| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
615f287 wallet: fix certificate fingerprint length check (moneromooo-monero)
|
|
Fixed by crCr62U0
|
|
And add them for pending transfers, where they were missing
|
|
ccc1e311 wallet_rpc_server: reject standalone short payment id in address book (moneromooo-monero)
|
|
5e0da6fb change SSL certificate fingerprint whitelisting from SHA1 to SHA-256 (moneromooo-monero)
|
|
98fb98f9 wallet_rpc_server: adding missing return on error in set_daemon (moneromooo-monero)
9074c0d8 wallet_rpc_server: return false on error in set_log_categories (moneromooo-monero)
968848a7 wallet_rpc_server: fix crash in validate_address if no wallet is loaded (moneromooo-monero)
|
|
|
|
SHA1 is too close to bruteforceable
|
|
|
|
Reported by SmajeNz0
|
|
Reported by SmajeNz0
|
|
|
|
84047cb7 wallet_rpc_server: add unlocked field to incoming_transfers output (moneromooo-monero)
|
|
|
|
|
|
|
|
7d79222f daemon: remove debug info (moneromooo-monero)
8fec0f98 functional_tests: add sweep_single test (moneromooo-monero)
9880d61b wallet_rpc_server: remove unused code (moneromooo-monero)
8a61b33d rpc: omit irrelevant fields for pool txes in gettransactions (moneromooo-monero)
56508524 rpc: add relayed in get_transaction output (moneromooo-monero)
82e510f1 rpc: set default log category in core_rpc_server.h (moneromooo-monero)
|
|
bcb86ae6 wallet_rpc_server: fix inconsistent wallet caches on reload (moneromooo-monero)
|
|
374f388d wallet_rpc_server: add a all flag to export_outputs (moneromooo-monero)
|
|
|
|
Loading the same wallet as the currently loaded one would autosave
the current state after loading it, leading to some kind of rollback
effect. We now save before loading to avoid this. If loading fails,
it means the current wallet will be saved (or maybe not, depending
on where the failure occurs: most of the sanity checks occur before
saving). There is a new autosave_current flag to open/restore calls
so the (enabled by default) autosave can be skipped.
|
|
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
|
|
a2561653 wallet: new option to start background mining (moneromooo-monero)
|
|
if we don't want to export new outputs only
|
|
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
|
|
|
|
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
|
|
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.
This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
|
|
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
|
|
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
|
|
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
|
|
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
023f2c77 wallet_rpc_server: remove mixin from transfer RPCs (moneromooo-monero)
|
|
23fb056a wallet_rpc_server: new auto_refresh RPC (moneromooo-monero)
|
|
4ee15655 wallet_rpc_server: fix buffer read overflow in string assignment (moneromooo-monero)
|
|
a8b98a0b wallet: fix memory only wallets (moneromooo-monero)
|
|
and return both in get_languages
|
|
at least when using restore_deterministic_wallet
|
|
f962449d wallet_rpc_server: include out subaddress indices in get_transfers (moneromooo-monero)
|
|
|
|
it's been a while, only use ring_size now
|
|
8b514645 add multisig tx sets to describe_transfer rpc endpoint (spoke0)
|
|
36451697 Simplify RPC endpoint, emoving second RPC endpoint generate_from_view_key (Joel)
c17c8188 Remove code duplication (Joel)
acb14c10 Add generate_from_view_key RPC method (Joel)
7dd7a3b7 Add generate_from_keys RPC method (Joel)
|
|
1f2930ce Update 2019 copyright (binaryFate)
|
|
It can enable/disable auto refresh, and set auto refresh period
|
|
|
|
|
|
|
|
|
|
057c279c epee: add SSL support (Martijn Otto)
|
|
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
|
|
3d2772a0 wallet-rpc: get balance for all accounts and subaddresses (stoffu)
|
|
8a1ff079 wallet-rpc: get transfers for all accounts and subaddresses (Jethro Grassie)
|
|
5c81a9f1 wallet_rpc_server: add a validate_address RPC (moneromooo-monero)
|
|
24569454 epee: add SSL support (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
|
|
|
|
To use if you want all key images, not just the ones for
recently imported outputs
|
|
Found by codacy.com
|
|
7ae36e91 wallet_rpc_server: account for watch-only/non-deterministic/multisig when querying seed (stoffu)
