From d4b62a1e295a7fb19de6081733b1d8e0610cbf08 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Wed, 10 Aug 2016 12:48:20 +0100 Subject: [PATCH] rct amount key modified as per luigi1111's recommendations This allows the key to be not the same for two outputs sent to the same address (eg, if you pay yourself, and also get change back). Also remove the key amounts lists and return parameters since we don't actually generate random ones, so we don't need to save them as we can recalculate them when needed if we have the correct keys. --- src/crypto/crypto.cpp | 2 +- src/crypto/crypto.h | 5 +++ .../cryptonote_format_utils.cpp | 13 +++++-- src/cryptonote_core/cryptonote_format_utils.h | 2 +- src/ringct/rctOps.cpp | 18 ++------- src/ringct/rctOps.h | 6 +-- src/ringct/rctSigs.cpp | 28 +++---------- src/ringct/rctSigs.h | 2 - src/simplewallet/simplewallet.cpp | 28 +++++++++---- src/wallet/wallet2.cpp | 39 +++++++++---------- src/wallet/wallet2.h | 5 +-- src/wallet/wallet_rpc_server.cpp | 31 --------------- src/wallet/wallet_rpc_server_commands_defs.h | 6 --- tests/core_tests/rct.cpp | 17 ++++---- tests/unit_tests/ringct.cpp | 16 ++++---- 15 files changed, 85 insertions(+), 133 deletions(-) diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp index f0ee3bdc3..250779ac3 100644 --- a/src/crypto/crypto.cpp +++ b/src/crypto/crypto.cpp @@ -151,7 +151,7 @@ namespace crypto { return true; } - static void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) { + void crypto_ops::derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) { struct { key_derivation derivation; char output_index[(sizeof(size_t) * 8 + 6) / 7]; diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index aa437d57d..b396fc7db 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -113,6 +113,8 @@ namespace crypto { friend bool secret_key_to_public_key(const secret_key &, public_key &); static bool generate_key_derivation(const public_key &, const secret_key &, key_derivation &); friend bool generate_key_derivation(const public_key &, const secret_key &, key_derivation &); + static void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res); + friend void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res); static bool derive_public_key(const key_derivation &, std::size_t, const public_key &, public_key &); friend bool derive_public_key(const key_derivation &, std::size_t, const public_key &, public_key &); static void derive_secret_key(const key_derivation &, std::size_t, const secret_key &, secret_key &); @@ -181,6 +183,9 @@ namespace crypto { const public_key &base, public_key &derived_key) { return crypto_ops::derive_public_key(derivation, output_index, base, derived_key); } + inline void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) { + return crypto_ops::derivation_to_scalar(derivation, output_index, res); + } inline void derive_secret_key(const key_derivation &derivation, std::size_t output_index, const secret_key &base, secret_key &derived_key) { crypto_ops::derive_secret_key(derivation, output_index, base, derived_key); diff --git a/src/cryptonote_core/cryptonote_format_utils.cpp b/src/cryptonote_core/cryptonote_format_utils.cpp index 8f4020829..6a3172d4e 100644 --- a/src/cryptonote_core/cryptonote_format_utils.cpp +++ b/src/cryptonote_core/cryptonote_format_utils.cpp @@ -458,8 +458,9 @@ namespace cryptonote return encrypt_payment_id(payment_id, public_key, secret_key); } //--------------------------------------------------------------- - bool construct_tx_and_get_tx_keys(const account_keys& sender_account_keys, const std::vector& sources, const std::vector& destinations, std::vector extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key, std::vector &amount_keys, bool rct) + bool construct_tx_and_get_tx_key(const account_keys& sender_account_keys, const std::vector& sources, const std::vector& destinations, std::vector extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key, bool rct) { + std::vector amount_keys; tx.vin.clear(); tx.vout.clear(); tx.signatures.clear(); @@ -577,6 +578,12 @@ namespace cryptonote bool r = crypto::generate_key_derivation(dst_entr.addr.m_view_public_key, txkey.sec, derivation); CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to generate_key_derivation(" << dst_entr.addr.m_view_public_key << ", " << txkey.sec << ")"); + if (tx.version > 1) + { + crypto::secret_key scalar1; + crypto::derivation_to_scalar(derivation, output_index, scalar1); + amount_keys.push_back(scalar1); + } r = crypto::derive_public_key(derivation, output_index, dst_entr.addr.m_spend_public_key, out_eph_public_key); CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to derive_public_key(" << derivation << ", " << output_index << ", "<< dst_entr.addr.m_spend_public_key << ")"); @@ -686,7 +693,6 @@ namespace cryptonote destinations.push_back(rct::pk2rct(boost::get(tx.vout[i].target).key)); outamounts.push_back(tx.vout[i].amount); amount_out += tx.vout[i].amount; - amount_keys.push_back(rct::rct2sk(rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(shuffled_dsts[i].addr.m_view_public_key), rct::sk2rct(txkey.sec))))); } if (use_simple_rct) @@ -745,8 +751,7 @@ namespace cryptonote bool construct_tx(const account_keys& sender_account_keys, const std::vector& sources, const std::vector& destinations, std::vector extra, transaction& tx, uint64_t unlock_time) { crypto::secret_key tx_key; - std::vector amount_keys; - return construct_tx_and_get_tx_keys(sender_account_keys, sources, destinations, extra, tx, unlock_time, tx_key, amount_keys); + return construct_tx_and_get_tx_key(sender_account_keys, sources, destinations, extra, tx, unlock_time, tx_key); } //--------------------------------------------------------------- bool get_inputs_money_amount(const transaction& tx, uint64_t& money) diff --git a/src/cryptonote_core/cryptonote_format_utils.h b/src/cryptonote_core/cryptonote_format_utils.h index f70b22573..5da256921 100644 --- a/src/cryptonote_core/cryptonote_format_utils.h +++ b/src/cryptonote_core/cryptonote_format_utils.h @@ -74,7 +74,7 @@ namespace cryptonote //--------------------------------------------------------------- bool construct_tx(const account_keys& sender_account_keys, const std::vector& sources, const std::vector& destinations, std::vector extra, transaction& tx, uint64_t unlock_time); - bool construct_tx_and_get_tx_keys(const account_keys& sender_account_keys, const std::vector& sources, const std::vector& destinations, std::vector extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key, std::vector &amount_keys, bool rct = false); + bool construct_tx_and_get_tx_key(const account_keys& sender_account_keys, const std::vector& sources, const std::vector& destinations, std::vector extra, transaction& tx, uint64_t unlock_time, crypto::secret_key &tx_key, bool rct = false); template bool find_tx_extra_field_by_type(const std::vector& tx_extra_fields, T& field) diff --git a/src/ringct/rctOps.cpp b/src/ringct/rctOps.cpp index b8a0d26ad..d54aa667f 100644 --- a/src/ringct/rctOps.cpp +++ b/src/ringct/rctOps.cpp @@ -741,28 +741,18 @@ void fe_mul(fe h,const fe f,const fe g) //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a // where C= aG + bH - void ecdhEncodeFromSharedSecret(ecdhTuple & unmasked, const key & sharedSec1) { + void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec) { + key sharedSec1 = hash_to_scalar(sharedSec); key sharedSec2 = hash_to_scalar(sharedSec1); //encode sc_add(unmasked.mask.bytes, unmasked.mask.bytes, sharedSec1.bytes); sc_add(unmasked.amount.bytes, unmasked.amount.bytes, sharedSec2.bytes); } - void ecdhEncode(ecdhTuple & unmasked, const key & receiverPk) { - key esk; - //compute shared secret - skpkGen(esk, unmasked.senderPk); - key sharedSec1 = hash_to_scalar(scalarmultKey(receiverPk, esk)); - ecdhEncodeFromSharedSecret(unmasked, sharedSec1); - } - void