rct amount key modified as per luigi1111's recommendations

This allows the key to be not the same for two outputs sent to the same address (eg, if you pay yourself, and also get change back). Also remove the key amounts lists and return parameters since we don't actually generate random ones, so we don't need to save them as we can recalculate them when needed if we have the correct keys.
author: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2016-08-10 12:48:20 +0100
committer: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2016-08-28 21:30:19 +0100
commit: d4b62a1e295a7fb19de6081733b1d8e0610cbf08 (patch)
tree: a40178b339e35090117d3b3d2680a79a0bc28ac6 /src/simplewallet/simplewallet.cpp
parent: rct: rework v2 txes into prunable and non prunable data (diff)
download: monero-d4b62a1e295a7fb19de6081733b1d8e0610cbf08.tar.xz
1 files changed, 20 insertions, 8 deletions
diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp
index 9e7341451..7c5e8e541 100644
--- a/src/simplewallet/simplewallet.cpp
+++ b/src/simplewallet/simplewallet.cpp
@@ -3077,15 +3077,27 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
           try
           {
             rct::key Ctmp;
-            rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key)));
-            rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
-            rct::ecdhDecodeFromSharedSecret(ecdh_info, amount_key);
-            rct::key C = tx.rct_signatures.outPk[n].mask;
-            rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H);
-            if (rct::equalKeys(C, Ctmp))
-              amount = rct::h2d(ecdh_info.amount);
-            else
+            //rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key)));
+            crypto::key_derivation derivation;
+            bool r = crypto::generate_key_derivation(address.m_view_public_key, tx_key, derivation);
+            if (!r)
+            {
+              LOG_ERROR("Failed to generate key derivation to decode rct output " << n);
               amount = 0;
+            }
+            else
+            {
+              crypto::secret_key scalar1;
+              crypto::derivation_to_scalar(derivation, n, scalar1);
+              rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
+              rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1));
+              rct::key C = tx.rct_signatures.outPk[n].mask;
+              rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H);
+              if (rct::equalKeys(C, Ctmp))
+                amount = rct::h2d(ecdh_info.amount);
+              else
+                amount = 0;
+            }
           }
           catch (...) { amount = 0; }
         }
author	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2016-08-10 12:48:20 +0100
committer	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2016-08-28 21:30:19 +0100
commit	d4b62a1e295a7fb19de6081733b1d8e0610cbf08 (patch)
tree	a40178b339e35090117d3b3d2680a79a0bc28ac6 /src/simplewallet/simplewallet.cpp
parent	rct: rework v2 txes into prunable and non prunable data (diff)
download	monero-d4b62a1e295a7fb19de6081733b1d8e0610cbf08.tar.xz