aboutsummaryrefslogtreecommitdiff
path: root/src/wallet
diff options
context:
space:
mode:
Diffstat (limited to 'src/wallet')
-rw-r--r--src/wallet/CMakeLists.txt15
-rw-r--r--src/wallet/message_store.cpp1445
-rw-r--r--src/wallet/message_store.h420
-rw-r--r--src/wallet/message_transporter.cpp317
-rw-r--r--src/wallet/message_transporter.h113
-rw-r--r--src/wallet/wallet2.cpp217
-rw-r--r--src/wallet/wallet2.h51
-rw-r--r--src/wallet/wallet_errors.h33
-rw-r--r--src/wallet/wallet_rpc_server.cpp3
9 files changed, 2585 insertions, 29 deletions
diff --git a/src/wallet/CMakeLists.txt b/src/wallet/CMakeLists.txt
index 4e3fb1ae5..2991f75c5 100644
--- a/src/wallet/CMakeLists.txt
+++ b/src/wallet/CMakeLists.txt
@@ -34,7 +34,10 @@ set(wallet_sources
wallet2.cpp
wallet_args.cpp
ringdb.cpp
- node_rpc_proxy.cpp)
+ node_rpc_proxy.cpp
+ message_store.cpp
+ message_transporter.cpp
+)
set(wallet_private_headers
wallet2.h
@@ -44,7 +47,9 @@ set(wallet_private_headers
wallet_rpc_server_commands_defs.h
wallet_rpc_server_error_codes.h
ringdb.h
- node_rpc_proxy.h)
+ node_rpc_proxy.h
+ message_store.h
+ message_transporter.h)
monero_private_headers(wallet
${wallet_private_headers})
@@ -134,6 +139,12 @@ if (BUILD_GUI_DEPS)
endif()
install(TARGETS wallet_merged
ARCHIVE DESTINATION ${lib_folder})
+
+ install(FILES ${TREZOR_DEP_LIBS}
+ DESTINATION ${lib_folder})
+ file(WRITE "trezor_link_flags.txt" ${TREZOR_DEP_LINKER})
+ install(FILES "trezor_link_flags.txt"
+ DESTINATION ${lib_folder})
endif()
add_subdirectory(api)
diff --git a/src/wallet/message_store.cpp b/src/wallet/message_store.cpp
new file mode 100644
index 000000000..ce6f4f52b
--- /dev/null
+++ b/src/wallet/message_store.cpp
@@ -0,0 +1,1445 @@
+// Copyright (c) 2018, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "message_store.h"
+#include <boost/archive/portable_binary_oarchive.hpp>
+#include <boost/archive/portable_binary_iarchive.hpp>
+#include <boost/format.hpp>
+#include <boost/algorithm/string.hpp>
+#include <fstream>
+#include <sstream>
+#include "file_io_utils.h"
+#include "storages/http_abstract_invoke.h"
+#include "wallet_errors.h"
+#include "serialization/binary_utils.h"
+#include "common/base58.h"
+#include "common/util.h"
+#include "string_tools.h"
+
+
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "wallet.mms"
+
+namespace mms
+{
+
+message_store::message_store()
+{
+ m_active = false;
+ m_auto_send = false;
+ m_next_message_id = 1;
+ m_num_authorized_signers = 0;
+ m_num_required_signers = 0;
+ m_nettype = cryptonote::network_type::UNDEFINED;
+ m_run = true;
+}
+
+namespace
+{
+ // MMS options handling mirrors what "wallet2" is doing for its options, on-demand init and all
+ // It's not very clean to initialize Bitmessage-specific options here, but going one level further
+ // down still into "message_transporter" for that is a little bit too much
+ struct options
+ {
+ const command_line::arg_descriptor<std::string> bitmessage_address = {"bitmessage-address", mms::message_store::tr("Use PyBitmessage instance at URL <arg>"), "http://localhost:8442/"};
+ const command_line::arg_descriptor<std::string> bitmessage_login = {"bitmessage-login", mms::message_store::tr("Specify <arg> as username:password for PyBitmessage API"), "username:password"};
+ };
+}
+
+void message_store::init_options(boost::program_options::options_description& desc_params)
+{
+ const options opts{};
+ command_line::add_arg(desc_params, opts.bitmessage_address);
+ command_line::add_arg(desc_params, opts.bitmessage_login);
+}
+
+void message_store::init(const multisig_wallet_state &state, const std::string &own_label,
+ const std::string &own_transport_address, uint32_t num_authorized_signers, uint32_t num_required_signers)
+{
+ m_num_authorized_signers = num_authorized_signers;
+ m_num_required_signers = num_required_signers;
+ m_signers.clear();
+ m_messages.clear();
+ m_next_message_id = 1;
+
+ // The vector "m_signers" gets here once the required number of elements, one for each authorized signer,
+ // and is never changed again. The rest of the code relies on "size(m_signers) == m_num_authorized_signers"
+ // without further checks.
+ authorized_signer signer;
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ signer.me = signer.index == 0; // Strict convention: The very first signer is fixed as / must be "me"
+ m_signers.push_back(signer);
+ signer.index++;
+ }
+
+ set_signer(state, 0, own_label, own_transport_address, state.address);
+
+ m_nettype = state.nettype;
+ set_active(true);
+ m_filename = state.mms_file;
+ save(state);
+}
+
+void message_store::set_options(const boost::program_options::variables_map& vm)
+{
+ const options opts{};
+ std::string bitmessage_address = command_line::get_arg(vm, opts.bitmessage_address);
+ epee::wipeable_string bitmessage_login = command_line::get_arg(vm, opts.bitmessage_login);
+ set_options(bitmessage_address, bitmessage_login);
+}
+
+void message_store::set_options(const std::string &bitmessage_address, const epee::wipeable_string &bitmessage_login)
+{
+ m_transporter.set_options(bitmessage_address, bitmessage_login);
+}
+
+void message_store::set_signer(const multisig_wallet_state &state,
+ uint32_t index,
+ const boost::optional<std::string> &label,
+ const boost::optional<std::string> &transport_address,
+ const boost::optional<cryptonote::account_public_address> monero_address)
+{
+ THROW_WALLET_EXCEPTION_IF(index >= m_num_authorized_signers, tools::error::wallet_internal_error, "Invalid signer index " + index);
+ authorized_signer &m = m_signers[index];
+ if (label)
+ {
+ m.label = label.get();
+ }
+ if (transport_address)
+ {
+ m.transport_address = transport_address.get();
+ }
+ if (monero_address)
+ {
+ m.monero_address_known = true;
+ m.monero_address = monero_address.get();
+ }
+ // Save to minimize the chance to loose that info (at least while in beta)
+ save(state);
+}
+
+const authorized_signer &message_store::get_signer(uint32_t index) const
+{
+ THROW_WALLET_EXCEPTION_IF(index >= m_num_authorized_signers, tools::error::wallet_internal_error, "Invalid signer index " + index);
+ return m_signers[index];
+}
+
+bool message_store::signer_config_complete() const
+{
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = m_signers[i];
+ if (m.label.empty() || m.transport_address.empty() || !m.monero_address_known)
+ {
+ return false;
+ }
+ }
+ return true;
+}
+
+// Check if all signers have a label set (as it's a requirement for starting auto-config
+// by the "manager")
+bool message_store::signer_labels_complete() const
+{
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = m_signers[i];
+ if (m.label.empty())
+ {
+ return false;
+ }
+ }
+ return true;
+}
+
+void message_store::get_signer_config(std::string &signer_config)
+{
+ std::stringstream oss;
+ boost::archive::portable_binary_oarchive ar(oss);
+ ar << m_signers;
+ signer_config = oss.str();
+}
+
+void message_store::unpack_signer_config(const multisig_wallet_state &state, const std::string &signer_config,
+ std::vector<authorized_signer> &signers)
+{
+ try
+ {
+ std::stringstream iss;
+ iss << signer_config;
+ boost::archive::portable_binary_iarchive ar(iss);
+ ar >> signers;
+ }
+ catch (...)
+ {
+ THROW_WALLET_EXCEPTION_IF(true, tools::error::wallet_internal_error, "Invalid structure of signer config");
+ }
+ uint32_t num_signers = (uint32_t)signers.size();
+ THROW_WALLET_EXCEPTION_IF(num_signers != m_num_authorized_signers, tools::error::wallet_internal_error, "Wrong number of signers in config: " + num_signers);
+}
+
+void message_store::process_signer_config(const multisig_wallet_state &state, const std::string &signer_config)
+{
+ // The signers in "signer_config" and the resident wallet signers are matched not by label, but
+ // by Monero address, and ALL labels will be set from "signer_config", even the "me" label.
+ // In the auto-config process as implemented now the auto-config manager is responsible for defining
+ // the labels, and right at the end of the process ALL wallets use the SAME labels. The idea behind this
+ // is preventing problems like duplicate labels and confusion (Bob choosing a label "IamAliceHonest").
+ // (Of course signers are free to re-define any labels they don't like AFTER auto-config.)
+ //
+ // Usually this method will be called with only the "me" signer defined in the wallet, and may
+ // produce unexpected behaviour if that wallet contains additional signers that have nothing to do with
+ // those arriving in "signer_config".
+ std::vector<authorized_signer> signers;
+ unpack_signer_config(state, signer_config, signers);
+
+ uint32_t new_index = 1;
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = signers[i];
+ uint32_t index;
+ uint32_t take_index;
+ bool found = get_signer_index_by_monero_address(m.monero_address, index);
+ if (found)
+ {
+ // Redefine existing (probably "me", under usual circumstances)
+ take_index = index;
+ }
+ else
+ {
+ // Add new; neglect that we may erroneously overwrite already defined signers
+ // (but protect "me")
+ take_index = new_index;
+ if ((new_index + 1) < m_num_authorized_signers)
+ {
+ new_index++;
+ }
+ }
+ authorized_signer &modify = m_signers[take_index];
+ modify.label = m.label; // ALWAYS set label, see comments above
+ if (!modify.me)
+ {
+ modify.transport_address = m.transport_address;
+ modify.monero_address_known = m.monero_address_known;
+ if (m.monero_address_known)
+ {
+ modify.monero_address = m.monero_address;
+ }
+ }
+ }
+ save(state);
+}
+
+void message_store::start_auto_config(const multisig_wallet_state &state)
+{
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ authorized_signer &m = m_signers[i];
+ if (!m.me)
+ {
+ setup_signer_for_auto_config(i, create_auto_config_token(), true);
+ }
+ m.auto_config_running = true;
+ }
+ save(state);
+}
+
+// Check auto-config token string and convert to standardized form;
+// Try to make it as foolproof as possible, with built-in tolerance to make up for
+// errors in transmission that still leave the token recognizable.
+bool message_store::check_auto_config_token(const std::string &raw_token,
+ std::string &adjusted_token) const
+{
+ std::string prefix(AUTO_CONFIG_TOKEN_PREFIX);
+ uint32_t num_hex_digits = (AUTO_CONFIG_TOKEN_BYTES + 1) * 2;
+ uint32_t full_length = num_hex_digits + prefix.length();
+ uint32_t raw_length = raw_token.length();
+ std::string hex_digits;
+
+ if (raw_length == full_length)
+ {
+ // Prefix must be there; accept it in any casing
+ std::string raw_prefix(raw_token.substr(0, 3));
+ boost::algorithm::to_lower(raw_prefix);
+ if (raw_prefix != prefix)
+ {
+ return false;
+ }
+ hex_digits = raw_token.substr(3);
+ }
+ else if (raw_length == num_hex_digits)
+ {
+ // Accept the token without the prefix if it's otherwise ok
+ hex_digits = raw_token;
+ }
+ else
+ {
+ return false;
+ }
+
+ // Convert to strict lowercase and correct any common misspellings
+ boost::algorithm::to_lower(hex_digits);
+ std::replace(hex_digits.begin(), hex_digits.end(), 'o', '0');
+ std::replace(hex_digits.begin(), hex_digits.end(), 'i', '1');
+ std::replace(hex_digits.begin(), hex_digits.end(), 'l', '1');
+
+ // Now it must be correct hex with correct checksum, no further tolerance possible
+ std::string token_bytes;
+ if (!epee::string_tools::parse_hexstr_to_binbuff(hex_digits, token_bytes))
+ {
+ return false;
+ }
+ const crypto::hash &hash = crypto::cn_fast_hash(token_bytes.data(), token_bytes.size() - 1);
+ if (token_bytes[AUTO_CONFIG_TOKEN_BYTES] != hash.data[0])
+ {
+ return false;
+ }
+ adjusted_token = prefix + hex_digits;
+ return true;
+}
+
+// Create a new auto-config token with prefix, random 8-hex digits plus 2 checksum digits
+std::string message_store::create_auto_config_token()
+{
+ unsigned char random[AUTO_CONFIG_TOKEN_BYTES];
+ crypto::rand(AUTO_CONFIG_TOKEN_BYTES, random);
+ std::string token_bytes;
+ token_bytes.append((char *)random, AUTO_CONFIG_TOKEN_BYTES);
+
+ // Add a checksum because technically ANY four bytes are a valid token, and without a checksum we would send
+ // auto-config messages "to nowhere" after the slightest typo without knowing it
+ const crypto::hash &hash = crypto::cn_fast_hash(token_bytes.data(), token_bytes.size());
+ token_bytes += hash.data[0];
+ std::string prefix(AUTO_CONFIG_TOKEN_PREFIX);
+ return prefix + epee::string_tools::buff_to_hex_nodelimer(token_bytes);
+}
+
+// Add a message for sending "me" address data to the auto-config transport address
+// that can be derived from the token and activate auto-config
+size_t message_store::add_auto_config_data_message(const multisig_wallet_state &state,
+ const std::string &auto_config_token)
+{
+ authorized_signer &me = m_signers[0];
+ me.auto_config_token = auto_config_token;
+ setup_signer_for_auto_config(0, auto_config_token, false);
+ me.auto_config_running = true;
+
+ auto_config_data data;
+ data.label = me.label;
+ data.transport_address = me.transport_address;
+ data.monero_address = me.monero_address;
+
+ std::stringstream oss;
+ boost::archive::portable_binary_oarchive ar(oss);
+ ar << data;
+
+ return add_message(state, 0, message_type::auto_config_data, message_direction::out, oss.str());
+}
+
+// Process a single message with auto-config data, destined for "message.signer_index"
+void message_store::process_auto_config_data_message(uint32_t id)
+{
+ // "auto_config_data" contains the label that the auto-config data sender uses for "me", but that's
+ // more for completeness' sake, and right now it's not used. In general, the auto-config manager
+ // decides/defines the labels, and right after completing auto-config ALL wallets use the SAME labels.
+
+ const message &m = get_message_ref_by_id(id);
+
+ auto_config_data data;
+ try
+ {
+ std::stringstream iss;
+ iss << m.content;
+ boost::archive::portable_binary_iarchive ar(iss);
+ ar >> data;
+ }
+ catch (...)
+ {
+ THROW_WALLET_EXCEPTION_IF(true, tools::error::wallet_internal_error, "Invalid structure of auto config data");
+ }
+
+ authorized_signer &signer = m_signers[m.signer_index];
+ // "signer.label" does NOT change, see comment above
+ signer.transport_address = data.transport_address;
+ signer.monero_address_known = true;
+ signer.monero_address = data.monero_address;
+ signer.auto_config_running = false;
+}
+
+void message_store::stop_auto_config()
+{
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ authorized_signer &m = m_signers[i];
+ if (!m.me && !m.auto_config_transport_address.empty())
+ {
+ // Try to delete those "unused API" addresses in PyBitmessage, especially since
+ // it seems it's not possible to delete them interactively, only to "disable" them
+ m_transporter.delete_transport_address(m.auto_config_transport_address);
+ }
+ m.auto_config_token.clear();
+ m.auto_config_public_key = crypto::null_pkey;
+ m.auto_config_secret_key = crypto::null_skey;
+ m.auto_config_transport_address.clear();
+ m.auto_config_running = false;
+ }
+}
+
+void message_store::setup_signer_for_auto_config(uint32_t index, const std::string token, bool receiving)
+{
+ // It may be a little strange to hash the textual hex digits of the auto config token into
+ // 32 bytes and turn that into a Monero public/secret key pair, instead of doing something
+ // much less complicated like directly using the underlying random 40 bits as key for a
+ // symmetric cipher, but everything is there already for encrypting and decrypting messages
+ // with such key pairs, and furthermore it would be trivial to use tokens with a different
+ // number of bytes.
+ //
+ // In the wallet of the auto-config manager each signer except "me" gets set its own
+ // auto-config parameters. In the wallet of somebody using the token to send auto-config
+ // data the auto-config parameters are stored in the "me" signer and taken from there
+ // to send that data.
+ THROW_WALLET_EXCEPTION_IF(index >= m_num_authorized_signers, tools::error::wallet_internal_error, "Invalid signer index " + index);
+ authorized_signer &m = m_signers[index];
+ m.auto_config_token = token;
+ crypto::hash_to_scalar(token.data(), token.size(), m.auto_config_secret_key);
+ crypto::secret_key_to_public_key(m.auto_config_secret_key, m.auto_config_public_key);
+ if (receiving)
+ {
+ m.auto_config_transport_address = m_transporter.derive_and_receive_transport_address(m.auto_config_token);
+ }
+ else
+ {
+ m.auto_config_transport_address = m_transporter.derive_transport_address(m.auto_config_token);
+ }
+}
+
+bool message_store::get_signer_index_by_monero_address(const cryptonote::account_public_address &monero_address, uint32_t &index) const
+{
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = m_signers[i];
+ if (m.monero_address == monero_address)
+ {
+ index = m.index;
+ return true;
+ }
+ }
+ MWARNING("No authorized signer with Monero address " << account_address_to_string(monero_address));
+ return false;
+}
+
+bool message_store::get_signer_index_by_label(const std::string label, uint32_t &index) const
+{
+ for (uint32_t i = 0; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = m_signers[i];
+ if (m.label == label)
+ {
+ index = m.index;
+ return true;
+ }
+ }
+ MWARNING("No authorized signer with label " << label);
+ return false;
+}
+
+void message_store::process_wallet_created_data(const multisig_wallet_state &state, message_type type, const std::string &content)
+{
+ switch(type)
+ {
+ case message_type::key_set:
+ // Result of a "prepare_multisig" command in the wallet
+ // Send the key set to all other signers
+ case message_type::additional_key_set:
+ // Result of a "make_multisig" command or a "exchange_multisig_keys" in the wallet in case of M/N multisig
+ // Send the additional key set to all other signers
+ case message_type::multisig_sync_data:
+ // Result of a "export_multisig_info" command in the wallet
+ // Send the sync data to all other signers
+ for (uint32_t i = 1; i < m_num_authorized_signers; ++i)
+ {
+ add_message(state, i, type, message_direction::out, content);
+ }
+ break;
+
+ case message_type::partially_signed_tx:
+ // Result of a "transfer" command in the wallet, or a "sign_multisig" command
+ // that did not yet result in the minimum number of signatures required
+ // Create a message "from me to me" as a container for the tx data
+ if (m_num_required_signers == 1)
+ {
+ // Probably rare, but possible: The 1 signature is already enough, correct the type
+ // Easier to correct here than asking all callers to detect this rare special case
+ type = message_type::fully_signed_tx;
+ }
+ add_message(state, 0, type, message_direction::in, content);
+ break;
+
+ case message_type::fully_signed_tx:
+ add_message(state, 0, type, message_direction::in, content);
+ break;
+
+ default:
+ THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, "Illegal message type " + (uint32_t)type);
+ break;
+ }
+}
+
+size_t message_store::add_message(const multisig_wallet_state &state,
+ uint32_t signer_index, message_type type, message_direction direction,
+ const std::string &content)
+{
+ message m;
+ m.id = m_next_message_id++;
+ m.type = type;
+ m.direction = direction;
+ m.content = content;
+ m.created = (uint64_t)time(NULL);
+ m.modified = m.created;
+ m.sent = 0;
+ m.signer_index = signer_index;
+ if (direction == message_direction::out)
+ {
+ m.state = message_state::ready_to_send;
+ }
+ else
+ {
+ m.state = message_state::waiting;
+ };
+ m.wallet_height = (uint32_t)state.num_transfer_details;
+ if (m.type == message_type::additional_key_set)
+ {
+ m.round = state.multisig_rounds_passed;
+ }
+ else
+ {
+ m.round = 0;
+ }
+ m.signature_count = 0; // Future expansion for signature counting when signing txs
+ m.hash = crypto::null_hash;
+ m_messages.push_back(m);
+
+ // Save for every new message right away (at least while in beta)
+ save(state);
+
+ MINFO(boost::format("Added %s message %s for signer %s of type %s")
+ % message_direction_to_string(direction) % m.id % signer_index % message_type_to_string(type));
+ return m_messages.size() - 1;
+}
+
+// Get the index of the message with id "id", return false if not found
+bool message_store::get_message_index_by_id(uint32_t id, size_t &index) const
+{
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ if (m_messages[i].id == id)
+ {
+ index = i;
+ return true;
+ }
+ }
+ MWARNING("No message found with an id of " << id);
+ return false;
+}
+
+// Get the index of the message with id "id" that must exist
+size_t message_store::get_message_index_by_id(uint32_t id) const
+{
+ size_t index;
+ bool found = get_message_index_by_id(id, index);
+ THROW_WALLET_EXCEPTION_IF(!found, tools::error::wallet_internal_error, "Invalid message id " + id);
+ return index;
+}
+
+// Get the modifiable message with id "id" that must exist; private/internal use!
+message& message_store::get_message_ref_by_id(uint32_t id)
+{
+ return m_messages[get_message_index_by_id(id)];
+}
+
+// Get the message with id "id", return false if not found
+// This version of the method allows to check whether id is valid without triggering an error
+bool message_store::get_message_by_id(uint32_t id, message &m) const
+{
+ size_t index;
+ bool found = get_message_index_by_id(id, index);
+ if (found)
+ {
+ m = m_messages[index];
+ }
+ return found;
+}
+
+// Get the message with id "id" that must exist
+message message_store::get_message_by_id(uint32_t id) const
+{
+ message m;
+ bool found = get_message_by_id(id, m);
+ THROW_WALLET_EXCEPTION_IF(!found, tools::error::wallet_internal_error, "Invalid message id " + id);
+ return m;
+}
+
+bool message_store::any_message_of_type(message_type type, message_direction direction) const
+{
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ if ((m_messages[i].type == type) && (m_messages[i].direction == direction))
+ {
+ return true;
+ }
+ }
+ return false;
+}
+
+bool message_store::any_message_with_hash(const crypto::hash &hash) const
+{
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ if (m_messages[i].hash == hash)
+ {
+ return true;
+ }
+ }
+ return false;
+}
+
+// Count the ids in the vector that are set i.e. not 0, while ignoring index 0
+// Mostly used to check whether we have a message for each authorized signer except me,
+// with the signer index used as index into 'ids'; the element at index 0, for me,
+// is ignored, to make constant subtractions of 1 for indices when filling the
+// vector unnecessary
+size_t message_store::get_other_signers_id_count(const std::vector<uint32_t> &ids) const
+{
+ size_t count = 0;
+ for (size_t i = 1 /* and not 0 */; i < ids.size(); ++i)
+ {
+ if (ids[i] != 0)
+ {
+ count++;
+ }
+ }
+ return count;
+}
+
+// Is in every element of vector 'ids' (except at index 0) a message id i.e. not 0?
+bool message_store::message_ids_complete(const std::vector<uint32_t> &ids) const
+{
+ return get_other_signers_id_count(ids) == (ids.size() - 1);
+}
+
+void message_store::delete_message(uint32_t id)
+{
+ delete_transport_message(id);
+ size_t index = get_message_index_by_id(id);
+ m_messages.erase(m_messages.begin() + index);
+}
+
+void message_store::delete_all_messages()
+{
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ delete_transport_message(m_messages[i].id);
+ }
+ m_messages.clear();
+}
+
+// Make a message text, which is "attacker controlled data", reasonably safe to display
+// This is mostly geared towards the safe display of notes sent by "mms note" with a "mms show" command
+void message_store::get_sanitized_message_text(const message &m, std::string &sanitized_text) const
+{
+ sanitized_text.clear();
+
+ // Restrict the size to fend of DOS-style attacks with heaps of data
+ size_t length = std::min(m.content.length(), (size_t)1000);
+
+ for (size_t i = 0; i < length; ++i)
+ {
+ char c = m.content[i];
+ if ((int)c < 32)
+ {
+ // Strip out any controls, especially ESC for getting rid of potentially dangerous
+ // ANSI escape sequences that a console window might interpret
+ c = ' ';
+ }
+ else if ((c == '<') || (c == '>'))
+ {
+ // Make XML or HTML impossible that e.g. might contain scripts that Qt might execute
+ // when displayed in the GUI wallet
+ c = ' ';
+ }
+ sanitized_text += c;
+ }
+}
+
+void message_store::write_to_file(const multisig_wallet_state &state, const std::string &filename)
+{
+ std::stringstream oss;
+ boost::archive::portable_binary_oarchive ar(oss);
+ ar << *this;
+ std::string buf = oss.str();
+
+ crypto::chacha_key key;
+ crypto::generate_chacha_key(&state.view_secret_key, sizeof(crypto::secret_key), key, 1);
+
+ file_data write_file_data = boost::value_initialized<file_data>();
+ write_file_data.magic_string = "MMS";
+ write_file_data.file_version = 0;
+ write_file_data.iv = crypto::rand<crypto::chacha_iv>();
+ std::string encrypted_data;
+ encrypted_data.resize(buf.size());
+ crypto::chacha20(buf.data(), buf.size(), key, write_file_data.iv, &encrypted_data[0]);
+ write_file_data.encrypted_data = encrypted_data;
+
+ std::stringstream file_oss;
+ boost::archive::portable_binary_oarchive file_ar(file_oss);
+ file_ar << write_file_data;
+
+ bool success = epee::file_io_utils::save_string_to_file(filename, file_oss.str());
+ THROW_WALLET_EXCEPTION_IF(!success, tools::error::file_save_error, filename);
+}
+
+void message_store::read_from_file(const multisig_wallet_state &state, const std::string &filename)
+{
+ boost::system::error_code ignored_ec;
+ bool file_exists = boost::filesystem::exists(filename, ignored_ec);
+ if (!file_exists)
+ {
+ // Simply do nothing if the file is not there; allows e.g. easy recovery
+ // from problems with the MMS by deleting the file
+ MERROR("No message store file found: " << filename);
+ return;
+ }
+
+ std::string buf;
+ bool success = epee::file_io_utils::load_file_to_string(filename, buf);
+ THROW_WALLET_EXCEPTION_IF(!success, tools::error::file_read_error, filename);
+
+ file_data read_file_data;
+ try
+ {
+ std::stringstream iss;
+ iss << buf;
+ boost::archive::portable_binary_iarchive ar(iss);
+ ar >> read_file_data;
+ }
+ catch (const std::exception &e)
+ {
+ MERROR("MMS file " << filename << " has bad structure <iv,encrypted_data>: " << e.what());
+ THROW_WALLET_EXCEPTION_IF(true, tools::error::file_read_error, filename);
+ }
+
+ crypto::chacha_key key;
+ crypto::generate_chacha_key(&state.view_secret_key, sizeof(crypto::secret_key), key, 1);
+ std::string decrypted_data;
+ decrypted_data.resize(read_file_data.encrypted_data.size());
+ crypto::chacha20(read_file_data.encrypted_data.data(), read_file_data.encrypted_data.size(), key, read_file_data.iv, &decrypted_data[0]);
+
+ try
+ {
+ std::stringstream iss;
+ iss << decrypted_data;
+ boost::archive::portable_binary_iarchive ar(iss);
+ ar >> *this;
+ }
+ catch (const std::exception &e)
+ {
+ MERROR("MMS file " << filename << " has bad structure: " << e.what());
+ THROW_WALLET_EXCEPTION_IF(true, tools::error::file_read_error, filename);
+ }
+
+ m_filename = filename;
+}
+
+// Save to the same file this message store was loaded from
+// Called after changes deemed "important", to make it less probable to lose messages in case of
+// a crash; a better and long-term solution would of course be to use LMDB ...
+void message_store::save(const multisig_wallet_state &state)
+{
+ if (!m_filename.empty())
+ {
+ write_to_file(state, m_filename);
+ }
+}
+
+bool message_store::get_processable_messages(const multisig_wallet_state &state,
+ bool force_sync, std::vector<processing_data> &data_list, std::string &wait_reason)
+{
+ uint32_t wallet_height = (uint32_t)state.num_transfer_details;
+ data_list.clear();
+ wait_reason.clear();
+ // In all scans over all messages looking for complete sets (1 message for each signer),
+ // if there are duplicates, the OLDEST of them is taken. This may not play a role with
+ // any of the current message types, but may with future ones, and it's probably a good
+ // idea to have a clear and somewhat defensive strategy.
+
+ std::vector<uint32_t> auto_config_messages(m_num_authorized_signers, 0);
+ bool any_auto_config = false;
+
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ message &m = m_messages[i];
+ if ((m.type == message_type::auto_config_data) && (m.state == message_state::waiting))
+ {
+ if (auto_config_messages[m.signer_index] == 0)
+ {
+ auto_config_messages[m.signer_index] = m.id;
+ any_auto_config = true;
+ }
+ // else duplicate auto config data, ignore
+ }
+ }
+
+ if (any_auto_config)
+ {
+ bool auto_config_complete = message_ids_complete(auto_config_messages);
+ if (auto_config_complete)
+ {
+ processing_data data;
+ data.processing = message_processing::process_auto_config_data;
+ data.message_ids = auto_config_messages;
+ data.message_ids.erase(data.message_ids.begin());
+ data_list.push_back(data);
+ return true;
+ }
+ else
+ {
+ wait_reason = tr("Auto-config cannot proceed because auto config data from other signers is not complete");
+ return false;
+ // With ANY auto config data present but not complete refuse to check for any
+ // other processing. Manually delete those messages to abort such an auto config
+ // phase if needed.
+ }
+ }
+
+ // Any signer config that arrived will be processed right away, regardless of other things that may wait
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ message &m = m_messages[i];
+ if ((m.type == message_type::signer_config) && (m.state == message_state::waiting))
+ {
+ processing_data data;
+ data.processing = message_processing::process_signer_config;
+ data.message_ids.push_back(m.id);
+ data_list.push_back(data);
+ return true;
+ }
+ }
+
+ // ALL of the following processings depend on the signer info being complete
+ if (!signer_config_complete())
+ {
+ wait_reason = tr("The signer config is not complete.");
+ return false;
+ }
+
+ if (!state.multisig)
+ {
+
+ if (!any_message_of_type(message_type::key_set, message_direction::out))
+ {
+ // With the own key set not yet ready we must do "prepare_multisig" first;
+ // Key sets from other signers may be here already, but if we process them now
+ // the wallet will go multisig too early: we can't produce our own key set any more!
+ processing_data data;
+ data.processing = message_processing::prepare_multisig;
+ data_list.push_back(data);
+ return true;
+ }
+
+ // Ids of key set messages per signer index, to check completeness
+ // Naturally, does not care about the order of the messages and is trivial to secure against
+ // key sets that were received more than once
+ // With full M/N multisig now possible consider only key sets of the right round, i.e.
+ // with not yet multisig the only possible round 0
+ std::vector<uint32_t> key_set_messages(m_num_authorized_signers, 0);
+
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ message &m = m_messages[i];
+ if ((m.type == message_type::key_set) && (m.state == message_state::waiting)
+ && (m.round == 0))
+ {
+ if (key_set_messages[m.signer_index] == 0)
+ {
+ key_set_messages[m.signer_index] = m.id;
+ }
+ // else duplicate key set, ignore
+ }
+ }
+
+ bool key_sets_complete = message_ids_complete(key_set_messages);
+ if (key_sets_complete)
+ {
+ // Nothing else can be ready to process earlier than this, ignore everything else and give back
+ processing_data data;
+ data.processing = message_processing::make_multisig;
+ data.message_ids = key_set_messages;
+ data.message_ids.erase(data.message_ids.begin());
+ data_list.push_back(data);
+ return true;
+ }
+ else
+ {
+ wait_reason = tr("Wallet can't go multisig because key sets from other signers are missing or not complete.");
+ return false;
+ }
+ }
+
+ if (state.multisig && !state.multisig_is_ready)
+ {
+ // In the case of M/N multisig the call 'wallet2::multisig' returns already true
+ // after "make_multisig" but with calls to "exchange_multisig_keys" still needed, and
+ // sets the parameter 'ready' to false to document this particular "in-between" state.
+ // So what may be possible here, with all necessary messages present, is a call to
+ // "exchange_multisig_keys".
+ // Consider only messages belonging to the next round to do, which has the number
+ // "state.multisig_rounds_passed".
+ std::vector<uint32_t> additional_key_set_messages(m_num_authorized_signers, 0);
+
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ message &m = m_messages[i];
+ if ((m.type == message_type::additional_key_set) && (m.state == message_state::waiting)
+ && (m.round == state.multisig_rounds_passed))
+ {
+ if (additional_key_set_messages[m.signer_index] == 0)
+ {
+ additional_key_set_messages[m.signer_index] = m.id;
+ }
+ // else duplicate key set, ignore
+ }
+ }
+
+ bool key_sets_complete = message_ids_complete(additional_key_set_messages);
+ if (key_sets_complete)
+ {
+ processing_data data;
+ data.processing = message_processing::exchange_multisig_keys;
+ data.message_ids = additional_key_set_messages;
+ data.message_ids.erase(data.message_ids.begin());
+ data_list.push_back(data);
+ return true;
+ }
+ else
+ {
+ wait_reason = tr("Wallet can't start another key exchange round because key sets from other signers are missing or not complete.");
+ return false;
+ }
+ }
+
+ // Properly exchanging multisig sync data is easiest and most transparent
+ // for the user if a wallet sends its own data first and processes any received
+ // sync data afterwards so that's the order that the MMS enforces here.
+ // (Technically, it seems to work also the other way round.)
+ //
+ // To check whether a NEW round of syncing is necessary the MMS works with a
+ // "wallet state": new state means new syncing needed.
+ //
+ // The MMS monitors the "wallet state" by recording "wallet heights" as
+ // numbers of transfers present in a wallet at the time of message creation. While
+ // not watertight, this quite simple scheme should already suffice to trigger
+ // and orchestrate a sensible exchange of sync data.
+ if (state.has_multisig_partial_key_images || force_sync)
+ {
+ // Sync is necessary and not yet completed: Processing of transactions
+ // will only be possible again once properly synced
+ // Check first whether we generated already OUR sync info; take note of
+ // any processable sync info from other signers on the way in case we need it
+ bool own_sync_data_created = false;
+ std::vector<uint32_t> sync_messages(m_num_authorized_signers, 0);
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ message &m = m_messages[i];
+ if ((m.type == message_type::multisig_sync_data) && (force_sync || (m.wallet_height == wallet_height)))
+ // It's data for the same "round" of syncing, on the same "wallet height", therefore relevant
+ // With "force_sync" take ANY waiting sync data, maybe it will work out
+ {
+ if (m.direction == message_direction::out)
+ {
+ own_sync_data_created = true;
+ // Ignore whether sent already or not, and assume as complete if several other signers there
+ }
+ else if ((m.direction == message_direction::in) && (m.state == message_state::waiting))
+ {
+ if (sync_messages[m.signer_index] == 0)
+ {
+ sync_messages[m.signer_index] = m.id;
+ }
+ // else duplicate sync message, ignore
+ }
+ }
+ }
+ if (!own_sync_data_created)
+ {
+ // As explained above, creating sync data BEFORE processing such data from
+ // other signers reliably works, so insist on that here
+ processing_data data;
+ data.processing = message_processing::create_sync_data;
+ data_list.push_back(data);
+ return true;
+ }
+ uint32_t id_count = (uint32_t)get_other_signers_id_count(sync_messages);
+ // Do we have sync data from ALL other signers?
+ bool all_sync_data = id_count == (m_num_authorized_signers - 1);
+ // Do we have just ENOUGH sync data to have a minimal viable sync set?
+ // In cases like 2/3 multisig we don't need messages from ALL other signers, only
+ // from enough of them i.e. num_required_signers minus 1 messages
+ bool enough_sync_data = id_count >= (m_num_required_signers - 1);
+ bool sync = false;
+ wait_reason = tr("Syncing not done because multisig sync data from other signers are missing or not complete.");
+ if (all_sync_data)
+ {
+ sync = true;
+ }
+ else if (enough_sync_data)
+ {
+ if (force_sync)
+ {
+ sync = true;
+ }
+ else
+ {
+ // Don't sync, but give a hint how this minimal set COULD be synced if really wanted
+ wait_reason += (boost::format("\nUse \"mms next sync\" if you want to sync with just %s out of %s authorized signers and transact just with them")
+ % (m_num_required_signers - 1) % (m_num_authorized_signers - 1)).str();
+ }
+ }
+ if (sync)
+ {
+ processing_data data;
+ data.processing = message_processing::process_sync_data;
+ for (size_t i = 0; i < sync_messages.size(); ++i)
+ {
+ uint32_t id = sync_messages[i];
+ if (id != 0)
+ {
+ data.message_ids.push_back(id);
+ }
+ }
+ data_list.push_back(data);
+ return true;
+ }
+ else
+ {
+ // We can't proceed to any transactions until we have synced; "wait_reason" already set above
+ return false;
+ }
+ }
+
+ bool waiting_found = false;
+ bool note_found = false;
+ bool sync_data_found = false;
+ for (size_t i = 0; i < m_messages.size(); ++i)
+ {
+ message &m = m_messages[i];
+ if (m.state == message_state::waiting)
+ {
+ waiting_found = true;
+ switch (m.type)
+ {
+ case message_type::fully_signed_tx:
+ {
+ // We can either submit it ourselves, or send it to any other signer for submission
+ processing_data data;
+ data.processing = message_processing::submit_tx;
+ data.message_ids.push_back(m.id);
+ data_list.push_back(data);
+
+ data.processing = message_processing::send_tx;
+ for (uint32_t j = 1; j < m_num_authorized_signers; ++j)
+ {
+ data.receiving_signer_index = j;
+ data_list.push_back(data);
+ }
+ return true;
+ }
+
+ case message_type::partially_signed_tx:
+ {
+ if (m.signer_index == 0)
+ {
+ // We started this ourselves, or signed it but with still signatures missing:
+ // We can send it to any other signer for signing / further signing
+ // In principle it does not make sense to send it back to somebody who
+ // already signed, but the MMS does not / not yet keep track of that,
+ // because that would be somewhat complicated.
