From ae934da1c8c30600ad4ddf41a2875580770b53ca Mon Sep 17 00:00:00 2001 From: Benjamin Loison Date: Sat, 3 Jun 2023 19:30:40 +0200 Subject: [PATCH] Fix #10: `The prover hasn't provided a correct proof!` --- common.py | 2 +- meta.py | 2 +- prover.py | 13 +++++++++++++ verifier.py | 20 +++++++++++++++----- 4 files changed, 30 insertions(+), 7 deletions(-) diff --git a/common.py b/common.py index 9f9d694..8d04853 100644 --- a/common.py +++ b/common.py @@ -13,7 +13,7 @@ LEAST_DIFFICULT_HASH = int('F' * (SECURITY_PARAMETER // 4), 16) NUMBER_OF_BITS_IN_AVERAGE_FOR_SOLVING_PUZZLE = int(math.log2(1 / MAXIMUM_HASH_DIFFICULTY)) -PROBABILITY_TO_CATCH_MALICIOUS = 1 - 2 ** -1 +PROBABILITY_TO_CATCH_MALICIOUS = 1 - 2 ** -50 # Let's hardcode that we dedicate 1% of extra storage for the proof probability. SPACE_UPPER_BOUND_IN_BITS_POTENTIALLY_MALICIOUS = math.ceil(SPACE_TO_PROVE_IN_BITS / 100) diff --git a/meta.py b/meta.py index 9360dee..a60cbb1 100755 --- a/meta.py +++ b/meta.py @@ -40,5 +40,5 @@ while True: write(verifier, 'entries.txt') result = ' '.join(getProgramLine(verifier).split()[1:]) print(result) - if result.startswith('The received difficulty'):#not result.startswith('Verified'): + if not result.startswith('Verified'): break diff --git a/prover.py b/prover.py index 21ac83d..d12a8a5 100755 --- a/prover.py +++ b/prover.py @@ -48,6 +48,7 @@ counter = 0 for deltaCounter in STORED_NONCES: counter += deltaCounter hashed = common.hash(protocolInitializationPhaseId + protocolExecutionPhaseId + str(counter)) + #print('nonce', len(merkleTreeLevel), str(counter), hashed) merkleTreeLevel += [hashed] merkleTreeLevels = [merkleTreeLevel] @@ -83,14 +84,22 @@ with open(input('indexesRequest: ')) as f: verificationMerkleTreeLevels = [{} for _ in range(common.LEVELS)] for indexRequest in indexesRequest: + #print('interest', indexRequest) otherIndex = common.otherIndex(indexRequest) for index in [indexRequest, otherIndex]: + #print(index) verificationMerkleTreeLevels[0][index] = merkleTreeLevels[0][index] +import json +#print(json.dumps(verificationMerkleTreeLevels[0], indent = 4, sort_keys = True)) +#exit(1) + # Should rename `entries`, as they aren't *entries* for higher levels. entries = [] for verificationMerkleTreeLevelsIndex, verificationMerkleTreeLevel in enumerate(verificationMerkleTreeLevels[:-1]): + #for index in (verificationMerkleTreeLevel if verificationMerkleTreeLevelsIndex > 1 else indexesRequest): for index in verificationMerkleTreeLevel: + #print(index) otherIndex = common.otherIndex(index) leftIndex, rightIndex = sorted([index, otherIndex]) leftHash, rightHash = [merkleTreeLevels[verificationMerkleTreeLevelsIndex][i] for i in [leftIndex, rightIndex]] @@ -100,10 +109,14 @@ for verificationMerkleTreeLevelsIndex, verificationMerkleTreeLevel in enumerate( if verificationMerkleTreeLevelsIndex == 0: leftNonce = sum(STORED_NONCES[:leftIndex + 1]) rightNonce = leftNonce + STORED_NONCES[rightIndex] + #print(leftNonce, rightNonce) entries += [leftNonce, rightNonce] else: entries += [otherHash] +#import json +#print(json.dumps(verificationMerkleTreeLevels, indent = 4, sort_keys = True)) + entriesFilePath = 'entries.txt' with open(entriesFilePath, 'w') as f: diff --git a/verifier.py b/verifier.py index f5e1258..e5b782d 100755 --- a/verifier.py +++ b/verifier.py @@ -28,13 +28,13 @@ merkleTreeRoot = input('merkleTreeRoot: ') # Note that there's no advantage to request the last table entry by hoping that the prover is storing the nonces with delta in such order, for instance he can have stored the delta the other way around which screw up this additional request aim. -indexesRequest = set() if len(sys.argv) <= 3 else ast.literal_eval(sys.argv[3]) +indexesRequest = [] if len(sys.argv) <= 3 else ast.literal_eval(sys.argv[3]) -if indexesRequest == set(): +if indexesRequest == []: while len(indexesRequest) < common.NUMBER_OF_ENTRIES_TO_VERIFY: index = secrets.randbelow(common.ENTRIES_NUMBER) - if not common.otherIndex(index) in indexesRequest: - indexesRequest.add(index) + if not common.otherIndex(index) in indexesRequest and not index in indexesRequest: + indexesRequest += [index] indexesRequestFilePath = 'indexesRequest.txt' @@ -56,6 +56,7 @@ with open(input('entries: ')) as f: merkleTreeLevels = [{} for _ in range(common.LEVELS)] for index in indexesRequest: + #print('interest', index) otherIndex = common.otherIndex(index) leftIndex, rightIndex = sorted([index, otherIndex]) for i, nonce in zip([leftIndex, rightIndex], [entries.pop(0) for _ in range(2)]): @@ -63,7 +64,13 @@ for index in indexesRequest: if not common.doesHashMatchDifficulty(hashed): print("The received difficulty doesn't match the claimed one!") exit(1) - merkleTreeLevels[0][i] = common.hash(protocolInitializationPhaseId + protocolExecutionPhaseId + str(nonce)) + hashed = common.hash(protocolInitializationPhaseId + protocolExecutionPhaseId + str(nonce)) + #print('nonce', i, str(nonce), hashed) + merkleTreeLevels[0][i] = hashed + +import json +#print(json.dumps(merkleTreeLevels[0], indent = 4, sort_keys = True)) +#exit(1) for merkleTreeLevelsIndex, merkleTreeLevel in enumerate(merkleTreeLevels[:-1]): for index in merkleTreeLevel.copy(): @@ -78,6 +85,9 @@ for merkleTreeLevelsIndex, merkleTreeLevel in enumerate(merkleTreeLevels[:-1]): # If any entry corresponding to requested indexes is incorrect, the Merkle tree won't match or the verification of the claimed difficulty of the provided hash will fail. actualStorage = common.ENTRIES_NUMBER * common.NUMBER_OF_BITS_IN_AVERAGE_FOR_SOLVING_PUZZLE +#import json +#print(json.dumps(merkleTreeLevels, indent = 4, sort_keys = True)) + if merkleTreeRoot == merkleTreeLevels[-1][0] and actualStorage >= common.SPACE_TO_PROVE_IN_BITS: print(f'Verified with probability {common.PROBABILITY_TO_CATCH_MALICIOUS} that the prover is storing in average {common.INITIAL_SPACE_TO_PROVE_IN_BITS} (actually the prover is storing in average {actualStorage} bits)') else: