[Floonet] Use switch commits for all blinding factors (#2178)

* move wallet mods back into dirs

* move wallet mod files

* use switched keys for blinding factor in all cases

* rustfmt

* test fix

* test fix

* test fix

* rustfmt

* re-implement flag to turn off switch commit derivation

* rustfmt

Cargo.lock

@@ -865,7 +865,7 @@ dependencies = [
 [[package]]
 name = "grin_secp256k1zkp"
 version = "0.7.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
+source = "git+https://github.com/mimblewimble/rust-secp256k1-zkp?tag=grin_integration_29#a245051ce72524696a787e60ff7a7e2a9551c699"
 dependencies = [
  "arrayvec 0.3.25 (registry+https://github.com/rust-lang/crates.io-index)",
  "gcc 0.3.55 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -935,7 +935,7 @@ dependencies = [
  "backtrace 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "base64 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)",
  "byteorder 1.2.7 (registry+https://github.com/rust-lang/crates.io-index)",
- "grin_secp256k1zkp 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "grin_secp256k1zkp 0.7.2 (git+https://github.com/mimblewimble/rust-secp256k1-zkp?tag=grin_integration_29)",
  "lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "log4rs 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -2984,7 +2984,7 @@ dependencies = [
 "checksum generic-array 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ef25c5683767570c2bbd7deba372926a55eaae9982d7726ee2a1050239d45b9d"
 "checksum git2 0.7.5 (registry+https://github.com/rust-lang/crates.io-index)" = "591f8be1674b421644b6c030969520bc3fa12114d2eb467471982ed3e9584e71"
 "checksum glob 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)" = "8be18de09a56b60ed0edf84bc9df007e30040691af7acd1c41874faac5895bfb"
-"checksum grin_secp256k1zkp 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "aea95f8b846440f6a9caf0fd4c22c91c124f2a896d69d781f7dc0fa88e33b0ff"
+"checksum grin_secp256k1zkp 0.7.2 (git+https://github.com/mimblewimble/rust-secp256k1-zkp?tag=grin_integration_29)" = "<none>"
 "checksum h2 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)" = "1ac030ae20dee464c5d0f36544d8b914a6bc606da44a57e052d2b0f5dae129e0"
 "checksum hmac 0.6.3 (registry+https://github.com/rust-lang/crates.io-index)" = "733e1b3ac906631ca01ebb577e9bb0f5e37a454032b9036b5eaea4013ed6f99a"
 "checksum http 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)" = "02096a6d2c55e63f7fcb800690e4f889a25f6ec342e3adb4594e293b625215ab"

core/src/core/transaction.rs

@@ -1391,7 +1391,7 @@ mod test {
 		let nonce = 0;
 
 		let short_id = input.short_id(&block_hash, nonce);
-		assert_eq!(short_id, ShortId::from_hex("df31d96e3cdb").unwrap());
+		assert_eq!(short_id, ShortId::from_hex("c4b05f2ba649").unwrap());
 
 		// now generate the short_id for a *very* similar output (single feature flag
 		// different) and check it generates a different short_id
@@ -1401,6 +1401,6 @@ mod test {
 		};
 
 		let short_id = input.short_id(&block_hash, nonce);
-		assert_eq!(short_id, ShortId::from_hex("784fc5afd5d9").unwrap());
+		assert_eq!(short_id, ShortId::from_hex("3f0377c624e9").unwrap());
 	}
 }

core/tests/core.rs

@@ -75,7 +75,8 @@ fn tx_double_ser_deser() {
 #[test]
 #[should_panic(expected = "Keychain Error")]
 fn test_zero_commit_fails() {
-	let keychain = ExtKeychain::from_random_seed().unwrap();
+	let mut keychain = ExtKeychain::from_random_seed().unwrap();
+	keychain.set_use_switch_commits(false);
 	let key_id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
 
