diff options
Diffstat (limited to '')
| -rw-r--r-- | tests/core_tests/chaingen.h | 2 | ||||
| -rw-r--r-- | tests/core_tests/multisig.cpp | 126 | ||||
| -rw-r--r-- | tests/crypto/crypto-tests.h | 2 | ||||
| -rw-r--r-- | tests/crypto/crypto.cpp | 46 | ||||
| -rw-r--r-- | tests/crypto/main.cpp | 10 | ||||
| -rw-r--r-- | tests/crypto/tests.txt | 6 | ||||
| -rwxr-xr-x | tests/functional_tests/multisig.py | 29 | ||||
| -rw-r--r-- | tests/unit_tests/multisig.cpp | 234 |
8 files changed, 335 insertions, 120 deletions
diff --git a/tests/core_tests/chaingen.h b/tests/core_tests/chaingen.h index 3f9f01a11..a1101a3b1 100644 --- a/tests/core_tests/chaingen.h +++ b/tests/core_tests/chaingen.h @@ -836,7 +836,7 @@ inline bool do_replay_file(const std::string& filename) { \ for (size_t msidx = 0; msidx < total; ++msidx) \ account[msidx].generate(); \ - make_multisig_accounts(account, threshold); \ + CHECK_AND_ASSERT_MES(make_multisig_accounts(account, threshold), false, "Failed to make multisig accounts."); \ } while(0) #define MAKE_ACCOUNT(VEC_EVENTS, account) \ diff --git a/tests/core_tests/multisig.cpp b/tests/core_tests/multisig.cpp index f098e1bce..73bc1f104 100644 --- a/tests/core_tests/multisig.cpp +++ b/tests/core_tests/multisig.cpp @@ -28,98 +28,88 @@ // // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers -#include "ringct/rctSigs.h" -#include "cryptonote_basic/cryptonote_basic.h" -#include "multisig/multisig.h" -#include "common/apply_permutation.h" #include "chaingen.h" #include "multisig.h" + +#include "common/apply_permutation.h" +#include "crypto/crypto.h" +#include "cryptonote_basic/cryptonote_basic.h" #include "device/device.hpp" +#include "multisig/multisig.h" +#include "multisig/multisig_account.h" +#include "multisig/multisig_kex_msg.h" +#include "ringct/rctOps.h" +#include "ringct/rctSigs.h" + using namespace epee; using namespace crypto; using namespace cryptonote; +using namespace multisig; //#define NO_MULTISIG -void make_multisig_accounts(std::vector<cryptonote::account_base>& account, uint32_t threshold) +static bool make_multisig_accounts(std::vector<cryptonote::account_base> &accounts, const uint32_t threshold) { - std::vector<crypto::secret_key> all_view_keys; - std::vector<std::vector<crypto::public_key>> derivations(account.size()); - //storage for all set of multisig derivations and spend public key (in first round) - std::unordered_set<crypto::public_key> exchanging_keys; + CHECK_AND_ASSERT_MES(accounts.size() > 0, false, "Invalid multisig scheme"); - for (size_t msidx = 0; msidx < account.size(); ++msidx) + std::vector<multisig_account> multisig_accounts; + std::vector<crypto::public_key> signers; + std::vector<multisig_kex_msg> round_msgs; + multisig_accounts.reserve(accounts.size()); + signers.reserve(accounts.size()); + round_msgs.reserve(accounts.size()); + + // create multisig accounts + for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index) { - crypto::secret_key vkh = cryptonote::get_multisig_blinded_secret_key(account[msidx].get_keys().m_view_secret_key); - all_view_keys.push_back(vkh); + // create account and collect signer + multisig_accounts.emplace_back( + multisig_account{ + get_multisig_blinded_secret_key(accounts[account_index].get_keys().m_spend_secret_key), + get_multisig_blinded_secret_key(accounts[account_index].get_keys().m_view_secret_key) + } + ); - crypto::secret_key skh = cryptonote::get_multisig_blinded_secret_key(account[msidx].get_keys().m_spend_secret_key); - crypto::public_key pskh; - crypto::secret_key_to_public_key(skh, pskh); + signers.emplace_back(multisig_accounts.back().get_base_pubkey()); - derivations[msidx].push_back(pskh); - exchanging_keys.insert(pskh); + // collect account's first kex msg + round_msgs.emplace_back(multisig_accounts.back().get_next_kex_round_msg()); } - uint32_t roundsTotal = 1; - if (threshold < account.size()) - roundsTotal = account.size() - threshold; - - //secret multisig keys of every account - std::vector<std::vector<crypto::secret_key>> multisig_keys(account.size()); - std::vector<crypto::secret_key> spend_skey(account.size()); - std::vector<crypto::public_key> spend_pkey(account.size()); - for (uint32_t round = 0; round < roundsTotal; ++round) + // initialize accounts and collect kex messages for the next round + std::vector<multisig_kex_msg> temp_round_msgs(multisig_accounts.size()); + for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index) { - std::unordered_set<crypto::public_key> roundKeys; - for (size_t msidx = 0; msidx < account.size(); ++msidx) - { - // subtracting one's keys from set of all unique keys is the same as key exchange - auto myKeys = exchanging_keys; - for (const auto& d: derivations[msidx]) - myKeys.erase(d); - - if (threshold == account.size()) - { - cryptonote::generate_multisig_N_N(account[msidx].get_keys(), std::vector<crypto::public_key>(myKeys.begin(), myKeys.end()), multisig_keys[msidx], (rct::key&)spend_skey[msidx], (rct::key&)spend_pkey[msidx]); - } - else - { - derivations[msidx] = cryptonote::generate_multisig_derivations(account[msidx].get_keys(), std::vector<crypto::public_key>(myKeys.begin(), myKeys.end())); - roundKeys.insert(derivations[msidx].begin(), derivations[msidx].end()); - } - } + multisig_accounts[account_index].initialize_kex(threshold, signers, round_msgs); - exchanging_keys = roundKeys; - roundKeys.clear(); + if (!multisig_accounts[account_index].multisig_is_ready()) + temp_round_msgs[account_index] = multisig_accounts[account_index].get_next_kex_round_msg(); } - std::unordered_set<crypto::public_key> all_multisig_keys; - for (size_t msidx = 0; msidx < account.size(); ++msidx) + // perform key exchange rounds + while (!multisig_accounts[0].multisig_is_ready()) { - std::unordered_set<crypto::secret_key> view_keys(all_view_keys.begin(), all_view_keys.end()); - view_keys.erase(all_view_keys[msidx]); + round_msgs = temp_round_msgs; - crypto::secret_key view_skey = cryptonote::generate_multisig_view_secret_key(account[msidx].get_keys().m_view_secret_key, std::vector<secret_key>(view_keys.begin(), view_keys.end())); - if (threshold < account.size()) + for (std::size_t account_index{0}; account_index < multisig_accounts.size(); ++account_index) { - multisig_keys[msidx] = cryptonote::calculate_multisig_keys(derivations[msidx]); - spend_skey[msidx] = cryptonote::calculate_multisig_signer_key(multisig_keys[msidx]); - } - account[msidx].make_multisig(view_skey, spend_skey[msidx], spend_pkey[msidx], multisig_keys[msidx]); - for (const auto &k: multisig_keys[msidx]) { - all_multisig_keys.insert(rct::rct2pk(rct::scalarmultBase(rct::sk2rct(k)))); + multisig_accounts[account_index].kex_update(round_msgs); + + if (!multisig_accounts[account_index].multisig_is_ready()) + temp_round_msgs[account_index] = multisig_accounts[account_index].get_next_kex_round_msg(); } } - if (threshold < account.size()) + // update accounts post key exchange + for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index) { - std::vector<crypto::public_key> public_keys(std::vector<crypto::public_key>(all_multisig_keys.begin(), all_multisig_keys.end())); - crypto::public_key spend_pkey = cryptonote::generate_multisig_M_N_spend_public_key(public_keys); - - for (size_t msidx = 0; msidx < account.size(); ++msidx) - account[msidx].finalize_multisig(spend_pkey); + accounts[account_index].make_multisig(multisig_accounts[account_index].get_common_privkey(), + multisig_accounts[account_index].get_base_privkey(), + multisig_accounts[account_index].get_multisig_pubkey(), + multisig_accounts[account_index].get_multisig_privkeys()); } + + return true; } //---------------------------------------------------------------------------------------------------------------------- @@ -238,13 +228,13 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry for (size_t n = 0; n < nlr; ++n) { account_k[msidx][tdidx].push_back(rct::rct2sk(rct::skGen())); - cryptonote::generate_multisig_LR(output_pub_key[tdidx], account_k[msidx][tdidx][n], account_L[msidx][tdidx][n], account_R[msidx][tdidx][n]); + multisig::generate_multisig_LR(output_pub_key[tdidx], account_k[msidx][tdidx][n], account_L[msidx][tdidx][n], account_R[msidx][tdidx][n]); } size_t numki = miner_account[msidx].get_multisig_keys().size(); account_ki[msidx][tdidx].resize(numki); for (size_t kiidx = 0; kiidx < numki; ++kiidx) { - r = cryptonote::generate_multisig_key_image(miner_account[msidx].get_keys(), kiidx, output_pub_key[tdidx], account_ki[msidx][tdidx][kiidx]); + r = multisig::generate_multisig_key_image(miner_account[msidx].get_keys(), kiidx, output_pub_key[tdidx], account_ki[msidx][tdidx][kiidx]); CHECK_AND_ASSERT_MES(r, false, "Failed to generate multisig export key image"); } MDEBUG("Party " << msidx << ":"); @@ -303,7 +293,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry for (size_t msidx = 0; msidx < total; ++msidx) for (size_t n = 0; n < account_ki[msidx][tdidx].size(); ++n) pkis.push_back(account_ki[msidx][tdidx][n]); - r = cryptonote::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki); + r = multisig::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki); CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image"); MDEBUG("composite ki: " << kLRki.ki); MDEBUG("L: " << kLRki.L); @@ -311,7 +301,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry for (size_t n = 1; n < total; ++n) { rct::key ki; - r = cryptonote::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki); + r = multisig::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki); CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image"); CHECK_AND_ASSERT_MES(kLRki.ki == ki, false, "Composite key images do not match"); } diff --git a/tests/crypto/crypto-tests.h b/tests/crypto/crypto-tests.h index e833c0444..29a50e0fb 100644 --- a/tests/crypto/crypto-tests.h +++ b/tests/crypto/crypto-tests.h @@ -46,4 +46,6 @@ void random_scalar(crypto::ec_scalar &res); void hash_to_scalar(const void *data, std::size_t length, crypto::ec_scalar &res); void hash_to_point(const crypto::hash &h, crypto::ec_point &res); void hash_to_ec(const crypto::public_key &key, crypto::ec_point &res); +bool check_ge_p3_identity_failure(const crypto::public_key &point); +bool check_ge_p3_identity_success(const crypto::public_key &point); #endif diff --git a/tests/crypto/crypto.cpp b/tests/crypto/crypto.cpp index 145ec1d86..e1be38054 100644 --- a/tests/crypto/crypto.cpp +++ b/tests/crypto/crypto.cpp @@ -32,6 +32,36 @@ #include "crypto-tests.h" +static void get_ge_p3_for_identity_test(const crypto::public_key &point, crypto::ge_p3 &result_out_p3) +{ + // compute (K + K) - K - K to get a specific ge_p3 point representation of identity + crypto::ge_cached temp_cache; + crypto::ge_p1p1 temp_p1p1; + + crypto::ge_frombytes_vartime(&result_out_p3, &point); // K + crypto::ge_p3_to_cached(&temp_cache, &result_out_p3); + crypto::ge_add(&temp_p1p1, &result_out_p3, &temp_cache); // K + K + crypto::ge_p1p1_to_p3(&result_out_p3, &temp_p1p1); + crypto::ge_sub(&temp_p1p1, &result_out_p3, &temp_cache); // (K + K) - K + crypto::ge_p1p1_to_p3(&result_out_p3, &temp_p1p1); + crypto::ge_sub(&temp_p1p1, &result_out_p3, &temp_cache); // ((K + K) - K) - K + crypto::ge_p1p1_to_p3(&result_out_p3, &temp_p1p1); +} + +static int ge_p3_is_point_at_infinity_vartime_bad(const crypto::ge_p3 *p) { + // X = 0 and Y == Z + // bad: components of 'p' are not reduced mod q + int n; + for (n = 0; n < 10; ++n) + { + if (p->X[n] | p->T[n]) + return 0; + if (p->Y[n] != p->Z[n]) + return 0; + } + return 1; +} + bool check_scalar(const crypto::ec_scalar &scalar) { return crypto::sc_check(crypto::operator &(scalar)) == 0; } @@ -55,3 +85,19 @@ void hash_to_ec(const crypto::public_key &key, crypto::ec_point &res) { crypto::hash_to_ec(key, tmp); crypto::ge_p3_tobytes(crypto::operator &(res), &tmp); } + +bool check_ge_p3_identity_failure(const crypto::public_key &point) +{ + crypto::ge_p3 ident_p3; + get_ge_p3_for_identity_test(point, ident_p3); + + return ge_p3_is_point_at_infinity_vartime_bad(&ident_p3) == 1; +} + +bool check_ge_p3_identity_success(const crypto::public_key &point) +{ + crypto::ge_p3 ident_p3; + get_ge_p3_for_identity_test(point, ident_p3); + + return crypto::ge_p3_is_point_at_infinity_vartime(&ident_p3) == 1; +} diff --git a/tests/crypto/main.cpp b/tests/crypto/main.cpp index f804c45dc..5486937c2 100644 --- a/tests/crypto/main.cpp +++ b/tests/crypto/main.cpp @@ -259,6 +259,16 @@ int main(int argc, char *argv[]) { if (expected != actual) { goto error; } + } else if (cmd == "check_ge_p3_identity") { + cerr << "Testing: " << cmd << endl; + public_key point; + bool expected_bad, expected_good, result_badfunc, result_goodfunc; + get(input, point, expected_bad, expected_good); + result_badfunc = check_ge_p3_identity_failure(point); + result_goodfunc = check_ge_p3_identity_success(point); + if (expected_bad != result_badfunc || expected_good != result_goodfunc) { + goto error; + } } else { throw ios_base::failure("Unknown function: " + cmd); } diff --git a/tests/crypto/tests.txt b/tests/crypto/tests.txt index 8e6534a87..3a7fe5453 100644 --- a/tests/crypto/tests.txt +++ b/tests/crypto/tests.txt @@ -5467,3 +5467,9 @@ check_ring_signature 8427e7179050bc38d5c25e68f70c2c98990042388e326d6bebd5674ca8d check_ring_signature f3d2b5b25d663325acca133163bbf3219f1b22fea6bd6d6e3194db8bc30dc6fa 448071ee63780f0fcfe35245353e4fd28f5c5362d9a5f3d74e5bd6685986729f 6 fb706555f8358ac3db60d9a52eb4981f91d28cc4d518c1a5c988ce94c7051379 e07dbe16cee565a221af2353c4761cdb7c7fab5880372b0e46d49ab4842d3b4c 05db3f4b53f17fe0525e2b5002664d9b0d5680c10146640cbbf23a118d6d88fb a446a6e907f653e0db5888927971d0dfd5c854d2b04f02367e18b02378271b11 72ce0ff9a80faaf2ea826cfe8244cc2d345a7c887143e481ffe826b8630b6f93 d17c0b9ba4aeb04ddb8288222a0d5d22abe327981786f790cf8b9ee8831090a7 8a11ee60dd8470e1bd447f472b60723d8a30ac8a84fb4bd98580b2f3ddfc32027193f368c87e02deb9219eb50e0a9b2d9d43bab27c14ac4be23640a1fca01a0dd12337332fdfe9f3aef0235281614f3e94cf7902486b8a5b76444e9a56e21a09beab12ff902fdc05b16a2ad417d92711107bcf7a554cf82fa069e9432874680dce00e8a862e417b2efaa66cb9e4693e00b7d6cd1c452fc71630473799fdc7603080d006b562aafe0e75e456e6e09f1a655dcc40e296f0f3083c5f58c75e9dd03c61115f05d75c65e04f2d02c6232c72c99a32e9f8c851b23219e2dbcdbd6190de6c9ae374530c0f268758611fffac7dbb8f16d8c71a0da950ae12603d942b808146f9131049a75364f45cc606ab4d6882a137999c163312c87fb3d8e78ef3406b97dbd90bbdd20a8025d4ba438491ff0923da5055b7c3ee446b7ddac341f350056efeaa3f706fa2ac8a6d02d5f2a4cd5644af7f9a48a699801469d33601667081fa0971b1b6dc3c86d539197a531a76ebe611fc967d26067f2c2f0d879ef0309 false check_ring_signature 07a23b78f73ca487ec5ab0f4d7725d7ffb547543ae4f96e30df871c2241489ca 2073d5a5ccb03402ded68c31d3de658f7c5be2265bec656a12212c83e2499a75 9 ce3fe390c5309c0aa6c0a1e4dc29ef63fdf55ad2fef737b775bae9857c666966 08088bfe1f076131d82458ef08e0a6d8003d26d824360033895e62409fceadba 4faffacfacc069e09f80a0249daf97a40b53a64ab870c62dfd08998d382dba52 386e435138fba8c063966d8308927f8c8788782a3a263500133325c9c82d38a3 efd955c96135d72fee34c765998cf714f37365af8f77cae145ba5d126f1fe914 60dbea373e81c0276c4fbb83ca1fcbb647e2fa11a8bbc62c8e56d4d147b39bd5 1495004110d8e2fe1774ba6eb9492b1bbc54f674ed2082401cd6eab71ad9dc40 7a2af9f6dad76479c5f3345ffd250f55b234682b4fd51d3ee9ae8da2e5a35cb2 02548abda0688fc63cc485b956fd4303bf0dfc43a581e01c59c62243461ea348 