Core/grin
0
0
Fork 0
mirror of https://github.com/mimblewimble/grin.git synced 2025-01-22 12:01:08 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
grin/keychain/src/keychain.rs

1088 lines
32 KiB
Rust
Raw Normal View History

Remove Sumtree References and disambiguate some naming (#747) * start of renamathon * api renaming * Rename UTXO-Output to lessen ambiguity * compile warning * compile error * readme fix * remove file commit in error
2018-03-05 22:33:44 +03:00
// Copyright 2018 The Grin Developers
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
use rand::{thread_rng, Rng};
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
use std::collections::HashMap;
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
use std::sync::{Arc, RwLock};
Error handling with failure (using Error and ErrorKind) (#713) * Initial version * store failure parameters inside ErrorKind variants * continue failure transformation * 4 errors left * still two errors * return old code back * finally compiling * Fix compilation and test errors after merge
2018-02-28 20:56:09 +03:00
use std::{error, fmt};
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
changing secp import to tag, and consolidating Cargo.toml import (#220)
2017-11-01 02:20:55 +03:00
use util::secp;
use util::secp::{Message, Secp256k1, Signature};
rustfmt all the things
2018-03-04 03:19:54 +03:00
use util::secp::key::{PublicKey, SecretKey};
use util::secp::pedersen::{Commitment, ProofInfo, ProofMessage, RangeProof};
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
use util::secp::aggsig;
Wallet output selection performance (#238) * allow selecting a commit while providing a key index * added static reference to libsecp that can be called throughout * don't serialise rangeproof to json if it's not desired
2017-11-07 19:48:37 +03:00
use util::logger::LOGGER;
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
use util::kernel_sig_msg;
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
use blake2;
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
use uuid::Uuid;
Cleanup HTTP APIs, update ports to avoid gap, rustfmt Moved the HTTP APIs away from the REST endpoint abstraction and to simpler Hyper handlers. Re-established all routes as v1. Changed wallet receiver port to 13415 to avoid a gap in port numbers. Finally, rustfmt seems to have ignored specific files arguments, running on everything.
2017-11-01 02:32:33 +03:00
use blind::{BlindSum, BlindingFactor};
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
use extkey::{self, Identifier};
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
#[derive(PartialEq, Eq, Clone, Debug)]
pub enum Error {
ExtendedKey(extkey::Error),
Secp(secp::Error),
KeyDerivation(String),
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
Transaction(String),
Integrated bulletproofs into Grin with optional build parameter (enabled by default) (#711)
2018-02-16 23:34:54 +03:00
RangeProof(String),
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
impl From<secp::Error> for Error {
fn from(e: secp::Error) -> Error {
Error::Secp(e)
}
}
impl From<extkey::Error> for Error {
fn from(e: extkey::Error) -> Error {
Error::ExtendedKey(e)
}
}
Error handling with failure (using Error and ErrorKind) (#713) * Initial version * store failure parameters inside ErrorKind variants * continue failure transformation * 4 errors left * still two errors * return old code back * finally compiling * Fix compilation and test errors after merge
2018-02-28 20:56:09 +03:00
impl error::Error for Error {
fn description(&self) -> &str {
match *self {
_ => "some kind of keychain error",
}
}
}
impl fmt::Display for Error {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match *self {
_ => write!(f, "some kind of keychain error"),
}
}
}
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
/// Holds internal information about an aggsig operation
#[derive(Clone, Debug)]
pub struct AggSigTxContext {
// Secret key (of which public is shared)
pub sec_key: SecretKey,
// Secret nonce (of which public is shared)
// (basically a SecretKey)
pub sec_nonce: SecretKey,
// If I'm the recipient, store my outputs between invocations (that I need to sum)
pub output_ids: Vec<Identifier>,
}
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
#[derive(Clone, Debug)]
pub struct Keychain {
secp: Secp256k1,
extkey: extkey::ExtendedKey,
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub aggsig_contexts: Arc<RwLock<Option<HashMap<Uuid, AggSigTxContext>>>>,
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
key_overrides: HashMap<Identifier, SecretKey>,
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
key_derivation_cache: Arc<RwLock<HashMap<Identifier, u32>>>,
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
impl Keychain {
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
pub fn root_key_id(&self) -> Identifier {
self.extkey.root_key_id.clone()
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
// For tests and burn only, associate a key identifier with a known secret key.
pub fn burn_enabled(keychain: &Keychain, burn_key_id: &Identifier) -> Keychain {
let mut key_overrides = HashMap::new();
key_overrides.insert(
burn_key_id.clone(),
SecretKey::from_slice(&keychain.secp, &[1; 32]).unwrap(),
);
Keychain {
key_overrides: key_overrides,
..keychain.clone()
}
}
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
pub fn from_seed(seed: &[u8]) -> Result<Keychain, Error> {
let secp = secp::Secp256k1::with_caps(secp::ContextFlag::Commit);
let extkey = extkey::ExtendedKey::from_seed(&secp, seed)?;
let keychain = Keychain {
secp: secp,
extkey: extkey,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
aggsig_contexts: Arc::new(RwLock::new(None)),
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
key_overrides: HashMap::new(),
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
key_derivation_cache: Arc::new(RwLock::new(HashMap::new())),
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
};
Ok(keychain)
}
/// For testing - probably not a good idea to use outside of tests.