+ processing_data data;
+ data.processing = message_processing::send_tx;
+ data.message_ids.push_back(m.id);
+ for (uint32_t j = 1; j < m_num_authorized_signers; ++j)
+ {
+ data.receiving_signer_index = j;
+ data_list.push_back(data);
+ }
+ return true;
+ }
+ else
+ {
+ // Somebody else sent this to us: We can sign it
+ // It would be possible to just pass it on, but that's not directly supported here
+ processing_data data;
+ data.processing = message_processing::sign_tx;
+ data.message_ids.push_back(m.id);
+ data_list.push_back(data);
+ return true;
+ }
+ }
+
+ case message_type::note:
+ note_found = true;
+ break;
+
+ case message_type::multisig_sync_data:
+ sync_data_found = true;
+ break;
+
+ default:
+ break;
+ }
+ }
+ }
+ if (waiting_found)
+ {
+ wait_reason = tr("There are waiting messages, but nothing is ready to process under normal circumstances");
+ if (sync_data_found)
+ {
+ wait_reason += tr("\nUse \"mms next sync\" if you want to force processing of the waiting sync data");
+ }
+ if (note_found)
+ {
+ wait_reason += tr("\nUse \"mms note\" to display the waiting notes");
+ }
+ }
+ else
+ {
+ wait_reason = tr("There are no messages waiting to be processed.");
+ }
+
+ return false;
+}
+
+void message_store::set_messages_processed(const processing_data &data)
+{
+ for (size_t i = 0; i < data.message_ids.size(); ++i)
+ {
+ set_message_processed_or_sent(data.message_ids[i]);
+ }
+}
+
+void message_store::set_message_processed_or_sent(uint32_t id)
+{
+ message &m = get_message_ref_by_id(id);
+ if (m.state == message_state::waiting)
+ {
+ // So far a fairly cautious and conservative strategy: Only delete from Bitmessage
+ // when fully processed (and e.g. not already after reception and writing into
+ // the message store file)
+ delete_transport_message(id);
+ m.state = message_state::processed;
+ }
+ else if (m.state == message_state::ready_to_send)
+ {
+ m.state = message_state::sent;
+ }
+ m.modified = (uint64_t)time(NULL);
+}
+
+void message_store::encrypt(crypto::public_key public_key, const std::string &plaintext,
+ std::string &ciphertext, crypto::public_key &encryption_public_key, crypto::chacha_iv &iv)
+{
+ crypto::secret_key encryption_secret_key;
+ crypto::generate_keys(encryption_public_key, encryption_secret_key);
+
+ crypto::key_derivation derivation;
+ bool success = crypto::generate_key_derivation(public_key, encryption_secret_key, derivation);
+ THROW_WALLET_EXCEPTION_IF(!success, tools::error::wallet_internal_error, "Failed to generate key derivation for message encryption");
+
+ crypto::chacha_key chacha_key;
+ crypto::generate_chacha_key(&derivation, sizeof(derivation), chacha_key, 1);
+ iv = crypto::rand<crypto::chacha_iv>();
+ ciphertext.resize(plaintext.size());
+ crypto::chacha20(plaintext.data(), plaintext.size(), chacha_key, iv, &ciphertext[0]);
+}
+
+void message_store::decrypt(const std::string &ciphertext, const crypto::public_key &encryption_public_key, const crypto::chacha_iv &iv,
+ const crypto::secret_key &view_secret_key, std::string &plaintext)
+{
+ crypto::key_derivation derivation;
+ bool success = crypto::generate_key_derivation(encryption_public_key, view_secret_key, derivation);
+ THROW_WALLET_EXCEPTION_IF(!success, tools::error::wallet_internal_error, "Failed to generate key derivation for message decryption");
+ crypto::chacha_key chacha_key;
+ crypto::generate_chacha_key(&derivation, sizeof(derivation), chacha_key, 1);
+ plaintext.resize(ciphertext.size());
+ crypto::chacha20(ciphertext.data(), ciphertext.size(), chacha_key, iv, &plaintext[0]);
+}
+
+void message_store::send_message(const multisig_wallet_state &state, uint32_t id)
+{
+ message &m = get_message_ref_by_id(id);
+ const authorized_signer &me = m_signers[0];
+ const authorized_signer &receiver = m_signers[m.signer_index];
+ transport_message dm;
+ crypto::public_key public_key;
+
+ dm.timestamp = (uint64_t)time(NULL);
+ dm.subject = "MMS V0 " + tools::get_human_readable_timestamp(dm.timestamp);
+ dm.source_transport_address = me.transport_address;
+ dm.source_monero_address = me.monero_address;
+ if (m.type == message_type::auto_config_data)
+ {
+ // Encrypt with the public key derived from the auto-config token, and send to the
+ // transport address likewise derived from that token
+ public_key = me.auto_config_public_key;
+ dm.destination_transport_address = me.auto_config_transport_address;
+ // The destination Monero address is not yet known
+ memset(&dm.destination_monero_address, 0, sizeof(cryptonote::account_public_address));
+ }
+ else
+ {
+ // Encrypt with the receiver's view public key
+ public_key = receiver.monero_address.m_view_public_key;
+ const authorized_signer &receiver = m_signers[m.signer_index];
+ dm.destination_monero_address = receiver.monero_address;
+ dm.destination_transport_address = receiver.transport_address;
+ }
+ encrypt(public_key, m.content, dm.content, dm.encryption_public_key, dm.iv);
+ dm.type = (uint32_t)m.type;
+ dm.hash = crypto::cn_fast_hash(dm.content.data(), dm.content.size());
+ dm.round = m.round;
+
+ crypto::generate_signature(dm.hash, me.monero_address.m_view_public_key, state.view_secret_key, dm.signature);
+
+ m_transporter.send_message(dm);
+
+ m.state=message_state::sent;
+ m.sent= (uint64_t)time(NULL);
+}
+
+bool message_store::check_for_messages(const multisig_wallet_state &state, std::vector<message> &messages)
+{
+ m_run.store(true, std::memory_order_relaxed);
+ const authorized_signer &me = m_signers[0];
+ std::vector<std::string> destinations;
+ destinations.push_back(me.transport_address);
+ for (uint32_t i = 1; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = m_signers[i];
+ if (m.auto_config_running)
+ {
+ destinations.push_back(m.auto_config_transport_address);
+ }
+ }
+ std::vector<transport_message> transport_messages;
+ bool r = m_transporter.receive_messages(destinations, transport_messages);
+ if (!m_run.load(std::memory_order_relaxed))
+ {
+ // Stop was called, don't waste time processing the messages
+ // (but once started processing them, don't react to stop request anymore, avoid receiving them "partially)"
+ return false;
+ }
+
+ bool new_messages = false;
+ for (size_t i = 0; i < transport_messages.size(); ++i)
+ {
+ transport_message &rm = transport_messages[i];
+ if (any_message_with_hash(rm.hash))
+ {
+ // Already seen, do not take again
+ }
+ else
+ {
+ uint32_t sender_index;
+ bool take = false;
+ message_type type = static_cast<message_type>(rm.type);
+ crypto::secret_key decrypt_key = state.view_secret_key;
+ if (type == message_type::auto_config_data)
+ {
+ // Find out which signer sent it by checking which auto config transport address
+ // the message was sent to
+ for (uint32_t i = 1; i < m_num_authorized_signers; ++i)
+ {
+ const authorized_signer &m = m_signers[i];
+ if (m.auto_config_transport_address == rm.destination_transport_address)
+ {
+ take = true;
+ sender_index = i;
+ decrypt_key = m.auto_config_secret_key;
+ break;
+ }
+ }
+ }
+ else if (type == message_type::signer_config)
+ {
+ // Typically we can't check yet whether we know the sender, so take from any
+ // and pretend it's from "me" because we might have nothing else yet
+ take = true;
+ sender_index = 0;
+ }
+ else
+ {
+ // Only accept from senders that are known as signer here, otherwise just ignore
+ take = get_signer_index_by_monero_address(rm.source_monero_address, sender_index);
+ }
+ if (take && (type != message_type::auto_config_data))
+ {
+ // If the destination address is known, check it as well; this additional filter
+ // allows using the same transport address for multiple signers
+ take = rm.destination_monero_address == me.monero_address;
+ }
+ if (take)
+ {
+ crypto::hash actual_hash = crypto::cn_fast_hash(rm.content.data(), rm.content.size());
+ THROW_WALLET_EXCEPTION_IF(actual_hash != rm.hash, tools::error::wallet_internal_error, "Message hash mismatch");
+
+ bool signature_valid = crypto::check_signature(actual_hash, rm.source_monero_address.m_view_public_key, rm.signature);
+ THROW_WALLET_EXCEPTION_IF(!signature_valid, tools::error::wallet_internal_error, "Message signature not valid");
+
+ std::string plaintext;
+ decrypt(rm.content, rm.encryption_public_key, rm.iv, decrypt_key, plaintext);
+ size_t index = add_message(state, sender_index, (message_type)rm.type, message_direction::in, plaintext);
+ message &m = m_messages[index];
+ m.hash = rm.hash;
+ m.transport_id = rm.transport_id;
+ m.sent = rm.timestamp;
+ m.round = rm.round;
+ m.signature_count = rm.signature_count;
+ messages.push_back(m);
+ new_messages = true;
+ }
+ }
+ }
+ return new_messages;
+}
+
+void message_store::delete_transport_message(uint32_t id)
+{
+ const message &m = get_message_by_id(id);
+ if (!m.transport_id.empty())
+ {
+ m_transporter.delete_message(m.transport_id);
+ }
+}
+
+std::string message_store::account_address_to_string(const cryptonote::account_public_address &account_address) const
+{
+ return get_account_address_as_str(m_nettype, false, account_address);
+}
+
+const char* message_store::message_type_to_string(message_type type)
+{
+ switch (type)
+ {
+ case message_type::key_set:
+ return tr("key set");
+ case message_type::additional_key_set:
+ return tr("additional key set");
+ case message_type::multisig_sync_data:
+ return tr("multisig sync data");
+ case message_type::partially_signed_tx:
+ return tr("partially signed tx");
+ case message_type::fully_signed_tx:
+ return tr("fully signed tx");
+ case message_type::note:
+ return tr("note");
+ case message_type::signer_config:
+ return tr("signer config");
+ case message_type::auto_config_data:
+ return tr("auto-config data");
+ default:
+ return tr("unknown message type");
+ }
+}
+
+const char* message_store::message_direction_to_string(message_direction direction)
+{
+ switch (direction)
+ {
+ case message_direction::in:
+ return tr("in");
+ case message_direction::out:
+ return tr("out");
+ default:
+ return tr("unknown message direction");
+ }
+}
+
+const char* message_store::message_state_to_string(message_state state)
+{
+ switch (state)
+ {
+ case message_state::ready_to_send:
+ return tr("ready to send");
+ case message_state::sent:
+ return tr("sent");
+ case message_state::waiting:
+ return tr("waiting");
+ case message_state::processed:
+ return tr("processed");
+ case message_state::cancelled:
+ return tr("cancelled");
+ default:
+ return tr("unknown message state");
+ }
+}
+
+// Convert a signer to string suitable for a column in a list, with 'max_width'
+// Format: label: transport_address
+std::string message_store::signer_to_string(const authorized_signer &signer, uint32_t max_width)
+{
+ std::string s = "";
+ s.reserve(max_width);
+ uint32_t avail = max_width;
+ uint32_t label_len = signer.label.length();
+ if (label_len > avail)
+ {
+ s.append(signer.label.substr(0, avail - 2));
+ s.append("..");
+ return s;
+ }
+ s.append(signer.label);
+ avail -= label_len;
+ uint32_t transport_addr_len = signer.transport_address.length();
+ if ((transport_addr_len > 0) && (avail > 10))
+ {
+ s.append(": ");
+ avail -= 2;
+ if (transport_addr_len <= avail)
+ {
+ s.append(signer.transport_address);
+ }
+ else
+ {
+ s.append(signer.transport_address.substr(0, avail-2));
+ s.append("..");
+ }
+ }
+ return s;
+}
+
+}
diff --git a/src/wallet/message_store.h b/src/wallet/message_store.h
new file mode 100644
index 000000000..7d26f7889
--- /dev/null
+++ b/src/wallet/message_store.h
@@ -0,0 +1,420 @@
+// Copyright (c) 2018, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+
+#include <cstdlib>
+#include <string>
+#include <vector>
+#include "crypto/hash.h"
+#include <boost/serialization/vector.hpp>
+#include <boost/program_options/variables_map.hpp>
+#include <boost/program_options/options_description.hpp>
+#include <boost/optional/optional.hpp>
+#include "serialization/serialization.h"
+#include "cryptonote_basic/cryptonote_boost_serialization.h"
+#include "cryptonote_basic/account_boost_serialization.h"
+#include "cryptonote_basic/cryptonote_basic.h"
+#include "common/i18n.h"
+#include "common/command_line.h"
+#include "wipeable_string.h"
+#include "message_transporter.h"
+
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "wallet.mms"
+#define AUTO_CONFIG_TOKEN_BYTES 4
+#define AUTO_CONFIG_TOKEN_PREFIX "mms"
+
+namespace mms
+{
+ enum class message_type
+ {
+ key_set,
+ additional_key_set,
+ multisig_sync_data,
+ partially_signed_tx,
+ fully_signed_tx,
+ note,
+ signer_config,
+ auto_config_data
+ };
+
+ enum class message_direction
+ {
+ in,
+ out
+ };
+
+ enum class message_state
+ {
+ ready_to_send,
+ sent,
+
+ waiting,
+ processed,
+
+ cancelled
+ };
+
+ enum class message_processing
+ {
+ prepare_multisig,
+ make_multisig,
+ exchange_multisig_keys,
+ create_sync_data,
+ process_sync_data,
+ sign_tx,
+ send_tx,
+ submit_tx,
+ process_signer_config,
+ process_auto_config_data
+ };
+
+ struct message
+ {
+ uint32_t id;
+ message_type type;
+ message_direction direction;
+ std::string content;
+ uint64_t created;
+ uint64_t modified;
+ uint64_t sent;
+ uint32_t signer_index;
+ crypto::hash hash;
+ message_state state;
+ uint32_t wallet_height;
+ uint32_t round;
+ uint32_t signature_count;
+ std::string transport_id;
+ };
+ // "wallet_height" (for lack of a short name that would describe what it is about)
+ // is the number of transfers present in the wallet at the time of message
+ // construction; used to coordinate generation of sync info (which depends
+ // on the content of the wallet at time of generation)
+
+ struct authorized_signer
+ {
+ std::string label;
+ std::string transport_address;
+ bool monero_address_known;
+ cryptonote::account_public_address monero_address;
+ bool me;
+ uint32_t index;
+ std::string auto_config_token;
+ crypto::public_key auto_config_public_key;
+ crypto::secret_key auto_config_secret_key;
+ std::string auto_config_transport_address;
+ bool auto_config_running;
+
+ authorized_signer()
+ {
+ monero_address_known = false;
+ memset(&monero_address, 0, sizeof(cryptonote::account_public_address));
+ index = 0;
+ auto_config_public_key = crypto::null_pkey;
+ auto_config_secret_key = crypto::null_skey;
+ auto_config_running = false;
+ };
+ };
+
+ struct processing_data
+ {
+ message_processing processing;
+ std::vector<uint32_t> message_ids;
+ uint32_t receiving_signer_index = 0;
+ };
+
+ struct file_transport_message
+ {
+ cryptonote::account_public_address sender_address;
+ crypto::chacha_iv iv;
+ crypto::public_key encryption_public_key;
+ message internal_message;
+ };
+
+ struct auto_config_data
+ {
+ std::string label;
+ std::string transport_address;
+ cryptonote::account_public_address monero_address;
+ };
+
+ // Overal .mms file structure, with the "message_store" object serialized to and
+ // encrypted in "encrypted_data"
+ struct file_data
+ {
+ std::string magic_string;
+ uint32_t file_version;
+ crypto::chacha_iv iv;
+ std::string encrypted_data;
+ };
+
+ // The following struct provides info about the current state of a "wallet2" object
+ // at the time of a "message_store" method call that those methods need. See on the
+ // one hand a first parameter of this type for several of those methods, and on the
+ // other hand the method "wallet2::get_multisig_wallet_state" which clients like the
+ // CLI wallet can use to get that info.
+ //
+ // Note that in the case of a wallet that is already multisig "address" is NOT the
+ // multisig address, but the "original" wallet address at creation time. Likewise
+ // "view_secret_key" is the original view secret key then.
+ //
+ // This struct definition is here and not in "wallet2.h" to avoid circular imports.