e784e4e19099667803c6f08fd0877e85937bec50ab02f75b6f2e3dd61876b40510bf63faa2346e3b35b0ade96bfef145dd17b92ebdb1cf96899e10e3442aaf0d782eafc8be306390ffcda93025f6832a2d4c4e4d1c2b56add53550b3b512b71af959bc1b5902a7b628eae1d16d242c099fb4ce33a4bee12af49a41aab958940910b0d0ef596b753688f228a7184e38e7df8644cbecfa658d721736ed2882e20f9a2fb61818c0060b3fd4b2ced7984bb17b10381efde2330bbb1de208655e080cd33d9e5d5d853a8875623195ed30e2c2e475ebe4ac97e3c5216520b0a201a608b6c6013266ab0e63a461dae171af4c3a14a5fa8c4c33ca25b84540e32efcf302b18e610545ff35d45dae4116ba6d51ac9125cdb7f681739744237827e768bb0487b6b0a1d9e8d5ce809b9e17a6c32df9ef77a26af987b2348c748cba73e917034e21609b0d92a5b7106d39c8de2f057013bd347be67e553e608cbb70683f2e04ca7ed84ed7f4c671efac5deb3db17498f23170cc8deb4596d1ea958caa7e4e06204833104aed36ee0b7808dba1194cc374c193e4e926832ac171d03f3abe6607803d6b33a1350ec428afc88977eb411505bcb54113da91f63fdd2bb85a08140cbc040fadb23ba1c92fd3bad8c4930f36d37403f8e9d4b87bf3636ccffc53c30cc4eeb9945214f9d8e288edbfa1d7546baae6860f9f56af7d79f9349c104579064d404a3d7a893d64fbcca32c5d4e6158d92cd87c8a78bb3a61eb55ec92a7ee0aaabe59d33af5534ae258f48bca9d5459e0708ebf9289d9bb22acb540b0f39003 false check_ring_signature 0e6194f7b3ec1594e6b727b990c6bf65a2b1eb1a9b73ea00d18a709ffdee1276 f931b871addf92f407f087ae176804734ba35fd65086f6c3e07d9d7b001be265 51 8daf0c2e434171ef0e31f1fd17307a30690639fc7fef1a85a9a7858868924c1d 93edf23dcd46477698f2e4795ab9e4e75ef04c8ca561670c22d0a379f7cc9d12 5fb23ddfd7bc6db6798d0dfadc6accc8c7fd75adb090ecb6bad2021bc3bac5da d093463f76e271597f6cddc74b5685b0c4d4ab6b6f6bae4b0217c7097ced9bb6 1504b6cab3b2454a066fe9462be135eda844480da85ad3baf67fbf39679cdbf0 e812fa7c7f0b6e11dd0d87fd88767a768f9e89f2c54396a9a53d443d0edafdcf 6570828a5e056a4e035b1042b80007a872c71545ea225feb982d24eea14373f0 a3adddfa513dca877eca62e12255c981b148a605c998458c6786aba6aaf1207a 43f3fb57f9a0c90200a940217893685296537f34041fd9586586937386f8d33d 9ff696ea156a4468e1d0d32590fcc865f491d821254594535c1694d7eb0102c2 3f0245304a5047ce42fb0b36544220d7df36c919aa2321bf39e83fa71c4de21c 01c527e626c1b5c928058d7ea772cda93833ba111792da212a5eae0041ccae51 61a79b26403f88acf0d4a7bf86efff4bd9f32e05e9a900e7d890ce36ab8abbef be302d5d4b83cd447536c08dfe66a32fab021889d9eb7a8621e59a6e3756b14a 693a9d20a1d12828a94d01a2bdc856f3499745e4c5830cda407962d2b6953784 62438ad0ca1dc718def66c97d8a4b2a1c4e61322c7cb8c3b904177cc8d8fbcaf 88dbaf2eab9896bac05f93c953c548de45c032d40b7c7e452c17ac73606b942b 894905861e3c952ab0e350b12900b454b3870ce3e9b590f94203ce2bbc41f944 cbf933f67076f66793bf06f2a5008bd01b36b6aa094483269da52bbba7465580 557046df81dbcfe18c65e1364448c8d94c710cd1fbf8a3c10550254d97afcdf7 7b24c0ee3a7836c1bef02956b81358d8f698da40f0ccd706daf3038cb0b28793 28ddf7553a328fe5ef8c8a6abd52ba6d725240f1511665884cb68c96d46d92d5 ffd267319c8ed9e424371ef74e5301102997c26265a2044bbbe05ee291f5bcc9 d467502be7c3753d9e4d2a147d3a40d1d817a865184030870bf97ef6f1610da7 b1ec5f6565cc19a6d015696594ada55b5fbe82108fcec0d54fb11b05bfd37408 19e7e65cdd957ab0d25dfc9e4e1449b1d4283d2561754fc147adb51e057dc7ba c5d4274eef9f5d92e7a8dda59de38f5728d60350d8e98871968765925d18ed09 a44814c8f2912d13c09242b0b75dad90a6357b844e021dc96668c45e311b64b3 cd88baa50640c7409a98921e0ad1e7f2496b39a3b07544eeef2455fc5018b17e 9ab6f34f081bccc8d8b29513851a402759c96b8d95d836db977e24e595deb2fa 56123960591257a70a334628d9868505176533debe06cdfc24f906ec8a997efd a37b03d5446abb9a3fb7aee94d6740d85f984fb363a9e78a9d363d5882cd2823 bd9607c5e6c167f5eb6a289be620592c7e850590393787d01acd958fd717b0c2 d0d69b420c93d9b1b8eee6796db2c7cc2110dc78b624396e144c135fe69c812d b6a2ee98807a00bcff0fa5403102c9a628948d3478234cdde85e5effbefcf204 e183a5d8daabdea01f7cd7f0960b75566aec78874cc933f5acc3dce0512ab335 ea7f86e49af2a4883e11b3362127dfdb14f0f517170ddb4338a5a38d2c92566a 4ea9d24ebb852962e745d4ec30679bed40f581d1ccf6825e80ddb38759025ac7 d0c887ff472e65d7fcb502988dfb0c919c8d23c2897d49b8c8de90d725604ea8 0177735a5271e254705979ef38a0737897f608aa144f4c4ed97e220dcb32f1af fc49aac2eaf95de87156c0348381d78d9b468a1da3eae6cc25bb398563b0bdad 84a98d5f20b608d31af41925052dfd378f0252e1bf7c13cf9b773e0cd4b95a52 8fd6df156a95abf7ca37fa1d65e820b56f2498c9ada0a4027f0dbc285b9a9b86 f7bcadf3751cdc85db850619a857288d1291c2f403732d79daec6eb774fd26cb c87e4373dadc7a65f53df413d22b3370f7a8c47a929ded626f3f71f3b249eb4d 02398630b92a7f782dd0153d39a56123ec7ea8d5a0fde77aebd302e641de2a54 f655dea86af87ed4d93ea10c2ffd5e52aff83a6fb5fab65a1ab67a02cfae6523 990747d3687fcc37ba0fe4845f9b247ebddd0d0a5a61f2637bb498f0b05e9fb3 38050abbc28c5847708f0142d8e89d44dad6d0ee8bd60b5771bd03d590a7ff85 867b6cdc08dbecaf1b6f9ee2add2d2c9dfe18474a805a028533b619f52abf6b3 0bda8ca264a6747f18195bbf56fafe96c9a0c8e6557f1b17c50eec71ae52fb50 cc925498a1aaccee819efd183df25795472fda1c7abbad6eaf42b00192c1e7005cacf5a965e831702169f97d374b7b30a7cb3343170c89c325090815e663a805f1d64336bfcdc25794467e68c093403faa50071b992863da69b6399f8bd33308abac8a69fe14a4a3de62ccb4bb5b49f760d1567fb1c966881476f7c5cdd20d0738b0452fa686ec759a6f19f50f1cee1ef06d69162d6d9c6d97055ce7b746a7038ad3913cf9c92a4a5faebecc5417ee900e8cb9e58c35d06e7b554a38815efa05a2f578665a2f96fff87bc9c025b0a23775a8e079f98805a350cac06456ed230f3bf10e3a133abd448f811ed82663f4bfd3fd6492d3ff6e49625b1efc8b9a090bbd70ee46aba76648c7e899cc19433a230f59314dc72d10d7c5dff9c9e2b79907161b00e307b10a9f53332a325c305744d2b96229831fefd891fa1f0776278005fc792d7d1882368def90bb0c75c927464eb4a95ad133e9cca7c57708c620520cb4a4a25880d80cbd1101d0a78e5cc7cf9aae6fe52449911be59a405f35356709977a9532074a05627c13787192cdad3b40f9434d469f189e311c0d917d788d011693c8319cc0b0c4c0ef4fdf08f945be0c6e65fd1c548bba7608a128c3a327020818f93aad968cd094149dbe064e3873b4d704bd0a5ee97fe040944de667a3063ecf7be8aedfd54bd73d13a56b944c546c4c6fb7cc5a9c74a6508c8af26410095f34c6787f38abd729bbb728a4213e9e079b98b81d5f6562f29ebf21ac85010fd4d83ffb1851ed601ae7bc93ae5b36da273101f7485a2d38ed29f68636dd5700b2fcdc9709461a027e02850560fc3e3f1c