aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRiccardo Spagni <ric@spagni.net>2016-08-28 22:41:11 +0200
committerRiccardo Spagni <ric@spagni.net>2016-08-28 22:41:12 +0200
commit8a5b766d17761f5fbdd3e30e638daa98a40a4c8a (patch)
treeea05e3f0fd47fd1d8728e64d081292d337825cb9
parentMerge pull request #991 (diff)
parentblockchain: testnet heights for v3, v4, and v5 (diff)
downloadmonero-8a5b766d17761f5fbdd3e30e638daa98a40a4c8a.tar.xz
Merge pull request #961
887db9f blockchain: testnet heights for v3, v4, and v5 (moneromooo-monero) f24ab58 ringct: remove unused code (moneromooo-monero) b38452b ringct: pass structure by const ref, not value (moneromooo-monero) fd11271 ringct: use memcpy/memset instead of handwritten loop where appropriate (moneromooo-monero) 5d38206 ringct: remove spurious copies (moneromooo-monero) 16732a8 rct: faster Cryptonote/rct conversions (moneromooo-monero) fbd7c35 wallet: fix some "may be used uninitialized" warnings (moneromooo-monero) 4a41dd4 wallet: do not generate 0 change (moneromooo-monero) a0925e6 core: use full rct signatures if just one input (moneromooo-monero) 94fd881 rct: early out on failure on verRange (moneromooo-monero) 45349b6 wallet: do not ask for duplicate histograms (moneromooo-monero) b951bc8 wallet: transfer_selected_rct now also selects fake outs (moneromooo-monero) 4f887de increase minimum mixin to 4 on hard fork 5 (moneromooo-monero) 0815c72 core: allow v1 txes after HF 5 when sweeping unmixable outputs (moneromooo-monero) f782d45 tests: hard fork list must end with a 0 (moneromooo-monero) 074e602 ringct: use Cryptonote serialization to hash non prunable data (moneromooo-monero) c3b3260 New "Halfway RingCT" outputs for coinbase transactions (moneromooo-monero) 6f526cd rct: log why verification fails (moneromooo-monero) d4b8991 rct: serialize txnFee as varint (moneromooo-monero) d4b62a1 rct amount key modified as per luigi1111's recommendations (moneromooo-monero) 93f5c62 rct: rework v2 txes into prunable and non prunable data (moneromooo-monero) d93746b rct: rework the verification preparation process (moneromooo-monero) 3ab2ab3 rct: change the simple flag to a type (moneromooo-monero) c5be4b0 rct: avoid the need for the last II element (Shen Noether) a47ceee wallet: do not store signatures in the wallet cache (moneromooo-monero) 0263dd2 core: add some locking around pool use (moneromooo-monero) 2c9d951 wallet2: factor m_spent changes (moneromooo-monero) 1303cda wallet: always use new algorithm for RPC transfers (moneromooo-monero) b337aea rct: do not serialize senderPk - it is not used anymore (moneromooo-monero) e5a9a47 core_tests: fix a couple pre-rct tests using rct (moneromooo-monero) 230fca2 wallet: use the prefered rct case only when enough rct outs exist (moneromooo-monero) c27194a wallet: do not try to use rct txes a few blocks before the fork (moneromooo-monero) 1bf0698 tx_pool: log why a transaction was rejected for version checks (moneromooo-monero) 37bdf6e change fork settings to allow pre-rct txes for one more fork cycle (moneromooo-monero) cc85cc6 simplewallet: better check_tx_key feedback (moneromooo-monero) 9b70856 rct: make the amount key derivable by a third party with the tx key (moneromooo-monero) cf33e1a rct: do not serialize public keys in outPk (moneromooo-monero) 83ab315 wallet2_api: zero amounts are now allowed with rct (moneromooo-monero) 096ac06 wallet2_api: update on_money_{received,spent} prototypes for rct changes (moneromooo-monero) 3cb2ede rpc: send global indices along with blocks/transacions on refresh (moneromooo-monero) 414b424 core: always use the new simple rct variant (moneromooo-monero) ce5de8b tests: add tests for wallet output selection (moneromooo-monero) 84c82cd wallet: better tx input selection (moneromooo-monero) 1e21651 rct: use the already defined H where possible (moneromooo-monero) 07d353d wallet: handle 0 change properly (moneromooo-monero) e81a2b2 port get_tx_key/check_tx_key to rct (moneromooo-monero) e06faef tests: add basic tests for simple rct api (moneromooo-monero) a4d4d61 integrate simple rct api (moneromooo-monero) 1e8d37e serialization: add override for serializing bool (moneromooo-monero) dbb5f2d ringct: optimization/cleanup of hash functions (Shen Noether) 4fd01f2 ringct: "simple" ringct variant (Shen Noether) 37c895e wallet: rct specific output selection (moneromooo-monero) 1181c57 wallet: make sweep_all work with rct txes too (moneromooo-monero) c2ec6d3 mixable transactions must be rct for v3 (moneromooo-monero) 1017a75 wallet: factor transfer_rct code with transfer code (moneromooo-monero) f5465d8 Condition v2 txes on v3 hard fork (moneromooo-monero) 59a66e2 move the rct commitments to the output_amounts database (moneromooo-monero) 6d0e471 rct: add the tx prefix hash into the MLSAG (moneromooo-monero) 35dce5c ringct: fix size unit mismatch calling keccak (moneromooo-monero) 20e50ec ringct: do not serialize what can be reconstructed (moneromooo-monero) 106e3dc Add rct core tests (moneromooo-monero) ada5275 Use the supplied hard fork version in validate_miner_transaction (moneromooo-monero) acbe06d wallet: update spent status when an accepted tx disappears (moneromooo-monero) 089df4a wallet: reset output spent status on blockchain reorg (moneromooo-monero) 73d59f1 ringct: catch errors from ge_frombytes_vartime (moneromooo-monero) 161551e tests: test for ringct rctSig data sizes (moneromooo-monero) 359f469 ringct: add missing size check for ecdhInfo (moneromooo-monero) 229968e ringct: change asserts to return false for boolean functions (moneromooo-monero) dc4aad7 add rct to the protocol (moneromooo-monero) 211d1db db_lmdb: update reset for recent db changes (moneromooo-monero) dee42d6 ringct: add functions to commit to an amount (moneromooo-monero) cc7f449 make rct tx serialization work (moneromooo-monero) e70e8a6 crypto: error out where appropriate (moneromooo-monero) 54f7429 ringct: allow no outputs, and add tests for this and fees (moneromooo-monero) e99904a ringct: make fee optional (moneromooo-monero) f8c04ad ringct: txn fee stuff (Shen Noether) 66f9626 ringct: new {gen,decode}Rct APIs for convenience (moneromooo-monero) 789b2e2 ringct: add more convenience functions (moneromooo-monero) 9856443 core: link against libringct (moneromooo-monero) 4258dab core: new /getrandom_rctouts.bin binary RPC call (moneromooo-monero) c3a2e14 ringct: add convenience functions to bridge ringct and cryptonote (moneromooo-monero) eb56d0f blockchain_db: add functions for adding/removing/getting rct commitments (moneromooo-monero) 82072e7 ringct: restore verRange check in debug mode (moneromooo-monero) 63856ca ringct: add check for destinations/amount size being equal (moneromooo-monero) e816a09 ringct: fix off by 1 in mixin usage (moneromooo-monero) 09c5ea4 ringct: simplify random key generation (moneromooo-monero) 53cdf4d tests: new ringct test for checking H2 values (Shen Noether) 56f6549 ringct: cosmetic fixes (Shen Noether) 55ff136 ringct: changes to hashToPointSimple to calcualte H2 values (Shen Noether) 63733b1 ringct: compare keys with bitwise equality, not crypto ops (Shen Noether) 98f4c6f ringct: fix size argument to cn_fast_hash (Shen Noether) 720ac85 tests: zero inputs/outputs are in fact supposed to be accepted (moneromooo-monero) 84948ea ringct: add a test for prooveRange being non deterministic (moneromooo-monero) 09fb9f4 Fix sc_0 to skGen in ProveRange (Shen Noether) d37c1db ringct: add a few consts where appropriate (moneromooo-monero) 700248f tests: more ringct range proof tests (moneromooo-monero) d02f999 rct: add serialization machinery to rct types (moneromooo-monero) 0ff8305 serialization: declare do_serialize specializations before use (moneromooo-monero) 8b135e7 Added note on generating H2 (Shen Noether) 4d639d9 Fixed missing last index H2 (Shen Noether) 9e82b69 remove original Cryptonote blockchain_storage blockchain format (moneromooo-monero) 86b4426 ringct: lock access to the PRNG (moneromooo-monero) 4d7f073 ringct: add simple input validation (moneromooo-monero) 57779ab tests: add some more ringct building block tests (moneromooo-monero) b656001 ringct: add convenience operators to key (moneromooo-monero) 2d6303f tests: add Shen Noether's basic ringct tests (moneromooo-monero) 9b1afe5 ringct: import of Shen Noether's ring confidential transactions (moneromooo-monero)
-rw-r--r--CMakeLists.txt4
-rw-r--r--src/CMakeLists.txt1
-rw-r--r--src/blockchain_db/berkeleydb/db_bdb.cpp2
-rw-r--r--src/blockchain_db/berkeleydb/db_bdb.h2
-rw-r--r--src/blockchain_db/blockchain_db.cpp18
-rw-r--r--src/blockchain_db/blockchain_db.h4
-rw-r--r--src/blockchain_db/lmdb/db_lmdb.cpp67
-rw-r--r--src/blockchain_db/lmdb/db_lmdb.h4
-rw-r--r--src/blockchain_utilities/CMakeLists.txt33
-rw-r--r--src/blockchain_utilities/README.md7
-rw-r--r--src/blockchain_utilities/blockchain_converter.cpp306
-rw-r--r--src/blockchain_utilities/blockchain_dump.cpp20
-rw-r--r--src/blockchain_utilities/blockchain_export.cpp15
-rw-r--r--src/blockchain_utilities/blockchain_import.cpp40
-rw-r--r--src/blockchain_utilities/blockchain_utilities.h15
-rw-r--r--src/blockchain_utilities/blocksdat_file.cpp4
-rw-r--r--src/blockchain_utilities/blocksdat_file.h10
-rw-r--r--src/blockchain_utilities/bootstrap_file.cpp32
-rw-r--r--src/blockchain_utilities/bootstrap_file.h10
-rw-r--r--src/blockchain_utilities/fake_core.h64
-rw-r--r--src/common/json_util.h4
-rw-r--r--src/crypto/crypto-ops.c14
-rw-r--r--src/crypto/crypto-ops.h8
-rw-r--r--src/crypto/crypto.cpp6
-rw-r--r--src/crypto/crypto.h21
-rw-r--r--src/crypto/keccak.c6
-rw-r--r--src/crypto/keccak.h4
-rw-r--r--src/cryptonote_config.h2
-rw-r--r--src/cryptonote_core/CMakeLists.txt3
-rw-r--r--src/cryptonote_core/blockchain.cpp575
-rw-r--r--src/cryptonote_core/blockchain.h50
-rw-r--r--src/cryptonote_core/blockchain_storage.cpp1952
-rw-r--r--src/cryptonote_core/blockchain_storage.h377
-rw-r--r--src/cryptonote_core/cryptonote_basic.h81
-rw-r--r--src/cryptonote_core/cryptonote_boost_serialization.h120
-rw-r--r--src/cryptonote_core/cryptonote_core.cpp60
-rw-r--r--src/cryptonote_core/cryptonote_core.h21
-rw-r--r--src/cryptonote_core/cryptonote_format_utils.cpp251
-rw-r--r--src/cryptonote_core/cryptonote_format_utils.h13
-rw-r--r--src/cryptonote_core/tx_pool.cpp79
-rw-r--r--src/cryptonote_core/tx_pool.h19
-rw-r--r--src/cryptonote_core/verification_context.h1
-rw-r--r--src/ringct/CMakeLists.txt59
-rw-r--r--src/ringct/rctCryptoOps.c221
-rw-r--r--src/ringct/rctCryptoOps.h37
-rw-r--r--src/ringct/rctOps.cpp475
-rw-r--r--src/ringct/rctOps.h171
-rw-r--r--src/ringct/rctSigs.cpp875
-rw-r--r--src/ringct/rctSigs.h150
-rw-r--r--src/ringct/rctTypes.cpp208
-rw-r--r--src/ringct/rctTypes.h405
-rw-r--r--src/rpc/core_rpc_server.cpp48
-rw-r--r--src/rpc/core_rpc_server.h2
-rw-r--r--src/rpc/core_rpc_server_commands_defs.h57
-rw-r--r--src/serialization/crypto.h1
-rw-r--r--src/serialization/serialization.h6
-rw-r--r--src/serialization/vector.h5
-rw-r--r--src/simplewallet/simplewallet.cpp151
-rw-r--r--src/simplewallet/simplewallet.h6
-rw-r--r--src/wallet/api/transaction_history.cpp5
-rw-r--r--src/wallet/api/wallet.cpp12
-rw-r--r--src/wallet/wallet2.cpp1059
-rw-r--r--src/wallet/wallet2.h143
-rw-r--r--src/wallet/wallet_rpc_server.cpp27
-rw-r--r--src/wallet/wallet_rpc_server_commands_defs.h31
-rw-r--r--tests/core_proxy/core_proxy.h3
-rw-r--r--tests/core_tests/CMakeLists.txt6
-rw-r--r--tests/core_tests/block_validation.cpp6
-rw-r--r--tests/core_tests/chaingen.cpp16
-rw-r--r--tests/core_tests/chaingen.h13
-rw-r--r--tests/core_tests/chaingen_main.cpp29
-rw-r--r--tests/core_tests/chaingen_tests_list.h1
-rw-r--r--tests/core_tests/double_spend.inl3
-rw-r--r--tests/core_tests/integer_overflow.cpp3
-rw-r--r--tests/core_tests/rct.cpp499
-rw-r--r--tests/core_tests/rct.h264
-rw-r--r--tests/core_tests/transaction_tests.cpp26
-rw-r--r--tests/core_tests/tx_validation.cpp12
-rw-r--r--tests/core_tests/v2_tests.cpp11
-rw-r--r--tests/core_tests/v2_tests.h2
-rw-r--r--tests/functional_tests/transactions_flow_test.cpp2
-rw-r--r--tests/functional_tests/transactions_generation_from_blockchain.cpp2
-rw-r--r--tests/performance_tests/multi_tx_test_base.h3
-rw-r--r--tests/unit_tests/CMakeLists.txt5
-rw-r--r--tests/unit_tests/hardfork.cpp2
-rw-r--r--tests/unit_tests/output_selection.cpp103
-rw-r--r--tests/unit_tests/ringct.cpp1070
-rw-r--r--tests/unit_tests/serialization.cpp198
88 files changed, 7239 insertions, 3519 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5ac4a2f95..1bf684f60 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -235,10 +235,6 @@ elseif (DATABASE STREQUAL "berkeleydb")
message(STATUS "Using Berkeley DB as default DB type")
add_definitions("-DDEFAULT_DB_TYPE=\"berkeley\"")
-elseif (DATABASE STREQUAL "memory")
- set(BLOCKCHAIN_DB DB_MEMORY)
- message(STATUS "Using Serialised In Memory as default DB type")
- add_definitions("-DDEFAULT_DB_TYPE=\"memory\"")
else()
die("Invalid database type: ${DATABASE}")
endif()
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index dfa31aa72..70bb215d0 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -91,6 +91,7 @@ endfunction ()
add_subdirectory(common)
add_subdirectory(crypto)
+add_subdirectory(ringct)
add_subdirectory(cryptonote_core)
add_subdirectory(blockchain_db)
add_subdirectory(mnemonics)
diff --git a/src/blockchain_db/berkeleydb/db_bdb.cpp b/src/blockchain_db/berkeleydb/db_bdb.cpp
index 4d759d157..4ec284e38 100644
--- a/src/blockchain_db/berkeleydb/db_bdb.cpp
+++ b/src/blockchain_db/berkeleydb/db_bdb.cpp
@@ -361,7 +361,7 @@ void BlockchainBDB::remove_transaction_data(const crypto::hash& tx_hash, const t
throw1(DB_ERROR("Failed to add removal of tx outputs to db transaction"));
}
-void BlockchainBDB::add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time)
+void BlockchainBDB::add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time, const rct::key *commitment)
{
LOG_PRINT_L3("BlockchainBDB::" << __func__);
check_open();
diff --git a/src/blockchain_db/berkeleydb/db_bdb.h b/src/blockchain_db/berkeleydb/db_bdb.h
index 6bc26ed3d..f8e9440bd 100644
--- a/src/blockchain_db/berkeleydb/db_bdb.h
+++ b/src/blockchain_db/berkeleydb/db_bdb.h
@@ -364,7 +364,7 @@ private:
virtual void remove_transaction_data(const crypto::hash& tx_hash, const transaction& tx);
- virtual void add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time);
+ virtual void add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time, const rct::key *commitment);
virtual void remove_output(const tx_out& tx_output);
diff --git a/src/blockchain_db/blockchain_db.cpp b/src/blockchain_db/blockchain_db.cpp
index 68f635d18..7eb81d933 100644
--- a/src/blockchain_db/blockchain_db.cpp
+++ b/src/blockchain_db/blockchain_db.cpp
@@ -46,6 +46,7 @@ void BlockchainDB::pop_block()
void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const transaction& tx, const crypto::hash* tx_hash_ptr)
{
+ bool miner_tx = false;
crypto::hash tx_hash;
if (!tx_hash_ptr)
{
@@ -67,6 +68,7 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const transacti
else if (tx_input.type() == typeid(txin_gen))
{
/* nothing to do here */
+ miner_tx = true;
}
else
{
@@ -90,7 +92,21 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const transacti
// we need the index
for (uint64_t i = 0; i < tx.vout.size(); ++i)
{
- amount_output_indices.push_back(add_output(tx_hash, tx.vout[i], i, tx.unlock_time));
+ // miner v2 txes have their coinbase output in one single out to save space,
+ // and we store them as rct outputs with an identity mask
+ if (miner_tx && tx.version == 2)
+ {
+ cryptonote::tx_out vout = tx.vout[i];
+ rct::key commitment = rct::zeroCommit(vout.amount);
+ vout.amount = 0;
+ amount_output_indices.push_back(add_output(tx_hash, vout, i, tx.unlock_time,
+ &commitment));
+ }
+ else
+ {
+ amount_output_indices.push_back(add_output(tx_hash, tx.vout[i], i, tx.unlock_time,
+ tx.version > 1 ? &tx.rct_signatures.outPk[i].mask : NULL));
+ }
}
add_tx_amount_output_indices(tx_id, amount_output_indices);
}
diff --git a/src/blockchain_db/blockchain_db.h b/src/blockchain_db/blockchain_db.h
index 4c2157a39..d26080a3b 100644
--- a/src/blockchain_db/blockchain_db.h
+++ b/src/blockchain_db/blockchain_db.h
@@ -110,6 +110,7 @@ struct output_data_t
crypto::public_key pubkey; //!< the output's public key (for spend verification)
uint64_t unlock_time; //!< the output's unlock time (or height)
uint64_t height; //!< the height of the block which created the output
+ rct::key commitment; //!< the output's amount commitment (for spend verification)
};
#pragma pack(pop)
@@ -407,9 +408,10 @@ private:
* @param tx_output the output
* @param local_index index of the output in its transaction
* @param unlock_time unlock time/height of the output
+ * @param commitment the rct commitment to the output amount
* @return amount output index
*/
- virtual uint64_t add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time) = 0;
+ virtual uint64_t add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time, const rct::key *commitment) = 0;
/**
* @brief store amount output indices for a tx's outputs
diff --git a/src/blockchain_db/lmdb/db_lmdb.cpp b/src/blockchain_db/lmdb/db_lmdb.cpp
index 0464ece59..a0a0a041d 100644
--- a/src/blockchain_db/lmdb/db_lmdb.cpp
+++ b/src/blockchain_db/lmdb/db_lmdb.cpp
@@ -51,6 +51,13 @@ using epee::string_tools::pod_to_hex;
namespace
{
+struct pre_rct_output_data_t
+{
+ crypto::public_key pubkey; //!< the output's public key (for spend verification)
+ uint64_t unlock_time; //!< the output's unlock time (or height)
+ uint64_t height; //!< the height of the block which created the output
+};
+
template <typename T>
inline void throw0(const T &e)
{
@@ -242,6 +249,12 @@ typedef struct txindex {
tx_data_t data;
} txindex;
+typedef struct pre_rct_outkey {
+ uint64_t amount_index;
+ uint64_t output_id;
+ pre_rct_output_data_t data;
+} pre_rct_outkey;
+
typedef struct outkey {
uint64_t amount_index;
uint64_t output_id;
@@ -765,7 +778,8 @@ void BlockchainLMDB::remove_transaction_data(const crypto::hash& tx_hash, const
uint64_t BlockchainLMDB::add_output(const crypto::hash& tx_hash,
const tx_out& tx_output,
const uint64_t& local_index,
- const uint64_t unlock_time)
+ const uint64_t unlock_time,
+ const rct::key *commitment)
{
LOG_PRINT_L3("BlockchainLMDB::" << __func__);
check_open();
@@ -778,6 +792,8 @@ uint64_t BlockchainLMDB::add_output(const crypto::hash& tx_hash,
if (tx_output.target.type() != typeid(txout_to_key))
throw0(DB_ERROR("Wrong output type: expected txout_to_key"));
+ if (tx_output.amount == 0 && !commitment)
+ throw0(DB_ERROR("RCT output without commitment"));
outtx ot = {m_num_outputs, tx_hash, local_index};
MDB_val_set(vot, ot);
@@ -806,8 +822,16 @@ uint64_t BlockchainLMDB::add_output(const crypto::hash& tx_hash,
ok.data.pubkey = boost::get < txout_to_key > (tx_output.target).key;
ok.data.unlock_time = unlock_time;
ok.data.height = m_height;
+ if (tx_output.amount == 0)
+ {
+ ok.data.commitment = *commitment;
+ data.mv_size = sizeof(ok);
+ }
+ else
+ {
+ data.mv_size = sizeof(pre_rct_outkey);
+ }
data.mv_data = &ok;
- data.mv_size = sizeof(ok);
if ((result = mdb_cursor_put(m_cur_output_amounts, &val_amount, &data, MDB_APPENDDUP)))
throw0(DB_ERROR(lmdb_error("Failed to add output pubkey to db transaction: ", result).c_str()));
@@ -1234,6 +1258,7 @@ void BlockchainLMDB::reset()
mdb_txn_safe txn;
if (auto result = mdb_txn_begin(m_env, NULL, 0, txn))
throw0(DB_ERROR(lmdb_error("Failed to create a transaction for the db: ", result).c_str()));
+
if (auto result = mdb_drop(txn, m_blocks, 0))
throw0(DB_ERROR(lmdb_error("Failed to drop m_blocks: ", result).c_str()));
if (auto result = mdb_drop(txn, m_block_info, 0))
@@ -1242,6 +1267,8 @@ void BlockchainLMDB::reset()
throw0(DB_ERROR(lmdb_error("Failed to drop m_block_heights: ", result).c_str()));
if (auto result = mdb_drop(txn, m_txs, 0))
throw0(DB_ERROR(lmdb_error("Failed to drop m_txs: ", result).c_str()));
+ if (auto result = mdb_drop(txn, m_tx_indices, 0))
+ throw0(DB_ERROR(lmdb_error("Failed to drop m_tx_indices: ", result).c_str()));
if (auto result = mdb_drop(txn, m_tx_outputs, 0))
throw0(DB_ERROR(lmdb_error("Failed to drop m_tx_outputs: ", result).c_str()));
if (auto result = mdb_drop(txn, m_output_txs, 0))
@@ -1255,6 +1282,13 @@ void BlockchainLMDB::reset()
throw0(DB_ERROR(lmdb_error("Failed to drop m_hf_versions: ", result).c_str()));
if (auto result = mdb_drop(txn, m_properties, 0))
throw0(DB_ERROR(lmdb_error("Failed to drop m_properties: ", result).c_str()));
+
+ // init with current version
+ MDB_val_copy<const char*> k("version");
+ MDB_val_copy<uint32_t> v(VERSION);
+ if (auto result = mdb_put(txn, m_properties, &k, &v, 0))
+ throw0(DB_ERROR(lmdb_error("Failed to write version to database: ", result).c_str()));
+
txn.commit();
m_height = 0;
m_num_outputs = 0;
@@ -1923,8 +1957,19 @@ output_data_t BlockchainLMDB::get_output_key(const uint64_t& amount, const uint6
throw1(OUTPUT_DNE("Attempting to get output pubkey by index, but key does not exist"));
else if (get_result)
throw0(DB_ERROR("Error attempting to retrieve an output pubkey from the db"));
- outkey *okp = (outkey *)v.mv_data;
- output_data_t ret = okp->data;
+
+ output_data_t ret;
+ if (amount == 0)
+ {
+ const outkey *okp = (const outkey *)v.mv_data;
+ ret = okp->data;
+ }
+ else
+ {
+ const pre_rct_outkey *okp = (const pre_rct_outkey *)v.mv_data;
+ memcpy(&ret, &okp->data, sizeof(pre_rct_output_data_t));;
+ ret.commitment = rct::zeroCommit(amount);
+ }
TXN_POSTFIX_RDONLY();
return ret;
}
@@ -2547,8 +2592,18 @@ void BlockchainLMDB::get_output_key(const uint64_t &amount, const std::vector<ui
else if (get_result)
throw0(DB_ERROR(lmdb_error("Error attempting to retrieve an output pubkey from the db", get_result).c_str()));
- outkey *okp = (outkey *)v.mv_data;
- output_data_t data = okp->data;
+ output_data_t data;
+ if (amount == 0)
+ {
+ const outkey *okp = (const outkey *)v.mv_data;
+ data = okp->data;
+ }
+ else
+ {
+ const pre_rct_outkey *okp = (const pre_rct_outkey *)v.mv_data;
+ memcpy(&data, &okp->data, sizeof(pre_rct_output_data_t));
+ data.commitment = rct::zeroCommit(amount);
+ }
outputs.push_back(data);
}
diff --git a/src/blockchain_db/lmdb/db_lmdb.h b/src/blockchain_db/lmdb/db_lmdb.h
index d60701bbe..050e9e0ae 100644
--- a/src/blockchain_db/lmdb/db_lmdb.h
+++ b/src/blockchain_db/lmdb/db_lmdb.h
@@ -30,6 +30,7 @@
#include "blockchain_db/blockchain_db.h"
#include "cryptonote_protocol/blobdatatype.h" // for type blobdata
+#include "ringct/rctTypes.h"
#include <boost/thread/tss.hpp>
#include <lmdb.h>
@@ -292,7 +293,8 @@ private:
virtual uint64_t add_output(const crypto::hash& tx_hash,
const tx_out& tx_output,
const uint64_t& local_index,
- const uint64_t unlock_time
+ const uint64_t unlock_time,
+ const rct::key *commitment
);
virtual void add_tx_amount_output_indices(const uint64_t tx_id,
diff --git a/src/blockchain_utilities/CMakeLists.txt b/src/blockchain_utilities/CMakeLists.txt
index 96b30b83b..d98c2ce83 100644
--- a/src/blockchain_utilities/CMakeLists.txt
+++ b/src/blockchain_utilities/CMakeLists.txt
@@ -26,15 +26,6 @@
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-set(blockchain_converter_sources
- blockchain_converter.cpp
- )
-
-set(blockchain_converter_private_headers)
-
-bitmonero_private_headers(blockchain_converter
- ${blockchain_converter_private_headers})
-
set(blockchain_import_sources
blockchain_import.cpp
bootstrap_file.cpp
@@ -87,30 +78,6 @@ bitmonero_private_headers(cn_deserialize
${cn_deserialize_private_headers})
-if (BLOCKCHAIN_DB STREQUAL DB_LMDB)
-bitmonero_add_executable(blockchain_converter
- ${blockchain_converter_sources}
- ${blockchain_converter_private_headers})
-
-target_link_libraries(blockchain_converter
- LINK_PRIVATE
- cryptonote_core
- p2p
- blockchain_db
- ${CMAKE_THREAD_LIBS_INIT})
-
-if(ARCH_WIDTH)
- target_compile_definitions(blockchain_converter
- PUBLIC -DARCH_WIDTH=${ARCH_WIDTH})
-endif()
-
-add_dependencies(blockchain_converter
- version)
-set_property(TARGET blockchain_converter
- PROPERTY
- OUTPUT_NAME "blockchain_converter")
-endif ()
-
bitmonero_add_executable(blockchain_import
${blockchain_import_sources}
${blockchain_import_private_headers})
diff --git a/src/blockchain_utilities/README.md b/src/blockchain_utilities/README.md
index 9c69647ad..7df6937ad 100644
--- a/src/blockchain_utilities/README.md
+++ b/src/blockchain_utilities/README.md
@@ -18,9 +18,10 @@ e.g.
This is also the default compile setting on the master branch.
-By default, the exporter will use the original in-memory database (blockchain.bin) as its source.
-This default is to make migrating to an LMDB database easy, without having to recompile anything.
-To change the source, adjust `SOURCE_DB` in `src/blockchain_utilities/bootstrap_file.h` according to the comments.
+The exporter will use the LMDB database as its source.
+If you are still using an old style in-memory database (blockchain.bin), you will
+have to either resync from scratch, or use an older version of the tools to export
+it and import it.
## Usage:
diff --git a/src/blockchain_utilities/blockchain_converter.cpp b/src/blockchain_utilities/blockchain_converter.cpp
deleted file mode 100644
index 7c33ec399..000000000
--- a/src/blockchain_utilities/blockchain_converter.cpp
+++ /dev/null
@@ -1,306 +0,0 @@
-// Copyright (c) 2014-2016, The Monero Project
-//
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without modification, are
-// permitted provided that the following conditions are met:
-//
-// 1. Redistributions of source code must retain the above copyright notice, this list of
-// conditions and the following disclaimer.
-//
-// 2. Redistributions in binary form must reproduce the above copyright notice, this list
-// of conditions and the following disclaimer in the documentation and/or other
-// materials provided with the distribution.
-//
-// 3. Neither the name of the copyright holder nor the names of its contributors may be
-// used to endorse or promote products derived from this software without specific
-// prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
-// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
-// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
-// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-#include "include_base_utils.h"
-#include "common/util.h"
-#include "warnings.h"
-#include "crypto/crypto.h"
-#include "cryptonote_config.h"
-#include "cryptonote_core/cryptonote_format_utils.h"
-#include "misc_language.h"
-#include "cryptonote_core/blockchain_storage.h"
-#include "blockchain_db/blockchain_db.h"
-#include "cryptonote_core/blockchain.h"
-#include "blockchain_db/lmdb/db_lmdb.h"
-#include "cryptonote_core/tx_pool.h"
-#include "common/command_line.h"
-#include "serialization/json_utils.h"
-#include "include_base_utils.h"
-#include "version.h"
-#include <iostream>
-
-
-namespace
-{
-
-// CONFIG
-bool opt_batch = true;
-bool opt_resume = true;
-bool opt_testnet = false;
-
-// number of blocks per batch transaction
-// adjustable through command-line argument according to available RAM
-#if ARCH_WIDTH != 32
-uint64_t db_batch_size_verify = 5000;
-#else
-// set a lower default batch size for Windows, pending possible LMDB issue with
-// large batch size.
-uint64_t db_batch_size_verify = 100;
-#endif
-
-// converter only uses verify mode
-uint64_t db_batch_size = db_batch_size_verify;
-
-}
-
-namespace po = boost::program_options;
-
-using namespace cryptonote;
-using namespace epee;
-
-struct fake_core
-{
- Blockchain dummy;
- tx_memory_pool m_pool;
-
- blockchain_storage m_storage;
-
-#if !defined(BLOCKCHAIN_DB)
- // for multi_db_runtime:
- fake_core(const boost::filesystem::path &path, const bool use_testnet) : dummy(m_pool), m_pool(&dummy), m_storage(m_pool)
-#else
- // for multi_db_compile:
- fake_core(const boost::filesystem::path &path, const bool use_testnet) : dummy(m_pool), m_pool(dummy), m_storage(&m_pool)
-#endif
- {
- m_pool.init(path.string());
- m_storage.init(path.string(), use_testnet);
- }
-};
-
-int main(int argc, char* argv[])
-{
- uint64_t height = 0;
- uint64_t start_block = 0;
- uint64_t end_block = 0;
- uint64_t num_blocks = 0;
-
- boost::filesystem::path default_data_path {tools::get_default_data_dir()};
- boost::filesystem::path default_testnet_data_path {default_data_path / "testnet"};
-
-
- po::options_description desc_cmd_only("Command line options");
- po::options_description desc_cmd_sett("Command line options and settings options");
- const command_line::arg_descriptor<uint32_t> arg_log_level = {"log-level", "", LOG_LEVEL_0};
- const command_line::arg_descriptor<uint64_t> arg_batch_size = {"batch-size", "", db_batch_size};
- const command_line::arg_descriptor<bool> arg_testnet_on = {
- "testnet"
- , "Run on testnet."
- , opt_testnet
- };
- const command_line::arg_descriptor<uint64_t> arg_block_number =
- {"block-number", "Number of blocks (default: use entire source blockchain)",
- 0};
-
- command_line::add_arg(desc_cmd_sett, command_line::arg_data_dir, default_data_path.string());
- command_line::add_arg(desc_cmd_sett, command_line::arg_testnet_data_dir, default_testnet_data_path.string());
- command_line::add_arg(desc_cmd_sett, arg_log_level);
- command_line::add_arg(desc_cmd_sett, arg_batch_size);
- command_line::add_arg(desc_cmd_sett, arg_testnet_on);
- command_line::add_arg(desc_cmd_sett, arg_block_number);
-
- command_line::add_arg(desc_cmd_only, command_line::arg_help);
-
- const command_line::arg_descriptor<bool> arg_batch = {"batch",
- "Batch transactions for faster import", true};
- const command_line::arg_descriptor<bool> arg_resume = {"resume",
- "Resume from current height if output database already exists", true};
-
- // call add_options() directly for these arguments since command_line helpers
- // support only boolean switch, not boolean argument
- desc_cmd_sett.add_options()
- (arg_batch.name, make_semantic(arg_batch), arg_batch.description)
- (arg_resume.name, make_semantic(arg_resume), arg_resume.description)
- ;
-
- po::options_description desc_options("Allowed options");
- desc_options.add(desc_cmd_only).add(desc_cmd_sett);
-
-
- po::variables_map vm;
- bool r = command_line::handle_error_helper(desc_options, [&]()
- {
- po::store(po::parse_command_line(argc, argv, desc_options), vm);
- po::notify(vm);
-
- return true;
- });
- if (!r)
- return 1;
-
- int log_level = command_line::get_arg(vm, arg_log_level);
- opt_batch = command_line::get_arg(vm, arg_batch);
- opt_resume = command_line::get_arg(vm, arg_resume);
- db_batch_size = command_line::get_arg(vm, arg_batch_size);
-
- if (command_line::get_arg(vm, command_line::arg_help))
- {
- std::cout << "Monero '" << MONERO_RELEASE_NAME << "' (v" << MONERO_VERSION_FULL << ")" << ENDL << ENDL;
- std::cout << desc_options << std::endl;
- return 1;
- }
-
- if (! opt_batch && ! vm["batch-size"].defaulted())
- {
- std::cerr << "Error: batch-size set, but batch option not enabled" << ENDL;
- return 1;
- }
- if (! db_batch_size)
- {
- std::cerr << "Error: batch-size must be > 0" << ENDL;
- return 1;
- }
-
- log_space::get_set_log_detalisation_level(true, log_level);
- log_space::log_singletone::add_logger(LOGGER_CONSOLE, NULL, NULL);
- LOG_PRINT_L0("Starting...");
-
- std::string src_folder;
- opt_testnet = command_line::get_arg(vm, arg_testnet_on);
- auto data_dir_arg = opt_testnet ? command_line::arg_testnet_data_dir : command_line::arg_data_dir;
- src_folder = command_line::get_arg(vm, data_dir_arg);
- boost::filesystem::path dest_folder(src_folder);
-
- num_blocks = command_line::get_arg(vm, arg_block_number);
-
- if (opt_batch)
- {
- LOG_PRINT_L0("batch: " << std::boolalpha << opt_batch << std::noboolalpha
- << " batch size: " << db_batch_size);
- }
- else
- {
- LOG_PRINT_L0("batch: " << std::boolalpha << opt_batch << std::noboolalpha);
- }
- LOG_PRINT_L0("resume: " << std::boolalpha << opt_resume << std::noboolalpha);
- LOG_PRINT_L0("testnet: " << std::boolalpha << opt_testnet << std::noboolalpha);
-
- fake_core c(src_folder, opt_testnet);
-
- height = c.m_storage.get_current_blockchain_height();
-
- BlockchainDB *blockchain;
- blockchain = new BlockchainLMDB(opt_batch);
- dest_folder /= blockchain->get_db_name();
- LOG_PRINT_L0("Source blockchain: " << src_folder);
- LOG_PRINT_L0("Dest blockchain: " << dest_folder.string());
- LOG_PRINT_L0("Opening dest blockchain (BlockchainDB " << blockchain->get_db_name() << ")");
- blockchain->open(dest_folder.string());
- LOG_PRINT_L0("Source blockchain height: " << height);
- LOG_PRINT_L0("Dest blockchain height: " << blockchain->height());
-
- if (opt_resume)
- // next block number to add is same as current height
- start_block = blockchain->height();
-
- if (! num_blocks || (start_block + num_blocks > height))
- end_block = height - 1;
- else
- end_block = start_block + num_blocks - 1;
-
- LOG_PRINT_L0("start height: " << start_block+1 << " stop height: " <<
- end_block+1);
-
- if (start_block > end_block)
- {
- LOG_PRINT_L0("Finished: no blocks to add");
- delete blockchain;
- return 0;
- }
-
- if (opt_batch)
- blockchain->batch_start(db_batch_size);
- uint64_t i = 0;
- for (i = start_block; i < end_block + 1; ++i)
- {
- // block: i height: i+1 end height: end_block + 1
- if ((i+1) % 10 == 0)
- {
- std::cout << "\r \r" << "height " << i+1 << "/" <<
- end_block+1 << " (" << (i+1)*100/(end_block+1)<< "%)" << std::flush;
- }
- // for debugging:
- // std::cout << "height " << i+1 << "/" << end_block+1
- // << " ((" << i+1 << ")*100/(end_block+1))" << "%)" << ENDL;
-
- block b = c.m_storage.get_block(i);
- size_t bsize = c.m_storage.get_block_size(i);
- difficulty_type bdiff = c.m_storage.get_block_cumulative_difficulty(i);
- uint64_t bcoins = c.m_storage.get_block_coins_generated(i);
- std::vector<transaction> txs;
- std::vector<crypto::hash> missed;
-
- c.m_storage.get_transactions(b.tx_hashes, txs, missed);
- if (missed.size())
- {
- std::cout << ENDL;
- std::cerr << "Missed transaction(s) for block at height " << i + 1 << ", exiting" << ENDL;
- delete blockchain;
- return 1;
- }
-
- try
- {
- blockchain->add_block(b, bsize, bdiff, bcoins, txs);
-
- if (opt_batch)
- {
- if ((i < end_block) && ((i + 1) % db_batch_size == 0))
- {
- std::cout << "\r \r";
- std::cout << "[- batch commit at height " << i + 1 << " -]" << ENDL;
- blockchain->batch_stop();
- blockchain->batch_start(db_batch_size);
- std::cout << ENDL;
- blockchain->show_stats();
- }
- }
- }
- catch (const std::exception& e)
- {
- std::cout << ENDL;
- std::cerr << "Error adding block " << i << " to new blockchain: " << e.what() << ENDL;
- delete blockchain;
- return 2;
- }
- }
- if (opt_batch)
- {
- std::cout << "\r \r" << "height " << i << "/" <<
- end_block+1 << " (" << (i)*100/(end_block+1)<< "%)" << std::flush;
- std::cout << ENDL;
- std::cout << "[- batch commit at height " << i << " -]" << ENDL;
- blockchain->batch_stop();
- }
- std::cout << ENDL;
- blockchain->show_stats();
- std::cout << "Finished at height: " << i << " block: " << i-1 << ENDL;
-
- delete blockchain;
- return 0;
-}
diff --git a/src/blockchain_utilities/blockchain_dump.cpp b/src/blockchain_utilities/blockchain_dump.cpp
index 23619eaeb..626900d42 100644
--- a/src/blockchain_utilities/blockchain_dump.cpp
+++ b/src/blockchain_utilities/blockchain_dump.cpp
@@ -27,8 +27,8 @@
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "cryptonote_core/cryptonote_basic.h"
-#include "cryptonote_core/blockchain_storage.h"
#include "cryptonote_core/blockchain.h"
+#include "cryptonote_core/tx_pool.h"
#include "blockchain_db/blockchain_db.h"
#include "blockchain_db/lmdb/db_lmdb.h"
#ifdef BERKELEY_DB
@@ -103,7 +103,6 @@ int main(int argc, char* argv[])
const command_line::arg_descriptor<std::string> arg_output_file = {"output-file", "Specify output file", "", true};
const command_line::arg_descriptor<uint32_t> arg_log_level = {"log-level", "", log_level};
const command_line::arg_descriptor<uint64_t> arg_block_stop = {"block-stop", "Stop at block number", block_stop};
-#if SOURCE_DB != DB_MEMORY
const command_line::arg_descriptor<std::string> arg_db_type = {
"db-type"
, "Specify database type"
@@ -114,7 +113,6 @@ int main(int argc, char* argv[])
, "Include data that is only in a database version."
, false
};
-#endif
const command_line::arg_descriptor<bool> arg_testnet_on = {
"testnet"
, "Run on testnet."
@@ -125,10 +123,8 @@ int main(int argc, char* argv[])
command_line::add_arg(desc_cmd_sett, command_line::arg_data_dir, default_data_path.string());
command_line::add_arg(desc_cmd_sett, command_line::arg_testnet_data_dir, default_testnet_data_path.string());
command_line::add_arg(desc_cmd_sett, arg_output_file);
-#if SOURCE_DB != DB_MEMORY
command_line::add_arg(desc_cmd_sett, arg_db_type);
command_line::add_arg(desc_cmd_sett, arg_include_db_only_data);
-#endif
command_line::add_arg(desc_cmd_sett, arg_testnet_on);
command_line::add_arg(desc_cmd_sett, arg_log_level);
command_line::add_arg(desc_cmd_sett, arg_block_stop);
@@ -164,9 +160,7 @@ int main(int argc, char* argv[])
LOG_PRINT_L0("Setting log level = " << log_level);
bool opt_testnet = command_line::get_arg(vm, arg_testnet_on);
-#if SOURCE_DB != DB_MEMORY
bool opt_include_db_only_data = command_line::get_arg(vm, arg_include_db_only_data);
-#endif
std::string m_config_folder;
@@ -208,15 +202,6 @@ int main(int argc, char* argv[])
// If we wanted to use the memory pool, we would set up a fake_core.
-#if SOURCE_DB == DB_MEMORY
- // blockchain_storage* core_storage = NULL;
- // tx_memory_pool m_mempool(*core_storage); // is this fake anyway? just passing in NULL! so m_mempool can't be used anyway, right?
- // core_storage = new blockchain_storage(&m_mempool);
-
- blockchain_storage* core_storage = new blockchain_storage(NULL);
- LOG_PRINT_L0("Initializing source blockchain (in-memory database)");
- r = core_storage->init(m_config_folder, opt_testnet);
-#else
// Use Blockchain instead of lower-level BlockchainDB for two reasons:
// 1. Blockchain has the init() method for easy setup
// 2. exporter needs to use get_current_blockchain_height(), get_block_id_by_height(), get_block_by_hash()
@@ -267,7 +252,6 @@ int main(int argc, char* argv[])
return 1;
}
r = core_storage->init(db, opt_testnet);
-#endif
CHECK_AND_ASSERT_MES(r, false, "Failed to initialize source blockchain storage");
LOG_PRINT_L0("Source blockchain storage initialized OK");
@@ -340,7 +324,6 @@ int main(int argc, char* argv[])
write_pod(d,key_images[n]);
}
end_compound(d);
-#if SOURCE_DB != DB_MEMORY
if (opt_include_db_only_data)
{
start_struct(d, "block_timestamps", true);
@@ -420,7 +403,6 @@ int main(int argc, char* argv[])
write_pod(d, boost::lexical_cast<std::string>(h), (unsigned int)db->get_hard_fork_version(h));
end_compound(d);
}
-#endif
end_compound(d);
CHECK_AND_ASSERT_MES(r, false, "Failed to dump blockchain");
diff --git a/src/blockchain_utilities/blockchain_export.cpp b/src/blockchain_utilities/blockchain_export.cpp
index 964c610cd..231bea337 100644
--- a/src/blockchain_utilities/blockchain_export.cpp
+++ b/src/blockchain_utilities/blockchain_export.cpp
@@ -29,6 +29,7 @@
#include "bootstrap_file.h"
#include "blocksdat_file.h"
#include "common/command_line.h"
+#include "cryptonote_core/tx_pool.h"
#include "blockchain_db/blockchain_db.h"
#include "blockchain_db/lmdb/db_lmdb.h"
#if defined(BERKELEY_DB)
@@ -53,11 +54,7 @@ std::string join_set_strings(const std::unordered_set<std::string>& db_types_all
int main(int argc, char* argv[])
{
-#if defined(BLOCKCHAIN_DB) && (BLOCKCHAIN_DB == DB_MEMORY)
- std::string default_db_type = "memory";
-#else
std::string default_db_type = "lmdb";
-#endif
std::unordered_set<std::string> db_types_all = cryptonote::blockchain_db_types;
db_types_all.insert("memory");
@@ -160,15 +157,6 @@ int main(int argc, char* argv[])
// If we wanted to use the memory pool, we would set up a fake_core.
-#if SOURCE_DB == DB_MEMORY
- // blockchain_storage* core_storage = NULL;
- // tx_memory_pool m_mempool(*core_storage); // is this fake anyway? just passing in NULL! so m_mempool can't be used anyway, right?
- // core_storage = new blockchain_storage(&m_mempool);
-
- blockchain_storage* core_storage = new blockchain_storage(NULL);
- LOG_PRINT_L0("Initializing source blockchain (in-memory database)");
- r = core_storage->init(m_config_folder, opt_testnet);
-#else
// Use Blockchain instead of lower-level BlockchainDB for two reasons:
// 1. Blockchain has the init() method for easy setup
// 2. exporter needs to use get_current_blockchain_height(), get_block_id_by_height(), get_block_by_hash()
@@ -217,7 +205,6 @@ int main(int argc, char* argv[])
return 1;
}
r = core_storage->init(db, opt_testnet);
-#endif
CHECK_AND_ASSERT_MES(r, false, "Failed to initialize source blockchain storage");
LOG_PRINT_L0("Source blockchain storage initialized OK");
diff --git a/src/blockchain_utilities/blockchain_import.cpp b/src/blockchain_utilities/blockchain_import.cpp
index 1aaf2bddc..27c9050f8 100644
--- a/src/blockchain_utilities/blockchain_import.cpp
+++ b/src/blockchain_utilities/blockchain_import.cpp
@@ -222,12 +222,8 @@ int pop_blocks(FakeCore& simple_core, int num_blocks)
std::vector<transaction> popped_txs;
for (int i=0; i < num_blocks; ++i)
{
-#if defined(BLOCKCHAIN_DB) && (BLOCKCHAIN_DB == DB_MEMORY)
- simple_core.m_storage.debug_pop_block_from_blockchain();
-#else
// simple_core.m_storage.pop_block_from_blockchain() is private, so call directly through db
simple_core.m_storage.get_db().pop_block(popped_block, popped_txs);
-#endif
quit = 1;
}
@@ -244,9 +240,7 @@ int pop_blocks(FakeCore& simple_core, int num_blocks)
{
simple_core.batch_stop();
}
-#if !defined(BLOCKCHAIN_DB) || (BLOCKCHAIN_DB == DB_LMDB)
simple_core.m_storage.get_db().show_stats();
-#endif
}
return num_blocks;
@@ -255,11 +249,6 @@ int pop_blocks(FakeCore& simple_core, int num_blocks)
template <typename FakeCore>
int import_from_file(FakeCore& simple_core, const std::string& import_file_path, uint64_t block_stop=0)
{
-#if !defined(BLOCKCHAIN_DB)
- static_assert(std::is_same<fake_core_memory, FakeCore>::value || std::is_same<fake_core_db, FakeCore>::value,
- "FakeCore constraint error");
-#endif
-#if !defined(BLOCKCHAIN_DB) || (BLOCKCHAIN_DB == DB_LMDB)
if (std::is_same<fake_core_db, FakeCore>::value)
{
// Reset stats, in case we're using newly created db, accumulating stats
@@ -267,7 +256,6 @@ int import_from_file(FakeCore& simple_core, const std::string& import_file_path,
// This aligns internal db counts with importer counts.
simple_core.m_storage.get_db().reset_stats();
}
-#endif
boost::filesystem::path fs_import_file_path(import_file_path);
boost::system::error_code ec;
if (!boost::filesystem::exists(fs_import_file_path, ec))
@@ -567,9 +555,7 @@ int import_from_file(FakeCore& simple_core, const std::string& import_file_path,
simple_core.batch_stop();
simple_core.batch_start(db_batch_size);
std::cout << ENDL;
-#if !defined(BLOCKCHAIN_DB) || (BLOCKCHAIN_DB == DB_LMDB)
simple_core.m_storage.get_db().show_stats();
-#endif
}
}
}
@@ -595,9 +581,7 @@ int import_from_file(FakeCore& simple_core, const std::string& import_file_path,
{
simple_core.batch_stop();
}
-#if !defined(BLOCKCHAIN_DB) || (BLOCKCHAIN_DB == DB_LMDB)
simple_core.m_storage.get_db().show_stats();
-#endif
LOG_PRINT_L0("Number of blocks imported: " << num_imported);
if (h > 0)
// TODO: if there was an error, the last added block is probably at zero-based height h-2
@@ -609,13 +593,8 @@ int import_from_file(FakeCore& simple_core, const std::string& import_file_path,
int main(int argc, char* argv[])
{
-#if defined(BLOCKCHAIN_DB) && (BLOCKCHAIN_DB == DB_MEMORY)
- std::string default_db_type = "memory";
- std::string default_db_engine_compiled = "memory";
-#else
std::string default_db_type = "lmdb";
std::string default_db_engine_compiled = "blockchain_db";
-#endif
std::unordered_set<std::string> db_types_all = cryptonote::blockchain_db_types;
db_types_all.insert("memory");
@@ -817,17 +796,11 @@ int main(int argc, char* argv[])
// circumstance.
// for multi_db_runtime:
-#if !defined(BLOCKCHAIN_DB)
if (db_type == "lmdb" || db_type == "berkeley")
{
fake_core_db simple_core(m_config_folder, opt_testnet, opt_batch, db_type, db_flags);
import_from_file(simple_core, import_file_path, block_stop);
}
- else if (db_type == "memory")
- {
- fake_core_memory simple_core(m_config_folder, opt_testnet);
- import_from_file(simple_core, import_file_path, block_stop);
- }
else
{
std::cerr << "database type unrecognized" << ENDL;
@@ -835,17 +808,7 @@ int main(int argc, char* argv[])
}
// for multi_db_compile:
-#else
- if (db_engine_compiled != default_db_engine_compiled)
- {
- std::cerr << "Invalid database type for compiled version: " << db_type << std::endl;
- return 1;
- }
-#if BLOCKCHAIN_DB == DB_LMDB
fake_core_db simple_core(m_config_folder, opt_testnet, opt_batch, db_type, db_flags);
-#else
- fake_core_memory simple_core(m_config_folder, opt_testnet);
-#endif
if (! vm["pop-blocks"].defaulted())
{
@@ -856,17 +819,14 @@ int main(int argc, char* argv[])
return 0;
}
-#if !defined(BLOCKCHAIN_DB) || (BLOCKCHAIN_DB == DB_LMDB)
if (! vm["drop-hard-fork"].defaulted())
{
LOG_PRINT_L0("Dropping hard fork tables...");
simple_core.m_storage.get_db().drop_hard_fork_info();
return 0;
}
-#endif
import_from_file(simple_core, import_file_path, block_stop);
-#endif
}
catch (const DB_ERROR& e)
diff --git a/src/blockchain_utilities/blockchain_utilities.h b/src/blockchain_utilities/blockchain_utilities.h
index 51c17a9b6..6ddda65ec 100644
--- a/src/blockchain_utilities/blockchain_utilities.h
+++ b/src/blockchain_utilities/blockchain_utilities.h
@@ -31,21 +31,6 @@
#include "version.h"
-// CONFIG: choose one of the three #define's
-//
-// DB_MEMORY was a sensible default for users migrating to LMDB, as it allowed
-// the exporter to use the in-memory blockchain while the other binaries
-// work with LMDB, without recompiling anything.
-//
-// Now that the majority of users are on 0.9.2, and the converter has largely
-// become a generalised database tool, the default has changed to DB_LMDB.
-//
-// #define SOURCE_DB DB_MEMORY
-#define SOURCE_DB DB_LMDB
-// to use global compile-time setting (DB_MEMORY or DB_LMDB):
-// #define SOURCE_DB BLOCKCHAIN_DB
-
-
// bounds checking is done before writing to buffer, but buffer size
// should be a sensible maximum
#define BUFFER_SIZE 1000000
diff --git a/src/blockchain_utilities/blocksdat_file.cpp b/src/blockchain_utilities/blocksdat_file.cpp
index 81b56d55e..926562ba2 100644
--- a/src/blockchain_utilities/blocksdat_file.cpp
+++ b/src/blockchain_utilities/blocksdat_file.cpp
@@ -114,11 +114,7 @@ bool BlocksdatFile::close()
}
-#if SOURCE_DB == DB_MEMORY
-bool BlocksdatFile::store_blockchain_raw(blockchain_storage* _blockchain_storage, tx_memory_pool* _tx_pool, boost::filesystem::path& output_file, uint64_t requested_block_stop)
-#else
bool BlocksdatFile::store_blockchain_raw(Blockchain* _blockchain_storage, tx_memory_pool* _tx_pool, boost::filesystem::path& output_file, uint64_t requested_block_stop)
-#endif
{
uint64_t num_blocks_written = 0;
m_blockchain_storage = _blockchain_storage;
diff --git a/src/blockchain_utilities/blocksdat_file.h b/src/blockchain_utilities/blocksdat_file.h
index 92bae9fcb..ed821cd6d 100644
--- a/src/blockchain_utilities/blocksdat_file.h
+++ b/src/blockchain_utilities/blocksdat_file.h
@@ -36,7 +36,6 @@
#include "cryptonote_core/cryptonote_basic.h"
#include "cryptonote_core/cryptonote_boost_serialization.h"
-#include "cryptonote_core/blockchain_storage.h"
#include "cryptonote_core/blockchain.h"
#include "blockchain_db/blockchain_db.h"
#include "blockchain_db/lmdb/db_lmdb.h"
@@ -60,21 +59,12 @@ class BlocksdatFile
{
public:
-#if SOURCE_DB == DB_MEMORY
- bool store_blockchain_raw(cryptonote::blockchain_storage* cs, cryptonote::tx_memory_pool* txp,
- boost::filesystem::path& output_file, uint64_t use_block_height=0);
-#else
bool store_blockchain_raw(cryptonote::Blockchain* cs, cryptonote::tx_memory_pool* txp,
boost::filesystem::path& output_file, uint64_t use_block_height=0);
-#endif
protected:
-#if SOURCE_DB == DB_MEMORY
- blockchain_storage* m_blockchain_storage;
-#else
Blockchain* m_blockchain_storage;
-#endif
std::ofstream * m_raw_data_file;
diff --git a/src/blockchain_utilities/bootstrap_file.cpp b/src/blockchain_utilities/bootstrap_file.cpp
index da3b44593..61bd35a6f 100644
--- a/src/blockchain_utilities/bootstrap_file.cpp
+++ b/src/blockchain_utilities/bootstrap_file.cpp
@@ -223,31 +223,9 @@ void BootstrapFile::write_block(block& block)
{
throw std::runtime_error("Aborting: tx == null_hash");
}
-#if SOURCE_DB == DB_MEMORY
- const transaction* tx = m_blockchain_storage->get_tx(tx_id);
-#else
transaction tx = m_blockchain_storage->get_db().get_tx(tx_id);
-#endif
-#if SOURCE_DB == DB_MEMORY
- if(tx == NULL)
- {
- if (! m_tx_pool)
- throw std::runtime_error("Aborting: tx == NULL, so memory pool required to get tx, but memory pool isn't enabled");
- else
- {
- transaction tx;
- if(m_tx_pool->get_transaction(tx_id, tx))
- txs.push_back(tx);
- else
- throw std::runtime_error("Aborting: tx not found in pool");
- }
- }
- else
- txs.push_back(*tx);
-#else
txs.push_back(tx);
-#endif
}
// these non-coinbase txs will be serialized using this structure
@@ -257,15 +235,9 @@ void BootstrapFile::write_block(block& block)
bool include_extra_block_data = true;
if (include_extra_block_data)
{
-#if SOURCE_DB == DB_MEMORY
- size_t block_size = m_blockchain_storage->get_block_size(block_height);
- difficulty_type cumulative_difficulty = m_blockchain_storage->get_block_cumulative_difficulty(block_height);
- uint64_t coins_generated = m_blockchain_storage->get_block_coins_generated(block_height);
-#else
size_t block_size = m_blockchain_storage->get_db().get_block_size(block_height);
difficulty_type cumulative_difficulty = m_blockchain_storage->get_db().get_block_cumulative_difficulty(block_height);
uint64_t coins_generated = m_blockchain_storage->get_db().get_block_already_generated_coins(block_height);
-#endif
bp.block_size = block_size;
bp.cumulative_difficulty = cumulative_difficulty;
@@ -288,11 +260,7 @@ bool BootstrapFile::close()
}
-#if SOURCE_DB == DB_MEMORY
-bool BootstrapFile::store_blockchain_raw(blockchain_storage* _blockchain_storage, tx_memory_pool* _tx_pool, boost::filesystem::path& output_file, uint64_t requested_block_stop)
-#else
bool BootstrapFile::store_blockchain_raw(Blockchain* _blockchain_storage, tx_memory_pool* _tx_pool, boost::filesystem::path& output_file, uint64_t requested_block_stop)
-#endif
{
uint64_t num_blocks_written = 0;
m_max_chunk = 0;
diff --git a/src/blockchain_utilities/bootstrap_file.h b/src/blockchain_utilities/bootstrap_file.h
index dd134f7ae..0bbe28f17 100644
--- a/src/blockchain_utilities/bootstrap_file.h
+++ b/src/blockchain_utilities/bootstrap_file.h
@@ -35,7 +35,6 @@
#include <boost/iostreams/filtering_streambuf.hpp>
#include "cryptonote_core/cryptonote_basic.h"
-#include "cryptonote_core/blockchain_storage.h"
#include "cryptonote_core/blockchain.h"
#include <algorithm>
@@ -60,21 +59,12 @@ public:
uint64_t count_blocks(const std::string& dir_path);
uint64_t seek_to_first_chunk(std::ifstream& import_file);
-#if SOURCE_DB == DB_MEMORY
- bool store_blockchain_raw(cryptonote::blockchain_storage* cs, cryptonote::tx_memory_pool* txp,
- boost::filesystem::path& output_file, uint64_t use_block_height=0);
-#else
bool store_blockchain_raw(cryptonote::Blockchain* cs, cryptonote::tx_memory_pool* txp,
boost::filesystem::path& output_file, uint64_t use_block_height=0);
-#endif
protected:
-#if SOURCE_DB == DB_MEMORY
- blockchain_storage* m_blockchain_storage;
-#else
Blockchain* m_blockchain_storage;
-#endif
tx_memory_pool* m_tx_pool;
typedef std::vector<char> buffer_type;
diff --git a/src/blockchain_utilities/fake_core.h b/src/blockchain_utilities/fake_core.h
index 2fb5031d3..ba1c2ed72 100644
--- a/src/blockchain_utilities/fake_core.h
+++ b/src/blockchain_utilities/fake_core.h
@@ -30,7 +30,7 @@
#include <boost/filesystem.hpp>
#include "cryptonote_core/blockchain.h" // BlockchainDB
-#include "cryptonote_core/blockchain_storage.h" // in-memory DB
+#include "cryptonote_core/tx_pool.h"
#include "blockchain_db/blockchain_db.h"
#include "blockchain_db/lmdb/db_lmdb.h"
#if defined(BERKELEY_DB)
@@ -48,8 +48,6 @@ namespace
}
-#if !defined(BLOCKCHAIN_DB) || BLOCKCHAIN_DB == DB_LMDB
-
struct fake_core_db
{
Blockchain m_storage;
@@ -59,12 +57,7 @@ struct fake_core_db
bool support_add_block;
// for multi_db_runtime:
-#if !defined(BLOCKCHAIN_DB)
- fake_core_db(const boost::filesystem::path &path, const bool use_testnet=false, const bool do_batch=true, const std::string& db_type="lmdb", const int db_flags=0) : m_pool(&m_storage), m_storage(m_pool)
- // for multi_db_compile:
-#else
fake_core_db(const boost::filesystem::path &path, const bool use_testnet=false, const bool do_batch=true, const std::string& db_type="lmdb", const int db_flags=0) : m_pool(m_storage), m_storage(m_pool)
-#endif
{
m_pool.init(path.string());
@@ -137,59 +130,4 @@ struct fake_core_db
}
};
-#endif
-
-#if !defined(BLOCKCHAIN_DB) || BLOCKCHAIN_DB == DB_MEMORY
-
-struct fake_core_memory
-{
- blockchain_storage m_storage;
- tx_memory_pool m_pool;
- bool support_batch;
- bool support_add_block;
-
- // for multi_db_runtime:
-#if !defined(BLOCKCHAIN_DB)
- fake_core_memory(const boost::filesystem::path &path, const bool use_testnet=false) : m_pool(&m_storage), m_storage(m_pool)
-#else
- // for multi_db_compile:
- fake_core_memory(const boost::filesystem::path &path, const bool use_testnet=false) : m_pool(m_storage), m_storage(&m_pool)
-#endif
- {
- m_pool.init(path.string());
- m_storage.init(path.string(), use_testnet);
- support_batch = false;
- support_add_block = false;
- }
- ~fake_core_memory()
- {
- LOG_PRINT_L3("fake_core_memory() destructor called - want to see it ripple down");
- m_storage.deinit();
- }
-
- uint64_t add_block(const block& blk
- , const size_t& block_size
- , const difficulty_type& cumulative_difficulty
- , const uint64_t& coins_generated
- , const std::vector<transaction>& txs
- )
- {
- // TODO:
- // would need to refactor handle_block_to_main_chain() to have a direct add_block() method like Blockchain class
- throw std::runtime_error("direct add_block() method not implemented for in-memory db");
- return 2;
- }
-
- void batch_start(uint64_t batch_num_blocks = 0)
- {
- LOG_PRINT_L0("WARNING: [batch_start] opt_batch set, but this database doesn't support/need transactions - ignoring");
- }
-
- void batch_stop()
- {
- LOG_PRINT_L0("WARNING: [batch_stop] opt_batch set, but this database doesn't support/need transactions - ignoring");
- }
-
-};
-#endif
diff --git a/src/common/json_util.h b/src/common/json_util.h
index 6f8b4c18f..45046a4fb 100644
--- a/src/common/json_util.h
+++ b/src/common/json_util.h
@@ -28,8 +28,8 @@
#pragma once
-#define GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, name, type, jtype, mandatory) \
- type field_##name; \
+#define GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, name, type, jtype, mandatory, def) \
+ type field_##name = def; \
bool field_##name##_found = false; \
(void)field_##name##_found; \
do if (json.HasMember(#name)) \
diff --git a/src/crypto/crypto-ops.c b/src/crypto/crypto-ops.c
index a9b659a6b..1b390e402 100644
--- a/src/crypto/crypto-ops.c
+++ b/src/crypto/crypto-ops.c
@@ -40,17 +40,15 @@ DISABLE_VS_WARNINGS(4146 4244)
static void fe_mul(fe, const fe, const fe);
static void fe_sq(fe, const fe);
-static void fe_tobytes(unsigned char *, const fe);
static void ge_madd(ge_p1p1 *, const ge_p3 *, const ge_precomp *);
static void ge_msub(ge_p1p1 *, const ge_p3 *, const ge_precomp *);
static void ge_p2_0(ge_p2 *);
static void ge_p3_dbl(ge_p1p1 *, const ge_p3 *);
-static void ge_sub(ge_p1p1 *, const ge_p3 *, const ge_cached *);
static void fe_divpowm1(fe, const fe, const fe);
/* Common functions */
-static uint64_t load_3(const unsigned char *in) {
+uint64_t load_3(const unsigned char *in) {
uint64_t result;
result = (uint64_t) in[0];
result |= ((uint64_t) in[1]) << 8;
@@ -58,7 +56,7 @@ static uint64_t load_3(const unsigned char *in) {
return result;
}
-static uint64_t load_4(const unsigned char *in)
+uint64_t load_4(const unsigned char *in)
{
uint64_t result;
result = (uint64_t) in[0];
@@ -120,7 +118,7 @@ Postconditions:
|h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
*/
-static void fe_add(fe h, const fe f, const fe g) {
+void fe_add(fe h, const fe f, const fe g) {
int32_t f0 = f[0];
int32_t f1 = f[1];
int32_t f2 = f[2];
@@ -258,7 +256,7 @@ static void fe_copy(fe h, const fe f) {
/* From fe_invert.c */
-static void fe_invert(fe out, const fe z) {
+void fe_invert(fe out, const fe z) {
fe t0;
fe t1;
fe t2;
@@ -1031,7 +1029,7 @@ Proof:
so floor(2^(-255)(h + 19 2^(-25) h9 + 2^(-1))) = q.
*/
-static void fe_tobytes(unsigned char *s, const fe h) {
+void fe_tobytes(unsigned char *s, const fe h) {
int32_t h0 = h[0];
int32_t h1 = h[1];
int32_t h2 = h[2];
@@ -1591,7 +1589,7 @@ void ge_scalarmult_base(ge_p3 *h, const unsigned char *a) {
r = p - q
*/
-static void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q) {
+void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q) {
fe t0;
fe_add(r->X, p->Y, p->X);
fe_sub(r->Y, p->Y, p->X);
diff --git a/src/crypto/crypto-ops.h b/src/crypto/crypto-ops.h
index cdc5ac1ee..4986499f4 100644
--- a/src/crypto/crypto-ops.h
+++ b/src/crypto/crypto-ops.h
@@ -143,3 +143,11 @@ void sc_sub(unsigned char *, const unsigned char *, const unsigned char *);
void sc_mulsub(unsigned char *, const unsigned char *, const unsigned char *, const unsigned char *);
int sc_check(const unsigned char *);
int sc_isnonzero(const unsigned char *); /* Doesn't normalize */
+
+// internal
+uint64_t load_3(const unsigned char *in);
+uint64_t load_4(const unsigned char *in);
+void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
+void fe_add(fe h, const fe f, const fe g);
+void fe_tobytes(unsigned char *, const fe);
+void fe_invert(fe out, const fe z);
diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp
index f5e655274..250779ac3 100644
--- a/src/crypto/crypto.cpp
+++ b/src/crypto/crypto.cpp
@@ -151,7 +151,7 @@ namespace crypto {
return true;
}
- static void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) {
+ void crypto_ops::derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) {
struct {
key_derivation derivation;
char output_index[(sizeof(size_t) * 8 + 6) / 7];
@@ -230,7 +230,7 @@ namespace crypto {
buf.h = prefix_hash;
buf.key = pub;
if (ge_frombytes_vartime(&tmp3, &pub) != 0) {
- abort();
+ return false;
}
if (sc_check(&sig.c) != 0 || sc_check(&sig.r) != 0) {
return false;
@@ -364,7 +364,7 @@ POP_WARNINGS
return false;
}
if (ge_frombytes_vartime(&tmp3, &*pubs[i]) != 0) {
- abort();
+ return false;
}
ge_double_scalarmult_base_vartime(&tmp2, &sig[i].c, &tmp3, &sig[i].r);
ge_tobytes(&buf->ab[i].a, &tmp2);
diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index fa55c2aab..b396fc7db 100644
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -64,6 +64,22 @@ namespace crypto {
friend class crypto_ops;
};
+ POD_CLASS public_keyV {
+ std::vector<public_key> keys;
+ int rows;
+ };
+
+ POD_CLASS secret_keyV {
+ std::vector<secret_key> keys;
+ int rows;
+ };
+
+ POD_CLASS public_keyM {
+ int cols;
+ int rows;
+ std::vector<secret_keyV> column_vectors;
+ };
+
POD_CLASS key_derivation: ec_point {
friend class crypto_ops;
};
@@ -97,6 +113,8 @@ namespace crypto {
friend bool secret_key_to_public_key(const secret_key &, public_key &);
static bool generate_key_derivation(const public_key &, const secret_key &, key_derivation &);
friend bool generate_key_derivation(const public_key &, const secret_key &, key_derivation &);
+ static void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res);
+ friend void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res);
static bool derive_public_key(const key_derivation &, std::size_t, const public_key &, public_key &);
friend bool derive_public_key(const key_derivation &, std::size_t, const public_key &, public_key &);
static void derive_secret_key(const key_derivation &, std::size_t, const secret_key &, secret_key &);
@@ -165,6 +183,9 @@ namespace crypto {
const public_key &base, public_key &derived_key) {
return crypto_ops::derive_public_key(derivation, output_index, base, derived_key);
}
+ inline void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) {
+ return crypto_ops::derivation_to_scalar(derivation, output_index, res);
+ }
inline void derive_secret_key(const key_derivation &derivation, std::size_t output_index,
const secret_key &base, secret_key &derived_key) {
crypto_ops::derive_secret_key(derivation, output_index, base, derived_key);
diff --git a/src/crypto/keccak.c b/src/crypto/keccak.c
index 3ee2a887c..090d563a2 100644
--- a/src/crypto/keccak.c
+++ b/src/crypto/keccak.c
@@ -73,11 +73,11 @@ void keccakf(uint64_t st[25], int rounds)
// compute a keccak hash (md) of given byte length from "in"
typedef uint64_t state_t[25];
-int keccak(const uint8_t *in, int inlen, uint8_t *md, int mdlen)
+int keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen)
{
state_t st;
uint8_t temp[144];
- int i, rsiz, rsizw;
+ size_t i, rsiz, rsizw;
rsiz = sizeof(state_t) == mdlen ? HASH_DATA_AREA : 200 - 2 * mdlen;
rsizw = rsiz / 8;
@@ -106,7 +106,7 @@ int keccak(const uint8_t *in, int inlen, uint8_t *md, int mdlen)
return 0;
}
-void keccak1600(const uint8_t *in, int inlen, uint8_t *md)
+void keccak1600(const uint8_t *in, size_t inlen, uint8_t *md)
{
keccak(in, inlen, md, sizeof(state_t));
}
diff --git a/src/crypto/keccak.h b/src/crypto/keccak.h
index 4f7f85729..fbd8e1904 100644
--- a/src/crypto/keccak.h
+++ b/src/crypto/keccak.h
@@ -16,11 +16,11 @@
#endif
// compute a keccak hash (md) of given byte length from "in"
-int keccak(const uint8_t *in, int inlen, uint8_t *md, int mdlen);
+int keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen);
// update the state
void keccakf(uint64_t st[25], int norounds);
-void keccak1600(const uint8_t *in, int inlen, uint8_t *md);
+void keccak1600(const uint8_t *in, size_t inlen, uint8_t *md);
#endif
diff --git a/src/cryptonote_config.h b/src/cryptonote_config.h
index 1a093b501..50f61e346 100644
--- a/src/cryptonote_config.h
+++ b/src/cryptonote_config.h
@@ -41,7 +41,7 @@
#define CRYPTONOTE_MAX_TX_SIZE 1000000000
#define CRYPTONOTE_PUBLIC_ADDRESS_TEXTBLOB_VER 0
#define CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW 60
-#define CURRENT_TRANSACTION_VERSION 1
+#define CURRENT_TRANSACTION_VERSION 2
#define CURRENT_BLOCK_MAJOR_VERSION 1
#define CURRENT_BLOCK_MINOR_VERSION 0
#define CRYPTONOTE_BLOCK_FUTURE_TIME_LIMIT 60*60*2
diff --git a/src/cryptonote_core/CMakeLists.txt b/src/cryptonote_core/CMakeLists.txt
index 205356797..4ebfd01e3 100644
--- a/src/cryptonote_core/CMakeLists.txt
+++ b/src/cryptonote_core/CMakeLists.txt
@@ -28,7 +28,6 @@
set(cryptonote_core_sources
account.cpp
- blockchain_storage.cpp
blockchain.cpp
checkpoints.cpp
cryptonote_basic_impl.cpp
@@ -44,7 +43,6 @@ set(cryptonote_core_headers)
set(cryptonote_core_private_headers
account.h
account_boost_serialization.h
- blockchain_storage.h
blockchain_storage_boost_serialization.h
blockchain.h
checkpoints.h
@@ -80,6 +78,7 @@ target_link_libraries(cryptonote_core
crypto
otshell_utils
blockchain_db
+ ringct
${Boost_DATE_TIME_LIBRARY}
${Boost_PROGRAM_OPTIONS_LIBRARY}
${Boost_SERIALIZATION_LIBRARY}
diff --git a/src/cryptonote_core/blockchain.cpp b/src/cryptonote_core/blockchain.cpp
index cc6b48b6b..ef72dac59 100644
--- a/src/cryptonote_core/blockchain.cpp
+++ b/src/cryptonote_core/blockchain.cpp
@@ -51,6 +51,7 @@
#include "crypto/hash.h"
#include "cryptonote_core/checkpoints.h"
#include "cryptonote_core/cryptonote_core.h"
+#include "ringct/rctSigs.h"
#if defined(PER_BLOCK_CHECKPOINT)
#include "blocks/blocks.h"
#endif
@@ -98,6 +99,10 @@ static const struct {
// version 2 starts from block 624634, which is on or around the 23rd of November, 2015. Fork time finalised on 2015-11-20. No fork voting occurs for the v2 fork.
