README
¶
Fairswap-Implementation
Fair swap Implementation
Running the file:
- Put the solidity contract file "inicontract.sol" in a directory.
- Create a directory by the name "contracts".
- Execute the following command to get the go file for the contract. Command : abigen -sol inicontract.sol -pkg contracts -out "./contracts/inicontract.go"
- Run the go file "main.go". Command: go run main.go
Each function used is put in a separate go file and description for the function is given along with it.
Malicious outsiders
If the contract address is public, then other parties can call the contract function "initializeRecieverAddress" and the intended receiver can never take part in the protocol. So, the sender can initialize the Receiver's Address during contract deployment or there can be an entry key using only which a party can call the "initializeRecieverAddress". The latter method is implemented here. The sender sends the entry key to a particular party(receiver) through offline using which this receiver can access the "initializeRecieverAddress" function.
Malicious Parties
The parties can be malicious. So, taking it into consideration of this fact, there are 2 additional stages-finishedAndMaliciousSender,finishedAndMaliciousReciever. If an honest party finds out the other one is malicious the party can stop executing its part of the protocol.The ether is transferred to the respective party.
Malicious Sender :
-
The sender doesn't reveal the correct key- As a consequence, the contract's stage goes to finishedAndMaliciousSender and the ether is transferred to the receiver. Once the receiver finds out the key revealed doesn't match, the receiver stops executing his part of the protocol
-
The sender calculates a wrong output in a gate: In this case, the encodedGateOutputs from which sender calculates the merklerootforEncInput for the contract is different from the encodedGateOutputs which is sent to the receiver. The receiver compares the Merkle root of both encodedGateOutputs and if negative, stops executing the protocol. In this case, there is no transaction to the contract from the receiver. Also, here the contract's stage goes to finishedAndMaliciousSender.
Malicious Receiver :
-
The receiver pays less ether than the price: The contract stage goes to finishedAndMaliciousReciever and the ether is transferred to the sender.
-
The receiver provides a wrong complain: The receiver provides an invalid complain. As a result, the contract stage goes to finishedAndMaliciousSender and the sender stops the execution of the protocol. The ethers are transferred to the sender.
Running malicious party code :
- Malicious code for different instances is put in the 'MaliciousParties' directory.
- Put one of the code in the main directory and run the go code.
Circuit Dependency
Fairswap entirely depends upon the circuit that is agreed between the parties.
The following circuit has been implemented.
Following are the global variables and functions that are circuit specific :
Sender
- setCircuitTuples : In this function, tuples namely gate index, inputs to a gate and the operation are initialized.
- Encode: This function calculates the gate output and encrypts the output.
Receiver
1.Extract: The function decrypts the encoded gate Outputs got from the receiver. The complaint is generated if the sender has given an invalid gate output.
2.Operation: Workflow for each operation is coded in this function.
Global Variables
- noOfInputGates=8 //total number of input gates
- maxLinesToGate=2 //maximum number of inputs a gate can take
- totalNumberOfGates=16 //total number of gates in the entire circuit
- const totNumOfEncOutVecToMer=16 //total number of encrypted gate outputs(equals totalNumberOfGates)
To implement a circuit of your own, appropriate changes can be made in these functions.
Hash Function
Keccak256(Keccak256 in go and keccak256 in solidity) hash function is used. Since the solidity has an inbuilt keccak256 function it is preferred to use that and have Keccak256 for golang. Any other hash functions can also be used in place of keccak256.
hashFunctionOutputBitSize is the hash function output size in bytes. This global constant must be changed when using other hash function of different output byte size. All other function parameters are taken care of accordingly.
The Contract
The judge contract(inicontract.sol) is written in solidity to act as a judge for the two parties.
Documentation
¶
Index ¶
- func CheckcreateMerkleTreeForEncInp(encryptedGateOutputs [totNumOfEncOutVecToMer][hashFunctionOutputBitSize]byte, ...) bool
- func Decrypt(key [keySize]byte, encryptedtext [hashFunctionOutputBitSize]byte) [32]byte
- func Enc(key [keySize]byte, plainText [32]byte) [hashFunctionOutputBitSize]byte
- func Encode(inputVectors [noOfInputGates][buffer_size]byte, key [keySize]byte, ...) ([totalNumberOfGates][hashFunctionOutputBitSize]byte, ...)
- func ExecuteFairSwap()
- func Extract(encodedGateOutputs [totNumOfEncOutVecToMer][hashFunctionOutputBitSize]byte, ...) ([][][hashFunctionOutputBitSize]byte, [][buffer_size]byte, []int)
- func Mproof(index int, ...) [][hashFunctionOutputBitSize]byte
- func Operation(Op int, operationInputs [][hashFunctionOutputBitSize]byte, ...) [32]byte
- func Receiver(authReceiver *bind.TransactOpts, client *ethclient.Client, ...)