pub fn from_random_seed() -> Result<Keychain, Error> {
let seed: String = thread_rng().gen_ascii_chars().take(16).collect();
let seed = blake2::blake2b::blake2b(32, &[], seed.as_bytes());
Keychain::from_seed(seed.as_bytes())
}
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
pub fn derive_key_id(&self, derivation: u32) -> Result<Identifier, Error> {
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
let child_key = self.extkey.derive(&self.secp, derivation)?;
Ok(child_key.key_id)
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
fn derived_key(&self, key_id: &Identifier) -> Result<SecretKey, Error> {
// first check our overrides and just return the key if we have one in there
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
if let Some(key) = self.key_overrides.get(key_id) {
rustfmt all the things
2018-03-04 03:19:54 +03:00
trace!(
LOGGER,
"... Derived Key (using override) key_id: {}",
key_id
);
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
return Ok(*key);
Wallet operation to burn some coins (#172) * Burn transaction for testing * Burn bug fixes, embed burn key in keychain * Better error logging in API, wallet fee calc fix
2017-10-12 06:35:40 +03:00
}
Pass pubkey for coinbase (#159) * store wallet output data in hashmap * cleanup up commented out code * pass pubkey/identifier and not derivation around to miner etc. * fix failing tests
2017-10-07 20:38:41 +03:00
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
let child_key = self.derived_child_key(key_id)?;
Ok(child_key.key)
hashed switch commitments - BLAKE2(bJ, r) (#648) * wip * derive switch commit hash key from extended key in wallet * fix failing pool test
2018-01-23 15:14:06 +03:00
}
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
fn derived_child_key(&self, key_id: &Identifier) -> Result<extkey::ChildKey, Error> {
hashed switch commitments - BLAKE2(bJ, r) (#648) * wip * derive switch commit hash key from extended key in wallet * fix failing pool test
2018-01-23 15:14:06 +03:00
trace!(LOGGER, "Derived Key by key_id: {}", key_id);
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
// then check the derivation cache to see if we have previously derived this key
// if so use the derivation from the cache to derive the key
{
let cache = self.key_derivation_cache.read().unwrap();
if let Some(derivation) = cache.get(key_id) {
rustfmt all the things
2018-03-04 03:19:54 +03:00
trace!(
LOGGER,
"... Derived Key (cache hit) key_id: {}, derivation: {}",
key_id,
derivation
);
return Ok(self.derived_key_from_index(*derivation)?);
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
}
}
Wallet output selection performance (#238) * allow selecting a commit while providing a key index * added static reference to libsecp that can be called throughout * don't serialise rangeproof to json if it's not desired
2017-11-07 19:48:37 +03:00
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
// otherwise iterate over a large number of derivations looking for our key
// cache the resulting derivations by key_id for faster lookup later
100_000 keys max in a wallet (was 10_000) and someone maxed this out... (#520)
2017-12-19 04:33:44 +03:00
// TODO - remove hard limit (within reason)
// TODO - do we benefit here if we track our max known n_child?
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
{
let mut cache = self.key_derivation_cache.write().unwrap();
100_000 keys max in a wallet (was 10_000) and someone maxed this out... (#520)
2017-12-19 04:33:44 +03:00
for i in 1..100_000 {
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
let child_key = self.extkey.derive(&self.secp, i)?;
// let child_key_id = extkey.identifier(&self.secp)?;
if !cache.contains_key(&child_key.key_id) {
trace!(
LOGGER,
"... Derived Key (cache miss) key_id: {}, derivation: {}",
child_key.key_id,
child_key.n_child,
);
cache.insert(child_key.key_id.clone(), child_key.n_child);
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
}
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
if child_key.key_id == *key_id {
return Ok(child_key);
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
}
Pass pubkey for coinbase (#159) * store wallet output data in hashmap * cleanup up commented out code * pass pubkey/identifier and not derivation around to miner etc. * fix failing tests
2017-10-07 20:38:41 +03:00
}
}
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
rustfmt all the things
2018-03-04 03:19:54 +03:00
Err(Error::KeyDerivation(format!(
"failed to derive child_key for {:?}",
key_id
)))
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
// if we know the derivation index we can just straight to deriving the key
rustfmt all the things
2018-03-04 03:19:54 +03:00
fn derived_key_from_index(&self, derivation: u32) -> Result<extkey::ChildKey, Error> {
cache key_id->derivation in the keychain (#253)
2017-11-10 18:12:15 +03:00
trace!(LOGGER, "Derived Key (fast) by derivation: {}", derivation);
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
let child_key = self.extkey.derive(&self.secp, derivation)?;
rustfmt all the things
2018-03-04 03:19:54 +03:00
return Ok(child_key);
Wallet output selection performance (#238) * allow selecting a commit while providing a key index * added static reference to libsecp that can be called throughout * don't serialise rangeproof to json if it's not desired
2017-11-07 19:48:37 +03:00
}
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
pub fn commit(&self, amount: u64, key_id: &Identifier) -> Result<Commitment, Error> {
let skey = self.derived_key(key_id)?;
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
let commit = self.secp.commit(amount, skey)?;
Ok(commit)
}
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn commit_with_key_index(&self, amount: u64, derivation: u32) -> Result<Commitment, Error> {
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
let child_key = self.derived_key_from_index(derivation)?;
let commit = self.secp.commit(amount, child_key.key)?;
Wallet output selection performance (#238) * allow selecting a commit while providing a key index * added static reference to libsecp that can be called throughout * don't serialise rangeproof to json if it's not desired
2017-11-07 19:48:37 +03:00
Ok(commit)
}
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
pub fn switch_commit(&self, key_id: &Identifier) -> Result<Commitment, Error> {
let skey = self.derived_key(key_id)?;
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
let commit = self.secp.switch_commit(skey)?;
Ok(commit)
}
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn switch_commit_from_index(&self, index: u32) -> Result<Commitment, Error> {
hashed switch commitments - BLAKE2(bJ, r) (#648) * wip * derive switch commit hash key from extended key in wallet * fix failing pool test
2018-01-23 15:14:06 +03:00
// just do this directly, because cache seems really slow for wallet reconstruct
Wallet Restore feature (#338) * beginning to add wallet restore... api endpoints and basic restore * basic restore working, still missing features * rustfmt * large speed up to output search, should be more or less working * properly mark coinbase status
2017-11-20 03:50:09 +03:00
let skey = self.extkey.derive(&self.secp, index)?;
let skey = skey.key;
let commit = self.secp.switch_commit(skey)?;
Ok(commit)
}
hashed switch commitments - BLAKE2(bJ, r) (#648) * wip * derive switch commit hash key from extended key in wallet * fix failing pool test
2018-01-23 15:14:06 +03:00
pub fn switch_commit_hash_key(&self, key_id: &Identifier) -> Result<[u8; 32], Error> {
// first check our overrides and just return zero key if we have an override
// we allow keys to be overridden for testing
// and do not care about switch_commit_hash_keys in this case
if let Some(_) = self.key_overrides.get(key_id) {
