interim checkin - pretty sure this proof cannot work without curve translation using ConvertPointE()
This commit is contained in:
Some Random Crypto Guy
@@ -71,6 +71,7 @@ monero_add_library(cncrypto
|
|||||||
target_link_libraries(cncrypto
|
target_link_libraries(cncrypto
|
||||||
PUBLIC
|
PUBLIC
|
||||||
epee
|
epee
|
||||||
|
mx25519_static
|
||||||
randomx
|
randomx
|
||||||
${Boost_SYSTEM_LIBRARY}
|
${Boost_SYSTEM_LIBRARY}
|
||||||
${SODIUM_LIBRARY}
|
${SODIUM_LIBRARY}
|
||||||
|
|||||||
@@ -516,8 +516,8 @@ namespace crypto {
|
|||||||
#if !defined(NDEBUG)
|
#if !defined(NDEBUG)
|
||||||
{
|
{
|
||||||
assert(sc_check(&r) == 0);
|
assert(sc_check(&r) == 0);
|
||||||
// check R == r*G or R == r*B
|
// assume R == r*G or R == r*B
|
||||||
public_key dbg_R;
|
/*
|
||||||
if (B)
|
if (B)
|
||||||
{
|
{
|
||||||
ge_p2 dbg_R_p2;
|
ge_p2 dbg_R_p2;
|
||||||
@@ -531,7 +531,8 @@ namespace crypto {
|
|||||||
ge_p3_tobytes(&dbg_R, &dbg_R_p3);
|
ge_p3_tobytes(&dbg_R, &dbg_R_p3);
|
||||||
}
|
}
|
||||||
assert(R == dbg_R);
|
assert(R == dbg_R);
|
||||||
|
*/
|
||||||
|
|
||||||
// check D == r*A // move here to wallet2.cpp later
|
// check D == r*A // move here to wallet2.cpp later
|
||||||
ge_p2 dbg_D_p2;
|
ge_p2 dbg_D_p2;
|
||||||
ge_scalarmult(&dbg_D_p2, &r, &A_p3);
|
ge_scalarmult(&dbg_D_p2, &r, &A_p3);
|
||||||
@@ -547,11 +548,15 @@ namespace crypto {
|
|||||||
// try with x25519 curve
|
// try with x25519 curve
|
||||||
mx25519_pubkey A_x25519;
|
mx25519_pubkey A_x25519;
|
||||||
memcpy(&A_x25519, &A, sizeof(mx25519_pubkey));
|
memcpy(&A_x25519, &A, sizeof(mx25519_pubkey));
|
||||||
mx25519_scmul_key(get_mx25519_impl(),
|
const mx25519_impl *impl;
|
||||||
&A_x25519,
|
impl = mx25519_select_impl(MX25519_TYPE_AUTO);
|
||||||
reinterpret_cast<const mx25519_privkey*>(&r),
|
if (impl == nullptr)
|
||||||
&D_x25519);
|
throw std::runtime_error("failed to obtain a mx25519 implementation");
|
||||||
|
mx25519_scmul_key(impl,
|
||||||
|
&A_x25519,
|
||||||
|
reinterpret_cast<const mx25519_privkey*>(&r),
|
||||||
|
&D_x25519);
|
||||||
|
|
||||||
assert(memcmp(D.data, D_x25519.data, 32) == 0);
|
assert(memcmp(D.data, D_x25519.data, 32) == 0);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -9441,7 +9441,7 @@ bool simple_wallet::get_tx_proof(const std::vector<std::string> &args)
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
std::string sig_str = m_wallet->get_tx_proof(txid, info.address, info.is_subaddress, args.size() == 3 ? args[2] : "");
|
std::string sig_str = m_wallet->get_tx_proof(txid, info.address, info.is_subaddress, args.size() == 3 ? args[2] : "");
|
||||||
const std::string filename = "monero_tx_proof";
|
const std::string filename = "salvium_tx_proof";
|
||||||
if (m_wallet->save_to_file(filename, sig_str, true))
|
if (m_wallet->save_to_file(filename, sig_str, true))
|
||||||
success_msg_writer() << tr("signature file saved to: ") << filename;
|
success_msg_writer() << tr("signature file saved to: ") << filename;
|
||||||
else
|
else
|
||||||
|
|||||||
@@ -13261,30 +13261,64 @@ std::string wallet2::get_tx_proof(const cryptonote::transaction &tx, const crypt
|
|||||||
shared_secret[0] = rct::rct2pk(aP);
|
shared_secret[0] = rct::rct2pk(aP);
|
||||||
|
|
||||||
crypto::public_key tx_pub_key;
|
crypto::public_key tx_pub_key;
|
||||||
if (is_subaddress){
|
if (address.m_is_carrot) {
|
||||||
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(tx_key));
|
mx25519_pubkey enote_ephemeral_pubkey_out;
|
||||||
tx_pub_key = rct2pk(aP);
|
