aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2021-02-14 17:45:04 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2022-04-05 18:50:22 +0000
commit4c94cfecfcb96c218b37234eda2f9c262821cf7c (patch)
treeaf8183f3dacf18298fe0f6f5493c2dc48ebcc1cd
parentringct: port some of vtnerd's review changes from BP+ to BP (diff)
downloadmonero-4c94cfecfcb96c218b37234eda2f9c262821cf7c.tar.xz
store outPk/8 in the tx for speed
It avoids dividing by 8 when deserializing a tx, which is a slow operation, and multiplies by 8 when verifying and extracing the amount, which is much faster as well as less frequent
Diffstat (limited to '')
-rw-r--r--src/blockchain_db/blockchain_db.cpp9
-rw-r--r--src/cryptonote_basic/cryptonote_format_utils.cpp2
-rw-r--r--src/ringct/rctSigs.cpp21
-rw-r--r--src/wallet/wallet2.cpp4
-rw-r--r--tests/core_tests/multisig.cpp2
5 files changed, 31 insertions, 7 deletions
diff --git a/src/blockchain_db/blockchain_db.cpp b/src/blockchain_db/blockchain_db.cpp
index a84a4148d..8e68abbe5 100644
--- a/src/blockchain_db/blockchain_db.cpp
+++ b/src/blockchain_db/blockchain_db.cpp
@@ -241,8 +241,15 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const std::pair
}
else
{
+ rct::key commitment;
+ if (tx.version > 1)
+ {
+ commitment = tx.rct_signatures.outPk[i].mask;
+ if (rct::is_rct_bulletproof_plus(tx.rct_signatures.type))
+ commitment = rct::scalarmult8(commitment);
+ }
amount_output_indices[i] = add_output(tx_hash, tx.vout[i], i, tx.unlock_time,
- tx.version > 1 ? &tx.rct_signatures.outPk[i].mask : NULL);
+ tx.version > 1 ? &commitment : NULL);
}
}
add_tx_amount_output_indices(tx_id, amount_output_indices);
diff --git a/src/cryptonote_basic/cryptonote_format_utils.cpp b/src/cryptonote_basic/cryptonote_format_utils.cpp
index 8c10fad1f..cedc6f546 100644
--- a/src/cryptonote_basic/cryptonote_format_utils.cpp
+++ b/src/cryptonote_basic/cryptonote_format_utils.cpp
@@ -189,7 +189,7 @@ namespace cryptonote
CHECK_AND_ASSERT_MES(n_amounts == rv.outPk.size(), false, "Internal error filling out V");
rv.p.bulletproofs_plus[0].V.resize(n_amounts);
for (size_t i = 0; i < n_amounts; ++i)
- rv.p.bulletproofs_plus[0].V[i] = rct::scalarmultKey(rv.outPk[i].mask, rct::INV_EIGHT);
+ rv.p.bulletproofs_plus[0].V[i] = rv.outPk[i].mask;
}
else if (bulletproof)
{
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp
index 961d83a9e..d7883baac 100644
--- a/src/ringct/rctSigs.cpp
+++ b/src/ringct/rctSigs.cpp
@@ -1205,7 +1205,7 @@ namespace rct {
rv.p.bulletproofs_plus.clear();
if (bulletproof_or_plus)
{
- const bool plus = rv.type == RCTTypeBulletproofPlus;
+ const bool plus = is_rct_bulletproof_plus(rv.type);
size_t n_amounts = outamounts.size();
size_t amounts_proved = 0;
if (rct_config.range_proof_type == RangeProofPaddedBulletproof)
@@ -1235,7 +1235,10 @@ namespace rct {
}
for (i = 0; i < outamounts.size(); ++i)
{
- rv.outPk[i].mask = rct::scalarmult8(C[i]);
+ if (plus)
+ rv.outPk[i].mask = C[i];
+ else
+ rv.outPk[i].mask = rct::scalarmult8(C[i]);
outSk[i].mask = masks[i];
}
}
@@ -1273,7 +1276,10 @@ namespace rct {
}
for (i = 0; i < batch_size; ++i)
{
- rv.outPk[i + amounts_proved].mask = rct::scalarmult8(C[i]);
+ if (plus)
+ rv.outPk[i + amounts_proved].mask = C[i];
+ else
+ rv.outPk[i + amounts_proved].mask = rct::scalarmult8(C[i]);
outSk[i + amounts_proved].mask = masks[i];
}
amounts_proved += batch_size;
@@ -1480,7 +1486,10 @@ namespace rct {
rct::keyV masks(rv.outPk.size());
for (size_t i = 0; i < rv.outPk.size(); i++) {
- masks[i] = rv.outPk[i].mask;
+ if (bulletproof_plus)
+ masks[i] = rct::scalarmult8(rv.outPk[i].mask);
+ else
+ masks[i] = rv.outPk[i].mask;
}
key sumOutpks = addKeys(masks);
DP(sumOutpks);
@@ -1640,6 +1649,8 @@ namespace rct {
mask = ecdh_info.mask;
key amount = ecdh_info.amount;
key C = rv.outPk[i].mask;
+ if (is_rct_bulletproof_plus(rv.type))
+ C = scalarmult8(C);
DP("C");
DP(C);
key Ctmp;
@@ -1671,6 +1682,8 @@ namespace rct {
mask = ecdh_info.mask;
key amount = ecdh_info.amount;
key C = rv.outPk[i].mask;
+ if (is_rct_bulletproof_plus(rv.type))
+ C = scalarmult8(C);
DP("C");
DP(C);
key Ctmp;
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index c13e8edbf..832dee3ce 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -11290,7 +11290,9 @@ void wallet2::check_tx_key_helper(const cryptonote::transaction &tx, const crypt
crypto::derivation_to_scalar(found_derivation, n, scalar1);
rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
- const rct::key C = tx.rct_signatures.outPk[n].mask;
+ rct::key C = tx.rct_signatures.outPk[n].mask;
+ if (rct::is_rct_bulletproof_plus(tx.rct_signatures.type))
+ C = rct::scalarmult8(C);
rct::key Ctmp;
THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.mask.bytes) != 0, error::wallet_internal_error, "Bad ECDH input mask");
THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.amount.bytes) != 0, error::wallet_internal_error, "Bad ECDH input amount");
diff --git a/tests/core_tests/multisig.cpp b/tests/core_tests/multisig.cpp
index f8b4f25c1..49ae86eb0 100644
--- a/tests/core_tests/multisig.cpp
+++ b/tests/core_tests/multisig.cpp
@@ -450,6 +450,8 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
rct::key C = tx.rct_signatures.outPk[n].mask;
+ if (rct::is_rct_bulletproof_plus(tx.rct_signatures.type))
+ C = rct::scalarmult8(C);
rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H);
CHECK_AND_ASSERT_MES(rct::equalKeys(C, Ctmp), false, "Failed to decode amount");
amount += rct::h2d(ecdh_info.amount);