6fd8dbf4cf1084e059bdddcb8d450f8f3bc1834060ec6375cb94cab89cfce4aabcfc3ef1bf13018535607234e63800d9f6d20030fab8384f287271183563e0730708203261ebbcc0531f4637e0540c7354ffb862e9c435afcf4a11313a2c60f8fccc6483cb70b3dd7b1e7abdbc8e0779dae0268351518fe07b03fe764675ba91f7e612c6d07231e6deab9a909bdd0f419adc092fe62fb5378be479f7cde0e80eb642aa89441feb6b0119595bd7770446d253edeaf3c0dee883f046f0f7e1d2a26701eff4d7b3e9c5f76e27bed51002ee4a57c4e51ee3d2bece02c959ddf90e422f739f1f3b628b5be04f8845f06b00fc891ff96e22af1869f22c1b79afa8ce7eaa4afa70158cde42310f312f92d8013e3aeca05cceb2ee5bcf0a50a5c267f4e548bf32e7cb935ee28c644511beaa071923a1d8b15b2e72b864cf5a4e3f4c290467c9a70dcf924345cd82c2d1f68c0e031f05602b53686d50a7a7bc429e1b54287fbedd16c6cc4aedfc9d66bdf31f0959689980fba888d99ffc6d40aa6f7914bbf593fe736e9edad1a4fc7811853e03f927c357cf3d5dbf58327d4b43ce3f8797063492961a04c30995bbddfe281b0b153043fe51178ff43933a0699ab3a2d995457e7cfba7149ca8d3da1e99d2280bf505e8bed2cdb4f037c2d5c1efd00cda5db5cede0d37a3ebdd94b0f12c457b05f546748f69c5212c58f028bc6a29e11ddb4647e58414ee25060e47506fdb7a0232a7ac6df4481bde4ca5f3ee88a97dd96396ad4727b076743e64e8ee1eaeff0b2532804e4cc7a28306c80b9498eeaaf5be9087caa51807bca9377f76ef6a500cadc72f6f95aea184d559be04f14bb0b05f0ce303fb68cb7091ac96007264ec05c442a68d867351823252d8951d7f6b9671b857244d477e75466c3017f8621808fd511a14c5dab254e5d685d08a922317dadc6fa90b6b9df5b2d23dd392ac910bc8fec0ac56c9ee5d491d9685709fb0d3683905fa390472ecaa01090bd4969c0df17f699e6c78942625672228e7474c37db2336b1136b4dea290940f4a35285013264411791a89ae770a63257478339572c85e7b838078a56db7c97a029a04e0ff040a4d5f08fa4e4a0933b7566d8dce9970eb471b270b70970b5ea19124e0d09e643c89b98f199fae32c088512e6839c33ebd646920e360294d869ad6bffa30de976920a838bc8b88025514d0312f6f28066aec9b4d2d9253ce94e85358b54078ce1b56aed1de3f9071419e2d3590df4d3072ea1d93f11d1c9bb011097f2380ab7341e0b1c7a2d4de64e82f4203a87c9805e1298d69f14b3911622f1119a900d49de89000147275fc18aa830228bafb687e8cc9eb8ca4c2ec4c90bb33fe25201417fd7408111e0efdb16d59412852deac263800de4fcb96b19a2ebbbe4d719051ae02b8b3c4292f097380c9587e96bdfd82037c54649154034d95057e883e00cfe4250f079e2a5460a06aeb4103e6c4b7b64a38a851e1650d758e9a5bc12d3093fc4e9f701612625c969d7dbfc1369349c255f883dc436abaef5c16e453d7a0571cf9797a89446077045d3eb3169261025698dbbff5f1354426e7375bf04ed07b930b24bf02049e577c98bd7abe8c5903f48af2eb03686166364ce54aaf9c20a9774b7b04b922ad510182f41a8b84e0b5e8e8cb404e775f9cf146dcae0fa5f0460da3dfb2ecabe850b5dda46d54c8375003ffaa9f7efd508ffc799523c6c1b0ec1406363554dce15ecd47d91936292b448022b5f162ec09937f50f86d1e50908762bc5330f51c639e035dd07b227e6f499884b51829d920ebb517c3732044500150323d68280d23c6711473abe8d5d835c5f071779af65647334d656caded90a6e66585fa0cc6806375853481eb0b409211473afdd46d6686c8ab95c27aee304a048fadac986152ba89037f084dee9368e5768434610f7904a3552d0d1bcdd06ee33c31485d28838266987b1584ee02a1ff0383a134d11114bbd11b5f8e0b10cd19a175be6520ec55c0380478f723bfc1f0ad1f14ee839547657979ee73e9907939245c535483d3fd79ccc65d776903ebd014303ee2c508d87f053666b42200e8731cb3e79f0a543673cbe1acd23740c442a00db5c6c23c06d008029184dea0970641273d935bc76bdef35f483052e57cfd00b1188c54948f7856857dcc58f05c0735df9a9896da2fc8b82b5c3ceaf98db68508a1004230e0f8f78595da2b702508216f0ba4d65d5dfa14f0cf2d54c67ab4bb54eb4e820c5af761978d0531b0a25a136f6bca068eeafb0828bb76bf4b8bae4cbfce93e8cf9a4c5ce2a1d00c20c2a713c981bd9e46e48dc3e90d2a09e40722212dc3d46c7ec98c830af1545dd014cddd1f0492fc19c597f24acdb0cb9836bf16507be54d9eb229d6b778c20370149e7ee1d371105f331f829e9b611340e1120ee6ce4bffe9c3a7f96f1adf2b802a62f4331c3052309a74465d7f3ac8059bb7b1e0093977c1ce177c04a4be8060447c3a9a49e13f4a2f8579668d929b6782c76b41ef127b21cf91c766de44c930005089f2fad932b12ec662c1bfd7d17c8384b98db2a64ff3b952034131cfa370b5ed0b3bc48d3fd66cf1200984c8929298bf7102932b658432ba2e93d0c01400a75775b1dbea79c9acb1b3348ba24a454f104b72c39ffff01a56d60fe2084af02078204e1c51773f8a91aac91564e8b5e069ce2e88319e47e65f01965743ace06f6540d22fc0e0e2038173960189818af53095c82b0726b6ddeeef14edb01950e7c381d852224666623294305816e713561e1146a37a1212b41df75079a26e601ae81025abd07cd3bfe475f3c44db05a2c715ed902bb43cdcf4e505925d3e18006518b18a46dd21adb117bfb342c68b96f974f1be18c47e7bd5f00a90c225500aa0d5c11207714e4bc729f3662664534064a6fdae4c03456e9e7a75821eefbc0b9cfa05ec403734d1ac35e3a03ca5bf085d0473195dd9490375d241c73ef5d50bf79ed1fe14e93d0710ebf915f8f52d0062b7986129ae8903f78a4b449b7ce7013f5b2aebbd5fcc76b71d0c36dbbb24cb6ed6cb50de9b06a01ba11de6025f2d0c4af71c28d9eb53d9ab885981e27554255cd0aed13438469d4713c0e37fb8ad0c751d50fd4db099dac66358fbada177b5f69f3a6518216f0eb7c92878f94da6d6c18a4c5606f55afb9e66610ef4a41953cff6f1ac7181b6f76ee54aa728466f0c73129d70c6affca90b8931deef27bb1185e7097a93b12b3d389388e1ad1adc07dfd96e6dc926eefdcf373c64566f690b970717afd1df3e4326d73c6d1cc5330c8fdee071684fe4e042b8aec497e2e4fc1098149d0707ce95b550b63fa74cd808ae6a0059002b016d814e0a6e716dde400e5b3716ae33fc8c92915488ce7fe50d94c19f927482e0d6b3cc2dcd9e5fb9d741aeb81c07a9dbad27b926257895af087791a6b9c4048f17832148be5c58f89e4877e22c5087ddbf0a7bf273ae45a50b71d9305c8813c886ea454d6c24174f143856abadc9319d6eabd8d48ec3c66a031394f78c9c9cdb2d0de8f44a932d30a6b913378999ebf0560c1c5f7c4098ce06f117b53db72a4436c885eb9c748deb2587ca0904743138de7e98bc3b0494e40a5a56d71f4204e8b8cad941bfd3abd384b976baa2f6b88c987e61f049f80c890df6470aad55283b8b891b0707aa22089351441fac575587b2ea4ac2f9f9c38b071fdbcc7f5efab14d86b22181e741ed824447a2facb46a63e91538af78c5fdf02 