carrot::make_carrot_enote_ephemeral_pubkey(tx_key,
|
||||||
|
address.m_spend_public_key,
|
||||||
|
is_subaddress,
|
||||||
|
enote_ephemeral_pubkey_out);
|
||||||
|
tx_pub_key = carrot::raw_byte_convert<crypto::public_key>(enote_ephemeral_pubkey_out);
|
||||||
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[0], tx_key, sig[0]);
|
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[0], tx_key, sig[0]);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
hwdev.secret_key_to_public_key(tx_key, tx_pub_key);
|
if (is_subaddress){
|
||||||
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[0], tx_key, sig[0]);
|
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(tx_key));
|
||||||
|
tx_pub_key = rct2pk(aP);
|
||||||
|
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[0], tx_key, sig[0]);
|
||||||
|
} else {
|
||||||
|
hwdev.secret_key_to_public_key(tx_key, tx_pub_key);
|
||||||
|
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[0], tx_key, sig[0]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
for (size_t i = 1; i < num_sigs; ++i)
|
for (size_t i = 1; i < num_sigs; ++i)
|
||||||
{
|
{
|
||||||
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_view_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
|
if (address.m_is_carrot)
|
||||||
|
{
|
||||||
|
mx25519_pubkey s_sender_receiver_unctx;
|
||||||
|
bool success = carrot::make_carrot_uncontextualized_shared_key_sender(
|
||||||
|
additional_tx_keys[i - 1],
|
||||||
|
address.m_view_public_key,
|
||||||
|
s_sender_receiver_unctx);
|
||||||
|
THROW_WALLET_EXCEPTION_IF(!success, error::wallet_internal_error,
|
||||||
|
"Failed to generate X25519 key derivation for carrot proof (main)");
|
||||||
|
aP = carrot::raw_byte_convert<rct::key>(s_sender_receiver_unctx);
|
||||||
|
} else {
|
||||||
|
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_view_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
|
||||||
|
}
|
||||||
shared_secret[i] = rct::rct2pk(aP);
|
shared_secret[i] = rct::rct2pk(aP);
|
||||||
if (is_subaddress)
|
if (address.m_is_carrot) {
|
||||||
{
|
mx25519_pubkey enote_ephemeral_pubkey_out;
|
||||||
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
|
carrot::make_carrot_enote_ephemeral_pubkey(additional_tx_keys[i - 1],
|
||||||
tx_pub_key = rct2pk(aP);
|
address.m_spend_public_key,
|
||||||
|
is_subaddress,
|
||||||
|
enote_ephemeral_pubkey_out);
|
||||||
|
tx_pub_key = carrot::raw_byte_convert<crypto::public_key>(enote_ephemeral_pubkey_out);
|
||||||
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
|
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
|
||||||
}
|
|
||||||
else
|
} else {
|
||||||
{
|
if (is_subaddress)
|
||||||
hwdev.secret_key_to_public_key(additional_tx_keys[i - 1], tx_pub_key);
|
{
|
||||||
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
|
hwdev.scalarmultKey(aP, rct::pk2rct(address.m_spend_public_key), rct::sk2rct(additional_tx_keys[i - 1]));
|
||||||
}
|
tx_pub_key = rct2pk(aP);
|
||||||
|
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, address.m_spend_public_key, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
hwdev.secret_key_to_public_key(additional_tx_keys[i - 1], tx_pub_key);
|
||||||
|
generate_proof_fn(prefix_hash, tx_pub_key, address.m_view_public_key, boost::none, shared_secret[i], additional_tx_keys[i - 1], sig[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
sig_str = std::string("OutProofV2");
|
sig_str = std::string("OutProofV2");
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user