{ 2, 624634, 0, 1445355000 },
+
+ { 3, 800500, 0, 1472415034 },
+ { 4, 801220, 0, 1472415035 },
+ { 5, 802660, 0, 1472415036 },
};
static const uint64_t testnet_hard_fork_version_1_till = 624633;
@@ -127,7 +132,7 @@ bool Blockchain::have_tx_keyimg_as_spent(const crypto::key_image &key_im) const
// and collects the public key for each from the transaction it was included in
// via the visitor passed to it.
template <class visitor_t>
-bool Blockchain::scan_outputkeys_for_indexes(const txin_to_key& tx_in_to_key, visitor_t &vis, const crypto::hash &tx_prefix_hash, uint64_t* pmax_related_block_height) const
+bool Blockchain::scan_outputkeys_for_indexes(size_t tx_version, const txin_to_key& tx_in_to_key, visitor_t &vis, const crypto::hash &tx_prefix_hash, uint64_t* pmax_related_block_height) const
{
LOG_PRINT_L3("Blockchain::" << __func__);
@@ -207,7 +212,7 @@ bool Blockchain::scan_outputkeys_for_indexes(const txin_to_key& tx_in_to_key, vi
output_index = m_db->get_output_key(tx_in_to_key.amount, i);
// call to the passed boost visitor to grab the public key for the output
- if (!vis.handle_output(output_index.unlock_time, output_index.pubkey))
+ if (!vis.handle_output(output_index.unlock_time, output_index.pubkey, output_index.commitment))
{
LOG_PRINT_L0("Failed to handle_output for output no = " << count << ", with absolute offset " << i);
return false;
@@ -958,7 +963,7 @@ bool Blockchain::validate_miner_transaction(const block& b, size_t cumulative_bl
money_in_use += o.amount;
partial_block_reward = false;
- if (version >= 3) {
+ if (version == 3) {
for (auto &o: b.miner_tx.vout) {
if (!is_valid_decomposed_amount(o.amount)) {
LOG_PRINT_L1("miner tx output " << print_money(o.amount) << " is not a valid decomposed amount");
@@ -969,7 +974,7 @@ bool Blockchain::validate_miner_transaction(const block& b, size_t cumulative_bl
std::vector<size_t> last_blocks_sizes;
get_last_n_blocks_sizes(last_blocks_sizes, CRYPTONOTE_REWARD_BLOCKS_WINDOW);
- if (!get_block_reward(epee::misc_utils::median(last_blocks_sizes), cumulative_block_size, already_generated_coins, base_reward, get_current_hard_fork_version()))
+ if (!get_block_reward(epee::misc_utils::median(last_blocks_sizes), cumulative_block_size, already_generated_coins, base_reward, version))
{
LOG_PRINT_L1("block size " << cumulative_block_size << " is bigger than allowed for this blockchain");
return false;
@@ -1086,14 +1091,24 @@ bool Blockchain::create_block_template(block& b, const account_public_address& m
{
LOG_ERROR("Creating block template: error: invalid transaction size");
}
- uint64_t inputs_amount;
- if (!get_inputs_money_amount(cur_tx.tx, inputs_amount))
+ if (cur_tx.tx.version == 1)
{
- LOG_ERROR("Creating block template: error: cannot get inputs amount");
+ uint64_t inputs_amount;
+ if (!get_inputs_money_amount(cur_tx.tx, inputs_amount))
+ {
+ LOG_ERROR("Creating block template: error: cannot get inputs amount");
+ }
+ else if (cur_tx.fee != inputs_amount - get_outs_money_amount(cur_tx.tx))
+ {
+ LOG_ERROR("Creating block template: error: invalid fee");
+ }
}
- else if (cur_tx.fee != inputs_amount - get_outs_money_amount(cur_tx.tx))
+ else
{
- LOG_ERROR("Creating block template: error: invalid fee");
+ if (cur_tx.fee != cur_tx.tx.txnFee)
+ {
+ LOG_ERROR("Creating block template: error: invalid fee");
+ }
}
}
if (txs_size != real_txs_size)
@@ -1117,7 +1132,9 @@ bool Blockchain::create_block_template(block& b, const account_public_address& m
block size, so first miner transaction generated with fake amount of money, and with phase we know think we know expected block size
*/
//make blocks coin-base tx looks close to real coinbase tx to get truthful blob size
- bool r = construct_miner_tx(height, median_size, already_generated_coins, txs_size, fee, miner_address, b.miner_tx, ex_nonce, 11, m_hardfork->get_current_version());
+ uint8_t hf_version = m_hardfork->get_current_version();
+ size_t max_outs = hf_version >= 4 ? 1 : 11;
+ bool r = construct_miner_tx(height, median_size, already_generated_coins, txs_size, fee, miner_address, b.miner_tx, ex_nonce, max_outs, hf_version);
CHECK_AND_ASSERT_MES(r, false, "Failed to construc miner tx, first chance");
size_t cumulative_size = txs_size + get_object_blobsize(b.miner_tx);
#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
@@ -1126,7 +1143,7 @@ bool Blockchain::create_block_template(block& b, const account_public_address& m
#endif
for (size_t try_count = 0; try_count != 10; ++try_count)
{
- r = construct_miner_tx(height, median_size, already_generated_coins, cumulative_size, fee, miner_address, b.miner_tx, ex_nonce, 11, m_hardfork->get_current_version());
+ r = construct_miner_tx(height, median_size, already_generated_coins, cumulative_size, fee, miner_address, b.miner_tx, ex_nonce, max_outs, hf_version);
CHECK_AND_ASSERT_MES(r, false, "Failed to construc miner tx, second chance");
size_t coinbase_blob_size = get_object_blobsize(b.miner_tx);
@@ -1597,6 +1614,139 @@ bool Blockchain::get_random_outs_for_amounts(const COMMAND_RPC_GET_RANDOM_OUTPUT
return true;
}
//------------------------------------------------------------------
+// This function adds the ringct output at index i to the list
+// unlocked and other such checks should be done by here.
+void Blockchain::add_out_to_get_rct_random_outs(std::list<COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::out_entry>& outs, uint64_t amount, size_t i) const
+{
+ LOG_PRINT_L3("Blockchain::" << __func__);
+ CRITICAL_REGION_LOCAL(m_blockchain_lock);
+
+ COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::out_entry& oen = *outs.insert(outs.end(), COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::out_entry());
+ oen.amount = amount;
+ oen.global_amount_index = i;
+ output_data_t data = m_db->get_output_key(amount, i);
+ oen.out_key = data.pubkey;
+ oen.commitment = data.commitment;
+}
+//------------------------------------------------------------------
+// This function takes an RPC request for mixins and creates an RPC response
+// with the requested mixins.
+// TODO: figure out why this returns boolean / if we should be returning false
+// in some cases
+bool Blockchain::get_random_rct_outs(const COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::request& req, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::response& res) const
+{
+ LOG_PRINT_L3("Blockchain::" << __func__);
+ CRITICAL_REGION_LOCAL(m_blockchain_lock);
+
+ // for each amount that we need to get mixins for, get <n> random outputs
+ // from BlockchainDB where <n> is req.outs_count (number of mixins).
+ auto num_outs = m_db->get_num_outputs(0);
+ // ensure we don't include outputs that aren't yet eligible to be used
+ // outpouts are sorted by height
+ while (num_outs > 0)
+ {
+ const tx_out_index toi = m_db->get_output_tx_and_index(0, num_outs - 1);
+ const uint64_t height = m_db->get_tx_block_height(toi.first);
+ if (height + CRYPTONOTE_DEFAULT_TX_SPENDABLE_AGE <= m_db->height())
+ break;
+ --num_outs;
+ }
+
+ std::unordered_set<uint64_t> seen_indices;
+
+ // if there aren't enough outputs to mix with (or just enough),
+ // use all of them. Eventually this should become impossible.
+ if (num_outs <= req.outs_count)
+ {
+ for (uint64_t i = 0; i < num_outs; i++)
+ {
+ // get tx_hash, tx_out_index from DB
+ tx_out_index toi = m_db->get_output_tx_and_index(0, i);
+
+ // if tx is unlocked, add output to result_outs
+ if (is_tx_spendtime_unlocked(m_db->get_tx_unlock_time(toi.first)))
+ {
+ add_out_to_get_rct_random_outs(res.outs, 0, i);
+ }
+ }
+ }
+ else
+ {
+ // while we still need more mixins
+ while (res.outs.size() < req.outs_count)
+ {
+ // if we've gone through every possible output, we've gotten all we can
+ if (seen_indices.size() == num_outs)
+ {
+ break;
+ }
+
+ // get a random output index from the DB. If we've already seen it,
+ // return to the top of the loop and try again, otherwise add it to the
+ // list of output indices we've seen.
+
+ // triangular distribution over [a,b) with a=0, mode c=b=up_index_limit
+ uint64_t r = crypto::rand<uint64_t>() % ((uint64_t)1 << 53);
+ double frac = std::sqrt((double)r / ((uint64_t)1 << 53));
+ uint64_t i = (uint64_t)(frac*num_outs);
+ // just in case rounding up to 1 occurs after sqrt
+ if (i == num_outs)
+ --i;
+
+ if (seen_indices.count(i))
+ {
+ continue;
+ }
+ seen_indices.emplace(i);
+
+ // get tx_hash, tx_out_index from DB
+ tx_out_index toi = m_db->get_output_tx_and_index(0, i);
+
+ // if the output's transaction is unlocked, add the output's index to
+ // our list.
+ if (is_tx_spendtime_unlocked(m_db->get_tx_unlock_time(toi.first)))
+ {
+ add_out_to_get_rct_random_outs(res.outs, 0, i);
+ }
+ }
+ }
+
+ if (res.outs.size() < req.outs_count)
+ return false;
+#if 0
+ // if we do not have enough RCT inputs, we can pick from the non RCT ones
+ // which will have a zero mask
+ if (res.outs.size() < req.outs_count)
+ {
+ LOG_PRINT_L0("Out of RCT inputs (" << res.outs.size() << "/" << req.outs_count << "), using regular ones");
+
+ // TODO: arbitrary selection, needs better
+ COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::request req2 = AUTO_VAL_INIT(req2);
+ COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::response res2 = AUTO_VAL_INIT(res2);
+ req2.outs_count = req.outs_count - res.outs.size();
+ static const uint64_t amounts[] = {1, 10, 20, 50, 100, 200, 500, 1000, 10000};
+ for (uint64_t a: amounts)
+ req2.amounts.push_back(a);
+ if (!get_random_outs_for_amounts(req2, res2))
+ return false;
+
+ // pick random ones from there
+ while (res.outs.size() < req.outs_count)
+ {
+ int list_idx = rand() % (sizeof(amounts)/sizeof(amounts[0]));
+ if (!res2.outs[list_idx].outs.empty())
+ {
+ const COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::out_entry oe = res2.outs[list_idx].outs.back();
+ res2.outs[list_idx].outs.pop_back();
+ add_out_to_get_rct_random_outs(res.outs, res2.outs[list_idx].amount, oe.global_amount_index);
+ }
+ }
+ }
+#endif
+
+ return true;
+}
+//------------------------------------------------------------------
bool Blockchain::get_outs(const COMMAND_RPC_GET_OUTPUTS::request& req, COMMAND_RPC_GET_OUTPUTS::response& res) const
{
LOG_PRINT_L3("Blockchain::" << __func__);
@@ -1607,11 +1757,11 @@ bool Blockchain::get_outs(const COMMAND_RPC_GET_OUTPUTS::request& req, COMMAND_R
for (const auto &i: req.outputs)
{
// get tx_hash, tx_out_index from DB
- crypto::public_key key = m_db->get_output_key(i.amount, i.index).pubkey;
+ const output_data_t &od = m_db->get_output_key(i.amount, i.index);
tx_out_index toi = m_db->get_output_tx_and_index(i.amount, i.index);
bool unlocked = is_tx_spendtime_unlocked(m_db->get_tx_unlock_time(toi.first));
- res.outs.push_back({key, unlocked});
+ res.outs.push_back({od.pubkey, od.commitment, unlocked});
}
return true;
}
@@ -2012,7 +2162,7 @@ bool Blockchain::get_tx_outputs_gindexs(const crypto::hash& tx_id, std::vector<u
// This function overloads its sister function with
// an extra value (hash of highest block that holds an output used as input)
// as a return-by-reference.
-bool Blockchain::check_tx_inputs(const transaction& tx, uint64_t& max_used_block_height, crypto::hash& max_used_block_id, tx_verification_context &tvc, bool kept_by_block)
+bool Blockchain::check_tx_inputs(transaction& tx, uint64_t& max_used_block_height, crypto::hash& max_used_block_id, tx_verification_context &tvc, bool kept_by_block)
{
LOG_PRINT_L3("Blockchain::" << __func__);
CRITICAL_REGION_LOCAL(m_blockchain_lock);
@@ -2055,9 +2205,24 @@ bool Blockchain::check_tx_outputs(const transaction& tx, tx_verification_context
// from hard fork 2, we forbid dust and compound outputs
if (m_hardfork->get_current_version() >= 2) {
for (auto &o: tx.vout) {
- if (!is_valid_decomposed_amount(o.amount)) {
- tvc.m_invalid_output = true;
- return false;
+ if (tx.version == 1)
+ {
+ if (!is_valid_decomposed_amount(o.amount)) {
+ tvc.m_invalid_output = true;
+ return false;
+ }
+ }
+ }
+ }
+
+ // in a v2 tx, all outputs must have 0 amount
+ if (m_hardfork->get_current_version() >= 3) {
+ if (tx.version >= 2) {
+ for (auto &o: tx.vout) {
+ if (o.amount != 0) {
+ tvc.m_invalid_output = true;
+ return false;
+ }
}
}
}
@@ -2076,13 +2241,83 @@ bool Blockchain::have_tx_keyimges_as_spent(const transaction &tx) const
}
return false;
}
+bool Blockchain::expand_transaction_2(transaction &tx, const crypto::hash &tx_prefix_hash, const std::vector<std::vector<rct::ctkey>> &pubkeys)
+{
+ CHECK_AND_ASSERT_MES(tx.version == 2, false, "Transaction version is not 2");
+
+ rct::rctSig &rv = tx.rct_signatures;
+
+ // message - hash of the transaction prefix
+ rv.message = rct::hash2rct(tx_prefix_hash);
+
+ // mixRing - full and simple store it in opposite ways
+ if (rv.type == rct::RCTTypeFull)
+ {
+ rv.mixRing.resize(pubkeys[0].size());
+ for (size_t m = 0; m < pubkeys[0].size(); ++m)
+ rv.mixRing[m].clear();
+ for (size_t n = 0; n < pubkeys.size(); ++n)
+ {
+ CHECK_AND_ASSERT_MES(pubkeys[n].size() <= pubkeys[0].size(), false, "More inputs that first ring");
+ for (size_t m = 0; m < pubkeys[n].size(); ++m)
+ {
+ rv.mixRing[m].push_back(pubkeys[n][m]);
+ }
+ }
+ }
+ else if (rv.type == rct::RCTTypeSimple)
+ {
+ rv.mixRing.resize(pubkeys.size());
+ for (size_t n = 0; n < pubkeys.size(); ++n)
+ {
+ rv.mixRing[n].clear();
+ for (size_t m = 0; m < pubkeys[n].size(); ++m)
+ {
+ rv.mixRing[n].push_back(pubkeys[n][m]);
+ }
+ }
+ }
+ else
+ {
+ CHECK_AND_ASSERT_MES(false, false, "Unsupported rct tx type: " + boost::lexical_cast<std::string>(rv.type));
+ }
+
+ // II
+ if (rv.type == rct::RCTTypeFull)
+ {
+ rv.p.MGs.resize(1);
+ rv.p.MGs[0].II.resize(tx.vin.size());
+ for (size_t n = 0; n < tx.vin.size(); ++n)
+ rv.p.MGs[0].II[n] = rct::ki2rct(boost::get<txin_to_key>(tx.vin[n]).k_image);
+ }
+ else if (rv.type == rct::RCTTypeSimple)
+ {
+ CHECK_AND_ASSERT_MES(rv.p.MGs.size() == tx.vin.size(), false, "Bad MGs size");
+ for (size_t n = 0; n < tx.vin.size(); ++n)
+ {
+ rv.p.MGs[n].II.resize(1);
+ rv.p.MGs[n].II[0] = rct::ki2rct(boost::get<txin_to_key>(tx.vin[n]).k_image);
+ }
+ }
+ else
+ {
+ CHECK_AND_ASSERT_MES(false, false, "Unsupported rct tx type: " + boost::lexical_cast<std::string>(rv.type));
+ }
+
+ // outPk
+ CHECK_AND_ASSERT_MES(rv.outPk.size() == tx.vout.size(), false, "Bad outPk size");
+ for (size_t n = 0; n < tx.rct_signatures.outPk.size(); ++n)
+ rv.outPk[n].dest = rct::pk2rct(boost::get<txout_to_key>(tx.vout[n].target).key);
+
+ return true;
+}
//------------------------------------------------------------------
// This function validates transaction inputs and their keys.
// FIXME: consider moving functionality specific to one input into
// check_tx_input() rather than here, and use this function simply
// to iterate the inputs as necessary (splitting the task
// using threads, etc.)
-bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context &tvc, uint64_t* pmax_used_block_height)
+bool Blockchain::check_tx_inputs(transaction& tx, tx_verification_context &tvc, uint64_t* pmax_used_block_height)
{
LOG_PRINT_L3("Blockchain::" << __func__);
size_t sig_index = 0;
@@ -2091,30 +2326,44 @@ bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context
crypto::hash tx_prefix_hash = get_transaction_prefix_hash(tx);
+ const uint8_t hf_version = m_hardfork->get_current_version();
+
// from hard fork 2, we require mixin at least 2 unless one output cannot mix with 2 others
// if one output cannot mix with 2 others, we accept at most 1 output that can mix
- if (m_hardfork->get_current_version() >= 2)
+ if (hf_version >= 2)
{
size_t n_unmixable = 0, n_mixable = 0;
size_t mixin = std::numeric_limits<size_t>::max();
+ const size_t min_mixin = hf_version >= 5 ? 4 : 2;
for (const auto& txin : tx.vin)
{
// non txin_to_key inputs will be rejected below
if (txin.type() == typeid(txin_to_key))
{
const txin_to_key& in_to_key = boost::get<txin_to_key>(txin);
- uint64_t n_outputs = m_db->get_num_outputs(in_to_key.amount);
- LOG_PRINT_L2("output size " << print_money(in_to_key.amount) << ": " << n_outputs << " available");
- // n_outputs includes the output we're considering
- if (n_outputs <= 2)
- ++n_unmixable;
- else
+ if (in_to_key.amount == 0)
+ {
+ // always consider rct inputs mixable. Even if there's not enough rct
+ // inputs on the chain to mix with, this is going to be the case for
+ // just a few blocks right after the fork at most
++n_mixable;
+ }
+ else
+ {
+ uint64_t n_outputs = m_db->get_num_outputs(in_to_key.amount);
+ LOG_PRINT_L2("output size " << print_money(in_to_key.amount) << ": " << n_outputs << " available");
+ // n_outputs includes the output we're considering
+ if (n_outputs <= min_mixin)
+ ++n_unmixable;
+ else
+ ++n_mixable;
+ }
if (in_to_key.key_offsets.size() - 1 < mixin)
mixin = in_to_key.key_offsets.size() - 1;
}
}
- if (mixin < 2)
+
+ if (mixin < min_mixin)
{
if (n_unmixable == 0)
{
@@ -2129,6 +2378,22 @@ bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context
return false;
}
}
+
+ // min/max tx version based on HF, and we accept v1 txes if having a non mixable
+ const size_t max_tx_version = (hf_version <= 3) ? 1 : 2;
+ if (tx.version > max_tx_version)
+ {
+ LOG_PRINT_L1("transaction version " << (unsigned)tx.version << " is higher than max accepted version " << max_tx_version);
+ tvc.m_verifivation_failed = true;
+ return false;
+ }
+ const size_t min_tx_version = (n_unmixable > 0 ? 1 : (hf_version >= 5) ? 2 : 1);
+ if (tx.version < min_tx_version)
+ {
+ LOG_PRINT_L1("transaction version " << (unsigned)tx.version << " is lower than min accepted version " << min_tx_version);
+ tvc.m_verifivation_failed = true;
+ return false;
+ }
}
auto it = m_check_txin_table.find(tx_prefix_hash);
@@ -2140,7 +2405,7 @@ bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context
}
uint64_t t_t1 = 0;
- std::vector<std::vector<crypto::public_key>> pubkeys(tx.vin.size());
+ std::vector<std::vector<rct::ctkey>> pubkeys(tx.vin.size());
std::vector < uint64_t > results;
results.resize(tx.vin.size(), 0);
@@ -2189,28 +2454,31 @@ bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context
return false;
}
- // basically, make sure number of inputs == number of signatures
- CHECK_AND_ASSERT_MES(sig_index < tx.signatures.size(), false, "wrong transaction: not signature entry for input with index= " << sig_index);
+ if (tx.version == 1)
+ {
+ // basically, make sure number of inputs == number of signatures
+ CHECK_AND_ASSERT_MES(sig_index < tx.signatures.size(), false, "wrong transaction: not signature entry for input with index= " << sig_index);
#if defined(CACHE_VIN_RESULTS)
- auto itk = it->second.find(in_to_key.k_image);
- if(itk != it->second.end())
- {
- if(!itk->second)
+ auto itk = it->second.find(in_to_key.k_image);
+ if(itk != it->second.end())
{
- LOG_PRINT_L1("Failed ring signature for tx " << get_transaction_hash(tx) << " vin key with k_image: " << in_to_key.k_image << " sig_index: " << sig_index);
- return false;
- }
+ if(!itk->second)
+ {
+ LOG_PRINT_L1("Failed ring signature for tx " << get_transaction_hash(tx) << " vin key with k_image: " << in_to_key.k_image << " sig_index: " << sig_index);
+ return false;
+ }
- // txin has been verified already, skip
- sig_index++;
- continue;
- }
+ // txin has been verified already, skip
+ sig_index++;
+ continue;
+ }
#endif
+ }
// make sure that output being spent matches up correctly with the
// signature spending it.
- if (!check_tx_input(in_to_key, tx_prefix_hash, tx.signatures[sig_index], pubkeys[sig_index], pmax_used_block_height))
+ if (!check_tx_input(tx.version, in_to_key, tx_prefix_hash, tx.version == 1 ? tx.signatures[sig_index] : std::vector<crypto::signature>(), tx.rct_signatures, pubkeys[sig_index], pmax_used_block_height))
{
it->second[in_to_key.k_image] = false;
LOG_PRINT_L1("Failed to check ring signature for tx " << get_transaction_hash(tx) << " vin key with k_image: " << in_to_key.k_image << " sig_index: " << sig_index);
@@ -2222,28 +2490,31 @@ bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context
return false;
}
- if (threads > 1)
+ if (tx.version == 1)
{
- // ND: Speedup
- // 1. Thread ring signature verification if possible.
- ioservice.dispatch(boost::bind(&Blockchain::check_ring_signature, this, std::cref(tx_prefix_hash), std::cref(in_to_key.k_image), std::cref(pubkeys[sig_index]), std::cref(tx.signatures[sig_index]), std::ref(results[sig_index])));
- }
- else
- {
- check_ring_signature(tx_prefix_hash, in_to_key.k_image, pubkeys[sig_index], tx.signatures[sig_index], results[sig_index]);
- if (!results[sig_index])
+ if (threads > 1)
{
- it->second[in_to_key.k_image] = false;
- LOG_PRINT_L1("Failed to check ring signature for tx " << get_transaction_hash(tx) << " vin key with k_image: " << in_to_key.k_image << " sig_index: " << sig_index);
-
- if (pmax_used_block_height) // a default value of NULL is used when called from Blockchain::handle_block_to_main_chain()
+ // ND: Speedup
+ // 1. Thread ring signature verification if possible.
+ ioservice.dispatch(boost::bind(&Blockchain::check_ring_signature, this, std::cref(tx_prefix_hash), std::cref(in_to_key.k_image), std::cref(pubkeys[sig_index]), std::cref(tx.signatures[sig_index]), std::ref(results[sig_index])));
+ }
+ else
+ {
+ check_ring_signature(tx_prefix_hash, in_to_key.k_image, pubkeys[sig_index], tx.signatures[sig_index], results[sig_index]);
+ if (!results[sig_index])
{
- LOG_PRINT_L1("*pmax_used_block_height: " << *pmax_used_block_height);
- }
+ it->second[in_to_key.k_image] = false;
+ LOG_PRINT_L1("Failed to check ring signature for tx " << get_transaction_hash(tx) << " vin key with k_image: " << in_to_key.k_image << " sig_index: " << sig_index);
- return false;
+ if (pmax_used_block_height) // a default value of NULL is used when called from Blockchain::handle_block_to_main_chain()
+ {
+ LOG_PRINT_L1("*pmax_used_block_height: " << *pmax_used_block_height);
+ }
+
+ return false;
+ }
+ it->second[in_to_key.k_image] = true;
}
- it->second[in_to_key.k_image] = true;
}
sig_index++;
@@ -2251,30 +2522,170 @@ bool Blockchain::check_tx_inputs(const transaction& tx, tx_verification_context
KILL_IOSERVICE();
- if (threads > 1)
+ if (tx.version == 1)
+ {
+ if (threads > 1)
+ {
+ // save results to table, passed or otherwise
+ bool failed = false;
+ for (size_t i = 0; i < tx.vin.size(); i++)
+ {
+ const txin_to_key& in_to_key = boost::get<txin_to_key>(tx.vin[i]);
+ it->second[in_to_key.k_image] = results[i];
+ if(!failed && !results[i])
+ failed = true;
+ }
+
+ if (failed)
+ {
+ LOG_PRINT_L1("Failed to check ring signatures!, t_loop: " << t_t1);
+ return false;
+ }
+ }
+ }
+ else
{
- // save results to table, passed or otherwise
- bool failed = false;
- for (size_t i = 0; i < tx.vin.size(); i++)
+ if (!expand_transaction_2(tx, tx_prefix_hash, pubkeys))
{
- const txin_to_key& in_to_key = boost::get<txin_to_key>(tx.vin[i]);
- it->second[in_to_key.k_image] = results[i];
- if(!failed && !results[i])
- failed = true;
+ LOG_PRINT_L1("Failed to expand rct signatures!");
+ return false;
}
- if (failed)
+ // from version 2, check ringct signatures
+ // obviously, the original and simple rct APIs use a mixRing that's indexes
+ // in opposite orders, because it'd be too simple otherwise...
+ const rct::rctSig &rv = tx.rct_signatures;
+ switch (rv.type)
{
- LOG_PRINT_L1("Failed to check ring signatures!, t_loop: " << t_t1);
+ case rct::RCTTypeNull: {
+ // we only accept no signatures for coinbase txes
+ LOG_PRINT_L1("Null rct signature on non-coinbase tx");
+ return false;
+ }
+ case rct::RCTTypeSimple: {
+ // check all this, either recontructed (so should really pass), or not
+ {
+ if (pubkeys.size() != rv.mixRing.size())
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched pubkeys/mixRing size");
+ return false;
+ }
+ for (size_t i = 0; i < pubkeys.size(); ++i)
+ {
+ if (pubkeys[i].size() != rv.mixRing[i].size())
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched pubkeys/mixRing size");
+ return false;
+ }
+ }
+
+ for (size_t n = 0; n < pubkeys.size(); ++n)
+ {
+ for (size_t m = 0; m < pubkeys[n].size(); ++m)
+ {
+ if (pubkeys[n][m].dest != rct::rct2pk(rv.mixRing[n][m].dest))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched pubkey at vin " << n << ", index " << m);
+ return false;
+ }
+ if (pubkeys[n][m].mask != rct::rct2pk(rv.mixRing[n][m].mask))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched commitment at vin " << n << ", index " << m);
+ return false;
+ }
+ }
+ }
+ }
+
+ if (rv.p.MGs.size() != tx.vin.size())
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched MGs/vin sizes");
+ return false;
+ }
+ for (size_t n = 0; n < tx.vin.size(); ++n)
+ {
+ if (memcmp(&boost::get<txin_to_key>(tx.vin[n]).k_image, &rv.p.MGs[n].II[0], 32))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched key image");
+ return false;
+ }
+ }
+
+ if (!rct::verRctSimple(rv))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures!");
+ return false;
+ }
+ break;
+ }
+ case rct::RCTTypeFull: {
+ // check all this, either recontructed (so should really pass), or not
+ {
+ bool size_matches = true;
+ for (size_t i = 0; i < pubkeys.size(); ++i)
+ size_matches &= pubkeys[i].size() == rv.mixRing.size();
+ for (size_t i = 0; i < rv.mixRing.size(); ++i)
+ size_matches &= pubkeys.size() == rv.mixRing[i].size();
+ if (!size_matches)
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched pubkeys/mixRing size");
+ return false;
+ }
+
+ for (size_t n = 0; n < pubkeys.size(); ++n)
+ {
+ for (size_t m = 0; m < pubkeys[n].size(); ++m)
+ {
+ if (pubkeys[n][m].dest != rct::rct2pk(rv.mixRing[m][n].dest))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched pubkey at vin " << n << ", index " << m);
+ return false;
+ }
+ if (pubkeys[n][m].mask != rct::rct2pk(rv.mixRing[m][n].mask))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched commitment at vin " << n << ", index " << m);
+ return false;
+ }
+ }
+ }
+ }
+
+ if (rv.p.MGs.size() != 1)
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: Bad MGs size");
+ return false;
+ }
+ if (rv.p.MGs[0].II.size() != tx.vin.size())
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched II/vin sizes");
+ return false;
+ }
+ for (size_t n = 0; n < tx.vin.size(); ++n)
+ {
+ if (memcmp(&boost::get<txin_to_key>(tx.vin[n]).k_image, &rv.p.MGs[0].II[n], 32))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures: mismatched II/vin sizes");
+ return false;
+ }
+ }
+
+ if (!rct::verRct(rv))
+ {
+ LOG_PRINT_L1("Failed to check ringct signatures!");
+ return false;
+ }
+ break;
+ }
+ default:
+ LOG_PRINT_L1("Unsupported rct type: " << rv.type);
return false;
}
}
- LOG_PRINT_L1("t_loop: " << t_t1);
return true;
}
//------------------------------------------------------------------
-void Blockchain::check_ring_signature(const crypto::hash &tx_prefix_hash, const crypto::key_image &key_image, const std::vector<crypto::public_key> &pubkeys, const std::vector<crypto::signature>& sig, uint64_t &result)
+void Blockchain::check_ring_signature(const crypto::hash &tx_prefix_hash, const crypto::key_image &key_image, const std::vector<rct::ctkey> &pubkeys, const std::vector<crypto::signature>& sig, uint64_t &result)
{
if (m_is_in_checkpoint_zone)
{
@@ -2285,7 +2696,8 @@ void Blockchain::check_ring_signature(const crypto::hash &tx_prefix_hash, const
std::vector<const crypto::public_key *> p_output_keys;
for (auto &key : pubkeys)
{
- p_output_keys.push_back(&key);
+ // rct::key and crypto::public_key have the same structure, avoid object ctor/memcpy
+ p_output_keys.push_back(&(const crypto::public_key&)key.dest);
}
result = crypto::check_ring_signature(tx_prefix_hash, key_image, p_output_keys, sig.data()) ? 1 : 0;
@@ -2321,7 +2733,7 @@ bool Blockchain::is_tx_spendtime_unlocked(uint64_t unlock_time) const
// This function locates all outputs associated with a given input (mixins)
// and validates that they exist and are usable. It also checks the ring
// signature for each input.
-bool Blockchain::check_tx_input(const txin_to_key& txin, const crypto::hash& tx_prefix_hash, const std::vector<crypto::signature>& sig, std::vector<crypto::public_key> &output_keys, uint64_t* pmax_related_block_height)
+bool Blockchain::check_tx_input(size_t tx_version, const txin_to_key& txin, const crypto::hash& tx_prefix_hash, const std::vector<crypto::signature>& sig, const rct::rctSig &rct_signatures, std::vector<rct::ctkey> &output_keys, uint64_t* pmax_related_block_height)
{
LOG_PRINT_L3("Blockchain::" << __func__);
@@ -2331,13 +2743,13 @@ bool Blockchain::check_tx_input(const txin_to_key& txin, const crypto::hash& tx_
struct outputs_visitor
{
- std::vector<crypto::public_key >& m_output_keys;
+ std::vector<rct::ctkey >& m_output_keys;
const Blockchain& m_bch;
- outputs_visitor(std::vector<crypto::public_key>& output_keys, const Blockchain& bch) :
+ outputs_visitor(std::vector<rct::ctkey>& output_keys, const Blockchain& bch) :
m_output_keys(output_keys), m_bch(bch)
{
}
- bool handle_output(uint64_t unlock_time, const crypto::public_key &pubkey)
+ bool handle_output(uint64_t unlock_time, const crypto::public_key &pubkey, const rct::key &commitment)
{
//check tx unlock time
if (!m_bch.is_tx_spendtime_unlocked(unlock_time))
@@ -2351,7 +2763,7 @@ bool Blockchain::check_tx_input(const txin_to_key& txin, const crypto::hash& tx_
// but only txout_to_key outputs are stored in the DB in the first place, done in
// Blockchain*::add_output
- m_output_keys.push_back(pubkey);
+ m_output_keys.push_back(rct::ctkey({rct::pk2rct(pubkey), commitment}));
return true;
}
};
@@ -2360,7 +2772,7 @@ bool Blockchain::check_tx_input(const txin_to_key& txin, const crypto::hash& tx_
// collect output keys
outputs_visitor vi(output_keys, *this);
- if (!scan_outputkeys_for_indexes(txin, vi, tx_prefix_hash, pmax_related_block_height))
+ if (!scan_outputkeys_for_indexes(tx_version, txin, vi, tx_prefix_hash, pmax_related_block_height))
{
LOG_PRINT_L1("Failed to get output keys for tx with amount = " << print_money(txin.amount) << " and count indexes " << txin.key_offsets.size());
return false;
@@ -2371,7 +2783,10 @@ bool Blockchain::check_tx_input(const txin_to_key& txin, const crypto::hash& tx_
LOG_PRINT_L1("Output keys for tx with amount = " << txin.amount << " and count indexes " << txin.key_offsets.size() << " returned wrong keys count " << output_keys.size());
return false;
}
- CHECK_AND_ASSERT_MES(sig.size() == output_keys.size(), false, "internal error: tx signatures count=" << sig.size() << " mismatch with outputs keys count for inputs=" << output_keys.size());
+ if (tx_version == 1) {
+ CHECK_AND_ASSERT_MES(sig.size() == output_keys.size(), false, "internal error: tx signatures count=" << sig.size() << " mismatch with outputs keys count for inputs=" << output_keys.size());
+ }
+ // rct_signatures will be expanded after this
return true;
}
//------------------------------------------------------------------
@@ -2453,6 +2868,8 @@ void Blockchain::return_tx_to_pool(const std::vector<transaction> &txs)
//------------------------------------------------------------------
bool Blockchain::flush_txes_from_pool(const std::list<crypto::hash> &txids)
{
+ CRITICAL_REGION_LOCAL(m_tx_pool);
+
bool res = true;
for (const auto &txid: txids)
{
@@ -2461,7 +2878,7 @@ bool Blockchain::flush_txes_from_pool(const std::list<crypto::hash> &txids)
uint64_t fee;
bool relayed;
LOG_PRINT_L1("Removing txid " << txid << " from the pool");
- if(!m_tx_pool.take_tx(txid, tx, blob_size, fee, relayed))
+ if(m_tx_pool.have_tx(txid) && !m_tx_pool.take_tx(txid, tx, blob_size, fee, relayed))
{
LOG_PRINT_L0("Failed to remove txid " << txid << " from the pool");
res = false;
diff --git a/src/cryptonote_core/blockchain.h b/src/cryptonote_core/blockchain.h
index 1524693b8..94701608e 100644
--- a/src/cryptonote_core/blockchain.h
+++ b/src/cryptonote_core/blockchain.h
@@ -455,6 +455,23 @@ namespace cryptonote
bool get_outs(const COMMAND_RPC_GET_OUTPUTS::request& req, COMMAND_RPC_GET_OUTPUTS::response& res) const;
/**
+ * @brief gets random ringct outputs to mix with
+ *
+ * This function takes an RPC request for outputs to mix with
+ * and creates an RPC response with the resultant output indices
+ * and the matching keys.
+ *
+ * Outputs to mix with are randomly selected from the utxo set
+ * for each output amount in the request.
+ *
+ * @param req the output amounts and number of mixins to select
+ * @param res return-by-reference the resultant output indices
+ *
+ * @return true
+ */
+ bool get_random_rct_outs(const COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::request& req, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::response& res) const;
+
+ /**
* @brief gets the global indices for outputs from a given transaction
*
* This function gets the global indices for all outputs belonging
@@ -483,6 +500,7 @@ namespace cryptonote
* validates a transaction's inputs as correctly used and not previously
* spent. also returns the hash and height of the most recent block
* which contains an output that was used as an input to the transaction.
+ * The transaction's rct signatures, if any, are expanded.
*
* @param tx the transaction to validate
* @param pmax_used_block_height return-by-reference block height of most recent input
@@ -492,7 +510,7 @@ namespace cryptonote
*
* @return false if any input is invalid, otherwise true
*/
- bool check_tx_inputs(const transaction& tx, uint64_t& pmax_used_block_height, crypto::hash& max_used_block_id, tx_verification_context &tvc, bool kept_by_block = false);
+ bool check_tx_inputs(transaction& tx, uint64_t& pmax_used_block_height, crypto::hash& max_used_block_id, tx_verification_context &tvc, bool kept_by_block = false);
/**
* @brief check that a transaction's outputs conform to current standards
@@ -867,11 +885,12 @@ namespace cryptonote
* @param vis an instance of the visitor to use
* @param tx_prefix_hash the hash of the associated transaction_prefix
* @param pmax_related_block_height return-by-pointer the height of the most recent block in the input set
+ * @param tx_version version of the tx, if > 1 we also get commitments
*
* @return false if any keys are not found or any inputs are not unlocked, otherwise true
*/
template<class visitor_t>
- inline bool scan_outputkeys_for_indexes(const txin_to_key& tx_in_to_key, visitor_t &vis, const crypto::hash &tx_prefix_hash, uint64_t* pmax_related_block_height = NULL) const;
+ inline bool scan_outputkeys_for_indexes(size_t tx_version, const txin_to_key& tx_in_to_key, visitor_t &vis, const crypto::hash &tx_prefix_hash, uint64_t* pmax_related_block_height = NULL) const;
/**
* @brief collect output public keys of a transaction input set
@@ -883,15 +902,17 @@ namespace cryptonote
* If pmax_related_block_height is not NULL, its value is set to the height
* of the most recent block which contains an output used in the input set
*
+ * @param tx_version the transaction version
* @param txin the transaction input
* @param tx_prefix_hash the transaction prefix hash, for caching organization
* @param sig the input signature
* @param output_keys return-by-reference the public keys of the outputs in the input set
+ * @param rct_signatures the ringCT signatures, which are only valid if tx version > 1
* @param pmax_related_block_height return-by-pointer the height of the most recent block in the input set
*
* @return false if any output is not yet unlocked, or is missing, otherwise true
*/
- bool check_tx_input(const txin_to_key& txin, const crypto::hash& tx_prefix_hash, const std::vector<crypto::signature>& sig, std::vector<crypto::public_key> &output_keys, uint64_t* pmax_related_block_height);
+ bool check_tx_input(size_t tx_version,const txin_to_key& txin, const crypto::hash& tx_prefix_hash, const std::vector<crypto::signature>& sig, const rct::rctSig &rct_signatures, std::vector<rct::ctkey> &output_keys, uint64_t* pmax_related_block_height);
/**
* @brief validate a transaction's inputs and their keys
@@ -899,6 +920,7 @@ namespace cryptonote
* This function validates transaction inputs and their keys. Previously
* it also performed double spend checking, but that has been moved to its
* own function.
+ * The transaction's rct signatures, if any, are expanded.
*
* If pmax_related_block_height is not NULL, its value is set to the height
* of the most recent block which contains an output used in any input set
@@ -912,7 +934,7 @@ namespace cryptonote
*
* @return false if any validation step fails, otherwise true
*/
- bool check_tx_inputs(const transaction& tx, tx_verification_context &tvc, uint64_t* pmax_used_block_height = NULL);
+ bool check_tx_inputs(transaction& tx, tx_verification_context &tvc, uint64_t* pmax_used_block_height = NULL);
/**
* @brief performs a blockchain reorganization according to the longest chain rule
@@ -1054,6 +1076,15 @@ namespace cryptonote
void add_out_to_get_random_outs(COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount& result_outs, uint64_t amount, size_t i) const;
/**
+ * @brief adds the given output to the requested set of random ringct outputs
+ *
+ * @param outs return-by-reference the set the output is to be added to
+ * @param amount the output amount (0 for rct inputs)
+ * @param i the rct output index
+ */
+ void add_out_to_get_rct_random_outs(std::list<COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::out_entry>& outs, uint64_t amount, size_t i) const;
+
+ /**
* @brief checks if a transaction is unlocked (its outputs spendable)
*
* This function checks to see if a transaction is unlocked.
@@ -1172,7 +1203,7 @@ namespace cryptonote
* @param result false if the ring signature is invalid, otherwise true
*/
void check_ring_signature(const crypto::hash &tx_prefix_hash, const crypto::key_image &key_image,
- const std::vector<crypto::public_key> &pubkeys, const std::vector<crypto::signature> &sig, uint64_t &result);
+ const std::vector<rct::ctkey> &pubkeys, const std::vector<crypto::signature> &sig, uint64_t &result);
/**
* @brief loads block hashes from compiled-in data set
@@ -1182,5 +1213,14 @@ namespace cryptonote
* a useful state.
*/
void load_compiled_in_block_hashes();
+
+ /**
+ * @brief expands v2 transaction data from blockchain
+ *
+ * RingCT transactions do not transmit some of their data if it
+ * can be reconstituted by the receiver. This function expands
+ * that implicit data.
+ */
+ bool expand_transaction_2(transaction &tx, const crypto::hash &tx_prefix_hash, const std::vector<std::vector<rct::ctkey>> &pubkeys);
};
} // namespace cryptonote
diff --git a/src/cryptonote_core/blockchain_storage.cpp b/src/cryptonote_core/blockchain_storage.cpp
deleted file mode 100644
index a829b7cbe..000000000
--- a/src/cryptonote_core/blockchain_storage.cpp
+++ /dev/null
@@ -1,1952 +0,0 @@
-// Copyright (c) 2014-2016, The Monero Project
-//
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without modification, are
-// permitted provided that the following conditions are met:
-//
-// 1. Redistributions of source code must retain the above copyright notice, this list of
-// conditions and the following disclaimer.
-//
-// 2. Redistributions in binary form must reproduce the above copyright notice, this list
-// of conditions and the following disclaimer in the documentation and/or other
-// materials provided with the distribution.
-//
-// 3. Neither the name of the copyright holder nor the names of its contributors may be
-// used to endorse or promote products derived from this software without specific
-// prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
-// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
-// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
-// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
-
-#include <algorithm>
-#include <cstdio>
-#include <cmath>
-#include <boost/archive/binary_oarchive.hpp>
-#include <boost/archive/binary_iarchive.hpp>
-
-#include "include_base_utils.h"
-#include "cryptonote_basic_impl.h"
-#include "blockchain_storage.h"
-#include "cryptonote_format_utils.h"
-#include "cryptonote_boost_serialization.h"
-#include "blockchain_storage_boost_serialization.h"
-#include "cryptonote_config.h"
-#include "miner.h"
-#include "misc_language.h"
-#include "profile_tools.h"
-#include "file_io_utils.h"
-#include "common/boost_serialization_helper.h"
-#include "warnings.h"
-#include "crypto/hash.h"
-#include "cryptonote_core/checkpoints.h"
-//#include "serialization/json_archive.h"
-#include "../../contrib/otshell_utils/utils.hpp"
-#include "../../src/p2p/data_logger.hpp"
-
-using namespace cryptonote;
-
-DISABLE_VS_WARNINGS(4267)
-
-//------------------------------------------------------------------
-bool blockchain_storage::have_tx(const crypto::hash &id) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- return m_transactions.find(id) != m_transactions.end();
-}
-//------------------------------------------------------------------
-bool blockchain_storage::have_tx_keyimg_as_spent(const crypto::key_image &key_im) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- return m_spent_keys.find(key_im) != m_spent_keys.end();
-}
-//------------------------------------------------------------------
-const transaction *blockchain_storage::get_tx(const crypto::hash &id) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- auto it = m_transactions.find(id);
- if (it == m_transactions.end())
- return NULL;
-
- return &it->second.tx;
-}
-//------------------------------------------------------------------
-uint64_t blockchain_storage::get_current_blockchain_height() const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- return m_blocks.size();
-}
-//------------------------------------------------------------------
-bool blockchain_storage::init(const std::string& config_folder, bool testnet)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- m_config_folder = config_folder;
- m_testnet = testnet;
- LOG_PRINT_L0("Loading blockchain...");
- const std::string filename = m_config_folder + "/" CRYPTONOTE_BLOCKCHAINDATA_FILENAME;
- if(tools::unserialize_obj_from_file(*this, filename))
- {
-
- // checkpoints
-
- // mainchain
- for (size_t height=0; height < m_blocks.size(); ++height)
- {
- CHECK_AND_ASSERT_MES((!m_checkpoints.is_in_checkpoint_zone(height)) || m_checkpoints.check_block(height,get_block_hash(m_blocks[height].bl)),false,"checkpoint fail, blockchain.bin invalid");
- }
-
- // check alt chains
- #if 0
- // doesn't work when a checkpoint is added and there are already alt chains. However, the rest of the blockchain code suffers from the same issue, so ignore for now
- // see issue #118
- BOOST_FOREACH(blocks_ext_by_hash::value_type& alt_block, m_alternative_chains)
- {
- CHECK_AND_ASSERT_MES(m_checkpoints.is_alternative_block_allowed(m_blocks.size()-1,alt_block.second.height),false,"stored alternative block not allowed, blockchain.bin invalid");
- }
- #endif
- }
- else
- {
- LOG_PRINT_L0("Can't load blockchain storage from file, generating genesis block.");
- if (!store_genesis_block(testnet, true))
- return false;
- }
- if(!m_blocks.size())
- {
- LOG_PRINT_L0("Blockchain not loaded, generating genesis block.");
-
- if (!store_genesis_block(testnet, false)) {
- return false;
- }
- } else {
- cryptonote::block b;
-
- if (testnet)
- {
- generate_genesis_block(b, config::testnet::GENESIS_TX, config::testnet::GENESIS_NONCE);
- }
- else
- {
- generate_genesis_block(b, config::GENESIS_TX, config::GENESIS_NONCE);
- }
-
- crypto::hash genesis_hash = get_block_hash(m_blocks[0].bl);
- crypto::hash testnet_genesis_hash = get_block_hash(b);
- if (genesis_hash != testnet_genesis_hash) {
- LOG_ERROR("Failed to init: genesis block mismatch. Probably you set --testnet flag with data dir with non-test blockchain or another network.");
- return false;
- }
- }
- uint64_t timestamp_diff = time(NULL) - m_blocks.back().bl.timestamp;
- if(!m_blocks.back().bl.timestamp)
- timestamp_diff = time(NULL) - 1341378000;
- LOG_PRINT_GREEN("Blockchain initialized. last block: " << m_blocks.size() - 1 << ", " << epee::misc_utils::get_time_interval_string(timestamp_diff) << " time ago, current difficulty: " << get_difficulty_for_next_block(), LOG_LEVEL_0);
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::store_genesis_block(bool testnet, bool check_added) {
- block bl = ::boost::value_initialized<block>();
- block_verification_context bvc = boost::value_initialized<block_verification_context>();
-
- if (testnet)
- {
- generate_genesis_block(bl, config::testnet::GENESIS_TX, config::testnet::GENESIS_NONCE);
- }
- else
- {
- generate_genesis_block(bl, config::GENESIS_TX, config::GENESIS_NONCE);
- }
-
- add_new_block(bl, bvc);
- CHECK_AND_ASSERT_MES(!bvc.m_verifivation_failed && (bvc.m_added_to_main_chain || !check_added), false, "Failed to add genesis block to blockchain");
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::store_blockchain()
-{
- m_is_blockchain_storing = true;
- epee::misc_utils::auto_scope_leave_caller scope_exit_handler = epee::misc_utils::create_scope_leave_handler([&](){m_is_blockchain_storing=false;});
-
- LOG_PRINT_L0("Storing blockchain...");
- if (!tools::create_directories_if_necessary(m_config_folder))
- {
- LOG_PRINT_L0("Failed to create data directory: " << m_config_folder);
- return false;
- }
-
- const std::string temp_filename = m_config_folder + "/" CRYPTONOTE_BLOCKCHAINDATA_TEMP_FILENAME;
- // There is a chance that temp_filename and filename are hardlinks to the same file
- std::remove(temp_filename.c_str());
- if(!tools::serialize_obj_to_file(*this, temp_filename))
- {
- //achtung!
- LOG_ERROR("Failed to save blockchain data to file: " << temp_filename);
- return false;
- }
- const std::string filename = m_config_folder + "/" CRYPTONOTE_BLOCKCHAINDATA_FILENAME;
- std::error_code ec = tools::replace_file(temp_filename, filename);
- if (ec)
- {
- LOG_ERROR("Failed to rename blockchain data file " << temp_filename << " to " << filename << ": " << ec.message() << ':' << ec.value());
- return false;
- }
- LOG_PRINT_L0("Blockchain stored OK.");
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::deinit()
-{
- return store_blockchain();
-}
-//------------------------------------------------------------------
-bool blockchain_storage::pop_block_from_blockchain()
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- CHECK_AND_ASSERT_MES(m_blocks.size() > 1, false, "pop_block_from_blockchain: can't pop from blockchain with size = " << m_blocks.size());
- size_t h = m_blocks.size()-1;
- block_extended_info& bei = m_blocks[h];
- //crypto::hash id = get_block_hash(bei.bl);
- bool r = purge_block_data_from_blockchain(bei.bl, bei.bl.tx_hashes.size());
- CHECK_AND_ASSERT_MES(r, false, "Failed to purge_block_data_from_blockchain for block " << get_block_hash(bei.bl) << " on height " << h);
-
- //remove from index
- auto bl_ind = m_blocks_index.find(get_block_hash(bei.bl));
- CHECK_AND_ASSERT_MES(bl_ind != m_blocks_index.end(), false, "pop_block_from_blockchain: blockchain id not found in index");
- m_blocks_index.erase(bl_ind);
- //pop block from core
- m_blocks.pop_back();
- m_tx_pool->on_blockchain_dec(m_blocks.size()-1, get_tail_id());
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::reset_and_set_genesis_block(const block& b)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- m_transactions.clear();
- m_spent_keys.clear();
- m_blocks.clear();
- m_blocks_index.clear();
- m_alternative_chains.clear();
- m_outputs.clear();
-
- block_verification_context bvc = boost::value_initialized<block_verification_context>();
- add_new_block(b, bvc);
- return bvc.m_added_to_main_chain && !bvc.m_verifivation_failed;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::purge_transaction_keyimages_from_blockchain(const transaction& tx, bool strict_check)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- struct purge_transaction_visitor: public boost::static_visitor<bool>
- {
- key_images_container& m_spent_keys;
- bool m_strict_check;
- purge_transaction_visitor(key_images_container& spent_keys, bool strict_check):m_spent_keys(spent_keys), m_strict_check(strict_check){}
-
- bool operator()(const txin_to_key& inp) const
- {
- //const crypto::key_image& ki = inp.k_image;
- auto r = m_spent_keys.find(inp.k_image);
- if(r != m_spent_keys.end())
- {
- m_spent_keys.erase(r);
- }else
- {
- CHECK_AND_ASSERT_MES(!m_strict_check, false, "purge_block_data_from_blockchain: key image in transaction not found");
- }
- return true;
- }
- bool operator()(const txin_gen& inp) const
- {
- return true;
- }
- bool operator()(const txin_to_script& tx) const
- {
- return false;
- }
-
- bool operator()(const txin_to_scripthash& tx) const
- {
- return false;
- }
- };
-
- BOOST_FOREACH(const txin_v& in, tx.vin)
- {
- bool r = boost::apply_visitor(purge_transaction_visitor(m_spent_keys, strict_check), in);
- CHECK_AND_ASSERT_MES(!strict_check || r, false, "failed to process purge_transaction_visitor");
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::purge_transaction_from_blockchain(const crypto::hash& tx_id)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- auto tx_index_it = m_transactions.find(tx_id);
- CHECK_AND_ASSERT_MES(tx_index_it != m_transactions.end(), false, "purge_block_data_from_blockchain: transaction not found in blockchain index!!");
- transaction& tx = tx_index_it->second.tx;
-
- purge_transaction_keyimages_from_blockchain(tx, true);
-
- if(!is_coinbase(tx))
- {
- cryptonote::tx_verification_context tvc = AUTO_VAL_INIT(tvc);
- bool r = m_tx_pool->add_tx(tx, tvc, true, true, 1);
- CHECK_AND_ASSERT_MES(r, false, "purge_block_data_from_blockchain: failed to add transaction to transaction pool");
- }
-
- bool res = pop_transaction_from_global_index(tx, tx_id);
- m_transactions.erase(tx_index_it);
- LOG_PRINT_L1("Removed transaction from blockchain history:" << tx_id << ENDL);
- return res;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::purge_block_data_from_blockchain(const block& bl, size_t processed_tx_count)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- bool res = true;
- CHECK_AND_ASSERT_MES(processed_tx_count <= bl.tx_hashes.size(), false, "wrong processed_tx_count in purge_block_data_from_blockchain");
- for(size_t count = 0; count != processed_tx_count; count++)
- {
- res = purge_transaction_from_blockchain(bl.tx_hashes[(processed_tx_count -1)- count]) && res;
- }
-
- res = purge_transaction_from_blockchain(get_transaction_hash(bl.miner_tx)) && res;
-
- return res;
-}
-//------------------------------------------------------------------
-crypto::hash blockchain_storage::get_tail_id(uint64_t& height) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- height = get_current_blockchain_height()-1;
- return get_tail_id();
-}
-//------------------------------------------------------------------
-crypto::hash blockchain_storage::get_tail_id() const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- crypto::hash id = null_hash;
- if(m_blocks.size())
- {
- get_block_hash(m_blocks.back().bl, id);
- }
- return id;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_short_chain_history(std::list<crypto::hash>& ids) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- size_t i = 0;
- size_t current_multiplier = 1;
- size_t sz = m_blocks.size();
- if(!sz)
- return true;
- size_t current_back_offset = 1;
- bool genesis_included = false;
- while(current_back_offset < sz)
- {
- ids.push_back(get_block_hash(m_blocks[sz-current_back_offset].bl));
- if(sz-current_back_offset == 0)
- genesis_included = true;
- if(i < 10)
- {
- ++current_back_offset;
- }else
- {
- current_back_offset += current_multiplier *= 2;
- }
- ++i;
- }
- if(!genesis_included)
- ids.push_back(get_block_hash(m_blocks[0].bl));
-
- return true;
-}
-//------------------------------------------------------------------
-crypto::hash blockchain_storage::get_block_id_by_height(uint64_t height) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(height >= m_blocks.size())
- return null_hash;
-
- return get_block_hash(m_blocks[height].bl);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_block_by_hash(const crypto::hash &h, block &blk) const {
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- // try to find block in main chain
- blocks_by_id_index::const_iterator it = m_blocks_index.find(h);
- if (m_blocks_index.end() != it) {
- blk = m_blocks[it->second].bl;
- return true;
- }
-
- // try to find block in alternative chain
- blocks_ext_by_hash::const_iterator it_alt = m_alternative_chains.find(h);
- if (m_alternative_chains.end() != it_alt) {
- blk = it_alt->second.bl;
- return true;
- }
-
- return false;
-}
-//------------------------------------------------------------------
-void blockchain_storage::get_all_known_block_ids(std::list<crypto::hash> &main, std::list<crypto::hash> &alt, std::list<crypto::hash> &invalid) const {
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- BOOST_FOREACH(const blocks_by_id_index::value_type &v, m_blocks_index)
- main.push_back(v.first);
-
- BOOST_FOREACH(const blocks_ext_by_hash::value_type &v, m_alternative_chains)
- alt.push_back(v.first);
-
- BOOST_FOREACH(const blocks_ext_by_hash::value_type &v, m_invalid_blocks)
- invalid.push_back(v.first);
-}
-//------------------------------------------------------------------
-difficulty_type blockchain_storage::get_difficulty_for_next_block() const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- std::vector<uint64_t> timestamps;
- std::vector<difficulty_type> commulative_difficulties;
- size_t offset = m_blocks.size() - std::min(m_blocks.size(), static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT));
- if(!offset)
- ++offset;//skip genesis block
- for(; offset < m_blocks.size(); offset++)
- {
- timestamps.push_back(m_blocks[offset].bl.timestamp);
- commulative_difficulties.push_back(m_blocks[offset].cumulative_difficulty);
- }
- return next_difficulty(timestamps, commulative_difficulties,DIFFICULTY_TARGET_V1);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::rollback_blockchain_switching(std::list<block>& original_chain, size_t rollback_height)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- // fail if rollback_height passed is too high
- if (rollback_height > m_blocks.size())
- {
- return true;
- }
-
- //remove failed subchain
- for(size_t i = m_blocks.size()-1; i >=rollback_height; i--)
- {
- bool r = pop_block_from_blockchain();
- CHECK_AND_ASSERT_MES(r, false, "PANIC! failed to remove block while chain switching during the rollback!");
- }
- //return back original chain
- BOOST_FOREACH(auto& bl, original_chain)
- {
- block_verification_context bvc = boost::value_initialized<block_verification_context>();
- bool r = handle_block_to_main_chain(bl, bvc);
- CHECK_AND_ASSERT_MES(r && bvc.m_added_to_main_chain, false, "PANIC! failed to add (again) block while chain switching during the rollback!");
- }
-
- LOG_PRINT_L1("Rollback success.");
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::switch_to_alternative_blockchain(std::list<blocks_ext_by_hash::iterator>& alt_chain, bool discard_disconnected_chain)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- CHECK_AND_ASSERT_MES(alt_chain.size(), false, "switch_to_alternative_blockchain: empty chain passed");
-
- size_t split_height = alt_chain.front()->second.height;
- CHECK_AND_ASSERT_MES(m_blocks.size() > split_height, false, "switch_to_alternative_blockchain: blockchain size is lower than split height");
-
- //disconnecting old chain
- std::list<block> disconnected_chain;
- for(size_t i = m_blocks.size()-1; i >=split_height; i--)
- {
- block b = m_blocks[i].bl;
- bool r = pop_block_from_blockchain();
- CHECK_AND_ASSERT_MES(r, false, "failed to remove block on chain switching");
- disconnected_chain.push_front(b);
- }
-
- //connecting new alternative chain
- for(auto alt_ch_iter = alt_chain.begin(); alt_ch_iter != alt_chain.end(); alt_ch_iter++)
- {
- auto ch_ent = *alt_ch_iter;
- block_verification_context bvc = boost::value_initialized<block_verification_context>();
- bool r = handle_block_to_main_chain(ch_ent->second.bl, bvc);
- if(!r || !bvc.m_added_to_main_chain)
- {
- LOG_PRINT_L1("Failed to switch to alternative blockchain");
- rollback_blockchain_switching(disconnected_chain, split_height);
- add_block_as_invalid(ch_ent->second, get_block_hash(ch_ent->second.bl));
- LOG_PRINT_L1("The block was inserted as invalid while connecting new alternative chain, block_id: " << get_block_hash(ch_ent->second.bl));
- m_alternative_chains.erase(ch_ent);
-
- for(auto alt_ch_to_orph_iter = ++alt_ch_iter; alt_ch_to_orph_iter != alt_chain.end(); alt_ch_to_orph_iter++)
- {
- //block_verification_context bvc = boost::value_initialized<block_verification_context>();
- add_block_as_invalid((*alt_ch_iter)->second, (*alt_ch_iter)->first);
- m_alternative_chains.erase(*alt_ch_to_orph_iter);
- }
- return false;
- }
- }
-
- if(!discard_disconnected_chain)
- {
- //pushing old chain as alternative chain
- BOOST_FOREACH(auto& old_ch_ent, disconnected_chain)
- {
- block_verification_context bvc = boost::value_initialized<block_verification_context>();
- bool r = handle_alternative_block(old_ch_ent, get_block_hash(old_ch_ent), bvc);
- if(!r)
- {
- LOG_PRINT_L1("Failed to push ex-main chain blocks to alternative chain ");
- rollback_blockchain_switching(disconnected_chain, split_height);
- return false;
- }
- }
- }
-
- //removing all_chain entries from alternative chain
- BOOST_FOREACH(auto ch_ent, alt_chain)
- {
- m_alternative_chains.erase(ch_ent);
- }
-
- LOG_PRINT_GREEN("REORGANIZE SUCCESS! on height: " << split_height << ", new blockchain size: " << m_blocks.size(), LOG_LEVEL_0);
- return true;
-}
-//------------------------------------------------------------------
-difficulty_type blockchain_storage::get_next_difficulty_for_alternative_chain(const std::list<blocks_ext_by_hash::iterator>& alt_chain, block_extended_info& bei) const
-{
- std::vector<uint64_t> timestamps;
- std::vector<difficulty_type> commulative_difficulties;
- if(alt_chain.size()< DIFFICULTY_BLOCKS_COUNT)
- {
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- size_t main_chain_stop_offset = alt_chain.size() ? alt_chain.front()->second.height : bei.height;
- size_t main_chain_count = DIFFICULTY_BLOCKS_COUNT - std::min(static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT), alt_chain.size());
- main_chain_count = std::min(main_chain_count, main_chain_stop_offset);
- size_t main_chain_start_offset = main_chain_stop_offset - main_chain_count;
-
- if(!main_chain_start_offset)
- ++main_chain_start_offset; //skip genesis block
- for(; main_chain_start_offset < main_chain_stop_offset; ++main_chain_start_offset)
- {
- timestamps.push_back(m_blocks[main_chain_start_offset].bl.timestamp);
- commulative_difficulties.push_back(m_blocks[main_chain_start_offset].cumulative_difficulty);
- }
-
- CHECK_AND_ASSERT_MES((alt_chain.size() + timestamps.size()) <= DIFFICULTY_BLOCKS_COUNT, false, "Internal error, alt_chain.size()["<< alt_chain.size()
- << "] + vtimestampsec.size()[" << timestamps.size() << "] NOT <= DIFFICULTY_WINDOW[]" << DIFFICULTY_BLOCKS_COUNT );
- BOOST_FOREACH(auto it, alt_chain)
- {
- timestamps.push_back(it->second.bl.timestamp);
- commulative_difficulties.push_back(it->second.cumulative_difficulty);
- }
- }else
- {
- timestamps.resize(std::min(alt_chain.size(), static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT)));
- commulative_difficulties.resize(std::min(alt_chain.size(), static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT)));
- size_t count = 0;
- size_t max_i = timestamps.size()-1;
- BOOST_REVERSE_FOREACH(auto it, alt_chain)
- {
- timestamps[max_i - count] = it->second.bl.timestamp;
- commulative_difficulties[max_i - count] = it->second.cumulative_difficulty;
- count++;
- if(count >= DIFFICULTY_BLOCKS_COUNT)
- break;
- }
- }
- return next_difficulty(timestamps, commulative_difficulties,DIFFICULTY_TARGET_V1);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::prevalidate_miner_transaction(const block& b, uint64_t height) const
-{
- CHECK_AND_ASSERT_MES(b.miner_tx.vin.size() == 1, false, "coinbase transaction in the block has no inputs");
- CHECK_AND_ASSERT_MES(b.miner_tx.vin[0].type() == typeid(txin_gen), false, "coinbase transaction in the block has the wrong type");
- if(boost::get<txin_gen>(b.miner_tx.vin[0]).height != height)
- {
- LOG_PRINT_RED_L1("The miner transaction in block has invalid height: " << boost::get<txin_gen>(b.miner_tx.vin[0]).height << ", expected: " << height);
- return false;
- }
- CHECK_AND_ASSERT_MES(b.miner_tx.unlock_time == height + CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW,
- false,
- "coinbase transaction transaction has the wrong unlock time=" << b.miner_tx.unlock_time << ", expected " << height + CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW);
-
- //check outs overflow
- if(!check_outs_overflow(b.miner_tx))
- {
- LOG_PRINT_RED_L1("miner transaction has money overflow in block " << get_block_hash(b));
- return false;
- }
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::validate_miner_transaction(const block& b, size_t cumulative_block_size, uint64_t fee, uint64_t& base_reward, uint64_t already_generated_coins) const
-{
- //validate reward
- uint64_t money_in_use = 0;
- BOOST_FOREACH(auto& o, b.miner_tx.vout)
- money_in_use += o.amount;
-
- std::vector<size_t> last_blocks_sizes;
- get_last_n_blocks_sizes(last_blocks_sizes, CRYPTONOTE_REWARD_BLOCKS_WINDOW);
- if (!get_block_reward(epee::misc_utils::median(last_blocks_sizes), cumulative_block_size, already_generated_coins, base_reward,0)) {
- LOG_PRINT_L1("block size " << cumulative_block_size << " is bigger than allowed for this blockchain");
- return false;
- }
- if(base_reward + fee < money_in_use)
- {
- LOG_PRINT_L1("coinbase transaction spend too much money (" << print_money(money_in_use) << "). Block reward is " << print_money(base_reward + fee) << "(" << print_money(base_reward) << "+" << print_money(fee) << ")");
- return false;
- }
- if(base_reward + fee != money_in_use)
- {
- LOG_PRINT_L1("coinbase transaction doesn't use full amount of block reward: spent: "
- << print_money(money_in_use) << ", block reward " << print_money(base_reward + fee) << "(" << print_money(base_reward) << "+" << print_money(fee) << ")");
- return false;
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_backward_blocks_sizes(size_t from_height, std::vector<size_t>& sz, size_t count) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- CHECK_AND_ASSERT_MES(from_height < m_blocks.size(), false, "Internal error: get_backward_blocks_sizes called with from_height=" << from_height << ", blockchain height = " << m_blocks.size());
-
- size_t start_offset = (from_height+1) - std::min((from_height+1), count);
- for(size_t i = start_offset; i != from_height+1; i++)
- sz.push_back(m_blocks[i].block_cumulative_size);
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_last_n_blocks_sizes(std::vector<size_t>& sz, size_t count) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(!m_blocks.size())
- return true;
- return get_backward_blocks_sizes(m_blocks.size() -1, sz, count);
-}
-//------------------------------------------------------------------
-uint64_t blockchain_storage::get_current_cumulative_blocksize_limit() const
-{
- return m_current_block_cumul_sz_limit;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::create_block_template(block& b, const account_public_address& miner_address, difficulty_type& diffic, uint64_t& height, const blobdata& ex_nonce) const
-{
- size_t median_size;
- uint64_t already_generated_coins;
-
- CRITICAL_REGION_BEGIN(m_blockchain_lock);
- b.major_version = CURRENT_BLOCK_MAJOR_VERSION;
- b.minor_version = CURRENT_BLOCK_MINOR_VERSION;
- b.prev_id = get_tail_id();
- b.timestamp = time(NULL);
- height = m_blocks.size();
- diffic = get_difficulty_for_next_block();
- CHECK_AND_ASSERT_MES(diffic, false, "difficulty overhead.");
-
- median_size = m_current_block_cumul_sz_limit / 2;
- already_generated_coins = m_blocks.back().already_generated_coins;
-
- CRITICAL_REGION_END();
-
- size_t txs_size;
- uint64_t fee;
- if (!m_tx_pool->fill_block_template(b, median_size, already_generated_coins, txs_size, fee)) {
- return false;
- }
-#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
- size_t real_txs_size = 0;
- uint64_t real_fee = 0;
- CRITICAL_REGION_BEGIN(m_tx_pool->m_transactions_lock);
- BOOST_FOREACH(crypto::hash &cur_hash, b.tx_hashes) {
- auto cur_res = m_tx_pool->m_transactions.find(cur_hash);
- if (cur_res == m_tx_pool->m_transactions.end()) {
- LOG_ERROR("Creating block template: error: transaction not found");
- continue;
- }
- tx_memory_pool::tx_details &cur_tx = cur_res->second;
- real_txs_size += cur_tx.blob_size;
- real_fee += cur_tx.fee;
- if (cur_tx.blob_size != get_object_blobsize(cur_tx.tx)) {
- LOG_ERROR("Creating block template: error: invalid transaction size");
- }
- uint64_t inputs_amount;
- if (!get_inputs_money_amount(cur_tx.tx, inputs_amount)) {
- LOG_ERROR("Creating block template: error: cannot get inputs amount");
- } else if (cur_tx.fee != inputs_amount - get_outs_money_amount(cur_tx.tx)) {
- LOG_ERROR("Creating block template: error: invalid fee");
- }
- }
- if (txs_size != real_txs_size) {
- LOG_ERROR("Creating block template: error: wrongly calculated transaction size");
- }
- if (fee != real_fee) {
- LOG_ERROR("Creating block template: error: wrongly calculated fee");
- }
- CRITICAL_REGION_END();
- LOG_PRINT_L1("Creating block template: height " << height <<
- ", median size " << median_size <<
- ", already generated coins " << already_generated_coins <<
- ", transaction size " << txs_size <<
- ", fee " << fee);
-#endif
-
- /*
- two-phase miner transaction generation: we don't know exact block size until we prepare block, but we don't know reward until we know
- block size, so first miner transaction generated with fake amount of money, and with phase we know think we know expected block size
- */
- //make blocks coin-base tx looks close to real coinbase tx to get truthful blob size
- bool r = construct_miner_tx(height, median_size, already_generated_coins, txs_size, fee, miner_address, b.miner_tx, ex_nonce, 11);
- CHECK_AND_ASSERT_MES(r, false, "Failed to construc miner tx, first chance");
- size_t cumulative_size = txs_size + get_object_blobsize(b.miner_tx);
-#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
- LOG_PRINT_L1("Creating block template: miner tx size " << get_object_blobsize(b.miner_tx) <<
- ", cumulative size " << cumulative_size);
-#endif
- for (size_t try_count = 0; try_count != 10; ++try_count) {
- r = construct_miner_tx(height, median_size, already_generated_coins, cumulative_size, fee, miner_address, b.miner_tx, ex_nonce, 11);
-
- CHECK_AND_ASSERT_MES(r, false, "Failed to construc miner tx, second chance");
- size_t coinbase_blob_size = get_object_blobsize(b.miner_tx);
- if (coinbase_blob_size > cumulative_size - txs_size) {
- cumulative_size = txs_size + coinbase_blob_size;
-#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
- LOG_PRINT_L1("Creating block template: miner tx size " << coinbase_blob_size <<
- ", cumulative size " << cumulative_size << " is greater then before");
-#endif
- continue;
- }
-
- if (coinbase_blob_size < cumulative_size - txs_size) {
- size_t delta = cumulative_size - txs_size - coinbase_blob_size;
-#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
- LOG_PRINT_L1("Creating block template: miner tx size " << coinbase_blob_size <<
- ", cumulative size " << txs_size + coinbase_blob_size <<
- " is less then before, adding " << delta << " zero bytes");
-#endif
- b.miner_tx.extra.insert(b.miner_tx.extra.end(), delta, 0);
- //here could be 1 byte difference, because of extra field counter is varint, and it can become from 1-byte len to 2-bytes len.
- if (cumulative_size != txs_size + get_object_blobsize(b.miner_tx)) {
- CHECK_AND_ASSERT_MES(cumulative_size + 1 == txs_size + get_object_blobsize(b.miner_tx), false, "unexpected case: cumulative_size=" << cumulative_size << " + 1 is not equal txs_cumulative_size=" << txs_size << " + get_object_blobsize(b.miner_tx)=" << get_object_blobsize(b.miner_tx));
- b.miner_tx.extra.resize(b.miner_tx.extra.size() - 1);
- if (cumulative_size != txs_size + get_object_blobsize(b.miner_tx)) {
- //fuck, not lucky, -1 makes varint-counter size smaller, in that case we continue to grow with cumulative_size
- LOG_PRINT_RED("Miner tx creation has no luck with delta_extra size = " << delta << " and " << delta - 1 , LOG_LEVEL_2);
- cumulative_size += delta - 1;
- continue;
- }
- LOG_PRINT_GREEN("Setting extra for block: " << b.miner_tx.extra.size() << ", try_count=" << try_count, LOG_LEVEL_1);
- }
- }
- CHECK_AND_ASSERT_MES(cumulative_size == txs_size + get_object_blobsize(b.miner_tx), false, "unexpected case: cumulative_size=" << cumulative_size << " is not equal txs_cumulative_size=" << txs_size << " + get_object_blobsize(b.miner_tx)=" << get_object_blobsize(b.miner_tx));
-#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
- LOG_PRINT_L1("Creating block template: miner tx size " << coinbase_blob_size <<
- ", cumulative size " << cumulative_size << " is now good");
-#endif
- return true;
- }
- LOG_ERROR("Failed to create_block_template with " << 10 << " tries");
- return false;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::complete_timestamps_vector(uint64_t start_top_height, std::vector<uint64_t>& timestamps) const
-{
-
- if(timestamps.size() >= BLOCKCHAIN_TIMESTAMP_CHECK_WINDOW)
- return true;
-
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- size_t need_elements = BLOCKCHAIN_TIMESTAMP_CHECK_WINDOW - timestamps.size();
- CHECK_AND_ASSERT_MES(start_top_height < m_blocks.size(), false, "internal error: passed start_height = " << start_top_height << " not less then m_blocks.size()=" << m_blocks.size());
- size_t stop_offset = start_top_height > need_elements ? start_top_height - need_elements:0;
- do
- {
- timestamps.push_back(m_blocks[start_top_height].bl.timestamp);
- if(start_top_height == 0)
- break;
- --start_top_height;
- }while(start_top_height != stop_offset);
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::handle_alternative_block(const block& b, const crypto::hash& id, block_verification_context& bvc)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- uint64_t block_height = get_block_height(b);
- if(0 == block_height)
- {
- LOG_PRINT_L1("Block with id: " << epee::string_tools::pod_to_hex(id) << " (as alternative) has wrong miner transaction");
- bvc.m_verifivation_failed = true;
- return false;
- }
- if (!m_checkpoints.is_alternative_block_allowed(get_current_blockchain_height(), block_height))
- {
- LOG_PRINT_RED_L1("Block with id: " << id
- << ENDL << " can't be accepted for alternative chain, block height: " << block_height
- << ENDL << " blockchain height: " << get_current_blockchain_height());
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- //Block is not related with head of main chain
- //first of all - look in alternative chains container
- auto it_main_prev = m_blocks_index.find(b.prev_id);
- auto it_prev = m_alternative_chains.find(b.prev_id);
- if(it_prev != m_alternative_chains.end() || it_main_prev != m_blocks_index.end())
- {
- //we have new block in alternative chain
-
- //build alternative subchain, front -> mainchain, back -> alternative head
- blocks_ext_by_hash::iterator alt_it = it_prev; //m_alternative_chains.find()
- std::list<blocks_ext_by_hash::iterator> alt_chain;
- std::vector<uint64_t> timestamps;
- while(alt_it != m_alternative_chains.end())
- {
- alt_chain.push_front(alt_it);
- timestamps.push_back(alt_it->second.bl.timestamp);
- alt_it = m_alternative_chains.find(alt_it->second.bl.prev_id);
- }
-
- if(alt_chain.size())
- {
- //make sure that it has right connection to main chain
- CHECK_AND_ASSERT_MES(m_blocks.size() > alt_chain.front()->second.height, false, "main blockchain wrong height");
- crypto::hash h = null_hash;
- get_block_hash(m_blocks[alt_chain.front()->second.height - 1].bl, h);
- CHECK_AND_ASSERT_MES(h == alt_chain.front()->second.bl.prev_id, false, "alternative chain has wrong connection to main chain");
- complete_timestamps_vector(alt_chain.front()->second.height - 1, timestamps);
- }else
- {
- CHECK_AND_ASSERT_MES(it_main_prev != m_blocks_index.end(), false, "internal error: broken imperative condition it_main_prev != m_blocks_index.end()");
- complete_timestamps_vector(it_main_prev->second, timestamps);
- }
- //check timestamp correct
- if(!check_block_timestamp(timestamps, b))
- {
- LOG_PRINT_RED_L1("Block with id: " << id
- << ENDL << " for alternative chain, has invalid timestamp: " << b.timestamp);
- //add_block_as_invalid(b, id);//do not add blocks to invalid storage before proof of work check was passed
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- block_extended_info bei = boost::value_initialized<block_extended_info>();
- bei.bl = b;
- bei.height = alt_chain.size() ? it_prev->second.height + 1 : it_main_prev->second + 1;
-
- bool is_a_checkpoint;
- if(!m_checkpoints.check_block(bei.height, id, is_a_checkpoint))
- {
- LOG_ERROR("CHECKPOINT VALIDATION FAILED");
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- // Always check PoW for alternative blocks
- m_is_in_checkpoint_zone = false;
- difficulty_type current_diff = get_next_difficulty_for_alternative_chain(alt_chain, bei);
- CHECK_AND_ASSERT_MES(current_diff, false, "!!!!!!! DIFFICULTY OVERHEAD !!!!!!!");
- crypto::hash proof_of_work = null_hash;
- get_block_longhash(bei.bl, proof_of_work, bei.height);
- if(!check_hash(proof_of_work, current_diff))
- {
- LOG_PRINT_RED_L1("Block with id: " << id
- << ENDL << " for alternative chain, does not have enough proof of work: " << proof_of_work
- << ENDL << " expected difficulty: " << current_diff);
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- if(!prevalidate_miner_transaction(b, bei.height))
- {
- LOG_PRINT_RED_L1("Block with id: " << epee::string_tools::pod_to_hex(id)
- << " (as alternative) has incorrect miner transaction.");
- bvc.m_verifivation_failed = true;
- return false;
-
- }
-
- bei.cumulative_difficulty = alt_chain.size() ? it_prev->second.cumulative_difficulty: m_blocks[it_main_prev->second].cumulative_difficulty;
- bei.cumulative_difficulty += current_diff;
-
-#ifdef _DEBUG
- auto i_dres = m_alternative_chains.find(id);
- CHECK_AND_ASSERT_MES(i_dres == m_alternative_chains.end(), false, "insertion of new alternative block returned as it already exist");
-#endif
- auto i_res = m_alternative_chains.insert(blocks_ext_by_hash::value_type(id, bei));
- CHECK_AND_ASSERT_MES(i_res.second, false, "insertion of new alternative block returned as it already exist");
- alt_chain.push_back(i_res.first);
-
- if(is_a_checkpoint)
- {
- //do reorganize!
- LOG_PRINT_GREEN("###### REORGANIZE on height: " << alt_chain.front()->second.height << " of " << m_blocks.size() - 1 <<
- ", checkpoint is found in alternative chain on height " << bei.height, LOG_LEVEL_0);
- bool r = switch_to_alternative_blockchain(alt_chain, true);
- if(r) bvc.m_added_to_main_chain = true;
- else bvc.m_verifivation_failed = true;
- return r;
- }else if(m_blocks.back().cumulative_difficulty < bei.cumulative_difficulty) //check if difficulty bigger then in main chain
- {
- //do reorganize!
