-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathPOC.lua
85 lines (71 loc) · 2.28 KB
/
POC.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
-- Issuer's keyring hardcoded 0x0 seed
A = {sk = BIG.new(sha256(OCTET.zero(32)))}
A.pk = G2*A.sk
-- Holder sends claims to issuer and proves them
CLAIMS = {
name = "Pasqualino",
surname = "Frafuso",
nickname = "Settebellezze",
born_in = "Napoli",
gender = "male",
above_18 = 'true',
nationality = "italian"
}
SIGNED_CLAIMS, REVOCATIONS = issuer_sign_kv(A.sk, CLAIMS)
local TOREVOKE = {
'HolderID/born_in=Napoli',
'HolderID/gender=male',
'HolderID/nationality=italian'}
REVOKED = issuer_revoke(REVOCATIONS, TOREVOKE)
DISCLOSE = { 'name', 'gender', 'above_18' }
CREDENTIAL_PROOF = holder_prove_kv(SIGNED_CLAIMS, DISCLOSE)
for _,proof in pairs(CREDENTIAL_PROOF) do
assert(verify_proof(A.pk, proof) )
end
warn('revoked gender=male')
for _,proof in pairs(CREDENTIAL_PROOF) do
local H = sha256(proof.m..proof.r)
assert(H == proof.H, "Invalid proof hash")
assert(verify_proof(A.pk, proof) )
if proof.m == 'gender=male' then
assert(revocation_contains(REVOKED, proof), "Not revoked: "..proof.m)
else
assert(not revocation_contains(REVOKED, proof), "Revoked: "..proof.m)
end
end
warn('random proof.s')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.s = ECP.random() -- FUZZ
assert( not verify_proof(A.pk, proof) )
if proof.m == 'gender=male' then
assert(revocation_contains(REVOKED, proof), "Not revoked: "..proof.m)
else
assert(not revocation_contains(REVOKED, proof), "Revoked: "..proof.m)
end
end
warn('random proof.p')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.p = ECP2.random():to_zcash() -- FUZZ
assert(not verify_proof(A.pk, proof) )
end
warn('random proof.t')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.t = OCTET.random(32)
assert(not verify_proof(A.pk, proof) )
end
warn('random proof.c')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.c = sign(BIG.random(), OCTET.random(32))
assert(not verify_proof(A.pk, proof) )
end
warn('random proof.r')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.r = ECP2.random():to_zcash() -- FUZZ
assert(not verify_proof(A.pk, proof) )
assert(not revocation_contains(REVOKED, proof), "Revoked: "..proof.m)
end
warn('random A.pk')
for _,proof in pairs(CREDENTIAL_PROOF) do
assert(not verify_proof(ECP2.random(), proof) )
assert(not revocation_contains(REVOKED, proof), "Revoked: "..proof.m)
end