- func ReceiverMerkleTreeCreate(encryptedGateOutputs [totNumOfEncOutVecToMer][hashFunctionOutputBitSize]byte) [2*totNumOfEncOutVecToMer - 1][hashFunctionOutputBitSize]byte
- func Sender(authSender *bind.TransactOpts, client *ethclient.Client, ...)
- func SetSenderReceiver(a *bind.TransactOpts, x common.Address, y common.Address, ...)
- type SenderToContractStruct
- type SenderToReceiverStruct
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckcreateMerkleTreeForEncInp ¶
func CheckcreateMerkleTreeForEncInp(encryptedGateOutputs [totNumOfEncOutVecToMer][hashFunctionOutputBitSize]byte, merklerootforEncInput [hashFunctionOutputBitSize]byte) bool
fn CheckcreateMerkleTreeForEncInp constructs merkletree and compares between the merkleroot got from construction and merkleroot passed as function parameter input parameters encryptedGateOutputs : Vectors of encrypted output of the circuit gates merklerootforEncInput : merkle root of Encrypted Input Returns bool value,true if merklerootforcircuit matches with the merkleroot got from construction,else false
func Decrypt ¶
Decrypt function The function is used to decrypt(XOR) the given vector. Input Parameters key : The key with which the XORing is done. encryptedtext : the input vector Returns the plainText output Operation performed : encryptedtext (XOR) key
func Enc ¶
Encrypt function The function is used to encrypt(XOR) the given vector. Input Parameters key : The key with which the XORing is done. plainText : the input vector Returns the encrypt output Operation performed : plainText (XOR) key
func Encode ¶
func Encode(inputVectors [noOfInputGates][buffer_size]byte, key [keySize]byte, circuitObjects [totalNumberOfGates]circuit, MRx [hashFunctionOutputBitSize]byte) ([totalNumberOfGates][hashFunctionOutputBitSize]byte, [totalNumberOfGates][32]byte)
The Encode function input parameters : inputVectors : The set of all input vectors key : The key with which the encryption function will be performed circuitObjects : An array of circuit objects that contains info related to eacg gate MRx : Merkle root of input vectors.Specific to this particular circuit. Returns : An array of encrypted vectors
func ExecuteFairSwap ¶
func ExecuteFairSwap()
func Extract ¶
func Extract(encodedGateOutputs [totNumOfEncOutVecToMer][hashFunctionOutputBitSize]byte, key [keySize]byte, circuitObjects [totalNumberOfGates]circuit, merkletree [2*totNumOfEncOutVecToMer - 1][hashFunctionOutputBitSize]byte, Receiver_MerkleRootOfEncInp [hashFunctionOutputBitSize]byte) ([][][hashFunctionOutputBitSize]byte, [][buffer_size]byte, []int)
func Mproof ¶
func Mproof(index int, merkletree [2*totNumOfEncOutVecToMer - 1][hashFunctionOutputBitSize]byte) [][hashFunctionOutputBitSize]byte
fn Mproof Input parameters inpdex(int) - the index of the gate merkletree([2*totNumOfEncOutVecToMer-1][32]byte) - merkle tree for encodedGateOutputs Return Parameters tree([depth][32]byte) - the merkle proof
func Receiver ¶
func Receiver(authReceiver *bind.TransactOpts, client *ethclient.Client, channel_SenToRec chan []byte, channel_RecToMainIni chan string, channel_RecToMainRev chan string)
Receiver function The functoin executes honest receiver's role in fairswap Input parameters: authReceiver(*bind.TransactOpts) - the receiver in the blockchain client()*backends.SimulatedBackend) - blockchain(here it is a backend blockchain) channel_SenToRec(chan []byte) - to receiver the byte array from the sender channel_RecToMainIni(chan string) - to notify the main function for the completion of initialization phase channel_RecToMainRev(chan string) - to notify the main function for the completion of reveal phase
func Sender ¶
func Sender(authSender *bind.TransactOpts, client *ethclient.Client, channel_SenToRec chan []byte, channel_SenToMain chan string)
Sender function The functoin executes honest sender's role in fairswap Input parameters: authsender(*bind.TransactOpts) - the sender in the blockchain client (*ethclient.Client) - blockchain(here it is a Ethereum blockchain) channel_SenToRec(chan []byte) - to send the byte array to the receiver channel_SenToMain(chan string) - to communicate with the main function
Source Files
Directories