let key: [u8; 32] = Default::default();
return Ok(key);
}
refactor/rework key derivation (#652) seed -> ext_key -> many child_keys
2018-01-25 23:19:32 +03:00
let child_key = self.derived_child_key(key_id)?;
Ok(child_key.switch_key)
hashed switch commitments - BLAKE2(bJ, r) (#648) * wip * derive switch commit hash key from extended key in wallet * fix failing pool test
2018-01-23 15:14:06 +03:00
}
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
pub fn range_proof(
&self,
amount: u64,
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
key_id: &Identifier,
check_compact retains leaves and roots until parents are pruned (#753) * wip * failing test for being too eager when pruning a sibling * commit * rustfmt * [WIP] modified get_shift and get_leaf_shift to account for leaving "pruned but not compacted" leaves in place Note: this currently breaks check_compact as nothing else is aware of the modified behavior * rustfmt * commit * rustfmt * basic prune/compact/shift working * rustfmt * commit * rustfmt * next_pruned_idx working (I think) * commit * horizon test uncovered some subtle issues - wip * rustfmt * cleanup * rustfmt * commit * cleanup * cleanup * commit * rustfmt * contains -> binary_search * rustfmt * no need for height==0 special case * wip - works for single compact, 2nd one breaks the mmr hashes * commit * rustfmt * fixed it (needs a lot of cleanup) we were not traversing all the way up to the peak if we pruned an entire tree so rm_log and prune list were inconsistent * multiple compact steps are working data file not being copmacted currently (still to investigate) * cleanup store tests * cleanup * cleanup up debug * rustfmt * take kernel offsets into account when summing kernels and outputs for full txhashset validation validate chain state pre and post compaction * rustfmt * fix wallet refresh (we need block height to be refreshed on non-coinbase outputs) otherwise we cannot spend them... * rustfmt
2018-03-13 21:22:34 +03:00
_commit: Commitment,
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
extra_data: Option<Vec<u8>>,
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
msg: ProofMessage,
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
) -> Result<RangeProof, Error> {
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let skey = self.derived_key(key_id)?;
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
if msg.len() == 0 {
return Ok(self.secp.bullet_proof(amount, skey, extra_data, None));
} else {
if msg.len() != 64 {
error!(LOGGER, "Bullet proof message must be 64 bytes.");
rustfmt all the things
2018-03-04 03:19:54 +03:00
return Err(Error::RangeProof(
"Bullet proof message must be 64 bytes".to_string(),
));
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
}
}
return Ok(self.secp.bullet_proof(amount, skey, extra_data, Some(msg)));
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
Integrated bulletproofs into Grin with optional build parameter (enabled by default) (#711)
2018-02-16 23:34:54 +03:00
pub fn verify_range_proof(
secp: &Secp256k1,
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
commit: Commitment,
proof: RangeProof,
rustfmt all the things
2018-03-04 03:19:54 +03:00
extra_data: Option<Vec<u8>>,
) -> Result<(), secp::Error> {
let result = secp.verify_bullet_proof(commit, proof, extra_data);
match result {
Ok(_) => Ok(()),
Err(e) => Err(e),
Integrated bulletproofs into Grin with optional build parameter (enabled by default) (#711)
2018-02-16 23:34:54 +03:00
}
rustfmt all the things
2018-03-04 03:19:54 +03:00
}
Integrated bulletproofs into Grin with optional build parameter (enabled by default) (#711)
2018-02-16 23:34:54 +03:00
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
pub fn rewind_range_proof(
&self,
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
key_id: &Identifier,
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
commit: Commitment,
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
extra_data: Option<Vec<u8>>,
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
proof: RangeProof,
) -> Result<ProofInfo, Error> {
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let nonce = self.derived_key(key_id)?;
rustfmt all the things
2018-03-04 03:19:54 +03:00
let proof_message = self.secp
change to bulletproof interface to separate nonce from blind in unwind (#773)
2018-03-14 14:03:09 +03:00
.unwind_bullet_proof(commit, nonce, nonce, extra_data, proof);
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
let proof_info = match proof_message {
rustfmt all the things
2018-03-04 03:19:54 +03:00
Ok(p) => ProofInfo {
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
success: true,
value: 0,
message: p,
mlen: 0,
min: 0,
max: 0,
exp: 0,
mantissa: 0,
},
Err(_) => ProofInfo {
success: false,
value: 0,
message: ProofMessage::empty(),
mlen: 0,
min: 0,
max: 0,
exp: 0,
mantissa: 0,
rustfmt all the things
2018-03-04 03:19:54 +03:00
},
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
};
return Ok(proof_info);
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
}
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
pub fn blind_sum(&self, blind_sum: &BlindSum) -> Result<BlindingFactor, Error> {
let mut pos_keys: Vec<SecretKey> = blind_sum
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
.positive_key_ids
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
.iter()
.filter_map(|k| self.derived_key(&k).ok())
.collect();
let mut neg_keys: Vec<SecretKey> = blind_sum
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
.negative_key_ids
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
.iter()
.filter_map(|k| self.derived_key(&k).ok())
.collect();
pos_keys.extend(&blind_sum
.positive_blinding_factors
.iter()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
.filter_map(|b| b.secret_key(&self.secp).ok())
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
.collect::<Vec<SecretKey>>());
neg_keys.extend(&blind_sum
.negative_blinding_factors
.iter()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
.filter_map(|b| b.secret_key(&self.secp).ok())
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
.collect::<Vec<SecretKey>>());
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let sum = self.secp.blind_sum(pos_keys, neg_keys)?;
Ok(BlindingFactor::from_secret_key(sum))
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn aggsig_create_context(
&self,
transaction_id: &Uuid,
sec_key: SecretKey,
) -> Result<(), Error> {
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let mut contexts = self.aggsig_contexts.write().unwrap();
if contexts.is_none() {
*contexts = Some(HashMap::new())
}
if contexts.as_mut().unwrap().contains_key(transaction_id) {
rustfmt all the things
2018-03-04 03:19:54 +03:00
return Err(Error::Transaction(String::from(
"Duplication transaction id",
)));
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
}
rustfmt all the things
2018-03-04 03:19:54 +03:00
contexts.as_mut().unwrap().insert(
transaction_id.clone(),
AggSigTxContext {
sec_key: sec_key,
sec_nonce: aggsig::export_secnonce_single(&self.secp).unwrap(),
output_ids: vec![],
},
);
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
Ok(())
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
}
/// Tracks an output contributing to my excess value (if it needs to
/// be kept between invocations
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn aggsig_add_output(&self, transaction_id: &Uuid, output_id: &Identifier) {
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let mut agg_contexts = self.aggsig_contexts.write().unwrap();
let mut agg_contexts_local = agg_contexts.as_mut().unwrap().clone();
let mut agg_context = agg_contexts_local.get(transaction_id).unwrap().clone();
agg_context.output_ids.push(output_id.clone());