- LOG_PRINT_GREEN("###### REORGANIZE on height: " << alt_chain.front()->second.height << " of " << m_blocks.size() - 1 << " with cum_difficulty " << m_blocks.back().cumulative_difficulty
- << ENDL << " alternative blockchain size: " << alt_chain.size() << " with cum_difficulty " << bei.cumulative_difficulty, LOG_LEVEL_0);
- bool r = switch_to_alternative_blockchain(alt_chain, false);
- if(r) bvc.m_added_to_main_chain = true;
- else bvc.m_verifivation_failed = true;
- return r;
- }else
- {
- LOG_PRINT_BLUE("----- BLOCK ADDED AS ALTERNATIVE ON HEIGHT " << bei.height
- << ENDL << "id:\t" << id
- << ENDL << "PoW:\t" << proof_of_work
- << ENDL << "difficulty:\t" << current_diff, LOG_LEVEL_0);
- return true;
- }
- }else
- {
- //block orphaned
- bvc.m_marked_as_orphaned = true;
- LOG_PRINT_RED_L1("Block recognized as orphaned and rejected, id = " << id);
- }
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_blocks(uint64_t start_offset, size_t count, std::list<block>& blocks, std::list<transaction>& txs) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(start_offset >= m_blocks.size())
- return false;
- for(size_t i = start_offset; i < start_offset + count && i < m_blocks.size();i++)
- {
- blocks.push_back(m_blocks[i].bl);
- std::list<crypto::hash> missed_ids;
- get_transactions(m_blocks[i].bl.tx_hashes, txs, missed_ids);
- CHECK_AND_ASSERT_MES(!missed_ids.size(), false, "has missed transactions in own block in main blockchain");
- }
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_blocks(uint64_t start_offset, size_t count, std::list<block>& blocks) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(start_offset >= m_blocks.size())
- return false;
-
- for(size_t i = start_offset; i < start_offset + count && i < m_blocks.size();i++)
- blocks.push_back(m_blocks[i].bl);
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::handle_get_objects(NOTIFY_REQUEST_GET_OBJECTS::request& arg, NOTIFY_RESPONSE_GET_OBJECTS::request& rsp)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- rsp.current_blockchain_height = get_current_blockchain_height();
- std::list<block> blocks;
- get_blocks(arg.blocks, blocks, rsp.missed_ids);
-
- BOOST_FOREACH(const auto& bl, blocks)
- {
- std::list<crypto::hash> missed_tx_id;
- std::list<transaction> txs;
- get_transactions(bl.tx_hashes, txs, rsp.missed_ids);
- CHECK_AND_ASSERT_MES(!missed_tx_id.size(), false, "Internal error: has missed missed_tx_id.size()=" << missed_tx_id.size()
- << ENDL << "for block id = " << get_block_hash(bl));
- rsp.blocks.push_back(block_complete_entry());
- block_complete_entry& e = rsp.blocks.back();
- //pack block
- e.block = t_serializable_object_to_blob(bl);
- //pack transactions
- BOOST_FOREACH(transaction& tx, txs)
- e.txs.push_back(t_serializable_object_to_blob(tx));
-
- }
- //get another transactions, if need
- std::list<transaction> txs;
- get_transactions(arg.txs, txs, rsp.missed_ids);
- //pack aside transactions
- BOOST_FOREACH(const auto& tx, txs)
- rsp.txs.push_back(t_serializable_object_to_blob(tx));
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_alternative_blocks(std::list<block>& blocks) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- BOOST_FOREACH(const auto& alt_bl, m_alternative_chains)
- {
- blocks.push_back(alt_bl.second.bl);
- }
- return true;
-}
-//------------------------------------------------------------------
-size_t blockchain_storage::get_alternative_blocks_count() const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- return m_alternative_chains.size();
-}
-//------------------------------------------------------------------
-bool blockchain_storage::add_out_to_get_random_outs(const std::vector<std::pair<crypto::hash, size_t> >& amount_outs, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount& result_outs, uint64_t amount, size_t i) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- transactions_container::const_iterator tx_it = m_transactions.find(amount_outs[i].first);
- CHECK_AND_ASSERT_MES(tx_it != m_transactions.end(), false, "internal error: transaction with id " << amount_outs[i].first << ENDL <<
- ", used in mounts global index for amount=" << amount << ": i=" << i << "not found in transactions index");
- CHECK_AND_ASSERT_MES(tx_it->second.tx.vout.size() > amount_outs[i].second, false, "internal error: in global outs index, transaction out index="
- << amount_outs[i].second << " more than transaction outputs = " << tx_it->second.tx.vout.size() << ", for tx id = " << amount_outs[i].first);
- const transaction& tx = tx_it->second.tx;
- CHECK_AND_ASSERT_MES(tx.vout[amount_outs[i].second].target.type() == typeid(txout_to_key), false, "unknown tx out type");
-
- //check if transaction is unlocked
- if(!is_tx_spendtime_unlocked(tx.unlock_time))
- return false;
-
- COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::out_entry& oen = *result_outs.outs.insert(result_outs.outs.end(), COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::out_entry());
- oen.global_amount_index = i;
- oen.out_key = boost::get<txout_to_key>(tx.vout[amount_outs[i].second].target).key;
- return true;
-}
-//------------------------------------------------------------------
-size_t blockchain_storage::find_end_of_allowed_index(const std::vector<std::pair<crypto::hash, size_t> >& amount_outs) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(!amount_outs.size())
- return 0;
- size_t i = amount_outs.size();
- do
- {
- --i;
- transactions_container::const_iterator it = m_transactions.find(amount_outs[i].first);
- CHECK_AND_ASSERT_MES(it != m_transactions.end(), 0, "internal error: failed to find transaction from outputs index with tx_id=" << amount_outs[i].first);
- if(it->second.m_keeper_block_height + CRYPTONOTE_DEFAULT_TX_SPENDABLE_AGE <= get_current_blockchain_height() )
- return i+1;
- } while (i != 0);
- return 0;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_random_outs_for_amounts(const COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::request& req, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::response& res) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- BOOST_FOREACH(uint64_t amount, req.amounts)
- {
- COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount& result_outs = *res.outs.insert(res.outs.end(), COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount());
- result_outs.amount = amount;
- auto it = m_outputs.find(amount);
- if(it == m_outputs.end())
- {
- LOG_PRINT_L1("COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS: not outs for amount " << amount << ", wallet should use some real outs when it lookup for some mix, so, at least one out for this amount should exist");
- continue;//actually this is strange situation, wallet should use some real outs when it lookup for some mix, so, at least one out for this amount should exist
- }
- const std::vector<std::pair<crypto::hash, size_t> >& amount_outs = it->second;
- //it is not good idea to use top fresh outs, because it increases possibility of transaction canceling on split
- //lets find upper bound of not fresh outs
- size_t up_index_limit = find_end_of_allowed_index(amount_outs);
- CHECK_AND_ASSERT_MES(up_index_limit <= amount_outs.size(), false, "internal error: find_end_of_allowed_index returned wrong index=" << up_index_limit << ", with amount_outs.size = " << amount_outs.size());
- if(amount_outs.size() > req.outs_count)
- {
- std::set<size_t> used;
- size_t try_count = 0;
- for(uint64_t j = 0; j != req.outs_count && try_count < up_index_limit;)
- {
- // triangular distribution over [a,b) with a=0, mode c=b=up_index_limit
- uint64_t r = crypto::rand<uint64_t>() % ((uint64_t)1 << 53);
- double frac = std::sqrt((double)r / ((uint64_t)1 << 53));
- size_t i = (size_t)(frac*up_index_limit);
- // just in case rounding up to 1 occurs after sqrt
- if (i == up_index_limit)
- --i;
- if(used.count(i))
- continue;
- bool added = add_out_to_get_random_outs(amount_outs, result_outs, amount, i);
- used.insert(i);
- if(added)
- ++j;
- ++try_count;
- }
- }else
- {
- for(size_t i = 0; i != up_index_limit; i++)
- add_out_to_get_random_outs(amount_outs, result_outs, amount, i);
- }
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::find_blockchain_supplement(const std::list<crypto::hash>& qblock_ids, uint64_t& starter_offset) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- if(!qblock_ids.size() /*|| !req.m_total_height*/)
- {
- LOG_PRINT_L1("Client sent wrong NOTIFY_REQUEST_CHAIN: m_block_ids.size()=" << qblock_ids.size() << /*", m_height=" << req.m_total_height <<*/ ", dropping connection");
- return false;
- }
- //check genesis match
- if(qblock_ids.back() != get_block_hash(m_blocks[0].bl))
- {
- LOG_PRINT_L1("Client sent wrong NOTIFY_REQUEST_CHAIN: genesis block missmatch: " << ENDL << "id: "
- << qblock_ids.back() << ", " << ENDL << "expected: " << get_block_hash(m_blocks[0].bl)
- << "," << ENDL << " dropping connection");
- return false;
- }
-
- /* Figure out what blocks we should request to get state_normal */
- size_t i = 0;
- auto bl_it = qblock_ids.begin();
- auto block_index_it = m_blocks_index.find(*bl_it);
- for(; bl_it != qblock_ids.end(); bl_it++, i++)
- {
- block_index_it = m_blocks_index.find(*bl_it);
- if(block_index_it != m_blocks_index.end())
- break;
- }
-
- if(bl_it == qblock_ids.end())
- {
- LOG_PRINT_L1("Internal error handling connection, can't find split point");
- return false;
- }
-
- if(block_index_it == m_blocks_index.end())
- {
- //this should NEVER happen, but, dose of paranoia in such cases is not too bad
- LOG_PRINT_L1("Internal error handling connection, can't find split point");
- return false;
- }
-
- //we start to put block ids INCLUDING last known id, just to make other side be sure
- starter_offset = block_index_it->second;
- return true;
-}
-//------------------------------------------------------------------
-uint64_t blockchain_storage::block_difficulty(size_t i) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- CHECK_AND_ASSERT_MES(i < m_blocks.size(), false, "wrong block index i = " << i << " at blockchain_storage::block_difficulty()");
- if(i == 0)
- return m_blocks[i].cumulative_difficulty;
-
- return m_blocks[i].cumulative_difficulty - m_blocks[i-1].cumulative_difficulty;
-}
-//------------------------------------------------------------------
-double blockchain_storage::get_avg_block_size( size_t count) const
-{
- if (count > get_current_blockchain_height()) return 500;
-
- double average = 0;
- _dbg1_c("net/blksize", "HEIGHT: " << get_current_blockchain_height());
- _dbg1_c("net/blksize", "BLOCK ID BY HEIGHT: " << get_block_id_by_height(get_current_blockchain_height()) );
- _dbg1_c("net/blksize", "BLOCK TAIL ID: " << get_tail_id() );
- std::vector<size_t> size_vector;
-
- get_backward_blocks_sizes(get_current_blockchain_height() - count, size_vector, count);
-
- std::vector<size_t>::iterator it;
- it = size_vector.begin();
- while (it != size_vector.end()) {
- average += *it;
- _dbg2_c("net/blksize", "VECTOR ELEMENT: " << (*it) );
- it++;
- }
- average = average / count;
- _dbg1_c("net/blksize", "VECTOR SIZE: " << size_vector.size() << " average=" << average);
-
- return average;
-}
-//------------------------------------------------------------------
-void blockchain_storage::print_blockchain(uint64_t start_index, uint64_t end_index) const
-{
- std::stringstream ss;
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(start_index >=m_blocks.size())
- {
- LOG_PRINT_L1("Wrong starter index set: " << start_index << ", expected max index " << m_blocks.size()-1);
- return;
- }
-
- for(size_t i = start_index; i != m_blocks.size() && i != end_index; i++)
- {
- ss << "height " << i << ", timestamp " << m_blocks[i].bl.timestamp << ", cumul_dif " << m_blocks[i].cumulative_difficulty << ", cumul_size " << m_blocks[i].block_cumulative_size
- << "\nid\t\t" << get_block_hash(m_blocks[i].bl)
- << "\ndifficulty\t\t" << block_difficulty(i) << ", nonce " << m_blocks[i].bl.nonce << ", tx_count " << m_blocks[i].bl.tx_hashes.size() << ENDL;
- }
- LOG_PRINT_L1("Current blockchain:" << ENDL << ss.str());
- LOG_PRINT_L0("Blockchain printed with log level 1");
-}
-//------------------------------------------------------------------
-void blockchain_storage::print_blockchain_index() const
-{
- std::stringstream ss;
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- BOOST_FOREACH(const blocks_by_id_index::value_type& v, m_blocks_index)
- ss << "id\t\t" << v.first << " height" << v.second << ENDL << "";
-
- LOG_PRINT_L0("Current blockchain index:" << ENDL << ss.str());
-}
-//------------------------------------------------------------------
-void blockchain_storage::print_blockchain_outs(const std::string& file) const
-{
- std::stringstream ss;
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- BOOST_FOREACH(const outputs_container::value_type& v, m_outputs)
- {
- const std::vector<std::pair<crypto::hash, size_t> >& vals = v.second;
- if(vals.size())
- {
- ss << "amount: " << v.first << ENDL;
- for(size_t i = 0; i != vals.size(); i++)
- ss << "\t" << vals[i].first << ": " << vals[i].second << ENDL;
- }
- }
- if(epee::file_io_utils::save_string_to_file(file, ss.str()))
- {
- LOG_PRINT_L0("Current outputs index writen to file: " << file);
- }else
- {
- LOG_PRINT_L0("Failed to write current outputs index to file: " << file);
- }
-}
-//------------------------------------------------------------------
-bool blockchain_storage::find_blockchain_supplement(const std::list<crypto::hash>& qblock_ids, NOTIFY_RESPONSE_CHAIN_ENTRY::request& resp) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(!find_blockchain_supplement(qblock_ids, resp.start_height))
- return false;
-
- resp.total_height = get_current_blockchain_height();
- size_t count = 0;
- for(size_t i = resp.start_height; i != m_blocks.size() && count < BLOCKS_IDS_SYNCHRONIZING_DEFAULT_COUNT; i++, count++)
- resp.m_block_ids.push_back(get_block_hash(m_blocks[i].bl));
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::find_blockchain_supplement(const uint64_t req_start_block, const std::list<crypto::hash>& qblock_ids, std::list<std::pair<block, std::list<transaction> > >& blocks, uint64_t& total_height, uint64_t& start_height, size_t max_count) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(req_start_block > 0) {
- start_height = req_start_block;
- } else {
- if(!find_blockchain_supplement(qblock_ids, start_height))
- return false;
- }
-
- total_height = get_current_blockchain_height();
- size_t count = 0;
- for(size_t i = start_height; i != m_blocks.size() && count < max_count; i++, count++)
- {
- blocks.resize(blocks.size()+1);
- blocks.back().first = m_blocks[i].bl;
- std::list<crypto::hash> mis;
- get_transactions(m_blocks[i].bl.tx_hashes, blocks.back().second, mis);
- CHECK_AND_ASSERT_MES(!mis.size(), false, "internal error, transaction from block not found");
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::add_block_as_invalid(const block& bl, const crypto::hash& h)
-{
- block_extended_info bei = AUTO_VAL_INIT(bei);
- bei.bl = bl;
- return add_block_as_invalid(bei, h);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::add_block_as_invalid(const block_extended_info& bei, const crypto::hash& h)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- auto i_res = m_invalid_blocks.insert(std::map<crypto::hash, block_extended_info>::value_type(h, bei));
- CHECK_AND_ASSERT_MES(i_res.second, false, "at insertion invalid by tx returned status existed");
- LOG_PRINT_L1("BLOCK ADDED AS INVALID: " << h << ENDL << ", prev_id=" << bei.bl.prev_id << ", m_invalid_blocks count=" << m_invalid_blocks.size());
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::have_block(const crypto::hash& id) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(m_blocks_index.count(id))
- return true;
- if(m_alternative_chains.count(id))
- return true;
- /*if(m_orphaned_blocks.get<by_id>().count(id))
- return true;*/
-
- /*if(m_orphaned_by_tx.count(id))
- return true;*/
- if(m_invalid_blocks.count(id))
- return true;
-
- return false;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::handle_block_to_main_chain(const block& bl, block_verification_context& bvc)
-{
- crypto::hash id = get_block_hash(bl);
- return handle_block_to_main_chain(bl, id, bvc);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::push_transaction_to_global_outs_index(const transaction& tx, const crypto::hash& tx_id, std::vector<uint64_t>& global_indexes)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- size_t i = 0;
- BOOST_FOREACH(const auto& ot, tx.vout)
- {
- outputs_container::mapped_type& amount_index = m_outputs[ot.amount];
- amount_index.push_back(std::pair<crypto::hash, size_t>(tx_id, i));
- global_indexes.push_back(amount_index.size()-1);
- ++i;
- }
- return true;
-}
-//------------------------------------------------------------------
-size_t blockchain_storage::get_total_transactions() const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- return m_transactions.size();
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_outs(uint64_t amount, std::list<crypto::public_key>& pkeys) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- auto it = m_outputs.find(amount);
- if(it == m_outputs.end())
- return true;
-
- BOOST_FOREACH(const auto& out_entry, it->second)
- {
- auto tx_it = m_transactions.find(out_entry.first);
- CHECK_AND_ASSERT_MES(tx_it != m_transactions.end(), false, "transactions outs global index consistency broken: wrong tx id in index");
- CHECK_AND_ASSERT_MES(tx_it->second.tx.vout.size() > out_entry.second, false, "transactions outs global index consistency broken: index in tx_outx more then size");
- CHECK_AND_ASSERT_MES(tx_it->second.tx.vout[out_entry.second].target.type() == typeid(txout_to_key), false, "transactions outs global index consistency broken: index in tx_outx more then size");
- pkeys.push_back(boost::get<txout_to_key>(tx_it->second.tx.vout[out_entry.second].target).key);
- }
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::pop_transaction_from_global_index(const transaction& tx, const crypto::hash& tx_id)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- size_t i = tx.vout.size()-1;
- BOOST_REVERSE_FOREACH(const auto& ot, tx.vout)
- {
- auto it = m_outputs.find(ot.amount);
- CHECK_AND_ASSERT_MES(it != m_outputs.end(), false, "transactions outs global index consistency broken");
- CHECK_AND_ASSERT_MES(it->second.size(), false, "transactions outs global index: empty index for amount: " << ot.amount);
- CHECK_AND_ASSERT_MES(it->second.back().first == tx_id , false, "transactions outs global index consistency broken: tx id missmatch");
- CHECK_AND_ASSERT_MES(it->second.back().second == i, false, "transactions outs global index consistency broken: in transaction index missmatch");
- it->second.pop_back();
- --i;
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::add_transaction_from_block(const transaction& tx, const crypto::hash& tx_id, const crypto::hash& bl_id, uint64_t bl_height, size_t blob_size)
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- struct add_transaction_input_visitor: public boost::static_visitor<bool>
- {
- key_images_container& m_spent_keys;
- const crypto::hash& m_tx_id;
- const crypto::hash& m_bl_id;
- add_transaction_input_visitor(key_images_container& spent_keys, const crypto::hash& tx_id, const crypto::hash& bl_id):m_spent_keys(spent_keys), m_tx_id(tx_id), m_bl_id(bl_id)
- {}
- bool operator()(const txin_to_key& in) const
- {
- const crypto::key_image& ki = in.k_image;
- auto r = m_spent_keys.insert(ki);
- if(!r.second)
- {
- //double spend detected
- LOG_PRINT_L1("tx with id: " << m_tx_id << " in block id: " << m_bl_id << " has input marked as spent with key image: " << ki << ", block declined");
- return false;
- }
- return true;
- }
-
- bool operator()(const txin_gen& tx) const{return true;}
- bool operator()(const txin_to_script& tx) const{return false;}
- bool operator()(const txin_to_scripthash& tx) const{return false;}
- };
-
- BOOST_FOREACH(const txin_v& in, tx.vin)
- {
- if(!boost::apply_visitor(add_transaction_input_visitor(m_spent_keys, tx_id, bl_id), in))
- {
- LOG_PRINT_L1("critical internal error: add_transaction_input_visitor failed. but here key_images should be checked");
- purge_transaction_keyimages_from_blockchain(tx, false);
- return false;
- }
- }
- transaction_chain_entry ch_e;
- ch_e.m_keeper_block_height = bl_height;
- ch_e.m_blob_size = blob_size;
- ch_e.tx = tx;
- auto i_r = m_transactions.insert(std::pair<crypto::hash, transaction_chain_entry>(tx_id, ch_e));
- if(!i_r.second)
- {
- LOG_PRINT_L1("tx with id: " << tx_id << " in block id: " << bl_id << " already in blockchain");
- return false;
- }
- bool r = push_transaction_to_global_outs_index(tx, tx_id, i_r.first->second.m_global_output_indexes);
- CHECK_AND_ASSERT_MES(r, false, "failed to return push_transaction_to_global_outs_index tx id " << tx_id);
- LOG_PRINT_L2("Added transaction to blockchain history:" << ENDL
- << "tx_id: " << tx_id << ENDL
- << "inputs: " << tx.vin.size() << ", outs: " << tx.vout.size() << ", spend money: " << print_money(get_outs_money_amount(tx)) << "(fee: " << (is_coinbase(tx) ? "0[coinbase]" : print_money(get_tx_fee(tx))) << ")");
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::get_tx_outputs_gindexs(const crypto::hash& tx_id, std::vector<uint64_t>& indexs) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- auto it = m_transactions.find(tx_id);
- if(it == m_transactions.end())
- {
- LOG_PRINT_RED_L1("warning: get_tx_outputs_gindexs failed to find transaction with id = " << tx_id);
- return false;
- }
-
- CHECK_AND_ASSERT_MES(it->second.m_global_output_indexes.size(), false, "internal error: global indexes for transaction " << tx_id << " is empty");
- indexs = it->second.m_global_output_indexes;
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::check_tx_inputs(const transaction& tx, uint64_t& max_used_block_height, crypto::hash& max_used_block_id) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- bool res = check_tx_inputs(tx, &max_used_block_height);
- if(!res) return false;
- CHECK_AND_ASSERT_MES(max_used_block_height < m_blocks.size(), false, "internal error: max used block index=" << max_used_block_height << " is not less then blockchain size = " << m_blocks.size());
- get_block_hash(m_blocks[max_used_block_height].bl, max_used_block_id);
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::have_tx_keyimges_as_spent(const transaction &tx) const
-{
- BOOST_FOREACH(const txin_v& in, tx.vin)
- {
- CHECKED_GET_SPECIFIC_VARIANT(in, const txin_to_key, in_to_key, true);
- if(have_tx_keyimg_as_spent(in_to_key.k_image))
- return true;
- }
- return false;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::check_tx_inputs(const transaction& tx, uint64_t* pmax_used_block_height) const
-{
- crypto::hash tx_prefix_hash = get_transaction_prefix_hash(tx);
- return check_tx_inputs(tx, tx_prefix_hash, pmax_used_block_height);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::check_tx_inputs(const transaction& tx, const crypto::hash& tx_prefix_hash, uint64_t* pmax_used_block_height) const
-{
- size_t sig_index = 0;
- if(pmax_used_block_height)
- *pmax_used_block_height = 0;
-
- BOOST_FOREACH(const auto& txin, tx.vin)
- {
- CHECK_AND_ASSERT_MES(txin.type() == typeid(txin_to_key), false, "wrong type id in tx input at blockchain_storage::check_tx_inputs");
- const txin_to_key& in_to_key = boost::get<txin_to_key>(txin);
-
- CHECK_AND_ASSERT_MES(in_to_key.key_offsets.size(), false, "empty in_to_key.key_offsets in transaction with id " << get_transaction_hash(tx));
-
- if(have_tx_keyimg_as_spent(in_to_key.k_image))
- {
- LOG_PRINT_L1("Key image already spent in blockchain: " << epee::string_tools::pod_to_hex(in_to_key.k_image));
- return false;
- }
-
- CHECK_AND_ASSERT_MES(sig_index < tx.signatures.size(), false, "wrong transaction: not signature entry for input with index= " << sig_index);
- if(!check_tx_input(in_to_key, tx_prefix_hash, tx.signatures[sig_index], pmax_used_block_height))
- {
- LOG_PRINT_L1("Failed to check ring signature for tx " << get_transaction_hash(tx));
- return false;
- }
-
- sig_index++;
- }
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::is_tx_spendtime_unlocked(uint64_t unlock_time) const
-{
- if(unlock_time < CRYPTONOTE_MAX_BLOCK_NUMBER)
- {
- //interpret as block index
- if(get_current_blockchain_height()-1 + CRYPTONOTE_LOCKED_TX_ALLOWED_DELTA_BLOCKS >= unlock_time)
- return true;
- else
- return false;
- }else
- {
- //interpret as time
- uint64_t current_time = static_cast<uint64_t>(time(NULL));
- if(current_time + CRYPTONOTE_LOCKED_TX_ALLOWED_DELTA_SECONDS_V1 >= unlock_time)
- return true;
- else
- return false;
- }
- return false;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::check_tx_input(const txin_to_key& txin, const crypto::hash& tx_prefix_hash, const std::vector<crypto::signature>& sig, uint64_t* pmax_related_block_height) const
-{
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- struct outputs_visitor
- {
- std::vector<const crypto::public_key *>& m_results_collector;
- const blockchain_storage& m_bch;
- outputs_visitor(std::vector<const crypto::public_key *>& results_collector, const blockchain_storage& bch):m_results_collector(results_collector), m_bch(bch)
- {}
- bool handle_output(const transaction& tx, const tx_out& out)
- {
- //check tx unlock time
- if(!m_bch.is_tx_spendtime_unlocked(tx.unlock_time))
- {
- LOG_PRINT_L1("One of outputs for one of inputs has wrong tx.unlock_time = " << tx.unlock_time);
- return false;
- }
-
- if(out.target.type() != typeid(txout_to_key))
- {
- LOG_PRINT_L1("Output has wrong type id, which=" << out.target.which());
- return false;
- }
-
- m_results_collector.push_back(&boost::get<txout_to_key>(out.target).key);
- return true;
- }
- };
-
- //check ring signature
- std::vector<const crypto::public_key *> output_keys;
- outputs_visitor vi(output_keys, *this);
- if(!scan_outputkeys_for_indexes(txin, vi, pmax_related_block_height))
- {
- LOG_PRINT_L1("Failed to get output keys for tx with amount = " << print_money(txin.amount) << " and count indexes " << txin.key_offsets.size());
- return false;
- }
-
- if(txin.key_offsets.size() != output_keys.size())
- {
- LOG_PRINT_L1("Output keys for tx with amount = " << txin.amount << " and count indexes " << txin.key_offsets.size() << " returned wrong keys count " << output_keys.size());
- return false;
- }
- CHECK_AND_ASSERT_MES(sig.size() == output_keys.size(), false, "internal error: tx signatures count=" << sig.size() << " mismatch with outputs keys count for inputs=" << output_keys.size());
- if(m_is_in_checkpoint_zone)
- return true;
- return crypto::check_ring_signature(tx_prefix_hash, txin.k_image, output_keys, sig.data());
-}
-//------------------------------------------------------------------
-uint64_t blockchain_storage::get_adjusted_time() const
-{
- //TODO: add collecting median time
- return time(NULL);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::check_block_timestamp_main(const block& b) const
-{
- if(b.timestamp > get_adjusted_time() + CRYPTONOTE_BLOCK_FUTURE_TIME_LIMIT)
- {
- LOG_PRINT_L1("Timestamp of block with id: " << get_block_hash(b) << ", " << b.timestamp << ", bigger than adjusted time + 2 hours");
- return false;
- }
-
- std::vector<uint64_t> timestamps;
- size_t offset = m_blocks.size() <= BLOCKCHAIN_TIMESTAMP_CHECK_WINDOW ? 0: m_blocks.size()- BLOCKCHAIN_TIMESTAMP_CHECK_WINDOW;
- for(;offset!= m_blocks.size(); ++offset)
- timestamps.push_back(m_blocks[offset].bl.timestamp);
-
- return check_block_timestamp(std::move(timestamps), b);
-}
-//------------------------------------------------------------------
-bool blockchain_storage::check_block_timestamp(std::vector<uint64_t> timestamps, const block& b) const
-{
- if(timestamps.size() < BLOCKCHAIN_TIMESTAMP_CHECK_WINDOW)
- return true;
-
- uint64_t median_ts = epee::misc_utils::median(timestamps);
-
- if(b.timestamp < median_ts)
- {
- LOG_PRINT_L1("Timestamp of block with id: " << get_block_hash(b) << ", " << b.timestamp << ", less than median of last " << BLOCKCHAIN_TIMESTAMP_CHECK_WINDOW << " blocks, " << median_ts);
- return false;
- }
-
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::handle_block_to_main_chain(const block& bl, const crypto::hash& id, block_verification_context& bvc)
-{
- TIME_MEASURE_START(block_processing_time);
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- if(bl.prev_id != get_tail_id())
- {
- LOG_PRINT_L1("Block with id: " << id << ENDL
- << "has wrong prev_id: " << bl.prev_id << ENDL
- << "expected: " << get_tail_id());
- return false;
- }
-
- if(!check_block_timestamp_main(bl))
- {
- LOG_PRINT_L1("Block with id: " << id << ENDL
- << "has invalid timestamp: " << bl.timestamp);
- //add_block_as_invalid(bl, id);//do not add blocks to invalid storage befor proof of work check was passed
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- //check proof of work
- TIME_MEASURE_START(target_calculating_time);
- difficulty_type current_diffic = get_difficulty_for_next_block();
- CHECK_AND_ASSERT_MES(current_diffic, false, "!!!!!!!!! difficulty overhead !!!!!!!!!");
- TIME_MEASURE_FINISH(target_calculating_time);
- TIME_MEASURE_START(longhash_calculating_time);
- crypto::hash proof_of_work = null_hash;
-
- // Formerly the code below contained an if loop with the following condition
- // !m_checkpoints.is_in_checkpoint_zone(get_current_blockchain_height())
- // however, this caused the daemon to not bother checking PoW for blocks
- // before checkpoints, which is very dangerous behaviour. We moved the PoW
- // validation out of the next chunk of code to make sure that we correctly
- // check PoW now.
- proof_of_work = get_block_longhash(bl, m_blocks.size());
-
- if(!check_hash(proof_of_work, current_diffic))
- {
- LOG_PRINT_L1("Block with id: " << id << ENDL
- << "does not have enough proof of work: " << proof_of_work << ENDL
- << "unexpected difficulty: " << current_diffic );
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- // If we're at a checkpoint, ensure that our hardcoded checkpoint hash
- // is correct.
- if(m_checkpoints.is_in_checkpoint_zone(get_current_blockchain_height()))
- {
- if(!m_checkpoints.check_block(get_current_blockchain_height(), id))
- {
- LOG_ERROR("CHECKPOINT VALIDATION FAILED");
- bvc.m_verifivation_failed = true;
- return false;
- }
- }
-
- TIME_MEASURE_FINISH(longhash_calculating_time);
-
- if(!prevalidate_miner_transaction(bl, m_blocks.size()))
- {
- LOG_PRINT_L1("Block with id: " << id
- << " failed to pass prevalidation");
- bvc.m_verifivation_failed = true;
- return false;
- }
- crypto::hash coinbase_hash = null_hash;
- size_t coinbase_blob_size = 0;
- get_transaction_hash(bl.miner_tx, coinbase_hash, coinbase_blob_size);
- size_t cumulative_block_size = coinbase_blob_size;
- //process transactions
- if(!add_transaction_from_block(bl.miner_tx, coinbase_hash, id, get_current_blockchain_height(), coinbase_blob_size))
- {
- LOG_PRINT_L1("Block with id: " << id << " failed to add transaction to blockchain storage");
- bvc.m_verifivation_failed = true;
- return false;
- }
- size_t tx_processed_count = 0;
- uint64_t fee_summary = 0;
- BOOST_FOREACH(const crypto::hash& tx_id, bl.tx_hashes)
- {
- transaction tx;
- size_t blob_size = 0;
- uint64_t fee = 0;
- bool relayed = false;
- if(!m_tx_pool->take_tx(tx_id, tx, blob_size, fee, relayed))
- {
- LOG_PRINT_L1("Block with id: " << id << "has at least one unknown transaction with id: " << tx_id);
- purge_block_data_from_blockchain(bl, tx_processed_count);
- //add_block_as_invalid(bl, id);
- bvc.m_verifivation_failed = true;
- return false;
- }
- if(!check_tx_inputs(tx))
- {
- LOG_PRINT_L1("Block with id: " << id << "has at least one transaction (id: " << tx_id << ") with wrong inputs.");
- cryptonote::tx_verification_context tvc = AUTO_VAL_INIT(tvc);
- bool add_res = m_tx_pool->add_tx(tx, tvc, true, relayed, 1);
- CHECK_AND_ASSERT_MES2(add_res, "handle_block_to_main_chain: failed to add transaction back to transaction pool");
- purge_block_data_from_blockchain(bl, tx_processed_count);
- add_block_as_invalid(bl, id);
- LOG_PRINT_L1("Block with id " << id << " added as invalid becouse of wrong inputs in transactions");
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- if(!add_transaction_from_block(tx, tx_id, id, get_current_blockchain_height(), blob_size))
- {
- LOG_PRINT_L1("Block with id: " << id << " failed to add transaction to blockchain storage");
- cryptonote::tx_verification_context tvc = AUTO_VAL_INIT(tvc);
- bool add_res = m_tx_pool->add_tx(tx, tvc, true, relayed, 1);
- CHECK_AND_ASSERT_MES2(add_res, "handle_block_to_main_chain: failed to add transaction back to transaction pool");
- purge_block_data_from_blockchain(bl, tx_processed_count);
- bvc.m_verifivation_failed = true;
- return false;
- }
- fee_summary += fee;
- cumulative_block_size += blob_size;
- ++tx_processed_count;
- }
- uint64_t base_reward = 0;
- uint64_t already_generated_coins = m_blocks.size() ? m_blocks.back().already_generated_coins:0;
- if(!validate_miner_transaction(bl, cumulative_block_size, fee_summary, base_reward, already_generated_coins))
- {
- LOG_PRINT_L1("Block with id: " << id
- << " has incorrect miner transaction");
- purge_block_data_from_blockchain(bl, tx_processed_count);
- bvc.m_verifivation_failed = true;
- return false;
- }
-
-
- block_extended_info bei = boost::value_initialized<block_extended_info>();
- bei.bl = bl;
- bei.block_cumulative_size = cumulative_block_size;
- bei.cumulative_difficulty = current_diffic;
-
- // In the "tail" state when the minimum subsidy (implemented in get_block_reward) is in effect, the number of
- // coins will eventually exceed MONEY_SUPPLY and overflow a uint64. To prevent overflow, cap already_generated_coins
- // at MONEY_SUPPLY. already_generated_coins is only used to compute the block subsidy and MONEY_SUPPLY yields a
- // subsidy of 0 under the base formula and therefore the minimum subsidy >0 in the tail state.
-
- bei.already_generated_coins = base_reward < (MONEY_SUPPLY-already_generated_coins) ? already_generated_coins + base_reward : MONEY_SUPPLY;
-
- if(m_blocks.size())
- bei.cumulative_difficulty += m_blocks.back().cumulative_difficulty;
-
- bei.height = m_blocks.size();
-
- auto ind_res = m_blocks_index.insert(std::pair<crypto::hash, size_t>(id, bei.height));
- if(!ind_res.second)
- {
- LOG_PRINT_L1("block with id: " << id << " already in block indexes");
- purge_block_data_from_blockchain(bl, tx_processed_count);
- bvc.m_verifivation_failed = true;
- return false;
- }
-
- m_blocks.push_back(bei);
- update_next_comulative_size_limit();
- TIME_MEASURE_FINISH(block_processing_time);
- LOG_PRINT_L1("+++++ BLOCK SUCCESSFULLY ADDED" << ENDL << "id:\t" << id
- << ENDL << "PoW:\t" << proof_of_work
- << ENDL << "HEIGHT " << bei.height << ", difficulty:\t" << current_diffic
- << ENDL << "block reward: " << print_money(fee_summary + base_reward) << "(" << print_money(base_reward) << " + " << print_money(fee_summary)
- << "), coinbase_blob_size: " << coinbase_blob_size << ", cumulative size: " << cumulative_block_size
- << ", " << block_processing_time << "("<< target_calculating_time << "/" << longhash_calculating_time << ")ms");
-
- epee::net_utils::data_logger::get_instance().add_data("blockchain_processing_time", block_processing_time);
-
- bvc.m_added_to_main_chain = true;
- /*if(!m_orphanes_reorganize_in_work)
- review_orphaned_blocks_with_new_block_id(id, true);*/
-
- m_tx_pool->on_blockchain_inc(bei.height, id);
- //LOG_PRINT_L0("BLOCK: " << ENDL << "" << dump_obj_as_json(bei.bl));
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::update_next_comulative_size_limit()
-{
- std::vector<size_t> sz;
- get_last_n_blocks_sizes(sz, CRYPTONOTE_REWARD_BLOCKS_WINDOW);
-
- uint64_t median = epee::misc_utils::median(sz);
- if(median <= CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1)
- median = CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1;
-
- m_current_block_cumul_sz_limit = median*2;
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::add_new_block(const block& bl_, block_verification_context& bvc)
-{
- //copy block here to let modify block.target
- block bl = bl_;
- crypto::hash id = get_block_hash(bl);
- CRITICAL_REGION_LOCAL(*m_tx_pool);//to avoid deadlock lets lock tx_pool for whole add/reorganize process
- CRITICAL_REGION_LOCAL1(m_blockchain_lock);
- if(have_block(id))
- {
- LOG_PRINT_L3("block with id = " << id << " already exists");
- bvc.m_already_exists = true;
- return false;
- }
-
- //check that block refers to chain tail
- if(!(bl.prev_id == get_tail_id()))
- {
- //chain switching or wrong block
- bvc.m_added_to_main_chain = false;
- return handle_alternative_block(bl, id, bvc);
- //never relay alternative blocks
- }
-
- return handle_block_to_main_chain(bl, id, bvc);
-}
-//------------------------------------------------------------------
-void blockchain_storage::check_against_checkpoints(const checkpoints& points, bool enforce)
-{
- const auto& pts = points.get_points();
-
- for (const auto& pt : pts)
- {
- // if the checkpoint is for a block we don't have yet, move on
- if (pt.first >= m_blocks.size())
- {
- continue;
- }
-
- if (!points.check_block(pt.first, get_block_hash(m_blocks[pt.first].bl)))
- {
- // if asked to enforce checkpoints, roll back to a couple of blocks before the checkpoint
- if (enforce)
- {
- LOG_ERROR("Local blockchain failed to pass a checkpoint, rolling back!");
- std::list<block> empty;
- rollback_blockchain_switching(empty, pt.first - 2);
- }
- else
- {
- LOG_ERROR("WARNING: local blockchain failed to pass a MoneroPulse checkpoint, and you could be on a fork. You should either sync up from scratch, OR download a fresh blockchain bootstrap, OR enable checkpoint enforcing with the --enforce-dns-checkpointing command-line option");
- }
- }
- }
-}
-//------------------------------------------------------------------
-// returns false if any of the checkpoints loading returns false.
-// That should happen only if a checkpoint is added that conflicts
-// with an existing checkpoint.
-bool blockchain_storage::update_checkpoints(const std::string& file_path, bool check_dns)
-{
- if (!m_checkpoints.load_checkpoints_from_json(file_path))
- {
- return false;
- }
-
- // if we're checking both dns and json, load checkpoints from dns.
- // if we're not hard-enforcing dns checkpoints, handle accordingly
- if (m_enforce_dns_checkpoints && check_dns)
- {
- if (!m_checkpoints.load_checkpoints_from_dns())
- {
- return false;
- }
- }
- else if (check_dns)
- {
- checkpoints dns_points;
- dns_points.load_checkpoints_from_dns(m_testnet);
- if (m_checkpoints.check_for_conflicts(dns_points))
- {
- check_against_checkpoints(dns_points, false);
- }
- else
- {
- LOG_PRINT_L0("One or more checkpoints fetched from DNS conflicted with existing checkpoints!");
- }
- }
-
- check_against_checkpoints(m_checkpoints, true);
-
- return true;
-}
-//------------------------------------------------------------------
-void blockchain_storage::set_enforce_dns_checkpoints(bool enforce_checkpoints)
-{
- m_enforce_dns_checkpoints = enforce_checkpoints;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::flush_txes_from_pool(const std::list<crypto::hash> &txids)
-{
- bool res = true;
- for (const auto &txid: txids)
- {
- cryptonote::transaction tx;
- size_t blob_size;
- uint64_t fee;
- bool relayed;
- LOG_PRINT_L1("Removing txid " << txid << " from the pool");
- if(!m_tx_pool->take_tx(txid, tx, blob_size, fee, relayed))
- {
- LOG_PRINT_L0("Failed to remove txid " << txid << " from the pool");
- res = false;
- }
- }
- return res;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::for_all_key_images(std::function<bool(const crypto::key_image&)> f) const
-{
- for (key_images_container::const_iterator i = m_spent_keys.begin(); i != m_spent_keys.end(); ++i) {
- if (!f(*i))
- return false;
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::for_all_blocks(std::function<bool(uint64_t, const crypto::hash&, const block&)> f) const
-{
- for (blocks_container::const_iterator i = m_blocks.begin(); i != m_blocks.end(); ++i) {
- crypto::hash hash;
- get_block_hash (i->bl, hash);
- if (!f(i->height, hash, i->bl))
- return false;
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::for_all_transactions(std::function<bool(const crypto::hash&, const transaction&)> f) const
-{
- for (transactions_container::const_iterator i = m_transactions.begin(); i != m_transactions.end(); ++i) {
- if (!f(i->first, i->second.tx))
- return false;
- }
- return true;
-}
-//------------------------------------------------------------------
-bool blockchain_storage::for_all_outputs(std::function<bool(uint64_t, const crypto::hash&, size_t)> f) const
-{
- for (outputs_container::const_iterator i = m_outputs.begin(); i != m_outputs.end(); ++i) {
- for (size_t n = 0; n < i->second.size(); ++n) {
- if (!f(i->first, i->second[n].first, i->second[n].second))
- return false;
- }
- }
- return true;
-}
diff --git a/src/cryptonote_core/blockchain_storage.h b/src/cryptonote_core/blockchain_storage.h
deleted file mode 100644
index 878202cf1..000000000
--- a/src/cryptonote_core/blockchain_storage.h
+++ /dev/null
@@ -1,377 +0,0 @@
-// Copyright (c) 2014-2016, The Monero Project
-//
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without modification, are
-// permitted provided that the following conditions are met:
-//
-// 1. Redistributions of source code must retain the above copyright notice, this list of
-// conditions and the following disclaimer.
-//
-// 2. Redistributions in binary form must reproduce the above copyright notice, this list
-// of conditions and the following disclaimer in the documentation and/or other
-// materials provided with the distribution.
-//
-// 3. Neither the name of the copyright holder nor the names of its contributors may be
-// used to endorse or promote products derived from this software without specific
-// prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
-// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
-// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
-// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
-
-#pragma once
-#include <boost/serialization/serialization.hpp>
-#include <boost/serialization/version.hpp>
-#include <boost/serialization/list.hpp>
-#include <boost/multi_index_container.hpp>
-#include <boost/multi_index/global_fun.hpp>
-#include <boost/multi_index/hashed_index.hpp>
-#include <boost/multi_index/member.hpp>
-#include <boost/foreach.hpp>
-#include <atomic>
-
-#include "syncobj.h"
-#include "string_tools.h"
-#include "tx_pool.h"
-#include "cryptonote_basic.h"
-#include "common/util.h"
-#include "cryptonote_protocol/cryptonote_protocol_defs.h"
-#include "rpc/core_rpc_server_commands_defs.h"
-#include "difficulty.h"
-#include "cryptonote_core/cryptonote_format_utils.h"
-#include "verification_context.h"
-#include "crypto/hash.h"
-#include "checkpoints.h"
-
-namespace cryptonote
-{
-
- /************************************************************************/
- /* */
- /************************************************************************/
- class blockchain_storage
- {
- public:
- struct transaction_chain_entry
- {
- transaction tx;
- uint64_t m_keeper_block_height;
- size_t m_blob_size;
- std::vector<uint64_t> m_global_output_indexes;
- };
-
- struct block_extended_info
- {
- block bl;
- uint64_t height;
- size_t block_cumulative_size;
- difficulty_type cumulative_difficulty;
- uint64_t already_generated_coins;
- };
-
- blockchain_storage(tx_memory_pool* tx_pool):m_tx_pool(tx_pool), m_current_block_cumul_sz_limit(0), m_is_in_checkpoint_zone(false), m_is_blockchain_storing(false), m_enforce_dns_checkpoints(false)
- {};
-
- bool init() { return init(tools::get_default_data_dir(), true); }
- bool init(const std::string& config_folder, bool testnet = false);
- bool deinit();
-
- void set_checkpoints(checkpoints&& chk_pts) { m_checkpoints = chk_pts; }
-
- //bool push_new_block();
- bool get_blocks(uint64_t start_offset, size_t count, std::list<block>& blocks, std::list<transaction>& txs) const;
- bool get_blocks(uint64_t start_offset, size_t count, std::list<block>& blocks) const;
- bool get_alternative_blocks(std::list<block>& blocks) const;
- size_t get_alternative_blocks_count() const;
- crypto::hash get_block_id_by_height(uint64_t height) const;
- bool get_block_by_hash(const crypto::hash &h, block &blk) const;
- void get_all_known_block_ids(std::list<crypto::hash> &main, std::list<crypto::hash> &alt, std::list<crypto::hash> &invalid) const;
-
- template<class archive_t>
- void serialize(archive_t & ar, const unsigned int version);
-
- bool have_tx(const crypto::hash &id) const;
- bool have_tx_keyimges_as_spent(const transaction &tx) const;
- bool have_tx_keyimg_as_spent(const crypto::key_image &key_im) const;
- const transaction *get_tx(const crypto::hash &id) const;
-
- uint64_t get_current_blockchain_height() const;
- crypto::hash get_tail_id() const;
- crypto::hash get_tail_id(uint64_t& height) const;
- difficulty_type get_difficulty_for_next_block() const;
- bool add_new_block(const block& bl_, block_verification_context& bvc);
- bool reset_and_set_genesis_block(const block& b);
- bool create_block_template(block& b, const account_public_address& miner_address, difficulty_type& di, uint64_t& height, const blobdata& ex_nonce) const;
- bool have_block(const crypto::hash& id) const;
- size_t get_total_transactions() const;
- bool get_outs(uint64_t amount, std::list<crypto::public_key>& pkeys) const;
- bool get_short_chain_history(std::list<crypto::hash>& ids) const;
- bool find_blockchain_supplement(const std::list<crypto::hash>& qblock_ids, NOTIFY_RESPONSE_CHAIN_ENTRY::request& resp) const;
- bool find_blockchain_supplement(const std::list<crypto::hash>& qblock_ids, uint64_t& starter_offset) const;
- bool find_blockchain_supplement(const uint64_t req_start_block, const std::list<crypto::hash>& qblock_ids, std::list<std::pair<block, std::list<transaction> > >& blocks, uint64_t& total_height, uint64_t& start_height, size_t max_count) const;
- bool handle_get_objects(NOTIFY_REQUEST_GET_OBJECTS::request& arg, NOTIFY_RESPONSE_GET_OBJECTS::request& rsp);
- bool handle_get_objects(const COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::request& req, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::response& res);
- bool get_random_outs_for_amounts(const COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::request& req, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::response& res) const;
- bool get_backward_blocks_sizes(size_t from_height, std::vector<size_t>& sz, size_t count) const;
- bool get_tx_outputs_gindexs(const crypto::hash& tx_id, std::vector<uint64_t>& indexs) const;
- bool store_blockchain();
-
- bool check_tx_inputs(const transaction& tx, uint64_t& pmax_used_block_height, crypto::hash& max_used_block_id) const;
- uint64_t get_current_cumulative_blocksize_limit() const;
- bool is_storing_blockchain()const{return m_is_blockchain_storing;}
- uint64_t block_difficulty(size_t i) const;
- double get_avg_block_size( size_t count) const;
- bool flush_txes_from_pool(const std::list<crypto::hash> &txids);
-
- template<class t_ids_container, class t_blocks_container, class t_missed_container>
- bool get_blocks(const t_ids_container& block_ids, t_blocks_container& blocks, t_missed_container& missed_bs) const
- {
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- BOOST_FOREACH(const auto& bl_id, block_ids)
- {
- auto it = m_blocks_index.find(bl_id);
- if(it == m_blocks_index.end())
- missed_bs.push_back(bl_id);
- else
- {
- CHECK_AND_ASSERT_MES(it->second < m_blocks.size(), false, "Internal error: bl_id=" << epee::string_tools::pod_to_hex(bl_id)
- << " have index record with offset="<<it->second<< ", bigger then m_blocks.size()=" << m_blocks.size());
- blocks.push_back(m_blocks[it->second].bl);
- }
- }
- return true;
- }
-
- template<class t_ids_container, class t_tx_container, class t_missed_container>
- bool get_transactions(const t_ids_container& txs_ids, t_tx_container& txs, t_missed_container& missed_txs) const
- {
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
-
- BOOST_FOREACH(const auto& tx_id, txs_ids)
- {
- auto it = m_transactions.find(tx_id);
- if(it == m_transactions.end())
- {
- transaction tx;
- if(!m_tx_pool->get_transaction(tx_id, tx))
- missed_txs.push_back(tx_id);
- else
- txs.push_back(tx);
- }
- else
- txs.push_back(it->second.tx);
- }
- return true;
- }
- //debug functions
- void print_blockchain(uint64_t start_index, uint64_t end_index) const;
- void print_blockchain_index() const;
- void print_blockchain_outs(const std::string& file) const;
- void check_against_checkpoints(const checkpoints& points, bool enforce);
- bool update_checkpoints(const std::string& file_path, bool check_dns);
- void set_enforce_dns_checkpoints(bool enforce_checkpoints);
-
- block get_block(uint64_t height) const { return m_blocks[height].bl; }
- size_t get_block_size(uint64_t height) const { return m_blocks[height].block_cumulative_size; }
- difficulty_type get_block_cumulative_difficulty(uint64_t height) const { return m_blocks[height].cumulative_difficulty; }
- uint64_t get_block_coins_generated(uint64_t height) const { return m_blocks[height].already_generated_coins; }
-
- bool for_all_key_images(std::function<bool(const crypto::key_image&)>) const;
- bool for_all_blocks(std::function<bool(uint64_t height, const crypto::hash&, const block&)>) const;
- bool for_all_transactions(std::function<bool(const crypto::hash&, const transaction&)>) const;
- bool for_all_outputs(std::function<bool(uint64_t amount, const crypto::hash &tx_hash, size_t tx_idx)>) const;
-
- // use for testing only
- bool debug_pop_block_from_blockchain() { return pop_block_from_blockchain(); }
-
- private:
- typedef std::unordered_map<crypto::hash, size_t> blocks_by_id_index;
- typedef std::unordered_map<crypto::hash, transaction_chain_entry> transactions_container;
- typedef std::unordered_set<crypto::key_image> key_images_container;
- typedef std::vector<block_extended_info> blocks_container;
- typedef std::unordered_map<crypto::hash, block_extended_info> blocks_ext_by_hash;
- typedef std::unordered_map<crypto::hash, block> blocks_by_hash;
- typedef std::map<uint64_t, std::vector<std::pair<crypto::hash, size_t>>> outputs_container; //crypto::hash - tx hash, size_t - index of out in transaction
-
- tx_memory_pool* m_tx_pool;
- mutable epee::critical_section m_blockchain_lock; // TODO: add here reader/writer lock
-
- // main chain
- blocks_container m_blocks; // height -> block_extended_info
- blocks_by_id_index m_blocks_index; // crypto::hash -> height
- transactions_container m_transactions;
- key_images_container m_spent_keys;
- size_t m_current_block_cumul_sz_limit;
-
-
- // all alternative chains
- blocks_ext_by_hash m_alternative_chains; // crypto::hash -> block_extended_info
-
- // some invalid blocks
- blocks_ext_by_hash m_invalid_blocks; // crypto::hash -> block_extended_info
- outputs_container m_outputs;
-
-
- std::string m_config_folder;
- checkpoints m_checkpoints;
- std::atomic<bool> m_is_in_checkpoint_zone;
- std::atomic<bool> m_is_blockchain_storing;
-
- bool m_enforce_dns_checkpoints;
- bool m_testnet;
-
- // made private for consistency with blockchain.h
- template<class visitor_t>
- bool scan_outputkeys_for_indexes(const txin_to_key& tx_in_to_key, visitor_t& vis, uint64_t* pmax_related_block_height = NULL) const;
- bool check_tx_input(const txin_to_key& txin, const crypto::hash& tx_prefix_hash, const std::vector<crypto::signature>& sig, uint64_t* pmax_related_block_height = NULL) const;
- bool check_tx_inputs(const transaction& tx, const crypto::hash& tx_prefix_hash, uint64_t* pmax_used_block_height = NULL) const;
- bool check_tx_inputs(const transaction& tx, uint64_t* pmax_used_block_height = NULL) const;
-
- bool switch_to_alternative_blockchain(std::list<blocks_ext_by_hash::iterator>& alt_chain, bool discard_disconnected_chain);
- bool pop_block_from_blockchain();
- bool purge_block_data_from_blockchain(const block& b, size_t processed_tx_count);
- bool purge_transaction_from_blockchain(const crypto::hash& tx_id);
- bool purge_transaction_keyimages_from_blockchain(const transaction& tx, bool strict_check);
-
- bool handle_block_to_main_chain(const block& bl, block_verification_context& bvc);
- bool handle_block_to_main_chain(const block& bl, const crypto::hash& id, block_verification_context& bvc);
- bool handle_alternative_block(const block& b, const crypto::hash& id, block_verification_context& bvc);
- difficulty_type get_next_difficulty_for_alternative_chain(const std::list<blocks_ext_by_hash::iterator>& alt_chain, block_extended_info& bei) const;
- bool prevalidate_miner_transaction(const block& b, uint64_t height) const;
- bool validate_miner_transaction(const block& b, size_t cumulative_block_size, uint64_t fee, uint64_t& base_reward, uint64_t already_generated_coins) const;
- bool validate_transaction(const block& b, uint64_t height, const transaction& tx) const;
- bool rollback_blockchain_switching(std::list<block>& original_chain, size_t rollback_height);
- bool add_transaction_from_block(const transaction& tx, const crypto::hash& tx_id, const crypto::hash& bl_id, uint64_t bl_height, size_t blob_size);
- bool push_transaction_to_global_outs_index(const transaction& tx, const crypto::hash& tx_id, std::vector<uint64_t>& global_indexes);
- bool pop_transaction_from_global_index(const transaction& tx, const crypto::hash& tx_id);
- bool get_last_n_blocks_sizes(std::vector<size_t>& sz, size_t count) const;
- bool add_out_to_get_random_outs(const std::vector<std::pair<crypto::hash, size_t> >& amount_outs, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount& result_outs, uint64_t amount, size_t i) const;
- bool is_tx_spendtime_unlocked(uint64_t unlock_time) const;
- bool add_block_as_invalid(const block& bl, const crypto::hash& h);
- bool add_block_as_invalid(const block_extended_info& bei, const crypto::hash& h);
- size_t find_end_of_allowed_index(const std::vector<std::pair<crypto::hash, size_t> >& amount_outs) const;
- bool check_block_timestamp_main(const block& b) const;
- bool check_block_timestamp(std::vector<uint64_t> timestamps, const block& b) const;
- uint64_t get_adjusted_time() const;
- bool complete_timestamps_vector(uint64_t start_height, std::vector<uint64_t>& timestamps) const;
- bool update_next_comulative_size_limit();
- bool store_genesis_block(bool testnet, bool check_added = false);
- };
-
-
- /************************************************************************/
- /* */
- /************************************************************************/
-
- #define CURRENT_BLOCKCHAIN_STORAGE_ARCHIVE_VER 12
-
- template<class archive_t>
- void blockchain_storage::serialize(archive_t & ar, const unsigned int version)
- {
- if(version < 11)
- return;
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- ar & m_blocks;
- ar & m_blocks_index;
- ar & m_transactions;
- ar & m_spent_keys;
- ar & m_alternative_chains;
- ar & m_outputs;
- ar & m_invalid_blocks;
- ar & m_current_block_cumul_sz_limit;
- /*serialization bug workaround*/
- if(version > 11)
- {
- uint64_t total_check_count = m_blocks.size() + m_blocks_index.size() + m_transactions.size() + m_spent_keys.size() + m_alternative_chains.size() + m_outputs.size() + m_invalid_blocks.size() + m_current_block_cumul_sz_limit;
- if(archive_t::is_saving::value)
- {
- ar & total_check_count;
- }else
- {
- uint64_t total_check_count_loaded = 0;
- ar & total_check_count_loaded;
- if(total_check_count != total_check_count_loaded)
- {
- LOG_ERROR("Blockchain storage data corruption detected. total_count loaded from file = " << total_check_count_loaded << ", expected = " << total_check_count);
-
- LOG_PRINT_L0("Blockchain storage:" << ENDL <<
- "m_blocks: " << m_blocks.size() << ENDL <<
- "m_blocks_index: " << m_blocks_index.size() << ENDL <<
- "m_transactions: " << m_transactions.size() << ENDL <<
- "m_spent_keys: " << m_spent_keys.size() << ENDL <<
- "m_alternative_chains: " << m_alternative_chains.size() << ENDL <<
- "m_outputs: " << m_outputs.size() << ENDL <<
- "m_invalid_blocks: " << m_invalid_blocks.size() << ENDL <<
- "m_current_block_cumul_sz_limit: " << m_current_block_cumul_sz_limit);
-
- throw std::runtime_error("Blockchain data corruption");
- }
- }
- }
-
-
- LOG_PRINT_L2("Blockchain storage:" << ENDL <<
- "m_blocks: " << m_blocks.size() << ENDL <<
- "m_blocks_index: " << m_blocks_index.size() << ENDL <<
- "m_transactions: " << m_transactions.size() << ENDL <<
- "m_spent_keys: " << m_spent_keys.size() << ENDL <<
- "m_alternative_chains: " << m_alternative_chains.size() << ENDL <<
- "m_outputs: " << m_outputs.size() << ENDL <<
- "m_invalid_blocks: " << m_invalid_blocks.size() << ENDL <<
- "m_current_block_cumul_sz_limit: " << m_current_block_cumul_sz_limit);
- }
-
- //------------------------------------------------------------------
- template<class visitor_t>
- bool blockchain_storage::scan_outputkeys_for_indexes(const txin_to_key& tx_in_to_key, visitor_t& vis, uint64_t* pmax_related_block_height) const
- {
- CRITICAL_REGION_LOCAL(m_blockchain_lock);
- auto it = m_outputs.find(tx_in_to_key.amount);
- if(it == m_outputs.end() || !tx_in_to_key.key_offsets.size())
- return false;
-
- std::vector<uint64_t> absolute_offsets = relative_output_offsets_to_absolute(tx_in_to_key.key_offsets);
-
-
- const std::vector<std::pair<crypto::hash, size_t> >& amount_outs_vec = it->second;
- size_t count = 0;
- BOOST_FOREACH(uint64_t i, absolute_offsets)
- {
- if(i >= amount_outs_vec.size() )
- {
- LOG_PRINT_L0("Wrong index in transaction inputs: " << i << ", expected maximum " << amount_outs_vec.size() - 1);
- return false;
- }
- transactions_container::const_iterator tx_it = m_transactions.find(amount_outs_vec[i].first);
- CHECK_AND_ASSERT_MES(tx_it != m_transactions.end(), false, "Wrong transaction id in output indexes: " << epee::string_tools::pod_to_hex(amount_outs_vec[i].first));
- CHECK_AND_ASSERT_MES(amount_outs_vec[i].second < tx_it->second.tx.vout.size(), false,
- "Wrong index in transaction outputs: " << amount_outs_vec[i].second << ", expected less then " << tx_it->second.tx.vout.size());
- if(!vis.handle_output(tx_it->second.tx, tx_it->second.tx.vout[amount_outs_vec[i].second]))
- {
- LOG_PRINT_L0("Failed to handle_output for output no = " << count << ", with absolute offset " << i);
- return false;
- }
- if(count++ == absolute_offsets.size()-1 && pmax_related_block_height)
- {
- if(*pmax_related_block_height < tx_it->second.m_keeper_block_height)
- *pmax_related_block_height = tx_it->second.m_keeper_block_height;
- }
- }
-
- return true;
- }
-}
-
-
-
-BOOST_CLASS_VERSION(cryptonote::blockchain_storage, CURRENT_BLOCKCHAIN_STORAGE_ARCHIVE_VER)
diff --git a/src/cryptonote_core/cryptonote_basic.h b/src/cryptonote_core/cryptonote_basic.h
index ed62e26f4..f54b8c2b3 100644
--- a/src/cryptonote_core/cryptonote_basic.h
+++ b/src/cryptonote_core/cryptonote_basic.h
@@ -49,9 +49,7 @@
#include "crypto/hash.h"
#include "misc_language.h"
#include "tx_extra.h"
-
-#define DB_MEMORY 1
-#define DB_LMDB 2
+#include "ringct/rctTypes.h"
namespace cryptonote
{
@@ -175,14 +173,14 @@ namespace cryptonote
BEGIN_SERIALIZE()
VARINT_FIELD(version)
- if(CURRENT_TRANSACTION_VERSION < version) return false;
+ if(version == 0 || CURRENT_TRANSACTION_VERSION < version) return false;
VARINT_FIELD(unlock_time)
FIELD(vin)
FIELD(vout)
FIELD(extra)
END_SERIALIZE()
- protected:
+ public:
transaction_prefix(){}
};
@@ -190,6 +188,7 @@ namespace cryptonote
{
public:
std::vector<std::vector<crypto::signature> > signatures; //count signatures always the same as inputs count
+ rct::rctSig rct_signatures;
transaction();
virtual ~transaction();
@@ -198,34 +197,59 @@ namespace cryptonote
BEGIN_SERIALIZE_OBJECT()
FIELDS(*static_cast<transaction_prefix *>(this))
- ar.tag("signatures");
- ar.begin_array();
- PREPARE_CUSTOM_VECTOR_SERIALIZATION(vin.size(), signatures);
- bool signatures_not_expected = signatures.empty();
- if (!signatures_not_expected && vin.size() != signatures.size())
- return false;
-
- for (size_t i = 0; i < vin.size(); ++i)
+ if (version == 1)
{
- size_t signature_size = get_signature_size(vin[i]);
- if (signatures_not_expected)
+ ar.tag("signatures");
+ ar.begin_array();
+ PREPARE_CUSTOM_VECTOR_SERIALIZATION(vin.size(), signatures);
+ bool signatures_not_expected = signatures.empty();
+ if (!signatures_not_expected && vin.size() != signatures.size())
+ return false;
+
+ for (size_t i = 0; i < vin.size(); ++i)
{
- if (0 == signature_size)
- continue;
- else
+ size_t signature_size = get_signature_size(vin[i]);
+ if (signatures_not_expected)
+ {
+ if (0 == signature_size)
+ continue;
+ else
+ return false;
+ }
+
+ PREPARE_CUSTOM_VECTOR_SERIALIZATION(signature_size, signatures[i]);
+ if (signature_size != signatures[i].size())
return false;
- }
-
- PREPARE_CUSTOM_VECTOR_SERIALIZATION(signature_size, signatures[i]);
- if (signature_size != signatures[i].size())
- return false;
- FIELDS(signatures[i]);
+ FIELDS(signatures[i]);
- if (vin.size() - i > 1)
- ar.delimit_array();
+ if (vin.size() - i > 1)
+ ar.delimit_array();
+ }
+ ar.end_array();
+ }
+ else
+ {
+ FIELD(rct_signatures)
+ switch (rct_signatures.type)
+ {
+ case rct::RCTTypeNull:
+ break;
+ case rct::RCTTypeSimple:
+ if (rct_signatures.mixRing.size() && rct_signatures.mixRing.size() != vin.size())
+ return false;
+ break;
+ case rct::RCTTypeFull:
+ for (size_t i = 0; i < rct_signatures.mixRing.size(); ++i)
+ {
+ if (rct_signatures.mixRing[i].size() != vin.size())
+ return false;
+ }
+ break;
+ default:
+ return false;
+ }
}
- ar.end_array();
END_SERIALIZE()
private:
@@ -248,12 +272,13 @@ namespace cryptonote
inline
void transaction::set_null()
{
- version = 0;
+ version = 1;
unlock_time = 0;
vin.clear();
vout.clear();
extra.clear();
signatures.clear();
+ rct_signatures.type = rct::RCTTypeNull;
}
inline
diff --git a/src/cryptonote_core/cryptonote_boost_serialization.h b/src/cryptonote_core/cryptonote_boost_serialization.h
index 79ceec5bc..c91f78c58 100644
--- a/src/cryptonote_core/cryptonote_boost_serialization.h
+++ b/src/cryptonote_core/cryptonote_boost_serialization.h
@@ -37,9 +37,13 @@
#include <boost/serialization/map.hpp>
#include <boost/foreach.hpp>
#include <boost/serialization/is_bitwise_serializable.hpp>
+#include <boost/archive/binary_iarchive.hpp>
+#include <boost/archive/binary_oarchive.hpp>
#include "cryptonote_basic.h"
#include "common/unordered_containers_boost_serialization.h"
#include "crypto/crypto.h"
+#include "ringct/rctTypes.h"
+#include "ringct/rctOps.h"
//namespace cryptonote {
namespace boost
@@ -140,6 +144,16 @@ namespace boost
template <class Archive>
+ inline void serialize(Archive &a, cryptonote::transaction_prefix &x, const boost::serialization::version_type ver)
+ {
+ a & x.version;
+ a & x.unlock_time;
+ a & x.vin;
+ a & x.vout;
+ a & x.extra;
+ }
+
+ template <class Archive>
inline void serialize(Archive &a, cryptonote::transaction &x, const boost::serialization::version_type ver)
{
a & x.version;
@@ -147,7 +161,10 @@ namespace boost
a & x.vin;
a & x.vout;
a & x.extra;
- a & x.signatures;
+ if (x.version == 1)
+ a & x.signatures;
+ else
+ a & x.rct_signatures;
}
@@ -163,6 +180,107 @@ namespace boost
a & b.miner_tx;
a & b.tx_hashes;
}
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::key &x, const boost::serialization::version_type ver)
+ {
+ a & reinterpret_cast<char (&)[sizeof(rct::key)]>(x);
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::ctkey &x, const boost::serialization::version_type ver)
+ {
+ a & x.dest;
+ a & x.mask;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::rangeSig &x, const boost::serialization::version_type ver)
+ {
+ a & x.asig;
+ a & x.Ci;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::asnlSig &x, const boost::serialization::version_type ver)
+ {
+ a & x.L1;
+ a & x.s2;
+ a & x.s;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::mgSig &x, const boost::serialization::version_type ver)
+ {
+ a & x.ss;
+ a & x.cc;
+ // a & x.II; // not serialized, we can recover it from the tx vin
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::ecdhTuple &x, const boost::serialization::version_type ver)
+ {
+ a & x.mask;
+ a & x.amount;
+ // a & x.senderPk; // not serialized, as we do not use it in monero currently
+ }
+
+ inline void serializeOutPk(boost::archive::binary_iarchive &a, rct::ctkeyV &outPk_, const boost::serialization::version_type ver)
+ {
+ rct::keyV outPk;
+ a & outPk;
+ outPk_.resize(outPk.size());
+ for (size_t n = 0; n < outPk_.size(); ++n)
+ {
+ outPk_[n].dest = rct::identity();
+ outPk_[n].mask = outPk[n];
+ }
+ }
+
+ inline void serializeOutPk(boost::archive::binary_oarchive &a, rct::ctkeyV &outPk_, const boost::serialization::version_type ver)
+ {
+ rct::keyV outPk(outPk_.size());
+ for (size_t n = 0; n < outPk_.size(); ++n)
+ outPk[n] = outPk_[n].mask;
+ a & outPk;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::rctSigBase &x, const boost::serialization::version_type ver)
+ {
+ a & x.type;
+ if (x.type == rct::RCTTypeNull)
+ return;
+ if (x.type != rct::RCTTypeFull && x.type != rct::RCTTypeSimple)
+ throw boost::archive::archive_exception(boost::archive::archive_exception::other_exception, "Unsupported rct type");
+ // a & x.message; message is not serialized, as it can be reconstructed from the tx data
+ // a & x.mixRing; mixRing is not serialized, as it can be reconstructed from the offsets
+ if (x.type == rct::RCTTypeSimple)
+ a & x.pseudoOuts;
+ a & x.ecdhInfo;
+ serializeOutPk(a, x.outPk, ver);
+ a & x.txnFee;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, rct::rctSig &x, const boost::serialization::version_type ver)
+ {
+ a & x.type;
+ if (x.type == rct::RCTTypeNull)
+ return;
+ if (x.type != rct::RCTTypeFull && x.type != rct::RCTTypeSimple)
+ throw boost::archive::archive_exception(boost::archive::archive_exception::other_exception, "Unsupported rct type");
+ // a & x.message; message is not serialized, as it can be reconstructed from the tx data
+ // a & x.mixRing; mixRing is not serialized, as it can be reconstructed from the offsets
+ if (x.type == rct::RCTTypeSimple)
+ a & x.pseudoOuts;
+ a & x.ecdhInfo;
+ serializeOutPk(a, x.outPk, ver);
+ a & x.txnFee;
+ //--------------
+ a & x.p.rangeSigs;
+ a & x.p.MGs;
+ }
}
}
diff --git a/src/cryptonote_core/cryptonote_core.cpp b/src/cryptonote_core/cryptonote_core.cpp
index 26748aceb..511f50616 100644
--- a/src/cryptonote_core/cryptonote_core.cpp
+++ b/src/cryptonote_core/cryptonote_core.cpp
@@ -43,6 +43,7 @@ using namespace epee;
#include "misc_language.h"
#include <csignal>
#include "cryptonote_core/checkpoints.h"
+#include "ringct/rctTypes.h"
#include "blockchain_db/blockchain_db.h"
#include "blockchain_db/lmdb/db_lmdb.h"
#if defined(BERKELEY_DB)
@@ -57,11 +58,7 @@ namespace cryptonote
//-----------------------------------------------------------------------------------------------
core::core(i_cryptonote_protocol* pprotocol):
m_mempool(m_blockchain_storage),
-#if BLOCKCHAIN_DB == DB_LMDB
m_blockchain_storage(m_mempool),
-#else
- m_blockchain_storage(&m_mempool),
-#endif
m_miner(this),
m_miner_address(boost::value_initialized<account_public_address>()),
m_starter_message_showed(false),
@@ -257,7 +254,6 @@ namespace cryptonote
r = m_mempool.init(m_fakechain ? std::string() : m_config_folder);
CHECK_AND_ASSERT_MES(r, false, "Failed to initialize memory pool");
-#if BLOCKCHAIN_DB == DB_LMDB
std::string db_type = command_line::get_arg(vm, command_line::arg_db_type);
std::string db_sync_mode = command_line::get_arg(vm, command_line::arg_db_sync_mode);
bool fast_sync = command_line::get_arg(vm, command_line::arg_fast_block_sync) != 0;
@@ -405,9 +401,6 @@ namespace cryptonote
bool show_time_stats = command_line::get_arg(vm, command_line::arg_show_time_stats) != 0;
m_blockchain_storage.set_show_time_stats(show_time_stats);
-#else
- r = m_blockchain_storage.init(m_config_folder, m_testnet);
-#endif
CHECK_AND_ASSERT_MES(r, false, "Failed to initialize blockchain storage");
// load json & DNS checkpoints, and verify them
@@ -505,6 +498,15 @@ namespace cryptonote
}
//std::cout << "!"<< tx.vin.size() << std::endl;
+ uint8_t version = m_blockchain_storage.get_current_hard_fork_version();
+ const size_t max_tx_version = version == 1 ? 1 : 2;
+ if (tx.version == 0 || tx.version > max_tx_version)
+ {
+ // v2 is the latest one we know
+ tvc.m_verifivation_failed = true;
+ return false;
+ }
+
if(!check_tx_syntax(tx))
{
LOG_PRINT_L1("WRONG TRANSACTION BLOB, Failed to check tx " << tx_hash << " syntax, rejected");
@@ -560,6 +562,14 @@ namespace cryptonote
LOG_PRINT_RED_L1("tx with invalid outputs, rejected for tx id= " << get_transaction_hash(tx));
return false;
}
+ if (tx.version > 1)
+ {
+ if (tx.rct_signatures.outPk.size() != tx.vout.size())
+ {
+ LOG_PRINT_RED_L1("tx with mismatched vout/outPk count, rejected for tx id= " << get_transaction_hash(tx));
+ return false;
+ }
+ }
if(!check_money_overflow(tx))
{
@@ -567,15 +577,19 @@ namespace cryptonote
return false;
}
- uint64_t amount_in = 0;
- get_inputs_money_amount(tx, amount_in);
- uint64_t amount_out = get_outs_money_amount(tx);
-
- if(amount_in <= amount_out)
+ if (tx.version == 1)
{
- LOG_PRINT_RED_L1("tx with wrong amounts: ins " << amount_in << ", outs " << amount_out << ", rejected for tx id= " << get_transaction_hash(tx));
- return false;
+ uint64_t amount_in = 0;
+ get_inputs_money_amount(tx, amount_in);
+ uint64_t amount_out = get_outs_money_amount(tx);
+
+ if(amount_in <= amount_out)
+ {
+ LOG_PRINT_RED_L1("tx with wrong amounts: ins " << amount_in << ", outs " << amount_out << ", rejected for tx id= " << get_transaction_hash(tx));
+ return false;
+ }
}
+ // for version > 1, ringct signatures check verifies amounts match
if(!keeped_by_block && get_object_blobsize(tx) >= m_blockchain_storage.get_current_cumulative_blocksize_limit() - CRYPTONOTE_COINBASE_BLOB_RESERVED_SIZE)
{
@@ -714,6 +728,11 @@ namespace cryptonote
return m_blockchain_storage.get_outs(req, res);
}
//-----------------------------------------------------------------------------------------------
+ bool core::get_random_rct_outs(const COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::request& req, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::response& res) const
+ {
+ return m_blockchain_storage.get_random_rct_outs(req, res);
+ }
+ //-----------------------------------------------------------------------------------------------
bool core::get_tx_outputs_gindexs(const crypto::hash& tx_id, std::vector<uint64_t>& indexs) const
{
return m_blockchain_storage.get_tx_outputs_gindexs(tx_id, indexs);
@@ -780,18 +799,14 @@ namespace cryptonote
//-----------------------------------------------------------------------------------------------
bool core::prepare_handle_incoming_blocks(const std::list<block_complete_entry> &blocks)
{
-#if BLOCKCHAIN_DB == DB_LMDB
m_blockchain_storage.prepare_handle_incoming_blocks(blocks);
-#endif
return true;
}
//-----------------------------------------------------------------------------------------------
bool core::cleanup_handle_incoming_blocks(bool force_sync)
{
-#if BLOCKCHAIN_DB == DB_LMDB
m_blockchain_storage.cleanup_handle_incoming_blocks(force_sync);
-#endif
return true;
}
@@ -918,11 +933,6 @@ namespace cryptonote
m_starter_message_showed = true;
}
-#if BLOCKCHAIN_DB == DB_LMDB
- // m_store_blockchain_interval.do_call(boost::bind(&Blockchain::store_blockchain, &m_blockchain_storage));
-#else
- m_store_blockchain_interval.do_call(boost::bind(&blockchain_storage::store_blockchain, &m_blockchain_storage));
-#endif
m_fork_moaner.do_call(boost::bind(&core::check_fork_time, this));
m_txpool_auto_relayer.do_call(boost::bind(&core::relay_txpool_transactions, this));
m_miner.on_idle();
@@ -932,7 +942,6 @@ namespace cryptonote
//-----------------------------------------------------------------------------------------------
bool core::check_fork_time()
{
-#if BLOCKCHAIN_DB == DB_LMDB
HardFork::State state = m_blockchain_storage.get_hard_fork_state();
switch (state) {
case HardFork::LikelyForked:
@@ -951,7 +960,6 @@ namespace cryptonote
default:
break;
}
-#endif
return true;
}
//-----------------------------------------------------------------------------------------------
diff --git a/src/cryptonote_core/cryptonote_core.h b/src/cryptonote_core/cryptonote_core.h
index 63969bc23..d16bd6553 100644
--- a/src/cryptonote_core/cryptonote_core.h
+++ b/src/cryptonote_core/cryptonote_core.h
@@ -40,11 +40,7 @@
#include "cryptonote_protocol/cryptonote_protocol_handler_common.h"
#include "storages/portable_storage_template_helper.h"
#include "tx_pool.h"
-#if BLOCKCHAIN_DB == DB_LMDB
#include "blockchain.h"
-#else
-#include "blockchain_storage.h"
-#endif
#include "miner.h"
#include "connection_context.h"
#include "cryptonote_core/cryptonote_stat_info.h"
@@ -483,6 +479,14 @@ namespace cryptonote
*/
bool get_outs(const COMMAND_RPC_GET_OUTPUTS::request& req, COMMAND_RPC_GET_OUTPUTS::response& res) const;
+ /**
+ *
+ * @copydoc Blockchain::get_random_rct_outs
+ *
+ * @note see Blockchain::get_random_rct_outs
+ */
+ bool get_random_rct_outs(const COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::request& req, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::response& res) const;
+
/**
* @copydoc miner::pause
@@ -498,7 +502,6 @@ namespace cryptonote
*/
void resume_mine();
-#if BLOCKCHAIN_DB == DB_LMDB
/**
* @brief gets the Blockchain instance
*
@@ -512,10 +515,6 @@ namespace cryptonote
* @return a const reference to the Blockchain instance
*/
const Blockchain& get_blockchain_storage()const{return m_blockchain_storage;}
-#else
- blockchain_storage& get_blockchain_storage(){return m_blockchain_storage;}
- const blockchain_storage& get_blockchain_storage()const{return m_blockchain_storage;}
-#endif
/**
* @copydoc Blockchain::print_blockchain
@@ -765,11 +764,7 @@ namespace cryptonote
uint64_t m_test_drop_download_height = 0; //!< height under which to drop incoming blocks, if doing so
tx_memory_pool m_mempool; //!< transaction pool instance
-#if BLOCKCHAIN_DB == DB_LMDB
Blockchain m_blockchain_storage; //!< Blockchain instance
-#else
- blockchain_storage m_blockchain_storage;
-#endif
i_cryptonote_protocol* m_pprotocol; //!< cryptonote protocol instance
diff --git a/src/cryptonote_core/cryptonote_format_utils.cpp b/src/cryptonote_core/cryptonote_format_utils.cpp
index ff752ae47..32b96f1fc 100644
--- a/src/cryptonote_core/cryptonote_format_utils.cpp
+++ b/src/cryptonote_core/cryptonote_format_utils.cpp
@@ -37,6 +37,7 @@ using namespace epee;
#include "miner.h"
#include "crypto/crypto.h"
#include "crypto/hash.h"
+#include "ringct/rctSigs.h"
#define ENCRYPTED_PAYMENT_ID_TAIL 0x8d
@@ -100,7 +101,7 @@ namespace cryptonote
CHECK_AND_ASSERT_MES(r, false, "Failed to parse transaction from blob");
//TODO: validate tx
- crypto::cn_fast_hash(tx_blob.data(), tx_blob.size(), tx_hash);
+ get_transaction_hash(tx, tx_hash);
get_transaction_prefix_hash(tx, tx_prefix_hash);
return true;
}
@@ -135,7 +136,10 @@ namespace cryptonote
// from hard fork 2, we cut out the low significant digits. This makes the tx smaller, and
// keeps the paid amount almost the same. The unpaid remainder gets pushed back to the
// emission schedule
- if (hard_fork_version >= 2) {
+ // from hard fork 4, we use a single "dusty" output. This makes the tx even smaller,
+ // and avoids the quantization. These outputs will be added as rct outputs with identity
+ // masks, to they can be used as rct inputs.
+ if (hard_fork_version >= 2 && hard_fork_version < 4) {
block_reward = block_reward - block_reward % ::config::BASE_REWARD_CLAMP_THRESHOLD;
}
@@ -145,12 +149,16 @@ namespace cryptonote
[&out_amounts](uint64_t a_dust) { out_amounts.push_back(a_dust); });
CHECK_AND_ASSERT_MES(1 <= max_outs, false, "max_out must be non-zero");
- if (height == 0)
+ if (height == 0 || hard_fork_version >= 4)
{
// the genesis block was not decomposed, for unknown reasons
while (max_outs < out_amounts.size())
{
- out_amounts[out_amounts.size() - 2] += out_amounts.back();
+ //out_amounts[out_amounts.size() - 2] += out_amounts.back();
+ //out_amounts.resize(out_amounts.size() - 1);
+ out_amounts[1] += out_amounts[0];
+ for (size_t n = 1; n < out_amounts.size(); ++n)
+ out_amounts[n - 1] = out_amounts[n];
out_amounts.resize(out_amounts.size() - 1);
}
}
@@ -181,7 +189,11 @@ namespace cryptonote
CHECK_AND_ASSERT_MES(summary_amounts == block_reward, false, "Failed to construct miner tx, summary_amounts = " << summary_amounts << " not equal block_reward = " << block_reward);
- tx.version = CURRENT_TRANSACTION_VERSION;
+ if (hard_fork_version >= 4)
+ tx.version = 2;
+ else
+ tx.version = 1;
+
//lock
tx.unlock_time = height + CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW;
tx.vin.push_back(in);
@@ -252,6 +264,11 @@ namespace cryptonote
//---------------------------------------------------------------
bool get_tx_fee(const transaction& tx, uint64_t & fee)
{
+ if (tx.version > 1)
+ {
+ fee = tx.rct_signatures.txnFee;
+ return true;
+ }
uint64_t amount_in = 0;
uint64_t amount_out = 0;
BOOST_FOREACH(auto& in, tx.vin)
@@ -315,6 +332,11 @@ namespace cryptonote
return pub_key_field.pub_key;
}
//---------------------------------------------------------------
+ crypto::public_key get_tx_pub_key_from_extra(const transaction_prefix& tx_prefix)
+ {
+ return get_tx_pub_key_from_extra(tx_prefix.extra);
+ }
+ //---------------------------------------------------------------
crypto::public_key get_tx_pub_key_from_extra(const transaction& tx)
{
return get_tx_pub_key_from_extra(tx.extra);
@@ -447,13 +469,16 @@ namespace cryptonote
return encrypt_payment_id(payment_id, public_key, secret_key);
}
//---------------------------------------------------------------
- bool construct_tx_and_get_tx_key(const account_keys& sender_account_keys, const std::vector<tx_source_entry>& sources, const std::vector<tx_destination_entry>& destinations, std::vector<uint8_t> extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key)
+ bool construct_tx_and_get_tx_key(const account_keys& sender_account_keys, const std::vector<tx_source_entry>& sources, const std::vector<tx_destination_entry>& destinations, std::vector<uint8_t> extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key, bool rct)
{
+ std::vector<crypto::secret_key> amount_keys;
tx.vin.clear();
tx.vout.clear();
tx.signatures.clear();
+ tx.rct_signatures = rct::rctSig();
+ amount_keys.clear();
- tx.version = CURRENT_TRANSACTION_VERSION;
+ tx.version = rct ? 2 : 1;
tx.unlock_time = unlock_time;
tx.extra = extra;
@@ -509,7 +534,6 @@ namespace cryptonote
};
std::vector<input_generation_context_data> in_contexts;
-
uint64_t summary_inputs_money = 0;
//fill inputs
BOOST_FOREACH(const tx_source_entry& src_entr, sources)
@@ -529,7 +553,7 @@ namespace cryptonote
return false;
//check that derivated key is equal with real output key
- if( !(in_ephemeral.pub == src_entr.outputs[src_entr.real_output].second) )
+ if( !(in_ephemeral.pub == src_entr.outputs[src_entr.real_output].second.dest) )
{
LOG_ERROR("derived public key missmatch with output public key! "<< ENDL << "derived_key:"
<< string_tools::pod_to_hex(in_ephemeral.pub) << ENDL << "real output_public_key:"
@@ -559,12 +583,18 @@ namespace cryptonote
size_t output_index = 0;
BOOST_FOREACH(const tx_destination_entry& dst_entr, shuffled_dsts)
{
- CHECK_AND_ASSERT_MES(dst_entr.amount > 0, false, "Destination with wrong amount: " << dst_entr.amount);
+ CHECK_AND_ASSERT_MES(dst_entr.amount > 0 || tx.version > 1, false, "Destination with wrong amount: " << dst_entr.amount);
crypto::key_derivation derivation;
crypto::public_key out_eph_public_key;
bool r = crypto::generate_key_derivation(dst_entr.addr.m_view_public_key, txkey.sec, derivation);
CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to generate_key_derivation(" << dst_entr.addr.m_view_public_key << ", " << txkey.sec << ")");
+ if (tx.version > 1)
+ {
+ crypto::secret_key scalar1;
+ crypto::derivation_to_scalar(derivation, output_index, scalar1);
+ amount_keys.push_back(scalar1);
+ }
r = crypto::derive_public_key(derivation, output_index, dst_entr.addr.m_spend_public_key, out_eph_public_key);
CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to derive_public_key(" << derivation << ", " << output_index << ", "<< dst_entr.addr.m_spend_public_key << ")");
@@ -586,33 +616,148 @@ namespace cryptonote
}
- //generate ring signatures
- crypto::hash tx_prefix_hash;
- get_transaction_prefix_hash(tx, tx_prefix_hash);
-
- std::stringstream ss_ring_s;
- size_t i = 0;
- BOOST_FOREACH(const tx_source_entry& src_entr, sources)
+ if (tx.version == 1)
{
- ss_ring_s << "pub_keys:" << ENDL;
- std::vector<const crypto::public_key*> keys_ptrs;
- BOOST_FOREACH(const tx_source_entry::output_entry& o, src_entr.outputs)
+ //generate ring signatures
+ crypto::hash tx_prefix_hash;
+ get_transaction_prefix_hash(tx, tx_prefix_hash);
+
+ std::stringstream ss_ring_s;
+ size_t i = 0;
+ BOOST_FOREACH(const tx_source_entry& src_entr, sources)
{
- keys_ptrs.push_back(&o.second);
- ss_ring_s << o.second << ENDL;
+ ss_ring_s << "pub_keys:" << ENDL;
+ std::vector<const crypto::public_key*> keys_ptrs;
+ std::vector<crypto::public_key> keys(src_entr.outputs.size());
+ size_t ii = 0;
+ BOOST_FOREACH(const tx_source_entry::output_entry& o, src_entr.outputs)
+ {
+ keys[ii] = rct2pk(o.second.dest);
+ keys_ptrs.push_back(&keys[ii]);
+ ss_ring_s << o.second.dest << ENDL;
+ ++ii;
+ }
+
+ tx.signatures.push_back(std::vector<crypto::signature>());
+ std::vector<crypto::signature>& sigs = tx.signatures.back();
+ sigs.resize(src_entr.outputs.size());
+ crypto::generate_ring_signature(tx_prefix_hash, boost::get<txin_to_key>(tx.vin[i]).k_image, keys_ptrs, in_contexts[i].in_ephemeral.sec, src_entr.real_output, sigs.data());
+ ss_ring_s << "signatures:" << ENDL;
+ std::for_each(sigs.begin(), sigs.end(), [&](const crypto::signature& s){ss_ring_s << s << ENDL;});
+ ss_ring_s << "prefix_hash:" << tx_prefix_hash << ENDL << "in_ephemeral_key: " << in_contexts[i].in_ephemeral.sec << ENDL << "real_output: " << src_entr.real_output;
+ i++;
}
- tx.signatures.push_back(std::vector<crypto::signature>());
- std::vector<crypto::signature>& sigs = tx.signatures.back();
- sigs.resize(src_entr.outputs.size());
- crypto::generate_ring_signature(tx_prefix_hash, boost::get<txin_to_key>(tx.vin[i]).k_image, keys_ptrs, in_contexts[i].in_ephemeral.sec, src_entr.real_output, sigs.data());
- ss_ring_s << "signatures:" << ENDL;
- std::for_each(sigs.begin(), sigs.end(), [&](const crypto::signature& s){ss_ring_s << s << ENDL;});
- ss_ring_s << "prefix_hash:" << tx_prefix_hash << ENDL << "in_ephemeral_key: " << in_contexts[i].in_ephemeral.sec << ENDL << "real_output: " << src_entr.real_output;
- i++;
+ LOG_PRINT2("construct_tx.log", "transaction_created: " << get_transaction_hash(tx) << ENDL << obj_to_json_str(tx) << ENDL << ss_ring_s.str() , LOG_LEVEL_3);
}
+ else
+ {
+ bool all_rct_inputs = true;
+ size_t n_total_outs = sources[0].outputs.size(); // only for non-simple rct
+ BOOST_FOREACH(const tx_source_entry& src_entr, sources)
+ all_rct_inputs &= !(src_entr.mask == rct::identity());
- LOG_PRINT2("construct_tx.log", "transaction_created: " << get_transaction_hash(tx) << ENDL << obj_to_json_str(tx) << ENDL << ss_ring_s.str() , LOG_LEVEL_3);
+ // the non-simple version is slightly smaller, but assumes all real inputs
+ // are on the same index, so can only be used if there just one ring.
+ bool use_simple_rct = sources.size() > 1;
+
+ if (!use_simple_rct)
+ {
+ // non simple ringct requires all real inputs to be at the same index for all inputs
+ BOOST_FOREACH(const tx_source_entry& src_entr, sources)
+ {
+ if(src_entr.real_output != sources.begin()->real_output)
+ {
+ LOG_ERROR("All inputs must have the same index for non-simple ringct");
+ return false;
+ }
+ }
+
+ // enforce same mixin for all outputs
+ for (size_t i = 1; i < sources.size(); ++i) {
+ if (n_total_outs != sources[i].outputs.size()) {
+ LOG_ERROR("Non-simple ringct transaction has varying mixin");
+ return false;
+ }
+ }
+ }
+
+ uint64_t amount_in = 0, amount_out = 0;
+ rct::ctkeyV inSk;
+ // mixRing indexing is done the other way round for simple
+ rct::ctkeyM mixRing(use_simple_rct ? sources.size() : n_total_outs);
+ rct::keyV destinations;
+ std::vector<uint64_t> inamounts, outamounts;
+ std::vector<unsigned int> index;
+ for (size_t i = 0; i < sources.size(); ++i)
+ {
+ rct::ctkey ctkey;
+ amount_in += sources[i].amount;
+ inamounts.push_back(sources[i].amount);
+ index.push_back(sources[i].real_output);
+ // inSk: (secret key, mask)
+ ctkey.dest = rct::sk2rct(in_contexts[i].in_ephemeral.sec);
+ ctkey.mask = sources[i].mask;
+ inSk.push_back(ctkey);
+ // inPk: (public key, commitment)
+ // will be done when filling in mixRing
+ }
+ for (size_t i = 0; i < tx.vout.size(); ++i)
+ {
+ destinations.push_back(rct::pk2rct(boost::get<txout_to_key>(tx.vout[i].target).key));
+ outamounts.push_back(tx.vout[i].amount);
+ amount_out += tx.vout[i].amount;
+ }
+
+ if (use_simple_rct)
+ {
+ // mixRing indexing is done the other way round for simple
+ for (size_t i = 0; i < sources.size(); ++i)
+ {
+ mixRing[i].resize(sources[i].outputs.size());
+ for (size_t n = 0; n < sources[i].outputs.size(); ++n)
+ {
+ mixRing[i][n] = sources[i].outputs[n].second;
+ }
+ }
+ }
+ else
+ {
+ for (size_t i = 0; i < n_total_outs; ++i) // same index assumption
+ {
+ mixRing[i].resize(sources.size());
+ for (size_t n = 0; n < sources.size(); ++n)
+ {
+ mixRing[i][n] = sources[n].outputs[i].second;
+ }
+ }
+ }
+
+ // fee
+ if (!use_simple_rct && amount_in > amount_out)
+ outamounts.push_back(amount_in - amount_out);
+
+ // zero out all amounts to mask rct outputs, real amounts are now encrypted
+ for (size_t i = 0; i < tx.vin.size(); ++i)
+ {
+ if (sources[i].rct)
+ boost::get<txin_to_key>(tx.vin[i]).amount = 0;
+ }
+ for (size_t i = 0; i < tx.vout.size(); ++i)
+ tx.vout[i].amount = 0;
+
+ crypto::hash tx_prefix_hash;
+ get_transaction_prefix_hash(tx, tx_prefix_hash);
+ rct::ctkeyV outSk;
+ if (use_simple_rct)
+ tx.rct_signatures = rct::genRctSimple(rct::hash2rct(tx_prefix_hash), inSk, destinations, inamounts, outamounts, amount_in - amount_out, mixRing, (const rct::keyV&)amount_keys, index, outSk);
+ else
+ tx.rct_signatures = rct::genRct(rct::hash2rct(tx_prefix_hash), inSk, destinations, outamounts, mixRing, (const rct::keyV&)amount_keys, sources[0].real_output, outSk); // same index assumption
+
+ CHECK_AND_ASSERT_MES(tx.vout.size() == outSk.size(), false, "outSk size does not match vout");
+
+ LOG_PRINT2("construct_tx.log", "transaction_created: " << get_transaction_hash(tx) << ENDL << obj_to_json_str(tx) << ENDL, LOG_LEVEL_3);
+ }
return true;
}
@@ -661,7 +806,10 @@ namespace cryptonote
<< out.target.type().name() << ", expected " << typeid(txout_to_key).name()
<< ", in transaction id=" << get_transaction_hash(tx));
- CHECK_AND_NO_ASSERT_MES(0 < out.amount, false, "zero amount ouput in transaction id=" << get_transaction_hash(tx));
+ if (tx.version == 1)
+ {
+ CHECK_AND_NO_ASSERT_MES(0 < out.amount, false, "zero amount output in transaction id=" << get_transaction_hash(tx));
+ }
if(!check_key(boost::get<txout_to_key>(out.target).key))
return false;
@@ -776,20 +924,49 @@ namespace cryptonote
crypto::hash get_transaction_hash(const transaction& t)
{
crypto::hash h = null_hash;
- size_t blob_size = 0;
- get_object_hash(t, h, blob_size);
+ get_transaction_hash(t, h, NULL);
return h;
}
//---------------------------------------------------------------
bool get_transaction_hash(const transaction& t, crypto::hash& res)
{
- size_t blob_size = 0;
- return get_object_hash(t, res, blob_size);
+ return get_transaction_hash(t, res, NULL);
+ }
+ //---------------------------------------------------------------
+ bool get_transaction_hash(const transaction& t, crypto::hash& res, size_t* blob_size)
+ {
+ // v1 transactions hash the entire blob
+ if (t.version == 1)
+ {
+ size_t ignored_blob_size, &blob_size_ref = blob_size ? *blob_size : ignored_blob_size;
+ return get_object_hash(t, res, blob_size_ref);
+ }
+
+ // v2 transactions hash different parts together, than hash the set of those hashes
+ crypto::hash hashes[3];
+
+ // prefix
+ get_transaction_prefix_hash(t, hashes[0]);
+
+ // base rct data
+ get_blob_hash(t_serializable_object_to_blob((const rct::rctSigBase&)t.rct_signatures), hashes[1]);
+
+ // prunable rct data
+ get_blob_hash(t_serializable_object_to_blob(t.rct_signatures.p), hashes[2]);
+
+ // the tx hash is the hash of the 3 hashes
+ res = cn_fast_hash(hashes, sizeof(hashes));
+
+ // we still need the size
+ if (blob_size)
+ *blob_size = get_object_blobsize(t);
+
+ return true;
}
//---------------------------------------------------------------
bool get_transaction_hash(const transaction& t, crypto::hash& res, size_t& blob_size)
{
- return get_object_hash(t, res, blob_size);
+ return get_transaction_hash(t, res, &blob_size);
}
//---------------------------------------------------------------
blobdata get_block_hashing_blob(const block& b)
diff --git a/src/cryptonote_core/cryptonote_format_utils.h b/src/cryptonote_core/cryptonote_format_utils.h
index 056940e98..e6a3bfba4 100644
--- a/src/cryptonote_core/cryptonote_format_utils.h
+++ b/src/cryptonote_core/cryptonote_format_utils.h
@@ -35,6 +35,7 @@
#include "include_base_utils.h"
#include "crypto/crypto.h"
#include "crypto/hash.h"
+#include "ringct/rctOps.h"
namespace cryptonote
@@ -50,13 +51,17 @@ namespace cryptonote
struct tx_source_entry
{
- typedef std::pair<uint64_t, crypto::public_key> output_entry;
+ typedef std::pair<uint64_t, rct::ctkey> output_entry;
- std::vector<output_entry> outputs; //index + key
+ std::vector<output_entry> outputs; //index + key + optional ringct commitment
size_t real_output; //index in outputs vector of real output_entry
crypto::public_key real_out_tx_key; //incoming real tx public key
size_t real_output_in_tx_index; //index in transaction outputs vector
uint64_t amount; //money
+ bool rct; //true if the output is rct
+ rct::key mask; //ringct amount mask
+
+ void push_output(uint64_t idx, const crypto::public_key &k, uint64_t amount) { outputs.push_back(std::make_pair(idx, rct::ctkey({rct::pk2rct(k), rct::zeroCommit(amount)}))); }
};
struct tx_destination_entry
@@ -70,7 +75,7 @@ namespace cryptonote
//---------------------------------------------------------------
bool construct_tx(const account_keys& sender_account_keys, const std::vector<tx_source_entry>& sources, const std::vector<tx_destination_entry>& destinations, std::vector<uint8_t> extra, transaction& tx, uint64_t unlock_time);
- bool construct_tx_and_get_tx_key(const account_keys& sender_account_keys, const std::vector<tx_source_entry>& sources, const std::vector<tx_destination_entry>& destinations, std::vector<uint8_t> extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &txkey);
+ bool construct_tx_and_get_tx_key(const account_keys& sender_account_keys, const std::vector<tx_source_entry>& sources, const std::vector<tx_destination_entry>& destinations, std::vector<uint8_t> extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key, bool rct = false);
template<typename T>
bool find_tx_extra_field_by_type(const std::vector<tx_extra_field>& tx_extra_fields, T& field)
@@ -85,6 +90,7 @@ namespace cryptonote
bool parse_tx_extra(const std::vector<uint8_t>& tx_extra, std::vector<tx_extra_field>& tx_extra_fields);
crypto::public_key get_tx_pub_key_from_extra(const std::vector<uint8_t>& tx_extra);
+ crypto::public_key get_tx_pub_key_from_extra(const transaction_prefix& tx);
crypto::public_key get_tx_pub_key_from_extra(const transaction& tx);
bool add_tx_pub_key_to_extra(transaction& tx, const crypto::public_key& tx_pub_key);
bool add_extra_nonce_to_tx_extra(std::vector<uint8_t>& tx_extra, const blobdata& extra_nonce);
@@ -106,6 +112,7 @@ namespace cryptonote
crypto::hash get_transaction_hash(const transaction& t);
bool get_transaction_hash(const transaction& t, crypto::hash& res);
bool get_transaction_hash(const transaction& t, crypto::hash& res, size_t& blob_size);
+ bool get_transaction_hash(const transaction& t, crypto::hash& res, size_t* blob_size);
blobdata get_block_hashing_blob(const block& b);
bool get_block_hash(const block& b, crypto::hash& res);
crypto::hash get_block_hash(const block& b);
diff --git a/src/cryptonote_core/tx_pool.cpp b/src/cryptonote_core/tx_pool.cpp
index 3d5ab86e1..46fab4dcf 100644
--- a/src/cryptonote_core/tx_pool.cpp
+++ b/src/cryptonote_core/tx_pool.cpp
@@ -37,11 +37,7 @@
#include "cryptonote_format_utils.h"
#include "cryptonote_boost_serialization.h"
#include "cryptonote_config.h"
-#if BLOCKCHAIN_DB == DB_LMDB
#include "blockchain.h"
-#else
-#include "blockchain_storage.h"
-#endif
#include "common/boost_serialization_helper.h"
#include "common/int-util.h"
#include "misc_language.h"
@@ -74,21 +70,22 @@ namespace cryptonote
}
}
//---------------------------------------------------------------------------------
-#if BLOCKCHAIN_DB == DB_LMDB
//---------------------------------------------------------------------------------
tx_memory_pool::tx_memory_pool(Blockchain& bchs): m_blockchain(bchs)
{
}
-#else
- tx_memory_pool::tx_memory_pool(blockchain_storage& bchs): m_blockchain(bchs)
- {
-
- }
-#endif
//---------------------------------------------------------------------------------
bool tx_memory_pool::add_tx(const transaction &tx, /*const crypto::hash& tx_prefix_hash,*/ const crypto::hash &id, size_t blob_size, tx_verification_context& tvc, bool kept_by_block, bool relayed, uint8_t version)
{
+ if (tx.version == 0)
+ {
+ // v0 never accepted
+ LOG_PRINT_L1("transaction version 0 is invalid");
+ tvc.m_verifivation_failed = true;
+ return false;
+ }
+
// we do not accept transactions that timed out before, unless they're
// kept_by_block
if (!kept_by_block && m_timed_out_transactions.find(id) != m_timed_out_transactions.end())
@@ -106,25 +103,34 @@ namespace cryptonote
return false;
}
- uint64_t inputs_amount = 0;
- if(!get_inputs_money_amount(tx, inputs_amount))
+ // fee per kilobyte, size rounded up.
+ uint64_t fee;
+
+ if (tx.version == 1)
{
- tvc.m_verifivation_failed = true;
- return false;
- }
+ uint64_t inputs_amount = 0;
+ if(!get_inputs_money_amount(tx, inputs_amount))
+ {
+ tvc.m_verifivation_failed = true;
+ return false;
+ }
- uint64_t outputs_amount = get_outs_money_amount(tx);
+ uint64_t outputs_amount = get_outs_money_amount(tx);
+ if(outputs_amount >= inputs_amount)
+ {
+ LOG_PRINT_L1("transaction use more money then it has: use " << print_money(outputs_amount) << ", have " << print_money(inputs_amount));
+ tvc.m_verifivation_failed = true;
+ tvc.m_overspend = true;
+ return false;
+ }
- if(outputs_amount >= inputs_amount)
+ fee = inputs_amount - outputs_amount;
+ }
+ else
{
- LOG_PRINT_L1("transaction use more money then it has: use " << print_money(outputs_amount) << ", have " << print_money(inputs_amount));
- tvc.m_verifivation_failed = true;
- tvc.m_overspend = true;
- return false;
+ fee = tx.rct_signatures.txnFee;
}
- // fee per kilobyte, size rounded up.
- uint64_t fee = inputs_amount - outputs_amount;
uint64_t needed_fee = blob_size / 1024;
needed_fee += (blob_size % 1024) ? 1 : 0;
needed_fee *= FEE_PER_KB;
@@ -161,7 +167,7 @@ namespace cryptonote
if (!m_blockchain.check_tx_outputs(tx, tvc))
{
- LOG_PRINT_L1("Transaction with id= "<< id << " has at least one invalid outout");
+ LOG_PRINT_L1("Transaction with id= "<< id << " has at least one invalid output");
tvc.m_verifivation_failed = true;
tvc.m_invalid_output = true;
return false;
@@ -169,11 +175,9 @@ namespace cryptonote
crypto::hash max_used_block_id = null_hash;
uint64_t max_used_block_height = 0;
-#if BLOCKCHAIN_DB == DB_LMDB
- bool ch_inp_res = m_blockchain.check_tx_inputs(tx, max_used_block_height, max_used_block_id, tvc, kept_by_block);
-#else
- bool ch_inp_res = m_blockchain.check_tx_inputs(tx, max_used_block_height, max_used_block_id);
-#endif
+ tx_details txd;
+ txd.tx = tx;
+ bool ch_inp_res = m_blockchain.check_tx_inputs(txd.tx, max_used_block_height, max_used_block_id, tvc, kept_by_block);
CRITICAL_REGION_LOCAL(m_transactions_lock);
if(!ch_inp_res)
{
@@ -181,11 +185,10 @@ namespace cryptonote
// may become valid again, so ignore the failed inputs check.
if(kept_by_block)
{
- auto txd_p = m_transactions.insert(transactions_container::value_type(id, tx_details()));
+ auto txd_p = m_transactions.insert(transactions_container::value_type(id, txd));
CHECK_AND_ASSERT_MES(txd_p.second, false, "transaction already exists at inserting in memory pool");
txd_p.first->second.blob_size = blob_size;
- txd_p.first->second.tx = tx;
- txd_p.first->second.fee = inputs_amount - outputs_amount;
+ txd_p.first->second.fee = fee;
txd_p.first->second.max_used_block_id = null_hash;
txd_p.first->second.max_used_block_height = 0;
txd_p.first->second.kept_by_block = kept_by_block;
@@ -203,12 +206,11 @@ namespace cryptonote
}else
{
//update transactions container
- auto txd_p = m_transactions.insert(transactions_container::value_type(id, tx_details()));
+ auto txd_p = m_transactions.insert(transactions_container::value_type(id, txd));
CHECK_AND_ASSERT_MES(txd_p.second, false, "intrnal error: transaction already exists at inserting in memorypool");
txd_p.first->second.blob_size = blob_size;
- txd_p.first->second.tx = tx;
txd_p.first->second.kept_by_block = kept_by_block;
- txd_p.first->second.fee = inputs_amount - outputs_amount;
+ txd_p.first->second.fee = fee;
txd_p.first->second.max_used_block_id = max_used_block_id;
txd_p.first->second.max_used_block_height = max_used_block_height;
txd_p.first->second.last_failed_height = 0;
@@ -518,12 +520,8 @@ namespace cryptonote
if(txd.last_failed_id == m_blockchain.get_block_id_by_height(txd.last_failed_height))
return false;
//check ring signature again, it is possible (with very small chance) that this transaction become again valid
-#if BLOCKCHAIN_DB == DB_LMDB
tx_verification_context tvc;
if(!m_blockchain.check_tx_inputs(txd.tx, txd.max_used_block_height, txd.max_used_block_id, tvc))
-#else
- if(!m_blockchain.check_tx_inputs(txd.tx, txd.max_used_block_height, txd.max_used_block_id))
-#endif
{
txd.last_failed_height = m_blockchain.get_current_blockchain_height()-1;
txd.last_failed_id = m_blockchain.get_block_id_by_height(txd.last_failed_height);
@@ -649,6 +647,7 @@ namespace cryptonote
//---------------------------------------------------------------------------------
size_t tx_memory_pool::validate(uint8_t version)
{
+ CRITICAL_REGION_LOCAL(m_transactions_lock);
size_t n_removed = 0;
size_t tx_size_limit = (version < 2 ? TRANSACTION_SIZE_LIMIT_V1 : TRANSACTION_SIZE_LIMIT_V2);
for (auto it = m_transactions.begin(); it != m_transactions.end(); ) {
diff --git a/src/cryptonote_core/tx_pool.h b/src/cryptonote_core/tx_pool.h
index c7aab7f08..0e280872d 100644
--- a/src/cryptonote_core/tx_pool.h
+++ b/src/cryptonote_core/tx_pool.h
@@ -48,11 +48,7 @@
namespace cryptonote
{
-#if BLOCKCHAIN_DB == DB_LMDB
class Blockchain;
-#else
- class blockchain_storage;
-#endif
/************************************************************************/
/* */
/************************************************************************/
@@ -93,16 +89,12 @@ namespace cryptonote
class tx_memory_pool: boost::noncopyable
{
public:
-#if BLOCKCHAIN_DB == DB_LMDB
/**
* @brief Constructor
*
* @param bchs a Blockchain class instance, for getting chain info
*/
tx_memory_pool(Blockchain& bchs);
-#else
- tx_memory_pool(blockchain_storage& bchs);
-#endif
/**
@@ -492,18 +484,7 @@ namespace cryptonote
std::unordered_set<crypto::hash> m_timed_out_transactions;
std::string m_config_folder; //!< the folder to save state to
-#if BLOCKCHAIN_DB == DB_LMDB
Blockchain& m_blockchain; //!< reference to the Blockchain object
-#else
- blockchain_storage& m_blockchain;
-#endif
-
-#if BLOCKCHAIN_DB == DB_LMDB
-#else
-#if defined(DEBUG_CREATE_BLOCK_TEMPLATE)
- friend class blockchain_storage;
-#endif
-#endif
};
}
diff --git a/src/cryptonote_core/verification_context.h b/src/cryptonote_core/verification_context.h
index e58291ea9..0bb635e84 100644
--- a/src/cryptonote_core/verification_context.h
+++ b/src/cryptonote_core/verification_context.h
@@ -47,6 +47,7 @@ namespace cryptonote
bool m_too_big;
bool m_overspend;
bool m_fee_too_low;
+ bool m_not_rct;
};
struct block_verification_context
diff --git a/src/ringct/CMakeLists.txt b/src/ringct/CMakeLists.txt
new file mode 100644
index 000000000..078199bb0
--- /dev/null
+++ b/src/ringct/CMakeLists.txt
@@ -0,0 +1,59 @@
+# Copyright (c) 2016, The Monero Project
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification, are
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this list of
+# conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice, this list
+# of conditions and the following disclaimer in the documentation and/or other
+# materials provided with the distribution.
+#
+# 3. Neither the name of the copyright holder nor the names of its contributors may be
+# used to endorse or promote products derived from this software without specific
+# prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+# THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+set(ringct_sources
+ rctOps.cpp
+ rctSigs.cpp
+ rctTypes.cpp
+ rctCryptoOps.c)
+
+set(ringct_headers)
+
+set(ringct_private_headers
+ rctOps.h
+ rctSigs.h
+ rctTypes.h)
+
+bitmonero_private_headers(ringct
+ ${crypto_private_headers})
+bitmonero_add_library(ringct
+ ${ringct_sources}
+ ${ringct_headers}
+ ${ringct_private_headers})
+target_link_libraries(ringct
+ LINK_PUBLIC
+ common
+ crypto
+ ${Boost_DATE_TIME_LIBRARY}
+ ${Boost_PROGRAM_OPTIONS_LIBRARY}
+ ${Boost_SERIALIZATION_LIBRARY}
+ LINK_PRIVATE
+ ${Boost_FILESYSTEM_LIBRARY}
+ ${Boost_SYSTEM_LIBRARY}
+ ${Boost_THREAD_LIBRARY}
+ ${EXTRA_LIBRARIES})
diff --git a/src/ringct/rctCryptoOps.c b/src/ringct/rctCryptoOps.c
new file mode 100644
index 000000000..9bb9a6891
--- /dev/null
+++ b/src/ringct/rctCryptoOps.c
@@ -0,0 +1,221 @@
+// Copyright (c) 2014-2016, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#include <assert.h>
+#include <stdint.h>
+
+#include "crypto/crypto-ops.h"
+
+//DISABLE_VS_WARNINGS(4146 4244)
+
+void sc_reduce32copy(unsigned char * scopy, const unsigned char *s) {
+ int64_t s0 = 2097151 & load_3(s);
+ int64_t s1 = 2097151 & (load_4(s + 2) >> 5);
+ int64_t s2 = 2097151 & (load_3(s + 5) >> 2);
+ int64_t s3 = 2097151 & (load_4(s + 7) >> 7);
+ int64_t s4 = 2097151 & (load_4(s + 10) >> 4);
+ int64_t s5 = 2097151 & (load_3(s + 13) >> 1);
+ int64_t s6 = 2097151 & (load_4(s + 15) >> 6);
+ int64_t s7 = 2097151 & (load_3(s + 18) >> 3);
+ int64_t s8 = 2097151 & load_3(s + 21);
+ int64_t s9 = 2097151 & (load_4(s + 23) >> 5);
+ int64_t s10 = 2097151 & (load_3(s + 26) >> 2);
+ int64_t s11 = (load_4(s + 28) >> 7);
+ int64_t s12 = 0;
+ int64_t carry0;
+ int64_t carry1;
+ int64_t carry2;
+ int64_t carry3;
+ int64_t carry4;
+ int64_t carry5;
+ int64_t carry6;
+ int64_t carry7;
+ int64_t carry8;
+ int64_t carry9;
+ int64_t carry10;
+ int64_t carry11;
+
+ carry0 = (s0 + (1<<20)) >> 21;
+ s1 += carry0;
+ s0 -= carry0 << 21;
+ carry2 = (s2 + (1<<20)) >> 21;
+ s3 += carry2;
+ s2 -= carry2 << 21;
+ carry4 = (s4 + (1<<20)) >> 21;
+ s5 += carry4;
+ s4 -= carry4 << 21;
+ carry6 = (s6 + (1<<20)) >> 21;
+ s7 += carry6;
+ s6 -= carry6 << 21;
+ carry8 = (s8 + (1<<20)) >> 21;
+ s9 += carry8;
+ s8 -= carry8 << 21;
+ carry10 = (s10 + (1<<20)) >> 21;
+ s11 += carry10;
+ s10 -= carry10 << 21;
+
+ carry1 = (s1 + (1<<20)) >> 21;
+ s2 += carry1;
+ s1 -= carry1 << 21;
+ carry3 = (s3 + (1<<20)) >> 21;
+ s4 += carry3;
+ s3 -= carry3 << 21;
+ carry5 = (s5 + (1<<20)) >> 21;
+ s6 += carry5;
+ s5 -= carry5 << 21;
+ carry7 = (s7 + (1<<20)) >> 21;
+ s8 += carry7;
+ s7 -= carry7 << 21;
+ carry9 = (s9 + (1<<20)) >> 21;
+ s10 += carry9;
+ s9 -= carry9 << 21;
+ carry11 = (s11 + (1<<20)) >> 21;
+ s12 += carry11;
+ s11 -= carry11 << 21;
+
+ s0 += s12 * 666643;
+ s1 += s12 * 470296;
+ s2 += s12 * 654183;
+ s3 -= s12 * 997805;
+ s4 += s12 * 136657;
+ s5 -= s12 * 683901;
+ s12 = 0;
+
+ carry0 = s0 >> 21;
+ s1 += carry0;
+ s0 -= carry0 << 21;
+ carry1 = s1 >> 21;
+ s2 += carry1;
+ s1 -= carry1 << 21;
+ carry2 = s2 >> 21;
+ s3 += carry2;
+ s2 -= carry2 << 21;
+ carry3 = s3 >> 21;
+ s4 += carry3;
+ s3 -= carry3 << 21;
+ carry4 = s4 >> 21;
+ s5 += carry4;
+ s4 -= carry4 << 21;
+ carry5 = s5 >> 21;
+ s6 += carry5;
+ s5 -= carry5 << 21;
+ carry6 = s6 >> 21;
+ s7 += carry6;
+ s6 -= carry6 << 21;
+ carry7 = s7 >> 21;
+ s8 += carry7;
+ s7 -= carry7 << 21;
+ carry8 = s8 >> 21;
+ s9 += carry8;
+ s8 -= carry8 << 21;
+ carry9 = s9 >> 21;
+ s10 += carry9;
+ s9 -= carry9 << 21;
+ carry10 = s10 >> 21;
+ s11 += carry10;
+ s10 -= carry10 << 21;
+ carry11 = s11 >> 21;
+ s12 += carry11;
+ s11 -= carry11 << 21;
+
+ s0 += s12 * 666643;
+ s1 += s12 * 470296;
+ s2 += s12 * 654183;
+ s3 -= s12 * 997805;
+ s4 += s12 * 136657;
+ s5 -= s12 * 683901;
+
+ carry0 = s0 >> 21;
+ s1 += carry0;
+ s0 -= carry0 << 21;
+ carry1 = s1 >> 21;
+ s2 += carry1;
+ s1 -= carry1 << 21;
+ carry2 = s2 >> 21;
+ s3 += carry2;
+ s2 -= carry2 << 21;
+ carry3 = s3 >> 21;
+ s4 += carry3;
+ s3 -= carry3 << 21;
+ carry4 = s4 >> 21;
+ s5 += carry4;
+ s4 -= carry4 << 21;
+ carry5 = s5 >> 21;
+ s6 += carry5;
+ s5 -= carry5 << 21;
+ carry6 = s6 >> 21;
+ s7 += carry6;
+ s6 -= carry6 << 21;
+ carry7 = s7 >> 21;
+ s8 += carry7;
+ s7 -= carry7 << 21;
+ carry8 = s8 >> 21;
+ s9 += carry8;
+ s8 -= carry8 << 21;
+ carry9 = s9 >> 21;
+ s10 += carry9;
+ s9 -= carry9 << 21;
+ carry10 = s10 >> 21;
+ s11 += carry10;
+ s10 -= carry10 << 21;
+
+ scopy[0] = s0 >> 0;
+ scopy[1] = s0 >> 8;
+ scopy[2] = (s0 >> 16) | (s1 << 5);
+ scopy[3] = s1 >> 3;
+ scopy[4] = s1 >> 11;
+ scopy[5] = (s1 >> 19) | (s2 << 2);
+ scopy[6] = s2 >> 6;
+ scopy[7] = (s2 >> 14) | (s3 << 7);
+ scopy[8] = s3 >> 1;
+ scopy[9] = s3 >> 9;
+ scopy[10] = (s3 >> 17) | (s4 << 4);
+ scopy[11] = s4 >> 4;
+ scopy[12] = s4 >> 12;
+ scopy[13] = (s4 >> 20) | (s5 << 1);
+ scopy[14] = s5 >> 7;
+ scopy[15] = (s5 >> 15) | (s6 << 6);
+ scopy[16] = s6 >> 2;
+ scopy[17] = s6 >> 10;
+ scopy[18] = (s6 >> 18) | (s7 << 3);
+ scopy[19] = s7 >> 5;
+ scopy[20] = s7 >> 13;
+ scopy[21] = s8 >> 0;
+ scopy[22] = s8 >> 8;
+ scopy[23] = (s8 >> 16) | (s9 << 5);
+ scopy[24] = s9 >> 3;
+ scopy[25] = s9 >> 11;
+ scopy[26] = (s9 >> 19) | (s10 << 2);
+ scopy[27] = s10 >> 6;
+ scopy[28] = (s10 >> 14) | (s11 << 7);
+ scopy[29] = s11 >> 1;
+ scopy[30] = s11 >> 9;
+ scopy[31] = s11 >> 17;
+}
diff --git a/src/ringct/rctCryptoOps.h b/src/ringct/rctCryptoOps.h
new file mode 100644
index 000000000..58c6964d8
--- /dev/null
+++ b/src/ringct/rctCryptoOps.h
@@ -0,0 +1,37 @@
+// Copyright (c) 2014-2016, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#pragma once
+
+extern "C" {
+#include "crypto/crypto-ops.h"
+}
+
+void sc_reduce32copy(unsigned char * scopy, const unsigned char *s);
diff --git a/src/ringct/rctOps.cpp b/src/ringct/rctOps.cpp
new file mode 100644
index 000000000..488e47ca0
--- /dev/null
+++ b/src/ringct/rctOps.cpp
@@ -0,0 +1,475 @@
+// Copyright (c) 2016, Monero Research Labs
+//
+// Author: Shen Noether <shen.noether@gmx.com>
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "misc_log_ex.h"
+#include "rctOps.h"
+using namespace crypto;
+using namespace std;
+
+namespace rct {
+
+ //Various key initialization functions
+
+ //Creates a zero scalar
+ void zero(key &zero) {
+ memset(&zero, 0, 32);
+ }
+
+ //Creates a zero scalar
+ key zero() {
+ static const key z = { {0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 } };
+ return z;
+ }
+
+ //Creates a zero elliptic curve point
+ void identity(key &Id) {
+ Id[0] = (unsigned char)(0x01);
+ memset(Id.bytes+1, 0, 31);
+ }
+
+ //Creates a zero elliptic curve point
+ key identity() {
+ key Id;
+ Id[0] = (unsigned char)(0x01);
+ memset(Id.bytes+1, 0, 31);
+ return Id;
+ }
+
+ //copies a scalar or point
+ void copy(key &AA, const key &A) {
+ memcpy(&AA, &A, 32);
+ }
+
+ //copies a scalar or point
+ key copy(const key &A) {
+ key AA;
+ memcpy(&AA, &A, 32);
+ return AA;
+ }
+
+
+ //initializes a key matrix;
+ //first parameter is rows,
+ //second is columns
+ keyM keyMInit(int rows, int cols) {
+ keyM rv(cols);
+ int i = 0;
+ for (i = 0 ; i < cols ; i++) {
+ rv[i] = keyV(rows);
+ }
+ return rv;
+ }
+
+
+
+
+ //Various key generation functions
+
+ //generates a random scalar which can be used as a secret key or mask
+ void skGen(key &sk) {
+ sk = crypto::rand<key>();
+ sc_reduce32(sk.bytes);
+ }
+
+ //generates a random scalar which can be used as a secret key or mask
+ key skGen() {
+ key sk = crypto::rand<key>();
+ sc_reduce32(sk.bytes);
+ return sk;
+ }
+
+ //Generates a vector of secret key
+ //Mainly used in testing
+ keyV skvGen(int rows ) {
+ keyV rv(rows);
+ int i = 0;
+ for (i = 0 ; i < rows ; i++) {
+ skGen(rv[i]);
+ }
+ return rv;
+ }
+
+ //generates a random curve point (for testing)
+ key pkGen() {
+ key sk = skGen();
+ key pk = scalarmultBase(sk);
+ return pk;
+ }
+
+ //generates a random secret and corresponding public key
+ void skpkGen(key &sk, key &pk) {
+ skGen(sk);
+ scalarmultBase(pk, sk);
+ }
+
+ //generates a random secret and corresponding public key
+ tuple<key, key> skpkGen() {
+ key sk = skGen();
+ key pk = scalarmultBase(sk);
+ return make_tuple(sk, pk);
+ }
+
+ //generates C =aG + bH from b, a is given..
+ void genC(key & C, const key & a, xmr_amount amount) {
+ key bH = scalarmultH(d2h(amount));
+ addKeys1(C, a, bH);
+ }
+
+ //generates a <secret , public> / Pedersen commitment to the amount
+ tuple<ctkey, ctkey> ctskpkGen(xmr_amount amount) {
+ ctkey sk, pk;
+ skpkGen(sk.dest, pk.dest);
+ skpkGen(sk.mask, pk.mask);
+ key am = d2h(amount);
+ key bH = scalarmultH(am);
+ addKeys(pk.mask, pk.mask, bH);
+ return make_tuple(sk, pk);
+ }
+
+
+ //generates a <secret , public> / Pedersen commitment but takes bH as input
+ tuple<ctkey, ctkey> ctskpkGen(key bH) {
+ ctkey sk, pk;
+ skpkGen(sk.dest, pk.dest);
+ skpkGen(sk.mask, pk.mask);
+ addKeys(pk.mask, pk.mask, bH);
+ return make_tuple(sk, pk);
+ }
+
+ key zeroCommit(xmr_amount amount) {
+ key mask = identity();
+ mask = scalarmultBase(mask);
+ key am = d2h(amount);
+ key bH = scalarmultH(am);
+ addKeys(mask, mask, bH);
+ return mask;
+ }
+
+ key commit(xmr_amount amount, key mask) {
+ mask = scalarmultBase(mask);
+ key am = d2h(amount);
+ key bH = scalarmultH(am);
+ addKeys(mask, mask, bH);
+ return mask;
+ }
+
+ //generates a random uint long long (for testing)
+ xmr_amount randXmrAmount(xmr_amount upperlimit) {
+ return h2d(skGen()) % (upperlimit);
+ }
+
+ //Scalar multiplications of curve points
+
+ //does a * G where a is a scalar and G is the curve basepoint
+ void scalarmultBase(key &aG,const key &a) {
+ ge_p3 point;
+ sc_reduce32copy(aG.bytes, a.bytes); //do this beforehand!
+ ge_scalarmult_base(&point, aG.bytes);
+ ge_p3_tobytes(aG.bytes, &point);
+ }
+
+ //does a * G where a is a scalar and G is the curve basepoint
+ key scalarmultBase(const key & a) {
+ ge_p3 point;
+ key aG;
+ sc_reduce32copy(aG.bytes, a.bytes); //do this beforehand
+ ge_scalarmult_base(&point, aG.bytes);
+ ge_p3_tobytes(aG.bytes, &point);
+ return aG;
+ }
+
+ //does a * P where a is a scalar and P is an arbitrary point
+ void scalarmultKey(key & aP, const key &P, const key &a) {
+ ge_p3 A;
+ ge_p2 R;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&A, P.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_scalarmult(&R, a.bytes, &A);
+ ge_tobytes(aP.bytes, &R);
+ }
+
+ //does a * P where a is a scalar and P is an arbitrary point
+ key scalarmultKey(const key & P, const key & a) {
+ ge_p3 A;
+ ge_p2 R;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&A, P.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_scalarmult(&R, a.bytes, &A);
+ key aP;
+ ge_tobytes(aP.bytes, &R);
+ return aP;
+ }
+
+
+ //Computes aH where H= toPoint(cn_fast_hash(G)), G the basepoint
+ key scalarmultH(const key & a) {
+ ge_p3 A;
+ ge_p2 R;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&A, H.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_scalarmult(&R, a.bytes, &A);
+ key aP;
+ ge_tobytes(aP.bytes, &R);
+ return aP;
+ }
+
+ //Curve addition / subtractions
+
+ //for curve points: AB = A + B
+ void addKeys(key &AB, const key &A, const key &B) {
+ ge_p3 B2, A2;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&B2, B.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&A2, A.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_cached tmp2;
+ ge_p3_to_cached(&tmp2, &B2);
+ ge_p1p1 tmp3;
+ ge_add(&tmp3, &A2, &tmp2);
+ ge_p1p1_to_p3(&A2, &tmp3);
+ ge_p3_tobytes(AB.bytes, &A2);
+ }
+
+
+ //addKeys1
+ //aGB = aG + B where a is a scalar, G is the basepoint, and B is a point
+ void addKeys1(key &aGB, const key &a, const key & B) {
+ key aG = scalarmultBase(a);
+ addKeys(aGB, aG, B);
+ }
+
+ //addKeys2
+ //aGbB = aG + bB where a, b are scalars, G is the basepoint and B is a point
+ void addKeys2(key &aGbB, const key &a, const key &b, const key & B) {
+ ge_p2 rv;
+ ge_p3 B2;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&B2, B.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_double_scalarmult_base_vartime(&rv, b.bytes, &B2, a.bytes);
+ ge_tobytes(aGbB.bytes, &rv);
+ }
+
+ //Does some precomputation to make addKeys3 more efficient
+ // input B a curve point and output a ge_dsmp which has precomputation applied
+ void precomp(ge_dsmp rv, const key & B) {
+ ge_p3 B2;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&B2, B.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_dsm_precomp(rv, &B2);
+ }
+
+ //addKeys3
+ //aAbB = a*A + b*B where a, b are scalars, A, B are curve points
+ //B must be input after applying "precomp"
+ void addKeys3(key &aAbB, const key &a, const key &A, const key &b, const ge_dsmp B) {
+ ge_p2 rv;
+ ge_p3 A2;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&A2, A.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_double_scalarmult_precomp_vartime(&rv, a.bytes, &A2, b.bytes, B);
+ ge_tobytes(aAbB.bytes, &rv);
+ }
+
+
+ //subtract Keys (subtracts curve points)
+ //AB = A - B where A, B are curve points
+ void subKeys(key & AB, const key &A, const key &B) {
+ ge_p3 B2, A2;
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&B2, B.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&A2, A.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_cached tmp2;
+ ge_p3_to_cached(&tmp2, &B2);
+ ge_p1p1 tmp3;
+ ge_sub(&tmp3, &A2, &tmp2);
+ ge_p1p1_to_p3(&A2, &tmp3);
+ ge_p3_tobytes(AB.bytes, &A2);
+ }
+
+ //checks if A, B are equal as curve points
+ //without doing curve operations
+ bool equalKeys(const key & a, const key & b) {
+ bool rv = true;
+ for (int i = 0; i < 32; ++i) {
+ if (a.bytes[i] != b.bytes[i]) {
+ rv = false;
+ }
+ }
+ return rv;
+ }
+
+ //Hashing - cn_fast_hash
+ //be careful these are also in crypto namespace
+ //cn_fast_hash for arbitrary multiples of 32 bytes
+ void cn_fast_hash(key &hash, const void * data, const std::size_t l) {
+ keccak((uint8_t *)data, l, hash.bytes, 32);
+ }
+
+ void hash_to_scalar(key &hash, const void * data, const std::size_t l) {
+ cn_fast_hash(hash, data, l);
+ sc_reduce32(hash.bytes);
+ }
+
+ //cn_fast_hash for a 32 byte key
+ void cn_fast_hash(key & hash, const key & in) {
+ keccak((uint8_t *)in.bytes, 32, hash.bytes, 32);
+ }
+
+ void hash_to_scalar(key & hash, const key & in) {
+ cn_fast_hash(hash, in);
+ sc_reduce32(hash.bytes);
+ }
+
+ //cn_fast_hash for a 32 byte key
+ key cn_fast_hash(const key & in) {
+ key hash;
+ keccak((uint8_t *)in.bytes, 32, hash.bytes, 32);
+ return hash;
+ }
+
+ key hash_to_scalar(const key & in) {
+ key hash = cn_fast_hash(in);
+ sc_reduce32(hash.bytes);
+ return hash;
+ }
+
+ //cn_fast_hash for a 128 byte unsigned char
+ key cn_fast_hash128(const void * in) {
+ key hash;
+ keccak((uint8_t *)in, 128, hash.bytes, 32);
+ return hash;
+ }
+
+ key hash_to_scalar128(const void * in) {
+ key hash = cn_fast_hash128(in);
+ sc_reduce32(hash.bytes);
+ return hash;
+ }
+
+ //cn_fast_hash for multisig purpose
+ //This takes the outputs and commitments
+ //and hashes them into a 32 byte sized key
+ key cn_fast_hash(ctkeyV PC) {
+ key rv = identity();
+ std::size_t l = (std::size_t)PC.size();
+ size_t i = 0, j = 0;
+ vector<char> m(l * 64);
+ for (i = 0 ; i < l ; i++) {
+ memcpy(&m[i * 64], &PC[i].dest, 32);
+ memcpy(&m[i * 64 + 32], &PC[i].mask, 32);
+ }
+ cn_fast_hash(rv, &m[0], 64*l);
+ return rv;
+ }
+
+ key hash_to_scalar(ctkeyV PC) {
+ key rv = cn_fast_hash(PC);
+ sc_reduce32(rv.bytes);
+ return rv;
+ }
+
+ //cn_fast_hash for a key-vector of arbitrary length
+ //this is useful since you take a number of keys
+ //put them in the key vector and it concatenates them
+ //and then hashes them
+ key cn_fast_hash(const keyV &keys) {
+ size_t l = keys.size();
+ vector<unsigned char> m(l * 32);
+ size_t i;
+ for (i = 0 ; i < l ; i++) {
+ memcpy(&m[i * 32], keys[i].bytes, 32);
+ }
+ key rv;
+ cn_fast_hash(rv, &m[0], 32 * l);
+ //dp(rv);
+ return rv;
+ }
+
+ key hash_to_scalar(const keyV &keys) {
+ key rv = cn_fast_hash(keys);
+ sc_reduce32(rv.bytes);
+ return rv;
+ }
+
+ key hashToPointSimple(const key & hh) {
+ key pointk;
+ ge_p1p1 point2;
+ ge_p2 point;
+ ge_p3 res;
+ key h = cn_fast_hash(hh);
+ CHECK_AND_ASSERT_THROW_MES(ge_frombytes_vartime(&res, h.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
+ ge_p3_to_p2(&point, &res);
+ ge_mul8(&point2, &point);
+ ge_p1p1_to_p3(&res, &point2);
+ ge_p3_tobytes(pointk.bytes, &res);
+ return pointk;
+ }
+
+ key hashToPoint(const key & hh) {
+ key pointk;
+ ge_p2 point;
+ ge_p1p1 point2;
+ ge_p3 res;
+ key h = cn_fast_hash(hh);
+ ge_fromfe_frombytes_vartime(&point, h.bytes);
+ ge_mul8(&point2, &point);
+ ge_p1p1_to_p3(&res, &point2);
+ ge_p3_tobytes(pointk.bytes, &res);
+ return pointk;
+ }
+
+ void hashToPoint(key & pointk, const key & hh) {
+ ge_p2 point;
+ ge_p1p1 point2;
+ ge_p3 res;
+ key h = cn_fast_hash(hh);
+ ge_fromfe_frombytes_vartime(&point, h.bytes);
+ ge_mul8(&point2, &point);
+ ge_p1p1_to_p3(&res, &point2);
+ ge_p3_tobytes(pointk.bytes, &res);
+ }
+
+ //sums a vector of curve points (for scalars use sc_add)
+ void sumKeys(key & Csum, const keyV & Cis) {
+ identity(Csum);
+ size_t i = 0;
+ for (i = 0; i < Cis.size(); i++) {
+ addKeys(Csum, Csum, Cis[i]);
+ }
+ }
+
+ //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a
+ // where C= aG + bH
+ void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec) {
+ key sharedSec1 = hash_to_scalar(sharedSec);
+ key sharedSec2 = hash_to_scalar(sharedSec1);
+ //encode
+ sc_add(unmasked.mask.bytes, unmasked.mask.bytes, sharedSec1.bytes);
+ sc_add(unmasked.amount.bytes, unmasked.amount.bytes, sharedSec2.bytes);
+ }
+ void ecdhDecode(ecdhTuple & masked, const key & sharedSec) {
+ key sharedSec1 = hash_to_scalar(sharedSec);
+ key sharedSec2 = hash_to_scalar(sharedSec1);
+ //decode
+ sc_sub(masked.mask.bytes, masked.mask.bytes, sharedSec1.bytes);
+ sc_sub(masked.amount.bytes, masked.amount.bytes, sharedSec2.bytes);
+ }
+}
diff --git a/src/ringct/rctOps.h b/src/ringct/rctOps.h
new file mode 100644
index 000000000..1e71c645d
--- /dev/null
+++ b/src/ringct/rctOps.h
@@ -0,0 +1,171 @@
+//#define DBG
+// Copyright (c) 2016, Monero Research Labs
+//
+// Author: Shen Noether <shen.noether@gmx.com>
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+
+#ifndef RCTOPS_H
+#define RCTOPS_H
+
+#include <cstddef>
+#include <mutex>
+#include <vector>
+#include <tuple>
+
+#include "crypto/generic-ops.h"
+
+extern "C" {
+#include "crypto/random.h"
+#include "crypto/keccak.h"
+#include "rctCryptoOps.h"
+}
+#include "crypto/crypto.h"
+
+#include "rctTypes.h"
+
+//Define this flag when debugging to get additional info on the console
+#ifdef DBG
+#define DP(x) dp(x)
+#else
+#define DP(x)
+#endif
+
+using namespace std;
+using namespace crypto;
+
+namespace rct {
+
+ //Various key initialization functions
+
+ //Creates a zero scalar
+ key zero();
+ void zero(key &z);
+ //Creates a zero elliptic curve point
+ key identity();
+ void identity(key &Id);
+ //copies a scalar or point
+ void copy(key &AA, const key &A);
+ key copy(const key & AA);
+ //initializes a key matrix;
+ //first parameter is rows,
+ //second is columns
+ keyM keyMInit(int, int);
+
+ //Various key generation functions
+
+ //generates a random scalar which can be used as a secret key or mask
+ key skGen();
+ void skGen(key &);
+
+ //generates a vector of secret keys of size "int"
+ keyV skvGen(int );
+
+ //generates a random curve point (for testing)
+ key pkGen();
+ //generates a random secret and corresponding public key
+ void skpkGen(key &sk, key &pk);
+ tuple<key, key> skpkGen();
+ //generates a <secret , public> / Pedersen commitment to the amount
+ tuple<ctkey, ctkey> ctskpkGen(xmr_amount amount);
+ //generates C =aG + bH from b, a is random
+ void genC(key & C, const key & a, xmr_amount amount);
+ //this one is mainly for testing, can take arbitrary amounts..
+ tuple<ctkey, ctkey> ctskpkGen(key bH);
+ // make a pedersen commitment with given key
+ key commit(xmr_amount amount, key mask);
+ // make a pedersen commitment with zero key
+ key zeroCommit(xmr_amount amount);
+ //generates a random uint long long
+ xmr_amount randXmrAmount(xmr_amount upperlimit);
+
+ //Scalar multiplications of curve points
+
+ //does a * G where a is a scalar and G is the curve basepoint
+ void scalarmultBase(key & aG, const key &a);
+ key scalarmultBase(const key & a);
+ //does a * P where a is a scalar and P is an arbitrary point
+ void scalarmultKey(key &aP, const key &P, const key &a);
+ key scalarmultKey(const key &P, const key &a);
+ //Computes aH where H= toPoint(cn_fast_hash(G)), G the basepoint
+ key scalarmultH(const key & a);
+
+ //Curve addition / subtractions
+
+ //for curve points: AB = A + B
+ void addKeys(key &AB, const key &A, const key &B);
+ //aGB = aG + B where a is a scalar, G is the basepoint, and B is a point
+ void addKeys1(key &aGB, const key &a, const key & B);
+ //aGbB = aG + bB where a, b are scalars, G is the basepoint and B is a point
+ void addKeys2(key &aGbB, const key &a, const key &b, const key &B);
+ //Does some precomputation to make addKeys3 more efficient
+ // input B a curve point and output a ge_dsmp which has precomputation applied
+ void precomp(ge_dsmp rv, const key &B);
+ //aAbB = a*A + b*B where a, b are scalars, A, B are curve points
+ //B must be input after applying "precomp"
+ void addKeys3(key &aAbB, const key &a, const key &A, const key &b, const ge_dsmp B);
+ //AB = A - B where A, B are curve points
+ void subKeys(key &AB, const key &A, const key &B);
+ //checks if A, B are equal as curve points
+ bool equalKeys(const key & A, const key & B);
+
+ //Hashing - cn_fast_hash
+ //be careful these are also in crypto namespace
+ //cn_fast_hash for arbitrary l multiples of 32 bytes
+ void cn_fast_hash(key &hash, const void * data, const size_t l);
+ void hash_to_scalar(key &hash, const void * data, const size_t l);
+ //cn_fast_hash for a 32 byte key
+ void cn_fast_hash(key &hash, const key &in);
+ void hash_to_scalar(key &hash, const key &in);
+ //cn_fast_hash for a 32 byte key
+ key cn_fast_hash(const key &in);
+ key hash_to_scalar(const key &in);
+ //for mg sigs
+ key cn_fast_hash128(const void * in);
+ key hash_to_scalar128(const void * in);
+ key cn_fast_hash(ctkeyV PC);
+ key hash_to_scalar(ctkeyV PC);
+ //for mg sigs
+ key cn_fast_hash(const keyV &keys);
+ key hash_to_scalar(const keyV &keys);
+
+ //returns hashToPoint as described in https://github.com/ShenNoether/ge_fromfe_writeup
+ key hashToPointSimple(const key &in);
+ key hashToPoint(const key &in);
+ void hashToPoint(key &out, const key &in);
+
+ //sums a vector of curve points (for scalars use sc_add)
+ void sumKeys(key & Csum, const key &Cis);
+
+ //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a
+ // where C= aG + bH
+ void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec);
+ void ecdhDecode(ecdhTuple & masked, const key & sharedSec);
+}
+#endif /* RCTOPS_H */
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp
new file mode 100644
index 000000000..f4dbd65c5
--- /dev/null
+++ b/src/ringct/rctSigs.cpp
@@ -0,0 +1,875 @@
+// Copyright (c) 2016, Monero Research Labs
+//
+// Author: Shen Noether <shen.noether@gmx.com>
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "misc_log_ex.h"
+#include "rctSigs.h"
+#include "cryptonote_core/cryptonote_format_utils.h"
+
+using namespace crypto;
+using namespace std;
+
+namespace rct {
+
+ //Schnorr Non-linkable
+ //Gen Gives a signature (L1, s1, s2) proving that the sender knows "x" such that xG = one of P1 or P2
+ //Ver Verifies that signer knows an "x" such that xG = one of P1 or P2
+ //These are called in the below ASNL sig generation
+
+ void GenSchnorrNonLinkable(key & L1, key & s1, key & s2, const key & x, const key & P1, const key & P2, int index) {
+ key c1, c2, L2;
+ key a = skGen();
+ if (index == 0) {
+ scalarmultBase(L1, a);
+ hash_to_scalar(c2, L1);
+ skGen(s2);
+ addKeys2(L2, s2, c2, P2);
+ hash_to_scalar(c1, L2);
+ //s1 = a - x * c1
+ sc_mulsub(s1.bytes, x.bytes, c1.bytes, a.bytes);
+ }
+ else if (index == 1) {
+ scalarmultBase(L2, a);
+ hash_to_scalar(c1, L2);
+ skGen(s1);
+ addKeys2(L1, s1, c1, P1);
+ hash_to_scalar(c2, L1);
+ sc_mulsub(s2.bytes, x.bytes, c2.bytes, a.bytes);
+ }
+ else {
+ throw std::runtime_error("GenSchnorrNonLinkable: invalid index (should be 0 or 1)");
+ }
+ }
+
+ //Schnorr Non-linkable
+ //Gen Gives a signature (L1, s1, s2) proving that the sender knows "x" such that xG = one of P1 or P2
+ //Ver Verifies that signer knows an "x" such that xG = one of P1 or P2
+ //These are called in the below ASNL sig generation
+ bool VerSchnorrNonLinkable(const key & P1, const key & P2, const key & L1, const key & s1, const key & s2) {
+ key c2, L2, c1, L1p;
+ hash_to_scalar(c2, L1);
+ addKeys2(L2, s2, c2, P2);
+ hash_to_scalar(c1, L2);
+ addKeys2(L1p, s1, c1, P1);
+
+ return equalKeys(L1, L1p);
+ }
+
+ //Aggregate Schnorr Non-linkable Ring Signature (ASNL)
+ // c.f. http://eprint.iacr.org/2015/1098 section 5.
+ // These are used in range proofs (alternatively Borromean could be used)
+ // Gen gives a signature which proves the signer knows, for each i,
+ // an x[i] such that x[i]G = one of P1[i] or P2[i]
+ // Ver Verifies the signer knows a key for one of P1[i], P2[i] at each i
+ asnlSig GenASNL(key64 x, key64 P1, key64 P2, bits indices) {
+ DP("Generating Aggregate Schnorr Non-linkable Ring Signature\n");
+ key64 s1;
+ int j = 0;
+ asnlSig rv;
+ rv.s = zero();
+ for (j = 0; j < ATOMS; j++) {
+ GenSchnorrNonLinkable(rv.L1[j], s1[j], rv.s2[j], x[j], P1[j], P2[j], (int)indices[j]);
+ sc_add(rv.s.bytes, rv.s.bytes, s1[j].bytes);
+ }
+ return rv;
+ }
+
+ //Aggregate Schnorr Non-linkable Ring Signature (ASNL)
+ // c.f. http://eprint.iacr.org/2015/1098 section 5.
+ // These are used in range proofs (alternatively Borromean could be used)
+ // Gen gives a signature which proves the signer knows, for each i,
+ // an x[i] such that x[i]G = one of P1[i] or P2[i]
+ // Ver Verifies the signer knows a key for one of P1[i], P2[i] at each i
+ bool VerASNL(const key64 P1, const key64 P2, const asnlSig &as) {
+ DP("Verifying Aggregate Schnorr Non-linkable Ring Signature\n");
+ key LHS = identity();
+ key RHS = scalarmultBase(as.s);
+ key c2, L2, c1;
+ int j = 0;
+ for (j = 0; j < ATOMS; j++) {
+ hash_to_scalar(c2, as.L1[j]);
+ addKeys2(L2, as.s2[j], c2, P2[j]);
+ addKeys(LHS, LHS, as.L1[j]);
+ hash_to_scalar(c1, L2);
+ addKeys(RHS, RHS, scalarmultKey(P1[j], c1));
+ }
+ key cc;
+ sc_sub(cc.bytes, LHS.bytes, RHS.bytes);
+ return sc_isnonzero(cc.bytes) == 0;
+ }
+
+ //Multilayered Spontaneous Anonymous Group Signatures (MLSAG signatures)
+ //These are aka MG signatutes in earlier drafts of the ring ct paper
+ // c.f. http://eprint.iacr.org/2015/1098 section 2.
+ // keyImageV just does I[i] = xx[i] * Hash(xx[i] * G) for each i
+ // Gen creates a signature which proves that for some column in the keymatrix "pk"
+ // the signer knows a secret key for each row in that column
+ // Ver verifies that the MG sig was created correctly
+ keyV keyImageV(const keyV &xx) {
+ keyV II(xx.size());
+ size_t i = 0;
+ for (i = 0; i < xx.size(); i++) {
+ II[i] = scalarmultKey(hashToPoint(scalarmultBase(xx[i])), xx[i]);
+ }
+ return II;
+ }
+
+
+ //Multilayered Spontaneous Anonymous Group Signatures (MLSAG signatures)
+ //This is a just slghtly more efficient version than the ones described below
+ //(will be explained in more detail in Ring Multisig paper
+ //These are aka MG signatutes in earlier drafts of the ring ct paper
+ // c.f. http://eprint.iacr.org/2015/1098 section 2.
+ // keyImageV just does I[i] = xx[i] * Hash(xx[i] * G) for each i
+ // Gen creates a signature which proves that for some column in the keymatrix "pk"
+ // the signer knows a secret key for each row in that column
+ // Ver verifies that the MG sig was created correctly
+ mgSig MLSAG_Gen(key message, const keyM & pk, const keyV & xx, const unsigned int index, size_t dsRows) {
+ mgSig rv;
+ size_t cols = pk.size();
+ CHECK_AND_ASSERT_THROW_MES(cols >= 2, "Error! What is c if cols = 1!");
+ CHECK_AND_ASSERT_THROW_MES(index < cols, "Index out of range");
+ size_t rows = pk[0].size();
+ CHECK_AND_ASSERT_THROW_MES(rows >= 1, "Empty pk");
+ for (size_t i = 1; i < cols; ++i) {
+ CHECK_AND_ASSERT_THROW_MES(pk[i].size() == rows, "pk is not rectangular");
+ }
+ CHECK_AND_ASSERT_THROW_MES(xx.size() == rows, "Bad xx size");
+ CHECK_AND_ASSERT_THROW_MES(dsRows <= rows, "Bad dsRows size");
+
+ size_t i = 0, j = 0, ii = 0;
+ key c, c_old, L, R, Hi;
+ sc_0(c_old.bytes);
+ vector<geDsmp> Ip(dsRows);
+ rv.II = keyV(dsRows);
+ keyV alpha(rows);
+ keyV aG(rows);
+ rv.ss = keyM(cols, aG);
+ keyV aHP(dsRows);
+ keyV toHash(1 + 3 * dsRows + 2 * (rows - dsRows));
+ toHash[0] = message;
+ DP("here1");
+ for (i = 0; i < dsRows; i++) {
+ skpkGen(alpha[i], aG[i]); //need to save alphas for later..
+ Hi = hashToPoint(pk[index][i]);
+ aHP[i] = scalarmultKey(Hi, alpha[i]);
+ toHash[3 * i + 1] = pk[index][i];
+ toHash[3 * i + 2] = aG[i];
+ toHash[3 * i + 3] = aHP[i];
+ rv.II[i] = scalarmultKey(Hi, xx[i]);
+ precomp(Ip[i].k, rv.II[i]);
+ }
+ size_t ndsRows = 3 * dsRows; //non Double Spendable Rows (see identity chains paper)
+ for (i = dsRows, ii = 0 ; i < rows ; i++, ii++) {
+ skpkGen(alpha[i], aG[i]); //need to save alphas for later..
+ toHash[ndsRows + 2 * ii + 1] = pk[index][i];
+ toHash[ndsRows + 2 * ii + 2] = aG[i];
+ }
+
+ c_old = hash_to_scalar(toHash);
+
+
+ i = (index + 1) % cols;
+ if (i == 0) {
+ copy(rv.cc, c_old);
+ }
+ while (i != index) {
+
+ rv.ss[i] = skvGen(rows);
+ sc_0(c.bytes);
+ for (j = 0; j < dsRows; j++) {
+ addKeys2(L, rv.ss[i][j], c_old, pk[i][j]);
+ hashToPoint(Hi, pk[i][j]);
+ addKeys3(R, rv.ss[i][j], Hi, c_old, Ip[j].k);
+ toHash[3 * j + 1] = pk[i][j];
+ toHash[3 * j + 2] = L;
+ toHash[3 * j + 3] = R;
+ }
+ for (j = dsRows, ii = 0; j < rows; j++, ii++) {
+ addKeys2(L, rv.ss[i][j], c_old, pk[i][j]);
+ toHash[ndsRows + 2 * ii + 1] = pk[i][j];
+ toHash[ndsRows + 2 * ii + 2] = L;
+ }
+ c = hash_to_scalar(toHash);
+ copy(c_old, c);
+ i = (i + 1) % cols;
+
+ if (i == 0) {
+ copy(rv.cc, c_old);
+ }
+ }
+ for (j = 0; j < rows; j++) {
+ sc_mulsub(rv.ss[index][j].bytes, c.bytes, xx[j].bytes, alpha[j].bytes);
+ }
+ return rv;
+ }
+
+ //Multilayered Spontaneous Anonymous Group Signatures (MLSAG signatures)
+ //This is a just slghtly more efficient version than the ones described below
+ //(will be explained in more detail in Ring Multisig paper
+ //These are aka MG signatutes in earlier drafts of the ring ct paper
+ // c.f. http://eprint.iacr.org/2015/1098 section 2.
+ // keyImageV just does I[i] = xx[i] * Hash(xx[i] * G) for each i
+ // Gen creates a signature which proves that for some column in the keymatrix "pk"
+ // the signer knows a secret key for each row in that column
+ // Ver verifies that the MG sig was created correctly
+ bool MLSAG_Ver(key message, const keyM & pk, const mgSig & rv, size_t dsRows) {
+
+ size_t cols = pk.size();
+ CHECK_AND_ASSERT_MES(cols >= 2, false, "Error! What is c if cols = 1!");
+ size_t rows = pk[0].size();
+ CHECK_AND_ASSERT_MES(rows >= 1, false, "Empty pk");
+ for (size_t i = 1; i < cols; ++i) {
+ CHECK_AND_ASSERT_MES(pk[i].size() == rows, false, "pk is not rectangular");
+ }
+ CHECK_AND_ASSERT_MES(rv.II.size() == dsRows, false, "Bad II size");
+ CHECK_AND_ASSERT_MES(rv.ss.size() == cols, false, "Bad rv.ss size");
+ for (size_t i = 0; i < cols; ++i) {
+ CHECK_AND_ASSERT_MES(rv.ss[i].size() == rows, false, "rv.ss is not rectangular");
+ }
+ CHECK_AND_ASSERT_MES(dsRows <= rows, false, "Bad dsRows value");
+
+ size_t i = 0, j = 0, ii = 0;
+ key c, L, R, Hi;
+ key c_old = copy(rv.cc);
+ vector<geDsmp> Ip(dsRows);
+ for (i = 0 ; i < dsRows ; i++) {
+ precomp(Ip[i].k, rv.II[i]);
+ }
+ size_t ndsRows = 3 * dsRows; //non Double Spendable Rows (see identity chains paper
+ keyV toHash(1 + 3 * dsRows + 2 * (rows - dsRows));
+ toHash[0] = message;
+ i = 0;
+ while (i < cols) {
+ sc_0(c.bytes);
+ for (j = 0; j < dsRows; j++) {
+ addKeys2(L, rv.ss[i][j], c_old, pk[i][j]);
+ hashToPoint(Hi, pk[i][j]);
+ addKeys3(R, rv.ss[i][j], Hi, c_old, Ip[j].k);
+ toHash[3 * j + 1] = pk[i][j];
+ toHash[3 * j + 2] = L;
+ toHash[3 * j + 3] = R;
+ }
+ for (j = dsRows, ii = 0 ; j < rows ; j++, ii++) {
+ addKeys2(L, rv.ss[i][j], c_old, pk[i][j]);
+ toHash[ndsRows + 2 * ii + 1] = pk[i][j];
+ toHash[ndsRows + 2 * ii + 2] = L;
+ }
+ c = hash_to_scalar(toHash);
+ copy(c_old, c);
+ i = (i + 1);
+ }
+ sc_sub(c.bytes, c_old.bytes, rv.cc.bytes);
+ return sc_isnonzero(c.bytes) == 0;
+ }
+
+
+
+ //proveRange and verRange
+ //proveRange gives C, and mask such that \sumCi = C
+ // c.f. http://eprint.iacr.org/2015/1098 section 5.1
+ // and Ci is a commitment to either 0 or 2^i, i=0,...,63
+ // thus this proves that "amount" is in [0, 2^64]
+ // mask is a such that C = aG + bH, and b = amount
+ //verRange verifies that \sum Ci = C and that each Ci is a commitment to 0 or 2^i
+ rangeSig proveRange(key & C, key & mask, const xmr_amount & amount) {
+ sc_0(mask.bytes);
+ identity(C);
+ bits b;
+ d2b(b, amount);
+ rangeSig sig;
+ key64 ai;
+ key64 CiH;
+ int i = 0;
+ for (i = 0; i < ATOMS; i++) {
+ skGen(ai[i]);
+ if (b[i] == 0) {
+ scalarmultBase(sig.Ci[i], ai[i]);
+ }
+ if (b[i] == 1) {
+ addKeys1(sig.Ci[i], ai[i], H2[i]);
+ }
+ subKeys(CiH[i], sig.Ci[i], H2[i]);
+ sc_add(mask.bytes, mask.bytes, ai[i].bytes);
+ addKeys(C, C, sig.Ci[i]);
+ }
+ sig.asig = GenASNL(ai, sig.Ci, CiH, b);
+ return sig;
+ }
+
+ //proveRange and verRange
+ //proveRange gives C, and mask such that \sumCi = C
+ // c.f. http://eprint.iacr.org/2015/1098 section 5.1
+ // and Ci is a commitment to either 0 or 2^i, i=0,...,63
+ // thus this proves that "amount" is in [0, 2^64]
+ // mask is a such that C = aG + bH, and b = amount
+ //verRange verifies that \sum Ci = C and that each Ci is a commitment to 0 or 2^i
+ bool verRange(const key & C, const rangeSig & as) {
+ key64 CiH;
+ int i = 0;
+ key Ctmp = identity();
+ for (i = 0; i < 64; i++) {
+ subKeys(CiH[i], as.Ci[i], H2[i]);
+ addKeys(Ctmp, Ctmp, as.Ci[i]);
+ }
+ if (!equalKeys(C, Ctmp))
+ return false;
+ if (!VerASNL(as.Ci, CiH, as.asig))
+ return false;
+ return true;
+ }
+
+ key get_pre_mlsag_hash(const rctSig &rv)
+ {
+ keyV hashes;
+ hashes.push_back(rv.message);
+ crypto::hash h;
+ cryptonote::get_blob_hash(cryptonote::t_serializable_object_to_blob((const rctSigBase&)rv), h);
+ hashes.push_back(hash2rct(h));
+ keyV kv;
+ for (auto r: rv.p.rangeSigs)
+ {
+ for (size_t n = 0; n < 64; ++n)
+ kv.push_back(r.asig.L1[n]);
+ for (size_t n = 0; n < 64; ++n)
+ kv.push_back(r.asig.s2[n]);
+ kv.push_back(r.asig.s);
+ for (size_t n = 0; n < 64; ++n)
+ kv.push_back(r.Ci[n]);
+ }
+ hashes.push_back(cn_fast_hash(kv));
+
+ return cn_fast_hash(hashes);
+ }
+
+ //Ring-ct MG sigs
+ //Prove:
+ // c.f. http://eprint.iacr.org/2015/1098 section 4. definition 10.
