neo-project · erikzhang · Jun 30, 2021 · May 16, 2021 · May 16, 2021 · May 16, 2021
diff --git a/src/neo/Cryptography/ECC/ECCurve.cs b/src/neo/Cryptography/ECC/ECCurve.cs
@@ -11,7 +11,7 @@ public class ECCurve
         internal readonly BigInteger Q;
         internal readonly ECFieldElement A;
         internal readonly ECFieldElement B;
-        internal readonly BigInteger N;
+        public readonly BigInteger N;
         /// <summary>
         /// The point at infinity.
         /// </summary>

diff --git a/src/neo/Cryptography/Helper.cs b/src/neo/Cryptography/Helper.cs
@@ -50,6 +50,18 @@ public static uint Murmur32(this byte[] value, uint seed)
             return BinaryPrimitives.ReadUInt32LittleEndian(murmur.ComputeHash(value));
         }
 
+        /// <summary>
+        /// Computes the 128-bit hash value for the specified byte array using the murmur algorithm.
+        /// </summary>
+        /// <param name="value">The input to compute the hash code for.</param>
+        /// <param name="seed">The seed used by the murmur algorithm.</param>
+        /// <returns>The computed hash code.</returns>
+        public static byte[] Murmur128(this byte[] value, uint seed)
+        {
+            using Murmur128 murmur = new(seed);
+            return murmur.ComputeHash(value);
+        }
+
         /// <summary>
         /// Computes the hash value for the specified byte array using the sha256 algorithm.
         /// </summary>

