bulletproofs: expose a macro returning proof-size

HalosGhost · apoelstra · commit 6463ffba9654 · 2022-08-27T17:20:26.000Z
This PR adds a convenience macro enabling callers to allocate the
necessary and sufficient space for an uncompressed rangeproof. In
particular, this makes it tractible to avoid pessimistically
over-allocating the maximum possible space an uncompressed
rangeproof might ever occupy.

Also, SECP256K1_BULLETPROOFS_RANGEPROOF_UNCOMPRESSED_MAX_LENGTH_ is
redefined as a short-cut leveraging the new convenience macro. This
both makes clear from where the maximum length is derived, and
should avoid the two macros drifting apart should the expected size
change (e.g., if compression is supported in the future).
diff --git a/include/secp256k1_bulletproofs.h b/include/secp256k1_bulletproofs.h
@@ -10,11 +10,20 @@ extern "C" {
 
 #include <stdint.h>
 
+/** A function-like macro returning the size, in bytes, of an uncompressed
+ *  Bulletproof proving that a value lies in the range [0, 2^(n_bits) - 1]
+ *
+ *  A proof contains: 65 bytes for (A, S); 65 for (T1, T2); 64 for (tau_x, mu)
+ *  followed by n_bits-many scalar pairs (l(i), r(i)).
+ */
+#define SECP256K1_BULLETPROOFS_UNCOMPRESSED_SIZE(n_bits) (65UL + 65 + 64 + (n_bits) * 64)
+
 /** Maximum size, in bytes, of an uncompressed rangeproof */
 extern const size_t SECP256K1_BULLETPROOFS_RANGEPROOF_UNCOMPRESSED_MAX_LENGTH;
 
 /** The same value, as a C macro so it can be used as C89 array size */
-#define SECP256K1_BULLETPROOFS_RANGEPROOF_UNCOMPRESSED_MAX_LENGTH_ (194 + 4096)
+#define SECP256K1_BULLETPROOFS_RANGEPROOF_UNCOMPRESSED_MAX_LENGTH_ \
+    SECP256K1_BULLETPROOFS_UNCOMPRESSED_SIZE(64)
 
 /** Opaque data structure that holds the current state of an uncompressed
  * Bulletproof proof generation. This data is not secret and does not need
diff --git a/src/modules/bulletproofs/main_impl.h b/src/modules/bulletproofs/main_impl.h
@@ -130,7 +130,7 @@ size_t secp256k1_bulletproofs_rangeproof_uncompressed_proof_length(const secp256
     if (n_bits > 64) {
         return 0;
     }
-    return 2 * 65 + 64 + n_bits * 64;
+    return SECP256K1_BULLETPROOFS_UNCOMPRESSED_SIZE(n_bits);
 }
 
 int secp256k1_bulletproofs_rangeproof_uncompressed_prove(

Original file line number	Diff line number	Diff line change
`@@ -130,7 +130,7 @@ size_t secp256k1_bulletproofs_rangeproof_uncompressed_proof_length(const secp256`
`130`	`130`	`if (n_bits > 64) {`
`131`	`131`	`return 0;`
`132`	`132`	`}`
`133`		`- return 2 * 65 + 64 + n_bits * 64;`
	`133`	`+ return SECP256K1_BULLETPROOFS_UNCOMPRESSED_SIZE(n_bits);`
`134`	`134`	`}`
`135`	`135`
`136`	`136`	`int secp256k1_bulletproofs_rangeproof_uncompressed_prove(`