+ // This does the MG sig on the "dest" part of the given key matrix, and
+ // the last row is the sum of input commitments from that column - sum output commitments
+ // this shows that sum inputs = sum outputs
+ //Ver:
+ // verifies the above sig is created corretly
+ mgSig proveRctMG(const key &message, const ctkeyM & pubs, const ctkeyV & inSk, const ctkeyV &outSk, const ctkeyV & outPk, unsigned int index, key txnFeeKey) {
+ mgSig mg;
+ //setup vars
+ size_t cols = pubs.size();
+ CHECK_AND_ASSERT_THROW_MES(cols >= 1, "Empty pubs");
+ size_t rows = pubs[0].size();
+ CHECK_AND_ASSERT_THROW_MES(rows >= 1, "Empty pubs");
+ for (size_t i = 1; i < cols; ++i) {
+ CHECK_AND_ASSERT_THROW_MES(pubs[i].size() == rows, "pubs is not rectangular");
+ }
+ CHECK_AND_ASSERT_THROW_MES(inSk.size() == rows, "Bad inSk size");
+ CHECK_AND_ASSERT_THROW_MES(outSk.size() == outPk.size(), "Bad outSk/outPk size");
+
+ keyV sk(rows + 1);
+ keyV tmp(rows + 1);
+ size_t i = 0, j = 0;
+ for (i = 0; i < rows + 1; i++) {
+ sc_0(sk[i].bytes);
+ identity(tmp[i]);
+ }
+ keyM M(cols, tmp);
+ //create the matrix to mg sig
+ for (i = 0; i < cols; i++) {
+ M[i][rows] = identity();
+ for (j = 0; j < rows; j++) {
+ M[i][j] = pubs[i][j].dest;
+ addKeys(M[i][rows], M[i][rows], pubs[i][j].mask); //add input commitments in last row
+ }
+ }
+ sc_0(sk[rows].bytes);
+ for (j = 0; j < rows; j++) {
+ sk[j] = copy(inSk[j].dest);
+ sc_add(sk[rows].bytes, sk[rows].bytes, inSk[j].mask.bytes); //add masks in last row
+ }
+ for (i = 0; i < cols; i++) {
+ for (size_t j = 0; j < outPk.size(); j++) {
+ subKeys(M[i][rows], M[i][rows], outPk[j].mask); //subtract output Ci's in last row
+ }
+ //subtract txn fee output in last row
+ subKeys(M[i][rows], M[i][rows], txnFeeKey);
+ }
+ for (size_t j = 0; j < outPk.size(); j++) {
+ sc_sub(sk[rows].bytes, sk[rows].bytes, outSk[j].mask.bytes); //subtract output masks in last row..
+ }
+ return MLSAG_Gen(message, M, sk, index, rows);
+ }
+
+
+ //Ring-ct MG sigs Simple
+ // Simple version for when we assume only
+ // post rct inputs
+ // here pubs is a vector of (P, C) length mixin
+ // inSk is x, a_in corresponding to signing index
+ // a_out, Cout is for the output commitment
+ // index is the signing index..
+ mgSig proveRctMGSimple(const key &message, const ctkeyV & pubs, const ctkey & inSk, const key &a , const key &Cout, unsigned int index) {
+ mgSig mg;
+ //setup vars
+ size_t rows = 1;
+ size_t cols = pubs.size();
+ CHECK_AND_ASSERT_THROW_MES(cols >= 1, "Empty pubs");
+ keyV tmp(rows + 1);
+ keyV sk(rows + 1);
+ size_t i;
+ keyM M(cols, tmp);
+ for (i = 0; i < cols; i++) {
+ M[i][0] = pubs[i].dest;
+ subKeys(M[i][1], pubs[i].mask, Cout);
+ sk[0] = copy(inSk.dest);
+ sc_sub(sk[1].bytes, inSk.mask.bytes, a.bytes);
+ }
+ return MLSAG_Gen(message, M, sk, index, rows);
+ }
+
+
+ //Ring-ct MG sigs
+ //Prove:
+ // c.f. http://eprint.iacr.org/2015/1098 section 4. definition 10.
+ // This does the MG sig on the "dest" part of the given key matrix, and
+ // the last row is the sum of input commitments from that column - sum output commitments
+ // this shows that sum inputs = sum outputs
+ //Ver:
+ // verifies the above sig is created corretly
+ bool verRctMG(const mgSig &mg, const ctkeyM & pubs, const ctkeyV & outPk, key txnFeeKey, const key &message) {
+ //setup vars
+ size_t cols = pubs.size();
+ CHECK_AND_ASSERT_MES(cols >= 1, false, "Empty pubs");
+ size_t rows = pubs[0].size();
+ CHECK_AND_ASSERT_MES(rows >= 1, false, "Empty pubs");
+ for (size_t i = 1; i < cols; ++i) {
+ CHECK_AND_ASSERT_MES(pubs[i].size() == rows, false, "pubs is not rectangular");
+ }
+
+ keyV tmp(rows + 1);
+ size_t i = 0, j = 0;
+ for (i = 0; i < rows + 1; i++) {
+ identity(tmp[i]);
+ }
+ keyM M(cols, tmp);
+
+ //create the matrix to mg sig
+ for (j = 0; j < rows; j++) {
+ for (i = 0; i < cols; i++) {
+ M[i][j] = pubs[i][j].dest;
+ addKeys(M[i][rows], M[i][rows], pubs[i][j].mask); //add Ci in last row
+ }
+ }
+ for (i = 0; i < cols; i++) {
+ for (j = 0; j < outPk.size(); j++) {
+ subKeys(M[i][rows], M[i][rows], outPk[j].mask); //subtract output Ci's in last row
+ }
+ //subtract txn fee output in last row
+ subKeys(M[i][rows], M[i][rows], txnFeeKey);
+ }
+ return MLSAG_Ver(message, M, mg, rows);
+ }
+
+ //Ring-ct Simple MG sigs
+ //Ver:
+ //This does a simplified version, assuming only post Rct
+ //inputs
+ bool verRctMGSimple(const key &message, const mgSig &mg, const ctkeyV & pubs, const key & C) {
+ //setup vars
+ size_t rows = 1;
+ size_t cols = pubs.size();
+ CHECK_AND_ASSERT_MES(cols >= 1, false, "Empty pubs");
+ keyV tmp(rows + 1);
+ size_t i;
+ keyM M(cols, tmp);
+ //create the matrix to mg sig
+ for (i = 0; i < cols; i++) {
+ M[i][0] = pubs[i].dest;
+ subKeys(M[i][1], pubs[i].mask, C);
+ }
+ //DP(C);
+ return MLSAG_Ver(message, M, mg, rows);
+ }
+
+ //These functions get keys from blockchain
+ //replace these when connecting blockchain
+ //getKeyFromBlockchain grabs a key from the blockchain at "reference_index" to mix with
+ //populateFromBlockchain creates a keymatrix with "mixin" columns and one of the columns is inPk
+ // the return value are the key matrix, and the index where inPk was put (random).
+ void getKeyFromBlockchain(ctkey & a, size_t reference_index) {
+ a.mask = pkGen();
+ a.dest = pkGen();
+ }
+
+ //These functions get keys from blockchain
+ //replace these when connecting blockchain
+ //getKeyFromBlockchain grabs a key from the blockchain at "reference_index" to mix with
+ //populateFromBlockchain creates a keymatrix with "mixin" + 1 columns and one of the columns is inPk
+ // the return value are the key matrix, and the index where inPk was put (random).
+ tuple<ctkeyM, xmr_amount> populateFromBlockchain(ctkeyV inPk, int mixin) {
+ int rows = inPk.size();
+ ctkeyM rv(mixin + 1, inPk);
+ int index = randXmrAmount(mixin);
+ int i = 0, j = 0;
+ for (i = 0; i <= mixin; i++) {
+ if (i != index) {
+ for (j = 0; j < rows; j++) {
+ getKeyFromBlockchain(rv[i][j], (size_t)randXmrAmount);
+ }
+ }
+ }
+ return make_tuple(rv, index);
+ }
+
+ //These functions get keys from blockchain
+ //replace these when connecting blockchain
+ //getKeyFromBlockchain grabs a key from the blockchain at "reference_index" to mix with
+ //populateFromBlockchain creates a keymatrix with "mixin" columns and one of the columns is inPk
+ // the return value are the key matrix, and the index where inPk was put (random).
+ xmr_amount populateFromBlockchainSimple(ctkeyV & mixRing, const ctkey & inPk, int mixin) {
+ int index = randXmrAmount(mixin);
+ int i = 0;
+ for (i = 0; i <= mixin; i++) {
+ if (i != index) {
+ getKeyFromBlockchain(mixRing[i], (size_t)randXmrAmount(1000));
+ } else {
+ mixRing[i] = inPk;
+ }
+ }
+ return index;
+ }
+
+ //RingCT protocol
+ //genRct:
+ // creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the
+ // columns that are claimed as inputs, and that the sum of inputs = sum of outputs.
+ // Also contains masked "amount" and "mask" so the receiver can see how much they received
+ //verRct:
+ // verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct
+ //decodeRct: (c.f. http://eprint.iacr.org/2015/1098 section 5.1.1)
+ // uses the attached ecdh info to find the amounts represented by each output commitment
+ // must know the destination private key to find the correct amount, else will return a random number
+ // Note: For txn fees, the last index in the amounts vector should contain that
+ // Thus the amounts vector will be "one" longer than the destinations vectort
+ rctSig genRct(const key &message, const ctkeyV & inSk, const keyV & destinations, const vector<xmr_amount> & amounts, const ctkeyM &mixRing, const keyV &amount_keys, unsigned int index, ctkeyV &outSk) {
+ CHECK_AND_ASSERT_THROW_MES(amounts.size() == destinations.size() || amounts.size() == destinations.size() + 1, "Different number of amounts/destinations");
+ CHECK_AND_ASSERT_THROW_MES(index < mixRing.size(), "Bad index into mixRing");
+ for (size_t n = 0; n < mixRing.size(); ++n) {
+ CHECK_AND_ASSERT_THROW_MES(mixRing[n].size() == inSk.size(), "Bad mixRing size");
+ }
+
+ rctSig rv;
+ rv.type = RCTTypeFull;
+ rv.message = message;
+ rv.outPk.resize(destinations.size());
+ rv.p.rangeSigs.resize(destinations.size());
+ rv.ecdhInfo.resize(destinations.size());
+
+ size_t i = 0;
+ keyV masks(destinations.size()); //sk mask..
+ outSk.resize(destinations.size());
+ for (i = 0; i < destinations.size(); i++) {
+ //add destination to sig
+ rv.outPk[i].dest = copy(destinations[i]);
+ //compute range proof
+ rv.p.rangeSigs[i] = proveRange(rv.outPk[i].mask, outSk[i].mask, amounts[i]);
+ #ifdef DBG
+ CHECK_AND_ASSERT_THROW_MES(verRange(rv.outPk[i].mask, rv.p.rangeSigs[i]), "verRange failed on newly created proof");
+ #endif
+
+ //mask amount and mask
+ rv.ecdhInfo[i].mask = copy(outSk[i].mask);
+ rv.ecdhInfo[i].amount = d2h(amounts[i]);
+ ecdhEncode(rv.ecdhInfo[i], amount_keys[i]);
+
+ }
+
+ //set txn fee
+ if (amounts.size() > destinations.size())
+ {
+ rv.txnFee = amounts[destinations.size()];
+ }
+ else
+ {
+ rv.txnFee = 0;
+ }
+ key txnFeeKey = scalarmultH(d2h(rv.txnFee));
+
+ rv.mixRing = mixRing;
+ rv.p.MGs.push_back(proveRctMG(get_pre_mlsag_hash(rv), rv.mixRing, inSk, outSk, rv.outPk, index, txnFeeKey));
+ return rv;
+ }
+
+ rctSig genRct(const key &message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const vector<xmr_amount> & amounts, const keyV &amount_keys, const int mixin) {
+ unsigned int index;
+ ctkeyM mixRing;
+ ctkeyV outSk;
+ tie(mixRing, index) = populateFromBlockchain(inPk, mixin);
+ return genRct(message, inSk, destinations, amounts, mixRing, amount_keys, index, outSk);
+ }
+
+ //RCT simple
+ //for post-rct only
+ rctSig genRctSimple(const key &message, const ctkeyV & inSk, const keyV & destinations, const vector<xmr_amount> &inamounts, const vector<xmr_amount> &outamounts, xmr_amount txnFee, const ctkeyM & mixRing, const keyV &amount_keys, const std::vector<unsigned int> & index, ctkeyV &outSk) {
+ CHECK_AND_ASSERT_THROW_MES(inamounts.size() > 0, "Empty inamounts");
+ CHECK_AND_ASSERT_THROW_MES(inamounts.size() == inSk.size(), "Different number of inamounts/inSk");
+ CHECK_AND_ASSERT_THROW_MES(outamounts.size() == destinations.size(), "Different number of amounts/destinations");
+ CHECK_AND_ASSERT_THROW_MES(index.size() == inSk.size(), "Different number of index/inSk");
+ CHECK_AND_ASSERT_THROW_MES(mixRing.size() == inSk.size(), "Different number of mixRing/inSk");
+ for (size_t n = 0; n < mixRing.size(); ++n) {
+ CHECK_AND_ASSERT_THROW_MES(index[n] < mixRing[n].size(), "Bad index into mixRing");
+ }
+
+ rctSig rv;
+ rv.type = RCTTypeSimple;
+ rv.message = message;
+ rv.outPk.resize(destinations.size());
+ rv.p.rangeSigs.resize(destinations.size());
+ rv.ecdhInfo.resize(destinations.size());
+
+ size_t i;
+ keyV masks(destinations.size()); //sk mask..
+ outSk.resize(destinations.size());
+ key sumout = zero();
+ for (i = 0; i < destinations.size(); i++) {
+
+ //add destination to sig
+ rv.outPk[i].dest = copy(destinations[i]);
+ //compute range proof
+ rv.p.rangeSigs[i] = proveRange(rv.outPk[i].mask, outSk[i].mask, outamounts[i]);
+ #ifdef DBG
+ verRange(rv.outPk[i].mask, rv.p.rangeSigs[i]);
+ #endif
+
+ sc_add(sumout.bytes, outSk[i].mask.bytes, sumout.bytes);
+
+ //mask amount and mask
+ rv.ecdhInfo[i].mask = copy(outSk[i].mask);
+ rv.ecdhInfo[i].amount = d2h(outamounts[i]);
+ ecdhEncode(rv.ecdhInfo[i], amount_keys[i]);
+ }
+
+ //set txn fee
+ rv.txnFee = txnFee;
+// TODO: unused ??
+// key txnFeeKey = scalarmultH(d2h(rv.txnFee));
+ rv.mixRing = mixRing;
+ rv.pseudoOuts.resize(inamounts.size());
+ rv.p.MGs.resize(inamounts.size());
+ key sumpouts = zero(); //sum pseudoOut masks
+ keyV a(inamounts.size());
+ for (i = 0 ; i < inamounts.size() - 1; i++) {
+ skGen(a[i]);
+ sc_add(sumpouts.bytes, a[i].bytes, sumpouts.bytes);
+ genC(rv.pseudoOuts[i], a[i], inamounts[i]);
+ }
+ rv.mixRing = mixRing;
+ sc_sub(a[i].bytes, sumout.bytes, sumpouts.bytes);
+ genC(rv.pseudoOuts[i], a[i], inamounts[i]);
+ DP(rv.pseudoOuts[i]);
+
+ key full_message = get_pre_mlsag_hash(rv);
+ for (i = 0 ; i < inamounts.size(); i++) {
+ rv.p.MGs[i] = proveRctMGSimple(full_message, rv.mixRing[i], inSk[i], a[i], rv.pseudoOuts[i], index[i]);
+ }
+ return rv;
+ }
+
+ rctSig genRctSimple(const key &message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const vector<xmr_amount> &inamounts, const vector<xmr_amount> &outamounts, const keyV &amount_keys, xmr_amount txnFee, unsigned int mixin) {
+ std::vector<unsigned int> index;
+ index.resize(inPk.size());
+ ctkeyM mixRing;
+ ctkeyV outSk;
+ mixRing.resize(inPk.size());
+ for (size_t i = 0; i < inPk.size(); ++i) {
+ mixRing[i].resize(mixin+1);
+ index[i] = populateFromBlockchainSimple(mixRing[i], inPk[i], mixin);
+ }
+ return genRctSimple(message, inSk, destinations, inamounts, outamounts, txnFee, mixRing, amount_keys, index, outSk);
+ }
+
+ //RingCT protocol
+ //genRct:
+ // creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the
+ // columns that are claimed as inputs, and that the sum of inputs = sum of outputs.
+ // Also contains masked "amount" and "mask" so the receiver can see how much they received
+ //verRct:
+ // verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct
+ //decodeRct: (c.f. http://eprint.iacr.org/2015/1098 section 5.1.1)
+ // uses the attached ecdh info to find the amounts represented by each output commitment
+ // must know the destination private key to find the correct amount, else will return a random number
+ bool verRct(const rctSig & rv) {
+ CHECK_AND_ASSERT_MES(rv.type == RCTTypeFull, false, "verRct called on non-full rctSig");
+ CHECK_AND_ASSERT_MES(rv.outPk.size() == rv.p.rangeSigs.size(), false, "Mismatched sizes of outPk and rv.p.rangeSigs");
+ CHECK_AND_ASSERT_MES(rv.outPk.size() == rv.ecdhInfo.size(), false, "Mismatched sizes of outPk and rv.ecdhInfo");
+ CHECK_AND_ASSERT_MES(rv.p.MGs.size() == 1, false, "full rctSig has not one MG");
+
+ // some rct ops can throw
+ try
+ {
+ size_t i = 0;
+ bool tmp;
+ DP("range proofs verified?");
+ for (i = 0; i < rv.outPk.size(); i++) {
+ tmp = verRange(rv.outPk[i].mask, rv.p.rangeSigs[i]);
+ DP(tmp);
+ if (!tmp) {
+ LOG_ERROR("Range proof verification failed for input " << i);
+ return false;
+ }
+ }
+ //compute txn fee
+ key txnFeeKey = scalarmultH(d2h(rv.txnFee));
+ bool mgVerd = verRctMG(rv.p.MGs[0], rv.mixRing, rv.outPk, txnFeeKey, get_pre_mlsag_hash(rv));
+ DP("mg sig verified?");
+ DP(mgVerd);
+ if (!mgVerd) {
+ LOG_ERROR("MG signature verification failed");
+ return false;
+ }
+
+ return true;
+ }
+ catch(...)
+ {
+ return false;
+ }
+ }
+
+ //ver RingCT simple
+ //assumes only post-rct style inputs (at least for max anonymity)
+ bool verRctSimple(const rctSig & rv) {
+ size_t i = 0;
+
+ CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple, false, "verRctSimple called on non simple rctSig");
+ CHECK_AND_ASSERT_MES(rv.outPk.size() == rv.p.rangeSigs.size(), false, "Mismatched sizes of outPk and rv.p.rangeSigs");
+ CHECK_AND_ASSERT_MES(rv.outPk.size() == rv.ecdhInfo.size(), false, "Mismatched sizes of outPk and rv.ecdhInfo");
+ CHECK_AND_ASSERT_MES(rv.pseudoOuts.size() == rv.p.MGs.size(), false, "Mismatched sizes of rv.pseudoOuts and rv.p.MGs");
+ CHECK_AND_ASSERT_MES(rv.pseudoOuts.size() == rv.mixRing.size(), false, "Mismatched sizes of rv.pseudoOuts and mixRing");
+
+ key sumOutpks = identity();
+ for (i = 0; i < rv.outPk.size(); i++) {
+ if (!verRange(rv.outPk[i].mask, rv.p.rangeSigs[i])) {
+ LOG_ERROR("Range proof verified failed for input " << i);
+ return false;
+ }
+ addKeys(sumOutpks, sumOutpks, rv.outPk[i].mask);
+ }
+ DP(sumOutpks);
+ key txnFeeKey = scalarmultH(d2h(rv.txnFee));
+ addKeys(sumOutpks, txnFeeKey, sumOutpks);
+
+ bool tmpb = false;
+ key message = get_pre_mlsag_hash(rv);
+ key sumPseudoOuts = identity();
+ for (i = 0 ; i < rv.mixRing.size() ; i++) {
+ tmpb = verRctMGSimple(message, rv.p.MGs[i], rv.mixRing[i], rv.pseudoOuts[i]);
+ addKeys(sumPseudoOuts, sumPseudoOuts, rv.pseudoOuts[i]);
+ DP(tmpb);
+ if (!tmpb) {
+ LOG_ERROR("verRctMGSimple failed for input " << i);
+ return false;
+ }
+ }
+ DP(sumPseudoOuts);
+
+ //check pseudoOuts vs Outs..
+ if (!equalKeys(sumPseudoOuts, sumOutpks)) {
+ LOG_ERROR("Sum check failed");
+ return false;
+ }
+
+ return true;
+ }
+
+ //RingCT protocol
+ //genRct:
+ // creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the
+ // columns that are claimed as inputs, and that the sum of inputs = sum of outputs.
+ // Also contains masked "amount" and "mask" so the receiver can see how much they received
+ //verRct:
+ // verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct
+ //decodeRct: (c.f. http://eprint.iacr.org/2015/1098 section 5.1.1)
+ // uses the attached ecdh info to find the amounts represented by each output commitment
+ // must know the destination private key to find the correct amount, else will return a random number
+ xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask) {
+ CHECK_AND_ASSERT_MES(rv.type == RCTTypeFull, false, "decodeRct called on non-full rctSig");
+ CHECK_AND_ASSERT_THROW_MES(rv.p.rangeSigs.size() > 0, "Empty rv.p.rangeSigs");
+ CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.p.rangeSigs.size(), "Mismatched sizes of rv.outPk and rv.p.rangeSigs");
+ CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index");
+
+ //mask amount and mask
+ ecdhTuple ecdh_info = rv.ecdhInfo[i];
+ ecdhDecode(ecdh_info, sk);
+ mask = ecdh_info.mask;
+ key amount = ecdh_info.amount;
+ key C = rv.outPk[i].mask;
+ DP("C");
+ DP(C);
+ key Ctmp;
+ addKeys2(Ctmp, mask, amount, H);
+ DP("Ctmp");
+ DP(Ctmp);
+ if (equalKeys(C, Ctmp) == false) {
+ CHECK_AND_ASSERT_THROW_MES(false, "warning, amount decoded incorrectly, will be unable to spend");
+ }
+ return h2d(amount);
+ }
+
+ xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i) {
+ key mask;
+ return decodeRct(rv, sk, i, mask);
+ }
+
+ xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask) {
+ CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple, false, "decodeRct called on non simple rctSig");
+ CHECK_AND_ASSERT_THROW_MES(rv.p.rangeSigs.size() > 0, "Empty rv.p.rangeSigs");
+ CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.p.rangeSigs.size(), "Mismatched sizes of rv.outPk and rv.p.rangeSigs");
+ CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index");
+
+ //mask amount and mask
+ ecdhTuple ecdh_info = rv.ecdhInfo[i];
+ ecdhDecode(ecdh_info, sk);
+ mask = ecdh_info.mask;
+ key amount = ecdh_info.amount;
+ key C = rv.outPk[i].mask;
+ DP("C");
+ DP(C);
+ key Ctmp;
+ addKeys2(Ctmp, mask, amount, H);
+ DP("Ctmp");
+ DP(Ctmp);
+ if (equalKeys(C, Ctmp) == false) {
+ CHECK_AND_ASSERT_THROW_MES(false, "warning, amount decoded incorrectly, will be unable to spend");
+ }
+ return h2d(amount);
+ }
+
+ xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i) {
+ key mask;
+ return decodeRctSimple(rv, sk, i, mask);
+ }
+}
diff --git a/src/ringct/rctSigs.h b/src/ringct/rctSigs.h
new file mode 100644
index 000000000..f1c906d5e
--- /dev/null
+++ b/src/ringct/rctSigs.h
@@ -0,0 +1,150 @@
+// Copyright (c) 2016, Monero Research Labs
+//
+// Author: Shen Noether <shen.noether@gmx.com>
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+
+//#define DBG
+
+#ifndef RCTSIGS_H
+#define RCTSIGS_H
+
+#include <cstddef>
+#include <mutex>
+#include <vector>
+#include <tuple>
+
+#include "crypto/generic-ops.h"
+
+extern "C" {
+#include "crypto/random.h"
+#include "crypto/keccak.h"
+}
+#include "crypto/crypto.h"
+
+
+#include "rctTypes.h"
+#include "rctOps.h"
+
+//Define this flag when debugging to get additional info on the console
+#ifdef DBG
+#define DP(x) dp(x)
+#else
+#define DP(x)
+#endif
+
+
+
+using namespace std;
+using namespace crypto;
+
+namespace rct {
+
+ //Schnorr Non-linkable
+ //Gen Gives a signature (L1, s1, s2) proving that the sender knows "x" such that xG = one of P1 or P2
+ //Ver Verifies that signer knows an "x" such that xG = one of P1 or P2
+ //These are called in the below ASNL sig generation
+ void GenSchnorrNonLinkable(key & L1, key & s1, key & s2, const key & x, const key & P1, const key & P2, int index);
+ bool VerSchnorrNonLinkable(const key & P1, const key & P2, const key & L1, const key & s1, const key & s2);
+
+ //Aggregate Schnorr Non-linkable Ring Signature (ASNL)
+ // c.f. http://eprint.iacr.org/2015/1098 section 5.
+ // These are used in range proofs (alternatively Borromean could be used)
+ // Gen gives a signature which proves the signer knows, for each i,
+ // an x[i] such that x[i]G = one of P1[i] or P2[i]
+ // Ver Verifies the signer knows a key for one of P1[i], P2[i] at each i
+ asnlSig GenASNL(key64 x, key64 P1, key64 P2, bits indices);
+ bool VerASNL(const key64 P1, const key64 P2, const asnlSig &as);
+
+ //Multilayered Spontaneous Anonymous Group Signatures (MLSAG signatures)
+ //These are aka MG signatutes in earlier drafts of the ring ct paper
+ // c.f. http://eprint.iacr.org/2015/1098 section 2.
+ // keyImageV just does I[i] = xx[i] * HashToPoint(xx[i] * G) for each i
+ // Gen creates a signature which proves that for some column in the keymatrix "pk"
+ // the signer knows a secret key for each row in that column
+ // Ver verifies that the MG sig was created correctly
+ keyV keyImageV(const keyV &xx);
+ mgSig MLSAG_Gen(key message, const keyM & pk, const keyV & xx, const unsigned int index, size_t dsRows);
+ bool MLSAG_Ver(key message, const keyM &pk, const mgSig &sig, size_t dsRows);
+ //mgSig MLSAG_Gen_Old(const keyM & pk, const keyV & xx, const int index);
+
+ //proveRange and verRange
+ //proveRange gives C, and mask such that \sumCi = C
+ // c.f. http://eprint.iacr.org/2015/1098 section 5.1
+ // and Ci is a commitment to either 0 or 2^i, i=0,...,63
+ // thus this proves that "amount" is in [0, 2^64]
+ // mask is a such that C = aG + bH, and b = amount
+ //verRange verifies that \sum Ci = C and that each Ci is a commitment to 0 or 2^i
+ rangeSig proveRange(key & C, key & mask, const xmr_amount & amount);
+ bool verRange(const key & C, const rangeSig & as);
+
+ //Ring-ct MG sigs
+ //Prove:
+ // c.f. http://eprint.iacr.org/2015/1098 section 4. definition 10.
+ // This does the MG sig on the "dest" part of the given key matrix, and
+ // the last row is the sum of input commitments from that column - sum output commitments
+ // this shows that sum inputs = sum outputs
+ //Ver:
+ // verifies the above sig is created corretly
+ mgSig proveRctMG(const ctkeyM & pubs, const ctkeyV & inSk, const keyV &outMasks, const ctkeyV & outPk, unsigned int index, key txnFee, const key &message);
+ mgSig proveRctMGSimple(const key & message, const ctkeyV & pubs, const ctkey & inSk, const key &a , const key &Cout, unsigned int index);
+ bool verRctMG(const mgSig &mg, const ctkeyM & pubs, const ctkeyV & outPk, key txnFee, const key &message);
+ bool verRctMGSimple(const key &message, const mgSig &mg, const ctkeyV & pubs, const key & C);
+
+ //These functions get keys from blockchain
+ //replace these when connecting blockchain
+ //getKeyFromBlockchain grabs a key from the blockchain at "reference_index" to mix with
+ //populateFromBlockchain creates a keymatrix with "mixin" columns and one of the columns is inPk
+ // the return value are the key matrix, and the index where inPk was put (random).
+ void getKeyFromBlockchain(ctkey & a, size_t reference_index);
+ tuple<ctkeyM, xmr_amount> populateFromBlockchain(ctkeyV inPk, int mixin);
+
+ //RingCT protocol
+ //genRct:
+ // creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the
+ // columns that are claimed as inputs, and that the sum of inputs = sum of outputs.
+ // Also contains masked "amount" and "mask" so the receiver can see how much they received
+ //verRct:
+ // verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct
+ //decodeRct: (c.f. http://eprint.iacr.org/2015/1098 section 5.1.1)
+ // uses the attached ecdh info to find the amounts represented by each output commitment
+ // must know the destination private key to find the correct amount, else will return a random number
+ rctSig genRct(const key &message, const ctkeyV & inSk, const keyV & destinations, const vector<xmr_amount> & amounts, const ctkeyM &mixRing, const keyV &amount_keys, unsigned int index, ctkeyV &outSk);
+ rctSig genRct(const key &message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const vector<xmr_amount> & amounts, const keyV &amount_keys, const int mixin);
+ rctSig genRctSimple(const key & message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const vector<xmr_amount> & inamounts, const vector<xmr_amount> & outamounts, const keyV &amount_keys, xmr_amount txnFee, unsigned int mixin);
+ rctSig genRctSimple(const key & message, const ctkeyV & inSk, const keyV & destinations, const vector<xmr_amount> & inamounts, const vector<xmr_amount> & outamounts, xmr_amount txnFee, const ctkeyM & mixRing, const keyV &amount_keys, const std::vector<unsigned int> & index, ctkeyV &outSk);
+ bool verRct(const rctSig & rv);
+ bool verRctSimple(const rctSig & rv);
+ xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask);
+ xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i);
+ xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key & mask);
+ xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i);
+}
+#endif /* RCTSIGS_H */
+
diff --git a/src/ringct/rctTypes.cpp b/src/ringct/rctTypes.cpp
new file mode 100644
index 000000000..e773c6043
--- /dev/null
+++ b/src/ringct/rctTypes.cpp
@@ -0,0 +1,208 @@
+// Copyright (c) 2016, Monero Research Labs
+//
+// Author: Shen Noether <shen.noether@gmx.com>
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "rctTypes.h"
+using namespace crypto;
+using namespace std;
+
+namespace rct {
+
+ //dp
+ //Debug printing for the above types
+ //Actually use DP(value) and #define DBG
+
+ void dp(key a) {
+ int j = 0;
+ printf("\"");
+ for (j = 0; j < 32; j++) {
+ printf("%02x", (unsigned char)a.bytes[j]);
+ }
+ printf("\"");
+ printf("\n");
+ }
+
+ void dp(bool a) {
+ printf(" ... %s ... ", a ? "true" : "false");
+ printf("\n");
+ }
+
+ void dp(const char * a, int l) {
+ int j = 0;
+ printf("\"");
+ for (j = 0; j < l; j++) {
+ printf("%02x", (unsigned char)a[j]);
+ }
+ printf("\"");
+ printf("\n");
+ }
+ void dp(keyV a) {
+ size_t j = 0;
+ printf("[");
+ for (j = 0; j < a.size(); j++) {
+ dp(a[j]);
+ if (j < a.size() - 1) {
+ printf(",");
+ }
+ }
+ printf("]");
+ printf("\n");
+ }
+ void dp(keyM a) {
+ size_t j = 0;
+ printf("[");
+ for (j = 0; j < a.size(); j++) {
+ dp(a[j]);
+ if (j < a.size() - 1) {
+ printf(",");
+ }
+ }
+ printf("]");
+ printf("\n");
+ }
+ void dp(xmr_amount vali) {
+ printf("x: ");
+ std::cout << vali;
+ printf("\n\n");
+ }
+
+ void dp(int vali) {
+ printf("x: %d\n", vali);
+ printf("\n");
+ }
+ void dp(bits amountb) {
+ for (int i = 0; i < 64; i++) {
+ printf("%d", amountb[i]);
+ }
+ printf("\n");
+
+ }
+
+ void dp(const char * st) {
+ printf("%s\n", st);
+ }
+
+ //Various Conversions
+
+ //uint long long to 32 byte key
+ void d2h(key & amounth, const xmr_amount in) {
+ sc_0(amounth.bytes);
+ xmr_amount val = in;
+ int i = 0;
+ while (val != 0) {
+ amounth[i] = (unsigned char)(val & 0xFF);
+ i++;
+ val /= (xmr_amount)256;
+ }
+ }
+
+ //uint long long to 32 byte key
+ key d2h(const xmr_amount in) {
+ key amounth;
+ sc_0(amounth.bytes);
+ xmr_amount val = in;
+ int i = 0;
+ while (val != 0) {
+ amounth[i] = (unsigned char)(val & 0xFF);
+ i++;
+ val /= (xmr_amount)256;
+ }
+ return amounth;
+ }
+
+ //uint long long to int[64]
+ void d2b(bits amountb, xmr_amount val) {
+ int i = 0;
+ while (val != 0) {
+ amountb[i] = val & 1;
+ i++;
+ val >>= 1;
+ }
+ while (i < 64) {
+ amountb[i] = 0;
+ i++;
+ }
+ }
+
+ //32 byte key to uint long long
+ // if the key holds a value > 2^64
+ // then the value in the first 8 bytes is returned
+ xmr_amount h2d(const key & test) {
+ xmr_amount vali = 0;
+ int j = 0;
+ for (j = 7; j >= 0; j--) {
+ vali = (xmr_amount)(vali * 256 + (unsigned char)test.bytes[j]);
+ }
+ return vali;
+ }
+
+ //32 byte key to int[64]
+ void h2b(bits amountb2, const key & test) {
+ int val = 0, i = 0, j = 0;
+ for (j = 0; j < 8; j++) {
+ val = (unsigned char)test.bytes[j];
+ i = 8 * j;
+ while (val != 0) {
+ amountb2[i] = val & 1;
+ i++;
+ val >>= 1;
+ }
+ while (i < 8 * (j + 1)) {
+ amountb2[i] = 0;
+ }
+ }
+ }
+
+ //int[64] to 32 byte key
+ void b2h(key & amountdh, const bits amountb2) {
+ int byte, i, j;
+ for (j = 0; j < 8; j++) {
+ byte = 0;
+ i = 8 * j;
+ for (i = 7; i > -1; i--) {
+ byte = byte * 2 + amountb2[8 * j + i];
+ }
+ amountdh[j] = (unsigned char)byte;
+ }
+ for (j = 8; j < 32; j++) {
+ amountdh[j] = (unsigned char)(0x00);
+ }
+ }
+
+ //int[64] to uint long long
+ xmr_amount b2d(bits amountb) {
+ xmr_amount vali = 0;
+ int j = 0;
+ for (j = 63; j >= 0; j--) {
+ vali = (xmr_amount)(vali * 2 + amountb[j]);
+ }
+ return vali;
+ }
+
+}
diff --git a/src/ringct/rctTypes.h b/src/ringct/rctTypes.h
new file mode 100644
index 000000000..f231d30fb
--- /dev/null
+++ b/src/ringct/rctTypes.h
@@ -0,0 +1,405 @@
+// Copyright (c) 2016, Monero Research Labs
+//
+// Author: Shen Noether <shen.noether@gmx.com>
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+#ifndef RCT_TYPES_H
+#define RCT_TYPES_H
+
+#include <cstddef>
+#include <mutex>
+#include <vector>
+#include <tuple>
+#include <iostream>
+#include <cinttypes>
+
+extern "C" {
+#include "crypto/generic-ops.h"
+#include "crypto/crypto-ops.h"
+#include "crypto/random.h"
+#include "crypto/keccak.h"
+}
+#include "crypto/crypto.h"
+
+#include "serialization/serialization.h"
+#include "serialization/debug_archive.h"
+#include "serialization/binary_archive.h"
+#include "serialization/json_archive.h"
+
+
+//Define this flag when debugging to get additional info on the console
+#ifdef DBG
+#define DP(x) dp(x)
+#else
+#define DP(x)
+#endif
+
+//atomic units of moneros
+#define ATOMS 64
+
+//for printing large ints
+
+using namespace std;
+using namespace crypto;
+
+//Namespace specifically for ring ct code
+namespace rct {
+ //basic ops containers
+ typedef unsigned char * Bytes;
+
+ // Can contain a secret or public key
+ // similar to secret_key / public_key of crypto-ops,
+ // but uses unsigned chars,
+ // also includes an operator for accessing the i'th byte.
+ struct key {
+ unsigned char & operator[](int i) {
+ return bytes[i];
+ }
+ unsigned char operator[](int i) const {
+ return bytes[i];
+ }
+ bool operator==(const key &k) const { return !memcmp(bytes, k.bytes, sizeof(bytes)); }
+ unsigned char bytes[32];
+ };
+ typedef vector<key> keyV; //vector of keys
+ typedef vector<keyV> keyM; //matrix of keys (indexed by column first)
+
+ //containers For CT operations
+ //if it's representing a private ctkey then "dest" contains the secret key of the address
+ // while "mask" contains a where C = aG + bH is CT pedersen commitment and b is the amount
+ // (store b, the amount, separately
+ //if it's representing a public ctkey, then "dest" = P the address, mask = C the commitment
+ struct ctkey {
+ key dest;
+ key mask; //C here if public
+ };
+ typedef vector<ctkey> ctkeyV;
+ typedef vector<ctkeyV> ctkeyM;
+
+ //data for passing the amount to the receiver secretly
+ // If the pedersen commitment to an amount is C = aG + bH,
+ // "mask" contains a 32 byte key a
+ // "amount" contains a hex representation (in 32 bytes) of a 64 bit number
+ // "senderPk" is not the senders actual public key, but a one-time public key generated for
+ // the purpose of the ECDH exchange
+ struct ecdhTuple {
+ key mask;
+ key amount;
+ key senderPk;
+
+ BEGIN_SERIALIZE_OBJECT()
+ FIELD(mask)
+ FIELD(amount)
+ // FIELD(senderPk) // not serialized, as we do not use it in monero currently
+ END_SERIALIZE()
+ };
+
+ //containers for representing amounts
+ typedef uint64_t xmr_amount;
+ typedef unsigned int bits[ATOMS];
+ typedef key key64[64];
+
+ //just contains the necessary keys to represent asnlSigs
+ //c.f. http://eprint.iacr.org/2015/1098
+ struct asnlSig {
+ key64 L1;
+ key64 s2;
+ key s;
+ };
+
+ //Container for precomp
+ struct geDsmp {
+ ge_dsmp k;
+ };
+
+ //just contains the necessary keys to represent MLSAG sigs
+ //c.f. http://eprint.iacr.org/2015/1098
+ struct mgSig {
+ keyM ss;
+ key cc;
+ keyV II;
+
+ BEGIN_SERIALIZE_OBJECT()
+ FIELD(ss)
+ FIELD(cc)
+ // FIELD(II) - not serialized, it can be reconstructed
+ END_SERIALIZE()
+ };
+ //contains the data for an asnl sig
+ // also contains the "Ci" values such that
+ // \sum Ci = C
+ // and the signature proves that each Ci is either
+ // a Pedersen commitment to 0 or to 2^i
+ //thus proving that C is in the range of [0, 2^64]
+ struct rangeSig {
+ asnlSig asig;
+ key64 Ci;
+
+ BEGIN_SERIALIZE_OBJECT()
+ FIELD(asig)
+ FIELD(Ci)
+ END_SERIALIZE()
+ };
+ //A container to hold all signatures necessary for RingCT
+ // rangeSigs holds all the rangeproof data of a transaction
+ // MG holds the MLSAG signature of a transaction
+ // mixRing holds all the public keypairs (P, C) for a transaction
+ // ecdhInfo holds an encoded mask / amount to be passed to each receiver
+ // outPk contains public keypairs which are destinations (P, C),
+ // P = address, C = commitment to amount
+ enum {
+ RCTTypeNull = 0,
+ RCTTypeFull = 1,
+ RCTTypeSimple = 2,
+ };
+ struct rctSigBase {
+ uint8_t type;
+ key message;
+ ctkeyM mixRing; //the set of all pubkeys / copy
+ //pairs that you mix with
+ keyV pseudoOuts; //C - for simple rct
+ vector<ecdhTuple> ecdhInfo;
+ ctkeyV outPk;
+ xmr_amount txnFee; // contains b
+
+ BEGIN_SERIALIZE()
+ FIELD(type)
+ if (type == RCTTypeNull)
+ return true;
+ // FIELD(message) - not serialized, it can be reconstructed
+ // FIELD(mixRing) - not serialized, it can be reconstructed
+ if (type == RCTTypeSimple)
+ FIELD(pseudoOuts)
+ FIELD(ecdhInfo)
+ if (typename Archive<W>::is_saving()) {
+ keyV outPk(this->outPk.size());
+ for (size_t n = 0; n < outPk.size(); ++n)
+ outPk[n] = this->outPk[n].mask;
+ FIELD(outPk)
+ }
+ else {
+ keyV outPk;
+ FIELD(outPk)
+ this->outPk.resize(outPk.size());
+ for (size_t n = 0; n < outPk.size(); ++n)
+ this->outPk[n].mask = outPk[n];
+ }
+ VARINT_FIELD(txnFee)
+ END_SERIALIZE()
+ };
+ struct rctSigPrunable {
+ vector<rangeSig> rangeSigs;
+ vector<mgSig> MGs; // simple rct has N, full has 1
+
+ BEGIN_SERIALIZE()
+ FIELD(rangeSigs)
+ FIELD(MGs)
+ END_SERIALIZE()
+ };
+ struct rctSig: public rctSigBase {
+ rctSigPrunable p;
+
+ BEGIN_SERIALIZE_OBJECT()
+ FIELDS(*static_cast<rctSigBase *>(this))
+ if (type == RCTTypeNull)
+ return true;
+ FIELDS(p);
+ END_SERIALIZE()
+ };
+
+ //other basepoint H = toPoint(cn_fast_hash(G)), G the basepoint
+ static const key H = { {0x8b, 0x65, 0x59, 0x70, 0x15, 0x37, 0x99, 0xaf, 0x2a, 0xea, 0xdc, 0x9f, 0xf1, 0xad, 0xd0, 0xea, 0x6c, 0x72, 0x51, 0xd5, 0x41, 0x54, 0xcf, 0xa9, 0x2c, 0x17, 0x3a, 0x0d, 0xd3, 0x9c, 0x1f, 0x94} };
+
+ //H2 contains 2^i H in each index, i.e. H, 2H, 4H, 8H, ...
+ //This is used for the range proofG
+ //You can regenerate this by running python2 Test.py HPow2 in the MiniNero repo
+ static const key64 H2 = {{0x8b, 0x65, 0x59, 0x70, 0x15, 0x37, 0x99, 0xaf, 0x2a, 0xea, 0xdc, 0x9f, 0xf1, 0xad, 0xd0, 0xea, 0x6c, 0x72, 0x51, 0xd5, 0x41, 0x54, 0xcf, 0xa9, 0x2c, 0x17, 0x3a, 0x0d, 0xd3, 0x9c, 0x1f, 0x94},
+ {0x8f, 0xaa, 0x44, 0x8a, 0xe4, 0xb3, 0xe2, 0xbb, 0x3d, 0x4d, 0x13, 0x09, 0x09, 0xf5, 0x5f, 0xcd, 0x79, 0x71, 0x1c, 0x1c, 0x83, 0xcd, 0xbc, 0xca, 0xdd, 0x42, 0xcb, 0xe1, 0x51, 0x5e, 0x87, 0x12},
+ {0x12, 0xa7, 0xd6, 0x2c, 0x77, 0x91, 0x65, 0x4a, 0x57, 0xf3, 0xe6, 0x76, 0x94, 0xed, 0x50, 0xb4, 0x9a, 0x7d, 0x9e, 0x3f, 0xc1, 0xe4, 0xc7, 0xa0, 0xbd, 0xe2, 0x9d, 0x18, 0x7e, 0x9c, 0xc7, 0x1d},
+ {0x78, 0x9a, 0xb9, 0x93, 0x4b, 0x49, 0xc4, 0xf9, 0xe6, 0x78, 0x5c, 0x6d, 0x57, 0xa4, 0x98, 0xb3, 0xea, 0xd4, 0x43, 0xf0, 0x4f, 0x13, 0xdf, 0x11, 0x0c, 0x54, 0x27, 0xb4, 0xf2, 0x14, 0xc7, 0x39},
+ {0x77, 0x1e, 0x92, 0x99, 0xd9, 0x4f, 0x02, 0xac, 0x72, 0xe3, 0x8e, 0x44, 0xde, 0x56, 0x8a, 0xc1, 0xdc, 0xb2, 0xed, 0xc6, 0xed, 0xb6, 0x1f, 0x83, 0xca, 0x41, 0x8e, 0x10, 0x77, 0xce, 0x3d, 0xe8},
+ {0x73, 0xb9, 0x6d, 0xb4, 0x30, 0x39, 0x81, 0x9b, 0xda, 0xf5, 0x68, 0x0e, 0x5c, 0x32, 0xd7, 0x41, 0x48, 0x88, 0x84, 0xd1, 0x8d, 0x93, 0x86, 0x6d, 0x40, 0x74, 0xa8, 0x49, 0x18, 0x2a, 0x8a, 0x64},
+ {0x8d, 0x45, 0x8e, 0x1c, 0x2f, 0x68, 0xeb, 0xeb, 0xcc, 0xd2, 0xfd, 0x5d, 0x37, 0x9f, 0x5e, 0x58, 0xf8, 0x13, 0x4d, 0xf3, 0xe0, 0xe8, 0x8c, 0xad, 0x3d, 0x46, 0x70, 0x10, 0x63, 0xa8, 0xd4, 0x12},
+ {0x09, 0x55, 0x1e, 0xdb, 0xe4, 0x94, 0x41, 0x8e, 0x81, 0x28, 0x44, 0x55, 0xd6, 0x4b, 0x35, 0xee, 0x8a, 0xc0, 0x93, 0x06, 0x8a, 0x5f, 0x16, 0x1f, 0xa6, 0x63, 0x75, 0x59, 0x17, 0x7e, 0xf4, 0x04},
+ {0xd0, 0x5a, 0x88, 0x66, 0xf4, 0xdf, 0x8c, 0xee, 0x1e, 0x26, 0x8b, 0x1d, 0x23, 0xa4, 0xc5, 0x8c, 0x92, 0xe7, 0x60, 0x30, 0x97, 0x86, 0xcd, 0xac, 0x0f, 0xed, 0xa1, 0xd2, 0x47, 0xa9, 0xc9, 0xa7},
+ {0x55, 0xcd, 0xaa, 0xd5, 0x18, 0xbd, 0x87, 0x1d, 0xd1, 0xeb, 0x7b, 0xc7, 0x02, 0x3e, 0x1d, 0xc0, 0xfd, 0xf3, 0x33, 0x98, 0x64, 0xf8, 0x8f, 0xdd, 0x2d, 0xe2, 0x69, 0xfe, 0x9e, 0xe1, 0x83, 0x2d},
+ {0xe7, 0x69, 0x7e, 0x95, 0x1a, 0x98, 0xcf, 0xd5, 0x71, 0x2b, 0x84, 0xbb, 0xe5, 0xf3, 0x4e, 0xd7, 0x33, 0xe9, 0x47, 0x3f, 0xcb, 0x68, 0xed, 0xa6, 0x6e, 0x37, 0x88, 0xdf, 0x19, 0x58, 0xc3, 0x06},
+ {0xf9, 0x2a, 0x97, 0x0b, 0xae, 0x72, 0x78, 0x29, 0x89, 0xbf, 0xc8, 0x3a, 0xdf, 0xaa, 0x92, 0xa4, 0xf4, 0x9c, 0x7e, 0x95, 0x91, 0x8b, 0x3b, 0xba, 0x3c, 0xdc, 0x7f, 0xe8, 0x8a, 0xcc, 0x8d, 0x47},
+ {0x1f, 0x66, 0xc2, 0xd4, 0x91, 0xd7, 0x5a, 0xf9, 0x15, 0xc8, 0xdb, 0x6a, 0x6d, 0x1c, 0xb0, 0xcd, 0x4f, 0x7d, 0xdc, 0xd5, 0xe6, 0x3d, 0x3b, 0xa9, 0xb8, 0x3c, 0x86, 0x6c, 0x39, 0xef, 0x3a, 0x2b},
+ {0x3e, 0xec, 0x98, 0x84, 0xb4, 0x3f, 0x58, 0xe9, 0x3e, 0xf8, 0xde, 0xea, 0x26, 0x00, 0x04, 0xef, 0xea, 0x2a, 0x46, 0x34, 0x4f, 0xc5, 0x96, 0x5b, 0x1a, 0x7d, 0xd5, 0xd1, 0x89, 0x97, 0xef, 0xa7},
+ {0xb2, 0x9f, 0x8f, 0x0c, 0xcb, 0x96, 0x97, 0x7f, 0xe7, 0x77, 0xd4, 0x89, 0xd6, 0xbe, 0x9e, 0x7e, 0xbc, 0x19, 0xc4, 0x09, 0xb5, 0x10, 0x35, 0x68, 0xf2, 0x77, 0x61, 0x1d, 0x7e, 0xa8, 0x48, 0x94},
+ {0x56, 0xb1, 0xf5, 0x12, 0x65, 0xb9, 0x55, 0x98, 0x76, 0xd5, 0x8d, 0x24, 0x9d, 0x0c, 0x14, 0x6d, 0x69, 0xa1, 0x03, 0x63, 0x66, 0x99, 0x87, 0x4d, 0x3f, 0x90, 0x47, 0x35, 0x50, 0xfe, 0x3f, 0x2c},
+ {0x1d, 0x7a, 0x36, 0x57, 0x5e, 0x22, 0xf5, 0xd1, 0x39, 0xff, 0x9c, 0xc5, 0x10, 0xfa, 0x13, 0x85, 0x05, 0x57, 0x6b, 0x63, 0x81, 0x5a, 0x94, 0xe4, 0xb0, 0x12, 0xbf, 0xd4, 0x57, 0xca, 0xaa, 0xda},
+ {0xd0, 0xac, 0x50, 0x7a, 0x86, 0x4e, 0xcd, 0x05, 0x93, 0xfa, 0x67, 0xbe, 0x7d, 0x23, 0x13, 0x43, 0x92, 0xd0, 0x0e, 0x40, 0x07, 0xe2, 0x53, 0x48, 0x78, 0xd9, 0xb2, 0x42, 0xe1, 0x0d, 0x76, 0x20},
+ {0xf6, 0xc6, 0x84, 0x0b, 0x9c, 0xf1, 0x45, 0xbb, 0x2d, 0xcc, 0xf8, 0x6e, 0x94, 0x0b, 0xe0, 0xfc, 0x09, 0x8e, 0x32, 0xe3, 0x10, 0x99, 0xd5, 0x6f, 0x7f, 0xe0, 0x87, 0xbd, 0x5d, 0xeb, 0x50, 0x94},
+ {0x28, 0x83, 0x1a, 0x33, 0x40, 0x07, 0x0e, 0xb1, 0xdb, 0x87, 0xc1, 0x2e, 0x05, 0x98, 0x0d, 0x5f, 0x33, 0xe9, 0xef, 0x90, 0xf8, 0x3a, 0x48, 0x17, 0xc9, 0xf4, 0xa0, 0xa3, 0x32, 0x27, 0xe1, 0x97},
+ {0x87, 0x63, 0x22, 0x73, 0xd6, 0x29, 0xcc, 0xb7, 0xe1, 0xed, 0x1a, 0x76, 0x8f, 0xa2, 0xeb, 0xd5, 0x17, 0x60, 0xf3, 0x2e, 0x1c, 0x0b, 0x86, 0x7a, 0x5d, 0x36, 0x8d, 0x52, 0x71, 0x05, 0x5c, 0x6e},
+ {0x5c, 0x7b, 0x29, 0x42, 0x43, 0x47, 0x96, 0x4d, 0x04, 0x27, 0x55, 0x17, 0xc5, 0xae, 0x14, 0xb6, 0xb5, 0xea, 0x27, 0x98, 0xb5, 0x73, 0xfc, 0x94, 0xe6, 0xe4, 0x4a, 0x53, 0x21, 0x60, 0x0c, 0xfb},
+ {0xe6, 0x94, 0x50, 0x42, 0xd7, 0x8b, 0xc2, 0xc3, 0xbd, 0x6e, 0xc5, 0x8c, 0x51, 0x1a, 0x9f, 0xe8, 0x59, 0xc0, 0xad, 0x63, 0xfd, 0xe4, 0x94, 0xf5, 0x03, 0x9e, 0x0e, 0x82, 0x32, 0x61, 0x2b, 0xd5},
+ {0x36, 0xd5, 0x69, 0x07, 0xe2, 0xec, 0x74, 0x5d, 0xb6, 0xe5, 0x4f, 0x0b, 0x2e, 0x1b, 0x23, 0x00, 0xab, 0xcb, 0x42, 0x2e, 0x71, 0x2d, 0xa5, 0x88, 0xa4, 0x0d, 0x3f, 0x1e, 0xbb, 0xbe, 0x02, 0xf6},
+ {0x34, 0xdb, 0x6e, 0xe4, 0xd0, 0x60, 0x8e, 0x5f, 0x78, 0x36, 0x50, 0x49, 0x5a, 0x3b, 0x2f, 0x52, 0x73, 0xc5, 0x13, 0x4e, 0x52, 0x84, 0xe4, 0xfd, 0xf9, 0x66, 0x27, 0xbb, 0x16, 0xe3, 0x1e, 0x6b},
+ {0x8e, 0x76, 0x59, 0xfb, 0x45, 0xa3, 0x78, 0x7d, 0x67, 0x4a, 0xe8, 0x67, 0x31, 0xfa, 0xa2, 0x53, 0x8e, 0xc0, 0xfd, 0xf4, 0x42, 0xab, 0x26, 0xe9, 0xc7, 0x91, 0xfa, 0xda, 0x08, 0x94, 0x67, 0xe9},
+ {0x30, 0x06, 0xcf, 0x19, 0x8b, 0x24, 0xf3, 0x1b, 0xb4, 0xc7, 0xe6, 0x34, 0x60, 0x00, 0xab, 0xc7, 0x01, 0xe8, 0x27, 0xcf, 0xbb, 0x5d, 0xf5, 0x2d, 0xcf, 0xa4, 0x2e, 0x9c, 0xa9, 0xff, 0x08, 0x02},
+ {0xf5, 0xfd, 0x40, 0x3c, 0xb6, 0xe8, 0xbe, 0x21, 0x47, 0x2e, 0x37, 0x7f, 0xfd, 0x80, 0x5a, 0x8c, 0x60, 0x83, 0xea, 0x48, 0x03, 0xb8, 0x48, 0x53, 0x89, 0xcc, 0x3e, 0xbc, 0x21, 0x5f, 0x00, 0x2a},
+ {0x37, 0x31, 0xb2, 0x60, 0xeb, 0x3f, 0x94, 0x82, 0xe4, 0x5f, 0x1c, 0x3f, 0x3b, 0x9d, 0xcf, 0x83, 0x4b, 0x75, 0xe6, 0xee, 0xf8, 0xc4, 0x0f, 0x46, 0x1e, 0xa2, 0x7e, 0x8b, 0x6e, 0xd9, 0x47, 0x3d},
+ {0x9f, 0x9d, 0xab, 0x09, 0xc3, 0xf5, 0xe4, 0x28, 0x55, 0xc2, 0xde, 0x97, 0x1b, 0x65, 0x93, 0x28, 0xa2, 0xdb, 0xc4, 0x54, 0x84, 0x5f, 0x39, 0x6f, 0xfc, 0x05, 0x3f, 0x0b, 0xb1, 0x92, 0xf8, 0xc3},
+ {0x5e, 0x05, 0x5d, 0x25, 0xf8, 0x5f, 0xdb, 0x98, 0xf2, 0x73, 0xe4, 0xaf, 0xe0, 0x84, 0x64, 0xc0, 0x03, 0xb7, 0x0f, 0x1e, 0xf0, 0x67, 0x7b, 0xb5, 0xe2, 0x57, 0x06, 0x40, 0x0b, 0xe6, 0x20, 0xa5},
+ {0x86, 0x8b, 0xcf, 0x36, 0x79, 0xcb, 0x6b, 0x50, 0x0b, 0x94, 0x41, 0x8c, 0x0b, 0x89, 0x25, 0xf9, 0x86, 0x55, 0x30, 0x30, 0x3a, 0xe4, 0xe4, 0xb2, 0x62, 0x59, 0x18, 0x65, 0x66, 0x6a, 0x45, 0x90},
+ {0xb3, 0xdb, 0x6b, 0xd3, 0x89, 0x7a, 0xfb, 0xd1, 0xdf, 0x3f, 0x96, 0x44, 0xab, 0x21, 0xc8, 0x05, 0x0e, 0x1f, 0x00, 0x38, 0xa5, 0x2f, 0x7c, 0xa9, 0x5a, 0xc0, 0xc3, 0xde, 0x75, 0x58, 0xcb, 0x7a},
+ {0x81, 0x19, 0xb3, 0xa0, 0x59, 0xff, 0x2c, 0xac, 0x48, 0x3e, 0x69, 0xbc, 0xd4, 0x1d, 0x6d, 0x27, 0x14, 0x94, 0x47, 0x91, 0x42, 0x88, 0xbb, 0xea, 0xee, 0x34, 0x13, 0xe6, 0xdc, 0xc6, 0xd1, 0xeb},
+ {0x10, 0xfc, 0x58, 0xf3, 0x5f, 0xc7, 0xfe, 0x7a, 0xe8, 0x75, 0x52, 0x4b, 0xb5, 0x85, 0x00, 0x03, 0x00, 0x5b, 0x7f, 0x97, 0x8c, 0x0c, 0x65, 0xe2, 0xa9, 0x65, 0x46, 0x4b, 0x6d, 0x00, 0x81, 0x9c},
+ {0x5a, 0xcd, 0x94, 0xeb, 0x3c, 0x57, 0x83, 0x79, 0xc1, 0xea, 0x58, 0xa3, 0x43, 0xec, 0x4f, 0xcf, 0xf9, 0x62, 0x77, 0x6f, 0xe3, 0x55, 0x21, 0xe4, 0x75, 0xa0, 0xe0, 0x6d, 0x88, 0x7b, 0x2d, 0xb9},
+ {0x33, 0xda, 0xf3, 0xa2, 0x14, 0xd6, 0xe0, 0xd4, 0x2d, 0x23, 0x00, 0xa7, 0xb4, 0x4b, 0x39, 0x29, 0x0d, 0xb8, 0x98, 0x9b, 0x42, 0x79, 0x74, 0xcd, 0x86, 0x5d, 0xb0, 0x11, 0x05, 0x5a, 0x29, 0x01},
+ {0xcf, 0xc6, 0x57, 0x2f, 0x29, 0xaf, 0xd1, 0x64, 0xa4, 0x94, 0xe6, 0x4e, 0x6f, 0x1a, 0xeb, 0x82, 0x0c, 0x3e, 0x7d, 0xa3, 0x55, 0x14, 0x4e, 0x51, 0x24, 0xa3, 0x91, 0xd0, 0x6e, 0x9f, 0x95, 0xea},
+ {0xd5, 0x31, 0x2a, 0x4b, 0x0e, 0xf6, 0x15, 0xa3, 0x31, 0xf6, 0x35, 0x2c, 0x2e, 0xd2, 0x1d, 0xac, 0x9e, 0x7c, 0x36, 0x39, 0x8b, 0x93, 0x9a, 0xec, 0x90, 0x1c, 0x25, 0x7f, 0x6c, 0xbc, 0x9e, 0x8e},
+ {0x55, 0x1d, 0x67, 0xfe, 0xfc, 0x7b, 0x5b, 0x9f, 0x9f, 0xdb, 0xf6, 0xaf, 0x57, 0xc9, 0x6c, 0x8a, 0x74, 0xd7, 0xe4, 0x5a, 0x00, 0x20, 0x78, 0xa7, 0xb5, 0xba, 0x45, 0xc6, 0xfd, 0xe9, 0x3e, 0x33},
+ {0xd5, 0x0a, 0xc7, 0xbd, 0x5c, 0xa5, 0x93, 0xc6, 0x56, 0x92, 0x8f, 0x38, 0x42, 0x80, 0x17, 0xfc, 0x7b, 0xa5, 0x02, 0x85, 0x4c, 0x43, 0xd8, 0x41, 0x49, 0x50, 0xe9, 0x6e, 0xcb, 0x40, 0x5d, 0xc3},
+ {0x07, 0x73, 0xe1, 0x8e, 0xa1, 0xbe, 0x44, 0xfe, 0x1a, 0x97, 0xe2, 0x39, 0x57, 0x3c, 0xfa, 0xe3, 0xe4, 0xe9, 0x5e, 0xf9, 0xaa, 0x9f, 0xaa, 0xbe, 0xac, 0x12, 0x74, 0xd3, 0xad, 0x26, 0x16, 0x04},
+ {0xe9, 0xaf, 0x0e, 0x7c, 0xa8, 0x93, 0x30, 0xd2, 0xb8, 0x61, 0x5d, 0x1b, 0x41, 0x37, 0xca, 0x61, 0x7e, 0x21, 0x29, 0x7f, 0x2f, 0x0d, 0xed, 0x8e, 0x31, 0xb7, 0xd2, 0xea, 0xd8, 0x71, 0x46, 0x60},
+ {0x7b, 0x12, 0x45, 0x83, 0x09, 0x7f, 0x10, 0x29, 0xa0, 0xc7, 0x41, 0x91, 0xfe, 0x73, 0x78, 0xc9, 0x10, 0x5a, 0xcc, 0x70, 0x66, 0x95, 0xed, 0x14, 0x93, 0xbb, 0x76, 0x03, 0x42, 0x26, 0xa5, 0x7b},
+ {0xec, 0x40, 0x05, 0x7b, 0x99, 0x54, 0x76, 0x65, 0x0b, 0x3d, 0xb9, 0x8e, 0x9d, 0xb7, 0x57, 0x38, 0xa8, 0xcd, 0x2f, 0x94, 0xd8, 0x63, 0xb9, 0x06, 0x15, 0x0c, 0x56, 0xaa, 0xc1, 0x9c, 0xaa, 0x6b},
+ {0x01, 0xd9, 0xff, 0x72, 0x9e, 0xfd, 0x39, 0xd8, 0x37, 0x84, 0xc0, 0xfe, 0x59, 0xc4, 0xae, 0x81, 0xa6, 0x70, 0x34, 0xcb, 0x53, 0xc9, 0x43, 0xfb, 0x81, 0x8b, 0x9d, 0x8a, 0xe7, 0xfc, 0x33, 0xe5},
+ {0x00, 0xdf, 0xb3, 0xc6, 0x96, 0x32, 0x8c, 0x76, 0x42, 0x45, 0x19, 0xa7, 0xbe, 0xfe, 0x8e, 0x0f, 0x6c, 0x76, 0xf9, 0x47, 0xb5, 0x27, 0x67, 0x91, 0x6d, 0x24, 0x82, 0x3f, 0x73, 0x5b, 0xaf, 0x2e},
+ {0x46, 0x1b, 0x79, 0x9b, 0x4d, 0x9c, 0xee, 0xa8, 0xd5, 0x80, 0xdc, 0xb7, 0x6d, 0x11, 0x15, 0x0d, 0x53, 0x5e, 0x16, 0x39, 0xd1, 0x60, 0x03, 0xc3, 0xfb, 0x7e, 0x9d, 0x1f, 0xd1, 0x30, 0x83, 0xa8},
+ {0xee, 0x03, 0x03, 0x94, 0x79, 0xe5, 0x22, 0x8f, 0xdc, 0x55, 0x1c, 0xbd, 0xe7, 0x07, 0x9d, 0x34, 0x12, 0xea, 0x18, 0x6a, 0x51, 0x7c, 0xcc, 0x63, 0xe4, 0x6e, 0x9f, 0xcc, 0xe4, 0xfe, 0x3a, 0x6c},
+ {0xa8, 0xcf, 0xb5, 0x43, 0x52, 0x4e, 0x7f, 0x02, 0xb9, 0xf0, 0x45, 0xac, 0xd5, 0x43, 0xc2, 0x1c, 0x37, 0x3b, 0x4c, 0x9b, 0x98, 0xac, 0x20, 0xce, 0xc4, 0x17, 0xa6, 0xdd, 0xb5, 0x74, 0x4e, 0x94},
+ {0x93, 0x2b, 0x79, 0x4b, 0xf8, 0x9c, 0x6e, 0xda, 0xf5, 0xd0, 0x65, 0x0c, 0x7c, 0x4b, 0xad, 0x92, 0x42, 0xb2, 0x56, 0x26, 0xe3, 0x7e, 0xad, 0x5a, 0xa7, 0x5e, 0xc8, 0xc6, 0x4e, 0x09, 0xdd, 0x4f},
+ {0x16, 0xb1, 0x0c, 0x77, 0x9c, 0xe5, 0xcf, 0xef, 0x59, 0xc7, 0x71, 0x0d, 0x2e, 0x68, 0x44, 0x1e, 0xa6, 0xfa, 0xcb, 0x68, 0xe9, 0xb5, 0xf7, 0xd5, 0x33, 0xae, 0x0b, 0xb7, 0x8e, 0x28, 0xbf, 0x57},
+ {0x0f, 0x77, 0xc7, 0x67, 0x43, 0xe7, 0x39, 0x6f, 0x99, 0x10, 0x13, 0x9f, 0x49, 0x37, 0xd8, 0x37, 0xae, 0x54, 0xe2, 0x10, 0x38, 0xac, 0x5c, 0x0b, 0x3f, 0xd6, 0xef, 0x17, 0x1a, 0x28, 0xa7, 0xe4},
+ {0xd7, 0xe5, 0x74, 0xb7, 0xb9, 0x52, 0xf2, 0x93, 0xe8, 0x0d, 0xde, 0x90, 0x5e, 0xb5, 0x09, 0x37, 0x3f, 0x3f, 0x6c, 0xd1, 0x09, 0xa0, 0x22, 0x08, 0xb3, 0xc1, 0xe9, 0x24, 0x08, 0x0a, 0x20, 0xca},
+ {0x45, 0x66, 0x6f, 0x8c, 0x38, 0x1e, 0x3d, 0xa6, 0x75, 0x56, 0x3f, 0xf8, 0xba, 0x23, 0xf8, 0x3b, 0xfa, 0xc3, 0x0c, 0x34, 0xab, 0xdd, 0xe6, 0xe5, 0xc0, 0x97, 0x5e, 0xf9, 0xfd, 0x70, 0x0c, 0xb9},
+ {0xb2, 0x46, 0x12, 0xe4, 0x54, 0x60, 0x7e, 0xb1, 0xab, 0xa4, 0x47, 0xf8, 0x16, 0xd1, 0xa4, 0x55, 0x1e, 0xf9, 0x5f, 0xa7, 0x24, 0x7f, 0xb7, 0xc1, 0xf5, 0x03, 0x02, 0x0a, 0x71, 0x77, 0xf0, 0xdd},
+ {0x7e, 0x20, 0x88, 0x61, 0x85, 0x6d, 0xa4, 0x2c, 0x8b, 0xb4, 0x6a, 0x75, 0x67, 0xf8, 0x12, 0x13, 0x62, 0xd9, 0xfb, 0x24, 0x96, 0xf1, 0x31, 0xa4, 0xaa, 0x90, 0x17, 0xcf, 0x36, 0x6c, 0xdf, 0xce},
+ {0x5b, 0x64, 0x6b, 0xff, 0x6a, 0xd1, 0x10, 0x01, 0x65, 0x03, 0x7a, 0x05, 0x56, 0x01, 0xea, 0x02, 0x35, 0x8c, 0x0f, 0x41, 0x05, 0x0f, 0x9d, 0xfe, 0x3c, 0x95, 0xdc, 0xcb, 0xd3, 0x08, 0x7b, 0xe0},
+ {0x74, 0x6d, 0x1d, 0xcc, 0xfe, 0xd2, 0xf0, 0xff, 0x1e, 0x13, 0xc5, 0x1e, 0x2d, 0x50, 0xd5, 0x32, 0x43, 0x75, 0xfb, 0xd5, 0xbf, 0x7c, 0xa8, 0x2a, 0x89, 0x31, 0x82, 0x8d, 0x80, 0x1d, 0x43, 0xab},
+ {0xcb, 0x98, 0x11, 0x0d, 0x4a, 0x6b, 0xb9, 0x7d, 0x22, 0xfe, 0xad, 0xbc, 0x6c, 0x0d, 0x89, 0x30, 0xc5, 0xf8, 0xfc, 0x50, 0x8b, 0x2f, 0xc5, 0xb3, 0x53, 0x28, 0xd2, 0x6b, 0x88, 0xdb, 0x19, 0xae},
+ {0x60, 0xb6, 0x26, 0xa0, 0x33, 0xb5, 0x5f, 0x27, 0xd7, 0x67, 0x6c, 0x40, 0x95, 0xea, 0xba, 0xbc, 0x7a, 0x2c, 0x7e, 0xde, 0x26, 0x24, 0xb4, 0x72, 0xe9, 0x7f, 0x64, 0xf9, 0x6b, 0x8c, 0xfc, 0x0e},
+ {0xe5, 0xb5, 0x2b, 0xc9, 0x27, 0x46, 0x8d, 0xf7, 0x18, 0x93, 0xeb, 0x81, 0x97, 0xef, 0x82, 0x0c, 0xf7, 0x6c, 0xb0, 0xaa, 0xf6, 0xe8, 0xe4, 0xfe, 0x93, 0xad, 0x62, 0xd8, 0x03, 0x98, 0x31, 0x04},
+ {0x05, 0x65, 0x41, 0xae, 0x5d, 0xa9, 0x96, 0x1b, 0xe2, 0xb0, 0xa5, 0xe8, 0x95, 0xe5, 0xc5, 0xba, 0x15, 0x3c, 0xbb, 0x62, 0xdd, 0x56, 0x1a, 0x42, 0x7b, 0xad, 0x0f, 0xfd, 0x41, 0x92, 0x31, 0x99},
+ {0xf8, 0xfe, 0xf0, 0x5a, 0x3f, 0xa5, 0xc9, 0xf3, 0xeb, 0xa4, 0x16, 0x38, 0xb2, 0x47, 0xb7, 0x11, 0xa9, 0x9f, 0x96, 0x0f, 0xe7, 0x3a, 0xa2, 0xf9, 0x01, 0x36, 0xae, 0xb2, 0x03, 0x29, 0xb8, 0x88}};
+
+ //Debug printing for the above types
+ //Actually use DP(value) and #define DBG
+ void dp(key a);
+ void dp(bool a);
+ void dp(const char * a, int l);
+ void dp(keyV a);
+ void dp(keyM a);
+ void dp(xmr_amount vali);
+ void dp(int vali);
+ void dp(bits amountb);
+ void dp(const char * st);
+
+ //various conversions
+
+ //uint long long to 32 byte key
+ void d2h(key & amounth, xmr_amount val);
+ key d2h(xmr_amount val);
+ //uint long long to int[64]
+ void d2b(bits amountb, xmr_amount val);
+ //32 byte key to uint long long
+ // if the key holds a value > 2^64
+ // then the value in the first 8 bytes is returned
+ xmr_amount h2d(const key &test);
+ //32 byte key to int[64]
+ void h2b(bits amountb2, key & test);
+ //int[64] to 32 byte key
+ void b2h(key & amountdh, bits amountb2);
+ //int[64] to uint long long
+ xmr_amount b2d(bits amountb);
+
+ static inline const rct::key pk2rct(const crypto::public_key &pk) { return (const rct::key&)pk; }
+ static inline const rct::key sk2rct(const crypto::secret_key &sk) { return (const rct::key&)sk; }
+ static inline const rct::key ki2rct(const crypto::key_image &ki) { return (const rct::key&)ki; }
+ static inline const rct::key hash2rct(const crypto::hash &h) { return (const rct::key&)h; }
+ static inline const crypto::public_key rct2pk(const rct::key &k) { return (const crypto::public_key&)k; }
+ static inline const crypto::secret_key rct2sk(const rct::key &k) { return (const crypto::secret_key&)k; }
+ static inline const crypto::key_image rct2ki(const rct::key &k) { return (const crypto::key_image&)k; }
+ static inline const crypto::hash rct2hash(const rct::key &k) { return (const crypto::hash&)k; }
+ static inline bool operator==(const rct::key &k0, const crypto::public_key &k1) { return !memcmp(&k0, &k1, 32); }
+ static inline bool operator!=(const rct::key &k0, const crypto::public_key &k1) { return memcmp(&k0, &k1, 32); }
+}
+
+
+namespace cryptonote {
+ static inline bool operator==(const crypto::public_key &k0, const rct::key &k1) { return !memcmp(&k0, &k1, 32); }
+ static inline bool operator!=(const crypto::public_key &k0, const rct::key &k1) { return memcmp(&k0, &k1, 32); }
+ static inline bool operator==(const crypto::secret_key &k0, const rct::key &k1) { return !memcmp(&k0, &k1, 32); }
+ static inline bool operator!=(const crypto::secret_key &k0, const rct::key &k1) { return memcmp(&k0, &k1, 32); }
+}
+
+template<typename T> std::ostream &print256(std::ostream &o, const T &v);
+inline std::ostream &operator <<(std::ostream &o, const rct::key &v) { return print256(o, v); }
+
+
+BLOB_SERIALIZER(rct::key);
+BLOB_SERIALIZER(rct::key64);
+BLOB_SERIALIZER(rct::ctkey);
+BLOB_SERIALIZER(rct::asnlSig);
+
+VARIANT_TAG(debug_archive, rct::key, "rct::key");
+VARIANT_TAG(debug_archive, rct::key64, "rct::key64");
+VARIANT_TAG(debug_archive, rct::keyV, "rct::keyV");
+VARIANT_TAG(debug_archive, rct::keyM, "rct::keyM");
+VARIANT_TAG(debug_archive, rct::ctkey, "rct::ctkey");
+VARIANT_TAG(debug_archive, rct::ctkeyV, "rct::ctkeyV");
+VARIANT_TAG(debug_archive, rct::ctkeyM, "rct::ctkeyM");
+VARIANT_TAG(debug_archive, rct::ecdhTuple, "rct::ecdhTuple");
+VARIANT_TAG(debug_archive, rct::mgSig, "rct::mgSig");
+VARIANT_TAG(debug_archive, rct::rangeSig, "rct::rangeSig");
+VARIANT_TAG(debug_archive, rct::asnlSig, "rct::asnlSig");
+VARIANT_TAG(debug_archive, rct::rctSig, "rct::rctSig");
+
+VARIANT_TAG(binary_archive, rct::key, 0x90);
+VARIANT_TAG(binary_archive, rct::key64, 0x91);
+VARIANT_TAG(binary_archive, rct::keyV, 0x92);
+VARIANT_TAG(binary_archive, rct::keyM, 0x93);
+VARIANT_TAG(binary_archive, rct::ctkey, 0x94);
+VARIANT_TAG(binary_archive, rct::ctkeyV, 0x95);
+VARIANT_TAG(binary_archive, rct::ctkeyM, 0x96);
+VARIANT_TAG(binary_archive, rct::ecdhTuple, 0x97);
+VARIANT_TAG(binary_archive, rct::mgSig, 0x98);
+VARIANT_TAG(binary_archive, rct::rangeSig, 0x99);
+VARIANT_TAG(binary_archive, rct::asnlSig, 0x9a);
+VARIANT_TAG(binary_archive, rct::rctSig, 0x9b);
+
+VARIANT_TAG(json_archive, rct::key, "rct_key");
+VARIANT_TAG(json_archive, rct::key64, "rct_key64");
+VARIANT_TAG(json_archive, rct::keyV, "rct_keyV");
+VARIANT_TAG(json_archive, rct::keyM, "rct_keyM");
+VARIANT_TAG(json_archive, rct::ctkey, "rct_ctkey");
+VARIANT_TAG(json_archive, rct::ctkeyV, "rct_ctkeyV");
+VARIANT_TAG(json_archive, rct::ctkeyM, "rct_ctkeyM");
+VARIANT_TAG(json_archive, rct::ecdhTuple, "rct_ecdhTuple");
+VARIANT_TAG(json_archive, rct::mgSig, "rct_mgSig");
+VARIANT_TAG(json_archive, rct::rangeSig, "rct_rangeSig");
+VARIANT_TAG(json_archive, rct::asnlSig, "rct_asnlSig");
+VARIANT_TAG(json_archive, rct::rctSig, "rct_rctSig");
+
+#endif /* RCTTYPES_H */
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index e6fc11060..5aa3591ab 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -159,9 +159,25 @@ namespace cryptonote
{
res.blocks.resize(res.blocks.size()+1);
res.blocks.back().block = block_to_blob(b.first);
+ res.output_indices.push_back(COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices());
+ res.output_indices.back().indices.push_back(COMMAND_RPC_GET_BLOCKS_FAST::tx_output_indices());
+ bool r = m_core.get_tx_outputs_gindexs(get_transaction_hash(b.first.miner_tx), res.output_indices.back().indices.back().indices);
+ if (!r)
+ {
+ res.status = "Failed";
+ return false;
+ }
+ size_t txidx = 0;
BOOST_FOREACH(auto& t, b.second)
{
res.blocks.back().txs.push_back(tx_to_blob(t));
+ res.output_indices.back().indices.push_back(COMMAND_RPC_GET_BLOCKS_FAST::tx_output_indices());
+ bool r = m_core.get_tx_outputs_gindexs(b.first.tx_hashes[txidx++], res.output_indices.back().indices.back().indices);
+ if (!r)
+ {
+ res.status = "Failed";
+ return false;
+ }
}
}
@@ -250,6 +266,30 @@ namespace cryptonote
return true;
}
//------------------------------------------------------------------------------------------------------------------------------
+ bool core_rpc_server::on_get_random_rct_outs(const COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::request& req, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::response& res)
+ {
+ CHECK_CORE_BUSY();
+ res.status = "Failed";
+ if(!m_core.get_random_rct_outs(req, res))
+ {
+ return true;
+ }
+
+ res.status = CORE_RPC_STATUS_OK;
+ std::stringstream ss;
+ typedef COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::out_entry out_entry;
+ CHECK_AND_ASSERT_MES(res.outs.size(), true, "internal error: res.outs.size() is empty");
+ std::for_each(res.outs.begin(), res.outs.end(), [&](out_entry& oe)
+ {
+ ss << oe.global_amount_index << " ";
+ });
+ ss << ENDL;
+ std::string s = ss.str();
+ LOG_PRINT_L2("COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS: " << ENDL << s);
+ res.status = CORE_RPC_STATUS_OK;
+ return true;
+ }
+ //------------------------------------------------------------------------------------------------------------------------------
bool core_rpc_server::on_get_indexes(const COMMAND_RPC_GET_TX_GLOBAL_OUTPUTS_INDEXES::request& req, COMMAND_RPC_GET_TX_GLOBAL_OUTPUTS_INDEXES::response& res)
{
CHECK_CORE_BUSY();
@@ -459,6 +499,8 @@ namespace cryptonote
res.reason = "overspend";
if ((res.fee_too_low = tvc.m_fee_too_low))
res.reason = "fee too low";
+ if ((res.not_rct = tvc.m_not_rct))
+ res.reason = "tx is not ringct";
return true;
}
@@ -1023,7 +1065,6 @@ namespace cryptonote
return false;
}
-#if BLOCKCHAIN_DB == DB_LMDB
const Blockchain &blockchain = m_core.get_blockchain_storage();
uint8_t version = req.version > 0 ? req.version : blockchain.get_next_hard_fork_version();
res.version = blockchain.get_current_hard_fork_version();
@@ -1031,11 +1072,6 @@ namespace cryptonote
res.state = blockchain.get_hard_fork_state();
res.status = CORE_RPC_STATUS_OK;
return true;
-#else
- error_resp.code = CORE_RPC_ERROR_CODE_UNSUPPORTED_RPC;
- error_resp.message = "Hard fork inoperative in memory mode.";
- return false;
-#endif
}
//------------------------------------------------------------------------------------------------------------------------------
bool core_rpc_server::on_get_bans(const COMMAND_RPC_GETBANS::request& req, COMMAND_RPC_GETBANS::response& res, epee::json_rpc::error& error_resp)
diff --git a/src/rpc/core_rpc_server.h b/src/rpc/core_rpc_server.h
index 6ebf41abc..9fcf3abf8 100644
--- a/src/rpc/core_rpc_server.h
+++ b/src/rpc/core_rpc_server.h
@@ -79,6 +79,7 @@ namespace cryptonote
MAP_URI_AUTO_BIN2("/get_o_indexes.bin", on_get_indexes, COMMAND_RPC_GET_TX_GLOBAL_OUTPUTS_INDEXES)
MAP_URI_AUTO_BIN2("/getrandom_outs.bin", on_get_random_outs, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS)
MAP_URI_AUTO_BIN2("/get_outs.bin", on_get_outs, COMMAND_RPC_GET_OUTPUTS)
+ MAP_URI_AUTO_BIN2("/getrandom_rctouts.bin", on_get_random_rct_outs, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS)
MAP_URI_AUTO_JON2("/gettransactions", on_get_transactions, COMMAND_RPC_GET_TRANSACTIONS)
MAP_URI_AUTO_JON2("/is_key_image_spent", on_is_key_image_spent, COMMAND_RPC_IS_KEY_IMAGE_SPENT)
MAP_URI_AUTO_JON2("/sendrawtransaction", on_send_raw_tx, COMMAND_RPC_SEND_RAW_TX)
@@ -128,6 +129,7 @@ namespace cryptonote
bool on_mining_status(const COMMAND_RPC_MINING_STATUS::request& req, COMMAND_RPC_MINING_STATUS::response& res);
bool on_get_random_outs(const COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::request& req, COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::response& res);
bool on_get_outs(const COMMAND_RPC_GET_OUTPUTS::request& req, COMMAND_RPC_GET_OUTPUTS::response& res);
+ bool on_get_random_rct_outs(const COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::request& req, COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS::response& res);
bool on_get_info(const COMMAND_RPC_GET_INFO::request& req, COMMAND_RPC_GET_INFO::response& res);
bool on_save_bc(const COMMAND_RPC_SAVE_BC::request& req, COMMAND_RPC_SAVE_BC::response& res);
bool on_get_peer_list(const COMMAND_RPC_GET_PEER_LIST::request& req, COMMAND_RPC_GET_PEER_LIST::response& res);
diff --git a/src/rpc/core_rpc_server_commands_defs.h b/src/rpc/core_rpc_server_commands_defs.h
index 22c3590e1..8cba53943 100644
--- a/src/rpc/core_rpc_server_commands_defs.h
+++ b/src/rpc/core_rpc_server_commands_defs.h
@@ -41,7 +41,7 @@ namespace cryptonote
#define CORE_RPC_STATUS_BUSY "BUSY"
#define CORE_RPC_STATUS_NOT_MINING "NOT MINING"
-#define CORE_RPC_VERSION 2
+#define CORE_RPC_VERSION 3
struct COMMAND_RPC_GET_HEIGHT
{
@@ -76,18 +76,38 @@ namespace cryptonote
END_KV_SERIALIZE_MAP()
};
+ struct tx_output_indices
+ {
+ std::vector<uint64_t> indices;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(indices)
+ END_KV_SERIALIZE_MAP()
+ };
+
+ struct block_output_indices
+ {
+ std::vector<tx_output_indices> indices;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(indices)
+ END_KV_SERIALIZE_MAP()
+ };
+
struct response
{
std::list<block_complete_entry> blocks;
uint64_t start_height;
uint64_t current_height;
std::string status;
+ std::vector<block_output_indices> output_indices;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(blocks)
KV_SERIALIZE(start_height)
KV_SERIALIZE(current_height)
KV_SERIALIZE(status)
+ KV_SERIALIZE(output_indices)
END_KV_SERIALIZE_MAP()
};
};
@@ -296,10 +316,12 @@ namespace cryptonote
struct outkey
{
crypto::public_key key;
+ rct::key mask;
bool unlocked;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE_VAL_POD_AS_BLOB(key)
+ KV_SERIALIZE_VAL_POD_AS_BLOB(mask)
KV_SERIALIZE(unlocked)
END_KV_SERIALIZE_MAP()
};
@@ -315,6 +337,37 @@ namespace cryptonote
END_KV_SERIALIZE_MAP()
};
};
+
+ struct COMMAND_RPC_GET_RANDOM_RCT_OUTPUTS
+ {
+ struct request
+ {
+ uint64_t outs_count;
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(outs_count)
+ END_KV_SERIALIZE_MAP()
+ };
+
+#pragma pack (push, 1)
+ struct out_entry
+ {
+ uint64_t amount;
+ uint64_t global_amount_index;
+ crypto::public_key out_key;
+ rct::key commitment;
+ };
+#pragma pack(pop)
+
+ struct response
+ {
+ std::list<out_entry> outs;
+ std::string status;
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE_CONTAINER_POD_AS_BLOB(outs)
+ KV_SERIALIZE(status)
+ END_KV_SERIALIZE_MAP()
+ };
+ };
//-----------------------------------------------
struct COMMAND_RPC_SEND_RAW_TX
{
@@ -345,6 +398,7 @@ namespace cryptonote
bool too_big;
bool overspend;
bool fee_too_low;
+ bool not_rct;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(status)
@@ -357,6 +411,7 @@ namespace cryptonote
KV_SERIALIZE(too_big)
KV_SERIALIZE(overspend)
KV_SERIALIZE(fee_too_low)
+ KV_SERIALIZE(not_rct)
END_KV_SERIALIZE_MAP()
};
};
diff --git a/src/serialization/crypto.h b/src/serialization/crypto.h
index 3644b0e03..9a7e89c49 100644
--- a/src/serialization/crypto.h
+++ b/src/serialization/crypto.h
@@ -92,3 +92,4 @@ VARIANT_TAG(debug_archive, crypto::secret_key, "secret_key");
VARIANT_TAG(debug_archive, crypto::key_derivation, "key_derivation");
VARIANT_TAG(debug_archive, crypto::key_image, "key_image");
VARIANT_TAG(debug_archive, crypto::signature, "signature");
+
diff --git a/src/serialization/serialization.h b/src/serialization/serialization.h
index 8e277a46a..177cdf33a 100644
--- a/src/serialization/serialization.h
