lssa/accounts/src/key_management/mod.rs

use aes_gcm::{aead::Aead, Aes256Gcm, KeyInit};
use common::merkle_tree_public::TreeHashType;
use constants_types::{CipherText, Nonce};
use elliptic_curve::point::AffineCoordinates;
use ephemeral_key_holder::EphemeralKeyHolder;
use k256::{ecdsa::SigningKey, AffinePoint, FieldBytes};
use log::info;
use rand::{rngs::OsRng, RngCore};
use secret_holders::{SeedHolder, TopSecretKeyHolder, UTXOSecretKeyHolder};
use serde::{Deserialize, Serialize};

use crate::account_core::PublicKey;
pub type PublicAccountSigningKey = [u8; 32];

pub mod constants_types;
pub mod ephemeral_key_holder;
pub mod secret_holders;

#[derive(Serialize, Deserialize, Clone)]
///Entrypoint to key management
pub struct AddressKeyHolder {
    //Will be useful in future
    #[allow(dead_code)]
    top_secret_key_holder: TopSecretKeyHolder,
    pub utxo_secret_key_holder: UTXOSecretKeyHolder,
    pub_account_signing_key: PublicAccountSigningKey,
    pub address: TreeHashType,
    pub nullifer_public_key: PublicKey,
    pub viewing_public_key: PublicKey,
}

impl AddressKeyHolder {
    pub fn new_os_random() -> Self {
        //Currently dropping SeedHolder at the end of initialization.
        //Now entirely sure if we need it in the future.
        let seed_holder = SeedHolder::new_os_random();
        let top_secret_key_holder = seed_holder.produce_top_secret_key_holder();

        let utxo_secret_key_holder = top_secret_key_holder.produce_utxo_secret_holder();

        let address = utxo_secret_key_holder.generate_address();
        let nullifer_public_key = utxo_secret_key_holder.generate_nullifier_public_key();
        let viewing_public_key = utxo_secret_key_holder.generate_viewing_public_key();

        let pub_account_signing_key = {
            let mut bytes = [0; 32];
            OsRng.fill_bytes(&mut bytes);
            bytes
        };

        Self {
            top_secret_key_holder,
            utxo_secret_key_holder,
            address,
            nullifer_public_key,
            viewing_public_key,
            pub_account_signing_key,
        }
    }

    /// Returns the signing key for public transaction signatures
    pub fn get_pub_account_signing_key(&self) -> SigningKey {
        let field_bytes = FieldBytes::from_slice(&self.pub_account_signing_key);
        // TODO: remove unwrap
        SigningKey::from_bytes(&field_bytes).unwrap()
    }

    pub fn calculate_shared_secret_receiver(
        &self,
        ephemeral_public_key_sender: AffinePoint,
    ) -> AffinePoint {
        (ephemeral_public_key_sender * self.utxo_secret_key_holder.viewing_secret_key).into()
    }

    pub fn decrypt_data(
        &self,
        ephemeral_public_key_sender: AffinePoint,
        ciphertext: CipherText,
        nonce: Nonce,
    ) -> Result<Vec<u8>, aes_gcm::Error> {
        let shared_secret = self.calculate_shared_secret_receiver(ephemeral_public_key_sender);
        let cipher = Aes256Gcm::new(&shared_secret.x());

        cipher.decrypt(&nonce, ciphertext.as_slice())
    }

    pub fn log(&self) {
        info!(
            "Secret spending key is {:?}",
            hex::encode(
                serde_json::to_vec(&self.top_secret_key_holder.secret_spending_key).unwrap()
            ),
        );
        info!(
            "Nulifier secret key is {:?}",
            hex::encode(
                serde_json::to_vec(&self.utxo_secret_key_holder.nullifier_secret_key).unwrap()
            ),
        );
        info!(
            "Viewing secret key is {:?}",
            hex::encode(
                serde_json::to_vec(&self.utxo_secret_key_holder.viewing_secret_key).unwrap()
            ),
        );
        info!(
            "Nullifier public key is {:?}",
            hex::encode(serde_json::to_vec(&self.nullifer_public_key).unwrap()),
        );
        info!(
            "Viewing public key is {:?}",
            hex::encode(serde_json::to_vec(&self.viewing_public_key).unwrap()),
        );
    }
}

#[cfg(test)]
mod tests {
    use aes_gcm::{
        aead::{Aead, KeyInit, OsRng},
        Aes256Gcm,
    };
    use constants_types::{CipherText, Nonce};
    use constants_types::{NULLIFIER_SECRET_CONST, VIEWING_SECRET_CONST};
    use elliptic_curve::ff::Field;
    use elliptic_curve::group::prime::PrimeCurveAffine;
    use elliptic_curve::point::AffineCoordinates;
    use k256::{AffinePoint, ProjectivePoint, Scalar};

    use crate::key_management::ephemeral_key_holder::EphemeralKeyHolder;

    use super::*;

    #[test]
    fn test_new_os_random() {
        // Ensure that a new AddressKeyHolder instance can be created without errors.
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Check that key holder fields are initialized with expected types
        assert!(!Into::<bool>::into(
            address_key_holder.nullifer_public_key.is_identity()
        ));
        assert!(!Into::<bool>::into(
            address_key_holder.viewing_public_key.is_identity()
        ));
    }

    #[test]
    fn test_calculate_shared_secret_receiver() {
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Generate a random ephemeral public key sender
        let scalar = Scalar::random(&mut OsRng);
        let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();

        // Calculate shared secret
        let shared_secret =
            address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);

        // Ensure the shared secret is not an identity point (suggesting non-zero output)
        assert!(!Into::<bool>::into(shared_secret.is_identity()));
    }

    #[test]
    fn test_decrypt_data() {
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Generate an ephemeral key and shared secret
        let ephemeral_public_key_sender =
            EphemeralKeyHolder::new_os_random().generate_ephemeral_public_key();
        let shared_secret =
            address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);

        // Encrypt sample data
        let cipher = Aes256Gcm::new(&shared_secret.x());
        let nonce = Nonce::from_slice(b"unique nonce");
        let plaintext = b"Sensitive data";
        let ciphertext = cipher
            .encrypt(nonce, plaintext.as_ref())
            .expect("encryption failure");

        // Attempt decryption
        let decrypted_data: Vec<u8> = address_key_holder
            .decrypt_data(
                ephemeral_public_key_sender,
                CipherText::from(ciphertext),
                nonce.clone(),
            )
            .unwrap();

        // Verify decryption is successful and matches original plaintext
        assert_eq!(decrypted_data, plaintext);
    }

    #[test]
    fn test_new_os_random_initialization() {
        // Ensure that AddressKeyHolder is initialized correctly
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Check that key holder fields are initialized with expected types and values
        assert!(!Into::<bool>::into(
            address_key_holder.nullifer_public_key.is_identity()
        ));
        assert!(!Into::<bool>::into(
            address_key_holder.viewing_public_key.is_identity()
        ));
        assert!(address_key_holder.address.as_slice().len() > 0); // Assume TreeHashType has non-zero length for a valid address
    }

    #[test]
    fn test_calculate_shared_secret_with_identity_point() {
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Use identity point as ephemeral public key
        let identity_point = AffinePoint::identity();

        // Calculate shared secret
        let shared_secret = address_key_holder.calculate_shared_secret_receiver(identity_point);

        // The shared secret with the identity point should also result in the identity point
        assert!(Into::<bool>::into(shared_secret.is_identity()));
    }

    #[test]
    #[should_panic]
    fn test_decrypt_data_with_incorrect_nonce() {
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Generate ephemeral public key and shared secret
        let scalar = Scalar::random(OsRng);
        let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();
        let shared_secret =
            address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);

        // Encrypt sample data with a specific nonce
        let cipher = Aes256Gcm::new(&shared_secret.x());
        let nonce = Nonce::from_slice(b"unique nonce");
        let plaintext = b"Sensitive data";
        let ciphertext = cipher
            .encrypt(nonce, plaintext.as_ref())
            .expect("encryption failure");

        // Attempt decryption with an incorrect nonce
        let incorrect_nonce = Nonce::from_slice(b"wrong nonce");
        let decrypted_data = address_key_holder
            .decrypt_data(
                ephemeral_public_key_sender,
                CipherText::from(ciphertext.clone()),
                incorrect_nonce.clone(),
            )
            .unwrap();

        // The decryption should fail or produce incorrect output due to nonce mismatch
        assert_ne!(decrypted_data, plaintext);
    }

    #[test]
    #[should_panic]
    fn test_decrypt_data_with_incorrect_ciphertext() {
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Generate ephemeral public key and shared secret
        let scalar = Scalar::random(OsRng);
        let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();
        let shared_secret =
            address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);