|
|
1c04c21d wallet_rpc_server: include additional tx keys in sign_transfer response (stoffu)
|
|
f3019efe wallet-rpc: add on_restore_deterministic RPC call. (Hasan Pekdemir)
|
|
f26ce08c wallet: add a non destructive blockchain rescan (moneromooo-monero)
|
|
querying seed
Followup on #4653
|
|
and disable annoying test that requires ridiculous amounts
of skullduggery every time some format changes
|
|
|
|
Followup on #4552
|
|
ade369f9 Add RPC error code for non-deterministic wallet (Michał Sałaban)
|
|
|
|
04ddf02e Return appropriate RPC error code when key image signature check fails (Michał Sałaban)
|
|
67e76aa0 wallet_rpc_server: optionally return tx keys in sign_transfer (moneromooo-monero)
|
|
977fc1bc wallet_rpc_server: add describe_transfer RPC (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
for unsigned tx sets using a view only wallet
|
|
9acf42d3 Multisig M/N functionality core tests added (naughtyfox)
9f3963e8 Arbitrary M/N multisig schemes: * support in wallet2 * support in monero-wallet-cli * support in monero-wallet-rpc * support in wallet api * support in monero-gen-trusted-multisig * unit tests for multisig wallets creation (naughtyfox)
|
|
2c74b1a1 wallet_rpc_server: include all transfer records for a txid (moneromooo-monero)
|
|
* support in wallet2
* support in monero-wallet-cli
* support in monero-wallet-rpc
* support in wallet api
* support in monero-gen-trusted-multisig
* unit tests for multisig wallets creation
|
|
Since subaddresses were added, a tx can now create more than
one payment
|
|
|
|
bcf3f6af fuzz_tests: catch unhandled exceptions (moneromooo-monero)
3ebd05d4 miner: restore stream flags after changing them (moneromooo-monero)
a093092e levin_protocol_handler_async: do not propagate exception through dtor (moneromooo-monero)
1eebb82b net_helper: do not propagate exceptions through dtor (moneromooo-monero)
fb6a3630 miner: do not propagate exceptions through dtor (moneromooo-monero)
2e2139ff epee: do not propagate exception through dtor (moneromooo-monero)
0749a8bd db_lmdb: do not propagate exceptions in dtor (moneromooo-monero)
1b0afeeb wallet_rpc_server: exit cleanly on unhandled exceptions (moneromooo-monero)
418a9936 unit_tests: catch unhandled exceptions (moneromooo-monero)
ea7f9543 threadpool: do not propagate exceptions through the dtor (moneromooo-monero)
6e855422 gen_multisig: nice exit on unhandled exception (moneromooo-monero)
53df2deb db_lmdb: catch error in mdb_stat calls during migration (moneromooo-monero)
e67016dd blockchain_blackball: catch failure to commit db transaction (moneromooo-monero)
661439f4 mlog: don't remove old logs if we failed to rename the current file (moneromooo-monero)
5fdcda50 easylogging++: test for NULL before dereference (moneromooo-monero)
7ece1550 performance_test: fix bad last argument calling add_arg (moneromooo-monero)
a085da32 unit_tests: add check for page size > 0 before dividing (moneromooo-monero)
d8b1ec8b unit_tests: use std::shared_ptr to shut coverity up about leaks (moneromooo-monero)
02563bf4 simplewallet: top level exception catcher to print nicer messages (moneromooo-monero)
c57a65b2 blockchain_blackball: fix shift range for 32 bit archs (moneromooo-monero)
|
|
83debef9 wallet_rpc_server: remove verbose field in incoming_transfers query (moneromooo-monero)
|
|
b35beaa8 wallet_rpc_server: include account index in incoming_transfers RPC (moneromooo-monero)
|
|
|
|
Thanks iDunk for the windows testing
|
|
Thanks iDunk for building patches on windows
|
|
66901901 README: harmonize command formatting inside README.md (Andrea)
8cd98408 disable AES on s390x architecture (Tuan M. Hoang)
4ed30bab wallet: implement coin splitting for sweep_* 'outputs' option (whythat)
24f52396 wallet: add 'outputs' option for sweep_* commands (whythat)
52e19d69 README: Compile boost with cxxflags=-fPIC cflags=-fPIC (Italocoin Project)
0c77523d README: fill in libsodium package name for Arch (phloatingman)
|
|
56b50faa wallet: use wipeable_string in more places where a secret is used (moneromooo-monero)
07ec748c wipeable_string: add hex_to_pod function (moneromooo-monero)
|
|
'outputs' option allows to specify the number of
separate outputs of smaller denomination that will
be created by sweep operation.