+++ b/src/serialization/serialization.h
@@ -102,6 +102,12 @@ inline bool do_serialize(Archive &ar, T &v)
{
return ::serializer<Archive, T>::serialize(ar, v);
}
+template <class Archive>
+inline bool do_serialize(Archive &ar, bool &v)
+{
+ ar.serialize_blob(&v, sizeof(v));
+ return true;
+}
// Never used in the code base
// #ifndef __GNUC__
diff --git a/src/serialization/vector.h b/src/serialization/vector.h
index a2a69f841..7f2bc78ba 100644
--- a/src/serialization/vector.h
+++ b/src/serialization/vector.h
@@ -32,6 +32,11 @@
#include "serialization.h"
+template <template <bool> class Archive, class T>
+bool do_serialize(Archive<false> &ar, std::vector<T> &v);
+template <template <bool> class Archive, class T>
+bool do_serialize(Archive<true> &ar, std::vector<T> &v);
+
namespace serialization
{
namespace detail
diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp
index 1840e54c9..44b5b0c70 100644
--- a/src/simplewallet/simplewallet.cpp
+++ b/src/simplewallet/simplewallet.cpp
@@ -58,6 +58,7 @@
#include "mnemonics/electrum-words.h"
#include "rapidjson/document.h"
#include "common/json_util.h"
+#include "ringct/rctSigs.h"
#include <stdexcept>
#if defined(WIN32)
@@ -99,6 +100,11 @@ typedef cryptonote::simple_wallet sw;
m_auto_refresh_enabled.store(auto_refresh_enabled, std::memory_order_relaxed); \
})
+enum TransferType {
+ TransferOriginal,
+ TransferNew,
+};
+
namespace
{
const command_line::arg_descriptor<std::string> arg_wallet_file = {"wallet-file", sw::tr("Use wallet <arg>"), ""};
@@ -642,8 +648,8 @@ simple_wallet::simple_wallet()
m_cmd_binder.set_handler("incoming_transfers", boost::bind(&simple_wallet::show_incoming_transfers, this, _1), tr("incoming_transfers [available|unavailable] - Show incoming transfers, all or filtered by availability"));
m_cmd_binder.set_handler("payments", boost::bind(&simple_wallet::show_payments, this, _1), tr("payments <PID_1> [<PID_2> ... <PID_N>] - Show payments for given payment ID[s]"));
m_cmd_binder.set_handler("bc_height", boost::bind(&simple_wallet::show_blockchain_height, this, _1), tr("Show blockchain height"));
- m_cmd_binder.set_handler("transfer", boost::bind(&simple_wallet::transfer, this, _1), tr("transfer [<mixin_count>] <addr_1> <amount_1> [<addr_2> <amount_2> ... <addr_N> <amount_N>] [payment_id] - Transfer <amount_1>,... <amount_N> to <address_1>,... <address_N>, respectively. <mixin_count> is the number of extra inputs to include for untraceability (from 0 to maximum available)"));
- m_cmd_binder.set_handler("transfer_new", boost::bind(&simple_wallet::transfer_new, this, _1), tr("Same as transfer, but using a new transaction building algorithm"));
+ m_cmd_binder.set_handler("transfer_original", boost::bind(&simple_wallet::transfer, this, _1), tr("transfer [<mixin_count>] <addr_1> <amount_1> [<addr_2> <amount_2> ... <addr_N> <amount_N>] [payment_id] - Transfer <amount_1>,... <amount_N> to <address_1>,... <address_N>, respectively. <mixin_count> is the number of extra inputs to include for untraceability (from 0 to maximum available)"));
+ m_cmd_binder.set_handler("transfer", boost::bind(&simple_wallet::transfer_new, this, _1), tr("Same as transfer_original, but using a new transaction building algorithm"));
m_cmd_binder.set_handler("sweep_unmixable", boost::bind(&simple_wallet::sweep_unmixable, this, _1), tr("Send all unmixable outputs to yourself with mixin 0"));
m_cmd_binder.set_handler("sweep_all", boost::bind(&simple_wallet::sweep_all, this, _1), tr("Send all unlocked balance an address"));
m_cmd_binder.set_handler("set_log", boost::bind(&simple_wallet::set_log, this, _1), tr("set_log <level> - Change current log detail level, <0-4>"));
@@ -973,22 +979,22 @@ bool simple_wallet::generate_from_json(const boost::program_options::variables_m
return false;
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, version, unsigned, Uint, true);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, version, unsigned, Uint, true, 0);
const int current_version = 1;
if (field_version > current_version) {
fail_msg_writer() << boost::format(tr("Version %u too new, we can only grok up to %u")) % field_version % current_version;
return false;
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, filename, std::string, String, true);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, filename, std::string, String, true, std::string());
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, scan_from_height, uint64_t, Uint64, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, scan_from_height, uint64_t, Uint64, false, 0);
bool recover = field_scan_from_height_found;
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, password, std::string, String, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, password, std::string, String, false, std::string());
password = field_password;
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, viewkey, std::string, String, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, viewkey, std::string, String, false, std::string());
crypto::secret_key viewkey;
if (field_viewkey_found)
{
@@ -1006,7 +1012,7 @@ bool simple_wallet::generate_from_json(const boost::program_options::variables_m
}
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, spendkey, std::string, String, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, spendkey, std::string, String, false, std::string());
crypto::secret_key spendkey;
if (field_spendkey_found)
{
@@ -1024,7 +1030,7 @@ bool simple_wallet::generate_from_json(const boost::program_options::variables_m
}
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, seed, std::string, String, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, seed, std::string, String, false, std::string());
std::string old_language;
if (field_seed_found)
{
@@ -1037,7 +1043,7 @@ bool simple_wallet::generate_from_json(const boost::program_options::variables_m
m_restore_deterministic_wallet = true;
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, address, std::string, String, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, address, std::string, String, false, std::string());
// compatibility checks
if (!field_seed_found && !field_viewkey_found)
@@ -1888,24 +1894,24 @@ void simple_wallet::on_new_block(uint64_t height, const cryptonote::block& block
m_refresh_progress_reporter.update(height, false);
}
//----------------------------------------------------------------------------------------------------
-void simple_wallet::on_money_received(uint64_t height, const cryptonote::transaction& tx, size_t out_index)
+void simple_wallet::on_money_received(uint64_t height, const cryptonote::transaction& tx, uint64_t amount)
{
message_writer(epee::log_space::console_color_green, false) << "\r" <<
tr("Height ") << height << ", " <<
tr("transaction ") << get_transaction_hash(tx) << ", " <<
- tr("received ") << print_money(tx.vout[out_index].amount);
+ tr("received ") << print_money(amount);
if (m_auto_refresh_refreshing)
m_cmd_binder.print_prompt();
else
m_refresh_progress_reporter.update(height, true);
}
//----------------------------------------------------------------------------------------------------
-void simple_wallet::on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, size_t out_index, const cryptonote::transaction& spend_tx)
+void simple_wallet::on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, uint64_t amount, const cryptonote::transaction& spend_tx)
{
message_writer(epee::log_space::console_color_magenta, false) << "\r" <<
tr("Height ") << height << ", " <<
tr("transaction ") << get_transaction_hash(spend_tx) << ", " <<
- tr("spent ") << print_money(in_tx.vout[out_index].amount);
+ tr("spent ") << print_money(amount);
if (m_auto_refresh_refreshing)
m_cmd_binder.print_prompt();
else
@@ -2052,15 +2058,17 @@ bool simple_wallet::show_incoming_transfers(const std::vector<std::string>& args
{
if (!transfers_found)
{
- message_writer() << boost::format("%21s%8s%16s%68s") % tr("amount") % tr("spent") % tr("global index") % tr("tx id");
+ message_writer() << boost::format("%21s%8s%12s%8s%16s%68s") % tr("amount") % tr("spent") % tr("unlocked") % tr("ringct") % tr("global index") % tr("tx id");
transfers_found = true;
}
message_writer(td.m_spent ? epee::log_space::console_color_magenta : epee::log_space::console_color_green, false) <<
- boost::format("%21s%8s%16u%68s") %
+ boost::format("%21s%8s%12s%8s%16u%68s") %
print_money(td.amount()) %
(td.m_spent ? tr("T") : tr("F")) %
+ (m_wallet->is_transfer_unlocked(td) ? tr("unlocked") : tr("locked")) %
+ (td.is_rct() ? tr("RingCT") : tr("-")) %
td.m_global_output_index %
- get_transaction_hash (td.m_tx);
+ td.m_txid;
}
}
@@ -2274,7 +2282,7 @@ bool simple_wallet::get_address_from_str(const std::string &str, cryptonote::acc
return true;
}
//----------------------------------------------------------------------------------------------------
-bool simple_wallet::transfer_main(bool new_algorithm, const std::vector<std::string> &args_)
+bool simple_wallet::transfer_main(int transfer_type, const std::vector<std::string> &args_)
{
if (!try_connect_to_daemon())
return true;
@@ -2386,10 +2394,17 @@ bool simple_wallet::transfer_main(bool new_algorithm, const std::vector<std::str
{
// figure out what tx will be necessary
std::vector<tools::wallet2::pending_tx> ptx_vector;
- if (new_algorithm)
- ptx_vector = m_wallet->create_transactions_2(dsts, fake_outs_count, 0 /* unlock_time */, 0 /* unused fee arg*/, extra, m_trusted_daemon);
- else
- ptx_vector = m_wallet->create_transactions(dsts, fake_outs_count, 0 /* unlock_time */, 0 /* unused fee arg*/, extra, m_trusted_daemon);
+ switch (transfer_type)
+ {
+ case TransferNew:
+ ptx_vector = m_wallet->create_transactions_2(dsts, fake_outs_count, 0 /* unlock_time */, 0 /* unused fee arg*/, extra, m_trusted_daemon);
+ break;
+ default:
+ LOG_ERROR("Unknown transfer method, using original");
+ case TransferOriginal:
+ ptx_vector = m_wallet->create_transactions(dsts, fake_outs_count, 0 /* unlock_time */, 0 /* unused fee arg*/, extra, m_trusted_daemon);
+ break;
+ }
// if more than one tx necessary, prompt user to confirm
if (m_wallet->always_confirm_transfers() || ptx_vector.size() > 1)
@@ -2531,14 +2546,13 @@ bool simple_wallet::transfer_main(bool new_algorithm, const std::vector<std::str
//----------------------------------------------------------------------------------------------------
bool simple_wallet::transfer(const std::vector<std::string> &args_)
{
- return transfer_main(false, args_);
+ return transfer_main(TransferOriginal, args_);
}
//----------------------------------------------------------------------------------------------------
bool simple_wallet::transfer_new(const std::vector<std::string> &args_)
{
- return transfer_main(true, args_);
+ return transfer_main(TransferNew, args_);
}
-
//----------------------------------------------------------------------------------------------------
bool simple_wallet::sweep_unmixable(const std::vector<std::string> &args_)
{
@@ -2944,15 +2958,15 @@ bool simple_wallet::get_tx_key(const std::vector<std::string> &args_)
LOCK_IDLE_SCOPE();
crypto::secret_key tx_key;
- bool r = m_wallet->get_tx_key(txid, tx_key);
- if (r)
+ std::vector<crypto::secret_key> amount_keys;
+ if (m_wallet->get_tx_key(txid, tx_key))
{
- success_msg_writer() << tr("Tx key: ") << tx_key;
+ success_msg_writer() << tr("Tx key: ") << epee::string_tools::pod_to_hex(tx_key);
return true;
}
else
{
- fail_msg_writer() << tr("no tx key found for this txid");
+ fail_msg_writer() << tr("no tx keys found for this txid");
return true;
}
}
@@ -2979,13 +2993,19 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
LOCK_IDLE_SCOPE();
+ if (local_args[1].size() < 64 || local_args[1].size() % 64)
+ {
+ fail_msg_writer() << tr("failed to parse tx key");
+ return true;
+ }
+ crypto::secret_key tx_key;
cryptonote::blobdata tx_key_data;
if(!epee::string_tools::parse_hexstr_to_binbuff(local_args[1], tx_key_data))
{
fail_msg_writer() << tr("failed to parse tx key");
return true;
}
- crypto::secret_key tx_key = *reinterpret_cast<const crypto::secret_key*>(tx_key_data.data());
+ tx_key = *reinterpret_cast<const crypto::secret_key*>(tx_key_data.data());
cryptonote::account_public_address address;
bool has_payment_id;
@@ -3000,14 +3020,14 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
COMMAND_RPC_GET_TRANSACTIONS::response res;
req.txs_hashes.push_back(epee::string_tools::pod_to_hex(txid));
if (!net_utils::invoke_http_json_remote_command2(m_daemon_address + "/gettransactions", req, res, m_http_client) ||
- (res.txs.empty() && res.txs_as_hex.empty()))
+ (res.txs.size() != 1 && res.txs_as_hex.size() != 1))
{
fail_msg_writer() << tr("failed to get transaction from daemon");
return true;
}
cryptonote::blobdata tx_data;
bool ok;
- if (!res.txs.empty())
+ if (res.txs.size() == 1)
ok = string_tools::parse_hexstr_to_binbuff(res.txs.front().as_hex, tx_data);
else
ok = string_tools::parse_hexstr_to_binbuff(res.txs_as_hex.front(), tx_data);
@@ -3046,13 +3066,49 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
crypto::public_key pubkey;
derive_public_key(derivation, n, address.m_spend_public_key, pubkey);
if (pubkey == tx_out_to_key.key)
- received += tx.vout[n].amount;
+ {
+ uint64_t amount;
+ if (tx.version == 1)
+ {
+ amount = tx.vout[n].amount;
+ }
+ else
+ {
+ try
+ {
+ rct::key Ctmp;
+ //rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key)));
+ crypto::key_derivation derivation;
+ bool r = crypto::generate_key_derivation(address.m_view_public_key, tx_key, derivation);
+ if (!r)
+ {
+ LOG_ERROR("Failed to generate key derivation to decode rct output " << n);
+ amount = 0;
+ }
+ else
+ {
+ crypto::secret_key scalar1;
+ crypto::derivation_to_scalar(derivation, n, scalar1);
+ rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
+ rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1));
+ rct::key C = tx.rct_signatures.outPk[n].mask;
+ rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H);
+ if (rct::equalKeys(C, Ctmp))
+ amount = rct::h2d(ecdh_info.amount);
+ else
+ amount = 0;
+ }
+ }
+ catch (...) { amount = 0; }
+ }
+ received += amount;
+ }
}
}
- catch(...)
+ catch(const std::exception &e)
{
- LOG_ERROR("unknown error");
- fail_msg_writer() << tr("unknown error");
+ LOG_ERROR("error: " << e.what());
+ fail_msg_writer() << tr("error: ") << e.what();
return true;
}
@@ -3064,6 +3120,24 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
{
fail_msg_writer() << get_account_address_as_str(m_wallet->testnet(), address) << " " << tr("received nothing in txid") << " " << txid;
}
+ if (res.txs.front().in_pool)
+ {
+ success_msg_writer() << tr("WARNING: this transaction is not yet included in the blockchain!");
+ }
+ else
+ {
+ std::string err;
+ uint64_t bc_height = get_daemon_blockchain_height(err);
+ if (err.empty())
+ {
+ uint64_t confirmations = bc_height - (res.txs.front().block_height + 1);
+ success_msg_writer() << boost::format(tr("This transaction has %u confirmations")) % confirmations;
+ }
+ else
+ {
+ success_msg_writer() << tr("WARNING: failed to determine number of confirmations!");
+ }
+ }
return true;
}
@@ -3228,9 +3302,8 @@ bool simple_wallet::show_transfers(const std::vector<std::string> &args_)
m_wallet->get_unconfirmed_payments_out(upayments);
for (std::list<std::pair<crypto::hash, tools::wallet2::unconfirmed_transfer_details>>::const_iterator i = upayments.begin(); i != upayments.end(); ++i) {
const tools::wallet2::unconfirmed_transfer_details &pd = i->second;
- uint64_t amount = 0;
- cryptonote::get_inputs_money_amount(pd.m_tx, amount);
- uint64_t fee = amount - get_outs_money_amount(pd.m_tx);
+ uint64_t amount = pd.m_amount_in;
+ uint64_t fee = amount - pd.m_amount_out;
std::string payment_id = string_tools::pod_to_hex(i->second.m_payment_id);
if (payment_id.substr(16).find_first_not_of('0') == std::string::npos)
payment_id = payment_id.substr(0,16);
diff --git a/src/simplewallet/simplewallet.h b/src/simplewallet/simplewallet.h
index 52a4e150f..1259b95b0 100644
--- a/src/simplewallet/simplewallet.h
+++ b/src/simplewallet/simplewallet.h
@@ -120,7 +120,7 @@ namespace cryptonote
bool show_incoming_transfers(const std::vector<std::string> &args);
bool show_payments(const std::vector<std::string> &args);
bool show_blockchain_height(const std::vector<std::string> &args);
- bool transfer_main(bool new_algorithm, const std::vector<std::string> &args);
+ bool transfer_main(int transfer_type, const std::vector<std::string> &args);
bool transfer(const std::vector<std::string> &args);
bool transfer_new(const std::vector<std::string> &args);
bool sweep_all(const std::vector<std::string> &args);
@@ -171,8 +171,8 @@ namespace cryptonote
//----------------- i_wallet2_callback ---------------------
virtual void on_new_block(uint64_t height, const cryptonote::block& block);
- virtual void on_money_received(uint64_t height, const cryptonote::transaction& tx, size_t out_index);
- virtual void on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, size_t out_index, const cryptonote::transaction& spend_tx);
+ virtual void on_money_received(uint64_t height, const cryptonote::transaction& tx, uint64_t amount);
+ virtual void on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, uint64_t amount, const cryptonote::transaction& spend_tx);
virtual void on_skip_transaction(uint64_t height, const cryptonote::transaction& tx);
//----------------------------------------------------------
diff --git a/src/wallet/api/transaction_history.cpp b/src/wallet/api/transaction_history.cpp
index db42e2141..95aafb04f 100644
--- a/src/wallet/api/transaction_history.cpp
+++ b/src/wallet/api/transaction_history.cpp
@@ -165,9 +165,8 @@ void TransactionHistoryImpl::refresh()
for (std::list<std::pair<crypto::hash, tools::wallet2::unconfirmed_transfer_details>>::const_iterator i = upayments.begin(); i != upayments.end(); ++i) {
const tools::wallet2::unconfirmed_transfer_details &pd = i->second;
const crypto::hash &hash = i->first;
- uint64_t amount = 0;
- cryptonote::get_inputs_money_amount(pd.m_tx, amount);
- uint64_t fee = amount - get_outs_money_amount(pd.m_tx);
+ uint64_t amount = pd.m_amount_in;
+ uint64_t fee = amount - pd.m_amount_out;
std::string payment_id = string_tools::pod_to_hex(i->second.m_payment_id);
if (payment_id.substr(16).find_first_not_of('0') == std::string::npos)
payment_id = payment_id.substr(0,16);
diff --git a/src/wallet/api/wallet.cpp b/src/wallet/api/wallet.cpp
index b3ee4112b..f8704fde3 100644
--- a/src/wallet/api/wallet.cpp
+++ b/src/wallet/api/wallet.cpp
@@ -79,11 +79,10 @@ struct Wallet2CallbackImpl : public tools::i_wallet2_callback
LOG_PRINT_L3(__FUNCTION__ << ": new block. height: " << height);
}
- virtual void on_money_received(uint64_t height, const cryptonote::transaction& tx, size_t out_index)
+ virtual void on_money_received(uint64_t height, const cryptonote::transaction& tx, uint64_t amount)
{
std::string tx_hash = epee::string_tools::pod_to_hex(get_transaction_hash(tx));
- uint64_t amount = tx.vout[out_index].amount;
LOG_PRINT_L3(__FUNCTION__ << ": money received. height: " << height
<< ", tx: " << tx_hash
@@ -94,12 +93,11 @@ struct Wallet2CallbackImpl : public tools::i_wallet2_callback
}
}
- virtual void on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, size_t out_index,
+ virtual void on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, uint64_t amount,
const cryptonote::transaction& spend_tx)
{
// TODO;
std::string tx_hash = epee::string_tools::pod_to_hex(get_transaction_hash(spend_tx));
- uint64_t amount = in_tx.vout[out_index].amount;
LOG_PRINT_L3(__FUNCTION__ << ": money spent. height: " << height
<< ", tx: " << tx_hash
<< ", amount: " << print_money(amount));
@@ -491,12 +489,6 @@ PendingTransaction *WalletImpl::createTransaction(const string &dst_addr, const
}
de.amount = amount;
- if (de.amount <= 0) {
- m_status = Status_Error;
- m_errorString = "Invalid amount";
- break;
- }
-
dsts.push_back(de);
//std::vector<tools::wallet2::pending_tx> ptx_vector;
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 8502353ed..99866dbeb 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -29,6 +29,7 @@
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
#include <random>
+#include <tuple>
#include <boost/archive/binary_oarchive.hpp>
#include <boost/archive/binary_iarchive.hpp>
@@ -55,6 +56,7 @@ using namespace epee;
#include "rapidjson/stringbuffer.h"
#include "common/json_util.h"
#include "common/base58.h"
+#include "ringct/rctSigs.h"
extern "C"
{
@@ -96,14 +98,18 @@ void do_prepare_file_names(const std::string& file_path, std::string& keys_file,
}
}
-uint64_t calculate_fee(const cryptonote::blobdata &blob, uint64_t fee_multiplier)
+uint64_t calculate_fee(size_t bytes, uint64_t fee_multiplier)
{
THROW_WALLET_EXCEPTION_IF(fee_multiplier <= 0 || fee_multiplier > 3, tools::error::invalid_fee_multiplier);
- uint64_t bytes = blob.size();
uint64_t kB = (bytes + 1023) / 1024;
return kB * FEE_PER_KB * fee_multiplier;
}
+uint64_t calculate_fee(const cryptonote::blobdata &blob, uint64_t fee_multiplier)
+{
+ return calculate_fee(blob.size(), fee_multiplier);
+}
+
} //namespace
namespace tools
@@ -168,7 +174,21 @@ bool wallet2::is_deprecated() const
return is_old_file_format;
}
//----------------------------------------------------------------------------------------------------
-void wallet2::check_acc_out(const account_keys &acc, const tx_out &o, const crypto::public_key &tx_pub_key, size_t i, uint64_t &money_transfered, bool &error) const
+void wallet2::set_spent(transfer_details &td, uint64_t height)
+{
+ LOG_PRINT_L2("Setting SPENT at " << height << ": ki " << td.m_key_image << ", amount " << print_money(td.m_amount));
+ td.m_spent = true;
+ td.m_spent_height = height;
+}
+//----------------------------------------------------------------------------------------------------
+void wallet2::set_unspent(transfer_details &td)
+{
+ LOG_PRINT_L2("Setting UNSPENT: ki " << td.m_key_image << ", amount " << print_money(td.m_amount));
+ td.m_spent = false;
+ td.m_spent_height = 0;
+}
+//----------------------------------------------------------------------------------------------------
+void wallet2::check_acc_out(const account_keys &acc, const tx_out &o, const crypto::public_key &tx_pub_key, size_t i, bool &received, uint64_t &money_transfered, bool &error) const
{
if (o.target.type() != typeid(txout_to_key))
{
@@ -176,9 +196,10 @@ void wallet2::check_acc_out(const account_keys &acc, const tx_out &o, const cryp
LOG_ERROR("wrong type id in transaction out");
return;
}
- if(is_out_to_acc(acc, boost::get<txout_to_key>(o.target), tx_pub_key, i))
+ received = is_out_to_acc(acc, boost::get<txout_to_key>(o.target), tx_pub_key, i);
+ if(received)
{
- money_transfered = o.amount;
+ money_transfered = o.amount; // may be 0 for ringct outputs
}
else
{
@@ -187,8 +208,57 @@ void wallet2::check_acc_out(const account_keys &acc, const tx_out &o, const cryp
error = false;
}
//----------------------------------------------------------------------------------------------------
-void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_t height, uint64_t ts, bool miner_tx, bool pool)
+static uint64_t decodeRct(const rct::rctSig & rv, const crypto::public_key pub, const crypto::secret_key &sec, unsigned int i, rct::key & mask)
{
+ crypto::key_derivation derivation;
+ bool r = crypto::generate_key_derivation(pub, sec, derivation);
+ if (!r)
+ {
+ LOG_ERROR("Failed to generate key derivation to decode rct output " << i);
+ return 0;
+ }
+ crypto::secret_key scalar1;
+ crypto::derivation_to_scalar(derivation, i, scalar1);
+ try
+ {
+ switch (rv.type)
+ {
+ case rct::RCTTypeSimple:
+ return rct::decodeRctSimple(rv, rct::sk2rct(scalar1), i, mask);
+ case rct::RCTTypeFull:
+ return rct::decodeRct(rv, rct::sk2rct(scalar1), i, mask);
+ default:
+ LOG_ERROR("Unsupported rct type: " << rv.type);
+ return 0;
+ }
+ }
+ catch (const std::exception &e)
+ {
+ LOG_ERROR("Failed to decode input " << i);
+ return 0;
+ }
+}
+//----------------------------------------------------------------------------------------------------
+void wallet2::process_new_transaction(const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool)
+{
+ class lazy_txid_getter
+ {
+ const cryptonote::transaction &tx;
+ crypto::hash lazy_txid;
+ bool computed;
+ public:
+ lazy_txid_getter(const transaction &tx): tx(tx), computed(false) {}
+ const crypto::hash &operator()()
+ {
+ if (!computed)
+ {
+ lazy_txid = cryptonote::get_transaction_hash(tx);
+ computed = true;
+ }
+ return lazy_txid;
+ }
+ } txid(tx);
+
if (!miner_tx)
process_unconfirmed(tx, height);
std::vector<size_t> outs;
@@ -199,7 +269,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
if(!parse_tx_extra(tx.extra, tx_extra_fields))
{
// Extra may only be partially parsed, it's OK if tx_extra_fields contains public key
- LOG_PRINT_L0("Transaction extra has unsupported format: " << get_transaction_hash(tx));
+ LOG_PRINT_L0("Transaction extra has unsupported format: " << txid());
}
// Don't try to extract tx public key if tx has no ouputs
@@ -208,14 +278,19 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
tx_extra_pub_key pub_key_field;
if(!find_tx_extra_field_by_type(tx_extra_fields, pub_key_field))
{
- LOG_PRINT_L0("Public key wasn't found in the transaction extra. Skipping transaction " << get_transaction_hash(tx));
+ LOG_PRINT_L0("Public key wasn't found in the transaction extra. Skipping transaction " << txid());
if(0 != m_callback)
m_callback->on_skip_transaction(height, tx);
return;
}
+ int num_vouts_received = 0;
tx_pub_key = pub_key_field.pub_key;
bool r = true;
+ std::deque<cryptonote::keypair> in_ephemeral(tx.vout.size());
+ std::deque<crypto::key_image> ki(tx.vout.size());
+ std::deque<uint64_t> amount(tx.vout.size());
+ std::deque<rct::key> mask(tx.vout.size());
int threads = tools::get_max_concurrency();
if (miner_tx && m_refresh_type == RefreshNoCoinbase)
{
@@ -224,8 +299,8 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
else if (miner_tx && m_refresh_type == RefreshOptimizeCoinbase)
{
uint64_t money_transfered = 0;
- bool error = false;
- check_acc_out(m_account.get_keys(), tx.vout[0], tx_pub_key, 0, money_transfered, error);
+ bool error = false, received = false;
+ check_acc_out(m_account.get_keys(), tx.vout[0], tx_pub_key, 0, received, money_transfered, error);
if (error)
{
r = false;
@@ -233,10 +308,21 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
else
{
// this assumes that the miner tx pays a single address
- if (money_transfered > 0)
+ if (received)
{
+ cryptonote::generate_key_image_helper(m_account.get_keys(), tx_pub_key, 0, in_ephemeral[0], ki[0]);
+ THROW_WALLET_EXCEPTION_IF(in_ephemeral[0].pub != boost::get<cryptonote::txout_to_key>(tx.vout[0].target).key,
+ error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key");
+
outs.push_back(0);
+ if (money_transfered == 0)
+ {
+ const cryptonote::account_keys& keys = m_account.get_keys();
+ money_transfered = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, 0, mask[0]);
+ }
+ amount[0] = money_transfered;
tx_money_got_in_outs = money_transfered;
+ ++num_vouts_received;
// process the other outs from that tx
boost::asio::io_service ioservice;
@@ -250,11 +336,12 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
const account_keys &keys = m_account.get_keys();
std::vector<uint64_t> money_transfered(tx.vout.size());
std::deque<bool> error(tx.vout.size());
+ std::deque<bool> received(tx.vout.size());
// the first one was already checked
for (size_t i = 1; i < tx.vout.size(); ++i)
{
ioservice.dispatch(boost::bind(&wallet2::check_acc_out, this, std::cref(keys), std::cref(tx.vout[i]), std::cref(tx_pub_key), i,
- std::ref(money_transfered[i]), std::ref(error[i])));
+ std::ref(received[i]), std::ref(money_transfered[i]), std::ref(error[i])));
}
KILL_IOSERVICE();
for (size_t i = 1; i < tx.vout.size(); ++i)
@@ -264,10 +351,21 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
r = false;
break;
}
- if (money_transfered[i])
+ if (received[i])
{
+ cryptonote::generate_key_image_helper(m_account.get_keys(), tx_pub_key, i, in_ephemeral[i], ki[i]);
+ THROW_WALLET_EXCEPTION_IF(in_ephemeral[i].pub != boost::get<cryptonote::txout_to_key>(tx.vout[i].target).key,
+ error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key");
+
outs.push_back(i);
+ if (money_transfered[i] == 0)
+ {
+ const cryptonote::account_keys& keys = m_account.get_keys();
+ money_transfered[i] = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, i, mask[i]);
+ }
tx_money_got_in_outs += money_transfered[i];
+ amount[i] = money_transfered[i];
+ ++num_vouts_received;
}
}
}
@@ -286,10 +384,11 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
const account_keys &keys = m_account.get_keys();
std::vector<uint64_t> money_transfered(tx.vout.size());
std::deque<bool> error(tx.vout.size());
+ std::deque<bool> received(tx.vout.size());
for (size_t i = 0; i < tx.vout.size(); ++i)
{
ioservice.dispatch(boost::bind(&wallet2::check_acc_out, this, std::cref(keys), std::cref(tx.vout[i]), std::cref(tx_pub_key), i,
- std::ref(money_transfered[i]), std::ref(error[i])));
+ std::ref(received[i]), std::ref(money_transfered[i]), std::ref(error[i])));
}
KILL_IOSERVICE();
tx_money_got_in_outs = 0;
@@ -300,37 +399,68 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
r = false;
break;
}
- if (money_transfered[i])
+ if (received[i])
{
+ cryptonote::generate_key_image_helper(m_account.get_keys(), tx_pub_key, i, in_ephemeral[i], ki[i]);
+ THROW_WALLET_EXCEPTION_IF(in_ephemeral[i].pub != boost::get<cryptonote::txout_to_key>(tx.vout[i].target).key,
+ error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key");
+
outs.push_back(i);
+ if (money_transfered[i] == 0)
+ {
+ const cryptonote::account_keys& keys = m_account.get_keys();
+ money_transfered[i] = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, i, mask[i]);
+ }
tx_money_got_in_outs += money_transfered[i];
+ amount[i] = money_transfered[i];
+ ++num_vouts_received;
}
}
}
else
{
- r = lookup_acc_outs(m_account.get_keys(), tx, tx_pub_key, outs, tx_money_got_in_outs);
+ for (size_t i = 0; i < tx.vout.size(); ++i)
+ {
+ uint64_t money_transfered = 0;
+ bool error = false, received = false;
+ check_acc_out(m_account.get_keys(), tx.vout[i], tx_pub_key, i, received, money_transfered, error);
+ if (error)
+ {
+ r = false;
+ break;
+ }
+ else
+ {
+ if (received)
+ {
+ cryptonote::generate_key_image_helper(m_account.get_keys(), tx_pub_key, i, in_ephemeral[i], ki[i]);
+ THROW_WALLET_EXCEPTION_IF(in_ephemeral[i].pub != boost::get<cryptonote::txout_to_key>(tx.vout[i].target).key,
+ error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key");
+
+ outs.push_back(i);
+ if (money_transfered == 0)
+ {
+ const cryptonote::account_keys& keys = m_account.get_keys();
+ money_transfered = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, i, mask[i]);
+ }
+ amount[i] = money_transfered;
+ tx_money_got_in_outs += money_transfered;
+ ++num_vouts_received;
+ }
+ }
+ }
}
THROW_WALLET_EXCEPTION_IF(!r, error::acc_outs_lookup_error, tx, tx_pub_key, m_account.get_keys());
- if(!outs.empty() && tx_money_got_in_outs)
+ if(!outs.empty() && num_vouts_received > 0)
{
//good news - got money! take care about it
//usually we have only one transfer for user in transaction
- cryptonote::COMMAND_RPC_GET_TX_GLOBAL_OUTPUTS_INDEXES::request req = AUTO_VAL_INIT(req);
- cryptonote::COMMAND_RPC_GET_TX_GLOBAL_OUTPUTS_INDEXES::response res = AUTO_VAL_INIT(res);
if (!pool)
{
- req.txid = get_transaction_hash(tx);
- m_daemon_rpc_mutex.lock();
- bool r = net_utils::invoke_http_bin_remote_command2(m_daemon_address + "/get_o_indexes.bin", req, res, m_http_client, WALLET_RCP_CONNECTION_TIMEOUT);
- m_daemon_rpc_mutex.unlock();
- THROW_WALLET_EXCEPTION_IF(!r, error::no_connection_to_daemon, "get_o_indexes.bin");
- THROW_WALLET_EXCEPTION_IF(res.status == CORE_RPC_STATUS_BUSY, error::daemon_busy, "get_o_indexes.bin");
- THROW_WALLET_EXCEPTION_IF(res.status != CORE_RPC_STATUS_OK, error::get_out_indices_error, res.status);
- THROW_WALLET_EXCEPTION_IF(res.o_indexes.size() != tx.vout.size(), error::wallet_internal_error,
- "transactions outputs size=" + std::to_string(tx.vout.size()) +
- " not match with COMMAND_RPC_GET_TX_GLOBAL_OUTPUTS_INDEXES response size=" + std::to_string(res.o_indexes.size()));
+ THROW_WALLET_EXCEPTION_IF(tx.vout.size() != o_indices.size(), error::wallet_internal_error,
+ "transactions outputs size=" + std::to_string(tx.vout.size()) +
+ " not match with daemon response size=" + std::to_string(o_indices.size()));
}
BOOST_FOREACH(size_t o, outs)
@@ -338,13 +468,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
THROW_WALLET_EXCEPTION_IF(tx.vout.size() <= o, error::wallet_internal_error, "wrong out in transaction: internal index=" +
std::to_string(o) + ", total_outs=" + std::to_string(tx.vout.size()));
- crypto::key_image ki;
- cryptonote::keypair in_ephemeral;
- cryptonote::generate_key_image_helper(m_account.get_keys(), tx_pub_key, o, in_ephemeral, ki);
- THROW_WALLET_EXCEPTION_IF(in_ephemeral.pub != boost::get<cryptonote::txout_to_key>(tx.vout[o].target).key,
- error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key");
-
- auto kit = m_key_images.find(ki);
+ auto kit = m_key_images.find(ki[o]);
THROW_WALLET_EXCEPTION_IF(kit != m_key_images.end() && kit->second >= m_transfers.size(),
error::wallet_internal_error, std::string("Unexpected transfer index from key image: ")
+ "got " + (kit == m_key_images.end() ? "<none>" : boost::lexical_cast<std::string>(kit->second))
@@ -357,14 +481,32 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
transfer_details& td = m_transfers.back();
td.m_block_height = height;
td.m_internal_output_index = o;
- td.m_global_output_index = res.o_indexes[o];
- td.m_tx = tx;
- td.m_key_image = ki;
- td.m_spent = false;
+ td.m_global_output_index = o_indices[o];
+ td.m_tx = (const cryptonote::transaction_prefix&)tx;
+ td.m_txid = txid();
+ td.m_key_image = ki[o];
+ td.m_amount = tx.vout[o].amount;
+ if (td.m_amount == 0)
+ {
+ td.m_mask = mask[o];
+ td.m_amount = amount[o];
+ td.m_rct = true;
+ }
+ else if (miner_tx && tx.version == 2)
+ {
+ td.m_mask = rct::identity();
+ td.m_rct = true;
+ }
+ else
+ {
+ td.m_mask = rct::identity();
+ td.m_rct = false;
+ }
+ set_unspent(td);
m_key_images[td.m_key_image] = m_transfers.size()-1;
- LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << get_transaction_hash(tx));
+ LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << txid());
if (0 != m_callback)
- m_callback->on_money_received(height, td.m_tx, td.m_internal_output_index);
+ m_callback->on_money_received(height, tx, td.m_amount);
}
}
else if (m_transfers[kit->second].m_spent || m_transfers[kit->second].amount() >= tx.vout[o].amount)
@@ -387,14 +529,32 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
transfer_details &td = m_transfers[kit->second];
td.m_block_height = height;
td.m_internal_output_index = o;
- td.m_global_output_index = res.o_indexes[o];
- td.m_tx = tx;
- THROW_WALLET_EXCEPTION_IF(td.m_key_image != ki, error::wallet_internal_error, "Inconsistent key images");
+ td.m_global_output_index = o_indices[o];
+ td.m_tx = (const cryptonote::transaction_prefix&)tx;
+ td.m_txid = txid();
+ td.m_amount = tx.vout[o].amount;
+ if (td.m_amount == 0)
+ {
+ td.m_mask = mask[o];
+ td.m_amount = amount[o];
+ td.m_rct = true;
+ }
+ else if (miner_tx && tx.version == 2)
+ {
+ td.m_mask = rct::identity();
+ td.m_rct = true;
+ }
+ else
+ {
+ td.m_mask = rct::identity();
+ td.m_rct = false;
+ }
+ THROW_WALLET_EXCEPTION_IF(td.m_key_image != ki[o], error::wallet_internal_error, "Inconsistent key images");
THROW_WALLET_EXCEPTION_IF(td.m_spent, error::wallet_internal_error, "Inconsistent spent status");
- LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << get_transaction_hash(tx));
+ LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << txid());
if (0 != m_callback)
- m_callback->on_money_received(height, td.m_tx, td.m_internal_output_index);
+ m_callback->on_money_received(height, tx, td.m_amount);
}
}
}
@@ -410,12 +570,20 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
auto it = m_key_images.find(boost::get<cryptonote::txin_to_key>(in).k_image);
if(it != m_key_images.end())
{
- LOG_PRINT_L0("Spent money: " << print_money(boost::get<cryptonote::txin_to_key>(in).amount) << ", with tx: " << get_transaction_hash(tx));
- tx_money_spent_in_ins += boost::get<cryptonote::txin_to_key>(in).amount;
transfer_details& td = m_transfers[it->second];
- td.m_spent = true;
+ uint64_t amount = boost::get<cryptonote::txin_to_key>(in).amount;
+ if (amount > 0)
+ {
+ THROW_WALLET_EXCEPTION_IF(amount != td.amount(), error::wallet_internal_error,
+ std::string("Inconsistent amount in tx input: got ") + print_money(amount) +
+ std::string(", expected ") + print_money(td.amount()));
+ }
+ amount = td.amount();
+ LOG_PRINT_L0("Spent money: " << print_money(amount) << ", with tx: " << txid());
+ tx_money_spent_in_ins += amount;
+ set_spent(td, height);
if (0 != m_callback)
- m_callback->on_money_spent(height, td.m_tx, td.m_internal_output_index, tx);
+ m_callback->on_money_spent(height, tx, amount, tx);
}
}
@@ -467,7 +635,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
}
payment_details payment;
- payment.m_tx_hash = cryptonote::get_transaction_hash(tx);
+ payment.m_tx_hash = txid();
payment.m_amount = received;
payment.m_block_height = height;
payment.m_unlock_time = tx.unlock_time;
@@ -482,6 +650,9 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, uint64_
//----------------------------------------------------------------------------------------------------
void wallet2::process_unconfirmed(const cryptonote::transaction& tx, uint64_t height)
{
+ if (m_unconfirmed_txs.empty())
+ return;
+
crypto::hash txid = get_transaction_hash(tx);
auto unconf_it = m_unconfirmed_txs.find(txid);
if(unconf_it != m_unconfirmed_txs.end()) {
@@ -501,25 +672,38 @@ void wallet2::process_unconfirmed(const cryptonote::transaction& tx, uint64_t he
void wallet2::process_outgoing(const cryptonote::transaction &tx, uint64_t height, uint64_t ts, uint64_t spent, uint64_t received)
{
crypto::hash txid = get_transaction_hash(tx);
- confirmed_transfer_details &ctd = m_confirmed_txs[txid];
- // operator[] creates if not found
+ std::pair<std::unordered_map<crypto::hash, confirmed_transfer_details>::iterator, bool> entry = m_confirmed_txs.insert(std::make_pair(txid, confirmed_transfer_details()));
// fill with the info we know, some info might already be there
- ctd.m_amount_in = spent;
- ctd.m_amount_out = get_outs_money_amount(tx);
- ctd.m_change = received;
- ctd.m_block_height = height;
- ctd.m_timestamp = ts;
+ if (entry.second)
+ {
+ // this case will happen if the tx is from our outputs, but was sent by another
+ // wallet (eg, we're a cold wallet and the hot wallet sent it). For RCT transactions,
+ // we only see 0 input amounts, so have to deduce amount out from other parameters.
+ entry.first->second.m_amount_in = spent;
+ if (tx.version == 1)
+ entry.first->second.m_amount_out = get_outs_money_amount(tx);
+ else
+ entry.first->second.m_amount_out = spent - tx.rct_signatures.txnFee;
+ entry.first->second.m_change = received;
+ }
+ entry.first->second.m_block_height = height;
+ entry.first->second.m_timestamp = ts;
}
//----------------------------------------------------------------------------------------------------
-void wallet2::process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height)
+void wallet2::process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices)
{
+ size_t txidx = 0;
+ THROW_WALLET_EXCEPTION_IF(bche.txs.size() + 1 != o_indices.indices.size(), error::wallet_internal_error,
+ "block transactions=" + std::to_string(bche.txs.size()) +
+ " not match with daemon response size=" + std::to_string(o_indices.indices.size()));
+
//handle transactions from new block
//optimization: seeking only for blocks that are not older then the wallet creation time plus 1 day. 1 day is for possible user incorrect time setup
if(b.timestamp + 60*60*24 > m_account.get_createtime() && height >= m_refresh_from_block_height)
{
TIME_MEASURE_START(miner_tx_handle_time);
- process_new_transaction(b.miner_tx, height, b.timestamp, true, false);
+ process_new_transaction(b.miner_tx, o_indices.indices[txidx++].indices, height, b.timestamp, true, false);
TIME_MEASURE_FINISH(miner_tx_handle_time);
TIME_MEASURE_START(txs_handle_time);
@@ -528,7 +712,7 @@ void wallet2::process_new_blockchain_entry(const cryptonote::block& b, const cry
cryptonote::transaction tx;
bool r = parse_and_validate_tx_from_blob(txblob, tx);
THROW_WALLET_EXCEPTION_IF(!r, error::tx_parse_error, txblob);
- process_new_transaction(tx, height, b.timestamp, false, false);
+ process_new_transaction(tx, o_indices.indices[txidx++].indices, height, b.timestamp, false, false);
}
TIME_MEASURE_FINISH(txs_handle_time);
LOG_PRINT_L2("Processed block: " << bl_id << ", height " << height << ", " << miner_tx_handle_time + txs_handle_time << "(" << miner_tx_handle_time << "/" << txs_handle_time <<")ms");
@@ -578,7 +762,7 @@ void wallet2::parse_block_round(const cryptonote::blobdata &blob, cryptonote::bl
bl_id = get_block_hash(bl);
}
//----------------------------------------------------------------------------------------------------
-void wallet2::pull_blocks(uint64_t start_height, uint64_t &blocks_start_height, const std::list<crypto::hash> &short_chain_history, std::list<cryptonote::block_complete_entry> &blocks)
+void wallet2::pull_blocks(uint64_t start_height, uint64_t &blocks_start_height, const std::list<crypto::hash> &short_chain_history, std::list<cryptonote::block_complete_entry> &blocks, std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> &o_indices)
{
cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::request req = AUTO_VAL_INIT(req);
cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::response res = AUTO_VAL_INIT(res);
@@ -591,9 +775,13 @@ void wallet2::pull_blocks(uint64_t start_height, uint64_t &blocks_start_height,
THROW_WALLET_EXCEPTION_IF(!r, error::no_connection_to_daemon, "getblocks.bin");
THROW_WALLET_EXCEPTION_IF(res.status == CORE_RPC_STATUS_BUSY, error::daemon_busy, "getblocks.bin");
THROW_WALLET_EXCEPTION_IF(res.status != CORE_RPC_STATUS_OK, error::get_blocks_error, res.status);
+ THROW_WALLET_EXCEPTION_IF(res.blocks.size() != res.output_indices.size(), error::wallet_internal_error,
+ "mismatched blocks (" + boost::lexical_cast<std::string>(res.blocks.size()) + ") and output_indices (" +
+ boost::lexical_cast<std::string>(res.output_indices.size()) + ") sizes from daemon");
blocks_start_height = res.start_height;
blocks = res.blocks;
+ o_indices = res.output_indices;
}
//----------------------------------------------------------------------------------------------------
void wallet2::pull_hashes(uint64_t start_height, uint64_t &blocks_start_height, const std::list<crypto::hash> &short_chain_history, std::list<crypto::hash> &hashes)
@@ -614,10 +802,13 @@ void wallet2::pull_hashes(uint64_t start_height, uint64_t &blocks_start_height,
hashes = res.m_block_ids;
}
//----------------------------------------------------------------------------------------------------
-void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::block_complete_entry> &blocks, uint64_t& blocks_added)
+void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::block_complete_entry> &blocks, const std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> &o_indices, uint64_t& blocks_added)
{
size_t current_index = start_height;
blocks_added = 0;
+ size_t tx_o_indices_idx = 0;
+
+ THROW_WALLET_EXCEPTION_IF(blocks.size() != o_indices.size(), error::wallet_internal_error, "size mismatch");
int threads = tools::get_max_concurrency();
if (threads > 1)
@@ -660,7 +851,7 @@ void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::
if(current_index >= m_blockchain.size())
{
- process_new_blockchain_entry(bl, *blocki, bl_id, current_index);
+ process_new_blockchain_entry(bl, *blocki, bl_id, current_index, o_indices[b+i]);
++blocks_added;
}
else if(bl_id != m_blockchain[current_index])
@@ -672,7 +863,7 @@ void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::
string_tools::pod_to_hex(m_blockchain[current_index]));
detach_blockchain(current_index);
- process_new_blockchain_entry(bl, *blocki, bl_id, current_index);
+ process_new_blockchain_entry(bl, *blocki, bl_id, current_index, o_indices[b+i]);
}
else
{
@@ -694,7 +885,7 @@ void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::
crypto::hash bl_id = get_block_hash(bl);
if(current_index >= m_blockchain.size())
{
- process_new_blockchain_entry(bl, bl_entry, bl_id, current_index);
+ process_new_blockchain_entry(bl, bl_entry, bl_id, current_index, o_indices[tx_o_indices_idx]);
++blocks_added;
}
else if(bl_id != m_blockchain[current_index])
@@ -706,7 +897,7 @@ void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::
string_tools::pod_to_hex(m_blockchain[current_index]));
detach_blockchain(current_index);
- process_new_blockchain_entry(bl, bl_entry, bl_id, current_index);
+ process_new_blockchain_entry(bl, bl_entry, bl_id, current_index, o_indices[tx_o_indices_idx]);
}
else
{
@@ -714,6 +905,7 @@ void wallet2::process_blocks(uint64_t start_height, const std::list<cryptonote::
}
++current_index;
+ ++tx_o_indices_idx;
}
}
}
@@ -730,7 +922,7 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched)
refresh(start_height, blocks_fetched, received_money);
}
//----------------------------------------------------------------------------------------------------
-void wallet2::pull_next_blocks(uint64_t start_height, uint64_t &blocks_start_height, std::list<crypto::hash> &short_chain_history, const std::list<cryptonote::block_complete_entry> &prev_blocks, std::list<cryptonote::block_complete_entry> &blocks, bool &error)
+void wallet2::pull_next_blocks(uint64_t start_height, uint64_t &blocks_start_height, std::list<crypto::hash> &short_chain_history, const std::list<cryptonote::block_complete_entry> &prev_blocks, std::list<cryptonote::block_complete_entry> &blocks, std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> &o_indices, bool &error)
{
error = false;
@@ -748,7 +940,7 @@ void wallet2::pull_next_blocks(uint64_t start_height, uint64_t &blocks_start_hei
}
// pull the new blocks
- pull_blocks(start_height, blocks_start_height, short_chain_history, blocks);
+ pull_blocks(start_height, blocks_start_height, short_chain_history, blocks, o_indices);
}
catch(...)
{
@@ -772,7 +964,7 @@ void wallet2::update_pool_state()
std::unordered_map<crypto::hash, wallet2::unconfirmed_transfer_details>::iterator it = m_unconfirmed_txs.begin();
while (it != m_unconfirmed_txs.end())
{
- const std::string txid = epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(it->second.m_tx));
+ const std::string txid = epee::string_tools::pod_to_hex(it->first);
bool found = false;
for (auto it2: res.transactions)
{
@@ -799,6 +991,24 @@ void wallet2::update_pool_state()
{
LOG_PRINT_L1("Pending txid " << txid << " not in pool, marking as failed");
pit->second.m_state = wallet2::unconfirmed_transfer_details::failed;
+
+ // the inputs aren't spent anymore, since the tx failed
+ for (size_t vini = 0; vini < pit->second.m_tx.vin.size(); ++vini)
+ {
+ if (pit->second.m_tx.vin[vini].type() == typeid(txin_to_key))
+ {
+ txin_to_key &tx_in_to_key = boost::get<txin_to_key>(pit->second.m_tx.vin[vini]);
+ for (auto &td: m_transfers)
+ {
+ if (td.m_key_image == tx_in_to_key.k_image)
+ {
+ LOG_PRINT_L1("Resetting spent status for output " << vini << ": " << td.m_key_image);
+ set_unspent(td);
+ break;
+ }
+ }
+ }
+ }
}
}
}
@@ -869,7 +1079,7 @@ void wallet2::update_pool_state()
{
if (tx_hash == txid)
{
- process_new_transaction(tx, 0, time(NULL), false, true);
+ process_new_transaction(tx, std::vector<uint64_t>(), 0, time(NULL), false, true);
}
else
{
@@ -980,11 +1190,12 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched, bool& re
blocks_fetched = 0;
uint64_t added_blocks = 0;
size_t try_count = 0;
- crypto::hash last_tx_hash_id = m_transfers.size() ? get_transaction_hash(m_transfers.back().m_tx) : null_hash;
+ crypto::hash last_tx_hash_id = m_transfers.size() ? m_transfers.back().m_txid : null_hash;
std::list<crypto::hash> short_chain_history;
boost::thread pull_thread;
uint64_t blocks_start_height;
std::list<cryptonote::block_complete_entry> blocks;
+ std::vector<COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> o_indices;
// pull the first set of blocks
get_short_chain_history(short_chain_history);
@@ -1001,7 +1212,7 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched, bool& re
// and then fall through to regular refresh processing
}
- pull_blocks(start_height, blocks_start_height, short_chain_history, blocks);
+ pull_blocks(start_height, blocks_start_height, short_chain_history, blocks, o_indices);
// always reset start_height to 0 to force short_chain_ history to be used on
// subsequent pulls in this refresh.
start_height = 0;
@@ -1013,10 +1224,11 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched, bool& re
// pull the next set of blocks while we're processing the current one
uint64_t next_blocks_start_height;
std::list<cryptonote::block_complete_entry> next_blocks;
+ std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> next_o_indices;
bool error = false;
- pull_thread = boost::thread([&]{pull_next_blocks(start_height, next_blocks_start_height, short_chain_history, blocks, next_blocks, error);});
+ pull_thread = boost::thread([&]{pull_next_blocks(start_height, next_blocks_start_height, short_chain_history, blocks, next_blocks, next_o_indices, error);});
- process_blocks(blocks_start_height, blocks, added_blocks);
+ process_blocks(blocks_start_height, blocks, o_indices, added_blocks);
blocks_fetched += added_blocks;
pull_thread.join();
if(!added_blocks)
@@ -1025,6 +1237,7 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched, bool& re
// switch to the new blocks from the daemon
blocks_start_height = next_blocks_start_height;
blocks = next_blocks;
+ o_indices = next_o_indices;
// handle error from async fetching thread
if (error)
@@ -1049,7 +1262,7 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched, bool& re
}
}
}
- if(last_tx_hash_id != (m_transfers.size() ? get_transaction_hash(m_transfers.back().m_tx) : null_hash))
+ if(last_tx_hash_id != (m_transfers.size() ? m_transfers.back().m_txid : null_hash))
received_money = true;
try
@@ -1083,6 +1296,16 @@ void wallet2::detach_blockchain(uint64_t height)
LOG_PRINT_L0("Detaching blockchain on height " << height);
size_t transfers_detached = 0;
+ for (size_t i = 0; i < m_transfers.size(); ++i)
+ {
+ wallet2::transfer_details &td = m_transfers[i];
+ if (td.m_spent && td.m_spent_height >= height)
+ {
+ LOG_PRINT_L1("Resetting spent status for output " << i << ": " << td.m_key_image);
+ set_unspent(td);
+ }
+ }
+
auto it = std::find_if(m_transfers.begin(), m_transfers.end(), [&](const transfer_details& td){return td.m_block_height >= height;});
size_t i_start = it - m_transfers.begin();
@@ -1272,26 +1495,25 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
const char *field_key_data = json["key_data"].GetString();
account_data = std::string(field_key_data, field_key_data + json["key_data"].GetStringLength());
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, seed_language, std::string, String, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, seed_language, std::string, String, false, std::string());
if (field_seed_language_found)
{
set_seed_language(field_seed_language);
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, watch_only, int, Int, false);
- m_watch_only = field_watch_only_found && field_watch_only;
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, always_confirm_transfers, int, Int, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, watch_only, int, Int, false, false);
+ m_watch_only = field_watch_only;
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, always_confirm_transfers, int, Int, false, false);
m_always_confirm_transfers = field_always_confirm_transfers_found && field_always_confirm_transfers;
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, store_tx_keys, int, Int, false);
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, store_tx_info, int, Int, false);
- m_store_tx_info = (field_store_tx_keys_found && (field_store_tx_keys != 0))
- || (field_store_tx_info_found && (field_store_tx_info != 0));
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, default_mixin, unsigned int, Uint, false);
- m_default_mixin = field_default_mixin_found ? field_default_mixin : 0;
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, default_fee_multiplier, unsigned int, Uint, false);
- m_default_fee_multiplier = field_default_fee_multiplier_found ? field_default_fee_multiplier : 0;
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, auto_refresh, int, Int, false);
- m_auto_refresh = !field_auto_refresh_found || (field_auto_refresh != 0);
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, refresh_type, int, Int, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, store_tx_keys, int, Int, false, true);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, store_tx_info, int, Int, false, true);
+ m_store_tx_info = ((field_store_tx_keys != 0) || (field_store_tx_info != 0));
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, default_mixin, unsigned int, Uint, false, 0);
+ m_default_mixin = field_default_mixin;
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, default_fee_multiplier, unsigned int, Uint, false, 0);
+ m_default_fee_multiplier = field_default_fee_multiplier;
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, auto_refresh, int, Int, false, true);
+ m_auto_refresh = field_auto_refresh;
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, refresh_type, int, Int, false, RefreshType::RefreshDefault);
m_refresh_type = RefreshType::RefreshDefault;
if (field_refresh_type_found)
{
@@ -1300,7 +1522,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
else
LOG_PRINT_L0("Unknown refresh-type value (" << field_refresh_type << "), using default");
}
- GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, refresh_height, uint64_t, Uint64, false);
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, refresh_height, uint64_t, Uint64, false, 0);
if (field_refresh_height_found)
m_refresh_from_block_height = field_refresh_height;
}
@@ -1896,12 +2118,15 @@ void wallet2::rescan_spent()
if (td.m_spent)
{
LOG_PRINT_L0("Marking output " << i << "(" << td.m_key_image << ") as unspent, it was marked as spent");
+ set_unspent(td);
+ td.m_spent_height = 0;
}
else
{
LOG_PRINT_L0("Marking output " << i << "(" << td.m_key_image << ") as spent, it was marked as unspent");
+ set_spent(td, td.m_spent_height);
+ // unknown height, if this gets reorged, it might still be missed
}
- td.m_spent = daemon_resp.spent_status[i] != COMMAND_RPC_IS_KEY_IMAGE_SPENT::UNSPENT;
}
}
}
@@ -1962,6 +2187,7 @@ namespace
T pop_index(std::vector<T>& vec, size_t idx)
{
CHECK_AND_ASSERT_MES(!vec.empty(), T(), "Vector must be non-empty");
+ CHECK_AND_ASSERT_MES(idx < vec.size(), T(), "idx out of bounds");
T res = vec[idx];
if (idx + 1 != vec.size())
@@ -1981,6 +2207,84 @@ namespace
size_t idx = crypto::rand<size_t>() % vec.size();
return pop_index (vec, idx);
}
+
+ template<typename T>
+ T pop_back(std::vector<T>& vec)
+ {
+ CHECK_AND_ASSERT_MES(!vec.empty(), T(), "Vector must be non-empty");
+
+ T res = vec.back();
+ vec.pop_back();
+ return res;
+ }
+}
+//----------------------------------------------------------------------------------------------------
+// This returns a handwavy estimation of how much two outputs are related
+// If they're from the same tx, then they're fully related. From close block
+// heights, they're kinda related. The actual values don't matter, just
+// their ordering, but it could become more murky if we add scores later.
+float wallet2::get_output_relatedness(const transfer_details &td0, const transfer_details &td1) const
+{
+ int dh;
+
+ // expensive test, and same tx will fall onto the same block height below
+ if (td0.m_txid == td1.m_txid)
+ return 1.0f;
+
+ // same block height -> possibly tx burst, or same tx (since above is disabled)
+ dh = td0.m_block_height > td1.m_block_height ? td0.m_block_height - td1.m_block_height : td1.m_block_height - td0.m_block_height;
+ if (dh == 0)
+ return 0.9f;
+
+ // adjacent blocks -> possibly tx burst
+ if (dh == 1)
+ return 0.8f;
+
+ // could extract the payment id, and compare them, but this is a bit expensive too
+
+ // similar block heights
+ if (dh < 10)
+ return 0.2f;
+
+ // don't think these are particularly related
+ return 0.0f;
+}
+//----------------------------------------------------------------------------------------------------
+size_t wallet2::pop_best_value_from(const transfer_container &transfers, std::vector<size_t> &unused_indices, const std::list<transfer_container::iterator>& selected_transfers) const
+{
+ std::vector<size_t> candidates;
+ float best_relatedness = 1.0f;
+ for (size_t n = 0; n < unused_indices.size(); ++n)
+ {
+ const transfer_details &candidate = transfers[unused_indices[n]];
+ float relatedness = 0.0f;
+ for (const auto &i: selected_transfers)
+ {
+ float r = get_output_relatedness(candidate, *i);
+ if (r > relatedness)
+ {
+ relatedness = r;
+ if (relatedness == 1.0f)
+ break;
+ }
+ }
+
+ if (relatedness < best_relatedness)
+ {
+ best_relatedness = relatedness;
+ candidates.clear();
+ }
+
+ if (relatedness == best_relatedness)
+ candidates.push_back(n);
+ }
+ size_t idx = crypto::rand<size_t>() % candidates.size();
+ return pop_index (unused_indices, candidates[idx]);
+}
+//----------------------------------------------------------------------------------------------------
+size_t wallet2::pop_best_value(std::vector<size_t> &unused_indices, const std::list<transfer_container::iterator>& selected_transfers) const
+{
+ return pop_best_value_from(m_transfers, unused_indices, selected_transfers);
}
//----------------------------------------------------------------------------------------------------
// Select random input sources for transaction.
@@ -1992,7 +2296,7 @@ uint64_t wallet2::select_transfers(uint64_t needed_money, std::vector<size_t> un
uint64_t found_money = 0;
while (found_money < needed_money && !unused_transfers_indices.empty())
{
- size_t idx = pop_random_value(unused_transfers_indices);
+ size_t idx = pop_best_value(unused_transfers_indices, selected_transfers);
transfer_container::iterator it = m_transfers.begin() + idx;
selected_transfers.push_back(it);
@@ -2002,12 +2306,16 @@ uint64_t wallet2::select_transfers(uint64_t needed_money, std::vector<size_t> un
return found_money;
}
//----------------------------------------------------------------------------------------------------
-void wallet2::add_unconfirmed_tx(const cryptonote::transaction& tx, const std::vector<cryptonote::tx_destination_entry> &dests, const crypto::hash &payment_id, uint64_t change_amount)
+void wallet2::add_unconfirmed_tx(const cryptonote::transaction& tx, uint64_t amount_in, const std::vector<cryptonote::tx_destination_entry> &dests, const crypto::hash &payment_id, uint64_t change_amount)
{
unconfirmed_transfer_details& utd = m_unconfirmed_txs[cryptonote::get_transaction_hash(tx)];
+ utd.m_amount_in = amount_in;
+ utd.m_amount_out = 0;
+ for (const auto &d: dests)
+ utd.m_amount_out += d.amount;
utd.m_change = change_amount;
utd.m_sent_time = time(NULL);
- utd.m_tx = tx;
+ utd.m_tx = (const cryptonote::transaction_prefix&)tx;
utd.m_dests = dests;
utd.m_payment_id = payment_id;
utd.m_state = wallet2::unconfirmed_transfer_details::pending;
@@ -2190,19 +2498,26 @@ void wallet2::commit_tx(pending_tx& ptx)
txid = get_transaction_hash(ptx.tx);
crypto::hash payment_id = cryptonote::null_hash;
std::vector<cryptonote::tx_destination_entry> dests;
+ uint64_t amount_in = 0;
if (store_tx_info())
{
payment_id = get_payment_id(ptx);
dests = ptx.dests;
+ BOOST_FOREACH(transfer_container::iterator it, ptx.selected_transfers)
+ amount_in += it->amount();
}
- add_unconfirmed_tx(ptx.tx, dests, payment_id, ptx.change_dts.amount);
+ add_unconfirmed_tx(ptx.tx, amount_in, dests, payment_id, ptx.change_dts.amount);
if (store_tx_info())
+ {
m_tx_keys.insert(std::make_pair(txid, ptx.tx_key));
+ }
LOG_PRINT_L2("transaction " << txid << " generated ok and sent to daemon, key_images: [" << ptx.key_images << "]");
BOOST_FOREACH(transfer_container::iterator it, ptx.selected_transfers)
- it->m_spent = true;
+ {
+ set_spent(*it, 0);
+ }
//fee includes dust if dust policy specified it.
