce = bitcoin.ECPair.makeRandom() // private to sender
var stealthS = stealthSend(receiver.Q) // public, done by sender // ... recipient reveals public key (recipient.Q) to sender
// ... sender now reveals nonce to receiver var forSender = stealthSend(nonce.d, recipient.Q)
assert.throws(function () { forSender.toWIF() }, /Error: Missing private key/)
var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver // ... sender reveals nonce public key (nonce.Q) to recipient
var forRecipient = stealthReceive(recipient.d, nonce.Q)
assert.doesNotThrow(function () { forRecipient.toWIF() })
// and check that we derived both sides correctly // sender and recipient, both derived same address
assert.equal(stealthS.shared.getAddress(), stealthR.getAddress()) assert.equal(forSender.getAddress(), forRecipient.getAddress())
}) })
// TODO // TODO