Comments (3)
Hi,
Let me explain what is going on first before talking about that code.
It is worth highlighting that on the ellipitic curve... multiplication is addition, exponentiations is multiplication and division is subtraction. So when I say "add" on the elliptic curve... it is multiplication in the above picture and when I say "subtraction" then it is division in the above picture. Also, g^{x} is the voting key, and g^{y} is the reconstructed key.
lets pretend we are computing the reconstructed key for voter 3 (i.e. the robot).
We add the voting keys for Voter 1 and Voter 2 together (i.e. PK_{12}, and we add the voting keys for voter 4 and voter 5 together (PK_{45}).
Next, to compute the reconstructed key for voter 3.... we simply subtract both of the sums ReconstructedKey_{3} = PK_{12} - PK_{45}
Now.... there are two edge cases for both the first and last voter.
For the first voter (voter 0) - no subtraction/division is required... their reconstructed key is simply the sum of all voting keys 1,...,n. This is what we see in the below code:
// Step 1 is to compute the index 1 reconstructed key
afteri[0] = voters[1].registeredkey[0];
afteri[1] = voters[1].registeredkey[1];
afteri[2] = 1;
for(uint i=2; i<totalregistered; i++) {
Secp256k1._addMixedM(afteri, voters[i].registeredkey);
}
ECCMath.toZ1(afteri,pp);
voters[0].reconstructedkey[0] = afteri[0];
voters[0].reconstructedkey[1] = pp - afteri[1];
Here, we initialise the variable afteri with the voting key of voter 1.... and then add each voter's voting key after that..... so it is the sum of all voting keys 1 to n.
I'm not too sure about the problem with voter 1.... If it is accepting the first zkp for the voting key, then their reconstructed key should be correctly computed by Ethereum.
I'd say it is worth checking two things:
- The correct reconstructed key is fetched from Ethereum.
- The correct private key that corresponds to their voting key g^{x} (this is what the first zkp proves knowledge about) is being used as well.
It is likely just a bug in the JS code. Stuff like this can be really tricky.
If you want - it might be easier to ask me on skype about this stuff. skype: podgey-kins
p.s. I have some slides here that might explain the protocol step by step as well:
https://www.dropbox.com/s/kubf6b9c1d73xx5/Purdue.pptx?dl=0
from anonymousvoting.
Side note, everyday I learn more about Sepc256k1/elliptic curve I am every more astonished humans have discovered/can use it's power.
--
I've managed to track down through debugging that Secp256k1.isPubKey(reconstructedkey)
does not compute as a valid public key, thus causing the verify 1 of 2 to return false for account/voter[1].
So potentially the outputted reconstructed key for account[1] is not valid/public key.. even though it "looks" like the other keys, i.e. the formatting is the same.
Also, the other keys are also now not public keys (y ... b2), probably due to an invalid reconstructed public key being used in the create 1 of 2 step.
--
Could this still have something to do with the Affine points Java produces vs the x/y points I used @stonecoldpat ?
--
I've tried the values generated through the Java, they produce an identical error to the keys generated with my JS implementation of your Java file. So I don't believe my JS file is producing invalid keys/random numbers.
I'm now onto the reconstruction method/1of2 ZKP creation to see if that could be the issue, remembering I have re-built your method for testing to be stateless also.
I still believe it is my JS, somewhere along the line.. but I cant see the issue yet. Perhaps trying to build the reconstruct process for voter[1] can yeild some information.
--
Found the problem, I have fixed the key reconstruction issue, everything verifies out now. Now the tally is registering as invalid, so working on that. I'm hitting the very bottom logic, where the vote is tallied invalid. I'm using the keys generated from the Java file, so I doubt it is the codes/keys.
The ZKP/verify step completes successfully.
The 1of2 votes/1of2 verify step completes successfully.
Just into the tally now, checking inputs.
from anonymousvoting.
Got it! Just had a few bugs in my JS code. Thanks so much! Lets chat soon.
from anonymousvoting.
Related Issues (20)
- how to run the code? HOT 2
- Browser-solidity : callback contain no result Gas required exceeds block gas limit: 4294967295 HOT 11
- Question: Does this require any trusted computing? HOT 1
- JS conversion of the Java file HOT 5
- Is it possible to avoid to restart the protocol if someone doesn't vote in round 2 ? HOT 2
- Chrome : MLHttpRequest cannot load http://XX.XX.XX.XX:8545/. Response to preflight request doesn't pass access control check HOT 3
- Loss of password of the private key after registration. HOT 3
- callback contain no result Gas required exceeds limit: 3000000 HOT 5
- ZKP for the multi candidate elections HOT 13
- WaveVote project HOT 1
- Polys
- anonymousvotingAddr.owner() always "0x" HOT 4
- Problems following the video tutorial HOT 2
- Gas consumption is too high to create AnonymousVoting contract! HOT 2
- encrypt on chain
- Monitoring order of votes breaks anonymity HOT 7
- voting project using cosmos-sdk based on this project
- Strategies for alternative behavioural paths? HOT 1
- Question: can the user be guessed after submit the vote?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from anonymousvoting.