tiamak/Peya
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

interim checkin - pretty sure this proof cannot work without curve translation using ConvertPointE()

Browse Source
This commit is contained in:
Some Random Crypto Guy
2025-11-25 11:57:57 +00:00
parent 3a7ec4db32
commit 8f60758a3c
4 changed files with 65 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/crypto/CMakeLists.txt
View File

@@ -71,6 +71,7 @@ monero_add_library(cncrypto
target_link_libraries(cncrypto
PUBLIC
epee
mx25519_static
randomx
${Boost_SYSTEM_LIBRARY}
${SODIUM_LIBRARY}

21
src/crypto/crypto.cpp
View File

@@ -516,8 +516,8 @@ namespace crypto {
#if !defined(NDEBUG)
{
assert(sc_check(&r) == 0);
// check R == r*G or R == r*B
public_key dbg_R;
// assume R == r*G or R == r*B
/*
if (B)
{
ge_p2 dbg_R_p2;
@@ -531,7 +531,8 @@ namespace crypto {
ge_p3_tobytes(&dbg_R, &dbg_R_p3);
}
assert(R == dbg_R);
*/
// check D == r*A // move here to wallet2.cpp later
ge_p2 dbg_D_p2;
ge_scalarmult(&dbg_D_p2, &r, &A_p3);
@@ -547,11 +548,15 @@ namespace crypto {
// try with x25519 curve
mx25519_pubkey A_x25519;
memcpy(&A_x25519, &A, sizeof(mx25519_pubkey));
mx25519_scmul_key(get_mx25519_impl(),
&A_x25519,
reinterpret_cast<const mx25519_privkey*>(&r),
&D_x25519);
const mx25519_impl *impl;
impl = mx25519_select_impl(MX25519_TYPE_AUTO);
if (impl == nullptr)
throw std::runtime_error("failed to obtain a mx25519 implementation");
mx25519_scmul_key(impl,
&A_x25519,
reinterpret_cast<const mx25519_privkey*>(&r),
&D_x25519);
assert(memcmp(D.data, D_x25519.data, 32) == 0);
}
}

2
src/simplewallet/simplewallet.cpp
View File

@@ -9441,7 +9441,7 @@ bool simple_wallet::get_tx_proof(const std::vector<std::string> &args)
try
{
std::string sig_str = m_wallet->get_tx_proof(txid, info.address, info.is_subaddress, args.size() == 3 ? args[2] : "");
const std::string filename = "monero_tx_proof";
const std::string filename = "salvium_tx_proof";
if (m_wallet->save_to_file(filename, sig_str, true))
success_msg_writer() << tr("signature file saved to: ") << filename;
else

66
src/wallet/wallet2.cpp
View File

@@ -13261,30 +13261,64 @@ std::string wallet2::get_tx_proof(const cryptonote::transaction &tx, const crypt
shared_secret[0] = rct::rct2pk(aP);
crypto::public_key tx_pub_key;
if (is_subaddress){
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(tx_key));
tx_pub_key = rct2pk(aP);
if (address.m_is_carrot) {
mx25519_pubkey enote_ephemeral_pubkey_out;
carrot::make_carrot_enote_ephemeral_pubkey(tx_key,
address.m_spend_public_key,
is_subaddress,
enote_ephemeral_pubkey_out);
tx_pub_key = carrot::raw_byte_convert<crypto::public_key>(enote_ephemeral_pubkey_out);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[0], tx_key, sig[0]);
} else {
hwdev.secret_key_to_public_key(tx_key, tx_pub_key);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[0], tx_key, sig[0]);
if (is_subaddress){
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(tx_key));
tx_pub_key = rct2pk(aP);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[0], tx_key, sig[0]);
} else {
hwdev.secret_key_to_public_key(tx_key, tx_pub_key);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[0], tx_key, sig[0]);
}
}
for (size_t i = 1; i < num_sigs; ++i)
{
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_view_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
if (address.m_is_carrot)
{
mx25519_pubkey s_sender_receiver_unctx;
bool success = carrot::make_carrot_uncontextualized_shared_key_sender(
additional_tx_keys[i - 1],
address.m_view_public_key,
s_sender_receiver_unctx);
THROW_WALLET_EXCEPTION_IF(!success, error::wallet_internal_error,
"Failed to generate X25519 key derivation for carrot proof (main)");
aP = carrot::raw_byte_convert<rct::key>(s_sender_receiver_unctx);
} else {
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_view_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
}
shared_secret[i] = rct::rct2pk(aP);
if (is_subaddress)
{
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
tx_pub_key = rct2pk(aP);
if (address.m_is_carrot) {
mx25519_pubkey enote_ephemeral_pubkey_out;
carrot::make_carrot_enote_ephemeral_pubkey(additional_tx_keys[i - 1],
address.m_spend_public_key,
is_subaddress,
enote_ephemeral_pubkey_out);
tx_pub_key = carrot::raw_byte_convert<crypto::public_key>(enote_ephemeral_pubkey_out);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
}
else
{
hwdev.secret_key_to_public_key(additional_tx_keys[i - 1], tx_pub_key);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
}
} else {
if (is_subaddress)
{
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
tx_pub_key = rct2pk(aP);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
}
else
{
hwdev.secret_key_to_public_key(additional_tx_keys[i - 1], tx_pub_key);
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
}
}
}
sig_str = std::string("OutProofV2");
}