bool CheckEquihashSolution(const CBlockHeader *pblock, const CChainParams& params)
{
unsigned int n = params.EquihashN();
unsigned int k = params.EquihashK();
// Hash state
crypto_generichash_blake2b_state state;
EhInitialiseState(n, k, state);
// I = the block header minus nonce and solution.
CEquihashInput I{*pblock};
// I||V
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
ss << I;
ss << pblock->nNonce;
// H(I||V||...
crypto_generichash_blake2b_update(&state, (unsigned char*)&ss[0], ss.size());
bool isValid;
EhIsValidSolution(n, k, state, pblock->nSolution, isValid);
if (!isValid)
return error("CheckEquihashSolution(): invalid solution");
return true;
}
std::array<unsigned char, 11> default_diversifier(const uint256& sk)
{
std::array<unsigned char, 11> res;
unsigned char blob[34];
memcpy(&blob[0], sk.begin(), 32);
blob[32] = 3;
blob[33] = 0;
while (true) {
crypto_generichash_blake2b_state state;
crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION);
crypto_generichash_blake2b_update(&state, blob, 34);
crypto_generichash_blake2b_final(&state, res.data(), 11);
if (librustzcash_check_diversifier(res.data())) {
break;
} else if (blob[33] == 255) {
throw std::runtime_error("librustzcash_check_diversifier did not return valid diversifier");
}
blob[33] += 1;
}
return res;
}
int main(void)
{
#define MAXLEN 64
crypto_generichash_blake2b_state st;
crypto_uint8 salt[crypto_generichash_blake2b_SALTBYTES] = {
'5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0'
};
crypto_uint8 personal[crypto_generichash_blake2b_PERSONALBYTES] = {
'5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a'
};
crypto_uint8 in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX];
size_t h,i,j;
for(h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h;
for(i = 0; i < MAXLEN; ++i) {
in[i]=i;
crypto_generichash_blake2b_init_salt_personal(&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX,
1 + i % crypto_generichash_blake2b_BYTES_MAX,
salt, personal);
crypto_generichash_blake2b_update(&st, in, i);
crypto_generichash_blake2b_final(&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x",(unsigned int) out[j]);
}
printf("\n");
}
return 0;
}
int
crypto_generichash_update(crypto_generichash_state *state,
const unsigned char *in,
unsigned long long inlen)
{
return crypto_generichash_blake2b_update
((crypto_generichash_blake2b_state *) state, in, inlen);
}
// Sapling
std::array<unsigned char, 64> PRF_expand(const uint256& sk, unsigned char t)
{
std::array<unsigned char, 64> res;
unsigned char blob[33];
memcpy(&blob[0], sk.begin(), 32);
blob[32] = t;
crypto_generichash_blake2b_state state;
crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION);
crypto_generichash_blake2b_update(&state, blob, 33);
crypto_generichash_blake2b_final(&state, res.data(), 64);
return res;
}
int main(void)
{
#define MAXLEN 64
crypto_generichash_blake2b_state st;
unsigned char salt[crypto_generichash_blake2b_SALTBYTES]
= { '5', 'b', '6', 'b', '4', '1', 'e', 'd',
'9', 'b', '3', '4', '3', 'f', 'e', '0' };
unsigned char personal[crypto_generichash_blake2b_PERSONALBYTES]
= { '5', '1', '2', '6', 'f', 'b', '2', 'a',
'3', '7', '4', '0', '0', 'd', '2', 'a' };
unsigned char in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX],
k[crypto_generichash_blake2b_KEYBYTES_MAX];
size_t h, i, j;
for (h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h)
k[h] = h;
for (i = 0; i < MAXLEN; ++i) {
in[i] = i;
crypto_generichash_blake2b_init_salt_personal(
&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX,
1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal);
crypto_generichash_blake2b_update(&st, in, i);
crypto_generichash_blake2b_final(
&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
}
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, k, 0U, crypto_generichash_blake2b_BYTES_MAX, salt, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out,
crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, NULL, 1U, crypto_generichash_blake2b_BYTES_MAX, salt, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out,
crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, k, crypto_generichash_blake2b_KEYBYTES_MAX,
crypto_generichash_blake2b_BYTES_MAX, NULL, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out,
crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, k, crypto_generichash_blake2b_KEYBYTES_MAX,
crypto_generichash_blake2b_BYTES_MAX, salt, NULL);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
assert(crypto_generichash_blake2b_final(
&st, out, crypto_generichash_blake2b_BYTES_MAX + 1U) == -1);
crypto_generichash_blake2b_final(
&st, out, crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, 0U, salt, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
NULL, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, crypto_generichash_blake2b_KEYBYTES_MAX, NULL, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, NULL);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES,
NULL, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES,
salt, NULL);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, 0U,
salt, personal) == -1);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k,
crypto_generichash_BYTES_MAX + 1U,
salt, personal) == -1);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k,
crypto_generichash_KEYBYTES_MAX + 1U,
sizeof out, salt, personal) == -1);
assert(crypto_generichash_blake2b_salt_personal(out, 0U, in, MAXLEN,
k, sizeof k,
salt, personal) == -1);
assert(crypto_generichash_blake2b_salt_personal(out, crypto_generichash_BYTES_MAX + 1U,
in, MAXLEN, k, sizeof k,
salt, personal) == -1);
assert(crypto_generichash_blake2b_salt_personal(out, sizeof out, in, MAXLEN,
k, crypto_generichash_KEYBYTES_MAX + 1U,
salt, personal) == -1);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES,
NULL, personal) == 0);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES,
salt, NULL) == 0);
return 0;
}
// partly copied from https://github.com/zcash/zcash/blob/master/src/miner.cpp#L581
bool equihash_(std::string solver, CBlock *pblock, int n, int k)
{
arith_uint256 hashTarget = arith_uint256().SetCompact(pblock->nBits);
// Hash state
crypto_generichash_blake2b_state state;
EhInitialiseState(n, k, state);
// I = the block header minus nonce and solution.
CEquihashInput I{*pblock};
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
ss << I;
// H(I||...
crypto_generichash_blake2b_update(&state, (unsigned char*)&ss[0], ss.size());
// H(I||V||...
crypto_generichash_blake2b_state curr_state;
curr_state = state;
crypto_generichash_blake2b_update(&curr_state,
pblock->nNonce.begin(),
pblock->nNonce.size());
// (x_1, x_2, ...) = A(I, V, n, k)
LogPrint("pow", "Running Equihash solver \"%s\" with nNonce = %s\n",
solver, pblock->nNonce.ToString());
std::function<bool(std::vector<unsigned char>)> validBlock =
[&pblock, &hashTarget](std::vector<unsigned char> soln) {
// Write the solution to the hash and compute the result.
pblock->nSolution = soln;
if (UintToArith256(pblock->GetHash()) > hashTarget) {
return false;
}
// Found a solution
LogPrintf("CMMMiner:\n");
LogPrintf("proof-of-work found \n hash: %s \ntarget: %s\n", pblock->GetHash().GetHex(), hashTarget.GetHex());
return true;
};
if (solver == "tromp") {
// Create solver and initialize it.
equi eq(1);
eq.setstate(&curr_state);
// Intialization done, start algo driver.
eq.digit0(0);
eq.xfull = eq.bfull = eq.hfull = 0;
eq.showbsizes(0);
for (u32 r = 1; r < WK; r++) {
(r&1) ? eq.digitodd(r, 0) : eq.digiteven(r, 0);
eq.xfull = eq.bfull = eq.hfull = 0;
eq.showbsizes(r);
}
eq.digitK(0);
// Convert solution indices to byte array (decompress) and pass it to validBlock method.
for (size_t s = 0; s < eq.nsols; s++) {
std::vector<eh_index> index_vector(PROOFSIZE);
for (size_t i = 0; i < PROOFSIZE; i++) {
index_vector[i] = eq.sols[s][i];
}
std::vector<unsigned char> sol_char = GetMinimalFromIndices(index_vector, DIGITBITS);
if (validBlock(sol_char))
return true;
}
} else {
try {
if (EhOptimisedSolve(n, k, curr_state, validBlock))
return true;
} catch (std::exception&) {
LogPrintf("pow/nano.cpp: ", "execption catched...");
}
}
return false;
}