agg_contexts_local.insert(transaction_id.clone(), agg_context);
*agg_contexts = Some(agg_contexts_local);
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
}
/// Returns all stored outputs
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
pub fn aggsig_get_outputs(&self, transaction_id: &Uuid) -> Vec<Identifier> {
let contexts = self.aggsig_contexts.clone();
let contexts_read = contexts.read().unwrap();
let agg_context = contexts_read.as_ref().unwrap();
let agg_context_return = agg_context.get(transaction_id);
agg_context_return.unwrap().output_ids.clone()
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
}
/// Returns private key, private nonce
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
pub fn aggsig_get_private_keys(&self, transaction_id: &Uuid) -> (SecretKey, SecretKey) {
let contexts = self.aggsig_contexts.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let contexts_read = contexts.read().unwrap();
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let agg_context = contexts_read.as_ref().unwrap();
let agg_context_return = agg_context.get(transaction_id);
rustfmt all the things
2018-03-04 03:19:54 +03:00
(
agg_context_return.unwrap().sec_key.clone(),
agg_context_return.unwrap().sec_nonce.clone(),
)
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
}
/// Returns public key, public nonce
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
pub fn aggsig_get_public_keys(&self, transaction_id: &Uuid) -> (PublicKey, PublicKey) {
let contexts = self.aggsig_contexts.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let contexts_read = contexts.read().unwrap();
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let agg_context = contexts_read.as_ref().unwrap();
let agg_context_return = agg_context.get(transaction_id);
rustfmt all the things
2018-03-04 03:19:54 +03:00
(
PublicKey::from_secret_key(&self.secp, &agg_context_return.unwrap().sec_key).unwrap(),
PublicKey::from_secret_key(&self.secp, &agg_context_return.unwrap().sec_nonce).unwrap(),
)
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
}
/// Note 'secnonce' here is used to perform the signature, while 'pubnonce' just allows you to
/// provide a custom public nonce to include while calculating e
/// nonce_sum is the sum used to decide whether secnonce should be inverted during sig time
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn aggsig_sign_single(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
transaction_id: &Uuid,
msg: &Message,
rustfmt all the things
2018-03-04 03:19:54 +03:00
secnonce: Option<&SecretKey>,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
pubnonce: Option<&PublicKey>,
rustfmt all the things
2018-03-04 03:19:54 +03:00
nonce_sum: Option<&PublicKey>,
) -> Result<Signature, Error> {
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let contexts = self.aggsig_contexts.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let contexts_read = contexts.read().unwrap();
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let agg_context = contexts_read.as_ref().unwrap();
let agg_context_return = agg_context.get(transaction_id);
rustfmt all the things
2018-03-04 03:19:54 +03:00
let sig = aggsig::sign_single(
&self.secp,
msg,
&agg_context_return.unwrap().sec_key,
secnonce,
pubnonce,
nonce_sum,
)?;
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
Ok(sig)
}
//Verifies an aggsig signature
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn aggsig_verify_single(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
sig: &Signature,
msg: &Message,
rustfmt all the things
2018-03-04 03:19:54 +03:00
pubnonce: Option<&PublicKey>,
pubkey: &PublicKey,
is_partial: bool,
) -> bool {
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
aggsig::verify_single(&self.secp, sig, msg, pubnonce, pubkey, is_partial)
}
//Verifies other final sig corresponds with what we're expecting
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn aggsig_verify_final_sig_build_msg(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
sig: &Signature,
pubkey: &PublicKey,
fee: u64,
rustfmt all the things
2018-03-04 03:19:54 +03:00
lock_height: u64,
) -> bool {
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let msg = secp::Message::from_slice(&kernel_sig_msg(fee, lock_height)).unwrap();
self.aggsig_verify_single(sig, &msg, None, pubkey, true)
}
//Verifies other party's sig corresponds with what we're expecting
rustfmt all the things
2018-03-04 03:19:54 +03:00
pub fn aggsig_verify_partial_sig(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
transaction_id: &Uuid,
sig: &Signature,
rustfmt all the things
2018-03-04 03:19:54 +03:00
other_pub_nonce: &PublicKey,
pubkey: &PublicKey,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
fee: u64,
rustfmt all the things
2018-03-04 03:19:54 +03:00
lock_height: u64,
) -> bool {
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let (_, sec_nonce) = self.aggsig_get_private_keys(transaction_id);
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let mut nonce_sum = other_pub_nonce.clone();
let _ = nonce_sum.add_exp_assign(&self.secp, &sec_nonce);
let msg = secp::Message::from_slice(&kernel_sig_msg(fee, lock_height)).unwrap();
self.aggsig_verify_single(sig, &msg, Some(&nonce_sum), pubkey, true)
}
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
pub fn aggsig_calculate_partial_sig(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
transaction_id: &Uuid,
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
other_pub_nonce: &PublicKey,
fee: u64,
rustfmt all the things
2018-03-04 03:19:54 +03:00
lock_height: u64,
) -> Result<Signature, Error> {
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
// Add public nonces kR*G + kS*G
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let (_, sec_nonce) = self.aggsig_get_private_keys(transaction_id);
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let mut nonce_sum = other_pub_nonce.clone();
let _ = nonce_sum.add_exp_assign(&self.secp, &sec_nonce);
let msg = secp::Message::from_slice(&kernel_sig_msg(fee, lock_height))?;
//Now calculate signature using message M=fee, nonce in e=nonce_sum
rustfmt all the things
2018-03-04 03:19:54 +03:00
self.aggsig_sign_single(
transaction_id,
&msg,
Some(&sec_nonce),
Some(&nonce_sum),
Some(&nonce_sum),
)
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
}
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
/// Helper function to calculate final signature
pub fn aggsig_calculate_final_sig(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
transaction_id: &Uuid,
their_sig: &Signature,
our_sig: &Signature,
rustfmt all the things
2018-03-04 03:19:54 +03:00
their_pub_nonce: &PublicKey,
) -> Result<Signature, Error> {
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
// Add public nonces kR*G + kS*G
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let (_, sec_nonce) = self.aggsig_get_private_keys(transaction_id);
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let mut nonce_sum = their_pub_nonce.clone();
let _ = nonce_sum.add_exp_assign(&self.secp, &sec_nonce);
let sig = aggsig::add_signatures_single(&self.secp, their_sig, our_sig, &nonce_sum)?;
Ok(sig)
}
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
/// Helper function to calculate final public key
pub fn aggsig_calculate_final_pubkey(
&self,
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
transaction_id: &Uuid,
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
their_public_key: &PublicKey,
) -> Result<PublicKey, Error> {
Allow multiple Aggsig contexts (#685) * update mean cuda miner to latest trompcode, and added tweakable parameters to grin configuration file * Added UUID for transactions, and store aggsig contexts indexed by transaction ID * updating test framework to allow checking of wallet contents during test
