4 * @brief PublicCoin and PrivateCoin classes for the Zerocoin library.
6 * @author Ian Miers, Christina Garman and Matthew Green
9 * @copyright Copyright 2013 Ian Miers, Christina Garman and Matthew Green
10 * @license This project is released under the MIT license.
15 #include "../bignum.h"
17 namespace libzerocoin {
19 enum CoinDenomination {
24 ZQ_WILLIAMSON = 100 // Malcolm J. Williamson,
25 // the scientist who actually invented
26 // Public key cryptography
29 /** A Public coin is the part of a coin that
30 * is published to the network and what is handled
31 * by other clients. It contains only the value
32 * of commitment to a serial number and the
33 * denomination of the coin.
37 template<typename Stream>
38 PublicCoin(const Params* p, Stream& strm): params(p) {
42 PublicCoin( const Params* p);
44 /**Generates a public coin
46 * @param p cryptographic paramters
47 * @param coin the value of the commitment.
48 * @param denomination The denomination of the coin. Defaults to ZQ_PEDERSEN
50 PublicCoin( const Params* p, const Bignum& coin, const CoinDenomination d = ZQ_PEDERSEN);
51 const Bignum& getValue() const;
52 const CoinDenomination getDenomination() const;
53 bool operator==(const PublicCoin& rhs) const;
54 bool operator!=(const PublicCoin& rhs) const;
55 /** Checks that a coin prime
56 * and in the appropriate range
57 * given the parameters
58 * @return true if valid
60 bool validate() const;
64 READWRITE(denomination);
69 // Denomination is stored as an INT because storing
70 // and enum raises amigiuities in the serialize code //FIXME if possible
75 * A private coin. As the name implies, the content
76 * of this should stay private except PublicCoin.
78 * Contains a coin's serial number, a commitment to it,
79 * and opening randomness for the commitment.
81 * @warning Failure to keep this secret(or safe),
82 * @warning will result in the theft of your coins
83 * @warning and a TOTAL loss of anonymity.
87 template<typename Stream>
88 PrivateCoin(const Params* p, Stream& strm): params(p) {
91 PrivateCoin(const Params* p,const CoinDenomination denomination = ZQ_PEDERSEN);
92 const PublicCoin& getPublicCoin() const;
93 const Bignum& getSerialNumber() const;
94 const Bignum& getRandomness() const;
98 READWRITE(publicCoin);
99 READWRITE(randomness);
100 READWRITE(serialNumber);
103 const Params* params;
104 PublicCoin publicCoin;
109 * @brief Mint a new coin.
110 * @param denomination the denomination of the coin to mint
111 * @throws ZerocoinException if the process takes too long
113 * Generates a new Zerocoin by (a) selecting a random serial
114 * number, (b) committing to this serial number and repeating until
115 * the resulting commitment is prime. Stores the
116 * resulting commitment (coin) and randomness (trapdoor).
118 void mintCoin(const CoinDenomination denomination);
121 * @brief Mint a new coin using a faster process.
122 * @param denomination the denomination of the coin to mint
123 * @throws ZerocoinException if the process takes too long
125 * Generates a new Zerocoin by (a) selecting a random serial
126 * number, (b) committing to this serial number and repeating until
127 * the resulting commitment is prime. Stores the
128 * resulting commitment (coin) and randomness (trapdoor).
129 * This routine is substantially faster than the
130 * mintCoin() routine, but could be more vulnerable
131 * to timing attacks. Don't use it if you think someone
132 * could be timing your coin minting.
134 void mintCoinFast(const CoinDenomination denomination);
138 } /* namespace libzerocoin */