rebased by moneromooo
|
|
|
|
97764bae wallet_rpc_server: error out if wallet-file and wallet-dir are both used (moneromooo-monero)
|
|
|
|
0664a984 wallet_rpc_server: remove some unused code (moneroexamples)
|
|
|
|
|
|
|
|
And close the current wallet automatically if necessary when opening another
wallet.
|
|
3d5abbe [#4027] add change_wallet_password wallet rpc command (artyomsol)
|
|
|
|
6fcdc9e rpc-wallet: refresh command added (ph4r05)
|
|
|
|
|
|
The secret spend key is kept encrypted in memory, and
decrypted on the fly when needed.
Both spend and view secret keys are kept encrypted in a JSON
field in the keys file. This avoids leaving the keys in
memory due to being manipulated by the JSON I/O API.
|
|
|
|
|
|
9127a8b wallet-rpc: filter getbalance response by address index (stoffu)
|
|
1c6cfd3 wallet-rpc: add get_address_index command (stoffu)
|
|
7db7ec8 wallet rpc: support making integrated address of given standard address (stoffu)
|
|
|
|
|
|
|
|
|
|
66df13a5 wallet-rpc.getaddress: throw if index is out of bound (stoffu)
|
|
b85acb4c Fix RPC crashes that didn't check for an open wallet (Howard Chu)
|
|
dcbc17e wallet: include a suggested number of confirmations based on amount (moneromooo-monero)
|
|
8db23df wallet: on first refresh, start off with a quantized height (moneromooo-monero)
|
|
This is based on how much an attacking miner stands to lose in block
rewardy by mining a private chain which double spends a payment.
This is not foolproof, since mining is based on luck, and breaks
down as the attacking miner nears 50% of the network hash rate,
and the estimation is based on a constant block reward.
|
|
|
|
9c2a7b4 wallet-rpc: watch-only and cold wallet features added (ph4r05)
|
|
|
|
for privacy reasons, so an untrusted node can't easily track
wallets from IP address to IP address, etc. The granularity
is 1024 blocks, which is about a day and a half.
|
|
- unsigned_txset, signed_txset in transfer / submit_transfer / sign_transfer
- export_outputs, import_outputs
Squashed commits:
[f4d9f3d4] wallet-rpc: do_not_relay removed from submit_transfer
[5b16a86f] wallet-rpc: review-fix - method signature changes, renaming
[b7fbb10a] wallet-rpc: naming fixes (unsigned vs signed), consts renamed
[8c7d2727] wallet-rpc: sign_transfer added
[481d024a] wallet2: sign_tx splitted to work with strings and structs, more granular
[2a474db9] wallet-rpc: wallet2::load_unsigned_tx split to load from str, file
[b1e3a018] wallet-rpc: review fix, load_tx_from_str variable rename
[1f6373be] wallet-rpc: review fix: save_tx_to_{str,file}
[2a08eafc] wallet-rpc: review comments fixes
- redundant this removed from wallet2.cpp
- load_tx_from_str, load_tx_from_file
[43498052] wallet-rpc: submit_transfer added
[9c45d1ad] wallet-rpc: watch_only check, return unsigned_txset
[62831396] wallet2: added string variants to load_tx, save_tx
- analogously to save_multisig_tx
- required for monero-wallet-rpc to support watch-only wallet
|
|
f36132a wallet cli/rpc: terminate execution with code 0 when --help or --version is given (stoffu)
|
|
given
|
|
|
|
57c0b1ed Fix typos in various files (Dimitris Apostolou)
|
|
|
|
calls to wallet2
|
|
3d452367 allow using ring size instead of mixin for rpc transfer (cryptochangements34)
|
|
|
|
|
|
6866ed46 Add default value to max_height, otherwise it's 0 (Michał Sałaban)
|
|
214d251c wallet: suggest the use of sweep_unmixable when not_enough_outs_to_mix is thrown (stoffu)
|
|
a99ef176 wallet-rpc: take subaddress account as arg for get_transfer_by_txid (stoffu)
77125096 wallet-rpc: rename *_INDEX_OUTOFBOUND into *_INDEX_OUT_OF_BOUNDS (stoffu)
|
|
f90c76be Return appropriate error code when there's no connection to daemon (Michał Sałaban)
3cb65b3f Return appropriate error code when not enough money for tx (Michał Sałaban)
|
|
a85dbb3f Fixed typos and wording tweaks (Maxithi)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
not full)
|
|
fb5c971c Allow retrieving spend key via RPC (Michał Sałaban)
|
|
ffc2e570 wallet rpc: show fees when querying incoming transfers (stoffu)
|
|
|
|
|
|
6d40a920 Reserve proof (stoffu)
|
|
07da9c80 Resolve addresses in get_transfers (Michał Sałaban)
|
|
|
|
|
|
9996d5e9 wallet2: guard against the dameon sending blocks before last checkpoint (moneromooo-monero)
eadaa6aa wallet_rpc_server: fix wallet leak on error exit (moneromooo-monero)
|
|
|
|
55556fab wallet_rpc_server: factor transfer info return and add missing info (moneromooo-monero)
|
|
|
|
This reverts commit b60f48f0e31c17638f771042887b2fffdbad15b4.
