Loop-test send signature to server to be verified

client/loop-test/README.md

@@ -4,5 +4,6 @@
 - Run the nodejs loop script: `node loop-test.js`
 	- This will print on the screen the number of iterations each 100 iterations
 	- And if there is an error verifying a signature, will print all the involved parameters
+		- signature verification is done on the JS side, but also sent to the server to verify it from the Go side
 
 

client/loop-test/loop-test.js

@@ -52,6 +52,8 @@ async function verify() {
 	verified = blindsecp256k1.verify(m, sig, signerQ);
 	if (!verified) {
 		errCount++;
+		console.log("==verification failed on client==", res.data.verification);
+
 		printPoint("signerR", signerR);
 		printPoint("signerQ", signerQ);
 		console.log("m:", m.toString());
@@ -63,6 +65,55 @@ async function verify() {
 		printPoint("sig.f", sig.f);
 		console.log("verify", verified);
 	}
+
+	// send to verify by the go server
+	let data = {
+		m: m.toString(),
+		sig: {
+			S: sig.s.toString(),
+			F: {
+				x: sig.f.affineX.toString(),
+				y: sig.f.affineY.toString()
+			}
+		},
+		q: {
+				x: signerQ.affineX.toString(),
+				y: signerQ.affineY.toString()
+		}
+	};
+	try {
+		let res = await axios.post(apiUrl+'/verify', data);
+		if (!res.data.verification) {
+			errCount++;
+			console.log("==verification failed on server==", res.data.verification);
+
+			printPoint("signerR", signerR);
+			printPoint("signerQ", signerQ);
+			console.log("m:", m.toString());
+			console.log("mBlinded:", mBlinded.toString());
+			console.log(`userSecretData:\n	a: ${userSecretData.a.toString()}\n	b: ${userSecretData.b.toString()}`);
+			printPoint("userSecretData.f", userSecretData.f);
+			console.log("blinded sig:", blindedSig.toString());
+			console.log("sig.s:", sig.s.toString());
+			printPoint("sig.f", sig.f);
+			console.log("verify", verified);
+		}
+	} catch (error) {
+		console.error(error.response.data);
+			errCount++;
+			console.log("==verification failed on server==", error.response.data.verification);
+
+			printPoint("signerR", signerR);
+			printPoint("signerQ", signerQ);
+			console.log("m:", m.toString());
+			console.log("mBlinded:", mBlinded.toString());
+			console.log(`userSecretData:\n	a: ${userSecretData.a.toString()}\n	b: ${userSecretData.b.toString()}`);
+			printPoint("userSecretData.f", userSecretData.f);
+			console.log("blinded sig:", blindedSig.toString());
+			console.log("sig.s:", sig.s.toString());
+			printPoint("sig.f", sig.f);
+			console.log("js verify", verified);
+	}
 }
 
 async function iteration() {

client/loop-test/package-lock.json

@@ -45,9 +45,9 @@
       "integrity": "sha512-TosM7Yg1Ux0ZCNwwS/tW95r3q9xIZstgsUGKWaez0Cgq8Oy3qia9RGvyG/fbxlQAvigjza1d057QNQLGvYXCeg=="
     },
     "blindsecp256k1": {
-      "version": "0.0.5",
-      "resolved": "https://registry.npmjs.org/blindsecp256k1/-/blindsecp256k1-0.0.5.tgz",
-      "integrity": "sha512-P+ahL3AlZY2RvtEUH7W3yidTNfDsu7yUsb2OOorEzsSE0cBovQKyBi+d883CVwbgjcW4mFFmHYgBZ0q+QOz9zQ==",
+      "version": "0.0.6",
+      "resolved": "https://registry.npmjs.org/blindsecp256k1/-/blindsecp256k1-0.0.6.tgz",
+      "integrity": "sha512-M+QV0G6h5FIR0eqiRkW3DySMoDoobHkr8Zrcx1kLxuvbpZaBI5NL60LI3c600TaHz4TuEJB2C2BdDWsA6JYl4w==",
       "requires": {
         "@ethersproject/keccak256": "5.0.7",
         "bigi": "^1.4.2",

client/loop-test/package.json

@@ -10,6 +10,6 @@
   "license": "ISC",
   "dependencies": {
     "axios": "^0.21.1",
-    "blindsecp256k1": "0.0.5"
+    "blindsecp256k1": "0.0.6"
   }
 }

client/loop.js

@@ -64,6 +64,20 @@ async function verify() {
 		console.log("verify", verified);
 		alert("ERROR")
 	}
+	// send to verify by the go server
+	let data = {
+		m: mBlinded.toString(),
+		sig: {
+			s: sig.s.toString(),
+			f: {
+				x: sig.f.affineX.toString(),
+				y: sig.f.affineY.toString()
+			}
+		}
+	};
+	let res = await axios.post(apiUrl+'/blindsign', data);
+	console.log("res", res.data);
+	console.log("ver by server", res.data.verification);
 }
 
 async function iteration() {

main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"fmt"
 	"math/big"
 	"net/http"
 
@@ -48,6 +49,36 @@ func postBlindSign(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{"sBlind": sBlind.String()})
 }
 
+type msgPostVerify struct {
+	M   string                    `json:"m"`
+	Sig *blindsecp256k1.Signature `json:"sig"`
+	Q   *blindsecp256k1.PublicKey `json:"q"`
+}
+
+func postVerify(c *gin.Context) {
+	var msg msgPostVerify
+	c.BindJSON(&msg)
+
+	m, ok := new(big.Int).SetString(msg.M, 10)
+	if !ok {
+		c.String(http.StatusBadRequest, "can not parse m")
+		return
+	}
+	fmt.Println(msg.Sig.S, msg.Sig.F)
+	v := blindsecp256k1.Verify(m, msg.Sig, sk.Public())
+	fmt.Println("v", v)
+	if !v {
+		fmt.Println("m", m)
+		fmt.Println("sig.s", msg.Sig.S)
+		fmt.Println("sig.f", msg.Sig.F)
+		fmt.Println("pubk", sk.Public())
+		fmt.Println("q", msg.Q)
+		c.JSON(http.StatusNotAcceptable, gin.H{"verification": false})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"verification": v})
+}
+
 func main() {
 	secretRs = make(map[string]*big.Int)
 	sk = blindsecp256k1.NewPrivateKey()
@@ -56,6 +87,7 @@ func main() {
 
 	r.GET("/request", getNewRequest)
 	r.POST("/blindsign", postBlindSign)
+	r.POST("/verify", postVerify)
 	r.Static("/web", "./client")
 
 	r.Run("127.0.0.1:3000")

package-lock.json

@@ -0,0 +1,3 @@
+{
+  "lockfileVersion": 1
+}