search

stonecoldpat / anonymousvoting

Anonymous voting on Ethereum without a tally authority. Protocol from this paper http://homepages.cs.ncl.ac.uk/feng.hao/files/OpenVote_IET.pdf
340 stars 88 forks source link

JS conversion of the Java file #8

Closed SilentCicero closed 7 years ago

SilentCicero commented 7 years ago

I did a version of your Java file in JS.. does this look right?

var EC = require('elliptic').ec;

// Create and initialize EC context
// (better do it once and reuse it)
var ec = new EC('secp256k1');

// Generate keys
var key = ec.genKeyPair();

var x = key.getPrivate().toString(10);
var _x = key.getPublic().x.toString(10);
var _y = key.getPublic().y.toString(10);

var v = ec.genKeyPair().getPrivate().toString(10);
var w = ec.genKeyPair().getPrivate().toString(10);
var r = ec.genKeyPair().getPrivate().toString(10);
var d = ec.genKeyPair().getPrivate().toString(10);

console.log(x + "," + _x + "," + _y + "," + v + "," + w + "," + r + "," + d);

I couldn't fine anything on affine coordinate generation and if that matters over normal X and Y coordinates. Perhaps you could shed some light on that.

@stonecoldpat

stonecoldpat commented 7 years ago

Yeah. These are all integers. The voting key (x,y) is stored in the first three lines. The LocalCrypto contract has the code to compute the zkp and is executed using .call(). I mostly did this to ensure the creation / verification work together to experiment.

SilentCicero commented 7 years ago

@stonecoldpat so it doesn't matter if the coordinates are "affine" or not? I couldn't find a JS equivalent for that co-ordinates method in the elliptic lib.

SilentCicero commented 7 years ago

Also, in the Java file you are using "EDCSA" "BC", I'm not sure if by using elliptic Sep256k1 here (EC) if that is the right approach and will work with your ZKP/Sepc256k1 Solidity version. Any thoughts on that?

stonecoldpat commented 7 years ago

"BC" is just bouncy castle which is the cryptography library used in Java (the provider). Both Java and LocalCrypto are using the same curve (Secp256k1).

The Java Code should produce an affine point (x,y) for the voting key.

Some parts of LocalCrypto might accept a Jacob point (requires three co-ordinates x,y,z). It is on my "to do" list to change these inputs such that only affine points are returned/accepted as input for simplicity.

SilentCicero commented 7 years ago

Okay, I dont think this is a problem. The script above produces valid keys/random numbers. Thanks for the help!