        // Encrypt sample data
        let cipher = Aes256Gcm::new(&shared_secret.x());
        let nonce = Nonce::from_slice(b"unique nonce");
        let plaintext = b"Sensitive data";
        let ciphertext = cipher
            .encrypt(nonce, plaintext.as_ref())
            .expect("encryption failure");

        // Tamper with the ciphertext to simulate corruption
        let mut corrupted_ciphertext = ciphertext.clone();
        corrupted_ciphertext[0] ^= 1; // Flip a bit in the ciphertext

        // Attempt decryption
        let result = address_key_holder
            .decrypt_data(
                ephemeral_public_key_sender,
                CipherText::from(corrupted_ciphertext),
                nonce.clone(),
            )
            .unwrap();

        // The decryption should fail or produce incorrect output due to tampered ciphertext
        assert_ne!(result, plaintext);
    }

    #[test]
    fn test_encryption_decryption_round_trip() {
        let address_key_holder = AddressKeyHolder::new_os_random();

        // Generate ephemeral key and shared secret
        let scalar = Scalar::random(OsRng);
        let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();

        // Encrypt sample data
        let plaintext = b"Round-trip test data";
        let nonce = Nonce::from_slice(b"unique nonce");

        let shared_secret =
            address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);
        let cipher = Aes256Gcm::new(&shared_secret.x());

        let ciphertext = cipher
            .encrypt(nonce, plaintext.as_ref())
            .expect("encryption failure");

        // Decrypt the data using the `AddressKeyHolder` instance
        let decrypted_data = address_key_holder
            .decrypt_data(
                ephemeral_public_key_sender,
                CipherText::from(ciphertext),
                nonce.clone(),
            )
            .unwrap();

        // Verify the decrypted data matches the original plaintext
        assert_eq!(decrypted_data, plaintext);
    }

    #[test]
    fn test_get_public_account_signing_key() {
        let address_key_holder = AddressKeyHolder::new_os_random();
        let signing_key = address_key_holder.get_pub_account_signing_key();
        assert_eq!(
            signing_key.to_bytes().as_slice(),
            address_key_holder.pub_account_signing_key
        );
    }

    #[test]
    fn key_generation_test() {
        let seed_holder = SeedHolder::new_os_random();
        let top_secret_key_holder = seed_holder.produce_top_secret_key_holder();

        let utxo_secret_key_holder = top_secret_key_holder.produce_utxo_secret_holder();

        let address = utxo_secret_key_holder.generate_address();
        let nullifer_public_key = utxo_secret_key_holder.generate_nullifier_public_key();
        let viewing_public_key = utxo_secret_key_holder.generate_viewing_public_key();

        println!("======Prerequisites======");
        println!();

        println!(
            "Group generator {:?}",
            hex::encode(serde_json::to_vec(&AffinePoint::GENERATOR).unwrap())
        );
        println!(
            "Nullifier constant {:?}",
            hex::encode(*NULLIFIER_SECRET_CONST)
        );
        println!("Viewing constatnt {:?}", hex::encode(*VIEWING_SECRET_CONST));
        println!();

        println!("======Holders======");
        println!();

        println!("{seed_holder:?}");
        println!("{top_secret_key_holder:?}");
        println!("{utxo_secret_key_holder:?}");
        println!();