 	// blinding should fail as signing with a zero r*G shouldn't work

keychain/src/keychain.rs

@@ -29,18 +29,18 @@ use crate::util::secp::{self, Message, Secp256k1, Signature};
 pub struct ExtKeychain {
 	secp: Secp256k1,
 	master: ExtendedPrivKey,
-	use_switch_commitments: Option<bool>
+	use_switch_commits: bool,
 }
 
 impl Keychain for ExtKeychain {
-	fn from_seed(seed: &[u8], use_switch_commitments: bool) -> Result<ExtKeychain, Error> {
+	fn from_seed(seed: &[u8]) -> Result<ExtKeychain, Error> {
 		let mut h = BIP32GrinHasher::new();
 		let secp = secp::Secp256k1::with_caps(secp::ContextFlag::Commit);
 		let master = ExtendedPrivKey::new_master(&secp, &mut h, seed)?;
 		let keychain = ExtKeychain {
 			secp: secp,
 			master: master,
-			use_switch_commitments: Some(use_switch_commitments)
+			use_switch_commits: true,
 		};
 		Ok(keychain)
 	}
@@ -51,16 +51,16 @@ impl Keychain for ExtKeychain {
 		let keychain = ExtKeychain {
 			secp: secp,
 			master: master,
-			use_switch_commitments: None
+			use_switch_commits: true,
 		};
 		Ok(keychain)
 	}
 
 	/// For testing - probably not a good idea to use outside of tests.
-	fn from_random_seed(use_switch_commitments: bool) -> Result<ExtKeychain, Error> {
+	fn from_random_seed() -> Result<ExtKeychain, Error> {
 		let seed: String = thread_rng().sample_iter(&Alphanumeric).take(16).collect();
 		let seed = blake2::blake2b::blake2b(32, &[], seed.as_bytes());
-		ExtKeychain::from_seed(seed.as_bytes(), use_switch_commitments)
+		ExtKeychain::from_seed(seed.as_bytes())
 	}
 
 	fn root_key_id() -> Identifier {
@@ -79,13 +79,9 @@ impl Keychain for ExtKeychain {
 			ext_key = ext_key.ckd_priv(&self.secp, &mut h, p.path[i as usize])?;
 		}
 
-		// Switch commitments have to be explicitly turned on or off
-		let use_switch = self.use_switch_commitments.ok_or(Error::SwitchCommitment)?;
-		if use_switch {
-			Ok(self.secp.blind_switch(amount, ext_key.secret_key)?)
-		}
-		else {
-			Ok(ext_key.secret_key)
+		match self.use_switch_commits {
+			true => Ok(self.secp.blind_switch(amount, ext_key.secret_key)?),
+			false => Ok(ext_key.secret_key),
 		}
 	}
 
@@ -158,12 +154,12 @@ impl Keychain for ExtKeychain {
 		Ok(sig)
 	}
 
-	fn secp(&self) -> &Secp256k1 {
-		&self.secp
+	fn set_use_switch_commits(&mut self, value: bool) {
+		self.use_switch_commits = value;
 	}
 
-	fn use_switch_commitments(&self) -> Option<bool> {
-		self.use_switch_commitments
+	fn secp(&self) -> &Secp256k1 {
+		&self.secp
 	}
 }
 
@@ -177,7 +173,6 @@ mod test {
 	#[test]
 	fn test_key_derivation() {
 		let keychain = ExtKeychain::from_random_seed().unwrap();
-		keychain.set_use_switch_commitments(true);
 		let secp = keychain.secp();
 
 		let path = ExtKeychainPath::new(1, 1, 0, 0, 0);
@@ -202,7 +197,6 @@ mod test {
 	#[test]
 	fn secret_key_addition() {
 		let keychain = ExtKeychain::from_random_seed().unwrap();
-		keychain.set_use_switch_commitments(false);
 
 		let skey1 = SecretKey::from_slice(
 			&keychain.secp,

keychain/src/types.rs

@@ -44,7 +44,7 @@ pub enum Error {
 	KeyDerivation(extkey_bip32::Error),
 	Transaction(String),
 	RangeProof(String),
-	SwitchCommitment
+	SwitchCommitment,
 }
 
 impl From<secp::Error> for Error {
@@ -130,7 +130,7 @@ impl Identifier {
 	pub fn to_value_path(&self, value: u64) -> ValueExtKeychainPath {
 		ValueExtKeychainPath {
 			value,
-			ext_keychain_path: self.to_path()
+			ext_keychain_path: self.to_path(),
 		}
 	}
 
@@ -442,13 +442,13 @@ impl ExtKeychainPath {
 #[derive(Copy, Clone, PartialEq, Eq, Debug, Deserialize)]
 pub struct ValueExtKeychainPath {
 	pub value: u64,
-	pub ext_keychain_path: ExtKeychainPath
+	pub ext_keychain_path: ExtKeychainPath,
 }
 
 pub trait Keychain: Sync + Send + Clone {
-	fn from_seed(seed: &[u8], use_switch_commitments: bool) -> Result<Self, Error>;
+	fn from_seed(seed: &[u8]) -> Result<Self, Error>;
 	fn from_mnemonic(word_list: &str, extension_word: &str) -> Result<Self, Error>;
-	fn from_random_seed(use_switch_commitments: bool) -> Result<Self, Error>;
+	fn from_random_seed() -> Result<Self, Error>;
 	fn root_key_id() -> Identifier;
 	fn derive_key_id(depth: u8, d1: u32, d2: u32, d3: u32, d4: u32) -> Identifier;
 	fn derive_key(&self, amount: u64, id: &Identifier) -> Result<SecretKey, Error>;
@@ -456,8 +456,8 @@ pub trait Keychain: Sync + Send + Clone {
 	fn blind_sum(&self, blind_sum: &BlindSum) -> Result<BlindingFactor, Error>;
 	fn sign(&self, msg: &Message, amount: u64, id: &Identifier) -> Result<Signature, Error>;
 	fn sign_with_blinding(&self, _: &Message, _: &BlindingFactor) -> Result<Signature, Error>;
+	fn set_use_switch_commits(&mut self, value: bool);
 	fn secp(&self) -> &Secp256k1;
-	fn use_switch_commitments(&self) -> Option<bool>;
 }
 
 #[cfg(test)]

servers/src/mining/mine_block.rs

@@ -170,7 +170,7 @@ fn build_block(
 ///
 fn burn_reward(block_fees: BlockFees) -> Result<(core::Output, core::TxKernel, BlockFees), Error> {
 	warn!("Burning block fees: {:?}", block_fees);
-	let keychain = ExtKeychain::from_random_seed(true).unwrap();
+	let keychain = ExtKeychain::from_random_seed().unwrap();
 	let key_id = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
 	let (out, kernel) =
 		crate::core::libtx::reward::output(&keychain, &key_id, block_fees.fees, block_fees.height)

util/Cargo.toml

@@ -24,8 +24,8 @@ zip = "0.4"
 parking_lot = {version = "0.6"}
 
 [dependencies.grin_secp256k1zkp]
-#git = "https://github.com/mimblewimble/rust-secp256k1-zkp"
-#tag = "grin_integration_28"
+git = "https://github.com/mimblewimble/rust-secp256k1-zkp"
+tag = "grin_integration_29"
 #path = "../../rust-secp256k1-zkp"
-version = "0.7.1"
+#version = "0.7.1"
 features = ["bullet-proof-sizing"]

wallet/src/lmdb_wallet.rs

@@ -140,7 +140,11 @@ where
 	fn open_with_credentials(&mut self) -> Result<(), Error> {
 		let wallet_seed = WalletSeed::from_file(&self.config, &self.passphrase)
 			.context(ErrorKind::CallbackImpl("Error opening wallet"))?;
-		self.keychain = Some(wallet_seed.derive_keychain(self.config.use_switch_commitments).context(ErrorKind::CallbackImpl("Error deriving keychain"))?);
+		self.keychain = Some(
+			wallet_seed
+				.derive_keychain()
+				.context(ErrorKind::CallbackImpl("Error deriving keychain"))?,
+		);
 		Ok(())
 	}
 

wallet/src/types.rs

@@ -57,8 +57,6 @@ pub struct WalletConfig {
 	/// Whether to use the black background color scheme for command line
 	/// if enabled, wallet command output color will be suitable for black background terminal
 	pub dark_background_color_scheme: Option<bool>,
-	/// Whether we want to use switch commitments for this wallet
-	pub use_switch_commitments: bool
 }
 
 impl Default for WalletConfig {
@@ -74,7 +72,6 @@ impl Default for WalletConfig {
 			tls_certificate_file: None,
 			tls_certificate_key: None,
 			dark_background_color_scheme: Some(true),
-			use_switch_commitments: false // TODO: possibly change to true when we want it on by default
 		}
 	}
 }
@@ -124,8 +121,8 @@ impl WalletSeed {
 		seed.as_bytes().to_vec()
 	}
 