2018-02-06 14:42:26 +03:00
let (our_sec_key, _) = self.aggsig_get_private_keys(transaction_id);
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let mut pk_sum = their_public_key.clone();
let _ = pk_sum.add_exp_assign(&self.secp, &our_sec_key);
Ok(pk_sum)
}
/// Just a simple sig, creates its own nonce, etc
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
pub fn aggsig_sign_from_key_id(
&self,
msg: &Message,
key_id: &Identifier,
) -> Result<Signature, Error> {
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let skey = self.derived_key(key_id)?;
let sig = aggsig::sign_single(&self.secp, &msg, &skey, None, None, None)?;
Ok(sig)
}
/// Verifies a sig given a commitment
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
pub fn aggsig_verify_single_from_commit(
rustfmt all the things
2018-03-04 03:19:54 +03:00
secp: &Secp256k1,
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
sig: &Signature,
msg: &Message,
commit: &Commitment,
) -> bool {
rustfmt all the things
2018-03-04 03:19:54 +03:00
// Extract the pubkey, unfortunately we need this hack for now, (we just hope
// one is valid) TODO: Create better secp256k1 API to do this
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
let pubkeys = commit.to_two_pubkeys(secp);
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
let mut valid = false;
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
for i in 0..pubkeys.len() {
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
valid = aggsig::verify_single(secp, &sig, &msg, None, &pubkeys[i], false);
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
if valid {
break;
}
}
valid
}
/// Just a simple sig, creates its own nonce, etc
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
pub fn aggsig_sign_with_blinding(
secp: &Secp256k1,
msg: &Message,
blinding: &BlindingFactor,
) -> Result<Signature, Error> {
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let skey = &blinding.secret_key(&secp)?;
let sig = aggsig::sign_single(secp, &msg, skey, None, None, None)?;
[WIP] Aggsig Transactions (#530) * First steps converting transaction workflow to be aggsig-enable * integrating updated version of aggsig, which gives greater control over the contents of e * added wallet transaction test to testing framework to enable testing the whole thing, completed interaction as far as inital response from recipient * more aggsig work, final signature is produced now * Construction of aggsig transaction now working to the point of the signature being built * aggsig transactions working end-to-end in the nominal case * refactor aggsig verify from commit and fix some tests * more cleanup and test fixing * cleaning up automated tests * test+formatting fix
2018-01-10 22:36:27 +03:00
Ok(sig)
}
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
pub fn sign(&self, msg: &Message, key_id: &Identifier) -> Result<Signature, Error> {
let skey = self.derived_key(key_id)?;
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
let sig = self.secp.sign(msg, &skey)?;
Ok(sig)
}
pub fn sign_with_blinding(
&self,
msg: &Message,
blinding: &BlindingFactor,
) -> Result<Signature, Error> {
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let skey = &blinding.secret_key(&self.secp)?;
let sig = self.secp.sign(msg, &skey)?;
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
Ok(sig)
}
pub fn secp(&self) -> &Secp256k1 {
&self.secp
}
}
#[cfg(test)]
mod test {
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
use rand::thread_rng;
use uuid::Uuid;
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
use keychain::{BlindSum, BlindingFactor, Keychain};
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
use util::kernel_sig_msg;
changing secp import to tag, and consolidating Cargo.toml import (#220)
2017-11-01 02:20:55 +03:00
use util::secp;
use util::secp::pedersen::ProofMessage;
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
use util::secp::key::SecretKey;
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
#[test]
fn test_key_derivation() {
let keychain = Keychain::from_random_seed().unwrap();
use the static secp instance everywhere (except the wallet) (#250)
2017-11-09 22:26:45 +03:00
let secp = keychain.secp();
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
// use the keychain to derive a "key_id" based on the underlying seed
let key_id = keychain.derive_key_id(1).unwrap();
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
let msg_bytes = [0; 32];
let msg = secp::Message::from_slice(&msg_bytes[..]).unwrap();
// now create a zero commitment using the key on the keychain associated with
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
// the key_id
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let commit = keychain.commit(0, &key_id).unwrap();
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
// now check we can use our key to verify a signature from this zero commitment
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let sig = keychain.sign(&msg, &key_id).unwrap();
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
secp.verify_from_commit(&msg, &sig, &commit).unwrap();
}
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
#[test]
fn test_rewind_range_proof() {
let keychain = Keychain::from_random_seed().unwrap();
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let key_id = keychain.derive_key_id(1).unwrap();
let commit = keychain.commit(5, &key_id).unwrap();
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
let mut msg = ProofMessage::from_bytes(&[0u8; 64]);
let extra_data = [99u8; 64];
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
rustfmt all the things
2018-03-04 03:19:54 +03:00
let proof = keychain
.range_proof(5, &key_id, commit, Some(extra_data.to_vec().clone()), msg)
.unwrap();
let proof_info = keychain
.rewind_range_proof(&key_id, commit, Some(extra_data.to_vec().clone()), proof)
.unwrap();
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
assert_eq!(proof_info.success, true);
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
// now check the recovered message is "empty" (but not truncated) i.e. all
hash (features|commitment) in output mmr (#615) * experiment with lock_heights on outputs * playing around with lock_height as part of the switch commitment hash * cleanup * include features in the switch commit hash key * commit * rebase off master * commit * cleanup * missing docs * rework coinbase maturity test to build valid tx * pool and chain tests passing (inputs have switch commitments) * commit * cleanup * check inputs spending coinbase outputs have valid lock_heights * wip - got it building (tests still failing) * use zero key for non coinbase switch commit hash * fees and height wrong order... * send output lock_height over to wallet via api * no more header by height index workaround this for wallet refresh and wallet restore * refresh heights for unspent wallet outputs where missing * TODO - might be slow? * simplify - do not pass around lock_height for non coinbase outputs * commit * fix tests after merge * build input vs coinbase_input switch commit hash key encodes lock_height cleanup output by commit index (currently broken...) * is_unspent and get_unspent cleanup - we have no outputs, only switch_commit_hashes * separate concept of utxo vs output in the api utxos come from the sumtrees (and only the sumtrees, limited info) outputs come from blocks (and we need to look them up via block height) * cleanup * better api support for block outputs with range proofs * basic wallet operations appear to work restore is not working fully refresh refreshes heights correctly (at least appears to) * wallet refresh and wallet restore appear to be working now * fix core tests * fix some mine_simple_chain tests * fixup chain tests * rework so pool tests pass * wallet restore now safely habndles duplicate commitments (reused wallet keys) for coinbase outputs where lock_height is _very_ important * wip * validate_coinbase_maturity got things building tests are failing * lite vs full versions of is_unspent * builds and working locally zero-conf - what to do here? * handle zero-conf edge case (use latest block) * introduce OutputIdentifier, avoid leaking SumCommit everywhere * fix the bad merge * pool verifies coinbase maturity via is_matured this uses sumtree in a consistent way * cleanup * add docs, cleanup build warnings * fix core tests * fix chain tests * fix pool tests * cleanup debug logging that we no longer need * make out_block optional on an input (only care about it for spending coinbase outputs) * cleanup * bump the build