LOG_PRINT_L0("Transaction successfully sent. <" << txid << ">" << ENDL
@@ -2280,7 +2595,9 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions(std::vector<crypto
// mark transfers to be used as "spent"
BOOST_FOREACH(transfer_container::iterator it, ptx.selected_transfers)
- it->m_spent = true;
+ {
+ set_spent(*it, 0);
+ }
}
// if we made it this far, we've selected our transactions. committing them will mark them spent,
@@ -2290,7 +2607,9 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions(std::vector<crypto
{
// mark transfers to be used as not spent
BOOST_FOREACH(transfer_container::iterator it2, ptx.selected_transfers)
- it2->m_spent = false;
+ {
+ set_unspent(*it2);
+ }
}
@@ -2307,8 +2626,9 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions(std::vector<crypto
{
// mark transfers to be used as not spent
BOOST_FOREACH(transfer_container::iterator it2, ptx.selected_transfers)
- it2->m_spent = false;
-
+ {
+ set_unspent(*it2);
+ }
}
if (attempt_count >= MAX_SPLIT_ATTEMPTS)
@@ -2325,8 +2645,9 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions(std::vector<crypto
{
// mark transfers to be used as not spent
BOOST_FOREACH(transfer_container::iterator it2, ptx.selected_transfers)
- it2->m_spent = false;
-
+ {
+ set_unspent(*it2);
+ }
}
throw;
@@ -2334,40 +2655,12 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions(std::vector<crypto
}
}
-template<typename T>
-void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_entry>& dsts, const std::list<transfer_container::iterator> selected_transfers, size_t fake_outputs_count,
- uint64_t unlock_time, uint64_t fee, const std::vector<uint8_t>& extra, T destination_split_strategy, const tx_dust_policy& dust_policy, cryptonote::transaction& tx, pending_tx &ptx)
+template<typename entry>
+void wallet2::get_outs(std::vector<std::vector<entry>> &outs, const std::list<transfer_container::iterator> &selected_transfers, size_t fake_outputs_count)
{
- using namespace cryptonote;
- // throw if attempting a transaction with no destinations
- THROW_WALLET_EXCEPTION_IF(dsts.empty(), error::zero_destination);
-
- uint64_t upper_transaction_size_limit = get_upper_tranaction_size_limit();
- uint64_t needed_money = fee;
- LOG_PRINT_L2("transfer: starting with fee " << print_money (needed_money));
-
- // calculate total amount being sent to all destinations
- // throw if total amount overflows uint64_t
- BOOST_FOREACH(auto& dt, dsts)
- {
- THROW_WALLET_EXCEPTION_IF(0 == dt.amount, error::zero_destination);
- needed_money += dt.amount;
- LOG_PRINT_L2("transfer: adding " << print_money(dt.amount) << ", for a total of " << print_money (needed_money));
- THROW_WALLET_EXCEPTION_IF(needed_money < dt.amount, error::tx_sum_overflow, dsts, fee, m_testnet);
- }
-
- uint64_t found_money = 0;
- BOOST_FOREACH(auto it, selected_transfers)
- {
- found_money += it->amount();
- }
-
- LOG_PRINT_L2("wanted " << print_money(needed_money) << ", found " << print_money(found_money) << ", fee " << print_money(fee));
- THROW_WALLET_EXCEPTION_IF(found_money < needed_money, error::not_enough_money, found_money, needed_money - fee, fee);
-
- typedef std::pair<uint64_t, crypto::public_key> entry;
- std::vector<std::vector<entry>> outs;
- if (fake_outputs_count)
+ LOG_PRINT_L2("fake_outputs_count: " << fake_outputs_count);
+ outs.clear();
+ if (fake_outputs_count > 0)
{
// get histogram for the amounts we need
epee::json_rpc::request<cryptonote::COMMAND_RPC_GET_OUTPUT_HISTOGRAM::request> req_t = AUTO_VAL_INIT(req_t);
@@ -2377,7 +2670,10 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
req_t.id = epee::serialization::storage_entry(0);
req_t.method = "get_output_histogram";
for(auto it: selected_transfers)
- req_t.params.amounts.push_back(it->amount());
+ req_t.params.amounts.push_back(it->is_rct() ? 0 : it->amount());
+ std::sort(req_t.params.amounts.begin(), req_t.params.amounts.end());
+ auto end = std::unique(req_t.params.amounts.begin(), req_t.params.amounts.end());
+ req_t.params.amounts.resize(std::distance(req_t.params.amounts.begin(), end));
req_t.params.unlocked = true;
bool r = net_utils::invoke_http_json_remote_command2(m_daemon_address + "/json_rpc", req_t, resp_t, m_http_client);
m_daemon_rpc_mutex.unlock();
@@ -2387,12 +2683,15 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
// we ask for more, to have spares if some outputs are still locked
size_t requested_outputs_count = (size_t)((fake_outputs_count + 1) * 1.5 + 1);
+ LOG_PRINT_L2("requested_outputs_count: " << requested_outputs_count);
// generate output indices to request
COMMAND_RPC_GET_OUTPUTS::request req = AUTO_VAL_INIT(req);
COMMAND_RPC_GET_OUTPUTS::response daemon_resp = AUTO_VAL_INIT(daemon_resp);
+
for(transfer_container::iterator it: selected_transfers)
{
+ const uint64_t amount = it->is_rct() ? 0 : it->amount();
std::unordered_set<uint64_t> seen_indices;
size_t start = req.outputs.size();
@@ -2401,28 +2700,30 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
uint64_t num_outs = 0;
for (auto he: resp_t.result.histogram)
{
- if (he.amount == it->amount())
+ if (he.amount == amount)
{
num_outs = he.instances;
break;
}
}
+ LOG_PRINT_L1("" << num_outs << " outputs of size " << print_money(amount));
+
if (num_outs <= requested_outputs_count)
{
for (uint64_t i = 0; i < num_outs; i++)
- req.outputs.push_back({it->amount(), i});
+ req.outputs.push_back({amount, i});
// duplicate to make up shortfall: this will be caught after the RPC call,
// so we can also output the amounts for which we can't reach the required
// mixin after checking the actual unlockedness
for (uint64_t i = num_outs; i < requested_outputs_count; ++i)
- req.outputs.push_back({it->amount(), num_outs - 1});
+ req.outputs.push_back({amount, num_outs - 1});
}
else
{
// start with real one
uint64_t num_found = 1;
seen_indices.emplace(it->m_global_output_index);
- req.outputs.push_back({it->amount(), it->m_global_output_index});
+ req.outputs.push_back({amount, it->m_global_output_index});
// while we still need more mixins
while (num_found < requested_outputs_count)
@@ -2447,7 +2748,7 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
continue;
seen_indices.emplace(i);
- req.outputs.push_back({it->amount(), i});
+ req.outputs.push_back({amount, i});
++num_found;
}
}
@@ -2457,6 +2758,9 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
[](const COMMAND_RPC_GET_OUTPUTS::out &a, const COMMAND_RPC_GET_OUTPUTS::out &b) { return a.index < b.index; });
}
+ for (auto i: req.outputs)
+ LOG_PRINT_L1("asking for output " << i.index << " for " << print_money(i.amount));
+
// get the keys for those
m_daemon_rpc_mutex.lock();
r = epee::net_utils::invoke_http_bin_remote_command2(m_daemon_address + "/get_outs.bin", req, daemon_resp, m_http_client, 200000);
@@ -2475,9 +2779,10 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
{
outs.push_back(std::vector<entry>());
outs.back().reserve(fake_outputs_count + 1);
+ const rct::key mask = it->is_rct() ? rct::commit(it->amount(), it->m_mask) : rct::zeroCommit(it->amount());
// pick real out first (it will be sorted when done)
- outs.back().push_back({it->m_global_output_index, boost::get<txout_to_key>(it->m_tx.vout[it->m_internal_output_index].target).key});
+ outs.back().push_back(std::make_tuple(it->m_global_output_index, boost::get<txout_to_key>(it->m_tx.vout[it->m_internal_output_index].target).key, mask));
// then pick others in random order till we reach the required number
// since we use an equiprobable pick here, we don't upset the triangular distribution
@@ -2496,7 +2801,7 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
continue;
if (o > 0 && daemon_resp.outs[i].key == daemon_resp.outs[i - 1].key) // don't add duplicates
continue;
- outs.back().push_back({req.outputs[i].index, daemon_resp.outs[i].key});
+ outs.back().push_back(std::make_tuple(req.outputs[i].index, daemon_resp.outs[i].key, daemon_resp.outs[i].mask));
}
if (outs.back().size() < fake_outputs_count + 1)
{
@@ -2505,14 +2810,14 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
else
{
// sort the subsection, so any spares are reset in order
- std::sort(outs.back().begin(), outs.back().end(), [](const entry &a, const entry &b) { return a.first < b.first; });
+ std::sort(outs.back().begin(), outs.back().end(), [](const entry &a, const entry &b) { return std::get<0>(a) < std::get<0>(b); });
// sanity check
for (size_t n = 1; n < outs.back().size(); ++n)
{
- THROW_WALLET_EXCEPTION_IF(outs.back()[n].first == outs.back()[n-1].first, error::wallet_internal_error,
+ THROW_WALLET_EXCEPTION_IF(std::get<0>(outs.back()[n]) == std::get<0>(outs.back()[n-1]), error::wallet_internal_error,
"Duplicate indices though we did not ask for any");
- THROW_WALLET_EXCEPTION_IF(outs.back()[n].second == outs.back()[n-1].second, error::wallet_internal_error,
+ THROW_WALLET_EXCEPTION_IF(std::get<1>(outs.back()[n]) == std::get<1>(outs.back()[n-1]), error::wallet_internal_error,
"Duplicate keys after we have weeded them out");
}
}
@@ -2525,10 +2830,47 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
for (transfer_container::iterator it: selected_transfers)
{
std::vector<entry> v;
- v.push_back({it->m_global_output_index, boost::get<txout_to_key>(it->m_tx.vout[it->m_internal_output_index].target).key});
+ const rct::key mask = it->is_rct() ? rct::commit(it->amount(), it->m_mask) : rct::zeroCommit(it->amount());
+ v.push_back(std::make_tuple(it->m_global_output_index, boost::get<txout_to_key>(it->m_tx.vout[it->m_internal_output_index].target).key, mask));
outs.push_back(v);
}
}
+}
+
+template<typename T>
+void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_entry>& dsts, const std::list<transfer_container::iterator> selected_transfers, size_t fake_outputs_count,
+ uint64_t unlock_time, uint64_t fee, const std::vector<uint8_t>& extra, T destination_split_strategy, const tx_dust_policy& dust_policy, cryptonote::transaction& tx, pending_tx &ptx)
+{
+ using namespace cryptonote;
+ // throw if attempting a transaction with no destinations
+ THROW_WALLET_EXCEPTION_IF(dsts.empty(), error::zero_destination);
+
+ uint64_t upper_transaction_size_limit = get_upper_tranaction_size_limit();
+ uint64_t needed_money = fee;
+ LOG_PRINT_L2("transfer: starting with fee " << print_money (needed_money));
+
+ // calculate total amount being sent to all destinations
+ // throw if total amount overflows uint64_t
+ BOOST_FOREACH(auto& dt, dsts)
+ {
+ THROW_WALLET_EXCEPTION_IF(0 == dt.amount, error::zero_destination);
+ needed_money += dt.amount;
+ LOG_PRINT_L2("transfer: adding " << print_money(dt.amount) << ", for a total of " << print_money (needed_money));
+ THROW_WALLET_EXCEPTION_IF(needed_money < dt.amount, error::tx_sum_overflow, dsts, fee, m_testnet);
+ }
+
+ uint64_t found_money = 0;
+ BOOST_FOREACH(auto it, selected_transfers)
+ {
+ found_money += it->amount();
+ }
+
+ LOG_PRINT_L2("wanted " << print_money(needed_money) << ", found " << print_money(found_money) << ", fee " << print_money(fee));
+ THROW_WALLET_EXCEPTION_IF(found_money < needed_money, error::not_enough_money, found_money, needed_money - fee, fee);
+
+ typedef std::tuple<uint64_t, crypto::public_key, rct::key> entry;
+ std::vector<std::vector<entry>> outs;
+ get_outs(outs, selected_transfers, fake_outputs_count); // may throw
//prepare inputs
typedef cryptonote::tx_source_entry::output_entry tx_output_entry;
@@ -2540,13 +2882,16 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
cryptonote::tx_source_entry& src = sources.back();
transfer_details& td = *it;
src.amount = td.amount();
+ src.rct = td.is_rct();
//paste keys (fake and real)
for (size_t n = 0; n < fake_outputs_count + 1; ++n)
{
tx_output_entry oe;
- oe.first = outs[out_index][n].first;
- oe.second = outs[out_index][n].second;
+ oe.first = std::get<0>(outs[out_index][n]);
+ oe.second.dest = rct::pk2rct(std::get<1>(outs[out_index][n]));
+ oe.second.mask = std::get<2>(outs[out_index][n]);
+
src.outputs.push_back(oe);
++i;
}
@@ -2561,7 +2906,8 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
tx_output_entry real_oe;
real_oe.first = td.m_global_output_index;
- real_oe.second = boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key;
+ real_oe.second.dest = rct::pk2rct(boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key);
+ real_oe.second.mask = rct::commit(td.amount(), td.m_mask);
*it_to_replace = real_oe;
src.real_out_tx_key = get_tx_pub_key_from_extra(td.m_tx);
src.real_output = it_to_replace - src.outputs.begin();
@@ -2621,6 +2967,225 @@ void wallet2::transfer_selected(const std::vector<cryptonote::tx_destination_ent
ptx.dests = dsts;
}
+void wallet2::transfer_selected_rct(std::vector<cryptonote::tx_destination_entry> dsts, const std::list<transfer_container::iterator> selected_transfers, size_t fake_outputs_count,
+ uint64_t unlock_time, uint64_t fee, const std::vector<uint8_t>& extra, cryptonote::transaction& tx, pending_tx &ptx)
+{
+ using namespace cryptonote;
+ // throw if attempting a transaction with no destinations
+ THROW_WALLET_EXCEPTION_IF(dsts.empty(), error::zero_destination);
+
+ uint64_t upper_transaction_size_limit = get_upper_tranaction_size_limit();
+ uint64_t needed_money = fee;
+ LOG_PRINT_L2("transfer: starting with fee " << print_money (needed_money));
+
+ // calculate total amount being sent to all destinations
+ // throw if total amount overflows uint64_t
+ BOOST_FOREACH(auto& dt, dsts)
+ {
+ THROW_WALLET_EXCEPTION_IF(0 == dt.amount, error::zero_destination);
+ needed_money += dt.amount;
+ LOG_PRINT_L2("transfer: adding " << print_money(dt.amount) << ", for a total of " << print_money (needed_money));
+ THROW_WALLET_EXCEPTION_IF(needed_money < dt.amount, error::tx_sum_overflow, dsts, fee, m_testnet);
+ }
+
+ uint64_t found_money = 0;
+ BOOST_FOREACH(auto it, selected_transfers)
+ {
+ found_money += it->amount();
+ }
+
+ LOG_PRINT_L2("wanted " << print_money(needed_money) << ", found " << print_money(found_money) << ", fee " << print_money(fee));
+ THROW_WALLET_EXCEPTION_IF(found_money < needed_money, error::not_enough_money, found_money, needed_money - fee, fee);
+
+ typedef std::tuple<uint64_t, crypto::public_key, rct::key> entry;
+ std::vector<std::vector<entry>> outs;
+ get_outs(outs, selected_transfers, fake_outputs_count); // may throw
+
+ //prepare inputs
+ size_t i = 0, out_index = 0;
+ std::vector<cryptonote::tx_source_entry> sources;
+ BOOST_FOREACH(transfer_container::iterator it, selected_transfers)
+ {
+ sources.resize(sources.size()+1);
+ cryptonote::tx_source_entry& src = sources.back();
+ transfer_details& td = *it;
+ src.amount = td.amount();
+ src.rct = td.is_rct();
+ //paste mixin transaction
+
+ typedef cryptonote::tx_source_entry::output_entry tx_output_entry;
+ for (size_t n = 0; n < fake_outputs_count + 1; ++n)
+ {
+ tx_output_entry oe;
+ oe.first = std::get<0>(outs[out_index][n]);
+ oe.second.dest = rct::pk2rct(std::get<1>(outs[out_index][n]));
+ oe.second.mask = std::get<2>(outs[out_index][n]);
+ src.outputs.push_back(oe);
+ }
+ ++i;
+
+ //paste real transaction to the random index
+ auto it_to_replace = std::find_if(src.outputs.begin(), src.outputs.end(), [&](const tx_output_entry& a)
+ {
+ return a.first == td.m_global_output_index;
+ });
+ THROW_WALLET_EXCEPTION_IF(it_to_replace == src.outputs.end(), error::wallet_internal_error,
+ "real output not found");
+
+ tx_output_entry real_oe;
+ real_oe.first = td.m_global_output_index;
+ real_oe.second.dest = rct::pk2rct(boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key);
+ real_oe.second.mask = rct::commit(td.amount(), td.m_mask);
+ *it_to_replace = real_oe;
+ src.real_out_tx_key = get_tx_pub_key_from_extra(td.m_tx);
+ src.real_output = it_to_replace - src.outputs.begin();
+ src.real_output_in_tx_index = td.m_internal_output_index;
+ src.mask = td.m_mask;
+ detail::print_source_entry(src);
+ ++out_index;
+ }
+
+ cryptonote::tx_destination_entry change_dts = AUTO_VAL_INIT(change_dts);
+ if (needed_money < found_money)
+ {
+ change_dts.addr = m_account.get_keys().m_account_address;
+ change_dts.amount = found_money - needed_money;
+ dsts.push_back(change_dts);
+ }
+
+ crypto::secret_key tx_key;
+ bool r = cryptonote::construct_tx_and_get_tx_key(m_account.get_keys(), sources, dsts, extra, tx, unlock_time, tx_key, true);
+ THROW_WALLET_EXCEPTION_IF(!r, error::tx_not_constructed, sources, dsts, unlock_time, m_testnet);
+ THROW_WALLET_EXCEPTION_IF(upper_transaction_size_limit <= get_object_blobsize(tx), error::tx_too_big, tx, upper_transaction_size_limit);
+
+ std::string key_images;
+ bool all_are_txin_to_key = std::all_of(tx.vin.begin(), tx.vin.end(), [&](const txin_v& s_e) -> bool
+ {
+ CHECKED_GET_SPECIFIC_VARIANT(s_e, const txin_to_key, in, false);
+ key_images += boost::to_string(in.k_image) + " ";
+ return true;
+ });
+ THROW_WALLET_EXCEPTION_IF(!all_are_txin_to_key, error::unexpected_txin_type, tx);
+
+ ptx.key_images = key_images;
+ ptx.fee = fee;
+ ptx.dust = 0;
+ ptx.dust_added_to_fee = false;
+ ptx.tx = tx;
+ ptx.change_dts = change_dts;
+ ptx.selected_transfers = selected_transfers;
+ ptx.tx_key = tx_key;
+ ptx.dests = dsts;
+}
+
+static size_t estimate_rct_tx_size(int n_inputs, int mixin, int n_outputs)
+{
+ size_t size = 0;
+
+ // tx prefix
+
+ // first few bytes
+ size += 1 + 6;
+
+ // vin
+ size += n_inputs * (1+6+(mixin+1)*2+32);
+
+ // vout
+ size += n_outputs * (6+32);
+
+ // extra
+ size += 40;
+
+ // rct signatures
+
+ // simple
+ size += 1;
+
+ // message
+ size += 32;
+
+ // rangeSigs
+ size += (2*64*32+32+64*32) * n_outputs;
+
+ // MGs - only the last slot of II is saved, the rest can be reconstructed
+ size += n_inputs * (32 * (mixin+1) * n_inputs + 32 + 32 * (/*n_inputs+*/1));
+
+ // mixRing - not serialized, can be reconstructed
+ /* size += 2 * 32 * (mixin+1) * n_inputs; */
+
+ // pseudoOuts
+ size += 32 * n_outputs;
+ // ecdhInfo
+ size += 3 * 32 * n_outputs;
+ // outPk - only commitment is saved
+ size += 1 * 32 * n_outputs;
+ // txnFee
+ size += 4;
+
+ LOG_PRINT_L2("estimated rct tx size for " << n_inputs << " at mixin " << mixin << " and " << n_outputs << ": " << size << " (" << ((32 * n_inputs/*+1*/) + 2 * 32 * (mixin+1) * n_inputs + 32 * n_outputs) << " saved)");
+ return size;
+}
+
+std::vector<size_t> wallet2::pick_prefered_rct_inputs(uint64_t needed_money) const
+{
+ std::vector<size_t> picks;
+ float current_output_relatdness = 1.0f;
+
+ LOG_PRINT_L2("pick_prefered_rct_inputs: needed_money " << print_money(needed_money));
+
+ // try to find a rct input of enough size
+ for (size_t i = 0; i < m_transfers.size(); ++i)
+ {
+ const transfer_details& td = m_transfers[i];
+ if (!td.m_spent && td.is_rct() && td.amount() >= needed_money && is_transfer_unlocked(td))
+ {
+ LOG_PRINT_L2("We can use " << i << " alone: " << print_money(td.amount()));
+ picks.push_back(i);
+ return picks;
+ }
+ }
+
+ // then try to find two outputs
+ // this could be made better by picking one of the outputs to be a small one, since those
+ // are less useful since often below the needed money, so if one can be used in a pair,
+ // it gets rid of it for the future
+ for (size_t i = 0; i < m_transfers.size(); ++i)
+ {
+ const transfer_details& td = m_transfers[i];
+ if (!td.m_spent && td.is_rct() && is_transfer_unlocked(td))
+ {
+ LOG_PRINT_L2("Considering input " << i << ", " << print_money(td.amount()));
+ for (size_t j = i + 1; j < m_transfers.size(); ++j)
+ {
+ const transfer_details& td2 = m_transfers[j];
+ if (!td2.m_spent && td2.is_rct() && td.amount() + td2.amount() >= needed_money && is_transfer_unlocked(td2))
+ {
+ // update our picks if those outputs are less related than any we
+ // already found. If the same, don't update, and oldest suitable outputs
+ // will be used in preference.
+ float relatedness = get_output_relatedness(td, td2);
+ LOG_PRINT_L2(" with input " << j << ", " << print_money(td2.amount()) << ", relatedness " << relatedness);
+ if (relatedness < current_output_relatdness)
+ {
+ // reset the current picks with those, and return them directly
+ // if they're unrelated. If they are related, we'll end up returning
+ // them if we find nothing better
+ picks.clear();
+ picks.push_back(i);
+ picks.push_back(j);
+ LOG_PRINT_L0("we could use " << i << " and " << j);
+ if (relatedness == 0.0f)
+ return picks;
+ current_output_relatdness = relatedness;
+ }
+ }
+ }
+ }
+ }
+
+ return picks;
+}
+
// Another implementation of transaction creation that is hopefully better
// While there is anything left to pay, it goes through random outputs and tries
// to fill the next destination/amount. If it fully fills it, it will use the
@@ -2662,12 +3227,13 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
bool adding_fee; // true if new outputs go towards fee, rather than destinations
uint64_t needed_fee, available_for_fee = 0;
uint64_t upper_transaction_size_limit = get_upper_tranaction_size_limit();
+ const bool use_rct = use_fork_rules(4, 0);
+
+ fee_multiplier = sanitize_fee_multiplier(fee_multiplier);
// throw if attempting a transaction with no destinations
THROW_WALLET_EXCEPTION_IF(dsts.empty(), error::zero_destination);
- fee_multiplier = sanitize_fee_multiplier (fee_multiplier);
-
// calculate total amount being sent to all destinations
// throw if total amount overflows uint64_t
needed_money = 0;
@@ -2686,9 +3252,9 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
for (size_t i = 0; i < m_transfers.size(); ++i)
{
const transfer_details& td = m_transfers[i];
- if (!td.m_spent && is_transfer_unlocked(td))
+ if (!td.m_spent && (use_rct ? true : !td.is_rct()) && is_transfer_unlocked(td))
{
- if (is_valid_decomposed_amount(td.amount()))
+ if ((td.is_rct()) || is_valid_decomposed_amount(td.amount()))
unused_transfers_indices.push_back(i);
else
unused_dust_indices.push_back(i);
@@ -2704,6 +3270,28 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
adding_fee = false;
needed_fee = 0;
+ // for rct, since we don't see the amounts, we will try to make all transactions
+ // look the same, with 1 or 2 inputs, and 2 outputs. One input is preferable, as
+ // this prevents linking to another by provenance analysis, but two is ok if we
+ // try to pick outputs not from the same block. We will get two outputs, one for
+ // the destination, and one for change.
+ std::vector<size_t> prefered_inputs;
+ uint64_t rct_outs_needed = 2 * (fake_outs_count + 1);
+ rct_outs_needed += 100; // some fudge factor since we don't know how many are locked
+ if (use_rct && get_num_rct_outputs() >= rct_outs_needed)
+ {
+ // this is used to build a tx that's 1 or 2 inputs, and 2 outputs, which
+ // will get us a known fee.
+ uint64_t estimated_fee = calculate_fee(estimate_rct_tx_size(2, fake_outs_count + 1, 2), fee_multiplier);
+ prefered_inputs = pick_prefered_rct_inputs(needed_money + estimated_fee);
+ if (!prefered_inputs.empty())
+ {
+ string s;
+ for (auto i: prefered_inputs) s += print_money(m_transfers[i].amount()) + " ";
+ LOG_PRINT_L1("Found prefered rct inputs for rct tx: " << s);
+ }
+ }
+
// while we have something to send
while ((!dsts.empty() && dsts[0].amount > 0) || adding_fee) {
TX &tx = txes.back();
@@ -2716,7 +3304,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
// get a random unspent output and use it to pay part (or all) of the current destination (and maybe next one, etc)
// This could be more clever, but maybe at the cost of making probabilistic inferences easier
- size_t idx = !unused_transfers_indices.empty() ? pop_random_value(unused_transfers_indices) : pop_random_value(unused_dust_indices);
+ size_t idx = !prefered_inputs.empty() ? pop_back(prefered_inputs) : !unused_transfers_indices.empty() ? pop_best_value(unused_transfers_indices, tx.selected_transfers) : pop_best_value(unused_dust_indices, tx.selected_transfers);
const transfer_details &td = m_transfers[idx];
LOG_PRINT_L2("Picking output " << idx << ", amount " << print_money(td.amount()));
@@ -2765,7 +3353,12 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
}
else
{
- try_tx = dsts.empty() || (tx.selected_transfers.size() * (fake_outs_count+1) * APPROXIMATE_INPUT_BYTES >= TX_SIZE_TARGET(upper_transaction_size_limit));
+ size_t estimated_rct_tx_size;
+ if (use_rct)
+ estimated_rct_tx_size = estimate_rct_tx_size(tx.selected_transfers.size(), fake_outs_count, tx.dsts.size() + 1);
+ else
+ estimated_rct_tx_size = tx.selected_transfers.size() * (fake_outs_count+1) * APPROXIMATE_INPUT_BYTES;
+ try_tx = dsts.empty() || (estimated_rct_tx_size >= TX_SIZE_TARGET(upper_transaction_size_limit));
}
if (try_tx) {
@@ -2776,8 +3369,12 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
LOG_PRINT_L2("Trying to create a tx now, with " << tx.dsts.size() << " destinations and " <<
tx.selected_transfers.size() << " outputs");
- transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
- detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
+ if (use_rct)
+ transfer_selected_rct(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ test_tx, test_ptx);
+ else
+ transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
auto txBlob = t_serializable_object_to_blob(test_ptx.tx);
needed_fee = calculate_fee(txBlob, fee_multiplier);
available_for_fee = test_ptx.fee + test_ptx.change_dts.amount + (!test_ptx.dust_added_to_fee ? test_ptx.dust : 0);
@@ -2814,11 +3411,15 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
else
{
LOG_PRINT_L2("We made a tx, adjusting fee and saving it");
- transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
- detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
+ if (use_rct)
+ transfer_selected_rct(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ test_tx, test_ptx);
+ else
+ transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
txBlob = t_serializable_object_to_blob(test_ptx.tx);
- LOG_PRINT_L2("Made a final " << ((txBlob.size() + 1023)/1024) << " kB tx, with " << print_money(test_ptx.fee) <<
- " fee and " << print_money(test_ptx.change_dts.amount) << " change");
+ LOG_PRINT_L2("Made a final " << ((txBlob.size() + 1023)/1024) << " kB tx, with " << print_money(test_ptx.fee) <<
+ " fee and " << print_money(test_ptx.change_dts.amount) << " change");
tx.tx = test_tx;
tx.ptx = test_ptx;
@@ -2862,7 +3463,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
return ptx_vector;
}
-std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptonote::account_public_address &address, const size_t fake_outs_count, const uint64_t unlock_time, uint64_t fee_multiplier, const std::vector<uint8_t> extra, bool trusted_daemon)
+std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptonote::account_public_address &address, const size_t fake_outs_count, const uint64_t unlock_time, const uint64_t fee_multiplier, const std::vector<uint8_t> extra, bool trusted_daemon)
{
std::vector<size_t> unused_transfers_indices;
std::vector<size_t> unused_dust_indices;
@@ -2877,16 +3478,15 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptono
std::vector<TX> txes;
uint64_t needed_fee, available_for_fee = 0;
uint64_t upper_transaction_size_limit = get_upper_tranaction_size_limit();
-
- fee_multiplier = sanitize_fee_multiplier(fee_multiplier);
+ const bool use_rct = use_fork_rules(4, 0);
// gather all our dust and non dust outputs
for (size_t i = 0; i < m_transfers.size(); ++i)
{
const transfer_details& td = m_transfers[i];
- if (!td.m_spent && is_transfer_unlocked(td))
+ if (!td.m_spent && (use_rct ? true : !td.is_rct()) && is_transfer_unlocked(td))
{
- if (is_valid_decomposed_amount(td.amount()))
+ if (td.is_rct() || is_valid_decomposed_amount(td.amount()))
unused_transfers_indices.push_back(i);
else
unused_dust_indices.push_back(i);
@@ -2908,7 +3508,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptono
// get a random unspent output and use it to pay next chunk. We try to alternate
// dust and non dust to ensure we never get with only dust, from which we might
// get a tx that can't pay for itself
- size_t idx = unused_transfers_indices.empty() ? pop_random_value(unused_dust_indices) : unused_dust_indices.empty() ? pop_random_value(unused_transfers_indices) : ((tx.selected_transfers.size() & 1) || accumulated_outputs > FEE_PER_KB * fee_multiplier * (upper_transaction_size_limit + 1023) / 1024) ? pop_random_value(unused_dust_indices) : pop_random_value(unused_transfers_indices);
+ size_t idx = unused_transfers_indices.empty() ? pop_best_value(unused_dust_indices, tx.selected_transfers) : unused_dust_indices.empty() ? pop_best_value(unused_transfers_indices, tx.selected_transfers) : ((tx.selected_transfers.size() & 1) || accumulated_outputs > FEE_PER_KB * fee_multiplier * (upper_transaction_size_limit + 1023) / 1024) ? pop_best_value(unused_dust_indices, tx.selected_transfers) : pop_best_value(unused_transfers_indices, tx.selected_transfers);
const transfer_details &td = m_transfers[idx];
LOG_PRINT_L2("Picking output " << idx << ", amount " << print_money(td.amount()));
@@ -2921,7 +3521,12 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptono
// here, check if we need to sent tx and start a new one
LOG_PRINT_L2("Considering whether to create a tx now, " << tx.selected_transfers.size() << " inputs, tx limit "
<< upper_transaction_size_limit);
- bool try_tx = (unused_dust_indices.empty() && unused_transfers_indices.empty()) || (tx.selected_transfers.size() * (fake_outs_count+1) * APPROXIMATE_INPUT_BYTES >= TX_SIZE_TARGET(upper_transaction_size_limit));
+ size_t estimated_rct_tx_size;
+ if (use_rct)
+ estimated_rct_tx_size = estimate_rct_tx_size(tx.selected_transfers.size(), fake_outs_count, tx.dsts.size() + 1);
+ else
+ estimated_rct_tx_size = tx.selected_transfers.size() * (fake_outs_count+1) * APPROXIMATE_INPUT_BYTES;
+ bool try_tx = (unused_dust_indices.empty() && unused_transfers_indices.empty()) || ( estimated_rct_tx_size >= TX_SIZE_TARGET(upper_transaction_size_limit));
if (try_tx) {
cryptonote::transaction test_tx;
@@ -2933,8 +3538,12 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptono
LOG_PRINT_L2("Trying to create a tx now, with " << tx.dsts.size() << " destinations and " <<
tx.selected_transfers.size() << " outputs");
- transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
- detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
+ if (use_rct)
+ transfer_selected_rct(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ test_tx, test_ptx);
+ else
+ transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
auto txBlob = t_serializable_object_to_blob(test_ptx.tx);
needed_fee = calculate_fee(txBlob, fee_multiplier);
available_for_fee = test_ptx.fee + test_ptx.dests[0].amount + test_ptx.change_dts.amount;
@@ -2946,8 +3555,12 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(const cryptono
do {
LOG_PRINT_L2("We made a tx, adjusting fee and saving it");
tx.dsts[0].amount = available_for_fee - needed_fee;
- transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
- detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
+ if (use_rct)
+ transfer_selected_rct(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ test_tx, test_ptx);
+ else
+ transfer_selected(tx.dsts, tx.selected_transfers, fake_outs_count, unlock_time, needed_fee, extra,
+ detail::digit_split_strategy, tx_dust_policy(::config::DEFAULT_DUST_THRESHOLD), test_tx, test_ptx);
txBlob = t_serializable_object_to_blob(test_ptx.tx);
needed_fee = calculate_fee(txBlob, fee_multiplier);
LOG_PRINT_L2("Made an attempt at a final " << ((txBlob.size() + 1023)/1024) << " kB tx, with " << print_money(test_ptx.fee) <<
@@ -3057,6 +3670,7 @@ void wallet2::transfer_from(const std::vector<size_t> &outs, size_t num_outputs,
cryptonote::tx_source_entry& src = sources.back();
transfer_details& td = *it;
src.amount = td.amount();
+ src.rct = td.is_rct();
//paste real transaction to the random index
auto it_to_insert = std::find_if(src.outputs.begin(), src.outputs.end(), [&](const tx_output_entry& a)
@@ -3065,7 +3679,8 @@ void wallet2::transfer_from(const std::vector<size_t> &outs, size_t num_outputs,
});
tx_output_entry real_oe;
real_oe.first = td.m_global_output_index;
- real_oe.second = boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key;
+ real_oe.second.dest = rct::pk2rct(boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key);
+ real_oe.second.mask = rct::commit(td.amount(), td.m_mask);
auto interted_it = src.outputs.insert(it_to_insert, real_oe);
src.real_out_tx_key = get_tx_pub_key_from_extra(td.m_tx);
src.real_output = interted_it - src.outputs.begin();
@@ -3113,36 +3728,45 @@ void wallet2::transfer_from(const std::vector<size_t> &outs, size_t num_outputs,
}
//----------------------------------------------------------------------------------------------------
-bool wallet2::use_fork_rules(uint8_t version)
+void wallet2::get_hard_fork_info(uint8_t version, uint64_t &earliest_height)
{
- cryptonote::COMMAND_RPC_GET_HEIGHT::request req = AUTO_VAL_INIT(req);
- cryptonote::COMMAND_RPC_GET_HEIGHT::response res = AUTO_VAL_INIT(res);
epee::json_rpc::request<cryptonote::COMMAND_RPC_HARD_FORK_INFO::request> req_t = AUTO_VAL_INIT(req_t);
epee::json_rpc::response<cryptonote::COMMAND_RPC_HARD_FORK_INFO::response, std::string> resp_t = AUTO_VAL_INIT(resp_t);
m_daemon_rpc_mutex.lock();
- bool r = net_utils::invoke_http_json_remote_command2(m_daemon_address + "/getheight", req, res, m_http_client);
- m_daemon_rpc_mutex.unlock();
- CHECK_AND_ASSERT_MES(r, false, "Failed to connect to daemon");
- CHECK_AND_ASSERT_MES(res.status != CORE_RPC_STATUS_BUSY, false, "Failed to connect to daemon");
- CHECK_AND_ASSERT_MES(res.status == CORE_RPC_STATUS_OK, false, "Failed to get current blockchain height");
-
- m_daemon_rpc_mutex.lock();
req_t.jsonrpc = "2.0";
req_t.id = epee::serialization::storage_entry(0);
req_t.method = "hard_fork_info";
req_t.params.version = version;
- r = net_utils::invoke_http_json_remote_command2(m_daemon_address + "/json_rpc", req_t, resp_t, m_http_client);
+ bool r = net_utils::invoke_http_json_remote_command2(m_daemon_address + "/json_rpc", req_t, resp_t, m_http_client);
+ m_daemon_rpc_mutex.unlock();
+ CHECK_AND_ASSERT_THROW_MES(r, "Failed to connect to daemon");
+ CHECK_AND_ASSERT_THROW_MES(resp_t.result.status != CORE_RPC_STATUS_BUSY, "Failed to connect to daemon");
+ CHECK_AND_ASSERT_THROW_MES(resp_t.result.status == CORE_RPC_STATUS_OK, "Failed to get hard fork status");
+
+ earliest_height = resp_t.result.earliest_height;
+}
+//----------------------------------------------------------------------------------------------------
+bool wallet2::use_fork_rules(uint8_t version, uint64_t early_blocks)
+{
+ cryptonote::COMMAND_RPC_GET_HEIGHT::request req = AUTO_VAL_INIT(req);
+ cryptonote::COMMAND_RPC_GET_HEIGHT::response res = AUTO_VAL_INIT(res);
+
+ m_daemon_rpc_mutex.lock();
+ bool r = net_utils::invoke_http_json_remote_command2(m_daemon_address + "/getheight", req, res, m_http_client);
m_daemon_rpc_mutex.unlock();
CHECK_AND_ASSERT_MES(r, false, "Failed to connect to daemon");
- CHECK_AND_ASSERT_MES(resp_t.result.status != CORE_RPC_STATUS_BUSY, false, "Failed to connect to daemon");
- CHECK_AND_ASSERT_MES(resp_t.result.status == CORE_RPC_STATUS_OK, false, "Failed to get hard fork status");
+ CHECK_AND_ASSERT_MES(res.status != CORE_RPC_STATUS_BUSY, false, "Failed to connect to daemon");
+ CHECK_AND_ASSERT_MES(res.status == CORE_RPC_STATUS_OK, false, "Failed to get current blockchain height");
+
+ uint64_t earliest_height;
+ get_hard_fork_info(version, earliest_height); // can throw
- bool close_enough = res.height >= resp_t.result.earliest_height - 10; // start using the rules a bit beforehand
+ bool close_enough = res.height >= earliest_height - early_blocks; // start using the rules that many blocks beforehand
if (close_enough)
- LOG_PRINT_L2("Using HF1 rules");
+ LOG_PRINT_L2("Using v" << (unsigned)version << " rules");
else
- LOG_PRINT_L2("Not using HF1 rules");
+ LOG_PRINT_L2("Not using v" << (unsigned)version << " rules");
return close_enough;
}
//----------------------------------------------------------------------------------------------------
@@ -3150,7 +3774,7 @@ uint64_t wallet2::get_upper_tranaction_size_limit()
{
if (m_upper_transaction_size_limit > 0)
return m_upper_transaction_size_limit;
- uint64_t full_reward_zone = use_fork_rules(2) ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V2 : CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1;
+ uint64_t full_reward_zone = use_fork_rules(2, 10) ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V2 : CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1;
return ((full_reward_zone * 125) / 100) - CRYPTONOTE_COINBASE_BLOB_RESERVED_SIZE;
}
//----------------------------------------------------------------------------------------------------
@@ -3213,6 +3837,8 @@ std::vector<size_t> wallet2::select_available_outputs_from_histogram(uint64_t co
}
return select_available_outputs([mixable, atleast](const transfer_details &td) {
+ if (td.is_rct())
+ return false;
const uint64_t amount = td.amount();
if (atleast) {
if (mixable.find(amount) != mixable.end())
@@ -3226,6 +3852,28 @@ std::vector<size_t> wallet2::select_available_outputs_from_histogram(uint64_t co
});
}
//----------------------------------------------------------------------------------------------------
+uint64_t wallet2::get_num_rct_outputs()
+{
+ epee::json_rpc::request<cryptonote::COMMAND_RPC_GET_OUTPUT_HISTOGRAM::request> req_t = AUTO_VAL_INIT(req_t);
+ epee::json_rpc::response<cryptonote::COMMAND_RPC_GET_OUTPUT_HISTOGRAM::response, std::string> resp_t = AUTO_VAL_INIT(resp_t);
+ m_daemon_rpc_mutex.lock();
+ req_t.jsonrpc = "2.0";
+ req_t.id = epee::serialization::storage_entry(0);
+ req_t.method = "get_output_histogram";
+ req_t.params.amounts.push_back(0);
+ req_t.params.min_count = 0;
+ req_t.params.max_count = 0;
+ bool r = net_utils::invoke_http_json_remote_command2(m_daemon_address + "/json_rpc", req_t, resp_t, m_http_client);
+ m_daemon_rpc_mutex.unlock();
+ THROW_WALLET_EXCEPTION_IF(!r, error::no_connection_to_daemon, "get_num_rct_outputs");
+ THROW_WALLET_EXCEPTION_IF(resp_t.result.status == CORE_RPC_STATUS_BUSY, error::daemon_busy, "get_output_histogram");
+ THROW_WALLET_EXCEPTION_IF(resp_t.result.status != CORE_RPC_STATUS_OK, error::get_histogram_error, resp_t.result.status);
+ THROW_WALLET_EXCEPTION_IF(resp_t.result.histogram.size() != 1, error::get_histogram_error, "Expected exactly one response");
+ THROW_WALLET_EXCEPTION_IF(resp_t.result.histogram[0].amount != 0, error::get_histogram_error, "Expected 0 amount");
+
+ return resp_t.result.histogram[0].instances;
+}
+//----------------------------------------------------------------------------------------------------
std::vector<size_t> wallet2::select_available_unmixable_outputs(bool trusted_daemon)
{
// request all outputs with less than 3 instances
@@ -3241,7 +3889,7 @@ std::vector<size_t> wallet2::select_available_mixable_outputs(bool trusted_daemo
std::vector<wallet2::pending_tx> wallet2::create_unmixable_sweep_transactions(bool trusted_daemon)
{
// From hard fork 1, we don't consider small amounts to be dust anymore
- const bool hf1_rules = use_fork_rules(2); // first hard fork has version 2
+ const bool hf1_rules = use_fork_rules(2, 10); // first hard fork has version 2
tx_dust_policy dust_policy(hf1_rules ? 0 : ::config::DEFAULT_DUST_THRESHOLD);
// may throw
@@ -3290,7 +3938,9 @@ std::vector<wallet2::pending_tx> wallet2::create_unmixable_sweep_transactions(bo
// mark transfers to be used as "spent"
BOOST_FOREACH(transfer_container::iterator it, ptx.selected_transfers)
- it->m_spent = true;
+ {
+ set_spent(*it, 0);
+ }
}
// if we made it this far, we've selected our transactions. committing them will mark them spent,
@@ -3300,8 +3950,9 @@ std::vector<wallet2::pending_tx> wallet2::create_unmixable_sweep_transactions(bo
{
// mark transfers to be used as not spent
BOOST_FOREACH(transfer_container::iterator it2, ptx.selected_transfers)
- it2->m_spent = false;
-
+ {
+ set_unspent(*it2);
+ }
}
// if we made it this far, we're OK to actually send the transactions
@@ -3317,8 +3968,9 @@ std::vector<wallet2::pending_tx> wallet2::create_unmixable_sweep_transactions(bo
{
// mark transfers to be used as not spent
BOOST_FOREACH(transfer_container::iterator it2, ptx.selected_transfers)
- it2->m_spent = false;
-
+ {
+ set_unspent(*it2);
+ }
}
if (attempt_count >= MAX_SPLIT_ATTEMPTS)
@@ -3335,8 +3987,9 @@ std::vector<wallet2::pending_tx> wallet2::create_unmixable_sweep_transactions(bo
{
// mark transfers to be used as not spent
BOOST_FOREACH(transfer_container::iterator it2, ptx.selected_transfers)
- it2->m_spent = false;
-
+ {
+ set_unspent(*it2);
+ }
}
throw;
@@ -3521,7 +4174,7 @@ uint64_t wallet2::import_key_images(const std::vector<std::pair<crypto::key_imag
for (size_t n = 0; n < daemon_resp.spent_status.size(); ++n)
{
transfer_details &td = m_transfers[n];
- uint64_t amount = td.m_tx.vout[td.m_internal_output_index].amount;
+ uint64_t amount = td.amount();
td.m_spent = daemon_resp.spent_status[n] != COMMAND_RPC_IS_KEY_IMAGE_SPENT::UNSPENT;
if (td.m_spent)
spent += amount;
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index d0c514a6d..0e87614b4 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -31,6 +31,7 @@
#pragma once
#include <memory>
+#include <boost/archive/binary_iarchive.hpp>
#include <boost/serialization/list.hpp>
#include <boost/serialization/vector.hpp>
#include <atomic>
@@ -46,6 +47,8 @@
#include "common/unordered_containers_boost_serialization.h"
#include "crypto/chacha8.h"
#include "crypto/hash.h"
+#include "ringct/rctTypes.h"
+#include "ringct/rctOps.h"
#include "wallet_errors.h"
@@ -58,8 +61,8 @@ namespace tools
{
public:
virtual void on_new_block(uint64_t height, const cryptonote::block& block) {}
- virtual void on_money_received(uint64_t height, const cryptonote::transaction& tx, size_t out_index) {}
- virtual void on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, size_t out_index, const cryptonote::transaction& spend_tx) {}
+ virtual void on_money_received(uint64_t height, const cryptonote::transaction& tx, uint64_t amount) {}
+ virtual void on_money_spent(uint64_t height, const cryptonote::transaction& in_tx, uint64_t amount, const cryptonote::transaction& spend_tx) {}
virtual void on_skip_transaction(uint64_t height, const cryptonote::transaction& tx) {}
virtual ~i_wallet2_callback() {}
};
@@ -96,13 +99,19 @@ namespace tools
struct transfer_details
{
uint64_t m_block_height;
- cryptonote::transaction m_tx;
+ cryptonote::transaction_prefix m_tx;
+ crypto::hash m_txid;
size_t m_internal_output_index;
uint64_t m_global_output_index;
bool m_spent;
+ uint64_t m_spent_height;
crypto::key_image m_key_image; //TODO: key_image stored twice :(
+ rct::key m_mask;
+ uint64_t m_amount;
+ bool m_rct;
- uint64_t amount() const { return m_tx.vout[m_internal_output_index].amount; }
+ bool is_rct() const { return m_rct; }
+ uint64_t amount() const { return m_amount; }
};
struct payment_details
@@ -116,7 +125,9 @@ namespace tools
struct unconfirmed_transfer_details
{
- cryptonote::transaction m_tx;
+ cryptonote::transaction_prefix m_tx;
+ uint64_t m_amount_in;
+ uint64_t m_amount_out;
uint64_t m_change;
time_t m_sent_time;
std::vector<cryptonote::tx_destination_entry> m_dests;
@@ -137,7 +148,7 @@ namespace tools
confirmed_transfer_details(): m_amount_in(0), m_amount_out(0), m_change((uint64_t)-1), m_block_height(0), m_payment_id(cryptonote::null_hash) {}
confirmed_transfer_details(const unconfirmed_transfer_details &utd, uint64_t height):
- m_amount_out(get_outs_money_amount(utd.m_tx)), m_change(utd.m_change), m_block_height(height), m_dests(utd.m_dests), m_payment_id(utd.m_payment_id), m_timestamp(utd.m_timestamp) { get_inputs_money_amount(utd.m_tx, m_amount_in); }
+ m_amount_in(utd.m_amount_in), m_amount_out(utd.m_amount_out), m_change(utd.m_change), m_block_height(height), m_dests(utd.m_dests), m_payment_id(utd.m_payment_id), m_timestamp(utd.m_timestamp) {}
};
typedef std::vector<transfer_details> transfer_container;
@@ -289,6 +300,8 @@ namespace tools
template<typename T>
void transfer_selected(const std::vector<cryptonote::tx_destination_entry>& dsts, const std::list<transfer_container::iterator> selected_transfers, size_t fake_outputs_count,
uint64_t unlock_time, uint64_t fee, const std::vector<uint8_t>& extra, T destination_split_strategy, const tx_dust_policy& dust_policy, cryptonote::transaction& tx, pending_tx &ptx);
+ void transfer_selected_rct(std::vector<cryptonote::tx_destination_entry> dsts, const std::list<transfer_container::iterator> selected_transfers, size_t fake_outputs_count,
+ uint64_t unlock_time, uint64_t fee, const std::vector<uint8_t>& extra, cryptonote::transaction& tx, pending_tx &ptx);
void commit_tx(pending_tx& ptx_vector);
void commit_tx(std::vector<pending_tx>& ptx_vector);
@@ -308,6 +321,7 @@ namespace tools
uint64_t get_blockchain_current_height() const { return m_local_bc_height; }
void rescan_spent();
void rescan_blockchain(bool refresh = true);
+ bool is_transfer_unlocked(const transfer_details& td) const;
template <class t_archive>
inline void serialize(t_archive &a, const unsigned int ver)
{
@@ -339,6 +353,8 @@ namespace tools
if(ver < 13)
return;
a & m_unconfirmed_payments;
+ if(ver < 14)
+ return;
}
/*!
@@ -376,8 +392,10 @@ namespace tools
bool get_tx_key(const crypto::hash &txid, crypto::secret_key &tx_key) const;
+ uint64_t get_num_rct_outputs();
- bool use_fork_rules(uint8_t version);
+ void get_hard_fork_info(uint8_t version, uint64_t &earliest_height);
+ bool use_fork_rules(uint8_t version, uint64_t early_blocks = 0);
std::string get_wallet_file() const;
std::string get_keys_file() const;
@@ -388,6 +406,9 @@ namespace tools
std::vector<size_t> select_available_unmixable_outputs(bool trusted_daemon);
std::vector<size_t> select_available_mixable_outputs(bool trusted_daemon);
+ size_t pop_best_value_from(const transfer_container &transfers, std::vector<size_t> &unused_dust_indices, const std::list<transfer_container::iterator>& selected_transfers) const;
+ size_t pop_best_value(std::vector<size_t> &unused_dust_indices, const std::list<transfer_container::iterator>& selected_transfers) const;
+
void set_tx_note(const crypto::hash &txid, const std::string &note);
std::string get_tx_note(const crypto::hash &txid) const;
@@ -413,32 +434,37 @@ namespace tools
* \param password Password of wallet file
*/
bool load_keys(const std::string& keys_file_name, const std::string& password);
- void process_new_transaction(const cryptonote::transaction& tx, uint64_t height, uint64_t ts, bool miner_tx, bool pool);
- void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height);
+ void process_new_transaction(const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool);
+ void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices);
void detach_blockchain(uint64_t height);
void get_short_chain_history(std::list<crypto::hash>& ids) const;
bool is_tx_spendtime_unlocked(uint64_t unlock_time, uint64_t block_height) const;
- bool is_transfer_unlocked(const transfer_details& td) const;
bool clear();
- void pull_blocks(uint64_t start_height, uint64_t& blocks_start_height, const std::list<crypto::hash> &short_chain_history, std::list<cryptonote::block_complete_entry> &blocks);
+ void pull_blocks(uint64_t start_height, uint64_t& blocks_start_height, const std::list<crypto::hash> &short_chain_history, std::list<cryptonote::block_complete_entry> &blocks, std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> &o_indices);
void pull_hashes(uint64_t start_height, uint64_t& blocks_start_height, const std::list<crypto::hash> &short_chain_history, std::list<crypto::hash> &hashes);
void fast_refresh(uint64_t stop_height, uint64_t &blocks_start_height, std::list<crypto::hash> &short_chain_history);
- void pull_next_blocks(uint64_t start_height, uint64_t &blocks_start_height, std::list<crypto::hash> &short_chain_history, const std::list<cryptonote::block_complete_entry> &prev_blocks, std::list<cryptonote::block_complete_entry> &blocks, bool &error);
- void process_blocks(uint64_t start_height, const std::list<cryptonote::block_complete_entry> &blocks, uint64_t& blocks_added);
+ void pull_next_blocks(uint64_t start_height, uint64_t &blocks_start_height, std::list<crypto::hash> &short_chain_history, const std::list<cryptonote::block_complete_entry> &prev_blocks, std::list<cryptonote::block_complete_entry> &blocks, std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> &o_indices, bool &error);
+ void process_blocks(uint64_t start_height, const std::list<cryptonote::block_complete_entry> &blocks, const std::vector<cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices> &o_indices, uint64_t& blocks_added);
uint64_t select_transfers(uint64_t needed_money, std::vector<size_t> unused_transfers_indices, std::list<transfer_container::iterator>& selected_transfers, bool trusted_daemon);
bool prepare_file_names(const std::string& file_path);
void process_unconfirmed(const cryptonote::transaction& tx, uint64_t height);
void process_outgoing(const cryptonote::transaction& tx, uint64_t height, uint64_t ts, uint64_t spent, uint64_t received);
- void add_unconfirmed_tx(const cryptonote::transaction& tx, const std::vector<cryptonote::tx_destination_entry> &dests, const crypto::hash &payment_id, uint64_t change_amount);
+ void add_unconfirmed_tx(const cryptonote::transaction& tx, uint64_t amount_in, const std::vector<cryptonote::tx_destination_entry> &dests, const crypto::hash &payment_id, uint64_t change_amount);
void generate_genesis(cryptonote::block& b);
void check_genesis(const crypto::hash& genesis_hash) const; //throws
bool generate_chacha8_key_from_secret_keys(crypto::chacha8_key &key) const;
crypto::hash get_payment_id(const pending_tx &ptx) const;
- void check_acc_out(const cryptonote::account_keys &acc, const cryptonote::tx_out &o, const crypto::public_key &tx_pub_key, size_t i, uint64_t &money_transfered, bool &error) const;
+ void check_acc_out(const cryptonote::account_keys &acc, const cryptonote::tx_out &o, const crypto::public_key &tx_pub_key, size_t i, bool &received, uint64_t &money_transfered, bool &error) const;
void parse_block_round(const cryptonote::blobdata &blob, cryptonote::block &bl, crypto::hash &bl_id, bool &error) const;
uint64_t get_upper_tranaction_size_limit();
std::vector<uint64_t> get_unspent_amounts_vector();
uint64_t sanitize_fee_multiplier(uint64_t fee_multiplier) const;
+ float get_output_relatedness(const transfer_details &td0, const transfer_details &td1) const;
+ std::vector<size_t> pick_prefered_rct_inputs(uint64_t needed_money) const;
+ void set_spent(transfer_details &td, uint64_t height);
+ void set_unspent(transfer_details &td);
+ template<typename entry>
+ void get_outs(std::vector<std::vector<entry>> &outs, const std::list<transfer_container::iterator> &selected_transfers, size_t fake_outputs_count);
cryptonote::account_base m_account;
std::string m_daemon_address;
@@ -478,9 +504,10 @@ namespace tools
uint64_t m_refresh_from_block_height;
};
}
-BOOST_CLASS_VERSION(tools::wallet2, 13)
+BOOST_CLASS_VERSION(tools::wallet2, 14)
+BOOST_CLASS_VERSION(tools::wallet2::transfer_details, 4)
BOOST_CLASS_VERSION(tools::wallet2::payment_details, 1)
-BOOST_CLASS_VERSION(tools::wallet2::unconfirmed_transfer_details, 3)
+BOOST_CLASS_VERSION(tools::wallet2::unconfirmed_transfer_details, 5)
BOOST_CLASS_VERSION(tools::wallet2::confirmed_transfer_details, 2)
namespace boost
@@ -488,14 +515,72 @@ namespace boost
namespace serialization
{
template <class Archive>
+ inline void initialize_transfer_details(Archive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver)
+ {
+ }
+ template<>
+ inline void initialize_transfer_details(boost::archive::binary_iarchive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver)
+ {
+ if (ver < 1)
+ {
+ x.m_mask = rct::identity();
+ x.m_amount = x.m_tx.vout[x.m_internal_output_index].amount;
+ }
+ if (ver < 2)
+ {
+ x.m_spent_height = 0;
+ }
+ if (ver < 4)
+ {
+ x.m_rct = x.m_tx.vout[x.m_internal_output_index].amount == 0;
+ }
+ }
+
+ template <class Archive>
inline void serialize(Archive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver)
{
a & x.m_block_height;
a & x.m_global_output_index;
a & x.m_internal_output_index;
- a & x.m_tx;
+ if (ver < 3)
+ {
+ cryptonote::transaction tx;
+ a & tx;
+ x.m_tx = (const cryptonote::transaction_prefix&)tx;
+ x.m_txid = cryptonote::get_transaction_hash(tx);
+ }
+ else
+ {
+ a & x.m_tx;
+ }
a & x.m_spent;
a & x.m_key_image;
+ if (ver < 1)
+ {
+ // ensure mask and amount are set
+ initialize_transfer_details(a, x, ver);
+ return;
+ }
+ a & x.m_mask;
+ a & x.m_amount;
+ if (ver < 2)
+ {
+ initialize_transfer_details(a, x, ver);
+ return;
+ }
+ a & x.m_spent_height;
+ if (ver < 3)
+ {
+ initialize_transfer_details(a, x, ver);
+ return;
+ }
+ a & x.m_txid;
+ if (ver < 4)
+ {
+ initialize_transfer_details(a, x, ver);
+ return;
+ }
+ a & x.m_rct;
}
template <class Archive>
@@ -503,7 +588,16 @@ namespace boost
{
a & x.m_change;
a & x.m_sent_time;
- a & x.m_tx;
+ if (ver < 5)
+ {
+ cryptonote::transaction tx;
+ a & tx;
+ x.m_tx = (const cryptonote::transaction_prefix&)tx;
+ }
+ else
+ {
+ a & x.m_tx;
+ }
if (ver < 1)
return;
a & x.m_dests;
@@ -514,6 +608,10 @@ namespace boost
if (ver < 3)
return;
a & x.m_timestamp;
+ if (ver < 4)
+ return;
+ a & x.m_amount_in;
+ a & x.m_amount_out;
}
template <class Archive>
@@ -688,6 +786,7 @@ namespace tools
cryptonote::tx_source_entry& src = sources.back();
transfer_details& td = *it;
src.amount = td.amount();
+ src.rct = false;
//paste mixin transaction
if(daemon_resp.outs.size())
{
@@ -698,7 +797,8 @@ namespace tools
continue;
tx_output_entry oe;
oe.first = daemon_oe.global_amount_index;
- oe.second = daemon_oe.out_key;
+ oe.second.dest = rct::pk2rct(daemon_oe.out_key);
+ oe.second.mask = rct::identity();
src.outputs.push_back(oe);
if(src.outputs.size() >= fake_outputs_count)
break;
@@ -713,7 +813,8 @@ namespace tools
//size_t real_index = src.outputs.size() ? (rand() % src.outputs.size() ):0;
tx_output_entry real_oe;
real_oe.first = td.m_global_output_index;
- real_oe.second = boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key;
+ real_oe.second.dest = rct::pk2rct(boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key);
+ real_oe.second.mask = rct::identity();
auto interted_it = src.outputs.insert(it_to_insert, real_oe);
src.real_out_tx_key = get_tx_pub_key_from_extra(td.m_tx);
src.real_output = interted_it - src.outputs.begin();
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index debd7056a..4c190b005 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -235,11 +235,11 @@ namespace tools
try
{
uint64_t mixin = req.mixin;
- if (mixin < 2 && m_wallet.use_fork_rules(2)) {
+ if (mixin < 2 && m_wallet.use_fork_rules(2, 10)) {
LOG_PRINT_L1("Requested mixin " << req.mixin << " too low for hard fork 2, using 2");
mixin = 2;
}
- std::vector<wallet2::pending_tx> ptx_vector = m_wallet.create_transactions(dsts, mixin, req.unlock_time, req.fee_multiplier, extra, req.trusted_daemon);
+ std::vector<wallet2::pending_tx> ptx_vector = m_wallet.create_transactions_2(dsts, mixin, req.unlock_time, req.fee_multiplier, extra, req.trusted_daemon);
// reject proposed transactions if there are more than one. see on_transfer_split below.
