diff options
-rw-r--r-- | README.md | 4 | ||||
-rw-r--r-- | src/crypto/crypto_ops_builder/README.md | 21 | ||||
-rw-r--r-- | src/crypto/crypto_ops_builder/ref10CommentedCombined/description | 4 | ||||
-rw-r--r-- | src/crypto/crypto_ops_builder/ref10CommentedCombined/designers | 4 | ||||
-rw-r--r-- | src/p2p/net_node.h | 2 | ||||
-rw-r--r-- | src/p2p/net_node_common.h | 4 | ||||
-rw-r--r-- | src/rpc/core_rpc_server.cpp | 11 | ||||
-rw-r--r-- | src/wallet/wallet2.h | 3 | ||||
-rw-r--r-- | src/wallet/wallet_rpc_server.cpp | 16 |
9 files changed, 52 insertions, 17 deletions
@@ -35,9 +35,9 @@ Monero development can be supported directly through donations. Both Monero and Bitcoin donations can be made to donate.getmonero.org if using a client that supports the [OpenAlias](https://openalias.org) standard -The Monero donation address is: 46BeWrHpwXmHDpDEUmZBWZfoQpdc6HaERCNmx1pEYL2rAcuwufPN9rXHHtyUA4QVy66qeFQkn6sfK8aHYjA3jk3o1Bv16em (viewkey: e422831985c9205238ef84daf6805526c14d96fd7b059fe68c7ab98e495e5703) +The Monero donation address is: 44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A (viewkey: f359631075708155cc3d92a32b75a7d02a5dcf27756707b47a2b31b21c389501) -The Bitcoin donation address is: 1FhnVJi2V1k4MqXm2nHoEbY5LV7FPai7bb +The Bitcoin donation address is: 1KTexdemPdxSBcG55heUuTjDRYqbC5ZL8H Core development funding and/or some supporting services are also graciously provided by sponsors: diff --git a/src/crypto/crypto_ops_builder/README.md b/src/crypto/crypto_ops_builder/README.md new file mode 100644 index 000000000..eec3e21e7 --- /dev/null +++ b/src/crypto/crypto_ops_builder/README.md @@ -0,0 +1,21 @@ +# Monero + +Copyright (c) 2014-2016, The Monero Project + +## Crypto Ops Builder + +In order to ensure the safest implementation of the cryptography in use by Monero we have opted to use the SUPERCOP ref10 implementations wherever possible. The main reason is that SUPERCOP ref10 is old, well tested, and primarily the work of Daniel J. Bernstein and Tanja Lange (among others, see ```designers``` in the ref10 folder). This is particularly relevant, as the team that designed Curve25519 and EdDSA, both of which are at Monero's core, is the same team that created the SUPERCOP implementation. + +SUPERCOP ref10 is a fairly secure implementation that focuses on things like constant-time algorithms, to reduce side-channel attacks, sometimes at the cost of performance. However, we consider this a fair trade-off, especially considering that Monero is not that performance sensitive at this stage. In future we may consider faster implementations that still have a measure of safety against side-channel attacks. + +## Additional Cryptography + +Unfortunately SUPERCOP ref10 does not contain every function Monero's ```crypto-ops``` class needs. Thus there are several new files in the ```ref10CommentedCombined``` folder which allow for the class to be built during compilation. The original ref10 is included in the source tree in order to allow for a comparison to be made between the two, and also to allow for a quick comparison to be made between our in-source copy of SUPERCOP ref10 and an independently downloaded copy. + +## Usage + +The operation to produce the ```crypto-ops.c``` is automatic and part of the build process. If, however, you want to manually run the build process to verify the output, you can use ```MakeCryptoOps.py```. + +## Attribution + +The majority of the work we are using is from SUPERCOP, and copyrights and attribution fall to those developers and cryptographers. Beyond that we also include some of the original CryptoNote reference code. The entire build process, and all of the work analysing the functions and figuring out what comes from where, has been done by the Monero Research Lab. Shen Noether, in particular, deserves the bulk of the attribution for that. diff --git a/src/crypto/crypto_ops_builder/ref10CommentedCombined/description b/src/crypto/crypto_ops_builder/ref10CommentedCombined/description index 07bf45d05..fadc9f9af 100644 --- a/src/crypto/crypto_ops_builder/ref10CommentedCombined/description +++ b/src/crypto/crypto_ops_builder/ref10CommentedCombined/description @@ -1,7 +1,7 @@ shen_ed25519_ref10 -MakeCryptoOps.py makes crypto-ops.c in the monero source from the ref10 implementation +MakeCryptoOps.py makes crypto-ops.c in the Monero source from the ref10 implementation EdDSA signatures using Curve25519 from http://hyperelliptic.org/ebats/supercop-20141124.tar.bz2 -commented / combined by shen noether, monero research labs +Commented / combined by Shen Noether, Monero Research Lab diff --git a/src/crypto/crypto_ops_builder/ref10CommentedCombined/designers b/src/crypto/crypto_ops_builder/ref10CommentedCombined/designers index 