bool CheckEquihashSolution(const CBlockHeader *pblock, const CChainParams& params) { unsigned int n = params.EquihashN(); unsigned int k = params.EquihashK(); // Hash state crypto_generichash_blake2b_state state; EhInitialiseState(n, k, state); // I = the block header minus nonce and solution. CEquihashInput I{*pblock}; // I||V CDataStream ss(SER_NETWORK, PROTOCOL_VERSION); ss << I; ss << pblock->nNonce; // H(I||V||... crypto_generichash_blake2b_update(&state, (unsigned char*)&ss[0], ss.size()); bool isValid; EhIsValidSolution(n, k, state, pblock->nSolution, isValid); if (!isValid) return error("CheckEquihashSolution(): invalid solution"); return true; }
std::array<unsigned char, 11> default_diversifier(const uint256& sk) { std::array<unsigned char, 11> res; unsigned char blob[34]; memcpy(&blob[0], sk.begin(), 32); blob[32] = 3; blob[33] = 0; while (true) { crypto_generichash_blake2b_state state; crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION); crypto_generichash_blake2b_update(&state, blob, 34); crypto_generichash_blake2b_final(&state, res.data(), 11); if (librustzcash_check_diversifier(res.data())) { break; } else if (blob[33] == 255) { throw std::runtime_error("librustzcash_check_diversifier did not return valid diversifier"); } blob[33] += 1; } return res; }
int main(void) { #define MAXLEN 64 crypto_generichash_blake2b_state st; crypto_uint8 salt[crypto_generichash_blake2b_SALTBYTES] = { '5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0' }; crypto_uint8 personal[crypto_generichash_blake2b_PERSONALBYTES] = { '5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a' }; crypto_uint8 in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX]; size_t h,i,j; for(h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h; for(i = 0; i < MAXLEN; ++i) { in[i]=i; crypto_generichash_blake2b_init_salt_personal(&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX, 1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, i); crypto_generichash_blake2b_final(&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x",(unsigned int) out[j]); } printf("\n"); } return 0; }
int crypto_generichash_update(crypto_generichash_state *state, const unsigned char *in, unsigned long long inlen) { return crypto_generichash_blake2b_update ((crypto_generichash_blake2b_state *) state, in, inlen); }
// Sapling std::array<unsigned char, 64> PRF_expand(const uint256& sk, unsigned char t) { std::array<unsigned char, 64> res; unsigned char blob[33]; memcpy(&blob[0], sk.begin(), 32); blob[32] = t; crypto_generichash_blake2b_state state; crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION); crypto_generichash_blake2b_update(&state, blob, 33); crypto_generichash_blake2b_final(&state, res.data(), 64); return res; }
int main(void) { #define MAXLEN 64 crypto_generichash_blake2b_state st; unsigned char salt[crypto_generichash_blake2b_SALTBYTES] = { '5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0' }; unsigned char personal[crypto_generichash_blake2b_PERSONALBYTES] = { '5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a' }; unsigned char in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX]; size_t h, i, j; for (h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h; for (i = 0; i < MAXLEN; ++i) { in[i] = i; crypto_generichash_blake2b_init_salt_personal( &st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX, 1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, i); crypto_generichash_blake2b_final( &st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); } memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, k, 0U, crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, NULL, 1U, crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, k, crypto_generichash_blake2b_KEYBYTES_MAX, crypto_generichash_blake2b_BYTES_MAX, NULL, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, k, crypto_generichash_blake2b_KEYBYTES_MAX, crypto_generichash_blake2b_BYTES_MAX, salt, NULL); crypto_generichash_blake2b_update(&st, in, MAXLEN); assert(crypto_generichash_blake2b_final( &st, out, crypto_generichash_blake2b_BYTES_MAX + 1U) == -1); crypto_generichash_blake2b_final( &st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, 0U, salt, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, NULL, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, crypto_generichash_blake2b_KEYBYTES_MAX, NULL, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, NULL); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES, NULL, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES, salt, NULL); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, 0U, salt, personal) == -1); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES_MAX + 1U, salt, personal) == -1); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, crypto_generichash_KEYBYTES_MAX + 1U, sizeof out, salt, personal) == -1); assert(crypto_generichash_blake2b_salt_personal(out, 0U, in, MAXLEN, k, sizeof k, salt, personal) == -1); assert(crypto_generichash_blake2b_salt_personal(out, crypto_generichash_BYTES_MAX + 1U, in, MAXLEN, k, sizeof k, salt, personal) == -1); assert(crypto_generichash_blake2b_salt_personal(out, sizeof out, in, MAXLEN, k, crypto_generichash_KEYBYTES_MAX + 1U, salt, personal) == -1); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES, NULL, personal) == 0); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES, salt, NULL) == 0); return 0; }
// partly copied from https://github.com/zcash/zcash/blob/master/src/miner.cpp#L581 bool equihash_(std::string solver, CBlock *pblock, int n, int k) { arith_uint256 hashTarget = arith_uint256().SetCompact(pblock->nBits); // Hash state crypto_generichash_blake2b_state state; EhInitialiseState(n, k, state); // I = the block header minus nonce and solution. CEquihashInput I{*pblock}; CDataStream ss(SER_NETWORK, PROTOCOL_VERSION); ss << I; // H(I||... crypto_generichash_blake2b_update(&state, (unsigned char*)&ss[0], ss.size()); // H(I||V||... crypto_generichash_blake2b_state curr_state; curr_state = state; crypto_generichash_blake2b_update(&curr_state, pblock->nNonce.begin(), pblock->nNonce.size()); // (x_1, x_2, ...) = A(I, V, n, k) LogPrint("pow", "Running Equihash solver \"%s\" with nNonce = %s\n", solver, pblock->nNonce.ToString()); std::function<bool(std::vector<unsigned char>)> validBlock = [&pblock, &hashTarget](std::vector<unsigned char> soln) { // Write the solution to the hash and compute the result. pblock->nSolution = soln; if (UintToArith256(pblock->GetHash()) > hashTarget) { return false; } // Found a solution LogPrintf("CMMMiner:\n"); LogPrintf("proof-of-work found \n hash: %s \ntarget: %s\n", pblock->GetHash().GetHex(), hashTarget.GetHex()); return true; }; if (solver == "tromp") { // Create solver and initialize it. equi eq(1); eq.setstate(&curr_state); // Intialization done, start algo driver. eq.digit0(0); eq.xfull = eq.bfull = eq.hfull = 0; eq.showbsizes(0); for (u32 r = 1; r < WK; r++) { (r&1) ? eq.digitodd(r, 0) : eq.digiteven(r, 0); eq.xfull = eq.bfull = eq.hfull = 0; eq.showbsizes(r); } eq.digitK(0); // Convert solution indices to byte array (decompress) and pass it to validBlock method. for (size_t s = 0; s < eq.nsols; s++) { std::vector<eh_index> index_vector(PROOFSIZE); for (size_t i = 0; i < PROOFSIZE; i++) { index_vector[i] = eq.sols[s][i]; } std::vector<unsigned char> sol_char = GetMinimalFromIndices(index_vector, DIGITBITS); if (validBlock(sol_char)) return true; } } else { try { if (EhOptimisedSolve(n, k, curr_state, validBlock)) return true; } catch (std::exception&) { LogPrintf("pow/nano.cpp: ", "execption catched..."); } } return false; }