diff --git a/src/neo/Cryptography/Murmur128.cs b/src/neo/Cryptography/Murmur128.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Buffers.Binary;
+using System.Runtime.CompilerServices;
+using System.Security.Cryptography;
+
+namespace Neo.Cryptography
+{
+    /// <summary>
+    /// Computes the 128 bits murmur hash for the input data.
+    /// </summary>
+    public sealed class Murmur128 : HashAlgorithm
+    {
+        private const ulong c1 = 0x87c37b91114253d5;
+        private const ulong c2 = 0x4cf5ad432745937f;
+        private const int r1 = 31;
+        private const int r2 = 33;
+        private const uint m = 5;
+        private const uint n1 = 0x52dce729;
+        private const uint n2 = 0x38495ab5;
+
+        private readonly uint seed;
+        private int length;
+
+        public override int HashSize => 128;
+
+        private ulong H1 { get; set; }
+        private ulong H2 { get; set; }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="Murmur128"/> class with the specified seed.
+        /// </summary>
+        /// <param name="seed">The seed to be used.</param>
+        public Murmur128(uint seed)
+        {
+            this.seed = seed;
+            Initialize();
+        }
+
+        protected override void HashCore(byte[] array, int ibStart, int cbSize)
+        {
+            length += cbSize;
+            int remainder = cbSize & 15;
+            int alignedLength = ibStart + (cbSize - remainder);
+            for (int i = ibStart; i < alignedLength; i += 16)
+            {
+                ulong k1 = BinaryPrimitives.ReadUInt64BigEndian(array.AsSpan(i));
+                k1 *= c1;
+                k1 = RotateLeft(k1, r1);
+                k1 *= c2;
+                H1 ^= k1;
+                H1 = RotateLeft(H1, 27);
+                H1 += H2;
+                H1 = H1 * m + n1;
+
+                ulong k2 = BinaryPrimitives.ReadUInt64BigEndian(array.AsSpan(i + 8));
+                k2 *= c2;
+                k2 = RotateLeft(k2, r2);
+                k2 *= c1;
+                H2 ^= k2;
+                H2 = RotateLeft(H2, 31);
+                H2 += H1;
+                H2 = H2 * m + n2;
+            }
+
+            if (remainder > 0)
+            {
+                ulong remainingBytesL = 0, remainingBytesH = 0;
+                switch (remainder)
+                {
+                    case 15: remainingBytesH ^= (ulong)array[alignedLength + 14] << 48; goto case 14;
+                    case 14: remainingBytesH ^= (ulong)array[alignedLength + 13] << 40; goto case 13;
+                    case 13: remainingBytesH ^= (ulong)array[alignedLength + 12] << 32; goto case 12;
+                    case 12: remainingBytesH ^= (ulong)array[alignedLength + 11] << 24; goto case 11;
+                    case 11: remainingBytesH ^= (ulong)array[alignedLength + 10] << 16; goto case 10;
+                    case 10: remainingBytesH ^= (ulong)array[alignedLength + 9] << 8; goto case 9;
+                    case 9: remainingBytesH ^= (ulong)array[alignedLength + 8] << 0; goto case 8;
+                    case 8: remainingBytesL ^= (ulong)array[alignedLength + 7] << 56; goto case 7;
+                    case 7: remainingBytesL ^= (ulong)array[alignedLength + 6] << 48; goto case 6;
+                    case 6: remainingBytesL ^= (ulong)array[alignedLength + 5] << 40; goto case 5;
+                    case 5: remainingBytesL ^= (ulong)array[alignedLength + 4] << 32; goto case 4;
+                    case 4: remainingBytesL ^= (ulong)array[alignedLength + 3] << 24; goto case 3;
+                    case 3: remainingBytesL ^= (ulong)array[alignedLength + 2] << 16; goto case 2;
+                    case 2: remainingBytesL ^= (ulong)array[alignedLength + 1] << 8; goto case 1;
+                    case 1: remainingBytesL ^= (ulong)array[alignedLength] << 0; break;
+                }
+
+                H2 ^= RotateLeft(remainingBytesH * c2, r2) * c1;
+                H1 ^= RotateLeft(remainingBytesL * c1, r1) * c2;
+            }
+        }
+
+        protected override byte[] HashFinal()
+        {
+            ulong len = (ulong)length;
+            H1 ^= len; H2 ^= len;
+
+            H1 += H2;
+            H2 += H1;
+
+            H1 = FMix(H1);
+            H2 = FMix(H2);
+
+            H1 += H2;
+            H2 += H1;
+
+            var buffer = new byte[16];
+            Array.Copy(BitConverter.GetBytes(H1), 0, buffer, 0, 8);
+            Array.Copy(BitConverter.GetBytes(H2), 0, buffer, 8, 8);
+
+            return buffer;
+        }
+
+        public override void Initialize()
+        {
+            H1 = H2 = seed;
+            length = 0;
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        private static ulong RotateLeft(ulong x, byte n)
+        {
+            return (x << n) | (x >> (64 - n));
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        private static ulong FMix(ulong h)
+        {
+            // pipelining friendly algorithm
+            h = (h ^ (h >> 33)) * 0xff51afd7ed558ccd;
+            h = (h ^ (h >> 33)) * 0xc4ceb9fe1a85ec53;
+
+            return (h ^ (h >> 33));
+        }
+    }
+}
diff --git a/src/neo/NeoSystem.cs b/src/neo/NeoSystem.cs
@@ -133,6 +133,7 @@ public NeoSystem(ProtocolSettings settings, string storageEngine = null, string
                 PrevHash = UInt256.Zero,
                 MerkleRoot = UInt256.Zero,
                 Timestamp = (new DateTime(2016, 7, 15, 15, 8, 21, DateTimeKind.Utc)).ToTimestampMS(),
+                Nonce = 2083236893, // nonce from the Bitcoin genesis block.
                 Index = 0,
                 PrimaryIndex = 0,
                 NextConsensus = Contract.GetBFTAddress(settings.StandbyValidators),

diff --git a/src/neo/Network/P2P/Payloads/Block.cs b/src/neo/Network/P2P/Payloads/Block.cs
@@ -46,6 +46,11 @@ public sealed class Block : IEquatable<Block>, IInventory
         /// </summary>
         public ulong Timestamp => Header.Timestamp;
 
+        /// <summary>
+        /// The random number of the block from VRF.
+        /// </summary>
+        public ulong Nonce => Header.Nonce;
+
         /// <summary>
         /// The index of the block.
         /// </summary>

diff --git a/src/neo/Network/P2P/Payloads/Header.cs b/src/neo/Network/P2P/Payloads/Header.cs
@@ -19,6 +19,7 @@ public sealed class Header : IEquatable<Header>, IVerifiable
         private UInt256 prevHash;
         private UInt256 merkleRoot;
         private ulong timestamp;
+        private ulong nonce;
         private uint index;
         private byte primaryIndex;
         private UInt160 nextConsensus;
@@ -64,6 +65,15 @@ public ulong Timestamp
             set { timestamp = value; _hash = null; }
         }
 