        println!("======Public data======");
        println!();
        println!("Address{:?}", hex::encode(address));
        println!(
            "Nulifier public key {:?}",
            hex::encode(serde_json::to_vec(&nullifer_public_key).unwrap())
        );
        println!(
            "Viewing public key {:?}",
            hex::encode(serde_json::to_vec(&viewing_public_key).unwrap())
        );
    }
}
fix tests 2025-05-07 16:52:08 -03:00			`use aes_gcm::{aead::Aead, Aes256Gcm, KeyInit};`
fix: refactor 1 2025-04-16 16:17:53 +03:00			`use common::merkle_tree_public::TreeHashType;`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`use constants_types::{CipherText, Nonce};`
fmt 2025-05-07 16:37:03 -03:00			`use elliptic_curve::point::AffineCoordinates;`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`use ephemeral_key_holder::EphemeralKeyHolder;`
add pem feature to k256 and remove manual impls of Serialize and Deserialize 2025-07-15 15:48:59 -03:00			`use k256::{ecdsa::SigningKey, AffinePoint, FieldBytes};`
logging added to UTXO, Account, Transaction 2024-12-30 07:35:05 +01:00			`use log::info;`
add pem feature to k256 and remove manual impls of Serialize and Deserialize 2025-07-15 15:48:59 -03:00			`use rand::{rngs::OsRng, RngCore};`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`use secret_holders::{SeedHolder, TopSecretKeyHolder, UTXOSecretKeyHolder};`
serialize/deserialize `AddressKeyHolder` 2025-05-30 15:20:29 -04:00			`use serde::{Deserialize, Serialize};`
feat: key management added 2024-10-25 09:41:43 +03:00
feat: sequencer core 2024-11-25 07:26:16 +02:00			`use crate::account_core::PublicKey;`
minor refactor 2025-07-16 10:04:23 -03:00			`pub type PublicAccountSigningKey = [u8; 32];`
feat: sequencer core 2024-11-25 07:26:16 +02:00
feat: accounts core added 2024-10-30 12:32:36 +02:00			`pub mod constants_types;`
			`pub mod ephemeral_key_holder;`
			`pub mod secret_holders;`
feat: key management added 2024-10-25 09:41:43 +03:00
serialize/deserialize `AddressKeyHolder` 2025-05-30 15:20:29 -04:00			`#[derive(Serialize, Deserialize, Clone)]`
feat: key management added 2024-10-25 09:41:43 +03:00			`///Entrypoint to key management`
			`pub struct AddressKeyHolder {`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`//Will be useful in future`
			`#[allow(dead_code)]`
			`top_secret_key_holder: TopSecretKeyHolder,`
fix: update 1 2024-12-22 16:14:52 +02:00			`pub utxo_secret_key_holder: UTXOSecretKeyHolder,`
minor refactor 2025-07-16 10:04:23 -03:00			`pub_account_signing_key: PublicAccountSigningKey,`
feat: key management added 2024-10-25 09:41:43 +03:00			`pub address: TreeHashType,`
feat: sequencer core 2024-11-25 07:26:16 +02:00			`pub nullifer_public_key: PublicKey,`
			`pub viewing_public_key: PublicKey,`
feat: key management added 2024-10-25 09:41:43 +03:00			`}`

			`impl AddressKeyHolder {`
			`pub fn new_os_random() -> Self {`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`//Currently dropping SeedHolder at the end of initialization.`
			`//Now entirely sure if we need it in the future.`
feat: key management added 2024-10-25 09:41:43 +03:00			`let seed_holder = SeedHolder::new_os_random();`
			`let top_secret_key_holder = seed_holder.produce_top_secret_key_holder();`

			`let utxo_secret_key_holder = top_secret_key_holder.produce_utxo_secret_holder();`

			`let address = utxo_secret_key_holder.generate_address();`
			`let nullifer_public_key = utxo_secret_key_holder.generate_nullifier_public_key();`
			`let viewing_public_key = utxo_secret_key_holder.generate_viewing_public_key();`

change variable name 2025-07-17 08:36:46 -03:00			`let pub_account_signing_key = {`
add pem feature to k256 and remove manual impls of Serialize and Deserialize 2025-07-15 15:48:59 -03:00			`let mut bytes = [0; 32];`
			`OsRng.fill_bytes(&mut bytes);`
			`bytes`
			`};`

feat: key management added 2024-10-25 09:41:43 +03:00			`Self {`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`top_secret_key_holder,`
feat: key management added 2024-10-25 09:41:43 +03:00			`utxo_secret_key_holder,`
			`address,`
			`nullifer_public_key,`
			`viewing_public_key,`
change variable name 2025-07-17 08:36:46 -03:00			`pub_account_signing_key,`
feat: key management added 2024-10-25 09:41:43 +03:00			`}`
			`}`

add getter for transaction body and test it 2025-07-16 11:54:11 -03:00			`/// Returns the signing key for public transaction signatures`
minor refactor 2025-07-16 10:04:23 -03:00			`pub fn get_pub_account_signing_key(&self) -> SigningKey {`
			`let field_bytes = FieldBytes::from_slice(&self.pub_account_signing_key);`
add pem feature to k256 and remove manual impls of Serialize and Deserialize 2025-07-15 15:48:59 -03:00			`// TODO: remove unwrap`
			`SigningKey::from_bytes(&field_bytes).unwrap()`
			`}`

feat: key management added 2024-10-25 09:41:43 +03:00			`pub fn calculate_shared_secret_receiver(`
			`&self,`
			`ephemeral_public_key_sender: AffinePoint,`
			`) -> AffinePoint {`
			`(ephemeral_public_key_sender * self.utxo_secret_key_holder.viewing_secret_key).into()`
			`}`