2018-01-17 06:03:40 +03:00
// zeroes
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
//Value is in the message in this case
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
assert_eq!(
proof_info.message,
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
secp::pedersen::ProofMessage::from_bytes(&[0; secp::constants::BULLET_PROOF_MSG_SIZE])
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
);
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let key_id2 = keychain.derive_key_id(2).unwrap();
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
// cannot rewind with a different nonce
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
let proof_info = keychain
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
.rewind_range_proof(&key_id2, commit, Some(extra_data.to_vec().clone()), proof)
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
.unwrap();
rustfmt all the things
2018-03-04 03:19:54 +03:00
// With bullet proofs, if you provide the wrong nonce you'll get gibberish back
// as opposed to a failure to recover the message
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
assert_ne!(
proof_info.message,
secp::pedersen::ProofMessage::from_bytes(&[0; secp::constants::BULLET_PROOF_MSG_SIZE])
);
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
assert_eq!(proof_info.value, 0);
// cannot rewind with a commitment to the same value using a different key
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let commit2 = keychain.commit(5, &key_id2).unwrap();
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
let proof_info = keychain
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
.rewind_range_proof(&key_id, commit2, Some(extra_data.to_vec().clone()), proof)
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
.unwrap();
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
assert_eq!(proof_info.success, false);
assert_eq!(proof_info.value, 0);
// cannot rewind with a commitment to a different value
Shorter identifiers and call them key_id (not pubkey) (#175) * rename pubkey -> key_id, these are key identifiers, not public keys * reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is) * IDENTIFIER_SIZE const * add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen) * does not need to be mut * cleaned up some warnings
2017-10-13 07:45:07 +03:00
let commit3 = keychain.commit(4, &key_id).unwrap();
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
let proof_info = keychain
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
.rewind_range_proof(&key_id, commit3, Some(extra_data.to_vec().clone()), proof)
refactor burn key into key_overrides on keychain (#178) * refactor burn key into key_overrides on keychain * introduce UnconfirmedChange output status, we can potentially spend these with zero confirmations * pass in burn_key_id for the burn enabled keychain, spend *all* coins when spending from a wallet, spend UnconfirmedChange coins also * add comment about simplifying wallet_data.select logic * replace UnconfirmedChange output status with a more flexible zero_ok, flag on the output data
2017-10-16 20:11:01 +03:00
.unwrap();
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
assert_eq!(proof_info.success, false);
assert_eq!(proof_info.value, 0);
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
// cannot rewind with wrong extra committed data
let commit3 = keychain.commit(4, &key_id).unwrap();
let wrong_extra_data = [98u8; 64];
let should_err = keychain
rustfmt all the things
2018-03-04 03:19:54 +03:00
.rewind_range_proof(
&key_id,
commit3,
Some(wrong_extra_data.to_vec().clone()),
proof,
)
Bulletproof messages (#730) * beginning to add bullet proof messages * Updated core transaction creation to embed the output's value and switch commit hash as part of the rangeproof message * formatting issue * more formatting issues * Removing conditional feature compliation.. just bulletproofs from now on * ensure MAX_PROOF_SIZE uses bulletproof sizing instead of earlier version * updated with switch commit committed to in extra data * accidentally commented out bullet-proof-size feature
2018-02-28 00:11:55 +03:00
.unwrap();
assert_eq!(proof_info.success, false);
assert_eq!(proof_info.value, 0);
rust-secp256k1-zkp breaking changes to support (#155) Rewinding range proofs to recover transaction value from outputs
2017-10-06 00:40:46 +03:00
}
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
// We plan to "offset" the key used in the kernel commitment
// so we are going to be doing some key addition/subtraction.
// This test is mainly to demonstrate that idea that summing commitments
// and summing the keys used to commit to 0 have the same result.
#[test]
fn secret_key_addition() {
let keychain = Keychain::from_random_seed().unwrap();
let skey1 = SecretKey::from_slice(
&keychain.secp,
&[
rustfmt all the things
2018-03-04 03:19:54 +03:00
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 1,
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
],
).unwrap();
let skey2 = SecretKey::from_slice(
&keychain.secp,
&[
rustfmt all the things
2018-03-04 03:19:54 +03:00
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 2,
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
],
).unwrap();
// adding secret keys 1 and 2 to give secret key 3
let mut skey3 = skey1.clone();
let _ = skey3.add_assign(&keychain.secp, &skey2).unwrap();
// create commitments for secret keys 1, 2 and 3
// all committing to the value 0 (which is what we do for tx_kernels)
let commit_1 = keychain.secp.commit(0, skey1).unwrap();
let commit_2 = keychain.secp.commit(0, skey2).unwrap();
let commit_3 = keychain.secp.commit(0, skey3).unwrap();
// now sum commitments for keys 1 and 2
rustfmt all the things
2018-03-04 03:19:54 +03:00
let sum = keychain
.secp
.commit_sum(vec![commit_1.clone(), commit_2.clone()], vec![])
.unwrap();
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
// confirm the commitment for key 3 matches the sum of the commitments 1 and 2
assert_eq!(sum, commit_3);
// now check we can sum keys up using keychain.blind_sum()
// in the same way (convenience function)
assert_eq!(
rustfmt all the things
2018-03-04 03:19:54 +03:00
keychain
.blind_sum(&BlindSum::new()
.add_blinding_factor(BlindingFactor::from_secret_key(skey1))
.add_blinding_factor(BlindingFactor::from_secret_key(skey2)))
.unwrap(),
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
BlindingFactor::from_secret_key(skey3),
[WIP] Kernel investigation (#679) * add some tests around building a tx_kernel from a tx and adding secret keys together (and checking commitments) * key addition tests
2018-02-02 17:51:55 +03:00
);
}
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
#[test]
fn aggsig_sender_receiver_interaction() {
let sender_keychain = Keychain::from_random_seed().unwrap();
let receiver_keychain = Keychain::from_random_seed().unwrap();
// tx identifier for wallet interaction
let tx_id = Uuid::new_v4();
// Calculate the kernel excess here for convenience.