|
|
6b5bd129 Account tagging (stoffu)
|
|
bd5cce07 network_throttle: fix ineffective locking (moneromooo-monero)
e0a61299 network_throttle: remove unused xxx static member (moneromooo-monero)
24f584d9 cryptonote_core: remove unused functions with off by one bugs (moneromooo-monero)
b1634aa3 blockchain: don't leave dangling pointers in this (moneromooo-monero)
8e60b81c cryptonote_core: fix db leak on error (moneromooo-monero)
213e326c abstract_tcp_server2: log init_server errors as fatal (moneromooo-monero)
b51dc566 use const refs in for loops for non tiny types (moneromooo-monero)
f0568ca6 net_parse_helpers: fix regex error checking (moneromooo-monero)
b49ddc76 check accessing an element past the end of a container (moneromooo-monero)
2305bf26 check return value for generate_key_derivation and derive_public_key (moneromooo-monero)
a4240d9f catch const exceptions (moneromooo-monero)
45a1c4c0 add empty container sanity checks when using front() and back() (moneromooo-monero)
56fa6ce1 tests: fix a buffer overread in a unit test (moneromooo-monero)
b4524892 rpc: guard against json parsing a non object (moneromooo-monero)
c2ed8618 easylogging++: avoid buffer underflow (moneromooo-monero)
187a6ab2 epee: trap failure to parse URI from request (moneromooo-monero)
061789b5 checkpoints: trap failure to load JSON checkpoints (moneromooo-monero)
ba2fefb9 checkpoints: pass std::string by const ref, not const value (moneromooo-monero)
38c8f4e0 mlog: terminate a string at last char, just in case (moneromooo-monero)
d753d716 fix a few leaks by throwing objects, not newed pointers to objects (moneromooo-monero)
fe568db8 p2p: use size_t for arbitrary counters instead of uint8_t (moneromooo-monero)
46d6fa35 cryptonote_protocol: sanity check chain hashes from peer (moneromooo-monero)
25584f86 cryptonote_protocol: print peer versions when unexpected (moneromooo-monero)
490a5d41 rpc: do not try to use an invalid txid in relay_tx (moneromooo-monero)
|
|
a9217641 wallet-rpc: added receiving address to res of get(_bulk)_payments; selective addresses for getaddress (stoffu)
|
|
b60f48f0 return subaddress in get_bulk_payments (Dmitriy Plekhanov)
|
|
Makes it easier to debug leaks
|
|
Additional tx keys, amounts and fees were missing in some cases
|
|
|
|
|
|
addresses for getaddress
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Scheme by luigi1111:
Multisig for RingCT on Monero
2 of 2
User A (coordinator):
Spendkey b,B
Viewkey a,A (shared)
User B:
Spendkey c,C
Viewkey a,A (shared)
Public Address: C+B, A
Both have their own watch only wallet via C+B, a
A will coordinate spending process (though B could easily as well, coordinator is more needed for more participants)
A and B watch for incoming outputs
B creates "half" key images for discovered output D:
I2_D = (Hs(aR)+c) * Hp(D)
B also creates 1.5 random keypairs (one scalar and 2 pubkeys; one on base G and one on base Hp(D)) for each output, storing the scalar(k) (linked to D),
and sending the pubkeys with I2_D.
A also creates "half" key images:
I1_D = (Hs(aR)+b) * Hp(D)
Then I_D = I1_D + I2_D
Having I_D allows A to check spent status of course, but more importantly allows A to actually build a transaction prefix (and thus transaction).