false +check_ge_p3_identity 078c63ceebcfc9d8af51e232b497fb3cd5f491bb9bed5aa3c556a47e62cb186b false true +check_ge_p3_identity 62218e5f0710af551bee941adb3981650862d2a3c4c18c794f450b5bb538975b false true +check_ge_p3_identity 046e1450f147f3ade34d149973913cc75d4e7b9669eb1ed61da0f1d4a0bd7f13 false true +check_ge_p3_identity ca8a2f621cfc7aa3efcd7ddf55dce5352e757b38aca0869b050c0a27824e5c5e true true +check_ge_p3_identity 64a247eef6087d86e1e9fa048a3c181fdb1728431f29ba738634bdc38f02a859 true true +check_ge_p3_identity cff0c7170a41395b0658ee42b76545c45360736b973ab2f31f6f227b9415df67 true true diff --git a/tests/functional_tests/multisig.py b/tests/functional_tests/multisig.py index 0a58f469a..bb7ccbe56 100755 --- a/tests/functional_tests/multisig.py +++ b/tests/functional_tests/multisig.py @@ -39,40 +39,40 @@ from framework.wallet import Wallet class MultisigTest(): def run_test(self): self.reset() - self.mine('493DsrfJPqiN3Suv9RcRDoZEbQtKZX1sNcGPA3GhkKYEEmivk8kjQrTdRdVc4ZbmzWJuE157z9NNUKmF2VDfdYDR3CziGMk', 5) - self.mine('42jSRGmmKN96V2j3B8X2DbiNThBXW1tSi1rW1uwkqbyURenq3eC3yosNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRPP7p5y', 5) - self.mine('47fF32AdrmXG84FcPY697uZdd42pMMGiH5UpiTRTt3YX2pZC7t7wkzEMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUgxRd53', 5) - self.mine('44SKxxLQw929wRF6BA9paQ1EWFshNnKhXM3qz6Mo3JGDE2YG3xyzVutMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUiqhcwR', 5) - self.mine('4ADHswEU3XBUee8pudBkZQd9beJainqNo1BQKkHJujAEPJyQrLj9U4dNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRUDxgjW', 5) + self.mine('45J58b7PmKJFSiNPFFrTdtfMcFGnruP7V4CMuRpX7NsH4j3jGHKAjo3YJP2RePX6HMaSkbvTbrWUFhDNcNcHgtNmQ3gr7sG', 5) + self.mine('44G2TQNfsiURKkvxp7gbgaJY8WynZvANnhmyMAwv6WeEbAvyAWMfKXRhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5duN94i', 5) + self.mine('41mro238grj56GnrWkakAKTkBy2yDcXYsUZ2iXCM9pe5Ueajd2RRc6Fhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5ief4ZP', 5) + self.mine('44vZSprQKJQRFe6t1VHgU4ESvq2dv7TjBLVGE7QscKxMdFSiyyPCEV64NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6dakeff', 5) + self.mine('47puypSwsV1gvUDratmX4y58fSwikXVehEiBhVLxJA1gRCxHyrRgTDr4NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6aRPj5U', 5) self.mine('42ey1afDFnn4886T7196doS9GPMzexD9gXpsZJDwVjeRVdFCSoHnv7KPbBeGpzJBzHRCAs9UxqeoyFQMYbqSWYTfJJQAWDm', 60) self.test_states() - self.create_multisig_wallets(2, 2, '493DsrfJPqiN3Suv9RcRDoZEbQtKZX1sNcGPA3GhkKYEEmivk8kjQrTdRdVc4ZbmzWJuE157z9NNUKmF2VDfdYDR3CziGMk') + self.create_multisig_wallets(2, 2, '45J58b7PmKJFSiNPFFrTdtfMcFGnruP7V4CMuRpX7NsH4j3jGHKAjo3YJP2RePX6HMaSkbvTbrWUFhDNcNcHgtNmQ3gr7sG') self.import_multisig_info([1, 0], 5) txid = self.transfer([1, 0]) self.import_multisig_info([0, 1], 6) self.check_transaction(txid) - self.create_multisig_wallets(2, 3, '42jSRGmmKN96V2j3B8X2DbiNThBXW1tSi1rW1uwkqbyURenq3eC3yosNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRPP7p5y') + self.create_multisig_wallets(2, 3, '44G2TQNfsiURKkvxp7gbgaJY8WynZvANnhmyMAwv6WeEbAvyAWMfKXRhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5duN94i') self.import_multisig_info([0, 2], 5) txid = self.transfer([0, 2]) self.import_multisig_info([0, 1, 2], 6) self.check_transaction(txid) - self.create_multisig_wallets(3, 3, '4ADHswEU3XBUee8pudBkZQd9beJainqNo1BQKkHJujAEPJyQrLj9U4dNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRUDxgjW') + self.create_multisig_wallets(3, 3, '41mro238grj56GnrWkakAKTkBy2yDcXYsUZ2iXCM9pe5Ueajd2RRc6Fhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5ief4ZP') self.import_multisig_info([2, 0, 1], 5) txid = self.transfer([2, 1, 0]) self.import_multisig_info([0, 2, 1], 6) self.check_transaction(txid) - self.create_multisig_wallets(3, 4, '47fF32AdrmXG84FcPY697uZdd42pMMGiH5UpiTRTt3YX2pZC7t7wkzEMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUgxRd53') + self.create_multisig_wallets(3, 4, '44vZSprQKJQRFe6t1VHgU4ESvq2dv7TjBLVGE7QscKxMdFSiyyPCEV64NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6dakeff') self.import_multisig_info([0, 2, 3], 5) txid = self.transfer([0, 2, 3]) self.import_multisig_info([0, 1, 2, 3], 6) self.check_transaction(txid) - self.create_multisig_wallets(2, 4, '44SKxxLQw929wRF6BA9paQ1EWFshNnKhXM3qz6Mo3JGDE2YG3xyzVutMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUiqhcwR') + self.create_multisig_wallets(2, 4, '47puypSwsV1gvUDratmX4y58fSwikXVehEiBhVLxJA1gRCxHyrRgTDr4NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6aRPj5U') self.import_multisig_info([1, 2], 5) txid = self.transfer([1, 2]) self.import_multisig_info([0, 1, 2, 3], 6) @@ -177,10 +177,6 @@ class MultisigTest(): for i in range(3): ok = False - try: res = wallet[i].finalize_multisig(info) - except: ok = True - assert ok - ok = False try: res = wallet[i].exchange_multisig_keys(info) except: ok = True assert ok @@ -193,11 +189,6 @@ class MultisigTest(): assert res.ready ok = False - try: res = wallet[0].finalize_multisig(info) - except: ok = True - assert ok - - ok = False try: res = wallet[0].prepare_multisig() except: ok = True assert ok diff --git a/tests/unit_tests/multisig.cpp b/tests/unit_tests/multisig.cpp index 79775960d..362a658de 100644 --- a/tests/unit_tests/multisig.cpp +++ b/tests/unit_tests/multisig.cpp @@ -26,12 +26,16 @@ // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +#include "crypto/crypto.h" +#include "multisig/multisig_account.h" +#include "multisig/multisig_kex_msg.h" +#include "ringct/rctOps.h" +#include "wallet/wallet2.h" + #include "gtest/gtest.h" #include <cstdint> -#include "wallet/wallet2.h" - static const struct { const char *address; @@ -86,59 +90,145 @@ static void make_wallet(unsigned int idx, tools::wallet2 &wallet) } } -static std::vector<std::string> exchange_round(std::vector<tools::wallet2>& wallets, const std::vector<std::string>& mis) +static std::vector<std::string> exchange_round(std::vector<tools::wallet2>& wallets, const std::vector<std::string>& infos) { std::vector<std::string> new_infos; - for (size_t i = 0; i < wallets.size(); ++i) { - new_infos.push_back(wallets[i].exchange_multisig_keys("", mis)); + new_infos.reserve(infos.size()); + + for (size_t i = 0; i < wallets.size(); ++i) + { + new_infos.push_back(wallets[i].exchange_multisig_keys("", infos)); } return new_infos; } +static void check_results(const std::vector<std::string> &intermediate_infos, + std::vector<tools::wallet2>& wallets, + std::uint32_t M) +{ + // check results + std::unordered_set<crypto::secret_key> unique_privkeys; + rct::key composite_pubkey = rct::identity(); + + wallets[0].decrypt_keys(""); + crypto::public_key spend_pubkey = wallets[0].get_account().get_keys().m_account_address.m_spend_public_key; + crypto::secret_key view_privkey = wallets[0].get_account().get_keys().m_view_secret_key; + crypto::public_key view_pubkey; + EXPECT_TRUE(crypto::secret_key_to_public_key(view_privkey, view_pubkey)); + wallets[0].encrypt_keys(""); + + for (size_t i = 0; i < wallets.size(); ++i) + { + EXPECT_TRUE(intermediate_infos[i].empty()); + bool ready; + uint32_t threshold, total; + EXPECT_TRUE(wallets[i].multisig(&ready, &threshold, &total)); + EXPECT_TRUE(ready); + EXPECT_TRUE(threshold == M); + EXPECT_TRUE(total == wallets.size()); + + wallets[i].decrypt_keys(""); + + if (i != 0) + { + // "equals" is transitive relation so we need only to compare first wallet's address to each others' addresses. + // no need to compare 0's address with itself. + EXPECT_TRUE(wallets[0].get_account().get_public_address_str(cryptonote::TESTNET) == + wallets[i].get_account().get_public_address_str(cryptonote::TESTNET)); + + EXPECT_EQ(spend_pubkey, wallets[i].get_account().get_keys().m_account_address.m_spend_public_key); + EXPECT_EQ(view_privkey, wallets[i].get_account().get_keys().m_view_secret_key); + EXPECT_EQ(view_pubkey, wallets[i].get_account().get_keys().m_account_address.m_view_public_key); + } + + // sum together unique multisig keys + for (const auto &privkey : wallets[i].get_account().get_keys().m_multisig_keys) + { + EXPECT_NE(privkey, crypto::null_skey); + + if (unique_privkeys.find(privkey) == unique_privkeys.end()) + { + unique_privkeys.insert(privkey); + crypto::public_key pubkey; + crypto::secret_key_to_public_key(privkey, pubkey); + EXPECT_NE(privkey, crypto::null_skey); + EXPECT_NE(pubkey, crypto::null_pkey); + EXPECT_NE(pubkey, rct::rct2pk(rct::identity())); + rct::addKeys(composite_pubkey, composite_pubkey, rct::pk2rct(pubkey)); + } + } + wallets[i].encrypt_keys(""); + } + + // final key via sums should equal the wallets' public spend key + wallets[0].decrypt_keys(""); + EXPECT_EQ(wallets[0].get_account().get_keys().m_account_address.m_spend_public_key, rct::rct2pk(composite_pubkey)); + wallets[0].encrypt_keys(""); +} + static void make_wallets(std::vector<tools::wallet2>& wallets, unsigned int M) { ASSERT_TRUE(wallets.size() > 1 && wallets.size() <= KEYS_COUNT); ASSERT_TRUE(M <= wallets.size()); + std::uint32_t rounds_required = multisig::multisig_kex_rounds_required(wallets.size(), M); + std::uint32_t rounds_complete{0}; - std::vector<std::string> mis(wallets.size()); + // initialize wallets, get first round multisig kex msgs + std::vector<std::string> initial_infos(wallets.size()); - for (size_t i = 0; i < wallets.size(); ++i) { + for (size_t i = 0; i < wallets.size(); ++i) + { make_wallet(i, wallets[i]); wallets[i].decrypt_keys(""); - mis[i] = wallets[i].get_multisig_info(); + initial_infos[i] = wallets[i].get_multisig_first_kex_msg(); wallets[i].encrypt_keys(""); } - for (auto& wallet: wallets) { + // wallets should not be multisig yet + for (const auto &wallet: wallets) + { ASSERT_FALSE(wallet.multisig()); } - std::vector<std::string> mxis; - for (size_t i = 0; i < wallets.size(); ++i) { - // it's ok to put all of multisig keys in this function. it throws in case of error - mxis.push_back(wallets[i].make_multisig("", mis, M)); - } + // make wallets multisig, get second round kex messages (if appropriate) + std::vector<std::string> intermediate_infos(wallets.size()); - while (!mxis[0].empty()) { - mxis = exchange_round(wallets, mxis); + for (size_t i = 0; i < wallets.size(); ++i) + { + intermediate_infos[i] = wallets[i].make_multisig("", initial_infos, M); } - for (size_t i = 0; i < wallets.size(); ++i) { - ASSERT_TRUE(mxis[i].empty()); - bool ready; - uint32_t threshold, total; - ASSERT_TRUE(wallets[i].multisig(&ready, &threshold, &total)); - ASSERT_TRUE(ready); - ASSERT_TRUE(threshold == M); - ASSERT_TRUE(total == wallets.size()); - - if (i != 0) { - // "equals" is transitive