// Normally this would happen during transaction building.
let kernel_excess = {
rustfmt all the things
2018-03-04 03:19:54 +03:00
let skey1 = sender_keychain
.derived_key(&sender_keychain.derive_key_id(1).unwrap())
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
rustfmt all the things
2018-03-04 03:19:54 +03:00
let skey2 = receiver_keychain
.derived_key(&receiver_keychain.derive_key_id(1).unwrap())
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let keychain = Keychain::from_random_seed().unwrap();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let blinding_factor = keychain
.blind_sum(&BlindSum::new()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
.sub_blinding_factor(BlindingFactor::from_secret_key(skey1))
rustfmt all the things
2018-03-04 03:19:54 +03:00
.add_blinding_factor(BlindingFactor::from_secret_key(skey2)))
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
rustfmt all the things
2018-03-04 03:19:54 +03:00
keychain
.secp
.commit(0, blinding_factor.secret_key(&keychain.secp).unwrap())
.unwrap()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
};
// sender starts the tx interaction
let (sender_pub_excess, sender_pub_nonce) = {
let keychain = sender_keychain.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let skey = keychain
.derived_key(&keychain.derive_key_id(1).unwrap())
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
// dealing with an input here so we need to negate the blinding_factor
// rather than use it as is
rustfmt all the things
2018-03-04 03:19:54 +03:00
let blinding_factor = keychain
.blind_sum(&BlindSum::new()
.sub_blinding_factor(BlindingFactor::from_secret_key(skey)))
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let blind = blinding_factor.secret_key(&keychain.secp()).unwrap();
keychain.aggsig_create_context(&tx_id, blind);
keychain.aggsig_get_public_keys(&tx_id)
};
// receiver receives partial tx
let (receiver_pub_excess, receiver_pub_nonce, sig_part) = {
let keychain = receiver_keychain.clone();
let key_id = keychain.derive_key_id(1).unwrap();
// let blind = blind_sum.secret_key(&keychain.secp())?;
let blind = keychain.derived_key(&key_id).unwrap();
keychain.aggsig_create_context(&tx_id, blind);
let (pub_excess, pub_nonce) = keychain.aggsig_get_public_keys(&tx_id);
keychain.aggsig_add_output(&tx_id, &key_id);
rustfmt all the things
2018-03-04 03:19:54 +03:00
let sig_part = keychain
.aggsig_calculate_partial_sig(&tx_id, &sender_pub_nonce, 0, 0)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
(pub_excess, pub_nonce, sig_part)
};
// check the sender can verify the partial signature
// received in the response back from the receiver
{
let keychain = sender_keychain.clone();
let sig_verifies = keychain.aggsig_verify_partial_sig(
&tx_id,
&sig_part,
&receiver_pub_nonce,
&receiver_pub_excess,
0,
0,
);
assert!(sig_verifies);
}
// now sender signs with their key
let sender_sig_part = {
let keychain = sender_keychain.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
keychain
.aggsig_calculate_partial_sig(&tx_id, &receiver_pub_nonce, 0, 0)
.unwrap()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
};
// check the receiver can verify the partial signature
// received by the sender
{
let keychain = receiver_keychain.clone();
let sig_verifies = keychain.aggsig_verify_partial_sig(
&tx_id,
&sender_sig_part,
&sender_pub_nonce,
&sender_pub_excess,
0,
0,
);
assert!(sig_verifies);
}
// Receiver now builds final signature from sender and receiver parts
let (final_sig, final_pubkey) = {
let keychain = receiver_keychain.clone();
// Receiver recreates their partial sig (we do not maintain state from earlier)
rustfmt all the things
2018-03-04 03:19:54 +03:00
let our_sig_part = keychain
.aggsig_calculate_partial_sig(&tx_id, &sender_pub_nonce, 0, 0)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
// Receiver now generates final signature from the two parts
rustfmt all the things
2018-03-04 03:19:54 +03:00
let final_sig = keychain
.aggsig_calculate_final_sig(
&tx_id,
&sender_sig_part,
&our_sig_part,
&sender_pub_nonce,
)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
// Receiver calculates the final public key (to verify sig later)
rustfmt all the things
2018-03-04 03:19:54 +03:00
let final_pubkey = keychain
.aggsig_calculate_final_pubkey(&tx_id, &sender_pub_excess)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
(final_sig, final_pubkey)
};
// Receiver checks the final signature verifies
{
let keychain = receiver_keychain.clone();
// Receiver check the final signature verifies
rustfmt all the things
2018-03-04 03:19:54 +03:00
let sig_verifies =
keychain.aggsig_verify_final_sig_build_msg(&final_sig, &final_pubkey, 0, 0);
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
assert!(sig_verifies);
}
// Check we can verify the sig using the kernel excess
{
let keychain = Keychain::from_random_seed().unwrap();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let msg = secp::Message::from_slice(&kernel_sig_msg(0, 0)).unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let sig_verifies = Keychain::aggsig_verify_single_from_commit(
&keychain.secp,
&final_sig,
&msg,
&kernel_excess,
);
assert!(sig_verifies);
}
}
#[test]
fn aggsig_sender_receiver_interaction_offset() {
let sender_keychain = Keychain::from_random_seed().unwrap();
let receiver_keychain = Keychain::from_random_seed().unwrap();
// tx identifier for wallet interaction
let tx_id = Uuid::new_v4();
// This is the kernel offset that we use to split the key
// Summing these at the block level prevents the
// kernels from being used to reconstruct (or identify) individual transactions
let kernel_offset = SecretKey::new(&sender_keychain.secp(), &mut thread_rng());
// Calculate the kernel excess here for convenience.
