bool SerialNumberSignatureOfKnowledge::Verify(const CBigNum& coinSerialNumber, const CBigNum& valueOfCommitmentToCoin,
const uint256 msghash) const {
CBigNum a = params->coinCommitmentGroup.g;
CBigNum b = params->coinCommitmentGroup.h;
CBigNum g = params->serialNumberSoKCommitmentGroup.g;
CBigNum h = params->serialNumberSoKCommitmentGroup.h;
CHashWriter hasher(0,0);
hasher << *params << valueOfCommitmentToCoin << coinSerialNumber << msghash;
vector<CBigNum> tprime(params->zkp_iterations);
unsigned char *hashbytes = (unsigned char*) &this->hash;
for(uint32_t i = 0; i < params->zkp_iterations; i++) {
int bit = i % 8;
int byte = i / 8;
bool challenge_bit = ((hashbytes[byte] >> bit) & 0x01);
if(challenge_bit) {
tprime[i] = challengeCalculation(coinSerialNumber, s_notprime[i], SeedTo1024(sprime[i].getuint256()));
} else {
CBigNum exp = b.pow_mod(s_notprime[i], params->serialNumberSoKCommitmentGroup.groupOrder);
tprime[i] = ((valueOfCommitmentToCoin.pow_mod(exp, params->serialNumberSoKCommitmentGroup.modulus) % params->serialNumberSoKCommitmentGroup.modulus) *
(h.pow_mod(sprime[i], params->serialNumberSoKCommitmentGroup.modulus) % params->serialNumberSoKCommitmentGroup.modulus)) %
params->serialNumberSoKCommitmentGroup.modulus;
}
}
for(uint32_t i = 0; i < params->zkp_iterations; i++) {
hasher << tprime[i];
}
return hasher.GetHash() == hash;
}
int term()
{
if(factor())
{
if(tprime())
return 1;
}
return 0;
}
void tprime()
{
int incoming = mulop();
if(incoming == 1)
{
factor();
tprime();
}
else
return;
}
int tprime()
{
if(mulop())
{
if(factor())
{
if(tprime())
return 1;
else
return 0;
}
else
return 0;
}
else
return 1;
}
void term()
{
factor();
tprime();
}
