Fix #10: The prover hasn't provided a correct proof!

common.py

@@ -13,7 +13,7 @@ LEAST_DIFFICULT_HASH = int('F' * (SECURITY_PARAMETER // 4), 16)
 
 NUMBER_OF_BITS_IN_AVERAGE_FOR_SOLVING_PUZZLE = int(math.log2(1 / MAXIMUM_HASH_DIFFICULTY))
 
-PROBABILITY_TO_CATCH_MALICIOUS = 1 - 2 ** -1
+PROBABILITY_TO_CATCH_MALICIOUS = 1 - 2 ** -50
 # Let's hardcode that we dedicate 1% of extra storage for the proof probability.
 SPACE_UPPER_BOUND_IN_BITS_POTENTIALLY_MALICIOUS = math.ceil(SPACE_TO_PROVE_IN_BITS / 100)
 

meta.py

@@ -40,5 +40,5 @@ while True:
     write(verifier, 'entries.txt')
     result = ' '.join(getProgramLine(verifier).split()[1:])
     print(result)
-    if result.startswith('The received difficulty'):#not result.startswith('Verified'):
+    if not result.startswith('Verified'):
         break

prover.py

@@ -48,6 +48,7 @@ counter = 0
 for deltaCounter in STORED_NONCES:
     counter += deltaCounter
     hashed = common.hash(protocolInitializationPhaseId + protocolExecutionPhaseId + str(counter))
+    #print('nonce', len(merkleTreeLevel), str(counter), hashed)
     merkleTreeLevel += [hashed]
 
 merkleTreeLevels = [merkleTreeLevel]
@@ -83,14 +84,22 @@ with open(input('indexesRequest: ')) as f:
 verificationMerkleTreeLevels = [{} for _ in range(common.LEVELS)]
 
 for indexRequest in indexesRequest:
+    #print('interest', indexRequest)
     otherIndex = common.otherIndex(indexRequest)
     for index in [indexRequest, otherIndex]:
+        #print(index)
         verificationMerkleTreeLevels[0][index] = merkleTreeLevels[0][index]
 
+import json
+#print(json.dumps(verificationMerkleTreeLevels[0], indent = 4, sort_keys = True))
+#exit(1)
+
 # Should rename `entries`, as they aren't *entries* for higher levels.
 entries = []
 for verificationMerkleTreeLevelsIndex, verificationMerkleTreeLevel in enumerate(verificationMerkleTreeLevels[:-1]):
+    #for index in (verificationMerkleTreeLevel if verificationMerkleTreeLevelsIndex > 1 else indexesRequest):
     for index in verificationMerkleTreeLevel:
+        #print(index)
         otherIndex = common.otherIndex(index)
         leftIndex, rightIndex = sorted([index, otherIndex])
         leftHash, rightHash = [merkleTreeLevels[verificationMerkleTreeLevelsIndex][i] for i in [leftIndex, rightIndex]]
@@ -100,10 +109,14 @@ for verificationMerkleTreeLevelsIndex, verificationMerkleTreeLevel in enumerate(
             if verificationMerkleTreeLevelsIndex == 0:
                 leftNonce = sum(STORED_NONCES[:leftIndex + 1])
                 rightNonce = leftNonce + STORED_NONCES[rightIndex]
+                #print(leftNonce, rightNonce)
                 entries += [leftNonce, rightNonce]
             else:
                 entries += [otherHash]
 
+#import json
+#print(json.dumps(verificationMerkleTreeLevels, indent = 4, sort_keys = True))
+
 entriesFilePath = 'entries.txt'
 
 with open(entriesFilePath, 'w') as f:

verifier.py

@@ -28,13 +28,13 @@ merkleTreeRoot = input('merkleTreeRoot: ')
 
 # Note that there's no advantage to request the last table entry by hoping that the prover is storing the nonces with delta in such order, for instance he can have stored the delta the other way around which screw up this additional request aim.
 
-indexesRequest = set() if len(sys.argv) <= 3 else ast.literal_eval(sys.argv[3])
+indexesRequest = [] if len(sys.argv) <= 3 else ast.literal_eval(sys.argv[3])
 
-if indexesRequest == set():
+if indexesRequest == []:
     while len(indexesRequest) < common.NUMBER_OF_ENTRIES_TO_VERIFY:
         index = secrets.randbelow(common.ENTRIES_NUMBER)
-        if not common.otherIndex(index) in indexesRequest:
-            indexesRequest.add(index)
+        if not common.otherIndex(index) in indexesRequest and not index in indexesRequest:
+            indexesRequest += [index]
 
 indexesRequestFilePath = 'indexesRequest.txt'
 
@@ -56,6 +56,7 @@ with open(input('entries: ')) as f:
 merkleTreeLevels = [{} for _ in range(common.LEVELS)]
 
 for index in indexesRequest:
+    #print('interest', index)
     otherIndex = common.otherIndex(index)
     leftIndex, rightIndex = sorted([index, otherIndex])
     for i, nonce in zip([leftIndex, rightIndex], [entries.pop(0) for _ in range(2)]):
@@ -63,7 +64,13 @@ for index in indexesRequest:
         if not common.doesHashMatchDifficulty(hashed):
             print("The received difficulty doesn't match the claimed one!")
             exit(1)
-        merkleTreeLevels[0][i] = common.hash(protocolInitializationPhaseId + protocolExecutionPhaseId + str(nonce))
+        hashed = common.hash(protocolInitializationPhaseId + protocolExecutionPhaseId + str(nonce))
+        #print('nonce', i, str(nonce), hashed)
+        merkleTreeLevels[0][i] = hashed
+
+import json
+#print(json.dumps(merkleTreeLevels[0], indent = 4, sort_keys = True))
+#exit(1)
 
 for merkleTreeLevelsIndex, merkleTreeLevel in enumerate(merkleTreeLevels[:-1]):
     for index in merkleTreeLevel.copy():
@@ -78,6 +85,9 @@ for merkleTreeLevelsIndex, merkleTreeLevel in enumerate(merkleTreeLevels[:-1]):
 # If any entry corresponding to requested indexes is incorrect, the Merkle tree won't match or the verification of the claimed difficulty of the provided hash will fail.
 actualStorage = common.ENTRIES_NUMBER * common.NUMBER_OF_BITS_IN_AVERAGE_FOR_SOLVING_PUZZLE
 
+#import json
+#print(json.dumps(merkleTreeLevels, indent = 4, sort_keys = True))
+
 if merkleTreeRoot == merkleTreeLevels[-1][0] and actualStorage >= common.SPACE_TO_PROVE_IN_BITS:
     print(f'Verified with probability {common.PROBABILITY_TO_CATCH_MALICIOUS} that the prover is storing in average {common.INITIAL_SPACE_TO_PROVE_IN_BITS} (actually the prover is storing in average {actualStorage} bits)')
 else: