Core/mwixnet
0
0
Fork 0
mirror of https://github.com/mimblewimble/mwixnet.git synced 2025-02-01 08:51:09 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

README

Browse source
This commit is contained in:
scilio 2021-11-12 23:23:22 -05:00
parent 9f3a533504
commit a7c811fdd6
3 changed files with 33 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
README.md
View file

@ -1,9 +1,10 @@
# MWixnet # MWixnet
MW CoinSwap Server This is an implementation of @tromp's [CoinSwap Proposal](https://forum.grin.mw/t/mimblewimble-coinswap-proposal/8322) with some slight modifications.
## APIs A set of n CoinSwap servers (node<sub>i</sub> with i=1...n) are agreed upon in advance. They each have a known public key.
### swap
The server configured to be the entry server (node 1) exposes a JSON-RPC `swap` API for use by GRIN wallets. ### SWAP API
The first CoinSwap server (n<sub>1</sub>) provides the `swap` API, publicly available for use by GRIN wallets.
**jsonrpc:** `2.0` **jsonrpc:** `2.0`
**method:** `swap` **method:** `swap`
@ -18,4 +19,28 @@ The server configured to be the entry server (node 1) exposes a JSON-RPC `swap`
"pubkey": "020dd38a220280f14515f6901a3a366cb7b87630814e4b68b3189a32df964961e5" "pubkey": "020dd38a220280f14515f6901a3a366cb7b87630814e4b68b3189a32df964961e5"
} }
}] }]
``` ```
### Data Provisioning
#### Inputs
* C<sub>in</sub>: UTXO commitment to swap
* x<sub>in</sub>: Blinding factor of C<sub>in</sub>
* K<sub>1...n</sub>: The public keys of all n servers
#### Procedure
<ol>
<li>Choose random x<sub>i</sub> for each node n<sub>i</sub> and create a Payload (P<sub>i</sub>) for each containing x<sub>i</sub></li>
<li>Build a rangeproof for C<sub>n</sub>=C<sub>in</sub>+(Σx<sub>1...n</sub>)*G and include it in payload P<sub>n</sub></li>
<li>Choose random initial ephemeral keypair (r<sub>1</sub>, R<sub>1</sub>)</li>
<li>Derive remaining ephemeral keypairs such that r<sub>i+1</sub>=r<sub>i</sub>*Sha256(R<sub>i</sub>||s<sub>i</sub>) where s<sub>i</sub>=ECDH(R<sub>i</sub>, K<sub>i</sub>)</li>
<li>For each node n<sub>i</sub>, use ChaCha20 stream cipher with key=HmacSha256("MWIXNET"||s<sub>i</sub>) and nonce "NONCE1234567" to encrypt payloads P<sub>i...n</sub></li>
</ol>
### Input Validation
* Node n<sub>1</sub> verifies that C<sub>in</sub> is in the current UTXO set
* Node n<sub>1</sub> verifies the commitment signature is valid for C<sub>in</sub>, proving ownership of the input
----
`Output derivation`, `Output validation`, `Kernel derivation`, and `Aggregation` steps remain unchanged from the [original design](https://forum.grin.mw/t/mimblewimble-coinswap-proposal/8322)

2
src/onion.rs
View file

@ -93,7 +93,7 @@ fn calc_blinding_factor(shared_secret: &SharedSecret, ephemeral_pubkey: &PublicK
} }
fn new_stream_cipher(shared_secret: &SharedSecret) -> Result<ChaCha20> { fn new_stream_cipher(shared_secret: &SharedSecret) -> Result<ChaCha20> {
let mut mu_hmac = HmacSha256::new_from_slice(b"PAYLOAD")?; let mut mu_hmac = HmacSha256::new_from_slice(b"MWIXNET")?;
mu_hmac.update(&shared_secret[0..32]); mu_hmac.update(&shared_secret[0..32]);
let mukey = mu_hmac.finalize().into_bytes(); let mukey = mu_hmac.finalize().into_bytes();

2
src/server.rs
View file

@ -163,6 +163,8 @@ mod tests {
Ok(response_str) Ok(response_str)
} }
/// Single hop to demonstrate request validation and onion unwrapping.
/// UTXO creation and bulletproof generation reserved for milestones 2 & 3.
#[test] #[test]
fn swap_lifecycle() -> Result<(), Box<dyn std::error::Error>> { fn swap_lifecycle() -> Result<(), Box<dyn std::error::Error>> {
let server_key = secp::insecure_rand_secret()?; let server_key = secp::insecure_rand_secret()?;