2 * @file SerialNumberSignatureOfKnowledge.h
4 * @brief SerialNumberSignatureOfKnowledge class for the Zerocoin library.
6 * @author Ian Miers, Christina Garman and Matthew Green
9 * @copyright Copyright 2013 Ian Miers, Christina Garman and Matthew Green
10 * @license This project is released under the MIT license.
13 #ifndef SERIALNUMBERPROOF_H_
14 #define SERIALNUMBERPROOF_H_
21 #include "Commitment.h"
22 #include "../bignum.h"
23 #include "../serialize.h"
24 #include "Accumulator.h"
28 namespace libzerocoin {
30 /**A Signature of knowledge on the hash of metadata attesting that the signer knows the values
31 * necessary to open a commitment which contains a coin(which it self is of course a commitment)
32 * with a given serial number.
34 class SerialNumberSignatureOfKnowledge {
36 SerialNumberSignatureOfKnowledge(const Params* p);
37 /** Creates a Signature of knowledge object that a commitment to a coin contains a coin with serial number x
40 * @param coin the coin we are going to prove the serial number of.
41 * @param commitmentToCoin the commitment to the coin
42 * @param msghash hash of meta data to create a signature of knowledge on.
44 SerialNumberSignatureOfKnowledge(const Params* p, const PrivateCoin& coin, const Commitment& commitmentToCoin, uint256 msghash);
46 /** Verifies the Signature of knowledge.
48 * @param msghash hash of meta data to create a signature of knowledge on.
51 bool Verify(const Bignum& coinSerialNumber, const Bignum& valueOfCommitmentToCoin,const uint256 msghash) const;
55 READWRITE(s_notprime);
62 uint256 hash; //TODO For efficiency, should this be a bitset where Templates define params?
64 // challenge response values
65 // this is s_notprime instead of s
66 // because the serialization macros
67 // define something named s and it conflicts
68 vector<Bignum> s_notprime;
69 vector<Bignum> sprime;
70 inline Bignum challengeCalculation(const Bignum& a_exp, const Bignum& b_exp,
71 const Bignum& h_exp) const;
74 } /* namespace libzerocoin */
75 #endif /* SERIALNUMBERPROOF_H_ */