diff options
author | koe <ukoe@protonmail.com> | 2021-08-02 23:27:43 -0500 |
---|---|---|
committer | koe <ukoe@protonmail.com> | 2022-02-22 16:37:42 -0600 |
commit | e08abaa43f2c534bf21c0ed59ba325538502007e (patch) | |
tree | e9df79c11b538a2672643526dd63b01354b11565 /tests/core_tests/multisig.cpp | |
parent | Merge pull request #7984 (diff) | |
download | monero-e08abaa43f2c534bf21c0ed59ba325538502007e.tar.xz |
multisig key exchange update and refactor
Diffstat (limited to 'tests/core_tests/multisig.cpp')
-rw-r--r-- | tests/core_tests/multisig.cpp | 126 |
1 files changed, 58 insertions, 68 deletions
diff --git a/tests/core_tests/multisig.cpp b/tests/core_tests/multisig.cpp index f098e1bce..73bc1f104 100644 --- a/tests/core_tests/multisig.cpp +++ b/tests/core_tests/multisig.cpp @@ -28,98 +28,88 @@ // // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers -#include "ringct/rctSigs.h" -#include "cryptonote_basic/cryptonote_basic.h" -#include "multisig/multisig.h" -#include "common/apply_permutation.h" #include "chaingen.h" #include "multisig.h" + +#include "common/apply_permutation.h" +#include "crypto/crypto.h" +#include "cryptonote_basic/cryptonote_basic.h" #include "device/device.hpp" +#include "multisig/multisig.h" +#include "multisig/multisig_account.h" +#include "multisig/multisig_kex_msg.h" +#include "ringct/rctOps.h" +#include "ringct/rctSigs.h" + using namespace epee; using namespace crypto; using namespace cryptonote; +using namespace multisig; //#define NO_MULTISIG -void make_multisig_accounts(std::vector<cryptonote::account_base>& account, uint32_t threshold) +static bool make_multisig_accounts(std::vector<cryptonote::account_base> &accounts, const uint32_t threshold) { - std::vector<crypto::secret_key> all_view_keys; - std::vector<std::vector<crypto::public_key>> derivations(account.size()); - //storage for all set of multisig derivations and spend public key (in first round) - std::unordered_set<crypto::public_key> exchanging_keys; + CHECK_AND_ASSERT_MES(accounts.size() > 0, false, "Invalid multisig scheme"); - for (size_t msidx = 0; msidx < account.size(); ++msidx) + std::vector<multisig_account> multisig_accounts; + std::vector<crypto::public_key> signers; + std::vector<multisig_kex_msg> round_msgs; + multisig_accounts.reserve(accounts.size()); + signers.reserve(accounts.size()); + round_msgs.reserve(accounts.size()); + + // create multisig accounts + for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index) { - crypto::secret_key vkh = cryptonote::get_multisig_blinded_secret_key(account[msidx].get_keys().m_view_secret_key); - all_view_keys.push_back(vkh); + // create account and collect signer + multisig_accounts.emplace_back( + multisig_account{ + get_multisig_blinded_secret_key(accounts[account_index].get_keys().m_spend_secret_key), + get_multisig_blinded_secret_key(accounts[account_index].get_keys().m_view_secret_key) + } + ); - crypto::secret_key skh = cryptonote::get_multisig_blinded_secret_key(account[msidx].get_keys().m_spend_secret_key); - crypto::public_key pskh; - crypto::secret_key_to_public_key(skh, pskh); + signers.emplace_back(multisig_accounts.back().get_base_pubkey()); - derivations[msidx].push_back(pskh); - exchanging_keys.insert(pskh); + // collect account's first kex msg + round_msgs.emplace_back(multisig_accounts.back().get_next_kex_round_msg()); } - uint32_t roundsTotal = 1; - if (threshold < account.size()) - roundsTotal = account.size() - threshold; - - //secret multisig keys of every account - std::vector<std::vector<crypto::secret_key>> multisig_keys(account.size()); - std::vector<crypto::secret_key> spend_skey(account.size()); - std::vector<crypto::public_key> spend_pkey(account.size()); - for (uint32_t round = 0; round < roundsTotal; ++round) + // initialize accounts and collect kex messages for the next round + std::vector<multisig_kex_msg> temp_round_msgs(multisig_accounts.size()); + for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index) { - std::unordered_set<crypto::public_key> roundKeys; - for (size_t msidx = 0; msidx < account.size(); ++msidx) - { - // subtracting one's keys from set of all unique keys is the same as key exchange - auto myKeys = exchanging_keys; - for (const auto& d: derivations[msidx]) - myKeys.erase(d); - - if (threshold == account.size()) - { - cryptonote::generate_multisig_N_N(account[msidx].get_keys(), std::vector<crypto::public_key>(myKeys.begin(), myKeys.end()), multisig_keys[msidx], (rct::key&)spend_skey[msidx], (rct::key&)spend_pkey[msidx]); - } - else - { - derivations[msidx] = cryptonote::generate_multisig_derivations(account[msidx].get_keys(), std::vector<crypto::public_key>(myKeys.begin(), myKeys.end())); - roundKeys.insert(derivations[msidx].begin(), derivations[msidx].end()); - } - } + multisig_accounts[account_index].initialize_kex(threshold, signers, round_msgs); - exchanging_keys = roundKeys; - roundKeys.clear(); + if (!multisig_accounts[account_index].multisig_is_ready()) + temp_round_msgs[account_index] = multisig_accounts[account_index].get_next_kex_round_msg(); } - std::unordered_set<crypto::public_key> all_multisig_keys; - for (size_t msidx = 0; msidx < account.size(); ++msidx) + // perform key exchange rounds + while (!multisig_accounts[0].multisig_is_ready()) { - std::unordered_set<crypto::secret_key> view_keys(all_view_keys.begin(), all_view_keys.end()); - view_keys.erase(all_view_keys[msidx]); + round_msgs = temp_round_msgs; - crypto::secret_key view_skey = cryptonote::generate_multisig_view_secret_key(account[msidx].get_keys().m_view_secret_key, std::vector<secret_key>(view_keys.begin(), view_keys.end())); - if (threshold < account.size()) + for (std::size_t account_index{0}; account_index < multisig_accounts.size(); ++account_index) { - multisig_keys[msidx] = cryptonote::calculate_multisig_keys(derivations[msidx]); - spend_skey[msidx] = cryptonote::calculate_multisig_signer_key(multisig_keys[msidx]); - } - account[msidx].make_multisig(view_skey, spend_skey[msidx], spend_pkey[msidx], multisig_keys[msidx]); - for (const auto &k: multisig_keys[msidx]) { - all_multisig_keys.insert(rct::rct2pk(rct::scalarmultBase(rct::sk2rct(k)))); + multisig_accounts[account_index].kex_update(round_msgs); + + if (!multisig_accounts[account_index].multisig_is_ready()) + temp_round_msgs[account_index] = multisig_accounts[account_index].get_next_kex_round_msg(); } } - if (threshold < account.size()) + // update accounts post key exchange + for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index) { - std::vector<crypto::public_key> public_keys(std::vector<crypto::public_key>(all_multisig_keys.begin(), all_multisig_keys.end())); - crypto::public_key spend_pkey = cryptonote::generate_multisig_M_N_spend_public_key(public_keys); - - for (size_t msidx = 0; msidx < account.size(); ++msidx) - account[msidx].finalize_multisig(spend_pkey); + accounts[account_index].make_multisig(multisig_accounts[account_index].get_common_privkey(), + multisig_accounts[account_index].get_base_privkey(), + multisig_accounts[account_index].get_multisig_pubkey(), + multisig_accounts[account_index].get_multisig_privkeys()); } + + return true; } //---------------------------------------------------------------------------------------------------------------------- @@ -238,13 +228,13 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry for (size_t n = 0; n < nlr; ++n) { account_k[msidx][tdidx].push_back(rct::rct2sk(rct::skGen())); - cryptonote::generate_multisig_LR(output_pub_key[tdidx], account_k[msidx][tdidx][n], account_L[msidx][tdidx][n], account_R[msidx][tdidx][n]); + multisig::generate_multisig_LR(output_pub_key[tdidx], account_k[msidx][tdidx][n], account_L[msidx][tdidx][n], account_R[msidx][tdidx][n]); } size_t numki = miner_account[msidx].get_multisig_keys().size(); account_ki[msidx][tdidx].resize(numki); for (size_t kiidx = 0; kiidx < numki; ++kiidx) { - r = cryptonote::generate_multisig_key_image(miner_account[msidx].get_keys(), kiidx, output_pub_key[tdidx], account_ki[msidx][tdidx][kiidx]); + r = multisig::generate_multisig_key_image(miner_account[msidx].get_keys(), kiidx, output_pub_key[tdidx], account_ki[msidx][tdidx][kiidx]); CHECK_AND_ASSERT_MES(r, false, "Failed to generate multisig export key image"); } MDEBUG("Party " << msidx << ":"); @@ -303,7 +293,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry for (size_t msidx = 0; msidx < total; ++msidx) for (size_t n = 0; n < account_ki[msidx][tdidx].size(); ++n) pkis.push_back(account_ki[msidx][tdidx][n]); - r = cryptonote::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki); + r = multisig::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki); CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image"); MDEBUG("composite ki: " << kLRki.ki); MDEBUG("L: " << kLRki.L); @@ -311,7 +301,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry for (size_t n = 1; n < total; ++n) { rct::key ki; - r = cryptonote::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki); + r = multisig::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki); CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image"); CHECK_AND_ASSERT_MES(kLRki.ki == ki, false, "Composite key images do not match"); } |