+        /// <summary>
+        /// The first eight bytes of random number generated from VRF.
+        /// </summary>
+        public ulong Nonce
+        {
+            get => nonce;
+            set { nonce = value; _hash = null; }
+        }
+
         /// <summary>
         /// The index of the block.
         /// </summary>
@@ -109,6 +119,7 @@ public UInt256 Hash
             UInt256.Length +    // PrevHash
             UInt256.Length +    // MerkleRoot
             sizeof(ulong) +     // Timestamp
+            sizeof(ulong) +      // Nonce
             sizeof(uint) +      // Index
             sizeof(byte) +      // PrimaryIndex
             UInt160.Length +    // NextConsensus
@@ -143,6 +154,7 @@ void IVerifiable.DeserializeUnsigned(BinaryReader reader)
             prevHash = reader.ReadSerializable<UInt256>();
             merkleRoot = reader.ReadSerializable<UInt256>();
             timestamp = reader.ReadUInt64();
+            nonce = reader.ReadUInt64();
             index = reader.ReadUInt32();
             primaryIndex = reader.ReadByte();
             nextConsensus = reader.ReadSerializable<UInt160>();
@@ -185,6 +197,7 @@ void IVerifiable.SerializeUnsigned(BinaryWriter writer)
             writer.Write(prevHash);
             writer.Write(merkleRoot);
             writer.Write(timestamp);
+            writer.Write(nonce);
             writer.Write(index);
             writer.Write(primaryIndex);
             writer.Write(nextConsensus);
@@ -204,6 +217,7 @@ public JObject ToJson(ProtocolSettings settings)
             json["previousblockhash"] = prevHash.ToString();
             json["merkleroot"] = merkleRoot.ToString();
             json["time"] = timestamp;
+            json["nonce"] = nonce.ToString("X16");
             json["index"] = index;
             json["primary"] = primaryIndex;
             json["nextconsensus"] = nextConsensus.ToAddress(settings.AddressVersion);

diff --git a/src/neo/SmartContract/ApplicationEngine.Runtime.cs b/src/neo/SmartContract/ApplicationEngine.Runtime.cs
@@ -77,6 +77,12 @@ partial class ApplicationEngine
         /// </summary>
         public static readonly InteropDescriptor System_Runtime_GetInvocationCounter = Register("System.Runtime.GetInvocationCounter", nameof(GetInvocationCounter), 1 << 4, CallFlags.None);
 
+        /// <summary>
+        /// The <see cref="InteropDescriptor"/> of System.Runtime.GetRandom.
+        /// Gets the random number generated from the VRF.
+        /// </summary>
+        public static readonly InteropDescriptor System_Runtime_GetRandom = Register("System.Runtime.GetRandom", nameof(GetRandom), 1 << 4, CallFlags.None);
+
         /// <summary>
         /// The <see cref="InteropDescriptor"/> of System.Runtime.Log.
         /// Writes a log.
@@ -228,6 +234,23 @@ protected internal int GetInvocationCounter()
             return counter;
         }
 
+        /// <summary>
+        /// The implementation of System.Runtime.GetRandom.
+        /// Gets the random number, random number will xor with the hash value of the transaction.
+        /// </summary>
+        /// <returns>The first eight bytes of the random number.</returns>
+        protected internal ulong GetRandom()
+        {
+            // Return 0 if here is no persistingBlock.
+            // We need this for users to test their transactions locally.
+            if (nextNonce == 0) return 0;
+            var nonce = nextNonce;
+            nextNonce = BitConverter.ToUInt64(Cryptography.Helper.Murmur128(BitConverter.GetBytes(nonce), 123)[..8]);
+            var tx = (Transaction)ScriptContainer;
+
+            return nonce ^ BitConverter.ToUInt64(tx?.Hash.ToArray());
+        }
+
         /// <summary>
         /// The implementation of System.Runtime.Log.
         /// Writes a log.