+ struct multisig_wallet_state
+ {
+ cryptonote::account_public_address address;
+ cryptonote::network_type nettype;
+ crypto::secret_key view_secret_key;
+ bool multisig;
+ bool multisig_is_ready;
+ bool has_multisig_partial_key_images;
+ uint32_t multisig_rounds_passed;
+ size_t num_transfer_details;
+ std::string mms_file;
+ };
+
+ class message_store
+ {
+ public:
+ message_store();
+ // Initialize and start to use the MMS, set the first signer, this wallet itself
+ // Filename, if not null and not empty, is used to create the ".mms" file
+ // reset it if already used, with deletion of all signers and messages
+ void init(const multisig_wallet_state &state, const std::string &own_label,
+ const std::string &own_transport_address, uint32_t num_authorized_signers, uint32_t num_required_signers);
+ void set_active(bool active) { m_active = active; };
+ void set_auto_send(bool auto_send) { m_auto_send = auto_send; };
+ void set_options(const boost::program_options::variables_map& vm);
+ void set_options(const std::string &bitmessage_address, const epee::wipeable_string &bitmessage_login);
+ bool get_active() const { return m_active; };
+ bool get_auto_send() const { return m_auto_send; };
+ uint32_t get_num_required_signers() const { return m_num_required_signers; };
+ uint32_t get_num_authorized_signers() const { return m_num_authorized_signers; };
+
+ void set_signer(const multisig_wallet_state &state,
+ uint32_t index,
+ const boost::optional<std::string> &label,
+ const boost::optional<std::string> &transport_address,
+ const boost::optional<cryptonote::account_public_address> monero_address);
+
+ const authorized_signer &get_signer(uint32_t index) const;
+ bool get_signer_index_by_monero_address(const cryptonote::account_public_address &monero_address, uint32_t &index) const;
+ bool get_signer_index_by_label(const std::string label, uint32_t &index) const;
+ const std::vector<authorized_signer> &get_all_signers() const { return m_signers; };
+ bool signer_config_complete() const;
+ bool signer_labels_complete() const;
+ void get_signer_config(std::string &signer_config);
+ void unpack_signer_config(const multisig_wallet_state &state, const std::string &signer_config,
+ std::vector<authorized_signer> &signers);
+ void process_signer_config(const multisig_wallet_state &state, const std::string &signer_config);
+
+ void start_auto_config(const multisig_wallet_state &state);
+ bool check_auto_config_token(const std::string &raw_token,
+ std::string &adjusted_token) const;
+ size_t add_auto_config_data_message(const multisig_wallet_state &state,
+ const std::string &auto_config_token);
+ void process_auto_config_data_message(uint32_t id);
+ void stop_auto_config();
+
+ // Process data just created by "me" i.e. the own local wallet, e.g. as the result of a "prepare_multisig" command
+ // Creates the resulting messages to the right signers
+ void process_wallet_created_data(const multisig_wallet_state &state, message_type type, const std::string &content);
+
+ // Go through all the messages, look at the "ready to process" ones, and check whether any single one
+ // or any group of them can be processed, because they are processable as single messages (like a tx
+ // that is fully signed and thus ready for submit to the net) or because they form a complete group
+ // (e.g. key sets from all authorized signers to make the wallet multisig). If there are multiple
+ // candidates, e.g. in 2/3 multisig sending to one OR the other signer to sign, there will be more
+ // than 1 element in 'data' for the user to choose. If nothing is ready "false" is returned.
+ // The method mostly ignores the order in which the messages were received because messages may be delayed
+ // (e.g. sync data from a signer arrives AFTER a transaction to submit) or because message time stamps
+ // may be wrong so it's not possible to order them reliably.
+ // Messages also may be ready by themselves but the wallet not yet ready for them (e.g. sync data already
+ // arriving when the wallet is not yet multisig because key sets were delayed or were lost altogether.)
+ // If nothing is ready 'wait_reason' may contain further info about the reason why.
+ bool get_processable_messages(const multisig_wallet_state &state,
+ bool force_sync,
+ std::vector<processing_data> &data_list,
+ std::string &wait_reason);
+ void set_messages_processed(const processing_data &data);
+
+ size_t add_message(const multisig_wallet_state &state,
+ uint32_t signer_index, message_type type, message_direction direction,
+ const std::string &content);
+ const std::vector<message> &get_all_messages() const { return m_messages; };
+ bool get_message_by_id(uint32_t id, message &m) const;
+ message get_message_by_id(uint32_t id) const;
+ void set_message_processed_or_sent(uint32_t id);
+ void delete_message(uint32_t id);
+ void delete_all_messages();
+ void get_sanitized_message_text(const message &m, std::string &sanitized_text) const;
+
+ void send_message(const multisig_wallet_state &state, uint32_t id);
+ bool check_for_messages(const multisig_wallet_state &state, std::vector<message> &messages);
+ void stop() { m_run.store(false, std::memory_order_relaxed); m_transporter.stop(); }
+
+ void write_to_file(const multisig_wallet_state &state, const std::string &filename);
+ void read_from_file(const multisig_wallet_state &state, const std::string &filename);
+
+ template <class t_archive>
+ inline void serialize(t_archive &a, const unsigned int ver)
+ {
+ a & m_active;
+ a & m_num_authorized_signers;
+ a & m_nettype;
+ a & m_num_required_signers;
+ a & m_signers;
+ a & m_messages;
+ a & m_next_message_id;
+ a & m_auto_send;
+ }
+
+ static const char* message_type_to_string(message_type type);
+ static const char* message_direction_to_string(message_direction direction);
+ static const char* message_state_to_string(message_state state);
+ std::string signer_to_string(const authorized_signer &signer, uint32_t max_width);
+
+ static const char *tr(const char *str) { return i18n_translate(str, "tools::mms"); }
+ static void init_options(boost::program_options::options_description& desc_params);
+
+ private:
+ bool m_active;
+ uint32_t m_num_authorized_signers;
+ uint32_t m_num_required_signers;
+ bool m_auto_send;
+ cryptonote::network_type m_nettype;
+ std::vector<authorized_signer> m_signers;
+ std::vector<message> m_messages;
+ uint32_t m_next_message_id;
+ std::string m_filename;
+ message_transporter m_transporter;
+ std::atomic<bool> m_run;
+
+ bool get_message_index_by_id(uint32_t id, size_t &index) const;
+ size_t get_message_index_by_id(uint32_t id) const;
+ message& get_message_ref_by_id(uint32_t id);
+ bool any_message_of_type(message_type type, message_direction direction) const;
+ bool any_message_with_hash(const crypto::hash &hash) const;
+ size_t get_other_signers_id_count(const std::vector<uint32_t> &ids) const;
+ bool message_ids_complete(const std::vector<uint32_t> &ids) const;
+ void encrypt(crypto::public_key public_key, const std::string &plaintext,
+ std::string &ciphertext, crypto::public_key &encryption_public_key, crypto::chacha_iv &iv);
+ void decrypt(const std::string &ciphertext, const crypto::public_key &encryption_public_key, const crypto::chacha_iv &iv,
+ const crypto::secret_key &view_secret_key, std::string &plaintext);
+ std::string create_auto_config_token();
+ void setup_signer_for_auto_config(uint32_t index, const std::string token, bool receiving);
+ void delete_transport_message(uint32_t id);
+ std::string account_address_to_string(const cryptonote::account_public_address &account_address) const;
+ void save(const multisig_wallet_state &state);
+ };
+}
+
+BOOST_CLASS_VERSION(mms::file_data, 0)
+BOOST_CLASS_VERSION(mms::message_store, 0)
+BOOST_CLASS_VERSION(mms::message, 0)
+BOOST_CLASS_VERSION(mms::file_transport_message, 0)
+BOOST_CLASS_VERSION(mms::authorized_signer, 1)
+BOOST_CLASS_VERSION(mms::auto_config_data, 0)
+
+namespace boost
+{
+ namespace serialization
+ {
+ template <class Archive>
+ inline void serialize(Archive &a, mms::file_data &x, const boost::serialization::version_type ver)
+ {
+ a & x.magic_string;
+ a & x.file_version;
+ a & x.iv;
+ a & x.encrypted_data;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, mms::message &x, const boost::serialization::version_type ver)
+ {
+ a & x.id;
+ a & x.type;
+ a & x.direction;
+ a & x.content;
+ a & x.created;
+ a & x.modified;
+ a & x.sent;
+ a & x.signer_index;
+ a & x.hash;
+ a & x.state;
+ a & x.wallet_height;
+ a & x.round;
+ a & x.signature_count;
+ a & x.transport_id;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, mms::authorized_signer &x, const boost::serialization::version_type ver)
+ {
+ a & x.label;
+ a & x.transport_address;
+ a & x.monero_address_known;
+ a & x.monero_address;
+ a & x.me;
+ a & x.index;
+ if (ver < 1)
+ {
+ return;
+ }
+ a & x.auto_config_token;
+ a & x.auto_config_public_key;
+ a & x.auto_config_secret_key;
+ a & x.auto_config_transport_address;
+ a & x.auto_config_running;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, mms::auto_config_data &x, const boost::serialization::version_type ver)
+ {
+ a & x.label;
+ a & x.transport_address;
+ a & x.monero_address;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, mms::file_transport_message &x, const boost::serialization::version_type ver)
+ {
+ a & x.sender_address;
+ a & x.iv;
+ a & x.encryption_public_key;
+ a & x.internal_message;
+ }
+
+ template <class Archive>
+ inline void serialize(Archive &a, crypto::chacha_iv &x, const boost::serialization::version_type ver)
+ {
+ a & x.data;
+ }
+
+ }
+}
diff --git a/src/wallet/message_transporter.cpp b/src/wallet/message_transporter.cpp
new file mode 100644
index 000000000..eafd13d3b
--- /dev/null
+++ b/src/wallet/message_transporter.cpp
@@ -0,0 +1,317 @@
+// Copyright (c) 2018, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "message_transporter.h"
+#include "string_coding.h"
+#include <boost/format.hpp>
+#include "wallet_errors.h"
+#include "net/http_client.h"
+#include "net/net_parse_helpers.h"
+#include <algorithm>
+
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "wallet.mms"
+#define PYBITMESSAGE_DEFAULT_API_PORT 8442
+
+namespace mms
+{
+
+namespace bitmessage_rpc
+{
+
+ struct message_info
+ {
+ uint32_t encodingType;
+ std::string toAddress;
+ uint32_t read;
+ std::string msgid;
+ std::string message;
+ std::string fromAddress;
+ std::string receivedTime;
+ std::string subject;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(encodingType)
+ KV_SERIALIZE(toAddress)
+ KV_SERIALIZE(read)
+ KV_SERIALIZE(msgid)
+ KV_SERIALIZE(message);
+ KV_SERIALIZE(fromAddress)
+ KV_SERIALIZE(receivedTime)
+ KV_SERIALIZE(subject)
+ END_KV_SERIALIZE_MAP()
+ };
+
+ struct inbox_messages_response
+ {
+ std::vector<message_info> inboxMessages;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(inboxMessages)
+ END_KV_SERIALIZE_MAP()
+ };
+
+}
+
+message_transporter::message_transporter()
+{
+ m_run = true;
+}
+
+void message_transporter::set_options(const std::string &bitmessage_address, const epee::wipeable_string &bitmessage_login)
+{
+ m_bitmessage_url = bitmessage_address;
+ epee::net_utils::http::url_content address_parts{};
+ epee::net_utils::parse_url(m_bitmessage_url, address_parts);
+ if (address_parts.port == 0)
+ {
+ address_parts.port = PYBITMESSAGE_DEFAULT_API_PORT;
+ }
+ m_bitmessage_login = bitmessage_login;
+
+ m_http_client.set_server(address_parts.host, std::to_string(address_parts.port), boost::none);
+}
+
+bool message_transporter::receive_messages(const std::vector<std::string> &destination_transport_addresses,
+ std::vector<transport_message> &messages)
+{
+ // The message body of the Bitmessage message is basically the transport message, as JSON (and nothing more).
+ // Weeding out other, non-MMS messages is done in a simple way: If it deserializes without error, it's an MMS message
+ // That JSON is Base64-encoded by the MMS because the Monero epee JSON serializer does not escape anything and happily
+ // includes even 0 (NUL) in strings, which might confuse Bitmessage or at least display confusingly in the client.
+ // There is yet another Base64-encoding of course as part of the Bitmessage API for the message body parameter
+ // The Bitmessage API call "getAllInboxMessages" gives back a JSON array with all the messages (despite using
+ // XML-RPC for the calls, and not JSON-RPC ...)
+ m_run.store(true, std::memory_order_relaxed);
+ std::string request;
+ start_xml_rpc_cmd(request, "getAllInboxMessages");
+ end_xml_rpc_cmd(request);
+ std::string answer;
+ post_request(request, answer);
+
+ std::string json = get_str_between_tags(answer, "<string>", "</string>");
+ bitmessage_rpc::inbox_messages_response bitmessage_res;
+ epee::serialization::load_t_from_json(bitmessage_res, json);
+ size_t size = bitmessage_res.inboxMessages.size();
+ messages.clear();
+
+ for (size_t i = 0; i < size; ++i)
+ {
+ if (!m_run.load(std::memory_order_relaxed))
+ {
+ // Stop was called, don't waste time processing any more messages
+ return false;
+ }
+ const bitmessage_rpc::message_info &message_info = bitmessage_res.inboxMessages[i];
+ if (std::find(destination_transport_addresses.begin(), destination_transport_addresses.end(), message_info.toAddress) != destination_transport_addresses.end())
+ {
+ transport_message message;
+ bool is_mms_message = false;
+ try
+ {
+ // First Base64-decoding: The message body is Base64 in the Bitmessage API
+ std::string message_body = epee::string_encoding::base64_decode(message_info.message);
+ // Second Base64-decoding: The MMS uses Base64 to hide non-textual data in its JSON from Bitmessage
+ json = epee::string_encoding::base64_decode(message_body);
+ epee::serialization::load_t_from_json(message, json);
+ is_mms_message = true;
+ }
+ catch(const std::exception& e)
+ {
+ }
+ if (is_mms_message)
+ {
+ message.transport_id = message_info.msgid;
+ messages.push_back(message);
+ }
+ }
+ }
+
+ return true;
+}
+
+bool message_transporter::send_message(const transport_message &message)
+{
+ // <toAddress> <fromAddress> <subject> <message> [encodingType [TTL]]
+ std::string request;
+ start_xml_rpc_cmd(request, "sendMessage");
+ add_xml_rpc_string_param(request, message.destination_transport_address);
+ add_xml_rpc_string_param(request, message.source_transport_address);
+ add_xml_rpc_base64_param(request, message.subject);
+ std::string json = epee::serialization::store_t_to_json(message);
+ std::string message_body = epee::string_encoding::base64_encode(json); // See comment in "receive_message" about reason for (double-)Base64 encoding
+ add_xml_rpc_base64_param(request, message_body);
+ add_xml_rpc_integer_param(request, 2);
+ end_xml_rpc_cmd(request);
+ std::string answer;
+ post_request(request, answer);
+ return true;
+}
+
+bool message_transporter::delete_message(const std::string &transport_id)
+{
+ std::string request;
+ start_xml_rpc_cmd(request, "trashMessage");
+ add_xml_rpc_string_param(request, transport_id);
+ end_xml_rpc_cmd(request);
+ std::string answer;
+ post_request(request, answer);
+ return true;
+}
+
+// Deterministically derive a transport / Bitmessage address from 'seed' (the 10-hex-digits
+// auto-config token will be used), but do not set it up for receiving in PyBitmessage as
+// well, because it's possible the address will only ever be used to SEND auto-config data
+std::string message_transporter::derive_transport_address(const std::string &seed)
+{
+ std::string request;
+ start_xml_rpc_cmd(request, "getDeterministicAddress");
+ add_xml_rpc_base64_param(request, seed);
+ add_xml_rpc_integer_param(request, 4); // addressVersionNumber
+ add_xml_rpc_integer_param(request, 1); // streamNumber
+ end_xml_rpc_cmd(request);
+ std::string answer;
+ post_request(request, answer);
+ std::string address = get_str_between_tags(answer, "<string>", "</string>");
+ return address;
+}
+
+// Derive a transport address and configure it for receiving in PyBitmessage, typically
+// for receiving auto-config messages by the wallet of the auto-config organizer
+std::string message_transporter::derive_and_receive_transport_address(const std::string &seed)
+{
+ // We need to call both "get_deterministic_address" AND "createDeterministicAddresses"
+ // because we won't get back the address from the latter call if it exists already
+ std::string address = derive_transport_address(seed);
+
+ std::string request;
+ start_xml_rpc_cmd(request, "createDeterministicAddresses");
+ add_xml_rpc_base64_param(request, seed);
+ add_xml_rpc_integer_param(request, 1); // numberOfAddresses
+ add_xml_rpc_integer_param(request, 4); // addressVersionNumber
+ end_xml_rpc_cmd(request);
+ std::string answer;
+ post_request(request, answer);
+
+ return address;
+}
+
+bool message_transporter::delete_transport_address(const std::string &transport_address)
+{
+ std::string request;
+ start_xml_rpc_cmd(request, "deleteAddress");
+ add_xml_rpc_string_param(request, transport_address);
+ end_xml_rpc_cmd(request);
+ std::string answer;
+ return post_request(request, answer);
+}
+
+bool message_transporter::post_request(const std::string &request, std::string &answer)
+{
+ // Somehow things do not work out if one tries to connect "m_http_client" to Bitmessage
+ // and keep it connected over the course of several calls. But with a new connection per
+ // call and disconnecting after the call there is no problem (despite perhaps a small
+ // slowdown)
+ epee::net_utils::http::fields_list additional_params;
+
+ // Basic access authentication according to RFC 7617 (which the epee HTTP classes do not seem to support?)