ecdhDecodeFromSharedSecret(ecdhTuple & masked, const key & sharedSec1) { + void ecdhDecode(ecdhTuple & masked, const key & sharedSec) { + key sharedSec1 = hash_to_scalar(sharedSec); key sharedSec2 = hash_to_scalar(sharedSec1); //decode sc_sub(masked.mask.bytes, masked.mask.bytes, sharedSec1.bytes); sc_sub(masked.amount.bytes, masked.amount.bytes, sharedSec2.bytes); } - void ecdhDecode(ecdhTuple & masked, const key & receiverSk) { - //compute shared secret - key sharedSec1 = hash_to_scalar(scalarmultKey(masked.senderPk, receiverSk)); - ecdhDecodeFromSharedSecret(masked, sharedSec1); - } } diff --git a/src/ringct/rctOps.h b/src/ringct/rctOps.h index 225c5abb9..1e71c645d 100644 --- a/src/ringct/rctOps.h +++ b/src/ringct/rctOps.h @@ -165,9 +165,7 @@ namespace rct { //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a // where C= aG + bH - void ecdhEncodeFromSharedSecret(ecdhTuple & unmasked, const key & sharedSec1); - void ecdhEncode(ecdhTuple & unmasked, const key & receiverPk); - void ecdhDecodeFromSharedSecret(ecdhTuple & masked, const key & sharedSec1); - void ecdhDecode(ecdhTuple & masked, const key & receiverSk); + void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec); + void ecdhDecode(ecdhTuple & masked, const key & sharedSec); } #endif /* RCTOPS_H */ diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index d42be0fcc..73c124067 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -613,7 +613,7 @@ namespace rct { //mask amount and mask rv.ecdhInfo[i].mask = copy(outSk[i].mask); rv.ecdhInfo[i].amount = d2h(amounts[i]); - ecdhEncodeFromSharedSecret(rv.ecdhInfo[i], amount_keys[i]); + ecdhEncode(rv.ecdhInfo[i], amount_keys[i]); } @@ -679,7 +679,7 @@ namespace rct { //mask amount and mask rv.ecdhInfo[i].mask = copy(outSk[i].mask); rv.ecdhInfo[i].amount = d2h(outamounts[i]); - ecdhEncodeFromSharedSecret(rv.ecdhInfo[i], amount_keys[i]); + ecdhEncode(rv.ecdhInfo[i], amount_keys[i]); } //set txn fee @@ -821,7 +821,7 @@ namespace rct { //decodeRct: (c.f. http://eprint.iacr.org/2015/1098 section 5.1.1) // uses the attached ecdh info to find the amounts represented by each output commitment // must know the destination private key to find the correct amount, else will return a random number - static xmr_amount decodeRctMain(const rctSig & rv, const key & sk, unsigned int i, key & mask, void (*decode)(ecdhTuple&, const key&)) { + xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask) { CHECK_AND_ASSERT_MES(rv.type == RCTTypeFull, false, "decodeRct called on non-full rctSig"); CHECK_AND_ASSERT_THROW_MES(rv.p.rangeSigs.size() > 0, "Empty rv.p.rangeSigs"); CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.p.rangeSigs.size(), "Mismatched sizes of rv.outPk and rv.p.rangeSigs"); @@ -829,7 +829,7 @@ namespace rct { //mask amount and mask ecdhTuple ecdh_info = rv.ecdhInfo[i]; - (*decode)(ecdh_info, sk); + ecdhDecode(ecdh_info, sk); mask = ecdh_info.mask; key amount = ecdh_info.amount; key C = rv.outPk[i].mask; @@ -845,20 +845,12 @@ namespace rct { return h2d(amount); } - xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask) { - return decodeRctMain(rv, sk, i, mask, &ecdhDecode); - } - - xmr_amount decodeRctFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key & mask) { - return decodeRctMain(rv, sk, i, mask, &ecdhDecodeFromSharedSecret); - } - xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i) { key mask; return decodeRct(rv, sk, i, mask); } - static xmr_amount decodeRctSimpleMain(const rctSig & rv, const key & sk, unsigned int i, key &mask, void (*decode)(ecdhTuple &ecdh, const key&)) { + xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask) { CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple, false, "decodeRct called on non simple rctSig"); CHECK_AND_ASSERT_THROW_MES(rv.p.rangeSigs.size() > 0, "Empty