diff --git a/src/neo/SmartContract/ApplicationEngine.cs b/src/neo/SmartContract/ApplicationEngine.cs
@@ -115,6 +115,12 @@ public partial class ApplicationEngine : ExecutionEngine
         /// </summary>
         public IReadOnlyList<NotifyEventArgs> Notifications => notifications ?? (IReadOnlyList<NotifyEventArgs>)Array.Empty<NotifyEventArgs>();
 
+        /// <summary>
+        /// The nonce seed for the next random call.
+        /// </summary>
+        private ulong nextNonce;
+
+
         /// <summary>
         /// Initializes a new instance of the <see cref="ApplicationEngine"/> class.
         /// </summary>
@@ -134,6 +140,11 @@ protected ApplicationEngine(TriggerType trigger, IVerifiable container, DataCach
             this.gas_amount = gas;
             this.exec_fee_factor = snapshot is null || persistingBlock?.Index == 0 ? PolicyContract.DefaultExecFeeFactor : NativeContract.Policy.GetExecFeeFactor(Snapshot);
             this.StoragePrice = snapshot is null || persistingBlock?.Index == 0 ? PolicyContract.DefaultStoragePrice : NativeContract.Policy.GetStoragePrice(Snapshot);
+
+            if (persistingBlock != null) // Make sure to update the nonce when a new Block is persisting
+            {
+                nextNonce = persistingBlock.Nonce;
+            }
         }
 
         /// <summary>

diff --git a/src/neo/SmartContract/Native/TrimmedBlock.cs b/src/neo/SmartContract/Native/TrimmedBlock.cs
@@ -64,6 +64,7 @@ StackItem IInteroperable.ToStackItem(ReferenceCounter referenceCounter)
                 Header.PrevHash.ToArray(),
                 Header.MerkleRoot.ToArray(),
                 Header.Timestamp,
+                Header.Nonce,
                 Header.Index,
                 Header.PrimaryIndex,
                 Header.NextConsensus.ToArray(),

diff --git a/tests/neo.UnitTests/Cryptography/UT_Murmur128.cs b/tests/neo.UnitTests/Cryptography/UT_Murmur128.cs
@@ -0,0 +1,31 @@
+using FluentAssertions;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Neo.Cryptography;
+using System.Text;
+namespace Neo.UnitTests.Cryptography
+{
+    [TestClass]
+    public class UT_Murmur128
+    {
+
+        [TestMethod]
+        public void TestGetHashSize()
+        {
+            Murmur128 murmur128 = new Murmur128(1);
+            murmur128.HashSize.Should().Be(128);
+        }
+
+        [TestMethod]
+        public void TestHashCore()
+        {
+            byte[] array = Encoding.ASCII.GetBytes("hello");
+            array.Murmur128(123u).ToHexString().ToString().Should().Be("0bc59d0ad25fde2982ed65af61227a0e");
+
+            array = Encoding.ASCII.GetBytes("world");
+            array.Murmur128(123u).ToHexString().ToString().Should().Be("3d3810fed480472bd214a14023bb407f");
+
+            array = Encoding.ASCII.GetBytes("hello world");
+            array.Murmur128(123u).ToHexString().ToString().Should().Be("e0a0632d4f51302c55e3b3e48d28795d");
+        }
+    }
+}
diff --git a/tests/neo.UnitTests/Cryptography/UT_Murmur3.cs b/tests/neo.UnitTests/Cryptography/UT_Murmur3.cs
@@ -1,7 +1,6 @@
 using FluentAssertions;
 using Microsoft.VisualStudio.TestTools.UnitTesting;
 using Neo.Cryptography;
-
 namespace Neo.UnitTests.Cryptography
 {
     [TestClass]

diff --git a/tests/neo.UnitTests/Ledger/UT_TrimmedBlock.cs b/tests/neo.UnitTests/Ledger/UT_TrimmedBlock.cs
@@ -87,7 +87,7 @@ public void TestGetSize()
         {
             TrimmedBlock tblock = GetTrimmedBlockWithNoTransaction();
             tblock.Hashes = new UInt256[] { TestUtils.GetTransaction(UInt160.Zero).Hash };
-            tblock.Size.Should().Be(138);
+            tblock.Size.Should().Be(146); // 138 + 8
         }
 
         [TestMethod]