+ // "m_bitmessage_login" just contains what is needed here, "user:password"
+ std::string auth_string = epee::string_encoding::base64_encode((const unsigned char*)m_bitmessage_login.data(), m_bitmessage_login.size());
+ auth_string.insert(0, "Basic ");
+ additional_params.push_back(std::make_pair("Authorization", auth_string));
+
+ additional_params.push_back(std::make_pair("Content-Type", "application/xml; charset=utf-8"));
+ const epee::net_utils::http::http_response_info* response = NULL;
+ std::chrono::milliseconds timeout = std::chrono::seconds(15);
+ bool r = m_http_client.invoke("/", "POST", request, timeout, std::addressof(response), std::move(additional_params));
+ if (r)
+ {
+ answer = response->m_body;
+ }
+ else
+ {
+ LOG_ERROR("POST request to Bitmessage failed: " << request.substr(0, 300));
+ THROW_WALLET_EXCEPTION(tools::error::no_connection_to_bitmessage, m_bitmessage_url);
+ }
+ m_http_client.disconnect(); // see comment above
+ std::string string_value = get_str_between_tags(answer, "<string>", "</string>");
+ if ((string_value.find("API Error") == 0) || (string_value.find("RPC ") == 0))
+ {
+ THROW_WALLET_EXCEPTION(tools::error::bitmessage_api_error, string_value);
+ }
+
+ return r;
+}
+
+// Pick some string between two delimiters
+// When parsing the XML returned by PyBitmessage, don't bother to fully parse it but as a little hack rely on the
+// fact that e.g. a single string returned will be, however deeply nested in "<params><param><value>...", delivered
+// between the very first "<string>" and "</string>" tags to be found in the XML
+std::string message_transporter::get_str_between_tags(const std::string &s, const std::string &start_delim, const std::string &stop_delim)
+{
+ size_t first_delim_pos = s.find(start_delim);
+ if (first_delim_pos != std::string::npos)
+ {
+ size_t end_pos_of_first_delim = first_delim_pos + start_delim.length();
+ size_t last_delim_pos = s.find(stop_delim);
+ if (last_delim_pos != std::string::npos)
+ {
+ return s.substr(end_pos_of_first_delim, last_delim_pos - end_pos_of_first_delim);
+ }
+ }
+ return std::string();
+}
+
+void message_transporter::start_xml_rpc_cmd(std::string &xml, const std::string &method_name)
+{
+ xml = (boost::format("<?xml version=\"1.0\"?><methodCall><methodName>%s</methodName><params>") % method_name).str();
+}
+
+void message_transporter::add_xml_rpc_string_param(std::string &xml, const std::string &param)
+{
+ xml += (boost::format("<param><value><string>%s</string></value></param>") % param).str();
+}
+
+void message_transporter::add_xml_rpc_base64_param(std::string &xml, const std::string &param)
+{
+ // Bitmessage expects some arguments Base64-encoded, but it wants them as parameters of type "string", not "base64" that is also part of XML-RPC
+ std::string encoded_param = epee::string_encoding::base64_encode(param);
+ xml += (boost::format("<param><value><string>%s</string></value></param>") % encoded_param).str();
+}
+
+void message_transporter::add_xml_rpc_integer_param(std::string &xml, const int32_t &param)
+{
+ xml += (boost::format("<param><value><int>%i</int></value></param>") % param).str();
+}
+
+void message_transporter::end_xml_rpc_cmd(std::string &xml)
+{
+ xml += "</params></methodCall>";
+}
+
+}
diff --git a/src/wallet/message_transporter.h b/src/wallet/message_transporter.h
new file mode 100644
index 000000000..8291311ce
--- /dev/null
+++ b/src/wallet/message_transporter.h
@@ -0,0 +1,113 @@
+// Copyright (c) 2018, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+#include "serialization/keyvalue_serialization.h"
+#include "cryptonote_basic/cryptonote_basic.h"
+#include "cryptonote_basic/cryptonote_boost_serialization.h"
+#include "cryptonote_basic/account_boost_serialization.h"
+#include "cryptonote_basic/cryptonote_basic.h"
+#include "net/http_server_impl_base.h"
+#include "net/http_client.h"
+#include "common/util.h"
+#include "wipeable_string.h"
+#include "serialization/keyvalue_serialization.h"
+#include <vector>
+
+namespace mms
+{
+
+struct transport_message
+{
+ cryptonote::account_public_address source_monero_address;
+ std::string source_transport_address;
+ cryptonote::account_public_address destination_monero_address;
+ std::string destination_transport_address;
+ crypto::chacha_iv iv;
+ crypto::public_key encryption_public_key;
+ uint64_t timestamp;
+ uint32_t type;
+ std::string subject;
+ std::string content;
+ crypto::hash hash;
+ crypto::signature signature;
+ uint32_t round;
+ uint32_t signature_count;
+ std::string transport_id;
+
+ BEGIN_KV_SERIALIZE_MAP()
+ KV_SERIALIZE(source_monero_address)
+ KV_SERIALIZE(source_transport_address)
+ KV_SERIALIZE(destination_monero_address)
+ KV_SERIALIZE(destination_transport_address)
+ KV_SERIALIZE_VAL_POD_AS_BLOB(iv)
+ KV_SERIALIZE_VAL_POD_AS_BLOB(encryption_public_key)
+ KV_SERIALIZE(timestamp)
+ KV_SERIALIZE(type)
+ KV_SERIALIZE(subject)
+ KV_SERIALIZE(content)
+ KV_SERIALIZE_VAL_POD_AS_BLOB(hash)
+ KV_SERIALIZE_VAL_POD_AS_BLOB(signature)
+ KV_SERIALIZE(round)
+ KV_SERIALIZE(signature_count)
+ KV_SERIALIZE(transport_id)
+ END_KV_SERIALIZE_MAP()
+};
+
+class message_transporter
+{
+public:
+ message_transporter();
+ void set_options(const std::string &bitmessage_address, const epee::wipeable_string &bitmessage_login);
+ bool send_message(const transport_message &message);
+ bool receive_messages(const std::vector<std::string> &destination_transport_addresses,
+ std::vector<transport_message> &messages);
+ bool delete_message(const std::string &transport_id);
+ void stop() { m_run.store(false, std::memory_order_relaxed); }
+ std::string derive_transport_address(const std::string &seed);
+ std::string derive_and_receive_transport_address(const std::string &seed);
+ bool delete_transport_address(const std::string &transport_address);
+
+private:
+ epee::net_utils::http::http_simple_client m_http_client;
+ std::string m_bitmessage_url;
+ epee::wipeable_string m_bitmessage_login;
+ std::atomic<bool> m_run;
+
+ bool post_request(const std::string &request, std::string &answer);
+ static std::string get_str_between_tags(const std::string &s, const std::string &start_delim, const std::string &stop_delim);
+
+ static void start_xml_rpc_cmd(std::string &xml, const std::string &method_name);
+ static void add_xml_rpc_string_param(std::string &xml, const std::string &param);
+ static void add_xml_rpc_base64_param(std::string &xml, const std::string &param);
+ static void add_xml_rpc_integer_param(std::string &xml, const int32_t &param);
+ static void end_xml_rpc_cmd(std::string &xml);
+
+};
+
+}
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 498addad5..0d2faca54 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -222,10 +222,11 @@ struct options {
};
const command_line::arg_descriptor<uint64_t> kdf_rounds = {"kdf-rounds", tools::wallet2::tr("Number of rounds for the key derivation function"), 1};
const command_line::arg_descriptor<std::string> hw_device = {"hw-device", tools::wallet2::tr("HW device to use"), ""};
+ const command_line::arg_descriptor<std::string> hw_device_derivation_path = {"hw-device-deriv-path", tools::wallet2::tr("HW device wallet derivation path (e.g., SLIP-10)"), ""};
const command_line::arg_descriptor<std::string> tx_notify = { "tx-notify" , "Run a program for each new incoming transaction, '%s' will be replaced by the transaction hash" , "" };
};
-void do_prepare_file_names(const std::string& file_path, std::string& keys_file, std::string& wallet_file)
+void do_prepare_file_names(const std::string& file_path, std::string& keys_file, std::string& wallet_file, std::string &mms_file)
{
keys_file = file_path;
wallet_file = file_path;
@@ -237,6 +238,7 @@ void do_prepare_file_names(const std::string& file_path, std::string& keys_file,
{//provided wallet file name
keys_file += ".keys";
}
+ mms_file = file_path + ".mms";
}
uint64_t calculate_fee(uint64_t fee_per_kb, size_t bytes, uint64_t fee_multiplier)
@@ -274,6 +276,7 @@ std::unique_ptr<tools::wallet2> make_basic(const boost::program_options::variabl
auto daemon_host = command_line::get_arg(vm, opts.daemon_host);
auto daemon_port = command_line::get_arg(vm, opts.daemon_port);
auto device_name = command_line::get_arg(vm, opts.hw_device);
+ auto device_derivation_path = command_line::get_arg(vm, opts.hw_device_derivation_path);
THROW_WALLET_EXCEPTION_IF(!daemon_address.empty() && !daemon_host.empty() && 0 != daemon_port,
tools::error::wallet_internal_error, tools::wallet2::tr("can't specify daemon host or port more than once"));
@@ -328,7 +331,9 @@ std::unique_ptr<tools::wallet2> make_basic(const boost::program_options::variabl
wallet->init(std::move(daemon_address), std::move(login), 0, false, *trusted_daemon);
boost::filesystem::path ringdb_path = command_line::get_arg(vm, opts.shared_ringdb_dir);
wallet->set_ring_database(ringdb_path.string());
+ wallet->get_message_store().set_options(vm);
wallet->device_name(device_name);
+ wallet->device_derivation_path(device_derivation_path);
try
{
@@ -838,6 +843,24 @@ wallet_keys_unlocker::~wallet_keys_unlocker()
}
}
+void wallet_device_callback::on_button_request()
+{
+ if (wallet)
+ wallet->on_button_request();
+}
+
+void wallet_device_callback::on_pin_request(epee::wipeable_string & pin)
+{
+ if (wallet)
+ wallet->on_pin_request(pin);
+}
+
+void wallet_device_callback::on_passphrase_request(bool on_device, epee::wipeable_string & passphrase)
+{
+ if (wallet)
+ wallet->on_passphrase_request(on_device, passphrase);
+}
+
wallet2::wallet2(network_type nettype, uint64_t kdf_rounds, bool unattended):
m_multisig_rescan_info(NULL),
m_multisig_rescan_k(NULL),
@@ -886,12 +909,15 @@ wallet2::wallet2(network_type nettype, uint64_t kdf_rounds, bool unattended):
m_light_wallet_connected(false),
m_light_wallet_balance(0),
m_light_wallet_unlocked_balance(0),
+ m_original_keys_available(false),
+ m_message_store(),
m_key_device_type(hw::device::device_type::SOFTWARE),
m_ring_history_saved(false),
m_ringdb(),
m_last_block_reward(0),
m_encrypt_keys_after_refresh(boost::none),
- m_unattended(unattended)
+ m_unattended(unattended),
+ m_device_last_key_image_sync(0)
{
}
@@ -914,6 +940,11 @@ std::string wallet2::device_name_option(const boost::program_options::variables_
return command_line::get_arg(vm, options().hw_device);
}
+std::string wallet2::device_derivation_path_option(const boost::program_options::variables_map &vm)
+{
+ return command_line::get_arg(vm, options().hw_device_derivation_path);
+}
+
void wallet2::init_options(boost::program_options::options_description& desc_params)
{
const options opts{};
@@ -929,7 +960,9 @@ void wallet2::init_options(boost::program_options::options_description& desc_par
command_line::add_arg(desc_params, opts.stagenet);
command_line::add_arg(desc_params, opts.shared_ringdb_dir);
command_line::add_arg(desc_params, opts.kdf_rounds);
+ mms::message_store::init_options(desc_params);
command_line::add_arg(desc_params, opts.hw_device);
+ command_line::add_arg(desc_params, opts.hw_device_derivation_path);
command_line::add_arg(desc_params, opts.tx_notify);
}
@@ -949,7 +982,7 @@ std::pair<std::unique_ptr<wallet2>, password_container> wallet2::make_from_file(
return {nullptr, password_container{}};
}
auto wallet = make_basic(vm, unattended, opts, password_prompter);
- if (wallet)
+ if (wallet && !wallet_file.empty())
{
wallet->load(wallet_file, pwd->password());
}
@@ -1091,15 +1124,17 @@ bool wallet2::reconnect_device()
hw::device &hwdev = lookup_device(m_device_name);
hwdev.set_name(m_device_name);
hwdev.set_network_type(m_nettype);
+ hwdev.set_derivation_path(m_device_derivation_path);
+ hwdev.set_callback(get_device_callback());
r = hwdev.init();
if (!r){
- LOG_PRINT_L2("Could not init device");
+ MERROR("Could not init device");
return false;
}
r = hwdev.connect();
if (!r){
- LOG_PRINT_L2("Could not connect to the device");
+ MERROR("Could not connect to the device");
return false;
}
@@ -1376,14 +1411,12 @@ void wallet2::scan_output(const cryptonote::transaction &tx, const crypto::publi
//----------------------------------------------------------------------------------------------------
void wallet2::cache_tx_data(const cryptonote::transaction& tx, const crypto::hash &txid, tx_cache_data &tx_cache_data) const
{
- const cryptonote::account_keys& keys = m_account.get_keys();
-
if(!parse_tx_extra(tx.extra, tx_cache_data.tx_extra_fields))