rv.p.rangeSigs"); CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.p.rangeSigs.size(), "Mismatched sizes of rv.outPk and rv.p.rangeSigs"); @@ -866,7 +858,7 @@ namespace rct { //mask amount and mask ecdhTuple ecdh_info = rv.ecdhInfo[i]; - (*decode)(ecdh_info, sk); + ecdhDecode(ecdh_info, sk); mask = ecdh_info.mask; key amount = ecdh_info.amount; key C = rv.outPk[i].mask; @@ -882,14 +874,6 @@ namespace rct { return h2d(amount); } - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask) { - return decodeRctSimpleMain(rv, sk, i, mask, &ecdhDecode); - } - - xmr_amount decodeRctSimpleFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key &mask) { - return decodeRctSimpleMain(rv, sk, i, mask, &ecdhDecodeFromSharedSecret); - } - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i) { key mask; return decodeRctSimple(rv, sk, i, mask); diff --git a/src/ringct/rctSigs.h b/src/ringct/rctSigs.h index bf9d4be81..8a686bd64 100644 --- a/src/ringct/rctSigs.h +++ b/src/ringct/rctSigs.h @@ -142,9 +142,7 @@ namespace rct { bool verRct(const rctSig & rv); bool verRctSimple(const rctSig & rv); xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask); - xmr_amount decodeRctFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key & mask); xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i); - xmr_amount decodeRctSimpleFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key & mask); xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key & mask); xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i); } diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp index 9e7341451..7c5e8e541 100644 --- a/src/simplewallet/simplewallet.cpp +++ b/src/simplewallet/simplewallet.cpp @@ -3077,15 +3077,27 @@ bool simple_wallet::check_tx_key(const std::vector &args_) try { rct::key Ctmp; - rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key))); - rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n]; - rct::ecdhDecodeFromSharedSecret(ecdh_info, amount_key); - rct::key C = tx.rct_signatures.outPk[n].mask; - rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H); - if (rct::equalKeys(C, Ctmp)) - amount = rct::h2d(ecdh_info.amount); - else + //rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key))); + crypto::key_derivation derivation; + bool r = crypto::generate_key_derivation(address.m_view_public_key, tx_key, derivation); + if (!r) + { + LOG_ERROR("Failed to generate key derivation to decode rct output " << n); amount = 0; + } + else + { + crypto::secret_key scalar1; + crypto::derivation_to_scalar(derivation, n, scalar1); + rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n]; + rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1)); + rct::key C = tx.rct_signatures.outPk[n].mask; + rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H); + if (rct::equalKeys(C, Ctmp)) + amount = rct::h2d(ecdh_info.amount); + else + amount = 0; + } } catch (...) { amount = 0; } } diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index c3fb160a0..b3b8e6561 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -207,16 +207,25 @@ void wallet2::check_acc_out(const account_keys &acc, const tx_out &o, const cryp error = false; } //---------------------------------------------------------------------------------------------------- -static uint64_t decodeRct(const rct::rctSig & rv, const rct::key & sk, unsigned int i, rct::key & mask) +static uint64_t decodeRct(const rct::rctSig & rv, const crypto::public_key pub, const crypto::secret_key &sec, unsigned int i, rct::key & mask) { + crypto::key_derivation derivation; + bool r = crypto::generate_key_derivation(pub, sec, derivation); + if (!r) + { + LOG_ERROR("Failed to generate key derivation to decode rct output " << i); + return 0; + } + crypto::secret_key scalar1; + crypto::derivation_to_scalar(derivation, i, scalar1); try { switch (rv.type) { case rct::RCTTypeSimple: - return rct::decodeRctSimpleFromSharedSecret(rv, sk, i, mask); + return