| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
2.8 seconds -> 2.6 seconds on a test case
|
|
3.3 seconds -> 2.8 seconds on a test case
|
|
5.2 seconds -> 4.1 seconds on a test case
|
|
5.9 second -> 5.2 seconds on a test case
|
|
baee2c0 Preserve commitment format inside transactions (kayabaNerve)
|
|
0d6ecb1 multisig: add post-kex verification round to check that all participants have completed the multisig address (koe)
|
|
have completed the multisig address
|
|
5d388eb Bump ring size to 16 for v15 & remove set default in wallet cli (j-berman)
|
|
|
|
9df7179 wallet2: use BP+ for cold signing (moneromooo-monero)
|
|
|
|
Implements view tags as proposed by @UkoeHB in MRL issue
https://github.com/monero-project/research-lab/issues/73
At tx construction, the sender adds a 1-byte view tag to each
output. The view tag is derived from the sender-receiver
shared secret. When scanning for outputs, the receiver can
check the view tag for a match, in order to reduce scanning
time. When the view tag does not match, the wallet avoids the
more expensive EC operations when deriving the output public
key using the shared secret.
|
|
reported by ukoehb
|
|
https://github.com/ArticMine/Monero-Documents/blob/master/MoneroScaling2021-02.pdf
with a change to use 1.7 instead of 2.0 for the max long term increase rate
|
|
da9aa1f Copyright: Update to 2022 (mj-xmr)
|
|
3c82958 wallet2: update stagenet rollback blocks (selsta)
|
|
ae0a840 wallet2: decrease the amount of data exchanged for output export (moneromooo-monero)
|
|
bd27deb Bulletproofs+ (SarangNoether)
b7713cc Precompute initial transcript hash (SarangNoether)
b535d66 Updates from security audit (SarangNoether)
a0d80b1 plug bulletproofs plus into consensus (moneromooo-monero)
75bd004 ringct: a few minor optimizations from review (moneromooo-monero)
a345060 ringct: port some of vtnerd's review changes from BP+ to BP (moneromooo-monero)
4c94cfe store outPk/8 in the tx for speed (moneromooo-monero)
5acdd0e bulletproofs+: some minor cleanup from vtnerd's review (moneromooo-monero)
|
|
354e1d9 Make the wallet name optional when locked. (Norman Moeschter)
|
|
It avoids dividing by 8 when deserializing a tx, which is a slow
operation, and multiplies by 8 when verifying and extracing the
amount, which is much faster as well as less frequent
|
|
|
|
|
|
e5000a9 Balance includes unconfirmed transfers to self (woodser)
|
|
|
|
|
|
e08abaa multisig key exchange update and refactor (koe)
|
|
|
|
|
|
|
|
|
|
|
|
a15466d wallet2: remove 2 unused variables (selsta)
|
|
|
|
we reuse the wallet_keys_unlocker object, which does the right thing
in conjunction with other users of decrypt/encrypt (ie, refresh).
|
|
84c5257 Decrease the 'recent spend window' in gamma re-select to 15 blocks (j-berman)
|
|
76542ea Fix precision of average_output_time (j-berman)
|
|
13a8a57 trezor: try empty passphrase first (Dusan Klinec)
|
|
- combined with patching integer truncation (#7798), this gets the algorithm marginally closer to mirroring empirically observed output ages
- 50 was originally chosen assuming integer truncation would remain in the client for that client release version. But patching integer truncation causes the client to select more outputs in the 10-100 block range, and therefore the benefit of choosing a larger recent spend window of 50 has less merit
- 15 seems well-suited to cover the somewhat sizable observable gap in the early window of blocks
|
|
The fix as suggested by <jberman> on IRC. Before the fix, it would truncate 1.9 to 1 skewing the output selection.
|
|
cd76eb7 wallet: fix unused lambda capture warning (selsta)
|
|
24d3d65 monero-wallet-rpc: Prevent --password-file from being used with --wallet-dir (Kermit Alexander II)
|
|
520ce1c Attempt to carve the fee from a partial payment early (lxop)
|
|
|
|
RefreshOptimizeCoinbase was an optimization to speed up scanning of coinbase transactions before RingCT (tx version 2) where they split miner reward into multiple denominations, all to the same wallet.
When RingCT was introduced, all coinbase transactions became 1 output only, so this optimization does nothing now.
With p2pool, this optimization will skip scanning p2pool payouts because they use more than 1 output in coinbase transaction.
Fix it by applying this optimization only to pre-RingCT transactions (version < 2).
|
|
6f15a0c Make sure node returns to wallet that real output is unlocked (j-berman)
|
|
e1af8dc Protect client from divide by 0 caused by integer truncation (j-berman)
|
|
da2955f Apply gamma distr from chain tip when selecting decoys (j-berman)
|
|
|
|
|
|
- matches the paper by Miller et al to apply the gamma from chain tip, rather than after unlock time
- if the gamma produces an output more recent than the unlock time, the algo packs that output into one of the first 50 spendable blocks, respecting the block density factor
|
|
9c6e094 fix #7784 - deinit wallet in wallet dtor (Dusan Klinec)
|
|
|
|
- Try empty passphrase first when opening a wallet, as all Trezors will have passphrase enabled by default by Trezor Suite by default.
This feature enables easier access to all users using disabled passphrase (or empty passhprase)
- If wallet address differs from device address with empty passphrase, another opening attempt is made, without passphrase suppression,
so user can enter his passhprase if using some. In this scenario, nothing changes to user, wallet opening just consumes one more call
to Trezor (get wallet address with empty passphrase)
- also change how m_passphrase is used. Previous version did not work well with recent passphrase entry mechanism change (made in Trezor),
thus this commit fixes the behaviour).
|
|
0c6e1d3 wallet2: chunk get_outs.bin calls to avoid sanity limits (moneromooo-monero)
|
|
bc8d764 wallet: rephrase error message on invalid device address (Dusan Klinec)
|
|
f5eb2ce wallet2: Don't auto lock device on process parsed blocks (tobtoht)
|
|
8cf95c8 wallet2: refresh: check error and throw before potentially breaking out of loop (tobtoht)
|
|
8cea9d8 wallet: Reset RPC Pay ID on node switch (tobtoht)
|
|
|
|
|
|
|
|
|
|
08e4497 Improve cryptonote (block and tx) binary read performance (Lee Clagett)
|
|
4da1112 rpc: send confirmations in get_transactions result (moneromooo-monero)
|
|
|
|
RPC pay client ID is sent with each RPC request, set a new secret every time we switch nodes to mitigate trivial correlation
|
|
bbdb612 Wallet2: Update 'approximate_testnet_rolled_back_blocks' (rbrunner7)
|
|
|
|
|
|
c8ff1d4 monero-wallet-cli: improve error message when tx amount is zero (Elliot Wirrick)
|
|
|
|
if the wallet does it, it would get a wrong result (possibly even
negative) if its local chain is not synced up to the daemon's yet
|
|
|
|
447bfae wallet2: fix unlocked mixup in light wallet mode (moneromooo-monero)
|
|
|
|
On Mac, size_t is a distinct type from uint64_t, and some
types (in wallet cache as well as cold/hot wallet transfer
data) use pairs/containers with size_t as fields. Mac would
save those as full size, while other platforms would save
them as varints. Might apply to other platforms where the
types are distinct.
There's a nasty hack for backward compatibility, which can
go after a couple forks.
|
|
bd12984 Remove copies from foreach loops (thanks to Clang) (Lee Clagett)
1572df9 Removing unused namespace alias (Lee Clagett)
|
|
85db173 Remove unused variables in monero codebase (Kevin Barbour)
|
|
b587ffa Stop adding more outputs than bulletproof allows (Alex Opie)
|
|
186271e monero-wallet-cli: Added command scan_tx (Horia Mihai David)
|
|
To implement this feature, the wallet2::scan_tx API was implemented.
|
|
ee58f4f Balance includes unconfirmed payments (woodser)
|
|
There are quite a few variables in the code that are no longer
(or perhaps never were) in use. These were discovered by enabling
compiler warnings for unused variables and cleaning them up.
In most cases where the unused variables were the result
of a function call the call was left but the variable
assignment removed, unless it was obvious that it was
a simple getter with no side effects.
|
|
|
|
Do this for both the estimate and actual fee.
#7337
|
|
If more outputs are requested, they are split across
multiple transactions.
#7322
|
|
|
|
do not include blocked hosts in peer lists or public node lists by default,
warn about no https on clearnet and about untrusted peers likely being spies
|
|
|
|
|
|
17c537039 wallet2: check imported multisig curve points are in main subgroup (Crypto City)
|
|
|
|
ec14e4b8c wallet2: skip reorgs exceeding max-reorg-depth wallet setting (xiphon)
|
|
|
|
|
|
|
|
- index out of bounds when importing outputs
- accessing invalid CLSAG data
|
|
de9a9fb update error message 'No unlocked balance in the specified account' (woodser)
|
|
|
|
ef4325f wallet2: fix tx sanity check triggering on pre-rct outputs (monermooo-monero)
|
|
|
|
|
|
4e44306 enable CLSAG support for Trezor client (ph4r05)
|
|
|
|
6a37da8 threadpool: guard against exceptions in jobs, and armour plating (moneromooo-monero)
|
|
|
|
Those would, if uncaught, exit run and leave the waiter to wait
indefinitely for the number of active jobs to reach 0
|
|
|
|
|
|
They are allowed from v12, and MLSAGs are rejected from v13.