feat: accounts core added 2024-10-30 12:32:36 +02:00			`pub fn decrypt_data(`
			`&self,`
			`ephemeral_public_key_sender: AffinePoint,`
			`ciphertext: CipherText,`
			`nonce: Nonce,`
fix: format commit 2024-12-30 09:10:04 +02:00			`) -> Result<Vec<u8>, aes_gcm::Error> {`
use x coordinate as key for aes 2025-05-07 16:34:52 -03:00			`let shared_secret = self.calculate_shared_secret_receiver(ephemeral_public_key_sender);`
			`let cipher = Aes256Gcm::new(&shared_secret.x());`
fmt 2024-11-02 01:40:44 +01:00
fix: format commit 2024-12-30 09:10:04 +02:00			`cipher.decrypt(&nonce, ciphertext.as_slice())`
feat: accounts core added 2024-10-30 12:32:36 +02:00			`}`
logging added to UTXO, Account, Transaction 2024-12-30 07:35:05 +01:00
			`pub fn log(&self) {`
fix: format commit 2024-12-30 09:10:04 +02:00			`info!(`
fix: logging fix 1 2025-01-03 08:13:59 +02:00			`"Secret spending key is {:?}",`
fmt 2025-04-04 15:23:19 -04:00			`hex::encode(`
			`serde_json::to_vec(&self.top_secret_key_holder.secret_spending_key).unwrap()`
			`),`
fix: format commit 2024-12-30 09:10:04 +02:00			`);`
			`info!(`
fix: logging fix 1 2025-01-03 08:13:59 +02:00			`"Nulifier secret key is {:?}",`
fmt 2025-04-04 15:23:19 -04:00			`hex::encode(`
			`serde_json::to_vec(&self.utxo_secret_key_holder.nullifier_secret_key).unwrap()`
			`),`
fix: format commit 2024-12-30 09:10:04 +02:00			`);`
			`info!(`
fix: logging fix 1 2025-01-03 08:13:59 +02:00			`"Viewing secret key is {:?}",`
fmt 2025-04-04 15:23:19 -04:00			`hex::encode(`
			`serde_json::to_vec(&self.utxo_secret_key_holder.viewing_secret_key).unwrap()`
			`),`
fix: format commit 2024-12-30 09:10:04 +02:00			`);`
			`info!(`
fix: logging fix 1 2025-01-03 08:13:59 +02:00			`"Nullifier public key is {:?}",`
replace serilization in key_management 2025-04-04 14:55:50 -04:00			`hex::encode(serde_json::to_vec(&self.nullifer_public_key).unwrap()),`
fix: logging fix 1 2025-01-03 08:13:59 +02:00			`);`
			`info!(`
			`"Viewing public key is {:?}",`
replace serilization in key_management 2025-04-04 14:55:50 -04:00			`hex::encode(serde_json::to_vec(&self.viewing_public_key).unwrap()),`
fix: format commit 2024-12-30 09:10:04 +02:00			`);`
logging added to UTXO, Account, Transaction 2024-12-30 07:35:05 +01:00			`}`
feat: key management added 2024-10-25 09:41:43 +03:00			`}`
fix: adding key generation test 2024-10-25 14:15:00 +03:00
			`#[cfg(test)]`
			`mod tests {`
fmt 2024-11-02 01:40:44 +01:00			`use aes_gcm::{`
			`aead::{Aead, KeyInit, OsRng},`
			`Aes256Gcm,`
			`};`
			`use constants_types::{CipherText, Nonce};`
fix const use 2025-04-18 08:17:40 -04:00			`use constants_types::{NULLIFIER_SECRET_CONST, VIEWING_SECRET_CONST};`
fix tests 2025-05-07 16:52:08 -03:00			`use elliptic_curve::ff::Field;`
fmt 2024-11-02 01:40:44 +01:00			`use elliptic_curve::group::prime::PrimeCurveAffine;`
use x coordinate as key for aes 2025-05-07 16:34:52 -03:00			`use elliptic_curve::point::AffineCoordinates;`
fmt 2025-05-07 16:37:03 -03:00			`use k256::{AffinePoint, ProjectivePoint, Scalar};`
feat: accounts core added 2024-10-30 12:32:36 +02:00
fix: account masks updates to safe state 2025-07-15 12:49:19 +03:00			`use crate::key_management::ephemeral_key_holder::EphemeralKeyHolder;`