A builds the transaction until most of the way through MLSAG_Gen, adding the 2 pubkeys (per input) provided with I2_D
to his own generated ones where they are needed (secret row L, R).
At this point, A has a mostly completed transaction (but with an invalid/incomplete signature). A sends over the tx and includes r,
which allows B (with the recipient's address) to verify the destination and amount (by reconstructing the stealth address and decoding ecdhInfo).
B then finishes the signature by computing ss[secret_index][0] = ss[secret_index][0] + k - cc[secret_index]*c (secret indices need to be passed as well).
B can then broadcast the tx, or send it back to A for broadcasting. Once B has completed the signing (and verified the tx to be valid), he can add the full I_D
to his cache, allowing him to verify spent status as well.
NOTE:
A and B *must* present key A and B to each other with a valid signature proving they know a and b respectively.
Otherwise, trickery like the following becomes possible:
A creates viewkey a,A, spendkey b,B, and sends a,A,B to B.
B creates a fake key C = zG - B. B sends C back to A.
The combined spendkey C+B then equals zG, allowing B to spend funds at any time!
The signature fixes this, because B does not know a c corresponding to C (and thus can't produce a signature).
2 of 3
User A (coordinator)
Shared viewkey a,A
"spendkey" j,J
User B
"spendkey" k,K
User C
"spendkey" m,M
A collects K and M from B and C
B collects J and M from A and C
C collects J and K from A and B
A computes N = nG, n = Hs(jK)
A computes O = oG, o = Hs(jM)
B anc C compute P = pG, p = Hs(kM) || Hs(mK)
B and C can also compute N and O respectively if they wish to be able to coordinate
Address: N+O+P, A
The rest follows as above. The coordinator possesses 2 of 3 needed keys; he can get the other
needed part of the signature/key images from either of the other two.
Alternatively, if secure communication exists between parties:
A gives j to B
B gives k to C
C gives m to A
Address: J+K+M, A
3 of 3
Identical to 2 of 2, except the coordinator must collect the key images from both of the others.
The transaction must also be passed an additional hop: A -> B -> C (or A -> C -> B), who can then broadcast it
or send it back to A.
N-1 of N
Generally the same as 2 of 3, except participants need to be arranged in a ring to pass their keys around
(using either the secure or insecure method).
For example (ignoring viewkey so letters line up):
[4 of 5]
User: spendkey
A: a
B: b
C: c
D: d
E: e
a -> B, b -> C, c -> D, d -> E, e -> A
Order of signing does not matter, it just must reach n-1 users. A "remaining keys" list must be passed around with
the transaction so the signers know if they should use 1 or both keys.
Collecting key image parts becomes a little messy, but basically every wallet sends over both of their parts with a tag for each.
Thia way the coordinating wallet can keep track of which images have been added and which wallet they come from. Reasoning:
1. The key images must be added only once (coordinator will get key images for key a from both A and B, he must add only one to get the proper key actual key image)
2. The coordinator must keep track of which helper pubkeys came from which wallet (discussed in 2 of 2 section). The coordinator
must choose only one set to use, then include his choice in the "remaining keys" list so the other wallets know which of their keys to use.
You can generalize it further to N-2 of N or even M of N, but I'm not sure there's legitimate demand to justify the complexity. It might
also be straightforward enough to support with minimal changes from N-1 format.
You basically just give each user additional keys for each additional "-1" you desire. N-2 would be 3 keys per user, N-3 4 keys, etc.
The process is somewhat cumbersome:
To create a N/N multisig wallet:
- each participant creates a normal wallet
- each participant runs "prepare_multisig", and sends the resulting string to every other participant
- each participant runs "make_multisig N A B C D...", with N being the threshold and A B C D... being the strings received from other participants (the threshold must currently equal N)
As txes are received, participants' wallets will need to synchronize so that those new outputs may be spent:
- each participant runs "export_multisig FILENAME", and sends the FILENAME file to every other participant
- each participant runs "import_multisig A B C D...", with A B C D... being the filenames received from other participants
Then, a transaction may be initiated:
- one of the participants runs "transfer ADDRESS AMOUNT"
- this partly signed transaction will be written to the "multisig_monero_tx" file
- the initiator sends this file to another participant
- that other participant runs "sign_multisig multisig_monero_tx"
- the resulting transaction is written to the "multisig_monero_tx" file again
- if the threshold was not reached, the file must be sent to another participant, until enough have signed
- the last participant to sign runs "submit_multisig multisig_monero_tx" to relay the transaction to the Monero network
|
