diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-09-26 23:16:25 +0100 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-12-17 16:12:15 +0000 |
commit | 66e34e85b1ef3e49ea9290bd69cce2974840fc32 (patch) | |
tree | 618a7336e476189da36fb62f0df06e0fdb7b3809 /src/wallet/wallet2.cpp | |
parent | N-1/N multisig (diff) | |
download | monero-66e34e85b1ef3e49ea9290bd69cce2974840fc32.tar.xz |
add multisig core test and factor multisig building blocks
Diffstat (limited to '')
-rw-r--r-- | src/wallet/wallet2.cpp | 120 |
1 files changed, 37 insertions, 83 deletions
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index 807248860..2bba6f9e1 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -46,6 +46,7 @@ using namespace epee; #include "rpc/core_rpc_server_commands_defs.h" #include "misc_language.h" #include "cryptonote_basic/cryptonote_basic_impl.h" +#include "multisig/multisig.h" #include "common/boost_serialization_helper.h" #include "common/command_line.h" #include "common/threadpool.h" @@ -526,24 +527,9 @@ uint8_t get_bulletproof_fork(bool testnet) return 255; // TODO } -bool generate_key_image_helper_old(const account_keys& ack, const crypto::public_key& tx_public_key, size_t real_output_index, keypair& in_ephemeral, crypto::key_image& ki) -{ - crypto::key_derivation recv_derivation = AUTO_VAL_INIT(recv_derivation); - bool r = crypto::generate_key_derivation(tx_public_key, ack.m_view_secret_key, recv_derivation); - CHECK_AND_ASSERT_MES(r, false, "key image helper: failed to generate_key_derivation(" << tx_public_key << ", " << ack.m_view_secret_key << ")"); - - r = crypto::derive_public_key(recv_derivation, real_output_index, ack.m_account_address.m_spend_public_key, in_ephemeral.pub); - CHECK_AND_ASSERT_MES(r, false, "key image helper: failed to derive_public_key(" << recv_derivation << ", " << real_output_index << ", " << ack.m_account_address.m_spend_public_key << ")"); - - crypto::derive_secret_key(recv_derivation, real_output_index, ack.m_spend_secret_key, in_ephemeral.sec); - - crypto::generate_key_image(in_ephemeral.pub, in_ephemeral.sec, ki); - return true; -} - bool wallet_generate_key_image_helper_old(const cryptonote::account_keys& ack, const crypto::public_key& tx_public_key, size_t real_output_index, cryptonote::keypair& in_ephemeral, crypto::key_image& ki, bool multisig_export = false) { - if (!generate_key_image_helper_old(ack, tx_public_key, real_output_index, in_ephemeral, ki)) + if (!cryptonote::generate_key_image_helper_old(ack, tx_public_key, real_output_index, in_ephemeral, ki)) return false; if (multisig_export) { @@ -909,6 +895,12 @@ static uint64_t decodeRct(const rct::rctSig & rv, const crypto::key_derivation & } } //---------------------------------------------------------------------------------------------------- +bool wallet2::wallet_generate_key_image_helper_export(const cryptonote::account_keys& ack, const crypto::public_key& tx_public_key, size_t real_output_index, cryptonote::keypair& in_ephemeral, crypto::key_image& ki, size_t multisig_key_index) const +{ + THROW_WALLET_EXCEPTION_IF(multisig_key_index >= ack.m_multisig_keys.size(), error::wallet_internal_error, "Bad multisig_key_index"); + return cryptonote::generate_multisig_key_image(ack, tx_public_key, real_output_index, in_ephemeral, ki, multisig_key_index); +} +//---------------------------------------------------------------------------------------------------- void wallet2::scan_output(const cryptonote::account_keys &keys, const cryptonote::transaction &tx, const crypto::public_key &tx_pub_key, size_t i, tx_scan_info_t &tx_scan_info, int &num_vouts_received, std::unordered_map<cryptonote::subaddress_index, uint64_t> &tx_money_got_in_outs, std::vector<size_t> &outs) { bool r; @@ -2804,29 +2796,11 @@ std::string wallet2::make_multisig(const epee::wipeable_string &password, rct::key spend_pkey, spend_skey; if (threshold == spend_keys.size() + 1) { - // the multisig spend public key is the sum of all spend public keys - spend_pkey = rct::pk2rct(get_account().get_keys().m_account_address.m_spend_public_key); - for (const auto &k: spend_keys) - rct::addKeys(spend_pkey, spend_pkey, rct::pk2rct(k)); - multisig_keys.push_back(get_account().get_keys().m_spend_secret_key); - spend_skey = rct::sk2rct(get_account().get_keys().m_spend_secret_key); + cryptonote::generate_multisig_N_N(get_account().get_keys(), spend_keys, multisig_keys, spend_skey, spend_pkey); } else if (threshold == spend_keys.size()) { - spend_pkey = rct::identity(); - spend_skey = rct::zero(); - - // create all our composite private keys - for (const auto &k: spend_keys) - { - rct::keyV data; - data.push_back(rct::scalarmultKey(rct::pk2rct(k), rct::sk2rct(get_account().get_keys().m_spend_secret_key))); - static const rct::key salt = { {'M', 'u', 'l', 't' , 'i', 's', 'i', 'g' , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 , 0x00, 0x00, 0x00,0x00 } }; - data.push_back(salt); - rct::key msk = rct::hash_to_scalar(data); - multisig_keys.push_back(rct::rct2sk(msk)); - sc_add(spend_skey.bytes, spend_skey.bytes, msk.bytes); - } + cryptonote::generate_multisig_N1_N(get_account().get_keys(), spend_keys, multisig_keys, spend_skey, spend_pkey); // We need an extra step, so we package all the composite public keys // we know about, and make a signed string out of them @@ -2856,13 +2830,10 @@ std::string wallet2::make_multisig(const epee::wipeable_string &password, // the multisig view key is shared by all, make one all can derive MINFO("Creating view key..."); - crypto::cn_fast_hash(&get_account().get_keys().m_view_secret_key, sizeof(crypto::secret_key), hash); - rct::key view_skey = rct::hash2rct(hash); - for (const auto &k: view_keys) - sc_add(view_skey.bytes, view_skey.bytes, rct::sk2rct(k).bytes); + crypto::secret_key view_skey = cryptonote::generate_multisig_view_secret_key(get_account().get_keys().m_view_secret_key, view_keys); MINFO("Creating multisig address..."); - CHECK_AND_ASSERT_THROW_MES(m_account.make_multisig(rct::rct2sk(view_skey), rct::rct2sk(spend_skey), rct::rct2pk(spend_pkey), multisig_keys), + CHECK_AND_ASSERT_THROW_MES(m_account.make_multisig(view_skey, rct::rct2sk(spend_skey), rct::rct2pk(spend_pkey), multisig_keys), "Failed to create multisig wallet due to bad keys"); m_account_public_address = m_account.get_keys().m_account_address; @@ -2916,15 +2887,12 @@ bool wallet2::finalize_multisig(const epee::wipeable_string &password, std::unor CHECK_AND_ASSERT_THROW_MES(signers.size() == m_multisig_signers.size(), "Bad signers size"); - rct::key spend_public_key = rct::identity(); - for (const auto &pk: pkeys) - { - rct::addKeys(spend_public_key, spend_public_key, rct::pk2rct(pk)); - } + crypto::public_key spend_public_key = cryptonote::generate_multisig_N1_N_spend_public_key(std::vector<crypto::public_key>(pkeys.begin(), pkeys.end())); + m_account_public_address.m_spend_public_key = spend_public_key; + m_account.finalize_multisig(spend_public_key); + m_multisig_signers = signers; std::sort(m_multisig_signers.begin(), m_multisig_signers.end(), [](const crypto::public_key &e0, const crypto::public_key &e1){ return memcmp(&e0, &e1, sizeof(e0)); }); - m_account_public_address.m_spend_public_key = rct::rct2pk(spend_public_key); - m_account.finalize_multisig(m_account_public_address.m_spend_public_key); if (!m_wallet_file.empty()) { @@ -2946,14 +2914,20 @@ bool wallet2::finalize_multisig(const epee::wipeable_string &password, std::unor return true; } -bool wallet2::wallet_generate_key_image_helper_export(const cryptonote::account_keys& ack, const crypto::public_key& tx_public_key, size_t real_output_index, cryptonote::keypair& in_ephemeral, crypto::key_image& ki, size_t multisig_key_index) const +bool wallet2::finalize_multisig(const epee::wipeable_string &password, const std::vector<std::string> &info) { - THROW_WALLET_EXCEPTION_IF(multisig_key_index >= ack.m_multisig_keys.size(), error::wallet_internal_error, "Bad multisig_key_index"); - if (!generate_key_image_helper_old(ack, tx_public_key, real_output_index, in_ephemeral, ki)) - return false; - // we got the ephemeral keypair, but the key image isn't right as it's done as per our private spend key, which is multisig - crypto::generate_key_image(in_ephemeral.pub, ack.m_multisig_keys[multisig_key_index], ki); - return true; + // parse all multisig info + std::unordered_set<crypto::public_key> public_keys; + std::vector<crypto::public_key> signers(info.size(), crypto::null_pkey); + for (size_t i = 0; i < info.size(); ++i) + { + if (!verify_extra_multisig_info(info[i], public_keys, signers[i])) + { + MERROR("Bad multisig info"); + return false; + } + } + return finalize_multisig(password, public_keys, signers); } std::string wallet2::get_multisig_info() const @@ -4657,7 +4631,7 @@ bool wallet2::sign_multisig_tx(multisig_tx_set &exported_txs, std::vector<crypto return true; } //---------------------------------------------------------------------------------------------------- -bool wallet2::sign_multisig_tx_from_file(multisig_tx_set &exported_txs, const std::string &filename, std::vector<crypto::hash> &txids) +bool wallet2::sign_multisig_tx_to_file(multisig_tx_set &exported_txs, const std::string &filename, std::vector<crypto::hash> &txids) { bool r = sign_multisig_tx(exported_txs, txids); if (!r) @@ -4684,7 +4658,7 @@ bool wallet2::sign_multisig_tx_from_file(const std::string &filename, std::vecto LOG_PRINT_L1("Transactions rejected by callback"); return false; } - return sign_multisig_tx_from_file(exported_txs, filename, txids); + return sign_multisig_tx_to_file(exported_txs, filename, txids); } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::get_fee_multiplier(uint32_t priority, int fee_algorithm) @@ -5591,7 +5565,7 @@ void wallet2::transfer_selected_rct(std::vector<cryptonote::tx_destination_entry LOG_PRINT_L2("Creating supplementary multisig transaction"); cryptonote::transaction ms_tx; auto sources_copy_copy = sources_copy; - bool r = cryptonote::construct_tx_with_tx_key(m_account.get_keys(), m_subaddresses, sources_copy_copy, splitted_dsts, change_dts.addr, extra, ms_tx, unlock_time,tx_key, additional_tx_keys, true, &msout); + bool r = cryptonote::construct_tx_with_tx_key(m_account.get_keys(), m_subaddresses, sources_copy_copy, splitted_dsts, change_dts.addr, extra, ms_tx, unlock_time,tx_key, additional_tx_keys, true, bulletproof, &msout); LOG_PRINT_L2("constructed tx, r="<<r); THROW_WALLET_EXCEPTION_IF(!r, error::tx_not_constructed, sources, splitted_dsts, unlock_time, m_testnet); THROW_WALLET_EXCEPTION_IF(upper_transaction_size_limit <= get_object_blobsize(tx), error::tx_too_big, tx, upper_transaction_size_limit); @@ -8357,8 +8331,7 @@ rct::multisig_kLRki wallet2::get_multisig_kLRki(size_t n, const rct::key &k) con CHECK_AND_ASSERT_THROW_MES(n < m_transfers.size(), "Bad m_transfers index"); rct::multisig_kLRki kLRki; kLRki.k = k; - rct::scalarmultBase(kLRki.L, kLRki.k); - crypto::generate_key_image(m_transfers[n].get_public_key(), rct::rct2sk(kLRki.k), (crypto::key_image&)kLRki.R); + cryptonote::generate_multisig_LR(m_transfers[n].get_public_key(), rct::rct2sk(kLRki.k), (crypto::public_key&)kLRki.L, (crypto::public_key&)kLRki.R); kLRki.ki = rct::ki2rct(m_transfers[n].m_key_image); return kLRki; } @@ -8399,32 +8372,13 @@ crypto::key_image wallet2::get_multisig_composite_key_image(size_t n) const const transfer_details &td = m_transfers[n]; crypto::public_key tx_key = get_tx_pub_key_from_received_outs(td); - cryptonote::keypair in_ephemeral; crypto::key_image ki; - bool r = wallet_generate_key_image_helper_old(get_account().get_keys(), tx_key, td.m_internal_output_index, in_ephemeral, ki); - CHECK_AND_ASSERT_THROW_MES(r, "Failed to generate key image"); - std::unordered_set<crypto::key_image> used; - - // insert the ones we start from - for (size_t m = 0; m < get_account().get_multisig_keys().size(); ++m) - { - crypto::key_image pki; - wallet_generate_key_image_helper_export(get_account().get_keys(), tx_key, td.m_internal_output_index, in_ephemeral, pki, m); - used.insert(pki); - } - + std::vector<crypto::key_image> pkis; for (const auto &info: td.m_multisig_info) - { for (const auto &pki: info.m_partial_key_images) - { - // don't add duplicates again - if (used.find(pki) != used.end()) - continue; - used.insert(pki); - - rct::addKeys((rct::key&)ki, rct::ki2rct(ki), rct::ki2rct(pki)); - } - } + pkis.push_back(pki); + bool r = cryptonote::generate_multisig_composite_key_image(get_account().get_keys(), tx_key, td.m_internal_output_index, pkis, ki); + THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "Failed to generate key image"); return ki; } //---------------------------------------------------------------------------------------------------- |