// Normally this would happen during transaction building.
let kernel_excess = {
rustfmt all the things
2018-03-04 03:19:54 +03:00
let skey1 = sender_keychain
.derived_key(&sender_keychain.derive_key_id(1).unwrap())
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
rustfmt all the things
2018-03-04 03:19:54 +03:00
let skey2 = receiver_keychain
.derived_key(&receiver_keychain.derive_key_id(1).unwrap())
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let keychain = Keychain::from_random_seed().unwrap();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let blinding_factor = keychain
.blind_sum(&BlindSum::new()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
.sub_blinding_factor(BlindingFactor::from_secret_key(skey1))
.add_blinding_factor(BlindingFactor::from_secret_key(skey2))
// subtract the kernel offset here like as would when
// verifying a kernel signature
rustfmt all the things
2018-03-04 03:19:54 +03:00
.sub_blinding_factor(BlindingFactor::from_secret_key(kernel_offset)))
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
rustfmt all the things
2018-03-04 03:19:54 +03:00
keychain
.secp
.commit(0, blinding_factor.secret_key(&keychain.secp).unwrap())
.unwrap()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
};
// sender starts the tx interaction
let (sender_pub_excess, sender_pub_nonce) = {
let keychain = sender_keychain.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let skey = keychain
.derived_key(&keychain.derive_key_id(1).unwrap())
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
// dealing with an input here so we need to negate the blinding_factor
// rather than use it as is
rustfmt all the things
2018-03-04 03:19:54 +03:00
let blinding_factor = keychain
.blind_sum(&BlindSum::new()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
.sub_blinding_factor(BlindingFactor::from_secret_key(skey))
// subtract the kernel offset to create an aggsig context
// with our "split" key
rustfmt all the things
2018-03-04 03:19:54 +03:00
.sub_blinding_factor(BlindingFactor::from_secret_key(kernel_offset)))
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let blind = blinding_factor.secret_key(&keychain.secp()).unwrap();
keychain.aggsig_create_context(&tx_id, blind);
keychain.aggsig_get_public_keys(&tx_id)
};
// receiver receives partial tx
let (receiver_pub_excess, receiver_pub_nonce, sig_part) = {
let keychain = receiver_keychain.clone();
let key_id = keychain.derive_key_id(1).unwrap();
let blind = keychain.derived_key(&key_id).unwrap();
keychain.aggsig_create_context(&tx_id, blind);
let (pub_excess, pub_nonce) = keychain.aggsig_get_public_keys(&tx_id);
keychain.aggsig_add_output(&tx_id, &key_id);
rustfmt all the things
2018-03-04 03:19:54 +03:00
let sig_part = keychain
.aggsig_calculate_partial_sig(&tx_id, &sender_pub_nonce, 0, 0)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
(pub_excess, pub_nonce, sig_part)
};
// check the sender can verify the partial signature
// received in the response back from the receiver
{
let keychain = sender_keychain.clone();
let sig_verifies = keychain.aggsig_verify_partial_sig(
&tx_id,
&sig_part,
&receiver_pub_nonce,
&receiver_pub_excess,
0,
0,
);
assert!(sig_verifies);
}
// now sender signs with their key
let sender_sig_part = {
let keychain = sender_keychain.clone();
rustfmt all the things
2018-03-04 03:19:54 +03:00
keychain
.aggsig_calculate_partial_sig(&tx_id, &receiver_pub_nonce, 0, 0)
.unwrap()
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
};
// check the receiver can verify the partial signature
// received by the sender
{
let keychain = receiver_keychain.clone();
let sig_verifies = keychain.aggsig_verify_partial_sig(
&tx_id,
&sender_sig_part,
&sender_pub_nonce,
&sender_pub_excess,
0,
0,
);
assert!(sig_verifies);
}
// Receiver now builds final signature from sender and receiver parts
let (final_sig, final_pubkey) = {
let keychain = receiver_keychain.clone();
// Receiver recreates their partial sig (we do not maintain state from earlier)
rustfmt all the things
2018-03-04 03:19:54 +03:00
let our_sig_part = keychain
.aggsig_calculate_partial_sig(&tx_id, &sender_pub_nonce, 0, 0)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
// Receiver now generates final signature from the two parts
rustfmt all the things
2018-03-04 03:19:54 +03:00
let final_sig = keychain
.aggsig_calculate_final_sig(
&tx_id,
&sender_sig_part,
&our_sig_part,
&sender_pub_nonce,
)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
// Receiver calculates the final public key (to verify sig later)
rustfmt all the things
2018-03-04 03:19:54 +03:00
let final_pubkey = keychain
.aggsig_calculate_final_pubkey(&tx_id, &sender_pub_excess)
.unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
(final_sig, final_pubkey)
};
// Receiver checks the final signature verifies
{
let keychain = receiver_keychain.clone();
// Receiver check the final signature verifies
rustfmt all the things
2018-03-04 03:19:54 +03:00
let sig_verifies =
keychain.aggsig_verify_final_sig_build_msg(&final_sig, &final_pubkey, 0, 0);
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
assert!(sig_verifies);
}
// Check we can verify the sig using the kernel excess
{
let keychain = Keychain::from_random_seed().unwrap();
rustfmt all the things
2018-03-04 03:19:54 +03:00
let msg = secp::Message::from_slice(&kernel_sig_msg(0, 0)).unwrap();
Transaction contain kernels. Transactions and blocks maintain a kernel offset (split key). (#681) * WIP - split the key in final tx step store "offset" on transaction itself * rebase * commit * tx with offset * got a test tx validating successfully using a sig from a split key and the appropriate offset * sum up the offset for the block_header * fix size tests for blocks and compact blocks (header now includes offset) * use txs with offsets in most of the core tests some tests now failing * build kernel from k1G (k2 stored on tx, sum stored on header) * commit * tx now has vec of kernels rework tx and kernel validation * add test for tx cut_through * wip - working on splitting in aggsig * split the key when creating the initial sender aggsig context * cleanup * cleanup * code needs claning up but split keys working for sender/receiver aggsig flow * cleanup debug logging * fix tests * fix merge and basic cleanup * fix keychain tests to use new tx_id
2018-02-13 18:35:30 +03:00
let sig_verifies = Keychain::aggsig_verify_single_from_commit(
&keychain.secp,
&final_sig,
&msg,
&kernel_excess,
);
assert!(sig_verifies);
}
}
keychain crate (no more secretkeys in core) (#146) * introduce grin_keychain, encapsulate derivation of secret_keys * core compiles against keychain, tests don't run yet * core tests are now passing against keychain * wip - getting wallet working with keychain * add util and keychain to travis test matrix * basic test around key derivation
2017-10-03 03:02:31 +03:00
}
Reference in a new issue Copy permalink