relation so we need only to compare first wallet's address to each others' addresses. no need to compare 0's address with itself. - ASSERT_TRUE(wallets[0].get_account().get_public_address_str(cryptonote::TESTNET) == wallets[i].get_account().get_public_address_str(cryptonote::TESTNET)); - } + ++rounds_complete; + + // perform kex rounds until kex is complete + while (!intermediate_infos[0].empty()) + { + bool ready{false}; + wallets[0].multisig(&ready); + EXPECT_FALSE(ready); + + intermediate_infos = exchange_round(wallets, intermediate_infos); + + ++rounds_complete; } + + EXPECT_EQ(rounds_required, rounds_complete); + + check_results(intermediate_infos, wallets, M); +} + +TEST(multisig, make_1_2) +{ + std::vector<tools::wallet2> wallets(2); + make_wallets(wallets, 1); +} + +TEST(multisig, make_1_3) +{ + std::vector<tools::wallet2> wallets(3); + make_wallets(wallets, 1); } TEST(multisig, make_2_2) @@ -165,8 +255,88 @@ TEST(multisig, make_2_4) make_wallets(wallets, 2); } -TEST(multisig, make_2_5) +TEST(multisig, multisig_kex_msg) { - std::vector<tools::wallet2> wallets(5); - make_wallets(wallets, 2); + using namespace multisig; + + crypto::public_key pubkey1; + crypto::public_key pubkey2; + crypto::public_key pubkey3; + crypto::secret_key_to_public_key(rct::rct2sk(rct::skGen()), pubkey1); + crypto::secret_key_to_public_key(rct::rct2sk(rct::skGen()), pubkey2); + crypto::secret_key_to_public_key(rct::rct2sk(rct::skGen()), pubkey3); + + crypto::secret_key signing_skey = rct::rct2sk(rct::skGen()); + crypto::public_key signing_pubkey; + while(!crypto::secret_key_to_public_key(signing_skey, signing_pubkey)) + { + signing_skey = rct::rct2sk(rct::skGen()); + } + + crypto::secret_key ancillary_skey = rct::rct2sk(rct::skGen()); + while (ancillary_skey == crypto::null_skey) + ancillary_skey = rct::rct2sk(rct::skGen()); + + // misc. edge cases + EXPECT_NO_THROW((multisig_kex_msg{})); + EXPECT_ANY_THROW((multisig_kex_msg{multisig_kex_msg{}.get_msg()})); + EXPECT_ANY_THROW((multisig_kex_msg{"abc"})); + EXPECT_ANY_THROW((multisig_kex_msg{0, crypto::null_skey, std::vector<crypto::public_key>{}, crypto::null_skey})); + EXPECT_ANY_THROW((multisig_kex_msg{1, crypto::null_skey, std::vector<crypto::public_key>{}, crypto::null_skey})); + EXPECT_ANY_THROW((multisig_kex_msg{1, signing_skey, std::vector<crypto::public_key>{}, crypto::null_skey})); + EXPECT_ANY_THROW((multisig_kex_msg{1, crypto::null_skey, std::vector<crypto::public_key>{}, ancillary_skey})); + + // test that messages are both constructible and reversible + + // round 1 + EXPECT_NO_THROW((multisig_kex_msg{ + multisig_kex_msg{1, signing_skey, std::vector<crypto::public_key>{}, ancillary_skey}.get_msg() + })); + EXPECT_NO_THROW((multisig_kex_msg{ + multisig_kex_msg{1, signing_skey, std::vector<crypto::public_key>{pubkey1}, ancillary_skey}.get_msg() + })); + + // round 2 + EXPECT_NO_THROW((multisig_kex_msg{ + multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1}, ancillary_skey}.get_msg() + })); + EXPECT_NO_THROW((multisig_kex_msg{ + multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1}, crypto::null_skey}.get_msg() + })); + EXPECT_NO_THROW((multisig_kex_msg{ + multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1, pubkey2}, ancillary_skey}.get_msg() + })); + EXPECT_NO_THROW((multisig_kex_msg{ + multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1, pubkey2, pubkey3}, crypto::null_skey}.get_msg() + })); + + // test that keys can be recovered if stored in a message and the message's reverse + + // round 1 + multisig_kex_msg msg_rnd1{1, signing_skey, std::vector<crypto::public_key>{pubkey1}, ancillary_skey}; + multisig_kex_msg msg_rnd1_reverse{msg_rnd1.get_msg()}; + EXPECT_EQ(msg_rnd1.get_round(), 1); + EXPECT_EQ(msg_rnd1.get_round(), msg_rnd1_reverse.get_round()); + EXPECT_EQ(msg_rnd1.get_signing_pubkey(), signing_pubkey); + EXPECT_EQ(msg_rnd1.get_signing_pubkey(), msg_rnd1_reverse.get_signing_pubkey()); + EXPECT_EQ(msg_rnd1.get_msg_pubkeys().size(), 0); + EXPECT_EQ(msg_rnd1.get_msg_pubkeys().size(), msg_rnd1_reverse.get_msg_pubkeys().size()); + EXPECT_EQ(msg_rnd1.get_msg_privkey(), ancillary_skey); + EXPECT_EQ(msg_rnd1.get_msg_privkey(), msg_rnd1_reverse.get_msg_privkey()); + + // round 2 + multisig_kex_msg msg_rnd2{2, signing_skey, std::vector<crypto::public_key>{pubkey1, pubkey2}, ancillary_skey}; + multisig_kex_msg msg_rnd2_reverse{msg_rnd2.get_msg()}; + EXPECT_EQ(msg_rnd2.get_round(), 2); + EXPECT_EQ(msg_rnd2.get_round(), msg_rnd2_reverse.get_round()); + EXPECT_EQ(msg_rnd2.get_signing_pubkey(), signing_pubkey); + EXPECT_EQ(msg_rnd2.get_signing_pubkey(), msg_rnd2_reverse.get_signing_pubkey()); + ASSERT_EQ(msg_rnd2.get_msg_pubkeys().size(), 2); + ASSERT_EQ(msg_rnd2.get_msg_pubkeys().size(), msg_rnd2_reverse.get_msg_pubkeys().size()); + EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[0], pubkey1); + EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[1], pubkey2); + EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[0], msg_rnd2_reverse.get_msg_pubkeys()[0]); + EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[1], msg_rnd2_reverse.get_msg_pubkeys()[1]); + EXPECT_EQ(msg_rnd2.get_msg_privkey(), crypto::null_skey); + EXPECT_EQ(msg_rnd2.get_msg_privkey(), msg_rnd2_reverse.get_msg_privkey()); } |