|
|
20f603c6b Fix broken multisig pubkey sorting (Jason Rhinelander)
|
|
85899230d simplewallet: allow setting tx keys when sending to a subaddress (moneromooo-monero)
e916201f1 wallet2: fix setting tx keys when another is already set (moneromooo-monero)
|
|
db5d6e460 wallet2: fix wrong name when checking RPC cost (moneromooo-monero)
|
|
7175dcb10 replace most boost serialization with existing monero serialization (moneromooo-monero)
|
|
This reverts commit 921dd8dde5d381052d0aa2936304a3541a230c55.
|
|
This reduces the attack surface for data that can come from
malicious sources (exported output and key images, multisig
transactions...) since the monero serialization is already
exposed to the outside, and the boost lib we were using had
a few known crashers.
For interoperability, a new load-deprecated-formats wallet
setting is added (off by default). This allows loading boost
format data if there is no alternative. It will likely go
at some point, along with the ability to load those.
Notably, the peer lists file still uses the boost serialization
code, as the data it stores is define in epee, while the new
serialization code is in monero, and migrating it was fairly
hairy. Since this file is local and not obtained from anyone
else, the marginal risk is minimal, but it could be migrated
later if needed.
Some tests and tools also do, this will stay as is for now.
|
|
76c16822d wallet2_api: implement runtime proxy configuration (xiphon)
|
|
3d6bc0a68 wallet2: throw a error on wallet initialization failure (xiphon)
|
|
ef694d028 fix warning by removing std::move() on temporary http_client object (woodser)
|
|
921dd8dde Use domain-separated ChaCha20 for in-memory key encryption (Sarang Noether)
|
|
The tx key derivation is different then
|
|
|
|
include all public proof parameters in Schnorr challenges, along with hash function domain separators. Includes new randomized unit tests.
|
|
insert doesn't actually insert if another element with the
same key is already in the map
|
|
The sort predicate is a boolean ordered-before value, but these are
returning the memcmp value directly, and thus returns true whenever the
pubkeys aren't equal. This means:
- it isn't actually sorting.
- it can (and does) segfault for some inputs.
|
|
|
|
|
|
|
|
5ef0607da Update copyright year to 2020 (SomaticFanatic)
|
|
94befec fix typo in pick_preferred_rct_inputs (Parean)
|
|
c17fe81 wallet2: fix multisig data clearing stomping on a vector (moneromooo-monero)
|
|
86cf811 simplewallet: don't complain about incoming payment ids on change (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
42e1484 wallet2: fix keys file deserialization exception handling (xiphon)
|
|
Update copyright year to 2020
|
|
7a8c1ee wallet2: fix subaddress expansion when receiving monero (moneromooo-monero)
|
|
4f489fa wallet2: check_connection return false on get_version status != OK (xiphon)
|
|
8b655de simplewallet: report timestamp based expected unlock time on balance (moneromooo-monero)
|
|
613071f use memwipe on secret k/alpha values (moneromooo-monero)
|
|
|
|
e509ede trezor: adapt to new passphrase mechanism (ph4r05)
|
|
|
|
- choice where to enter passphrase is now made on the host
- use wipeable string in the comm stack
- wipe passphrase memory
- protocol optimizations, prepare for new firmware version
- minor fixes and improvements
- tests fixes, HF12 support
|
|
|
|
|
|
- Add abstract_http_client.h which http_client.h extends.
- Replace simple_http_client with abstract_http_client in wallet2,
message_store, message_transporter, and node_rpc_proxy.
- Import and export wallet data in wallet2.
- Use #if defined __EMSCRIPTEN__ directives to skip incompatible code.
|
|
Reported by UkoeHB_ and sarang
|
|
69b5992 simplewallet: new 'address one-off <major> <minor>' command (moneromooo-monero)
|
|
|
|
81c5943 Remove temporary std::string creation in some hex->bin calls (vtnerd)
5fcc23a Move hex->bin conversion to monero copyright files and with less includes (vtnerd)
3387f0e Reduce template bloat in hex->bin for ZMQ json (vtnerd)
|
|
80d5320 Hash domain separation (SarangNoether)
|
|
1a6e7bd wallet2: mention --daemon-ssl-allow-any-cert in --proxy error msg (xiphon)
|
|
|
|
|
|
2e9d1e6 wallet2: fix store-tx-info loading (moneromooo-monero)
|
|
dab604e wallet2_api: implement estimateTransactionFee (xiphon)
|
|
9c1f970b wallet2: remember daemon address overrides when loading a new wallet (moneromooo-monero)
|
|
50e59cfa wallet2: reject zero keys in json input (moneromooo-monero)
|
|
ffe7165e wallet: reroll fake outs selection on local tx_sanity_check failure (xiphon)
|
|
0349347e ringdb: use a different iv for key and data in rings table (moneromooo-monero)
7b882087 simplewallet: reword mixin in user message in terms of ring size (moneromooo-monero)
f507a43a wallet2: do not remove known rings when a tx fails (moneromooo-monero)
|
|
a6c24412 wallet: fix exceptions getting the hash of a pruned tx (moneromooo-monero)
|
|
|
|
|
|
f717d593 wallet2: guard against race with multiple decrypt_keys users (moneromooo-monero)
|
|
5cbb17b9 wallet2: fix hang in wallet refresh (moneromooo-monero)
|
|
316ab7b wallet2: better error when restoring a wallet with the wrong keys (moneromooo-monero)
|
|
096a9db Wallet: Distingush amounts for a single subaddress (tmoravec)
|
|
|
|
4b384003 wallet2: don't try to lock an empty filename (moneromooo-monero)
|
|
d64e5aa7 wallet: allow message sign/verify for subaddresses (moneromooo-monero)
|
|
|
|
|
|
3b419333 wallet: don't issue node rpc proxy requests in '--offline' mode (xiphon)
|
|
The backward compatibility code was always setting it to 1
in modern wallets since store_tx_keys was not present and thus
assumed to be 1 by default.
Reported by SeventhAlpaca
|
|
Because the user might do this for reasons unknown.
Values beyond l-1 will be reduced, so are accepted.
Reported by who-biz.
|
|
|
|
0de8a0d3 wallet_rpc_server: new estimate_tx_size_and_weight RPC (moneromooo-monero)
|
|
Adding a new `amounts` field ot the output of `get_transfers` RPC
method. This field specifies individual payments made to a single
subaddress in a single transaction, e.g., made by this command:
transfer <addr1> <amount1> <addr1> <amount2>
|
|
Even if it fails, the ring composition is known to a potential
adversary, and so we should reuse the same ring next time
|
|
|
|
|
|
If more than one thread wants to make sure of the spend secret key,
then we decrypt on the first caller and reencrypt on the last caller,
otherwise we could use an invalid secret key.
|
|
If the hashes received would move the current blockchain past the
stop point, the short history would not be updated, since we do
not expect another loop, but the daemon might return earlier hashes,
causing the end index to not be enough to reach the threshold and
this require another loop, which will download the same hashes and
cause an infinite loop.
|
|
3b8dcc2 wallet2: make keys unlocker reentrant (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
Target height would be appropriate for the daemon, which syncs
off other daemons, but the wallet syncs off the daemon it's
connected to, and its target is the daemon's current height.
|
|
We get new pool txes before processing any tx, pool or not.
This ensures that if we're asked for a password, this does not
cause a measurable delay in the txpool query after the last
block query.
|
|
The "everything refreshed" state was detected when a refresh call did
not return any new blocks. This can be detected without that extra
"empty" call by comparing the claimed node height to the height of
the last block retrieved. Doing this avoids that last call, saves
some bandwidth, and makes the common refresh case use only one call
rather than two.
As a side effect, it prevents an information leak reported by
Tramèr et al: if the wallet retrieves a set of blocks which includes
an output sent to the refreshing wallet, the wallet will prompt the
user for the password to decode the amount and calculate the key
image for the new output, and this will delay subsequent calls to
getblocks.bin, allowing a passive adversary to note the delay and
deduce when the wallet receives at least one output.
This can still happen if the wallet downloads more than 1000 blocks,
since this will be split in several calls, but then the most the
adversary can tell is which 1000 block section the user received
some monero (the adversary can estimate the heights of the blocks
by calculating how many "large" transfers are done, which will be
sections of blocks, the last of which will usually be below 1000,
but the size of the data should allow the actual number of blocks
sent to be determined fairly accurately).
This timing trick still be used via the subsequent scan for incoming
txes in the txpool, which will be fixed later.
|
|
This lets a passive attacker with access to the network link
between node and wallet perform traffic analysis to deduce
when an idle wallet receives a transaction.
Reported by Tramèr et al.
|
|
protects against having your keys mangled
|
|
93e7426 wallet2: error out when we need a daemon password but have no prompt function (moneromooo-monero)
|
|
635401b wallet2: fix the logged number of detached transfers (moneromooo-monero)
|
