Move TODOs into issues where appropriate.

docs/JsonSerializationSpec1.9.md

@@ -295,7 +295,7 @@ data class HashedElGamalCiphertextJson(
     val c0: ElementModPJson, // ElementModP,
     val c1: String, // ByteArray,
     val c2: UInt256Json, // UInt256,
-    val numBytes: Int // TODO needed?
+    val numBytes: Int
 )
 
 @Serializable

docs/JsonSerializationSpec2.1.md

@@ -408,7 +408,7 @@ data class HashedElGamalCiphertextJson(
     val c0: ElementModPJson, // ElementModP,
     val c1: String, // ByteArray,
     val c2: UInt256Json, // UInt256,
-    val numBytes: Int // TODO needed?
+    val numBytes: Int 
 )
 
 @Serializable
@@ -701,6 +701,8 @@ data class ContestDataJson(
     val status: String,
 )
 
+TODO ContestDataJson is not in any spec.
+
 ````
 
 Example:

src/main/kotlin/org/cryptobiotic/eg/cli/RunTrustedBallotDecryption.kt

@@ -109,7 +109,6 @@ class RunTrustedBallotDecryption {
                 decryptingTrustees,
             )
 
-            // TODO you may want to put the decryption results in the same directory, but sinks now are append-only.
             val publisher = makePublisher(outputDir, false)
             val sink: DecryptedBallotSinkIF = publisher.decryptedBallotSink()
 

src/main/kotlin/org/cryptobiotic/eg/election/EncryptedBallot.kt

@@ -79,7 +79,7 @@ data class EncryptedBallot(
         val contestHash: UInt256, // eq 58
         override val selections: List<Selection>,
         val proof: ChaumPedersenRangeProofKnownNonce,
-        override val contestData: HashedElGamalCiphertext, // TODO make optional?
+        override val contestData: HashedElGamalCiphertext,
         val preEncryption: PreEncryption? = null, // pre-encrypted ballots only
     ) : EncryptedBallotIF.Contest  {
 

src/main/kotlin/org/cryptobiotic/eg/keyceremony/KeyCeremony.kt

@@ -32,10 +32,7 @@ fun keyCeremonyExchange(trustees: List<KeyCeremonyTrusteeIF>, allowEncryptedFail
         return Err("keyCeremonyExchange trustees have different quorums = ${trustees.map{it.coefficientCommitments().size}}")
     }
 
-    // TODO if the trustees are not trusted, we could do other verification tests here.
-    //  are the public keys valid?
-    //  are the encrypted shares valid?
-    //  are the unencrypted shares valid?
+    // if the trustees are not trusted, we could do other verification tests here.
 
     // exchange PublicKeys
     val publicKeys: MutableList<PublicKeys> = mutableListOf()
@@ -96,7 +93,6 @@ fun keyCeremonyExchange(trustees: List<KeyCeremonyTrusteeIF>, allowEncryptedFail
     // footnote 28 It is also permissible to dismiss any guardian that makes a false claim of malfeasance. However, this is not
     // required as the sensitive information that is released as a result of the claim could have been released by the claimant
     // in any case.
-    // TODO KeyShare should include ξi,ℓ
 
     // Phase Two: if any secretKeyShares fail to validate, send and validate KeyShares
     val keyResults: MutableList<Result<Boolean, String>> = mutableListOf()

src/main/kotlin/org/cryptobiotic/eg/preencrypt/PreBallot.kt

@@ -32,7 +32,7 @@ internal data class PreContest(
     val votedFor: List<Boolean> // nselections, in order by sequence_order
 ) {
     init {
-        require(votedFor.size == allSelectionHashes.size - selectedVectors.size) // TODO
+        require(votedFor.size == allSelectionHashes.size - selectedVectors.size)
     }
     fun selectedCodes() : List<String> = selectedVectors.map { it.shortCode }
     fun nselections() = votedFor.size

src/main/kotlin/org/cryptobiotic/eg/preencrypt/PreEncryptor.kt

@@ -3,7 +3,6 @@ package org.cryptobiotic.eg.preencrypt
 import org.cryptobiotic.eg.core.*
 import org.cryptobiotic.eg.election.ManifestIF
 
-
 /**
  * The crypto part of the "The Ballot Encrypting Tool"
  * The encrypting/decrypting of the primaryNonce is done external to this.
@@ -64,7 +63,7 @@ class PreEncryptor(
         // In a contest with a selection limit of L, an additional L null vectors are added
         var nextSeqNo = sortedSelections.last().sequenceOrder + 1
         for (nullVectorIdx in (1..contestLimit)) {
-            // TODO "null labels may be in manifest", see 4.2.1. wtf?
+            // TODO "null labels may be in manifest", see Issue #56
             preeSelections.add( preencryptSelection(primaryNonce, this.sequenceOrder, "null${nullVectorIdx}", nextSeqNo, sortedSelectionIndices))
             nextSeqNo++
         }
@@ -114,4 +113,9 @@ class PreEncryptor(
             encryptionNonces,
         )
     }
+
+    companion object {
+        // TODO "hash trimming function Ω must be completely specified in the election manifest" see Issue #56
+        fun sigma(hash: UInt256): String = hash.toHex().substring(0, 5)
+    }
 }

src/main/kotlin/org/cryptobiotic/eg/preencrypt/Recorder.kt

@@ -8,15 +8,6 @@ import org.cryptobiotic.util.ErrorMessages
 /**
  * The crypto part of the "The Recording Tool".
  * The encrypting/decrypting primaryNonce is done external.
- *
- * TODO :  uncast (implicitly or explicitly challenged) aka CHALLENGED
- *    "For each uncast (implicitly or explicitly challenged) ballot, the recording tool returns the primary