{
// Extra may only be partially parsed, it's OK if tx_extra_fields contains public key
LOG_PRINT_L0("Transaction extra has unsupported format: " << txid);
- tx_cache_data.tx_extra_fields.clear();
- return;
+ if (tx_cache_data.tx_extra_fields.empty())
+ return;
}
// Don't try to extract tx public key if tx has no ouputs
@@ -2169,7 +2202,7 @@ void wallet2::process_parsed_blocks(uint64_t start_height, const std::vector<cry
{
THROW_WALLET_EXCEPTION_IF(txidx >= tx_cache_data.size(), error::wallet_internal_error, "txidx out of range");
const size_t n_vouts = m_refresh_type == RefreshType::RefreshOptimizeCoinbase ? 1 : parsed_blocks[i].block.miner_tx.vout.size();
- tpool.submit(&waiter, [&, i, txidx](){ geniod(parsed_blocks[i].block.miner_tx, n_vouts, txidx); }, true);
+ tpool.submit(&waiter, [&, i, n_vouts, txidx](){ geniod(parsed_blocks[i].block.miner_tx, n_vouts, txidx); }, true);
}
++txidx;
for (size_t j = 0; j < parsed_blocks[i].txes.size(); ++j)
@@ -3000,6 +3033,7 @@ bool wallet2::clear()
m_subaddresses.clear();
m_subaddress_labels.clear();
m_multisig_rounds_passed = 0;
+ m_device_last_key_image_sync = 0;
return true;
}
@@ -3155,12 +3189,30 @@ bool wallet2::store_keys(const std::string& keys_file_name, const epee::wipeable
value2.SetUint(m_subaddress_lookahead_minor);
json.AddMember("subaddress_lookahead_minor", value2, json.GetAllocator());
+ value2.SetInt(m_original_keys_available ? 1 : 0);
+ json.AddMember("original_keys_available", value2, json.GetAllocator());
+
value2.SetUint(1);
json.AddMember("encrypted_secret_keys", value2, json.GetAllocator());
value.SetString(m_device_name.c_str(), m_device_name.size());
json.AddMember("device_name", value, json.GetAllocator());
+ value.SetString(m_device_derivation_path.c_str(), m_device_derivation_path.size());
+ json.AddMember("device_derivation_path", value, json.GetAllocator());
+
+ std::string original_address;
+ std::string original_view_secret_key;
+ if (m_original_keys_available)
+ {
+ original_address = get_account_address_as_str(m_nettype, false, m_original_address);
+ value.SetString(original_address.c_str(), original_address.length());
+ json.AddMember("original_address", value, json.GetAllocator());
+ original_view_secret_key = epee::string_tools::pod_to_hex(m_original_view_secret_key);
+ value.SetString(original_view_secret_key.c_str(), original_view_secret_key.length());
+ json.AddMember("original_view_secret_key", value, json.GetAllocator());
+ }
+
// Serialize the JSON object
rapidjson::StringBuffer buffer;
rapidjson::Writer<rapidjson::StringBuffer> writer(buffer);
@@ -3279,7 +3331,9 @@ bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_
m_ignore_fractional_outputs = true;
m_subaddress_lookahead_major = SUBADDRESS_LOOKAHEAD_MAJOR;
m_subaddress_lookahead_minor = SUBADDRESS_LOOKAHEAD_MINOR;
+ m_original_keys_available = false;
m_device_name = "";
+ m_device_derivation_path = "";
m_key_device_type = hw::device::device_type::SOFTWARE;
encrypted_secret_keys = false;
}
@@ -3447,6 +3501,38 @@ bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_
m_device_name = m_key_device_type == hw::device::device_type::LEDGER ? "Ledger" : "default";
}
}
+
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, device_derivation_path, std::string, String, false, std::string());
+ m_device_derivation_path = field_device_derivation_path;
+
+ if (json.HasMember("original_keys_available"))
+ {
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, original_keys_available, int, Int, false, false);
+ m_original_keys_available = field_original_keys_available;
+ if (m_original_keys_available)
+ {
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, original_address, std::string, String, true, std::string());
+ address_parse_info info;
+ bool ok = get_account_address_from_str(info, m_nettype, field_original_address);
+ if (!ok)
+ {
+ LOG_ERROR("Failed to parse original_address from JSON");
+ return false;
+ }
+ m_original_address = info.address;
+ GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, original_view_secret_key, std::string, String, true, std::string());
+ ok = epee::string_tools::hex_to_pod(field_original_view_secret_key, m_original_view_secret_key);
+ if (!ok)
+ {
+ LOG_ERROR("Failed to parse original_view_secret_key from JSON");
+ return false;
+ }
+ }
+ }
+ else
+ {
+ m_original_keys_available = false;
+ }
}
else
{
@@ -3461,6 +3547,8 @@ bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_
hw::device &hwdev = lookup_device(m_device_name);
THROW_WALLET_EXCEPTION_IF(!hwdev.set_name(m_device_name), error::wallet_internal_error, "Could not set device name " + m_device_name);
hwdev.set_network_type(m_nettype);
+ hwdev.set_derivation_path(m_device_derivation_path);
+ hwdev.set_callback(get_device_callback());
THROW_WALLET_EXCEPTION_IF(!hwdev.init(), error::wallet_internal_error, "Could not initialize the device " + m_device_name);
THROW_WALLET_EXCEPTION_IF(!hwdev.connect(), error::wallet_internal_error, "Could not connect to the device " + m_device_name);
m_account.set_device(hwdev);
@@ -3771,6 +3859,10 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
m_key_device_type = hw::device::device_type::SOFTWARE;
setup_keys(password);
+ // Not possible to restore a multisig wallet that is able to activate the MMS
+ // (because the original keys are not (yet) part of the restore info)
+ m_original_keys_available = false;
+
create_keys_file(wallet_, false, password, m_nettype != MAINNET || create_address_file);
setup_new_blockchain();
@@ -3808,6 +3900,7 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wip
m_multisig = false;
m_multisig_threshold = 0;
m_multisig_signers.clear();
+ m_original_keys_available = false;
m_key_device_type = hw::device::device_type::SOFTWARE;
setup_keys(password);
@@ -3896,6 +3989,7 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
m_multisig = false;
m_multisig_threshold = 0;
m_multisig_signers.clear();
+ m_original_keys_available = false;
m_key_device_type = hw::device::device_type::SOFTWARE;
setup_keys(password);
@@ -3936,6 +4030,7 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
m_multisig = false;
m_multisig_threshold = 0;
m_multisig_signers.clear();
+ m_original_keys_available = false;
m_key_device_type = hw::device::device_type::SOFTWARE;
setup_keys(password);
@@ -3967,6 +4062,8 @@ void wallet2::restore(const std::string& wallet_, const epee::wipeable_string& p
auto &hwdev = lookup_device(device_name);
hwdev.set_name(device_name);
hwdev.set_network_type(m_nettype);
+ hwdev.set_derivation_path(m_device_derivation_path);
+ hwdev.set_callback(get_device_callback());
m_account.create_from_device(hwdev);
m_key_device_type = m_account.get_device().get_type();
@@ -3975,6 +4072,7 @@ void wallet2::restore(const std::string& wallet_, const epee::wipeable_string& p
m_multisig = false;
m_multisig_threshold = 0;
m_multisig_signers.clear();
+ m_original_keys_available = false;
setup_keys(password);
m_device_name = device_name;
@@ -4087,6 +4185,15 @@ std::string wallet2::make_multisig(const epee::wipeable_string &password,
m_multisig_derivations = derivations;
}
}
+
+ if (!m_original_keys_available)
+ {
+ // Save the original i.e. non-multisig keys so the MMS can continue to use them to encrypt and decrypt messages
+ // (making a wallet multisig overwrites those keys, see account_base::make_multisig)
+ m_original_address = m_account.get_keys().m_account_address;
+ m_original_view_secret_key = m_account.get_keys().m_view_secret_key;
+ m_original_keys_available = true;
+ }
clear();
MINFO("Creating view key...");
@@ -4314,7 +4421,7 @@ std::string wallet2::make_multisig(const epee::wipeable_string &password,
return make_multisig(password, secret_keys, public_keys, threshold);
}
-bool wallet2::finalize_multisig(const epee::wipeable_string &password, std::unordered_set<crypto::public_key> pkeys, std::vector<crypto::public_key> signers)
+bool wallet2::finalize_multisig(const epee::wipeable_string &password, const std::unordered_set<crypto::public_key> &pkeys, std::vector<crypto::public_key> signers)
{
exchange_multisig_keys(password, pkeys, signers);
return true;
@@ -4520,8 +4627,8 @@ void wallet2::write_watch_only_wallet(const std::string& wallet_name, const epee
//----------------------------------------------------------------------------------------------------
void wallet2::wallet_exists(const std::string& file_path, bool& keys_file_exists, bool& wallet_file_exists)
{
- std::string keys_file, wallet_file;
- do_prepare_file_names(file_path, keys_file, wallet_file);
+ std::string keys_file, wallet_file, mms_file;
+ do_prepare_file_names(file_path, keys_file, wallet_file, mms_file);
boost::system::error_code ignore;
keys_file_exists = boost::filesystem::exists(keys_file, ignore);
@@ -4575,7 +4682,7 @@ bool wallet2::parse_payment_id(const std::string& payment_id_str, crypto::hash&
//----------------------------------------------------------------------------------------------------
bool wallet2::prepare_file_names(const std::string& file_path)
{
- do_prepare_file_names(file_path, m_keys_file, m_wallet_file);
+ do_prepare_file_names(file_path, m_keys_file, m_wallet_file, m_mms_file);
return true;
}
//----------------------------------------------------------------------------------------------------
@@ -4768,6 +4875,8 @@ void wallet2::load(const std::string& wallet_, const epee::wipeable_string& pass
{
MERROR("Failed to save rings, will try again next time");
}
+
+ m_message_store.read_from_file(get_multisig_wallet_state(), m_mms_file);
}
//----------------------------------------------------------------------------------------------------
void wallet2::trim_hashchain()
@@ -4873,6 +4982,7 @@ void wallet2::store_to(const std::string &path, const epee::wipeable_string &pas
const std::string old_file = m_wallet_file;
const std::string old_keys_file = m_keys_file;
const std::string old_address_file = m_wallet_file + ".address.txt";
+ const std::string old_mms_file = m_mms_file;
// save keys to the new file
// if we here, main wallet file is saved and we only need to save keys and address files
@@ -4902,6 +5012,14 @@ void wallet2::store_to(const std::string &path, const epee::wipeable_string &pas
if (!r) {
LOG_ERROR("error removing file: " << old_address_file);
}
+ // remove old message store file
+ if (boost::filesystem::exists(old_mms_file))
+ {
+ r = boost::filesystem::remove(old_mms_file);
+ if (!r) {
+ LOG_ERROR("error removing file: " << old_mms_file);
+ }
+ }
} else {
// save to new file
#ifdef WIN32
@@ -4927,6 +5045,14 @@ void wallet2::store_to(const std::string &path, const epee::wipeable_string &pas
std::error_code e = tools::replace_file(new_file, m_wallet_file);
THROW_WALLET_EXCEPTION_IF(e, error::file_save_error, m_wallet_file, e);
}
+
+ if (m_message_store.get_active())
+ {
+ // While the "m_message_store" object of course always exist, a file for the message
+ // store should only exist if the MMS is really active
+ m_message_store.write_to_file(get_multisig_wallet_state(), m_mms_file);
+ }
+
}
//----------------------------------------------------------------------------------------------------
uint64_t wallet2::balance(uint32_t index_major) const
@@ -8154,7 +8280,6 @@ void wallet2::light_wallet_get_address_txs()
// for balance calculation
uint64_t wallet_total_sent = 0;
- uint64_t wallet_total_unlocked_sent = 0;
// txs in pool
std::vector<crypto::hash> pool_txs;
@@ -9241,9 +9366,7 @@ void wallet2::cold_sign_tx(const std::vector<pending_tx>& ptx_vector, signed_tx_
//----------------------------------------------------------------------------------------------------
uint64_t wallet2::cold_key_image_sync(uint64_t &spent, uint64_t &unspent) {
auto & hwdev = get_account().get_device();
- if (!hwdev.has_ki_cold_sync()){
- throw std::invalid_argument("Device does not support cold ki sync protocol");
- }
+ CHECK_AND_ASSERT_THROW_MES(hwdev.has_ki_cold_sync(), "Device does not support cold ki sync protocol");
auto dev_cold = dynamic_cast<::hw::device_cold*>(&hwdev);
CHECK_AND_ASSERT_THROW_MES(dev_cold, "Device does not implement cold signing interface");
@@ -9254,7 +9377,11 @@ uint64_t wallet2::cold_key_image_sync(uint64_t &spent, uint64_t &unspent) {
dev_cold->ki_sync(&wallet_shim, m_transfers, ski);
- return import_key_images(ski, 0, spent, unspent);
+ // Call COMMAND_RPC_IS_KEY_IMAGE_SPENT only if daemon is trusted.