fix: adding key generation test 2024-10-25 14:15:00 +03:00			`use super::*;`

add test_new_os_random 2024-11-02 01:34:04 +01:00			`#[test]`
			`fn test_new_os_random() {`
			`// Ensure that a new AddressKeyHolder instance can be created without errors.`
			`let address_key_holder = AddressKeyHolder::new_os_random();`
fmt 2024-11-02 01:40:44 +01:00
add test_new_os_random 2024-11-02 01:34:04 +01:00			`// Check that key holder fields are initialized with expected types`
fmt 2024-11-02 01:40:44 +01:00			`assert!(!Into::<bool>::into(`
			`address_key_holder.nullifer_public_key.is_identity()`
			`));`
			`assert!(!Into::<bool>::into(`
			`address_key_holder.viewing_public_key.is_identity()`
			`));`
add test_new_os_random 2024-11-02 01:34:04 +01:00			`}`

add test_calculate_shared_secret_receiver 2024-11-02 01:34:34 +01:00			`#[test]`
			`fn test_calculate_shared_secret_receiver() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Generate a random ephemeral public key sender`
			`let scalar = Scalar::random(&mut OsRng);`
fix: account masks updates to safe state 2025-07-15 12:49:19 +03:00			`let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();`
add test_calculate_shared_secret_receiver 2024-11-02 01:34:34 +01:00
			`// Calculate shared secret`
fmt 2024-11-02 01:40:44 +01:00			`let shared_secret =`
			`address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);`
add test_calculate_shared_secret_receiver 2024-11-02 01:34:34 +01:00
			`// Ensure the shared secret is not an identity point (suggesting non-zero output)`
			`assert!(!Into::<bool>::into(shared_secret.is_identity()));`
			`}`

add test_decrypt_data 2024-11-02 01:35:00 +01:00			`#[test]`
			`fn test_decrypt_data() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Generate an ephemeral key and shared secret`
fix: account masks updates to safe state 2025-07-15 12:49:19 +03:00			`let ephemeral_public_key_sender =`
			`EphemeralKeyHolder::new_os_random().generate_ephemeral_public_key();`
fmt 2024-11-02 01:40:44 +01:00			`let shared_secret =`
			`address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);`
add test_decrypt_data 2024-11-02 01:35:00 +01:00
			`// Encrypt sample data`
use x coordinate as key for aes 2025-05-07 16:34:52 -03:00			`let cipher = Aes256Gcm::new(&shared_secret.x());`
add test_decrypt_data 2024-11-02 01:35:00 +01:00			`let nonce = Nonce::from_slice(b"unique nonce");`
			`let plaintext = b"Sensitive data";`
fmt 2024-11-02 01:40:44 +01:00			`let ciphertext = cipher`
			`.encrypt(nonce, plaintext.as_ref())`
			`.expect("encryption failure");`
add test_decrypt_data 2024-11-02 01:35:00 +01:00
			`// Attempt decryption`
fix: format commit 2024-12-30 09:10:04 +02:00			`let decrypted_data: Vec<u8> = address_key_holder`
			`.decrypt_data(`
			`ephemeral_public_key_sender,`
			`CipherText::from(ciphertext),`
			`nonce.clone(),`
			`)`
			`.unwrap();`
add test_decrypt_data 2024-11-02 01:35:00 +01:00
			`// Verify decryption is successful and matches original plaintext`
			`assert_eq!(decrypted_data, plaintext);`
			`}`

add test_new_os_random_initialization 2024-11-02 01:36:10 +01:00			`#[test]`
			`fn test_new_os_random_initialization() {`
			`// Ensure that AddressKeyHolder is initialized correctly`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Check that key holder fields are initialized with expected types and values`
fmt 2024-11-02 01:40:44 +01:00			`assert!(!Into::<bool>::into(`
			`address_key_holder.nullifer_public_key.is_identity()`
			`));`
			`assert!(!Into::<bool>::into(`
			`address_key_holder.viewing_public_key.is_identity()`
			`));`
add test_new_os_random_initialization 2024-11-02 01:36:10 +01:00			`assert!(address_key_holder.address.as_slice().len() > 0); // Assume TreeHashType has non-zero length for a valid address`
			`}`

add test_calculate_shared_secret_with_identity_point 2024-11-02 01:36:36 +01:00			`#[test]`
			`fn test_calculate_shared_secret_with_identity_point() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Use identity point as ephemeral public key`
			`let identity_point = AffinePoint::identity();`

			`// Calculate shared secret`
			`let shared_secret = address_key_holder.calculate_shared_secret_receiver(identity_point);`

