diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-12-09 15:22:24 +0000 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-12-09 15:30:15 +0000 |
commit | 8d4469a0acc21781f78a92397e6d77928755a367 (patch) | |
tree | f6f53801cccc1c0c5d2b81ddb6c008f32fae11cc /src | |
parent | Merge pull request #2883 (diff) | |
download | monero-8d4469a0acc21781f78a92397e6d77928755a367.tar.xz |
ringct: do not include bulletproof commitments in signed message
Those are not serialized, but are restored from the outPk masks,
so depending on what tries to validate the tx, those commitments
may or may not be filled with valid data at the time. The outPk
masks are already hashed as part of the rctSigBase field.
Diffstat (limited to 'src')
-rw-r--r-- | src/ringct/rctSigs.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index cfb4aaf97..65b8d7166 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -347,11 +347,11 @@ namespace rct { keyV kv; if (rv.type == RCTTypeSimpleBulletproof || rv.type == RCTTypeFullBulletproof) { - kv.reserve((6*2+10) * rv.p.bulletproofs.size()); + kv.reserve((6*2+9) * rv.p.bulletproofs.size()); for (const auto &p: rv.p.bulletproofs) { - for (size_t n = 0; n < p.V.size(); ++n) - kv.push_back(p.V[n]); + // V are not hashed as they're expanded from outPk.mask + // (and thus hashed as part of rctSigBase above) kv.push_back(p.A); kv.push_back(p.S); kv.push_back(p.T1); |