63781c08f..8ee9c735f 100644 --- a/src/crypto/crypto_ops_builder/ref10CommentedCombined/designers +++ b/src/crypto/crypto_ops_builder/ref10CommentedCombined/designers @@ -5,5 +5,5 @@ Tanja Lange Peter Schwabe Bo-Yin Yang -MakeCryptoOps.py -Shen Noether monero research labs +MakeCryptoOps.py: +Shen Noether, Monero Research Labs diff --git a/src/p2p/net_node.h b/src/p2p/net_node.h index 260dd813d..5943c248f 100644 --- a/src/p2p/net_node.h +++ b/src/p2p/net_node.h @@ -120,7 +120,7 @@ namespace nodetool void delete_connections(size_t count); virtual bool block_ip(uint32_t adress, time_t seconds = P2P_IP_BLOCKTIME); virtual bool unblock_ip(uint32_t address); - virtual std::map<uint32_t, time_t> get_blocked_ips() const { return m_blocked_ips; } + virtual std::map<uint32_t, time_t> get_blocked_ips() { CRITICAL_REGION_LOCAL(m_blocked_ips_lock); return m_blocked_ips; } private: const std::vector<std::string> m_seed_nodes_list = { "seeds.moneroseeds.se" diff --git a/src/p2p/net_node_common.h b/src/p2p/net_node_common.h index 68b0bd1ee..5e7645365 100644 --- a/src/p2p/net_node_common.h +++ b/src/p2p/net_node_common.h @@ -52,7 +52,7 @@ namespace nodetool virtual void for_each_connection(std::function<bool(t_connection_context&, peerid_type)> f)=0; virtual bool block_ip(uint32_t adress, time_t seconds = 0)=0; virtual bool unblock_ip(uint32_t adress)=0; - virtual std::map<uint32_t, time_t> get_blocked_ips()const=0; + virtual std::map<uint32_t, time_t> get_blocked_ips()=0; virtual bool add_ip_fail(uint32_t adress)=0; }; @@ -96,7 +96,7 @@ namespace nodetool { return true; } - virtual std::map<uint32_t, time_t> get_blocked_ips() const + virtual std::map<uint32_t, time_t> get_blocked_ips() { return std::map<uint32_t, time_t>(); } diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp index 3ce4e6006..d9419b2bc 100644 --- a/src/rpc/core_rpc_server.cpp +++ b/src/rpc/core_rpc_server.cpp @@ -950,13 +950,16 @@ namespace cryptonote return false; } + auto now = time(nullptr); std::map<uint32_t, time_t> blocked_ips = m_p2p.get_blocked_ips(); for (std::map<uint32_t, time_t>::const_iterator i = blocked_ips.begin(); i != blocked_ips.end(); ++i) { - COMMAND_RPC_GETBANS::ban b; - b.ip = i->first; - b.seconds = i->second; - res.bans.push_back(b); + if (i->second > now) { + COMMAND_RPC_GETBANS::ban b; + b.ip = i->first; + b.seconds = i->second - now; + res.bans.push_back(b); + } } res.status = CORE_RPC_STATUS_OK; diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index c79da2e15..6c689d4ba 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -348,6 +348,8 @@ namespace tools bool get_tx_key(const crypto::hash &txid, crypto::secret_key &tx_key) const; + bool use_fork_rules(uint8_t version); + private: /*! * \brief Stores wallet information to wallet file. @@ -384,7 +386,6 @@ namespace tools crypto::hash get_payment_id(const pending_tx &ptx) const; void check_acc_out(const cryptonote::account_keys &acc, const cryptonote::tx_out &o, const crypto::public_key &tx_pub_key, size_t i, uint64_t &money_transfered, bool &error) const; void parse_block_round(const cryptonote::blobdata &blob, cryptonote::block &bl, crypto::hash &bl_id, bool &error) const; - bool use_fork_rules(uint8_t version); uint64_t get_upper_tranaction_size_limit(); void check_pending_txes(); diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp index ac13d8021..418de327c 100644 --- a/src/wallet/wallet_rpc_server.cpp +++ b/src/wallet/wallet_rpc_server.cpp @@ -227,7 +227,12 @@ namespace tools try { - std::vector<wallet2::pending_tx> ptx_vector = m_wallet.create_transactions(dsts, req.mixin, req.unlock_time, req.fee, extra); + uint64_t mixin = req.mixin; + if (mixin < 2 && m_wallet.use_fork_rules(2)) { + LOG_PRINT_L1("Requested mixin " << req.mixin << " too low for hard fork 2, using 2"); + mixin = 2; + } + std::vector<wallet2::pending_tx> ptx_vector = m_wallet.create_transactions(dsts, mixin, req.unlock_time, req.fee, extra); // reject proposed transactions if there are more than one. see on_transfer_split below. if (ptx_vector.size() != 1) @@ -287,11 +292,16 @@ namespace tools try { + uint64_t mixin = req.mixin; + if (mixin < 2 && m_wallet.use_fork_rules(2)) { + LOG_PRINT_L1("Requested mixin " << req.mixin << " too low for hard fork 2, using 2"); + mixin = 2; + } std::vector<wallet2::pending_tx> ptx_vector; if (req.new_algorithm) - ptx_vector = m_wallet.create_transactions_2(dsts, req.mixin, req.unlock_time, req.fee, extra); + ptx_vector = m_wallet.create_transactions_2(dsts, mixin, req.unlock_time, req.fee, extra); else - ptx_vector = m_wallet.create_transactions(dsts, req.mixin, req.unlock_time, req.fee, extra); + ptx_vector = m_wallet.create_transactions(dsts, mixin, req.unlock_time, req.fee, extra); m_wallet.commit_tx(ptx_vector); |