if (ptx_vector.size() != 1)
@@ -254,7 +254,9 @@ namespace tools
// populate response with tx hash
res.tx_hash = epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(ptx_vector.back().tx));
if (req.get_tx_key)
+ {
res.tx_key = epee::string_tools::pod_to_hex(ptx_vector.back().tx_key);
+ }
return true;
}
catch (const tools::error::daemon_busy& e)
@@ -300,15 +302,12 @@ namespace tools
try
{
uint64_t mixin = req.mixin;
- if (mixin < 2 && m_wallet.use_fork_rules(2)) {
+ if (mixin < 2 && m_wallet.use_fork_rules(2, 10)) {
LOG_PRINT_L1("Requested mixin " << req.mixin << " too low for hard fork 2, using 2");
mixin = 2;
}
std::vector<wallet2::pending_tx> ptx_vector;
- if (req.new_algorithm)
- ptx_vector = m_wallet.create_transactions_2(dsts, mixin, req.unlock_time, req.fee_multiplier, extra, req.trusted_daemon);
- else
- ptx_vector = m_wallet.create_transactions(dsts, mixin, req.unlock_time, req.fee_multiplier, extra, req.trusted_daemon);
+ ptx_vector = m_wallet.create_transactions_2(dsts, mixin, req.unlock_time, req.fee_multiplier, extra, req.trusted_daemon);
m_wallet.commit_tx(ptx_vector);
@@ -317,7 +316,9 @@ namespace tools
{
res.tx_hash_list.push_back(epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(ptx.tx)));
if (req.get_tx_keys)
+ {
res.tx_key_list.push_back(epee::string_tools::pod_to_hex(ptx.tx_key));
+ }
}
return true;
@@ -363,7 +364,9 @@ namespace tools
{
res.tx_hash_list.push_back(epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(ptx.tx)));
if (req.get_tx_keys)
+ {
res.tx_key_list.push_back(epee::string_tools::pod_to_hex(ptx.tx_key));
+ }
}
return true;
@@ -422,7 +425,9 @@ namespace tools
{
res.tx_hash_list.push_back(epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(ptx.tx)));
if (req.get_tx_keys)
+ {
res.tx_key_list.push_back(epee::string_tools::pod_to_hex(ptx.tx_key));
+ }
}
return true;
@@ -693,7 +698,7 @@ namespace tools
rpc_transfers.amount = td.amount();
rpc_transfers.spent = td.m_spent;
rpc_transfers.global_index = td.m_global_output_index;
- rpc_transfers.tx_hash = epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(td.m_tx));
+ rpc_transfers.tx_hash = epee::string_tools::pod_to_hex(td.m_txid);
rpc_transfers.tx_size = txBlob.size();
res.transfers.push_back(rpc_transfers);
}
@@ -961,10 +966,8 @@ namespace tools
entry.payment_id = entry.payment_id.substr(0,16);
entry.height = 0;
entry.timestamp = pd.m_timestamp;
- uint64_t amount = 0;
- cryptonote::get_inputs_money_amount(pd.m_tx, amount);
- entry.fee = amount - get_outs_money_amount(pd.m_tx);
- entry.amount = amount - pd.m_change - entry.fee;
+ entry.fee = pd.m_amount_in - pd.m_amount_out;
+ entry.amount = pd.m_amount_in - pd.m_change - entry.fee;
entry.note = m_wallet.get_tx_note(i->first);
}
}
diff --git a/src/wallet/wallet_rpc_server_commands_defs.h b/src/wallet/wallet_rpc_server_commands_defs.h
index d7f01d9ee..27b897dab 100644
--- a/src/wallet/wallet_rpc_server_commands_defs.h
+++ b/src/wallet/wallet_rpc_server_commands_defs.h
@@ -132,10 +132,12 @@ namespace wallet_rpc
{
std::string tx_hash;
std::string tx_key;
+ std::list<std::string> amount_keys;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(tx_hash)
KV_SERIALIZE(tx_key)
+ KV_SERIALIZE(amount_keys)
END_KV_SERIALIZE_MAP()
};
};
@@ -149,7 +151,6 @@ namespace wallet_rpc
uint64_t mixin;
uint64_t unlock_time;
std::string payment_id;
- bool new_algorithm;
bool get_tx_keys;
bool trusted_daemon;
@@ -159,12 +160,20 @@ namespace wallet_rpc
KV_SERIALIZE(mixin)
KV_SERIALIZE(unlock_time)
KV_SERIALIZE(payment_id)
- KV_SERIALIZE(new_algorithm)
KV_SERIALIZE(get_tx_keys)
KV_SERIALIZE(trusted_daemon)
END_KV_SERIALIZE_MAP()
};
+ struct key_list
+ {
+ std::list<std::string> keys;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(keys)
+ END_KV_SERIALIZE_MAP()
+ };
+
struct response
{
std::list<std::string> tx_hash_list;
@@ -190,6 +199,15 @@ namespace wallet_rpc
END_KV_SERIALIZE_MAP()
};
+ struct key_list
+ {
+ std::list<std::string> keys;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(keys)
+ END_KV_SERIALIZE_MAP()
+ };
+
struct response
{
std::list<std::string> tx_hash_list;
@@ -225,6 +243,15 @@ namespace wallet_rpc
END_KV_SERIALIZE_MAP()
};
+ struct key_list
+ {
+ std::list<std::string> keys;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(keys)
+ END_KV_SERIALIZE_MAP()
+ };
+
struct response
{
std::list<std::string> tx_hash_list;
diff --git a/tests/core_proxy/core_proxy.h b/tests/core_proxy/core_proxy.h
index 0315fc8c8..0f6d6571e 100644
--- a/tests/core_proxy/core_proxy.h
+++ b/tests/core_proxy/core_proxy.h
@@ -34,7 +34,6 @@
#include "cryptonote_core/cryptonote_basic_impl.h"
#include "cryptonote_core/verification_context.h"
-#include "cryptonote_core/blockchain_storage.h"
#include <unordered_map>
namespace tests
@@ -82,7 +81,7 @@ namespace tests
bool on_idle(){return true;}
bool find_blockchain_supplement(const std::list<crypto::hash>& qblock_ids, cryptonote::NOTIFY_RESPONSE_CHAIN_ENTRY::request& resp){return true;}
bool handle_get_objects(cryptonote::NOTIFY_REQUEST_GET_OBJECTS::request& arg, cryptonote::NOTIFY_RESPONSE_GET_OBJECTS::request& rsp, cryptonote::cryptonote_connection_context& context){return true;}
- cryptonote::blockchain_storage &get_blockchain_storage() { throw std::runtime_error("Called invalid member function: please never call get_blockchain_storage on the TESTING class proxy_core."); }
+ cryptonote::Blockchain &get_blockchain_storage() { throw std::runtime_error("Called invalid member function: please never call get_blockchain_storage on the TESTING class proxy_core."); }
bool get_test_drop_download() {return true;}
bool get_test_drop_download_height() {return true;}
bool prepare_handle_incoming_blocks(const std::list<cryptonote::block_complete_entry> &blocks) { return true; }
diff --git a/tests/core_tests/CMakeLists.txt b/tests/core_tests/CMakeLists.txt
index c34039c17..6f07fbd25 100644
--- a/tests/core_tests/CMakeLists.txt
+++ b/tests/core_tests/CMakeLists.txt
@@ -39,7 +39,8 @@ set(core_tests_sources
ring_signature_1.cpp
transaction_tests.cpp
tx_validation.cpp
- v2_tests.cpp)
+ v2_tests.cpp
+ rct.cpp)
set(core_tests_headers
block_reward.h
@@ -54,7 +55,8 @@ set(core_tests_headers
ring_signature_1.h
transaction_tests.h
tx_validation.h
- v2_tests.h)
+ v2_tests.h
+ rct.h)
add_executable(coretests
${core_tests_sources}
diff --git a/tests/core_tests/block_validation.cpp b/tests/core_tests/block_validation.cpp
index bce0980bf..df8972556 100644
--- a/tests/core_tests/block_validation.cpp
+++ b/tests/core_tests/block_validation.cpp
@@ -335,8 +335,9 @@ bool gen_block_miner_tx_has_2_in::generate(std::vector<test_event_entry>& events
tx_source_entry se;
se.amount = blk_0.miner_tx.vout[0].amount;
- se.outputs.push_back(std::make_pair(0, boost::get<txout_to_key>(blk_0.miner_tx.vout[0].target).key));
+ se.push_output(0, boost::get<txout_to_key>(blk_0.miner_tx.vout[0].target).key, se.amount);
se.real_output = 0;
+ se.rct = false;
se.real_out_tx_key = get_tx_pub_key_from_extra(blk_0.miner_tx);
se.real_output_in_tx_index = 0;
std::vector<tx_source_entry> sources;
@@ -377,8 +378,9 @@ bool gen_block_miner_tx_with_txin_to_key::generate(std::vector<test_event_entry>
tx_source_entry se;
se.amount = blk_1.miner_tx.vout[0].amount;
- se.outputs.push_back(std::make_pair(0, boost::get<txout_to_key>(blk_1.miner_tx.vout[0].target).key));
+ se.push_output(0, boost::get<txout_to_key>(blk_1.miner_tx.vout[0].target).key, se.amount);
se.real_output = 0;
+ se.rct = false;
se.real_out_tx_key = get_tx_pub_key_from_extra(blk_1.miner_tx);
se.real_output_in_tx_index = 0;
std::vector<tx_source_entry> sources;
diff --git a/tests/core_tests/chaingen.cpp b/tests/core_tests/chaingen.cpp
index efd0bf1ea..4cb70e745 100644
--- a/tests/core_tests/chaingen.cpp
+++ b/tests/core_tests/chaingen.cpp
@@ -94,11 +94,11 @@ uint64_t test_generator::get_already_generated_coins(const cryptonote::block& bl
return get_already_generated_coins(blk_hash);
}
-void test_generator::add_block(const cryptonote::block& blk, size_t tsx_size, std::vector<size_t>& block_sizes, uint64_t already_generated_coins)
+void test_generator::add_block(const cryptonote::block& blk, size_t tsx_size, std::vector<size_t>& block_sizes, uint64_t already_generated_coins, uint8_t hf_version)
{
const size_t block_size = tsx_size + get_object_blobsize(blk.miner_tx);
uint64_t block_reward;
- get_block_reward(misc_utils::median(block_sizes), block_size, already_generated_coins, block_reward, 1);
+ get_block_reward(misc_utils::median(block_sizes), block_size, already_generated_coins, block_reward, hf_version);
m_blocks_info[get_block_hash(blk)] = block_info(blk.prev_id, already_generated_coins + block_reward, block_size);
}
@@ -215,7 +215,7 @@ bool test_generator::construct_block_manually(block& blk, const block& prev_bloc
const crypto::hash& prev_id/* = crypto::hash()*/, const difficulty_type& diffic/* = 1*/,
const transaction& miner_tx/* = transaction()*/,
const std::vector<crypto::hash>& tx_hashes/* = std::vector<crypto::hash>()*/,
- size_t txs_sizes/* = 0*/, size_t max_outs/* = 0*/)
+ size_t txs_sizes/* = 0*/, size_t max_outs/* = 0*/, uint8_t hf_version/* = 1*/)
{
blk.major_version = actual_params & bf_major_ver ? major_ver : CURRENT_BLOCK_MAJOR_VERSION;
blk.minor_version = actual_params & bf_minor_ver ? minor_ver : CURRENT_BLOCK_MINOR_VERSION;
@@ -223,6 +223,7 @@ bool test_generator::construct_block_manually(block& blk, const block& prev_bloc
blk.prev_id = actual_params & bf_prev_id ? prev_id : get_block_hash(prev_block);
blk.tx_hashes = actual_params & bf_tx_hashes ? tx_hashes : std::vector<crypto::hash>();
max_outs = actual_params & bf_max_outs ? max_outs : 9999;
+ hf_version = actual_params & bf_hf_version ? hf_version : 1;
size_t height = get_block_height(prev_block) + 1;
uint64_t already_generated_coins = get_already_generated_coins(prev_block);
@@ -236,7 +237,7 @@ bool test_generator::construct_block_manually(block& blk, const block& prev_bloc
{
size_t current_block_size = txs_sizes + get_object_blobsize(blk.miner_tx);
// TODO: This will work, until size of constructed block is less then CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE
- if (!construct_miner_tx(height, misc_utils::median(block_sizes), already_generated_coins, current_block_size, 0, miner_acc.get_keys().m_account_address, blk.miner_tx, blobdata(), max_outs))
+ if (!construct_miner_tx(height, misc_utils::median(block_sizes), already_generated_coins, current_block_size, 0, miner_acc.get_keys().m_account_address, blk.miner_tx, blobdata(), max_outs, hf_version))
return false;
}
@@ -245,7 +246,7 @@ bool test_generator::construct_block_manually(block& blk, const block& prev_bloc
difficulty_type a_diffic = actual_params & bf_diffic ? diffic : get_test_difficulty();
fill_nonce(blk, a_diffic, height);
- add_block(blk, txs_sizes, block_sizes, already_generated_coins);
+ add_block(blk, txs_sizes, block_sizes, already_generated_coins, hf_version);
return true;
}
@@ -412,7 +413,7 @@ bool fill_output_entries(std::vector<output_index>& out_indices, size_t sender_o
if (append)
{
const txout_to_key& otk = boost::get<txout_to_key>(oi.out);
- output_entries.push_back(tx_source_entry::output_entry(oi.idx, otk.key));
+ output_entries.push_back(tx_source_entry::output_entry(oi.idx, rct::ctkey({rct::pk2rct(otk.key), rct::identity()})));
}
}
@@ -457,6 +458,7 @@ bool fill_tx_sources(std::vector<tx_source_entry>& sources, const std::vector<te
continue;
ts.real_output = realOutput;
+ ts.rct = false;
sources.push_back(ts);
@@ -544,7 +546,7 @@ bool construct_miner_tx_manually(size_t height, uint64_t already_generated_coins
out.target = txout_to_key(out_eph_public_key);
tx.vout.push_back(out);
- tx.version = CURRENT_TRANSACTION_VERSION;
+ tx.version = 1;
tx.unlock_time = height + CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW;
return true;
diff --git a/tests/core_tests/chaingen.h b/tests/core_tests/chaingen.h
index 0e5dbb0e4..047d2c81c 100644
--- a/tests/core_tests/chaingen.h
+++ b/tests/core_tests/chaingen.h
@@ -221,7 +221,8 @@ public:
bf_miner_tx = 1 << 4,
bf_tx_hashes = 1 << 5,
bf_diffic = 1 << 6,
- bf_max_outs = 1 << 7
+ bf_max_outs = 1 << 7,
+ bf_hf_version= 1 << 8
};
void get_block_chain(std::vector<block_info>& blockchain, const crypto::hash& head, size_t n) const;
@@ -229,7 +230,8 @@ public:
uint64_t get_already_generated_coins(const crypto::hash& blk_id) const;
uint64_t get_already_generated_coins(const cryptonote::block& blk) const;
- void add_block(const cryptonote::block& blk, size_t tsx_size, std::vector<size_t>& block_sizes, uint64_t already_generated_coins);
+ void add_block(const cryptonote::block& blk, size_t tsx_size, std::vector<size_t>& block_sizes, uint64_t already_generated_coins,
+ uint8_t hf_version = 1);
bool construct_block(cryptonote::block& blk, uint64_t height, const crypto::hash& prev_id,
const cryptonote::account_base& miner_acc, uint64_t timestamp, uint64_t already_generated_coins,
std::vector<size_t>& block_sizes, const std::list<cryptonote::transaction>& tx_list);
@@ -241,7 +243,8 @@ public:
const cryptonote::account_base& miner_acc, int actual_params = bf_none, uint8_t major_ver = 0,
uint8_t minor_ver = 0, uint64_t timestamp = 0, const crypto::hash& prev_id = crypto::hash(),
const cryptonote::difficulty_type& diffic = 1, const cryptonote::transaction& miner_tx = cryptonote::transaction(),
- const std::vector<crypto::hash>& tx_hashes = std::vector<crypto::hash>(), size_t txs_sizes = 0, size_t max_outs = 999);
+ const std::vector<crypto::hash>& tx_hashes = std::vector<crypto::hash>(), size_t txs_sizes = 0, size_t max_outs = 999,
+ uint8_t hf_version = 1);
bool construct_block_manually_tx(cryptonote::block& blk, const cryptonote::block& prev_block,
const cryptonote::account_base& miner_acc, const std::vector<crypto::hash>& tx_hashes, size_t txs_size);
@@ -472,11 +475,11 @@ inline bool replay_events_through_core(cryptonote::core& cr, const std::vector<t
//--------------------------------------------------------------------------
template<typename t_test_class>
struct get_test_options {
- const std::pair<uint8_t, uint64_t> hard_forks[1];
+ const std::pair<uint8_t, uint64_t> hard_forks[2];
const cryptonote::test_options test_options = {
hard_forks
};
- get_test_options():hard_forks{std::make_pair((uint8_t)1, (uint64_t)0)}{}
+ get_test_options():hard_forks{std::make_pair((uint8_t)1, (uint64_t)0), std::make_pair((uint8_t)0, (uint64_t)0)}{}
};
//--------------------------------------------------------------------------
diff --git a/tests/core_tests/chaingen_main.cpp b/tests/core_tests/chaingen_main.cpp
index e20f7a152..09cdb9227 100644
--- a/tests/core_tests/chaingen_main.cpp
+++ b/tests/core_tests/chaingen_main.cpp
@@ -173,6 +173,35 @@ int main(int argc, char* argv[])
// GENERATE_AND_PLAY(gen_v2_tx_unmixable_two);
GENERATE_AND_PLAY(gen_v2_tx_dust);
+ GENERATE_AND_PLAY(gen_rct_tx_valid_from_pre_rct);
+ GENERATE_AND_PLAY(gen_rct_tx_valid_from_rct);
+ GENERATE_AND_PLAY(gen_rct_tx_valid_from_mixed);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_bad_real_dest);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_bad_real_mask);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_bad_fake_dest);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_bad_fake_mask);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_bad_real_dest);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_bad_real_mask);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_bad_fake_dest);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_bad_fake_mask);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_spend_with_zero_commit);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_zero_vin_amount);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_non_zero_vin_amount);
+ GENERATE_AND_PLAY(gen_rct_tx_non_zero_vout_amount);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_duplicate_key_image);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_duplicate_key_image);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_wrong_key_image);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_wrong_key_image);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_wrong_fee);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_wrong_fee);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_remove_vin);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_remove_vin);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_add_vout);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_add_vout);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_increase_vin_and_fee);
+ GENERATE_AND_PLAY(gen_rct_tx_pre_rct_altered_extra);
+ GENERATE_AND_PLAY(gen_rct_tx_rct_altered_extra);
+
std::cout << (failed_tests.empty() ? concolor::green : concolor::magenta);
std::cout << "\nREPORT:\n";
std::cout << " Test run: " << tests_count << '\n';
diff --git a/tests/core_tests/chaingen_tests_list.h b/tests/core_tests/chaingen_tests_list.h
index 4da87a973..1b9ebd756 100644
--- a/tests/core_tests/chaingen_tests_list.h
+++ b/tests/core_tests/chaingen_tests_list.h
@@ -40,6 +40,7 @@
#include "ring_signature_1.h"
#include "tx_validation.h"
#include "v2_tests.h"
+#include "rct.h"
/************************************************************************/
/* */
/************************************************************************/
diff --git a/tests/core_tests/double_spend.inl b/tests/core_tests/double_spend.inl
index 55e5f4ec9..f97d48851 100644
--- a/tests/core_tests/double_spend.inl
+++ b/tests/core_tests/double_spend.inl
@@ -128,8 +128,9 @@ bool gen_double_spend_in_tx<txs_keeped_by_block>::generate(std::vector<test_even
std::vector<cryptonote::tx_source_entry> sources;
cryptonote::tx_source_entry se;
se.amount = tx_0.vout[0].amount;
- se.outputs.push_back(std::make_pair(0, boost::get<cryptonote::txout_to_key>(tx_0.vout[0].target).key));
+ se.push_output(0, boost::get<cryptonote::txout_to_key>(tx_0.vout[0].target).key, se.amount);
se.real_output = 0;
+ se.rct = false;
se.real_out_tx_key = get_tx_pub_key_from_extra(tx_0);
se.real_output_in_tx_index = 0;
sources.push_back(se);
diff --git a/tests/core_tests/integer_overflow.cpp b/tests/core_tests/integer_overflow.cpp
index 55a55b7d8..936f29675 100644
--- a/tests/core_tests/integer_overflow.cpp
+++ b/tests/core_tests/integer_overflow.cpp
@@ -61,8 +61,9 @@ namespace
{
cryptonote::tx_source_entry se;
se.amount = tx.vout[out_idx].amount;
- se.outputs.push_back(std::make_pair(0, boost::get<cryptonote::txout_to_key>(tx.vout[out_idx].target).key));
+ se.push_output(0, boost::get<cryptonote::txout_to_key>(tx.vout[out_idx].target).key, se.amount);
se.real_output = 0;
+ se.rct = false;
se.real_out_tx_key = get_tx_pub_key_from_extra(tx);
se.real_output_in_tx_index = out_idx;
diff --git a/tests/core_tests/rct.cpp b/tests/core_tests/rct.cpp
new file mode 100644
index 000000000..c29854888
--- /dev/null
+++ b/tests/core_tests/rct.cpp
@@ -0,0 +1,499 @@
+// Copyright (c) 2014-2016, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#include "ringct/rctSigs.h"
+#include "chaingen.h"
+#include "chaingen_tests_list.h"
+
+using namespace epee;
+using namespace crypto;
+using namespace cryptonote;
+
+//----------------------------------------------------------------------------------------------------------------------
+// Tests
+
+bool gen_rct_tx_validation_base::generate_with(std::vector<test_event_entry>& events,
+ const int *out_idx, int mixin, uint64_t amount_paid, bool valid,
+ const std::function<void(std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations)> &pre_tx,
+ const std::function<void(transaction &tx)> &post_tx) const
+{
+ uint64_t ts_start = 1338224400;
+
+ GENERATE_ACCOUNT(miner_account);
+ MAKE_GENESIS_BLOCK(events, blk_0, miner_account, ts_start);
+
+ // create 4 miner accounts, and have them mine the next 4 blocks
+ cryptonote::account_base miner_accounts[4];
+ const cryptonote::block *prev_block = &blk_0;
+ cryptonote::block blocks[4];
+ for (size_t n = 0; n < 4; ++n) {
+ miner_accounts[n].generate();
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blocks[n], *prev_block, miner_accounts[n],
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_hf_version,
+ 2, 2, prev_block->timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), std::vector<crypto::hash>(), 0, 0, 2),
+ false, "Failed to generate block");
+ events.push_back(blocks[n]);
+ prev_block = blocks + n;
+ LOG_PRINT_L0("Initial miner tx " << n << ": " << obj_to_json_str(blocks[n].miner_tx));
+ }
+
+ // rewind
+ cryptonote::block blk_r, blk_last;
+ {
+ blk_last = blocks[3];
+ for (size_t i = 0; i < CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW; ++i)
+ {
+ cryptonote::block blk;
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blk, blk_last, miner_account,
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_hf_version,
+ 2, 2, blk_last.timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), std::vector<crypto::hash>(), 0, 0, 2),
+ false, "Failed to generate block");
+ events.push_back(blk);
+ blk_last = blk;
+ }
+ blk_r = blk_last;
+ }
+
+ // create 4 txes from these miners in another block, to generate some rct outputs
+ transaction rct_txes[4];
+ rct::key rct_tx_masks[16];
+ cryptonote::block blk_txes[4];
+ for (size_t n = 0; n < 4; ++n)
+ {
+ std::vector<crypto::hash> starting_rct_tx_hashes;
+ std::vector<tx_source_entry> sources;
+
+ sources.resize(1);
+ tx_source_entry& src = sources.back();
+
+ const size_t index_in_tx = 5;
+ src.amount = 30000000000000;
+ for (int m = 0; m < 4; ++m) {
+ src.push_output(m, boost::get<txout_to_key>(blocks[m].miner_tx.vout[index_in_tx].target).key, src.amount);
+ }
+ src.real_out_tx_key = cryptonote::get_tx_pub_key_from_extra(blocks[n].miner_tx);
+ src.real_output = n;
+ src.real_output_in_tx_index = index_in_tx;
+ src.mask = rct::identity();
+ src.rct = false;
+
+ //fill outputs entry
+ tx_destination_entry td;
+ td.addr = miner_accounts[n].get_keys().m_account_address;
+ td.amount = 7390000000000;
+ std::vector<tx_destination_entry> destinations;
+ destinations.push_back(td);
+ destinations.push_back(td);
+ destinations.push_back(td);
+ destinations.push_back(td); // 30 -> 7.39 * 4
+
+ crypto::secret_key tx_key;
+ bool r = construct_tx_and_get_tx_key(miner_accounts[n].get_keys(), sources, destinations, std::vector<uint8_t>(), rct_txes[n], 0, tx_key, true);
+ CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction");
+ events.push_back(rct_txes[n]);
+ starting_rct_tx_hashes.push_back(get_transaction_hash(rct_txes[n]));
+
+ for (size_t o = 0; o < 4; ++o)
+ {
+ crypto::key_derivation derivation;
+ bool r = crypto::generate_key_derivation(destinations[o].addr.m_view_public_key, tx_key, derivation);
+ CHECK_AND_ASSERT_MES(r, false, "Failed to generate key derivation");
+ crypto::secret_key amount_key;
+ crypto::derivation_to_scalar(derivation, o, amount_key);
+ if (rct_txes[n].rct_signatures.type == rct::RCTTypeSimple)
+ rct::decodeRctSimple(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4]);
+ else
+ rct::decodeRct(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4]);
+ }
+
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blk_txes[n], blk_last, miner_account,
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_tx_hashes | test_generator::bf_hf_version | test_generator::bf_max_outs,
+ 4, 4, blk_last.timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), starting_rct_tx_hashes, 0, 6, 4),
+ false, "Failed to generate block");
+ events.push_back(blk_txes[n]);
+ blk_last = blk_txes[n];
+ }
+
+ // rewind
+ {
+ for (size_t i = 0; i < CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW; ++i)
+ {
+ cryptonote::block blk;
+ CHECK_AND_ASSERT_MES(generator.construct_block_manually(blk, blk_last, miner_account,
+ test_generator::bf_major_ver | test_generator::bf_minor_ver | test_generator::bf_timestamp | test_generator::bf_hf_version | test_generator::bf_max_outs,
+ 4, 4, blk_last.timestamp + DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN * 2, // v2 has blocks twice as long
+ crypto::hash(), 0, transaction(), std::vector<crypto::hash>(), 0, 6, 4),
+ false, "Failed to generate block");
+ events.push_back(blk);
+ blk_last = blk;
+ }
+ blk_r = blk_last;
+ }
+
+ // create a tx from the requested ouputs
+ std::vector<tx_source_entry> sources;
+ size_t global_rct_idx = 6; // skip first coinbase (6 outputs)
+ size_t rct_idx = 0;
+ size_t pre_rct_idx = 0;
+ for (size_t out_idx_idx = 0; out_idx[out_idx_idx] >= 0; ++out_idx_idx) {
+ sources.resize(sources.size()+1);
+ tx_source_entry& src = sources.back();
+
+ src.real_output = 0;
+ if (out_idx[out_idx_idx]) {
+ // rct
+ src.amount = 7390000000000;
+ src.real_out_tx_key = get_tx_pub_key_from_extra(rct_txes[rct_idx/4]);
+ src.real_output_in_tx_index = rct_idx&3;
+ src.mask = rct_tx_masks[rct_idx];
+ src.rct = true;
+ for (int m = 0; m <= mixin; ++m) {
+ rct::ctkey ctkey;
+ ctkey.dest = rct::pk2rct(boost::get<txout_to_key>(rct_txes[rct_idx/4].vout[rct_idx&3].target).key);
+ ctkey.mask = rct_txes[rct_idx/4].rct_signatures.outPk[rct_idx&3].mask;
+ src.outputs.push_back(std::make_pair(global_rct_idx, ctkey));
+ ++rct_idx;
+ ++global_rct_idx;
+ if (global_rct_idx % 10 == 0)
+ global_rct_idx += 6; // skip the coinbase
+ }
+ }
+ else
+ {
+ // pre rct
+ src.amount = 5000000000000;
+ src.real_out_tx_key = cryptonote::get_tx_pub_key_from_extra(blocks[pre_rct_idx].miner_tx);
+ src.real_output_in_tx_index = 4;
+ src.mask = rct::identity();
+ src.rct = false;
+ for (int m = 0; m <= mixin; ++m) {
+ src.push_output(m, boost::get<txout_to_key>(blocks[pre_rct_idx].miner_tx.vout[4].target).key, src.amount);
+ ++pre_rct_idx;
+ }
+ }
+ }
+
+ //fill outputs entry
+ tx_destination_entry td;
+ td.addr = miner_account.get_keys().m_account_address;
+ td.amount = amount_paid;
+ std::vector<tx_destination_entry> destinations;
+ destinations.push_back(td);
+
+ if (pre_tx)
+ pre_tx(sources, destinations);
+
+ transaction tx;
+ crypto::secret_key tx_key;
+ bool r = construct_tx_and_get_tx_key(miner_accounts[0].get_keys(), sources, destinations, std::vector<uint8_t>(), tx, 0, tx_key, true);
+ CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction");
+
+ if (post_tx)
+ post_tx(tx);
+
+ if (!valid)
+ DO_CALLBACK(events, "mark_invalid_tx");
+ events.push_back(tx);
+ LOG_PRINT_L0("Test tx: " << obj_to_json_str(tx));
+
+ return true;
+}
+
+bool gen_rct_tx_valid_from_pre_rct::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, true, NULL, NULL);
+}
+
+bool gen_rct_tx_valid_from_rct::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, true, NULL, NULL);
+}
+
+bool gen_rct_tx_valid_from_mixed::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, 0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, true, NULL, NULL);
+}
+
+bool gen_rct_tx_pre_rct_bad_real_dest::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ bool tx_creation_succeeded = false;
+ // in the case, the tx will fail to create, due to mismatched sk/pk
+ bool ret = generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {rct::key sk; rct::skpkGen(sk, sources[0].outputs[0].second.dest);},
+ [&tx_creation_succeeded](const transaction &tx){tx_creation_succeeded=true;});
+ return !ret && !tx_creation_succeeded;
+}
+
+bool gen_rct_tx_pre_rct_bad_real_mask::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {sources[0].outputs[0].second.mask = rct::zeroCommit(99999);},
+ NULL);
+}
+
+bool gen_rct_tx_pre_rct_bad_fake_dest::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {rct::key sk; rct::skpkGen(sk, sources[0].outputs[1].second.dest);},
+ NULL);
+}
+
+bool gen_rct_tx_pre_rct_bad_fake_mask::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {sources[0].outputs[1].second.mask = rct::zeroCommit(99999);},
+ NULL);
+}
+
+bool gen_rct_tx_rct_bad_real_dest::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ bool tx_creation_succeeded = false;
+ // in the case, the tx will fail to create, due to mismatched sk/pk
+ bool ret = generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {rct::key sk; rct::skpkGen(sk, sources[0].outputs[0].second.dest);},
+ [&tx_creation_succeeded](const transaction &tx){tx_creation_succeeded=true;});
+ return !ret && !tx_creation_succeeded;
+}
+
+bool gen_rct_tx_rct_bad_real_mask::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {sources[0].outputs[0].second.mask = rct::zeroCommit(99999);},
+ NULL);
+}
+
+bool gen_rct_tx_rct_bad_fake_dest::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {rct::key sk; rct::skpkGen(sk, sources[0].outputs[1].second.dest);},
+ NULL);
+}
+
+bool gen_rct_tx_rct_bad_fake_mask::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {sources[0].outputs[1].second.mask = rct::zeroCommit(99999);},
+ NULL);
+}
+
+bool gen_rct_tx_rct_spend_with_zero_commit::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ [](std::vector<tx_source_entry> &sources, std::vector<tx_destination_entry> &destinations) {sources[0].outputs[0].second.mask = rct::zeroCommit(sources[0].amount); sources[0].mask = rct::identity();},
+ [](transaction &tx){boost::get<txin_to_key>(tx.vin[0]).amount = 0;});
+}
+
+bool gen_rct_tx_pre_rct_zero_vin_amount::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {boost::get<txin_to_key>(tx.vin[0]).amount = 0;});
+}
+
+bool gen_rct_tx_rct_non_zero_vin_amount::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {boost::get<txin_to_key>(tx.vin[0]).amount = 5000000000000;}); // one that we know exists
+}
+
+bool gen_rct_tx_non_zero_vout_amount::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.vout[0].amount = 5000000000000;}); // one that we know exists
+}
+
+bool gen_rct_tx_pre_rct_duplicate_key_image::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [&events](transaction &tx) {boost::get<txin_to_key>(tx.vin[0]).k_image = boost::get<txin_to_key>(boost::get<transaction>(events[67]).vin[0]).k_image;});
+}
+
+bool gen_rct_tx_rct_duplicate_key_image::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [&events](transaction &tx) {boost::get<txin_to_key>(tx.vin[0]).k_image = boost::get<txin_to_key>(boost::get<transaction>(events[67]).vin[0]).k_image;});
+}
+
+bool gen_rct_tx_pre_rct_wrong_key_image::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ // some random key image from the monero blockchain, so we get something that is a valid key image
+ static const uint8_t k_image[33] = "\x49\x3b\x56\x16\x54\x76\xa8\x75\xb7\xf4\xa8\x51\xf5\x55\xd3\x44\xe7\x3e\xea\x73\xee\xc1\x06\x7c\x7d\xb6\x57\x28\x46\x85\xe1\x07";
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {memcpy(&boost::get<txin_to_key>(tx.vin[0]).k_image, k_image, 32);});
+}
+
+bool gen_rct_tx_rct_wrong_key_image::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ // some random key image from the monero blockchain, so we get something that is a valid key image
+ static const uint8_t k_image[33] = "\x49\x3b\x56\x16\x54\x76\xa8\x75\xb7\xf4\xa8\x51\xf5\x55\xd3\x44\xe7\x3e\xea\x73\xee\xc1\x06\x7c\x7d\xb6\x57\x28\x46\x85\xe1\x07";
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {memcpy(&boost::get<txin_to_key>(tx.vin[0]).k_image, k_image, 32);});
+}
+
+bool gen_rct_tx_pre_rct_wrong_fee::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.rct_signatures.txnFee++;});
+}
+
+bool gen_rct_tx_rct_wrong_fee::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.rct_signatures.txnFee++;});
+}
+
+bool gen_rct_tx_pre_rct_increase_vin_and_fee::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {boost::get<txin_to_key>(tx.vin[0]).amount++;tx.rct_signatures.txnFee++;});
+}
+
+bool gen_rct_tx_pre_rct_remove_vin::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.vin.pop_back();});
+}
+
+bool gen_rct_tx_rct_remove_vin::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.vin.pop_back();});
+}
+
+bool gen_rct_tx_pre_rct_add_vout::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.vout.push_back(tx.vout.back());});
+}
+
+bool gen_rct_tx_rct_add_vout::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {tx.vout.push_back(tx.vout.back());});
+}
+
+bool gen_rct_tx_pre_rct_altered_extra::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {0, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {std::string extra_nonce; crypto::hash pid = cryptonote::null_hash; set_payment_id_to_tx_extra_nonce(extra_nonce, pid); add_extra_nonce_to_tx_extra(tx.extra, extra_nonce);});
+}
+
+bool gen_rct_tx_rct_altered_extra::generate(std::vector<test_event_entry>& events) const
+{
+ const int mixin = 2;
+ const int out_idx[] = {1, -1};
+ const uint64_t amount_paid = 10000;
+ return generate_with(events, out_idx, mixin, amount_paid, false,
+ NULL, [](transaction &tx) {std::string extra_nonce; crypto::hash pid = cryptonote::null_hash; set_payment_id_to_tx_extra_nonce(extra_nonce, pid); add_extra_nonce_to_tx_extra(tx.extra, extra_nonce);});
+}
+
diff --git a/tests/core_tests/rct.h b/tests/core_tests/rct.h
new file mode 100644
index 000000000..f16e665f9
--- /dev/null
+++ b/tests/core_tests/rct.h
@@ -0,0 +1,264 @@
+// Copyright (c) 2014-2016, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#pragma once
+#include "chaingen.h"
+
+struct gen_rct_tx_validation_base : public test_chain_unit_base
+{
+ gen_rct_tx_validation_base()
+ : m_invalid_tx_index(0)
+ , m_invalid_block_index(0)
+ {
+ REGISTER_CALLBACK_METHOD(gen_rct_tx_validation_base, mark_invalid_tx);
+ REGISTER_CALLBACK_METHOD(gen_rct_tx_validation_base, mark_invalid_block);
+ }
+
+ bool check_tx_verification_context(const cryptonote::tx_verification_context& tvc, bool tx_added, size_t event_idx, const cryptonote::transaction& /*tx*/)
+ {
+ if (m_invalid_tx_index == event_idx)
+ return tvc.m_verifivation_failed;
+ else
+ return !tvc.m_verifivation_failed && tx_added;
+ }
+
+ bool check_block_verification_context(const cryptonote::block_verification_context& bvc, size_t event_idx, const cryptonote::block& /*block*/)
+ {
+ if (m_invalid_block_index == event_idx)
+ return bvc.m_verifivation_failed;
+ else
+ return !bvc.m_verifivation_failed;
+ }
+
+ bool mark_invalid_block(cryptonote::core& /*c*/, size_t ev_index, const std::vector<test_event_entry>& /*events*/)
+ {
+ m_invalid_block_index = ev_index + 1;
+ return true;
+ }
+
+ bool mark_invalid_tx(cryptonote::core& /*c*/, size_t ev_index, const std::vector<test_event_entry>& /*events*/)
+ {
+ m_invalid_tx_index = ev_index + 1;
+ return true;
+ }
+
+ bool generate_with(std::vector<test_event_entry>& events, const int *out_idx, int mixin,
+ uint64_t amount_paid, bool valid,
+ const std::function<void(std::vector<cryptonote::tx_source_entry> &sources, std::vector<cryptonote::tx_destination_entry> &destinations)> &pre_tx,
+ const std::function<void(cryptonote::transaction &tx)> &post_tx) const;
+
+private:
+ size_t m_invalid_tx_index;
+ size_t m_invalid_block_index;
+};
+
+template<>
+struct get_test_options<gen_rct_tx_validation_base> {
+ const std::pair<uint8_t, uint64_t> hard_forks[4] = {std::make_pair(1, 0), std::make_pair(2, 1), std::make_pair(4, 65), std::make_pair(0, 0)};
+ const cryptonote::test_options test_options = {
+ hard_forks
+ };
+};
+
+// valid
+struct gen_rct_tx_valid_from_pre_rct : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_valid_from_pre_rct>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_valid_from_rct : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_valid_from_rct>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_valid_from_mixed : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_valid_from_mixed>: public get_test_options<gen_rct_tx_validation_base> {};
+
+// altered commitment/dest
+struct gen_rct_tx_pre_rct_bad_real_dest : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_bad_real_dest>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_pre_rct_bad_real_mask : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_bad_real_mask>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_pre_rct_bad_fake_dest : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_bad_fake_dest>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_pre_rct_bad_fake_mask : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_bad_fake_mask>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_bad_real_dest : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_bad_real_dest>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_bad_real_mask : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_bad_real_mask>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_bad_fake_dest : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_bad_fake_dest>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_bad_fake_mask : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_bad_fake_mask>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_spend_with_zero_commit : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_spend_with_zero_commit>: public get_test_options<gen_rct_tx_validation_base> {};
+
+// altered amounts
+struct gen_rct_tx_pre_rct_zero_vin_amount : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_zero_vin_amount>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_non_zero_vin_amount : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_non_zero_vin_amount>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_non_zero_vout_amount : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_non_zero_vout_amount>: public get_test_options<gen_rct_tx_validation_base> {};
+
+// key image
+struct gen_rct_tx_pre_rct_duplicate_key_image : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_duplicate_key_image>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_duplicate_key_image : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_duplicate_key_image>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_pre_rct_wrong_key_image : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_wrong_key_image>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_wrong_key_image : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_wrong_key_image>: public get_test_options<gen_rct_tx_validation_base> {};
+
+// fee
+struct gen_rct_tx_pre_rct_wrong_fee : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_wrong_fee>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_wrong_fee : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_wrong_fee>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_pre_rct_increase_vin_and_fee : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_increase_vin_and_fee>: public get_test_options<gen_rct_tx_validation_base> {};
+
+// modify vin/vout
+struct gen_rct_tx_pre_rct_remove_vin : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_remove_vin>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_remove_vin : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_remove_vin>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_pre_rct_add_vout : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_add_vout>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_add_vout : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_add_vout>: public get_test_options<gen_rct_tx_validation_base> {};
+
+// extra
+struct gen_rct_tx_pre_rct_altered_extra : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_pre_rct_altered_extra>: public get_test_options<gen_rct_tx_validation_base> {};
+
+struct gen_rct_tx_rct_altered_extra : public gen_rct_tx_validation_base
+{
+ bool generate(std::vector<test_event_entry>& events) const;
+};
+template<> struct get_test_options<gen_rct_tx_rct_altered_extra>: public get_test_options<gen_rct_tx_validation_base> {};
+
diff --git a/tests/core_tests/transaction_tests.cpp b/tests/core_tests/transaction_tests.cpp
index 5c866b618..cb585b975 100644
--- a/tests/core_tests/transaction_tests.cpp
+++ b/tests/core_tests/transaction_tests.cpp
@@ -82,32 +82,22 @@ bool test_transaction_generation_and_ring_signature()
src.amount = 70368744177663;
{
tx_output_entry oe;
- oe.first = 0;
- oe.second = boost::get<txout_to_key>(tx_mine_1.vout[0].target).key;
- src.outputs.push_back(oe);
- oe.first = 1;
- oe.second = boost::get<txout_to_key>(tx_mine_2.vout[0].target).key;
- src.outputs.push_back(oe);
+ src.push_output(0, boost::get<txout_to_key>(tx_mine_1.vout[0].target).key, src.amount);
- oe.first = 2;
- oe.second = boost::get<txout_to_key>(tx_mine_3.vout[0].target).key;
- src.outputs.push_back(oe);
+ src.push_output(1, boost::get<txout_to_key>(tx_mine_2.vout[0].target).key, src.amount);
- oe.first = 3;
- oe.second = boost::get<txout_to_key>(tx_mine_4.vout[0].target).key;
- src.outputs.push_back(oe);
+ src.push_output(2, boost::get<txout_to_key>(tx_mine_3.vout[0].target).key, src.amount);
- oe.first = 4;
- oe.second = boost::get<txout_to_key>(tx_mine_5.vout[0].target).key;
- src.outputs.push_back(oe);
+ src.push_output(3, boost::get<txout_to_key>(tx_mine_4.vout[0].target).key, src.amount);
- oe.first = 5;
- oe.second = boost::get<txout_to_key>(tx_mine_6.vout[0].target).key;
- src.outputs.push_back(oe);
+ src.push_output(4, boost::get<txout_to_key>(tx_mine_5.vout[0].target).key, src.amount);
+
+ src.push_output(5, boost::get<txout_to_key>(tx_mine_6.vout[0].target).key, src.amount);
src.real_out_tx_key = cryptonote::get_tx_pub_key_from_extra(tx_mine_2);
src.real_output = 1;
+ src.rct = false;
src.real_output_in_tx_index = 0;
}
//fill outputs entry
diff --git a/tests/core_tests/tx_validation.cpp b/tests/core_tests/tx_validation.cpp
index f72c906e5..cf018c8e2 100644
--- a/tests/core_tests/tx_validation.cpp
+++ b/tests/core_tests/tx_validation.cpp
@@ -39,7 +39,7 @@ namespace
{
struct tx_builder
{
- void step1_init(size_t version = CURRENT_TRANSACTION_VERSION, uint64_t unlock_time = 0)
+ void step1_init(size_t version = 1, uint64_t unlock_time = 0)
{
m_tx.vin.clear();
m_tx.vout.clear();
@@ -108,9 +108,13 @@ namespace
BOOST_FOREACH(const tx_source_entry& src_entr, sources)
{
std::vector<const crypto::public_key*> keys_ptrs;
+ std::vector<crypto::public_key> keys(src_entr.outputs.size());
+ size_t j = 0;
BOOST_FOREACH(const tx_source_entry::output_entry& o, src_entr.outputs)
{
- keys_ptrs.push_back(&o.second);
+ keys[j] = rct::rct2pk(o.second.dest);
+ keys_ptrs.push_back(&keys[j]);
+ ++j;
}
m_tx.signatures.push_back(std::vector<crypto::signature>());
@@ -136,7 +140,7 @@ namespace
fill_tx_sources_and_destinations(events, blk_head, from, to, amount, TESTS_DEFAULT_FEE, 0, sources, destinations);
tx_builder builder;
- builder.step1_init(CURRENT_TRANSACTION_VERSION, unlock_time);
+ builder.step1_init(1, unlock_time);
builder.step2_fill_inputs(from.get_keys(), sources);
builder.step3_fill_outputs(destinations);
builder.step4_calc_hash();
@@ -177,7 +181,7 @@ bool gen_tx_big_version::generate(std::vector<test_event_entry>& events) const
fill_tx_sources_and_destinations(events, blk_0, miner_account, miner_account, MK_COINS(1), TESTS_DEFAULT_FEE, 0, sources, destinations);
tx_builder builder;
- builder.step1_init(CURRENT_TRANSACTION_VERSION + 1, 0);
+ builder.step1_init(1 + 1, 0);
builder.step2_fill_inputs(miner_account.get_keys(), sources);
builder.step3_fill_outputs(destinations);
builder.step4_calc_hash();
diff --git a/tests/core_tests/v2_tests.cpp b/tests/core_tests/v2_tests.cpp
index fe6b8b279..93ddd8a12 100644
--- a/tests/core_tests/v2_tests.cpp
+++ b/tests/core_tests/v2_tests.cpp
@@ -79,7 +79,6 @@ bool gen_v2_tx_validation_base::generate_with(std::vector<test_event_entry>& eve
}
// create a tx with the Nth outputs of miner's block reward
- typedef tx_source_entry::output_entry tx_output_entry;
std::vector<tx_source_entry> sources;
for (size_t out_idx_idx = 0; out_idx[out_idx_idx] >= 0; ++out_idx_idx) {
sources.resize(sources.size()+1);
@@ -88,16 +87,16 @@ bool gen_v2_tx_validation_base::generate_with(std::vector<test_event_entry>& eve
src.amount = blocks[0].miner_tx.vout[out_idx[out_idx_idx]].amount;
std::cout << "using " << print_money(src.amount) << " output at index " << out_idx[out_idx_idx] << std::endl;
for (int m = 0; m <= mixin; ++m) {
- tx_output_entry oe;
+ int idx;
if (is_valid_decomposed_amount(src.amount))
- oe.first = m+1; // one out of that size per miner tx, including genesis
+ idx = m+1; // one out of that size per miner tx, including genesis
else
- oe.first = 0; // dusty, no other output of that size
- oe.second = boost::get<txout_to_key>(blocks[m].miner_tx.vout[out_idx[out_idx_idx]].target).key;
- src.outputs.push_back(oe);
+ idx = 0; // dusty, no other output of that size
+ src.push_output(idx, boost::get<txout_to_key>(blocks[m].miner_tx.vout[out_idx[out_idx_idx]].target).key, src.amount);
}
src.real_out_tx_key = cryptonote::get_tx_pub_key_from_extra(blocks[0].miner_tx);
src.real_output = 0;
+ src.rct = false;
src.real_output_in_tx_index = out_idx[out_idx_idx];
}
diff --git a/tests/core_tests/v2_tests.h b/tests/core_tests/v2_tests.h
index 10049ec95..fbc2b5295 100644
--- a/tests/core_tests/v2_tests.h
+++ b/tests/core_tests/v2_tests.h
@@ -79,7 +79,7 @@ private:
template<>
struct get_test_options<gen_v2_tx_validation_base> {
- const std::pair<uint8_t, uint64_t> hard_forks[2] = {std::make_pair(1, 0), std::make_pair(2, 1)};
+ const std::pair<uint8_t, uint64_t> hard_forks[3] = {std::make_pair(1, 0), std::make_pair(2, 1), std::make_pair(0, 0)};
const cryptonote::test_options test_options = {
hard_forks
};
diff --git a/tests/functional_tests/transactions_flow_test.cpp b/tests/functional_tests/transactions_flow_test.cpp
index 6bf910101..585328348 100644
--- a/tests/functional_tests/transactions_flow_test.cpp
+++ b/tests/functional_tests/transactions_flow_test.cpp
@@ -281,7 +281,7 @@ bool transactions_flow_test(std::string& working_folder,
w2.get_transfers(tc);
BOOST_FOREACH(tools::wallet2::transfer_details& td, tc)
{
- auto it = txs.find(get_transaction_hash(td.m_tx));
+ auto it = txs.find(td.m_txid);
CHECK_AND_ASSERT_MES(it != txs.end(), false, "transaction not found in local cache");
it->second.m_received_count += 1;
}
diff --git a/tests/functional_tests/transactions_generation_from_blockchain.cpp b/tests/functional_tests/transactions_generation_from_blockchain.cpp
index c076776c4..63ff0343b 100644
--- a/tests/functional_tests/transactions_generation_from_blockchain.cpp
+++ b/tests/functional_tests/transactions_generation_from_blockchain.cpp
@@ -31,7 +31,6 @@
#include "include_base_utils.h"
using namespace epee;
#include "wallet/wallet2.h"
-#include "cryptonote_core/blockchain_storage.h"
using namespace cryptonote;
@@ -114,6 +113,7 @@ bool make_tx(blockchain_storage& bch)
src.real_out_tx_key = td.m_tx.tx_pub_key;
src.real_output = interted_it - src.outputs.begin();
src.real_output_in_tx_index = td.m_internal_output_index;
+ src.rct = false;
++i;
}
diff --git a/tests/performance_tests/multi_tx_test_base.h b/tests/performance_tests/multi_tx_test_base.h
index c28e8cad4..d8898b60d 100644
--- a/tests/performance_tests/multi_tx_test_base.h
+++ b/tests/performance_tests/multi_tx_test_base.h
@@ -59,7 +59,7 @@ public:
return false;
txout_to_key tx_out = boost::get<txout_to_key>(m_miner_txs[i].vout[0].target);
- output_entries.push_back(std::make_pair(i, tx_out.key));
+ output_entries.push_back(std::make_pair(i, rct::ctkey({rct::pk2rct(tx_out.key), rct::identity()})));
m_public_keys[i] = tx_out.key;
m_public_key_ptrs[i] = &m_public_keys[i];
}
@@ -72,6 +72,7 @@ public:
source_entry.real_output_in_tx_index = 0;
source_entry.outputs.swap(output_entries);
source_entry.real_output = real_source_idx;
+ source_entry.rct = false;
m_sources.push_back(source_entry);
diff --git a/tests/unit_tests/CMakeLists.txt b/tests/unit_tests/CMakeLists.txt
index 1b272cf5a..3d42809e3 100644
--- a/tests/unit_tests/CMakeLists.txt
+++ b/tests/unit_tests/CMakeLists.txt
@@ -51,7 +51,9 @@ set(unit_tests_sources
test_protocol_pack.cpp
hardfork.cpp
unbound.cpp
- varint.cpp)
+ varint.cpp
+ ringct.cpp
+ output_selection.cpp)
set(unit_tests_headers
unit_tests_utils.h)
@@ -61,6 +63,7 @@ add_executable(unit_tests
${unit_tests_headers})
target_link_libraries(unit_tests
LINK_PRIVATE
+ ringct
cryptonote_core
blockchain_db
rpc
diff --git a/tests/unit_tests/hardfork.cpp b/tests/unit_tests/hardfork.cpp
index eab6b9cf8..a279b6c68 100644
--- a/tests/unit_tests/hardfork.cpp
+++ b/tests/unit_tests/hardfork.cpp
@@ -96,7 +96,7 @@ public:
virtual void remove_block() { blocks.pop_back(); }
virtual uint64_t add_transaction_data(const crypto::hash& blk_hash, const transaction& tx, const crypto::hash& tx_hash) {return 0;}
virtual void remove_transaction_data(const crypto::hash& tx_hash, const transaction& tx) {}
- virtual uint64_t add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time) {return 0;}
+ virtual uint64_t add_output(const crypto::hash& tx_hash, const tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time, const rct::key *commitment) {return 0;}
virtual void add_tx_amount_output_indices(const uint64_t tx_index, const std::vector<uint64_t>& amount_output_indices) {}
virtual void add_spent_key(const crypto::key_image& k_image) {}
virtual void remove_spent_key(const crypto::key_image& k_image) {}
diff --git a/tests/unit_tests/output_selection.cpp b/tests/unit_tests/output_selection.cpp
new file mode 100644
index 000000000..4344d1ffc
--- /dev/null
+++ b/tests/unit_tests/output_selection.cpp
@@ -0,0 +1,103 @@
+// Copyright (c) 2014-2016, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// FIXME: move this into a full wallet2 unit test suite, if possible
+
+#include "gtest/gtest.h"
+
+#include "wallet/wallet2.h"
+#include <string>
+
+static tools::wallet2::transfer_container make_transfers_container(size_t N)
+{
+ tools::wallet2::transfer_container transfers;
+ for (size_t n = 0; n < N; ++n)
+ {
+ transfers.push_back(AUTO_VAL_INIT(tools::wallet2::transfer_details()));
+ tools::wallet2::transfer_details &td = transfers.back();
+ td.m_block_height = 1000;
+ td.m_spent = false;
+ td.m_txid = cryptonote::null_hash;
+ td.m_txid.data[0] = n & 0xff;
+ td.m_txid.data[1] = (n >> 8) & 0xff;
+ td.m_txid.data[2] = (n >> 16) & 0xff;
+ td.m_txid.data[3] = (n >> 24) & 0xff;
+ }
+ return transfers;
+}
+
+#define SELECT(idx) \
+ do { \
+ auto i = std::find(unused_indices.begin(), unused_indices.end(), idx); \
+ ASSERT_TRUE(i != unused_indices.end()); \
+ unused_indices.erase(i); \
+ selected.push_back(transfers.begin() + idx); \
+ } while(0)
+
+#define PICK(expected) \
+ do { \
+ size_t idx = w.pop_best_value_from(transfers, unused_indices, selected); \
+ ASSERT_EQ(expected, idx); \
+ selected.push_back(transfers.begin() + idx); \
+ } while(0)
+
+TEST(select_outputs, one_out_of_N)
+{
+ tools::wallet2 w;
+
+ // check that if there are N-1 outputs of the same height, one of them
+ // already selected, the next one selected is the one that's from a
+ // different height
+ tools::wallet2::transfer_container transfers = make_transfers_container(10);
+ transfers[6].m_block_height = 700;
+ std::vector<size_t> unused_indices({0, 1, 2, 3, 4, 5, 6, 7, 8, 9});
+ std::list<tools::wallet2::transfer_container::iterator> selected;
+ SELECT(2);
+ PICK(6);
+}
+
+TEST(select_outputs, order)
+{
+ tools::wallet2 w;
+
+ // check that most unrelated heights are picked in order
+ tools::wallet2::transfer_container transfers = make_transfers_container(5);
+ transfers[0].m_block_height = 700;
+ transfers[1].m_block_height = 700;
+ transfers[2].m_block_height = 704;
+ transfers[3].m_block_height = 716;
+ transfers[4].m_block_height = 701;
+ std::vector<size_t> unused_indices({0, 1, 2, 3, 4});
+ std::list<tools::wallet2::transfer_container::iterator> selected;
+ SELECT(0);
+ PICK(3); // first the one that's far away
+ PICK(2); // then the one that's close
+ PICK(4); // then the one that's adjacent
+ PICK(1); // then the one that's on the same height
+}
+
diff --git a/tests/unit_tests/ringct.cpp b/tests/unit_tests/ringct.cpp
new file mode 100644
index 000000000..224e32e61
--- /dev/null
+++ b/tests/unit_tests/ringct.cpp
@@ -0,0 +1,1070 @@
+// Copyright (c) 2014-2016, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#include "gtest/gtest.h"
+
+#include <cstdint>
+#include <algorithm>
+
+#include "ringct/rctTypes.h"
+#include "ringct/rctSigs.h"
+#include "ringct/rctOps.h"
+
+using namespace crypto;
+using namespace rct;
+
+TEST(ringct, SNL)
+{
+ key x, P1;
+ skpkGen(x, P1);
+
+ key P2 = pkGen();
+ key P3 = pkGen();
+
+ key L1, s1, s2;
+ GenSchnorrNonLinkable(L1, s1, s2, x, P1, P2, 0);
+
+ // a valid one
+ // an invalid one
+ ASSERT_TRUE(VerSchnorrNonLinkable(P1, P2, L1, s1, s2));
+ ASSERT_FALSE(VerSchnorrNonLinkable(P1, P3, L1, s1, s2));
+}
+
+TEST(ringct, ASNL)
+{
+ int j = 0;
+
+ //Tests for ASNL
+ //#ASNL true one, false one, C != sum Ci, and one out of the range..
+ int N = 64;
+ key64 xv;
+ key64 P1v;
+ key64 P2v;
+ bits indi;
+
+ for (j = 0 ; j < N ; j++) {
+ indi[j] = (int)randXmrAmount(2);
+
+ xv[j] = skGen();
+ if ( (int)indi[j] == 0 ) {
+ P1v[j] = scalarmultBase(xv[j]);
+ P2v[j] = pkGen();
+
+ } else {
+
+ P2v[j] = scalarmultBase(xv[j]);
+ P1v[j] = pkGen();
+
+ }
+ }
+
+ //#true one
+ asnlSig L1s2s = GenASNL(xv, P1v, P2v, indi);
+ ASSERT_TRUE(VerASNL(P1v, P2v, L1s2s));
+
+ //#false one
+ indi[3] = (indi[3] + 1) % 2;
+ L1s2s = GenASNL(xv, P1v, P2v, indi);
+ ASSERT_FALSE(VerASNL(P1v, P2v, L1s2s));
+
+ //#true one again
+ indi[3] = (indi[3] + 1) % 2;
+ L1s2s = GenASNL(xv, P1v, P2v, indi);
+ ASSERT_TRUE(VerASNL(P1v, P2v, L1s2s));
+
+ //#false one
+ L1s2s = GenASNL(xv, P2v, P1v, indi);
+ ASSERT_FALSE(VerASNL(P1v, P2v, L1s2s));
+}
+
+TEST(ringct, MG_sigs)
+{
+ int j = 0;
+ int N = 0;
+
+ //Tests for MG Sigs
+ //#MG sig: true one
+ N = 3;// #cols
+ int R = 3;// #rows
+ keyV xtmp = skvGen(R);
+ keyM xm = keyMInit(R, N);// = [[None]*N] #just used to generate test public keys
+ keyV sk = skvGen(R);
+ keyM P = keyMInit(R, N);// = keyM[[None]*N] #stores the public keys;
+ int ind = 2;
+ int i = 0;
+ for (j = 0 ; j < R ; j++) {
+ for (i = 0 ; i < N ; i++)
+ {
+ xm[i][j] = skGen();
+ P[i][j] = scalarmultBase(xm[i][j]);
+ }
+ }
+ for (j = 0 ; j < R ; j++) {
+ sk[j] = xm[ind][j];
+ }
+ key message = identity();
+ mgSig IIccss = MLSAG_Gen(message, P, sk, ind, R);
+ ASSERT_TRUE(MLSAG_Ver(message, P, IIccss, R));
+
+ //#MG sig: false one
+ N = 3;// #cols
+ R = 3;// #rows
+ xtmp = skvGen(R);
+ keyM xx(N, xtmp);// = [[None]*N] #just used to generate test public keys
+ sk = skvGen(R);
+ //P (N, xtmp);// = keyM[[None]*N] #stores the public keys;
+
+ ind = 2;
+ for (j = 0 ; j < R ; j++) {
+ for (i = 0 ; i < N ; i++)
+ {
+ xx[i][j] = skGen();
+ P[i][j] = scalarmultBase(xx[i][j]);
+ }
+ sk[j] = xx[ind][j];
+ }
+ sk[2] = skGen();//asume we don't know one of the private keys..
+ IIccss = MLSAG_Gen(message, P, sk, ind, R);
+ ASSERT_FALSE(MLSAG_Ver(message, P, IIccss, R));
+}
+
+TEST(ringct, range_proofs)
+{
+ //Ring CT Stuff
+ //ct range proofs
+ ctkeyV sc, pc;
+ ctkey sctmp, pctmp;
+ //add fake input 5000
+ tie(sctmp, pctmp) = ctskpkGen(6000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+
+
+ tie(sctmp, pctmp) = ctskpkGen(7000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ vector<xmr_amount >amounts;
+ rct::keyV amount_keys;
+ key mask;
+
+ //add output 500
+ amounts.push_back(500);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ keyV destinations;
+ key Sk, Pk;
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+
+
+ //add output for 12500
+ amounts.push_back(12500);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+
+ //compute rct data with mixin 500
+ rctSig s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
+
+ //verify rct data
+ ASSERT_TRUE(verRct(s));
+
+ //decode received amount
+ ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask));
+
+ // Ring CT with failing MG sig part should not verify!
+ // Since sum of inputs != outputs
+
+ amounts[1] = 12501;
+ skpkGen(Sk, Pk);
+ destinations[1] = Pk;
+
+
+ //compute rct data with mixin 500
+ s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
+
+ //verify rct data
+ ASSERT_FALSE(verRct(s));
+
+ //decode received amount
+ ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask));
+}
+
+TEST(ringct, range_proofs_with_fee)
+{
+ //Ring CT Stuff
+ //ct range proofs
+ ctkeyV sc, pc;
+ ctkey sctmp, pctmp;
+ //add fake input 5000
+ tie(sctmp, pctmp) = ctskpkGen(6001);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+
+
+ tie(sctmp, pctmp) = ctskpkGen(7000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ vector<xmr_amount >amounts;
+ keyV amount_keys;
+ key mask;
+
+ //add output 500
+ amounts.push_back(500);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ keyV destinations;
+ key Sk, Pk;
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+
+ //add txn fee for 1
+ //has no corresponding destination..
+ amounts.push_back(1);
+ amount_keys.push_back(hash_to_scalar(zero()));
+
+ //add output for 12500
+ amounts.push_back(12500);
+ amount_keys.push_back(hash_to_scalar(zero()));
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+
+ //compute rct data with mixin 500
+ rctSig s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
+
+ //verify rct data
+ ASSERT_TRUE(verRct(s));
+
+ //decode received amount
+ ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask));
+
+ // Ring CT with failing MG sig part should not verify!
+ // Since sum of inputs != outputs
+
+ amounts[1] = 12501;
+ skpkGen(Sk, Pk);
+ destinations[1] = Pk;
+
+
+ //compute rct data with mixin 500
+ s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
+
+ //verify rct data
+ ASSERT_FALSE(verRct(s));
+
+ //decode received amount
+ ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask));
+}
+
+TEST(ringct, simple)
+{
+ ctkeyV sc, pc;
+ ctkey sctmp, pctmp;
+ //this vector corresponds to output amounts
+ vector<xmr_amount>outamounts;
+ //this vector corresponds to input amounts
+ vector<xmr_amount>inamounts;
+ //this keyV corresponds to destination pubkeys
+ keyV destinations;
+ keyV amount_keys;
+ key mask;
+
+ //add fake input 3000
+ //the sc is secret data
+ //pc is public data
+ tie(sctmp, pctmp) = ctskpkGen(3000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ inamounts.push_back(3000);
+
+ //add fake input 3000
+ //the sc is secret data
+ //pc is public data
+ tie(sctmp, pctmp) = ctskpkGen(3000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ inamounts.push_back(3000);
+
+ //add output 5000
+ outamounts.push_back(5000);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ //add the corresponding destination pubkey
+ key Sk, Pk;
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+
+ //add output 999
+ outamounts.push_back(999);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ //add the corresponding destination pubkey
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+
+ key message = skGen(); //real message later (hash of txn..)
+
+ //compute sig with mixin 2
+ xmr_amount txnfee = 1;
+
+ rctSig s = genRctSimple(message, sc, pc, destinations,inamounts, outamounts, amount_keys, txnfee, 2);
+
+ //verify ring ct signature
+ ASSERT_TRUE(verRctSimple(s));
+
+ //decode received amount corresponding to output pubkey index 1
+ ASSERT_TRUE(decodeRctSimple(s, amount_keys[1], 1, mask));
+}
+
+static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], bool last_is_fee)
+{
+ ctkeyV sc, pc;
+ ctkey sctmp, pctmp;
+ vector<xmr_amount >amounts;
+ keyV destinations;
+ keyV amount_keys;
+ key Sk, Pk;
+
+ for (int n = 0; n < n_inputs; ++n) {
+ tie(sctmp, pctmp) = ctskpkGen(input_amounts[n]);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ }
+
+ for (int n = 0; n < n_outputs; ++n) {
+ amounts.push_back(output_amounts[n]);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ skpkGen(Sk, Pk);
+ if (n < n_outputs - 1 || !last_is_fee)
+ destinations.push_back(Pk);
+ }
+
+ return genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);;
+}
+
+static rct::rctSig make_sample_simple_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], uint64_t fee)
+{
+ ctkeyV sc, pc;
+ ctkey sctmp, pctmp;
+ vector<xmr_amount> inamounts, outamounts;
+ keyV destinations;
+ keyV amount_keys;
+ key Sk, Pk;
+
+ for (int n = 0; n < n_inputs; ++n) {
+ inamounts.push_back(input_amounts[n]);
+ tie(sctmp, pctmp) = ctskpkGen(input_amounts[n]);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ }
+
+ for (int n = 0; n < n_outputs; ++n) {
+ outamounts.push_back(output_amounts[n]);
+ amount_keys.push_back(hash_to_scalar(zero()));
+ skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+ }
+
+ return genRctSimple(rct::zero(), sc, pc, destinations, inamounts, outamounts, amount_keys, fee, 3);;
+}
+
+static bool range_proof_test(bool expected_valid,
+ int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], bool last_is_fee, bool simple)
+{
+ //compute rct data
+ bool valid;
+ try {
+ rctSig s;
+ // simple takes fee as a parameter, non-simple takes it as an extra element to output amounts
+ if (simple) {
+ s = make_sample_simple_rct_sig(n_inputs, input_amounts, last_is_fee ? n_outputs - 1 : n_outputs, output_amounts, last_is_fee ? output_amounts[n_outputs - 1] : 0);
+ valid = verRctSimple(s);
+ }
+ else {
+ s = make_sample_rct_sig(n_inputs, input_amounts, n_outputs, output_amounts, last_is_fee);
+ valid = verRct(s);
+ }
+ }
+ catch (const std::exception &e) {
+ valid = false;
+ }
+
+ if (valid == expected_valid) {
+ return testing::AssertionSuccess();
+ }
+ else {
+ return testing::AssertionFailure();
+ }
+}
+
+#define NELTS(array) (sizeof(array)/sizeof(array[0]))
+
+TEST(ringct, range_proofs_reject_empty_outs)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_empty_outs_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_empty_ins)
+{
+ const uint64_t inputs[] = {};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_empty_ins_simple)
+{
+ const uint64_t inputs[] = {};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_all_empty)
+{
+ const uint64_t inputs[] = {};
+ const uint64_t outputs[] = {};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_all_empty_simple)
+{
+ const uint64_t inputs[] = {};
+ const uint64_t outputs[] = {};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_empty)
+{
+ const uint64_t inputs[] = {0};
+ const uint64_t outputs[] = {};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_empty_simple)
+{
+ const uint64_t inputs[] = {0};
+ const uint64_t outputs[] = {};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_empty_zero)
+{
+ const uint64_t inputs[] = {};
+ const uint64_t outputs[] = {0};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_empty_zero_simple)
+{
+ const uint64_t inputs[] = {};
+ const uint64_t outputs[] = {0};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_zero)
+{
+ const uint64_t inputs[] = {0};
+ const uint64_t outputs[] = {0};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_zero_simple)
+{
+ const uint64_t inputs[] = {0};
+ const uint64_t outputs[] = {0};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_out_first)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {0, 5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_out_first_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {0, 5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_out_last)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {5000, 0};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_out_last_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {5000, 0};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_out_middle)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {2500, 0, 2500};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_out_middle_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {2500, 0, 2500};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_in_first)
+{
+ const uint64_t inputs[] = {0, 5000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_in_first_simple)
+{
+ const uint64_t inputs[] = {0, 5000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_in_last)
+{
+ const uint64_t inputs[] = {5000, 0};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_in_last_simple)
+{
+ const uint64_t inputs[] = {5000, 0};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_zero_in_middle)
+{
+ const uint64_t inputs[] = {2500, 0, 2500};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_zero_in_middle_simple)
+{
+ const uint64_t inputs[] = {2500, 0, 2500};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_single_lower)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {1};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_single_lower_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {1};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_single_higher)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {5001};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_single_higher_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {5001};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_single_out_negative)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {(uint64_t)-1000ll};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_single_out_negative_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {(uint64_t)-1000ll};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_out_negative_first)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {(uint64_t)-1000ll, 6000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_out_negative_first_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {(uint64_t)-1000ll, 6000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_out_negative_last)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {6000, (uint64_t)-1000ll};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_out_negative_last_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {6000, (uint64_t)-1000ll};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_out_negative_middle)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {3000, (uint64_t)-1000ll, 3000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_out_negative_middle_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {3000, (uint64_t)-1000ll, 3000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_single_in_negative)
+{
+ const uint64_t inputs[] = {(uint64_t)-1000ll};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_single_in_negative_simple)
+{
+ const uint64_t inputs[] = {(uint64_t)-1000ll};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_in_negative_first)
+{
+ const uint64_t inputs[] = {(uint64_t)-1000ll, 6000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_in_negative_first_simple)
+{
+ const uint64_t inputs[] = {(uint64_t)-1000ll, 6000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_in_negative_last)
+{
+ const uint64_t inputs[] = {6000, (uint64_t)-1000ll};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_in_negative_last_simple)
+{
+ const uint64_t inputs[] = {6000, (uint64_t)-1000ll};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_in_negative_middle)
+{
+ const uint64_t inputs[] = {3000, (uint64_t)-1000ll, 3000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_in_negative_middle_simple)
+{
+ const uint64_t inputs[] = {3000, (uint64_t)-1000ll, 3000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_reject_higher_list)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {1000, 1000, 1000, 1000, 1000, 1000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_reject_higher_list_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {1000, 1000, 1000, 1000, 1000, 1000};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_1_to_1)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_1_to_1_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_1_to_N)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {1000, 1000, 1000, 1000, 1000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_1_to_N_simple)
+{
+ const uint64_t inputs[] = {5000};
+ const uint64_t outputs[] = {1000, 1000, 1000, 1000, 1000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false,true));
+}
+
+TEST(ringct, range_proofs_accept_N_to_1)
+{
+ const uint64_t inputs[] = {1000, 1000, 1000, 1000, 1000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_N_to_1_simple)
+{
+ const uint64_t inputs[] = {1000, 1000, 1000, 1000, 1000};
+ const uint64_t outputs[] = {5000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_N_to_N)
+{
+ const uint64_t inputs[] = {1000, 1000, 1000, 1000, 1000};
+ const uint64_t outputs[] = {1000, 1000, 1000, 1000, 1000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_N_to_N_simple)
+{
+ const uint64_t inputs[] = {1000, 1000, 1000, 1000, 1000};
+ const uint64_t outputs[] = {1000, 1000, 1000, 1000, 1000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, range_proofs_accept_very_long)
+{
+ const size_t N=12;
+ uint64_t inputs[N];
+ uint64_t outputs[N];
+ for (size_t n = 0; n < N; ++n) {
+ inputs[n] = n;
+ outputs[n] = n;
+ }
+ std::random_shuffle(inputs, inputs + N);
+ std::random_shuffle(outputs, outputs + N);
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, false));
+}
+
+TEST(ringct, range_proofs_accept_very_long_simple)
+{
+ const size_t N=12;
+ uint64_t inputs[N];
+ uint64_t outputs[N];
+ for (size_t n = 0; n < N; ++n) {
+ inputs[n] = n;
+ outputs[n] = n;
+ }
+ std::random_shuffle(inputs, inputs + N);
+ std::random_shuffle(outputs, outputs + N);
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, false, true));
+}
+
+TEST(ringct, HPow2)
+{
+ key G = scalarmultBase(d2h(1));
+
+ key H = hashToPointSimple(G);
+ for (int j = 0 ; j < ATOMS ; j++) {
+ ASSERT_TRUE(equalKeys(H, H2[j]));
+ addKeys(H, H, H);
+ }
+}
+
+static const xmr_amount test_amounts[]={0, 1, 2, 3, 4, 5, 10000, 10000000000000000000ull, 10203040506070809000ull, 123456789123456789};
+
+TEST(ringct, ecdh_roundtrip)
+{
+ key k;
+ ecdhTuple t0, t1;
+
+ for (auto amount: test_amounts) {
+ skGen(k);
+
+ t0.mask = skGen();
+ t0.amount = d2h(amount);
+
+ t1 = t0;
+ ecdhEncode(t1, k);
+ ecdhDecode(t1, k);
+ ASSERT_TRUE(t0.mask == t1.mask);
+ ASSERT_TRUE(equalKeys(t0.mask, t1.mask));
+ ASSERT_TRUE(t0.amount == t1.amount);
+ ASSERT_TRUE(equalKeys(t0.amount, t1.amount));
+ }
+}
+
+TEST(ringct, d2h)
+{
+ key k, P1;
+ skpkGen(k, P1);
+ for (auto amount: test_amounts) {
+ d2h(k, amount);
+ ASSERT_TRUE(amount == h2d(k));
+ }
+}
+
+TEST(ringct, d2b)
+{
+ for (auto amount: test_amounts) {
+ bits b;
+ d2b(b, amount);
+ ASSERT_TRUE(amount == b2d(b));
+ }
+}
+
+TEST(ringct, prooveRange_is_non_deterministic)
+{
+ key C[2], mask[2];
+ for (int n = 0; n < 2; ++n)
+ proveRange(C[n], mask[n], 80);
+ ASSERT_TRUE(memcmp(C[0].bytes, C[1].bytes, sizeof(C[0].bytes)));
+ ASSERT_TRUE(memcmp(mask[0].bytes, mask[1].bytes, sizeof(mask[0].bytes)));
+}
+
+TEST(ringct, fee_0_valid)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {2000, 0};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, false));
+}
+
+TEST(ringct, fee_0_valid_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {2000, 0};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, true));
+}
+
+TEST(ringct, fee_non_0_valid)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1900, 100};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, false));
+}
+
+TEST(ringct, fee_non_0_valid_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1900, 100};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, true));
+}
+
+TEST(ringct, fee_non_0_invalid_higher)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1990, 100};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, true, false));
+}
+
+TEST(ringct, fee_non_0_invalid_higher_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1990, 100};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, true, true));
+}
+
+TEST(ringct, fee_non_0_invalid_lower)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1000, 100};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, true, false));
+}
+
+TEST(ringct, fee_non_0_invalid_lower_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1000, 100};
+ EXPECT_TRUE(range_proof_test(false, NELTS(inputs), inputs, NELTS(outputs), outputs, true, true));
+}
+
+TEST(ringct, fee_burn_valid_one_out)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {0, 2000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, false));
+}
+
+TEST(ringct, fee_burn_valid_one_out_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {0, 2000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, true));
+}
+
+TEST(ringct, fee_burn_valid_zero_out)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {2000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, false));
+}
+
+TEST(ringct, fee_burn_valid_zero_out_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {2000};
+ EXPECT_TRUE(range_proof_test(true, NELTS(inputs), inputs, NELTS(outputs), outputs, true, true));
+}
+
+#define TEST_rctSig_elements(name, op) \
+TEST(ringct, rctSig_##name) \
+{ \
+ const uint64_t inputs[] = {1000, 1000}; \
+ const uint64_t outputs[] = {1000, 1000}; \
+ rct::rctSig sig = make_sample_rct_sig(NELTS(inputs), inputs, NELTS(outputs), outputs, true); \
+ ASSERT_TRUE(rct::verRct(sig)); \
+ op; \
+ ASSERT_FALSE(rct::verRct(sig)); \
+}
+
+TEST_rctSig_elements(rangeSigs_empty, sig.p.rangeSigs.resize(0));
+TEST_rctSig_elements(rangeSigs_too_many, sig.p.rangeSigs.push_back(sig.p.rangeSigs.back()));
+TEST_rctSig_elements(rangeSigs_too_few, sig.p.rangeSigs.pop_back());
+TEST_rctSig_elements(mgSig_MG_empty, sig.p.MGs.resize(0));
+TEST_rctSig_elements(mgSig_ss_empty, sig.p.MGs[0].ss.resize(0));
+TEST_rctSig_elements(mgSig_ss_too_many, sig.p.MGs[0].ss.push_back(sig.p.MGs[0].ss.back()));
+TEST_rctSig_elements(mgSig_ss_too_few, sig.p.MGs[0].ss.pop_back());
+TEST_rctSig_elements(mgSig_ss0_empty, sig.p.MGs[0].ss[0].resize(0));
+TEST_rctSig_elements(mgSig_ss0_too_many, sig.p.MGs[0].ss[0].push_back(sig.p.MGs[0].ss[0].back()));
+TEST_rctSig_elements(mgSig_ss0_too_few, sig.p.MGs[0].ss[0].pop_back());
+TEST_rctSig_elements(mgSig_II_empty, sig.p.MGs[0].II.resize(0));
+TEST_rctSig_elements(mgSig_II_too_many, sig.p.MGs[0].II.push_back(sig.p.MGs[0].II.back()));
+TEST_rctSig_elements(mgSig_II_too_few, sig.p.MGs[0].II.pop_back());
+TEST_rctSig_elements(mixRing_empty, sig.mixRing.resize(0));
+TEST_rctSig_elements(mixRing_too_many, sig.mixRing.push_back(sig.mixRing.back()));
+TEST_rctSig_elements(mixRing_too_few, sig.mixRing.pop_back());
+TEST_rctSig_elements(mixRing0_empty, sig.mixRing[0].resize(0));
+TEST_rctSig_elements(mixRing0_too_many, sig.mixRing[0].push_back(sig.mixRing[0].back()));
+TEST_rctSig_elements(mixRing0_too_few, sig.mixRing[0].pop_back());
+TEST_rctSig_elements(ecdhInfo_empty, sig.ecdhInfo.resize(0));
+TEST_rctSig_elements(ecdhInfo_too_many, sig.ecdhInfo.push_back(sig.ecdhInfo.back()));
+TEST_rctSig_elements(ecdhInfo_too_few, sig.ecdhInfo.pop_back());
+TEST_rctSig_elements(outPk_empty, sig.outPk.resize(0));
+TEST_rctSig_elements(outPk_too_many, sig.outPk.push_back(sig.outPk.back()));
+TEST_rctSig_elements(outPk_too_few, sig.outPk.pop_back());
+
+#define TEST_rctSig_elements_simple(name, op) \
+TEST(ringct, rctSig_##name##_simple) \
+{ \
+ const uint64_t inputs[] = {1000, 1000}; \
+ const uint64_t outputs[] = {1000}; \
+ rct::rctSig sig = make_sample_simple_rct_sig(NELTS(inputs), inputs, NELTS(outputs), outputs, 1000); \
+ ASSERT_TRUE(rct::verRctSimple(sig)); \
+ op; \
+ ASSERT_FALSE(rct::verRctSimple(sig)); \
+}
+
+TEST_rctSig_elements_simple(rangeSigs_empty, sig.p.rangeSigs.resize(0));
+TEST_rctSig_elements_simple(rangeSigs_too_many, sig.p.rangeSigs.push_back(sig.p.rangeSigs.back()));
+TEST_rctSig_elements_simple(rangeSigs_too_few, sig.p.rangeSigs.pop_back());
+TEST_rctSig_elements_simple(mgSig_empty, sig.p.MGs.resize(0));
+TEST_rctSig_elements_simple(mgSig_too_many, sig.p.MGs.push_back(sig.p.MGs.back()));
+TEST_rctSig_elements_simple(mgSig_too_few, sig.p.MGs.pop_back());
+TEST_rctSig_elements_simple(mgSig0_ss_empty, sig.p.MGs[0].ss.resize(0));
+TEST_rctSig_elements_simple(mgSig0_ss_too_many, sig.p.MGs[0].ss.push_back(sig.p.MGs[0].ss.back()));
+TEST_rctSig_elements_simple(mgSig0_ss_too_few, sig.p.MGs[0].ss.pop_back());
+TEST_rctSig_elements_simple(mgSig_ss0_empty, sig.p.MGs[0].ss[0].resize(0));
+TEST_rctSig_elements_simple(mgSig_ss0_too_many, sig.p.MGs[0].ss[0].push_back(sig.p.MGs[0].ss[0].back()));
+TEST_rctSig_elements_simple(mgSig_ss0_too_few, sig.p.MGs[0].ss[0].pop_back());
+TEST_rctSig_elements_simple(mgSig0_II_empty, sig.p.MGs[0].II.resize(0));
+TEST_rctSig_elements_simple(mgSig0_II_too_many, sig.p.MGs[0].II.push_back(sig.p.MGs[0].II.back()));
+TEST_rctSig_elements_simple(mgSig0_II_too_few, sig.p.MGs[0].II.pop_back());
+TEST_rctSig_elements_simple(mixRing_empty, sig.mixRing.resize(0));
+TEST_rctSig_elements_simple(mixRing_too_many, sig.mixRing.push_back(sig.mixRing.back()));
+TEST_rctSig_elements_simple(mixRing_too_few, sig.mixRing.pop_back());
+TEST_rctSig_elements_simple(mixRing0_empty, sig.mixRing[0].resize(0));
+TEST_rctSig_elements_simple(mixRing0_too_many, sig.mixRing[0].push_back(sig.mixRing[0].back()));
+TEST_rctSig_elements_simple(mixRing0_too_few, sig.mixRing[0].pop_back());
+TEST_rctSig_elements_simple(pseudoOuts_empty, sig.pseudoOuts.resize(0));
+TEST_rctSig_elements_simple(pseudoOuts_too_many, sig.pseudoOuts.push_back(sig.pseudoOuts.back()));
+TEST_rctSig_elements_simple(pseudoOuts_too_few, sig.pseudoOuts.pop_back());
+TEST_rctSig_elements_simple(ecdhInfo_empty, sig.ecdhInfo.resize(0));
+TEST_rctSig_elements_simple(ecdhInfo_too_many, sig.ecdhInfo.push_back(sig.ecdhInfo.back()));
+TEST_rctSig_elements_simple(ecdhInfo_too_few, sig.ecdhInfo.pop_back());
+TEST_rctSig_elements_simple(outPk_empty, sig.outPk.resize(0));
+TEST_rctSig_elements_simple(outPk_too_many, sig.outPk.push_back(sig.outPk.back()));
+TEST_rctSig_elements_simple(outPk_too_few, sig.outPk.pop_back());
+
+TEST(ringct, reject_gen_simple_ver_non_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1000};
+ rct::rctSig sig = make_sample_simple_rct_sig(NELTS(inputs), inputs, NELTS(outputs), outputs, 1000);
+ ASSERT_FALSE(rct::verRct(sig));
+}
+
+TEST(ringct, reject_gen_non_simple_ver_simple)
+{
+ const uint64_t inputs[] = {1000, 1000};
+ const uint64_t outputs[] = {1000, 1000};
+ rct::rctSig sig = make_sample_rct_sig(NELTS(inputs), inputs, NELTS(outputs), outputs, true);
+ ASSERT_FALSE(rct::verRctSimple(sig));
+}
diff --git a/tests/unit_tests/serialization.cpp b/tests/unit_tests/serialization.cpp
index b110a41ab..40209f6ed 100644
--- a/tests/unit_tests/serialization.cpp
+++ b/tests/unit_tests/serialization.cpp
@@ -36,6 +36,7 @@
#include <boost/foreach.hpp>
#include "cryptonote_core/cryptonote_basic.h"
#include "cryptonote_core/cryptonote_basic_impl.h"
+#include "ringct/rctSigs.h"
#include "serialization/serialization.h"
#include "serialization/binary_archive.h"
#include "serialization/json_archive.h"
@@ -442,3 +443,200 @@ TEST(Serialization, serializes_transacion_signatures_correctly)
blob.resize(blob.size() + sizeof(crypto::signature) / 2);
ASSERT_FALSE(serialization::parse_binary(blob, tx1));
}
+
+TEST(Serialization, serializes_ringct_types)
+{
+ string blob;
+ rct::key key0, key1;
+ rct::keyV keyv0, keyv1;
+ rct::keyM keym0, keym1;
+ rct::ctkey ctkey0, ctkey1;
+ rct::ctkeyV ctkeyv0, ctkeyv1;
+ rct::ctkeyM ctkeym0, ctkeym1;
+ rct::ecdhTuple ecdh0, ecdh1;
+ rct::asnlSig asnl0, asnl1;
+ rct::mgSig mg0, mg1;
+ rct::rangeSig rg0, rg1;
+ rct::rctSig s0, s1;
+ cryptonote::transaction tx0, tx1;
+
+ key0 = rct::skGen();
+ ASSERT_TRUE(serialization::dump_binary(key0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, key1));
+ ASSERT_TRUE(key0 == key1);
+
+ keyv0 = rct::skvGen(30);
+ for (size_t n = 0; n < keyv0.size(); ++n)
+ keyv0[n] = rct::skGen();
+ ASSERT_TRUE(serialization::dump_binary(keyv0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, keyv1));
+ ASSERT_TRUE(keyv0.size() == keyv1.size());
+ for (size_t n = 0; n < keyv0.size(); ++n)
+ {
+ ASSERT_TRUE(keyv0[n] == keyv1[n]);
+ }
+
+ keym0 = rct::keyMInit(9, 12);
+ for (size_t n = 0; n < keym0.size(); ++n)
+ for (size_t i = 0; i < keym0[n].size(); ++i)
+ keym0[n][i] = rct::skGen();
+ ASSERT_TRUE(serialization::dump_binary(keym0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, keym1));
+ ASSERT_TRUE(keym0.size() == keym1.size());
+ for (size_t n = 0; n < keym0.size(); ++n)
+ {
+ ASSERT_TRUE(keym0[n].size() == keym1[n].size());
+ for (size_t i = 0; i < keym0[n].size(); ++i)
+ {
+ ASSERT_TRUE(keym0[n][i] == keym1[n][i]);
+ }
+ }
+
+ rct::skpkGen(ctkey0.dest, ctkey0.mask);
+ ASSERT_TRUE(serialization::dump_binary(ctkey0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, ctkey1));
+ ASSERT_TRUE(!memcmp(&ctkey0, &ctkey1, sizeof(ctkey0)));
+
+ ctkeyv0 = std::vector<rct::ctkey>(14);
+ for (size_t n = 0; n < ctkeyv0.size(); ++n)
+ rct::skpkGen(ctkeyv0[n].dest, ctkeyv0[n].mask);
+ ASSERT_TRUE(serialization::dump_binary(ctkeyv0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, ctkeyv1));
+ ASSERT_TRUE(ctkeyv0.size() == ctkeyv1.size());
+ for (size_t n = 0; n < ctkeyv0.size(); ++n)
+ {
+ ASSERT_TRUE(!memcmp(&ctkeyv0[n], &ctkeyv1[n], sizeof(ctkeyv0[n])));
+ }
+
+ ctkeym0 = std::vector<rct::ctkeyV>(9);
+ for (size_t n = 0; n < ctkeym0.size(); ++n)
+ {
+ ctkeym0[n] = std::vector<rct::ctkey>(11);
+ for (size_t i = 0; i < ctkeym0[n].size(); ++i)
+ rct::skpkGen(ctkeym0[n][i].dest, ctkeym0[n][i].mask);
+ }
+ ASSERT_TRUE(serialization::dump_binary(ctkeym0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, ctkeym1));
+ ASSERT_TRUE(ctkeym0.size() == ctkeym1.size());
+ for (size_t n = 0; n < ctkeym0.size(); ++n)
+ {
+ ASSERT_TRUE(ctkeym0[n].size() == ctkeym1[n].size());
+ for (size_t i = 0; i < ctkeym0.size(); ++i)
+ {
+ ASSERT_TRUE(!memcmp(&ctkeym0[n][i], &ctkeym1[n][i], sizeof(ctkeym0[n][i])));
+ }
+ }
+
+ ecdh0.mask = rct::skGen();
+ ecdh0.amount = rct::skGen();
+ ecdh0.senderPk = rct::skGen();
+ ASSERT_TRUE(serialization::dump_binary(ecdh0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, ecdh1));
+ ASSERT_TRUE(!memcmp(&ecdh0.mask, &ecdh1.mask, sizeof(ecdh0.mask)));
+ ASSERT_TRUE(!memcmp(&ecdh0.amount, &ecdh1.amount, sizeof(ecdh0.amount)));
+ // senderPk is not serialized
+
+ for (size_t n = 0; n < 64; ++n)
+ {
+ asnl0.L1[n] = rct::skGen();
+ asnl0.s2[n] = rct::skGen();
+ }
+ asnl0.s = rct::skGen();
+ ASSERT_TRUE(serialization::dump_binary(asnl0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, asnl1));
+ ASSERT_TRUE(!memcmp(&asnl0, &asnl1, sizeof(asnl0)));
+
+ // create a full rct signature to use its innards
+ rct::ctkeyV sc, pc;
+ rct::ctkey sctmp, pctmp;
+ tie(sctmp, pctmp) = rct::ctskpkGen(6000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ tie(sctmp, pctmp) = rct::ctskpkGen(7000);
+ sc.push_back(sctmp);
+ pc.push_back(pctmp);
+ vector<uint64_t> amounts;
+ rct::keyV amount_keys;
+ //add output 500
+ amounts.push_back(500);
+ rct::keyV destinations;
+ rct::key Sk, Pk;
+ rct::skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+ //add output for 12500
+ amounts.push_back(12500);
+ amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
+ rct::skpkGen(Sk, Pk);
+ destinations.push_back(Pk);
+ //compute rct data with mixin 500
+ s0 = rct::genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
+
+ mg0 = s0.p.MGs[0];
+ ASSERT_TRUE(serialization::dump_binary(mg0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, mg1));
+ ASSERT_TRUE(mg0.ss.size() == mg1.ss.size());
+ for (size_t n = 0; n < mg0.ss.size(); ++n)
+ {
+ ASSERT_TRUE(mg0.ss[n] == mg1.ss[n]);
+ }
+ ASSERT_TRUE(mg0.cc == mg1.cc);
+
+ // mixRing and II are not serialized, they are meant to be reconstructed
+ ASSERT_TRUE(mg1.II.empty());
+
+ rg0 = s0.p.rangeSigs.front();
+ ASSERT_TRUE(serialization::dump_binary(rg0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, rg1));
+ ASSERT_TRUE(!memcmp(&rg0, &rg1, sizeof(rg0)));
+
+ ASSERT_TRUE(serialization::dump_binary(s0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, s1));
+ ASSERT_TRUE(s0.type == s1.type);
+ ASSERT_TRUE(s0.p.rangeSigs.size() == s1.p.rangeSigs.size());
+ for (size_t n = 0; n < s0.p.rangeSigs.size(); ++n)
+ {
+ ASSERT_TRUE(!memcmp(&s0.p.rangeSigs[n], &s1.p.rangeSigs[n], sizeof(s0.p.rangeSigs[n])));
+ }
+ ASSERT_TRUE(s0.p.MGs.size() == s1.p.MGs.size());
+ ASSERT_TRUE(s0.p.MGs[0].ss.size() == s1.p.MGs[0].ss.size());
+ for (size_t n = 0; n < s0.p.MGs[0].ss.size(); ++n)
+ {
+ ASSERT_TRUE(s0.p.MGs[0].ss[n] == s1.p.MGs[0].ss[n]);
+ }
+ ASSERT_TRUE(s0.p.MGs[0].cc == s1.p.MGs[0].cc);
+ // mixRing and II are not serialized, they are meant to be reconstructed
+ ASSERT_TRUE(s1.p.MGs[0].II.empty());
+
+ // mixRing and II are not serialized, they are meant to be reconstructed
+ ASSERT_TRUE(s1.mixRing.size() == 0);
+
+ ASSERT_TRUE(s0.ecdhInfo.size() == s1.ecdhInfo.size());
+ for (size_t n = 0; n < s0.ecdhInfo.size(); ++n)
+ {
+ ASSERT_TRUE(!memcmp(&s0.ecdhInfo[n], &s1.ecdhInfo[n], sizeof(s0.ecdhInfo[n])));
+ }
+ ASSERT_TRUE(s0.outPk.size() == s1.outPk.size());
+ for (size_t n = 0; n < s0.outPk.size(); ++n)
+ {
+ // serialization only does the mask
+ ASSERT_TRUE(!memcmp(&s0.outPk[n].mask, &s1.outPk[n].mask, sizeof(s0.outPk[n].mask)));
+ }
+
+ tx0.set_null();
+ tx0.version = 2;
+ cryptonote::txin_to_key txin_to_key1;
+ txin_to_key1.key_offsets.resize(2);
+ cryptonote::txin_to_key txin_to_key2;
+ txin_to_key2.key_offsets.resize(2);
+ tx0.vin.push_back(txin_to_key1);
+ tx0.vin.push_back(txin_to_key2);
+ tx0.vout.push_back(cryptonote::tx_out());
+ tx0.rct_signatures = s0;
+ ASSERT_EQ(tx0.rct_signatures.p.rangeSigs.size(), 2);
+ ASSERT_TRUE(serialization::dump_binary(tx0, blob));
+ ASSERT_TRUE(serialization::parse_binary(blob, tx1));
+ ASSERT_EQ(tx1.rct_signatures.p.rangeSigs.size(), 2);
+ std::string blob2;
+ ASSERT_TRUE(serialization::dump_binary(tx1, blob2));
+ ASSERT_TRUE(blob == blob2);
+}