- *  nonce that enables the encryptions to be opened and checked."
- *    "For an uncast ballot, the wrapper computes the short codes for all possible selections and posts
- *  in the election record the full set of pre-encryption vectors, selection hashes, and short codes for
- *  each possible selection."
- *    "The decryptions of all pre-encryptions correspond to the plaintext values indicated in the
- *  election manifest."
  */
 class Recorder(
     val group: GroupContext,

src/main/kotlin/org/cryptobiotic/eg/verifier/VerifyDecryption.kt

@@ -126,16 +126,6 @@ class VerifyDecryption(
 
     }
 
-    // TODO check
-    // Verification 11 (Correctness of decryptions of contest data)
-    // An election verifier must confirm the correct decryption of the contest data field for each contest by
-    // verifying the conditions analogous to Verification 9 for the corresponding NIZK proof with (A, B)
-    // replaced by (C0 , C1 , C2 ) and Mi by mi as follows. An election verifier must compute the following values.
-    // (11.1) a = g v · K c mod p,
-    // (11.2) b = C0v · β c mod p.
-    // An election verifier must then confirm the following.
-    // (11.A) The given value v is in the set Zq .
-    // (11.B) The challenge value c satisfies c = H(HE ; 0x31, K, C0 , C1 , C2 , a, b, β).
     private fun verifyContestData(decryptedContestData: DecryptedTallyOrBallot.DecryptedContestData, errs: ErrorMessages){
         // (11.A,14.A) The given value v is in the set Zq.
         if (!decryptedContestData.proof.r.inBounds()) {

src/main/kotlin/org/cryptobiotic/eg/verifier/VerifyEncryptedBallots.kt

@@ -22,6 +22,7 @@ import kotlinx.coroutines.sync.withLock
 import kotlinx.coroutines.yield
 import org.cryptobiotic.eg.encrypt.EncryptedBallotChain
 import org.cryptobiotic.eg.encrypt.EncryptedBallotChain.Companion.assembleChain
+import org.cryptobiotic.eg.preencrypt.PreEncryptor
 import org.cryptobiotic.eg.publish.Consumer
 import org.cryptobiotic.util.Stopwatch
 
@@ -61,8 +62,7 @@ class VerifyEncryptedBallots(
             joinAll(*verifierJobs.toTypedArray())
         }
 
-        // check duplicate confirmation codes (7.C): TODO what if there are multiple records for the election?
-        // TODO what about checking for duplicate ballot ids?
+        // check duplicate confirmation codes (7.C):
         val checkDuplicates = mutableMapOf<UInt256, String>()
         confirmationCodes.forEach {
             if (checkDuplicates[it.code] != null) {
@@ -147,7 +147,7 @@ class VerifyEncryptedBallots(
         }
 
         if (isPreencrypt) {
-            verifyPreencryptionShortCodes(contest, errs)
+            verifyPreencryptionShortCodes(contest, errs, PreEncryptor::sigma)
         }
     }
 

src/main/kotlin/org/cryptobiotic/eg/verifier/VerifyPreEncryptedBallots.kt

@@ -8,9 +8,6 @@ import org.cryptobiotic.util.ErrorMessages
 //////////////////////////////////////////////////////////////////////////////
 // pre-encryption
 
-// TODO specify sigma in manifest
-private fun sigma(hash: UInt256): String = hash.toHex().substring(0, 5)
-
 /*
 Every step of verification that applies to traditional ElectionGuard ballots also applies to pre-
 encrypted ballots – with the exception of the process for computing confirmation codes. However,
@@ -53,6 +50,7 @@ record as uncast.
 fun VerifyEncryptedBallots.verifyPreencryptionShortCodes(
     contest: EncryptedBallot.Contest,
     errs: ErrorMessages,
+    sigma : (UInt256) -> String, // "hash trimming function Ω must be completely specified in the election manifest"
 ) {
     if (contest.preEncryption == null) {
         errs.add("    18. Contest has no preEncryption")

src/main/kotlin/org/cryptobiotic/eg/verifier/VerifyTally.kt

@@ -40,12 +40,7 @@ class VerifyTally(
                     if (selection.encryptedVote.data != accum.data) {
                         errs.add("  8.B  Ballot Aggregation does not match: $key")
                     }
-                } /* else {
-                    // TODO what is it? is it needed? left over from placeholders ??
-                    if (selection.encryptedVote.pad != group.ZERO_MOD_P || selection.encryptedVote.data != group.ZERO_MOD_P) {
-                        errs.add("    Ballot Aggregation empty does not match $key")
-                    }
-                } */
+                }
             }
         }
 

src/test/kotlin/org/cryptobiotic/eg/preencrypt/PreEncryptorTest.kt

@@ -295,7 +295,7 @@ internal fun runComplete(
     assertFalse(errs.hasErrors())
 }
 
-fun sigma(hash: UInt256): String = hash.toHex().substring(0, 5)
+fun sigma(code: UInt256) : String = PreEncryptor.sigma(code)
 
 internal class ChosenBallot(val selectedIdx: Int) {
 

src/test/kotlin/org/cryptobiotic/util/DfracTest.kt

@@ -79,7 +79,7 @@ class DfracTest {
                 fraction.append("0")
             }
         } else if (fixedDecimals < fracFigs) {
-            val chop = fracFigs - fixedDecimals // TODO should round !!
+            val chop = fracFigs - fixedDecimals // LOOK should round !!
             fraction.setLength(fraction.length - chop)
         }