			`// The shared secret with the identity point should also result in the identity point`
			`assert!(Into::<bool>::into(shared_secret.is_identity()));`
			`}`

add test_decrypt_data_with_incorrect_nonce 2024-11-02 01:37:15 +01:00			`#[test]`
			`#[should_panic]`
			`fn test_decrypt_data_with_incorrect_nonce() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Generate ephemeral public key and shared secret`
			`let scalar = Scalar::random(OsRng);`
remove usage of deprecated function 2025-05-07 16:36:30 -03:00			`let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();`
fmt 2024-11-02 01:40:44 +01:00			`let shared_secret =`
			`address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);`
add test_decrypt_data_with_incorrect_nonce 2024-11-02 01:37:15 +01:00
			`// Encrypt sample data with a specific nonce`
fix tests 2025-05-07 16:52:08 -03:00			`let cipher = Aes256Gcm::new(&shared_secret.x());`
add test_decrypt_data_with_incorrect_nonce 2024-11-02 01:37:15 +01:00			`let nonce = Nonce::from_slice(b"unique nonce");`
			`let plaintext = b"Sensitive data";`
fmt 2024-11-02 01:40:44 +01:00			`let ciphertext = cipher`
			`.encrypt(nonce, plaintext.as_ref())`
			`.expect("encryption failure");`
add test_decrypt_data_with_incorrect_nonce 2024-11-02 01:37:15 +01:00
			`// Attempt decryption with an incorrect nonce`
			`let incorrect_nonce = Nonce::from_slice(b"wrong nonce");`
fix: format commit 2024-12-30 09:10:04 +02:00			`let decrypted_data = address_key_holder`
			`.decrypt_data(`
			`ephemeral_public_key_sender,`
			`CipherText::from(ciphertext.clone()),`
			`incorrect_nonce.clone(),`
			`)`
			`.unwrap();`
add test_decrypt_data_with_incorrect_nonce 2024-11-02 01:37:15 +01:00
			`// The decryption should fail or produce incorrect output due to nonce mismatch`
			`assert_ne!(decrypted_data, plaintext);`
			`}`

add test_decrypt_data_with_incorrect_ciphertext 2024-11-02 01:37:49 +01:00			`#[test]`
			`#[should_panic]`
			`fn test_decrypt_data_with_incorrect_ciphertext() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Generate ephemeral public key and shared secret`
			`let scalar = Scalar::random(OsRng);`
remove usage of deprecated function 2025-05-07 16:36:30 -03:00			`let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();`
fmt 2024-11-02 01:40:44 +01:00			`let shared_secret =`
			`address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);`
add test_decrypt_data_with_incorrect_ciphertext 2024-11-02 01:37:49 +01:00
			`// Encrypt sample data`
fix tests 2025-05-07 16:52:08 -03:00			`let cipher = Aes256Gcm::new(&shared_secret.x());`
add test_decrypt_data_with_incorrect_ciphertext 2024-11-02 01:37:49 +01:00			`let nonce = Nonce::from_slice(b"unique nonce");`
			`let plaintext = b"Sensitive data";`
fmt 2024-11-02 01:40:44 +01:00			`let ciphertext = cipher`
			`.encrypt(nonce, plaintext.as_ref())`
			`.expect("encryption failure");`
add test_decrypt_data_with_incorrect_ciphertext 2024-11-02 01:37:49 +01:00
			`// Tamper with the ciphertext to simulate corruption`
			`let mut corrupted_ciphertext = ciphertext.clone();`
			`corrupted_ciphertext[0] ^= 1; // Flip a bit in the ciphertext`

			`// Attempt decryption`
fix: format commit 2024-12-30 09:10:04 +02:00			`let result = address_key_holder`
			`.decrypt_data(`
			`ephemeral_public_key_sender,`
			`CipherText::from(corrupted_ciphertext),`
			`nonce.clone(),`
			`)`
			`.unwrap();`
add test_decrypt_data_with_incorrect_ciphertext 2024-11-02 01:37:49 +01:00
			`// The decryption should fail or produce incorrect output due to tampered ciphertext`
			`assert_ne!(result, plaintext);`
			`}`

add test_encryption_decryption_round_trip 2024-11-02 01:38:15 +01:00			`#[test]`
			`fn test_encryption_decryption_round_trip() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`