+ uint64_t import_res = import_key_images(ski, 0, spent, unspent, is_trusted_daemon());
+ m_device_last_key_image_sync = time(NULL);
+
+ return import_res;
}
//----------------------------------------------------------------------------------------------------
void wallet2::get_hard_fork_info(uint8_t version, uint64_t &earliest_height) const
@@ -10469,7 +10596,7 @@ const std::pair<std::map<std::string, std::string>, std::vector<std::string>>& w
return m_account_tags;
}
-void wallet2::set_account_tag(const std::set<uint32_t> account_indices, const std::string& tag)
+void wallet2::set_account_tag(const std::set<uint32_t> &account_indices, const std::string& tag)
{
for (uint32_t account_index : account_indices)
{
@@ -11377,7 +11504,6 @@ cryptonote::blobdata wallet2::export_multisig()
for (size_t n = 0; n < m_transfers.size(); ++n)
{
transfer_details &td = m_transfers[n];
- const std::vector<crypto::public_key> additional_tx_pub_keys = get_additional_tx_pub_keys_from_extra(td.m_tx);
crypto::key_image ki;
td.m_multisig_k.clear();
info[n].m_LR.clear();
@@ -11409,7 +11535,6 @@ cryptonote::blobdata wallet2::export_multisig()
boost::archive::portable_binary_oarchive ar(oss);
ar << info;
- std::string magic(MULTISIG_EXPORT_FILE_MAGIC, strlen(MULTISIG_EXPORT_FILE_MAGIC));
const cryptonote::account_public_address &keys = get_account().get_keys().m_account_address;
std::string header;
header += std::string((const char *)&keys.m_spend_public_key, sizeof(crypto::public_key));
@@ -11990,4 +12115,52 @@ uint64_t wallet2::get_segregation_fork_height() const
void wallet2::generate_genesis(cryptonote::block& b) const {
cryptonote::generate_genesis_block(b, get_config(m_nettype).GENESIS_TX, get_config(m_nettype).GENESIS_NONCE);
}
+//----------------------------------------------------------------------------------------------------
+mms::multisig_wallet_state wallet2::get_multisig_wallet_state() const
+{
+ mms::multisig_wallet_state state;
+ state.nettype = m_nettype;
+ state.multisig = multisig(&state.multisig_is_ready);
+ state.has_multisig_partial_key_images = has_multisig_partial_key_images();
+ state.multisig_rounds_passed = m_multisig_rounds_passed;
+ state.num_transfer_details = m_transfers.size();
+ if (state.multisig)
+ {
+ THROW_WALLET_EXCEPTION_IF(!m_original_keys_available, error::wallet_internal_error, "MMS use not possible because own original Monero address not available");
+ state.address = m_original_address;
+ state.view_secret_key = m_original_view_secret_key;
+ }
+ else
+ {
+ state.address = m_account.get_keys().m_account_address;
+ state.view_secret_key = m_account.get_keys().m_view_secret_key;
+ }
+ state.mms_file=m_mms_file;
+ return state;
+}
+//----------------------------------------------------------------------------------------------------
+wallet_device_callback * wallet2::get_device_callback()
+{
+ if (!m_device_callback){
+ m_device_callback.reset(new wallet_device_callback(this));
+ }
+ return m_device_callback.get();
+}//----------------------------------------------------------------------------------------------------
+void wallet2::on_button_request()
+{
+ if (0 != m_callback)
+ m_callback->on_button_request();
+}
+//----------------------------------------------------------------------------------------------------
+void wallet2::on_pin_request(epee::wipeable_string & pin)
+{
+ if (0 != m_callback)
+ m_callback->on_pin_request(pin);
+}
+//----------------------------------------------------------------------------------------------------
+void wallet2::on_passphrase_request(bool on_device, epee::wipeable_string & passphrase)
+{
+ if (0 != m_callback)
+ m_callback->on_passphrase_request(on_device, passphrase);
+}
}
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index 0ba8e4c7d..ace01a235 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -61,6 +61,7 @@
#include "wallet_errors.h"
#include "common/password.h"
#include "node_rpc_proxy.h"
+#include "message_store.h"
#undef MONERO_DEFAULT_LOG_CATEGORY
#define MONERO_DEFAULT_LOG_CATEGORY "wallet.wallet2"
@@ -100,11 +101,26 @@ namespace tools
virtual void on_lw_money_received(uint64_t height, const crypto::hash &txid, uint64_t amount) {}
virtual void on_lw_unconfirmed_money_received(uint64_t height, const crypto::hash &txid, uint64_t amount) {}
virtual void on_lw_money_spent(uint64_t height, const crypto::hash &txid, uint64_t amount) {}
+ // Device callbacks
+ virtual void on_button_request() {}
+ virtual void on_pin_request(epee::wipeable_string & pin) {}
+ virtual void on_passphrase_request(bool on_device, epee::wipeable_string & passphrase) {}
// Common callbacks
virtual void on_pool_tx_removed(const crypto::hash &txid) {}
virtual ~i_wallet2_callback() {}
};
+ class wallet_device_callback : public hw::i_device_callback
+ {
+ public:
+ wallet_device_callback(wallet2 * wallet): wallet(wallet) {};
+ void on_button_request() override;
+ void on_pin_request(epee::wipeable_string & pin) override;
+ void on_passphrase_request(bool on_device, epee::wipeable_string & passphrase) override;
+ private:
+ wallet2 * wallet;
+ };
+
struct tx_dust_policy
{
uint64_t dust_threshold;
@@ -156,6 +172,7 @@ namespace tools
{
friend class ::Serialization_portability_wallet_Test;
friend class wallet_keys_unlocker;
+ friend class wallet_device_callback;
public:
static constexpr const std::chrono::seconds rpc_timeout = std::chrono::minutes(3) + std::chrono::seconds(30);
@@ -177,6 +194,7 @@ namespace tools
static bool has_testnet_option(const boost::program_options::variables_map& vm);
static bool has_stagenet_option(const boost::program_options::variables_map& vm);
static std::string device_name_option(const boost::program_options::variables_map& vm);
+ static std::string device_derivation_path_option(const boost::program_options::variables_map &vm);
static void init_options(boost::program_options::options_description& desc_params);
//! Uses stdin and stdout. Returns a wallet2 if no errors.
@@ -594,7 +612,7 @@ namespace tools
/*!
* \brief Finalizes creation of a multisig wallet
*/
- bool finalize_multisig(const epee::wipeable_string &password, std::unordered_set<crypto::public_key> pkeys, std::vector<crypto::public_key> signers);
+ bool finalize_multisig(const epee::wipeable_string &password, const std::unordered_set<crypto::public_key> &pkeys, std::vector<crypto::public_key> signers);
/*!
* Get a packaged multisig information string
*/
@@ -657,7 +675,7 @@ namespace tools
bool init(std::string daemon_address = "http://localhost:8080",
boost::optional<epee::net_utils::http::login> daemon_login = boost::none, uint64_t upper_transaction_weight_limit = 0, bool ssl = false, bool trusted_daemon = false);
- void stop() { m_run.store(false, std::memory_order_relaxed); }
+ void stop() { m_run.store(false, std::memory_order_relaxed); m_message_store.stop(); }
i_wallet2_callback* callback() const { return m_callback; }
void callback(i_wallet2_callback* callback) { m_callback = callback; }
@@ -795,6 +813,7 @@ namespace tools
bool is_transfer_unlocked(uint64_t unlock_time, uint64_t block_height) const;
uint64_t get_last_block_reward() const { return m_last_block_reward; }
+ uint64_t get_device_last_key_image_sync() const { return m_device_last_key_image_sync; }
template <class t_archive>
inline void serialize(t_archive &a, const unsigned int ver)
@@ -903,6 +922,9 @@ namespace tools
if(ver < 26)
return;
a & m_tx_device;
+ if(ver < 27)
+ return;
+ a & m_device_last_key_image_sync;
}
/*!
@@ -964,6 +986,8 @@ namespace tools
void confirm_non_default_ring_size(bool always) { m_confirm_non_default_ring_size = always; }
const std::string & device_name() const { return m_device_name; }
void device_name(const std::string & device_name) { m_device_name = device_name; }
+ const std::string & device_derivation_path() const { return m_device_derivation_path; }
+ void device_derivation_path(const std::string &device_derivation_path) { m_device_derivation_path = device_derivation_path; }
bool get_tx_key(const crypto::hash &txid, crypto::secret_key &tx_key, std::vector<crypto::secret_key> &additional_tx_keys) const;
void set_tx_key(const crypto::hash &txid, const crypto::secret_key &tx_key, const std::vector<crypto::secret_key> &additional_tx_keys);
@@ -1047,7 +1071,7 @@ namespace tools
* \param account_indices Indices of accounts.
* \param tag Tag's name. If empty, the accounts become untagged.
*/
- void set_account_tag(const std::set<uint32_t> account_indices, const std::string& tag);
+ void set_account_tag(const std::set<uint32_t> &account_indices, const std::string& tag);
/*!
* \brief Set the label of the given tag.
* \param tag Tag's name (which must be non-empty).
@@ -1195,6 +1219,11 @@ namespace tools
bool unblackball_output(const std::pair<uint64_t, uint64_t> &output);
bool is_output_blackballed(const std::pair<uint64_t, uint64_t> &output) const;
+ // MMS -------------------------------------------------------------------------------------------------
+ mms::message_store& get_message_store() { return m_message_store; };
+ const mms::message_store& get_message_store() const { return m_message_store; };
+ mms::multisig_wallet_state get_multisig_wallet_state() const;
+
bool lock_keys_file();
bool unlock_keys_file();
bool is_keys_file_locked() const;
@@ -1287,11 +1316,17 @@ namespace tools
void setup_new_blockchain();
void create_keys_file(const std::string &wallet_, bool watch_only, const epee::wipeable_string &password, bool create_address_file);
+ wallet_device_callback * get_device_callback();
+ void on_button_request();
+ void on_pin_request(epee::wipeable_string & pin);
+ void on_passphrase_request(bool on_device, epee::wipeable_string & passphrase);
+
cryptonote::account_base m_account;
boost::optional<epee::net_utils::http::login> m_daemon_login;
std::string m_daemon_address;
std::string m_wallet_file;
std::string m_keys_file;
+ std::string m_mms_file;
epee::net_utils::http::http_simple_client m_http_client;
hashchain m_blockchain;
std::unordered_map<crypto::hash, unconfirmed_transfer_details> m_unconfirmed_txs;
@@ -1365,6 +1400,8 @@ namespace tools
std::unordered_set<crypto::hash> m_scanned_pool_txs[2];
size_t m_subaddress_lookahead_major, m_subaddress_lookahead_minor;
std::string m_device_name;
+ std::string m_device_derivation_path;
+ uint64_t m_device_last_key_image_sync;
// Aux transaction data from device
std::unordered_map<crypto::hash, std::string> m_tx_device;
@@ -1390,6 +1427,11 @@ namespace tools
uint64_t m_last_block_reward;
std::unique_ptr<tools::file_locker> m_keys_file_locker;
+
+ mms::message_store m_message_store;
+ bool m_original_keys_available;
+ cryptonote::account_public_address m_original_address;
+ crypto::secret_key m_original_view_secret_key;
crypto::chacha_key m_cache_key;
boost::optional<epee::wipeable_string> m_encrypt_keys_after_refresh;
@@ -1398,9 +1440,10 @@ namespace tools
bool m_devices_registered;
std::shared_ptr<tools::Notify> m_tx_notify;
+ std::unique_ptr<wallet_device_callback> m_device_callback;
};
}
-BOOST_CLASS_VERSION(tools::wallet2, 26)
+BOOST_CLASS_VERSION(tools::wallet2, 27)
BOOST_CLASS_VERSION(tools::wallet2::transfer_details, 10)
BOOST_CLASS_VERSION(tools::wallet2::multisig_info, 1)
BOOST_CLASS_VERSION(tools::wallet2::multisig_info::LR, 0)
diff --git a/src/wallet/wallet_errors.h b/src/wallet/wallet_errors.h
index b3141985d..35862bda1 100644
--- a/src/wallet/wallet_errors.h
+++ b/src/wallet/wallet_errors.h
@@ -219,6 +219,14 @@ namespace tools
}
};
//----------------------------------------------------------------------------------------------------
+ struct password_entry_failed : public wallet_runtime_error
+ {
+ explicit password_entry_failed(std::string&& loc, const std::string &msg = "Password entry failed")
+ : wallet_runtime_error(std::move(loc), msg)
+ {
+ }
+ };
+ //----------------------------------------------------------------------------------------------------
const char* const file_error_messages[] = {
"file already exists",
"file not found",
@@ -813,6 +821,31 @@ namespace tools
std::string m_wallet_file;
};
//----------------------------------------------------------------------------------------------------
+ struct mms_error : public wallet_logic_error
+ {
+ protected:
+ explicit mms_error(std::string&& loc, const std::string& message)
+ : wallet_logic_error(std::move(loc), message)
+ {
+ }
+ };
+ //----------------------------------------------------------------------------------------------------
+ struct no_connection_to_bitmessage : public mms_error
+ {
+ explicit no_connection_to_bitmessage(std::string&& loc, const std::string& address)
+ : mms_error(std::move(loc), "no connection to PyBitmessage at address " + address)
+ {
+ }
+ };
+ //----------------------------------------------------------------------------------------------------
+ struct bitmessage_api_error : public mms_error
+ {
+ explicit bitmessage_api_error(std::string&& loc, const std::string& error_string)
+ : mms_error(std::move(loc), "PyBitmessage returned " + error_string)
+ {
+ }
+ };
+ //----------------------------------------------------------------------------------------------------
#if !defined(_MSC_VER)
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index 0eb09b9f1..d7dc2914e 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -2891,7 +2891,8 @@ namespace tools
cryptonote::COMMAND_RPC_GET_HEIGHT::response hres;
hres.height = 0;
bool r = wal->invoke_http_json("/getheight", hreq, hres);
- wal->set_refresh_from_block_height(hres.height);
+ if (r)
+ wal->set_refresh_from_block_height(hres.height);
crypto::secret_key dummy_key;
try {
wal->generate(wallet_file, req.password, dummy_key, false, false);