UNPKG

@covenance/dlc

Version:

Crypto and Bitcoin functions for Covenance DLC implementation

75 lines 3.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.commitToEvent = commitToEvent; exports.attestEventOutcome = attestEventOutcome; exports.extractOraclePrivKey = extractOraclePrivKey; const secp256k1_1 = require("./secp256k1"); const utils_1 = require("../utils"); const general_1 = require("./general"); /** * Oracle function to create a commitment for an event in the future. * @param eventOutcomeHashes - Array of event outcome hashes for each potential event outcome * @param oraclePubKey - Oracle's public key * @returns Object containing array of event signature points and event nonce */ async function commitToEvent(eventOutcomeHashes, oraclePubKey) { // Generate random nonce const nonce = secp256k1_1.utils.randomPrivateKey(); const nonceBigInt = BigInt('0x' + (0, utils_1.bytesToHex)(nonce)); // Compute R = kG const R = secp256k1_1.Point.fromPrivateKey(nonce); // Compute signature points for each outcome const signaturePoints = await Promise.all(eventOutcomeHashes.map(async (m_i) => { // Compute H(R||V||m_i) const hashInput = new Uint8Array([ ...R.toRawBytes(true).slice(1), ...oraclePubKey.toRawBytes(true).slice(1), ...m_i ]); const hash = await (0, utils_1.sha256)(hashInput); const e = (0, general_1.mod)(BigInt('0x' + (0, utils_1.bytesToHex)(hash)), secp256k1_1.CURVE.n); // Compute S_i = R + H(R||V||m_i)V return R.add(oraclePubKey.multiply(e)); })); return { signaturePoints, nonce: nonceBigInt }; } /** * Oracle function to attest to an event outcome. * @param oraclePrivKey - Oracle's private key * @param nonce - Event nonce * @param eventOutcomeHash - Hash of the event outcome * @returns Oracle's signature for the event outcome */ async function attestEventOutcome(oraclePrivKey, nonce, eventOutcomeHash) { // Compute R = kG const nonceBytes = new Uint8Array(32); const nonceHex = nonce.toString(16).padStart(64, '0'); for (let i = 0; i < 32; i++) { nonceBytes[i] = parseInt(nonceHex.slice(i * 2, i * 2 + 2), 16); } const R = secp256k1_1.Point.fromPrivateKey(nonceBytes); // Get oracle's public key const V = secp256k1_1.Point.fromPrivateKey(oraclePrivKey); // Compute H(R||V||m_i) const hashInput = new Uint8Array([ ...R.toRawBytes(true).slice(1), ...V.toRawBytes(true).slice(1), ...eventOutcomeHash ]); const hash = await (0, utils_1.sha256)(hashInput); const e = (0, general_1.mod)(BigInt('0x' + (0, utils_1.bytesToHex)(hash)), secp256k1_1.CURVE.n); // Compute s_i = k + H(R||V||m_i)v const v = BigInt('0x' + (0, utils_1.bytesToHex)(oraclePrivKey)); const s_i = (0, general_1.mod)(nonce + e * v, secp256k1_1.CURVE.n); return { R, s: s_i }; } /** * Function to extract the oracle's private key from two oracle outcome attestations. * This is to keep the oracle from cheating. */ /* c8 ignore start */ function extractOraclePrivKey() { throw new Error('Not implemented'); } /* c8 ignore stop */ //# sourceMappingURL=oracle.js.map