			`// Generate ephemeral key and shared secret`
			`let scalar = Scalar::random(OsRng);`
remove usage of deprecated function 2025-05-07 16:36:30 -03:00			`let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine();`
add test_encryption_decryption_round_trip 2024-11-02 01:38:15 +01:00
			`// Encrypt sample data`
			`let plaintext = b"Round-trip test data";`
			`let nonce = Nonce::from_slice(b"unique nonce");`

fmt 2024-11-02 01:40:44 +01:00			`let shared_secret =`
			`address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender);`
use x coordinate as key for aes 2025-05-07 16:34:52 -03:00			`let cipher = Aes256Gcm::new(&shared_secret.x());`
add test_encryption_decryption_round_trip 2024-11-02 01:38:15 +01:00
fmt 2024-11-02 01:40:44 +01:00			`let ciphertext = cipher`
			`.encrypt(nonce, plaintext.as_ref())`
			`.expect("encryption failure");`
add test_encryption_decryption_round_trip 2024-11-02 01:38:15 +01:00
			// Decrypt the data using the `AddressKeyHolder` instance
fix: format commit 2024-12-30 09:10:04 +02:00			`let decrypted_data = address_key_holder`
			`.decrypt_data(`
			`ephemeral_public_key_sender,`
			`CipherText::from(ciphertext),`
			`nonce.clone(),`
			`)`
			`.unwrap();`
add test_encryption_decryption_round_trip 2024-11-02 01:38:15 +01:00
			`// Verify the decrypted data matches the original plaintext`
			`assert_eq!(decrypted_data, plaintext);`
			`}`

add test for signing key getter 2025-07-16 11:43:40 -03:00			`#[test]`
			`fn test_get_public_account_signing_key() {`
			`let address_key_holder = AddressKeyHolder::new_os_random();`
			`let signing_key = address_key_holder.get_pub_account_signing_key();`
			`assert_eq!(`
			`signing_key.to_bytes().as_slice(),`
			`address_key_holder.pub_account_signing_key`
			`);`
			`}`

fix: adding key generation test 2024-10-25 14:15:00 +03:00			`#[test]`
			`fn key_generation_test() {`
			`let seed_holder = SeedHolder::new_os_random();`
			`let top_secret_key_holder = seed_holder.produce_top_secret_key_holder();`

			`let utxo_secret_key_holder = top_secret_key_holder.produce_utxo_secret_holder();`

			`let address = utxo_secret_key_holder.generate_address();`
			`let nullifer_public_key = utxo_secret_key_holder.generate_nullifier_public_key();`
			`let viewing_public_key = utxo_secret_key_holder.generate_viewing_public_key();`

			`println!("======Prerequisites======");`
			`println!();`

fix: fmt commit 2024-10-25 14:19:42 +03:00			`println!(`
			`"Group generator {:?}",`
replace serilization in key_management 2025-04-04 14:55:50 -04:00			`hex::encode(serde_json::to_vec(&AffinePoint::GENERATOR).unwrap())`
fix: fmt commit 2024-10-25 14:19:42 +03:00			`);`
			`println!(`
			`"Nullifier constant {:?}",`
fix const use 2025-04-18 08:17:40 -04:00			`hex::encode(*NULLIFIER_SECRET_CONST)`
fix: fmt commit 2024-10-25 14:19:42 +03:00			`);`
fix const use 2025-04-18 08:17:40 -04:00			`println!("Viewing constatnt {:?}", hex::encode(*VIEWING_SECRET_CONST));`
fix: adding key generation test 2024-10-25 14:15:00 +03:00			`println!();`

			`println!("======Holders======");`
			`println!();`

			`println!("{seed_holder:?}");`
			`println!("{top_secret_key_holder:?}");`
			`println!("{utxo_secret_key_holder:?}");`
			`println!();`

			`println!("======Public data======");`
			`println!();`
			`println!("Address{:?}", hex::encode(address));`
fix: fmt commit 2024-10-25 14:19:42 +03:00			`println!(`
			`"Nulifier public key {:?}",`
replace serilization in key_management 2025-04-04 14:55:50 -04:00			`hex::encode(serde_json::to_vec(&nullifer_public_key).unwrap())`
fix: fmt commit 2024-10-25 14:19:42 +03:00			`);`
			`println!(`
			`"Viewing public key {:?}",`
replace serilization in key_management 2025-04-04 14:55:50 -04:00			`hex::encode(serde_json::to_vec(&viewing_public_key).unwrap())`
fix: fmt commit 2024-10-25 14:19:42 +03:00			`);`
fix: adding key generation test 2024-10-25 14:15:00 +03:00			`}`
			`}`