-	pub fn derive_keychain<K: Keychain>(&self, use_switch_commitments: bool) -> Result<K, Error> {
-		let result = K::from_seed(&self.0, use_switch_commitments)?;
+	pub fn derive_keychain<K: Keychain>(&self) -> Result<K, Error> {
+		let result = K::from_seed(&self.0)?;
 		Ok(result)
 	}
 

wallet/tests/libwallet.rs

@@ -32,16 +32,14 @@ fn kernel_sig_msg() -> secp::Message {
 #[test]
 fn aggsig_sender_receiver_interaction() {
 	let sender_keychain = ExtKeychain::from_random_seed().unwrap();
-	sender_keychain.set_use_switch_commitments(false);
 	let receiver_keychain = ExtKeychain::from_random_seed().unwrap();
-	receiver_keychain.set_use_switch_commitments(false);
 
 	// Calculate the kernel excess here for convenience.
 	// Normally this would happen during transaction building.
 	let kernel_excess = {
 		let id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
-		let skey1 = sender_keychain.derive_key(0, &id1).unwrap().secret_key;
-		let skey2 = receiver_keychain.derive_key(0, &id1).unwrap().secret_key;
+		let skey1 = sender_keychain.derive_key(0, &id1).unwrap();
+		let skey2 = receiver_keychain.derive_key(0, &id1).unwrap();
 
 		let keychain = ExtKeychain::from_random_seed().unwrap();
 		let blinding_factor = keychain
@@ -64,7 +62,7 @@ fn aggsig_sender_receiver_interaction() {
 	let (sender_pub_excess, _sender_pub_nonce) = {
 		let keychain = sender_keychain.clone();
 		let id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
-		let skey = keychain.derive_key(0, &id1).unwrap().secret_key;
+		let skey = keychain.derive_key(0, &id1).unwrap();
 
 		// dealing with an input here so we need to negate the blinding_factor
 		// rather than use it as is
@@ -87,7 +85,7 @@ fn aggsig_sender_receiver_interaction() {
 		let key_id = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
 
 		// let blind = blind_sum.secret_key(&keychain.secp())?;
-		let blind = keychain.derive_key(0, &key_id).unwrap().secret_key;
+		let blind = keychain.derive_key(0, &key_id).unwrap();
 
 		rx_cx = Context::new(&keychain.secp(), blind);
 		let (pub_excess, pub_nonce) = rx_cx.get_public_keys(&keychain.secp());
@@ -238,9 +236,7 @@ fn aggsig_sender_receiver_interaction() {
 #[test]
 fn aggsig_sender_receiver_interaction_offset() {
 	let sender_keychain = ExtKeychain::from_random_seed().unwrap();
-	sender_keychain.set_use_switch_commitments(false);
 	let receiver_keychain = ExtKeychain::from_random_seed().unwrap();
-	receiver_keychain.set_use_switch_commitments(false);
 
 	// This is the kernel offset that we use to split the key
 	// Summing these at the block level prevents the
@@ -251,8 +247,8 @@ fn aggsig_sender_receiver_interaction_offset() {
 	// Normally this would happen during transaction building.
 	let kernel_excess = {
 		let id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
-		let skey1 = sender_keychain.derive_key(0, &id1).unwrap().secret_key;
-		let skey2 = receiver_keychain.derive_key(0, &id1).unwrap().secret_key;
+		let skey1 = sender_keychain.derive_key(0, &id1).unwrap();
+		let skey2 = receiver_keychain.derive_key(0, &id1).unwrap();
 
 		let keychain = ExtKeychain::from_random_seed().unwrap();
 		let blinding_factor = keychain
@@ -278,7 +274,7 @@ fn aggsig_sender_receiver_interaction_offset() {
 	let (sender_pub_excess, _sender_pub_nonce) = {
 		let keychain = sender_keychain.clone();
 		let id1 = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
-		let skey = keychain.derive_key(0, &id1).unwrap().secret_key;
+		let skey = keychain.derive_key(0, &id1).unwrap();
 
 		// dealing with an input here so we need to negate the blinding_factor
 		// rather than use it as is
@@ -305,7 +301,7 @@ fn aggsig_sender_receiver_interaction_offset() {
 		let keychain = receiver_keychain.clone();
 		let key_id = ExtKeychain::derive_key_id(1, 1, 0, 0, 0);
 
-		let blind = keychain.derive_key(0, &key_id).unwrap().secret_key;
+		let blind = keychain.derive_key(0, &key_id).unwrap();
 
 		rx_cx = Context::new(&keychain.secp(), blind);
 		let (pub_excess, pub_nonce) = rx_cx.get_public_keys(&keychain.secp());