rct::decodeRctSimple(rv, rct::sk2rct(scalar1), i, mask); case rct::RCTTypeFull: - return rct::decodeRctFromSharedSecret(rv, sk, i, mask); + return rct::decodeRct(rv, rct::sk2rct(scalar1), i, mask); default: LOG_ERROR("Unsupported rct type: " << rv.type); return 0; @@ -308,8 +317,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, const s if (money_transfered == 0) { const cryptonote::account_keys& keys = m_account.get_keys(); - rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(pub_key_field.pub_key), rct::sk2rct(keys.m_view_secret_key))); - money_transfered = tools::decodeRct(tx.rct_signatures, amount_key, 0, mask[0]); + money_transfered = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, 0, mask[0]); } amount[0] = money_transfered; tx_money_got_in_outs = money_transfered; @@ -352,8 +360,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, const s if (money_transfered[i] == 0) { const cryptonote::account_keys& keys = m_account.get_keys(); - rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(pub_key_field.pub_key), rct::sk2rct(keys.m_view_secret_key))); - money_transfered[i] = tools::decodeRct(tx.rct_signatures, amount_key, i, mask[i]); + money_transfered[i] = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, i, mask[i]); } tx_money_got_in_outs += money_transfered[i]; amount[i] = money_transfered[i]; @@ -401,8 +408,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, const s if (money_transfered[i] == 0) { const cryptonote::account_keys& keys = m_account.get_keys(); - rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(pub_key_field.pub_key), rct::sk2rct(keys.m_view_secret_key))); - money_transfered[i] = tools::decodeRct(tx.rct_signatures, amount_key, i, mask[i]); + money_transfered[i] = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, i, mask[i]); } tx_money_got_in_outs += money_transfered[i]; amount[i] = money_transfered[i]; @@ -434,8 +440,7 @@ void wallet2::process_new_transaction(const cryptonote::transaction& tx, const s if (money_transfered == 0) { const cryptonote::account_keys& keys = m_account.get_keys(); - rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(pub_key_field.pub_key), rct::sk2rct(keys.m_view_secret_key))); - money_transfered = tools::decodeRct(tx.rct_signatures, amount_key, i, mask[i]); + money_transfered = tools::decodeRct(tx.rct_signatures, pub_key_field.pub_key, keys.m_view_secret_key, i, mask[i]); } amount[i] = money_transfered; tx_money_got_in_outs += money_transfered; @@ -2896,8 +2901,7 @@ void wallet2::transfer_selected(const std::vector amount_keys; - bool r = cryptonote::construct_tx_and_get_tx_keys(m_account.get_keys(), sources, splitted_dsts, extra, tx, unlock_time, tx_key, amount_keys); + bool r = cryptonote::construct_tx_and_get_tx_key(m_account.get_keys(), sources, splitted_dsts, extra, tx, unlock_time, tx_key); THROW_WALLET_EXCEPTION_IF(!r, error::tx_not_constructed, sources, splitted_dsts, unlock_time, m_testnet); THROW_WALLET_EXCEPTION_IF(upper_transaction_size_limit <= get_object_blobsize(tx), error::tx_too_big, tx, upper_transaction_size_limit); @@ -2924,7 +2928,6 @@ void wallet2::transfer_selected(const std::vector amount_keys; - bool r = cryptonote::construct_tx_and_get_tx_keys(m_account.get_keys(), sources, dsts, extra, tx, unlock_time, tx_key, amount_keys, true); + bool r = cryptonote::construct_tx_and_get_tx_key(m_account.get_keys(), sources, dsts, extra, tx, unlock_time, tx_key, true); THROW_WALLET_EXCEPTION_IF(!r, error::tx_not_constructed, sources, dsts, unlock_time, m_testnet); THROW_WALLET_EXCEPTION_IF(upper_transaction_size_limit <= get_object_blobsize(tx), error::tx_too_big, tx, upper_transaction_size_limit); @@ -3135,7 +3137,6 @@ void wallet2::transfer_selected_rct(std::vector &outs, size_t num_outputs, } crypto::secret_key tx_key; - std::vector amount_keys; - bool r = cryptonote::construct_tx_and_get_tx_keys(m_account.get_keys(), sources, splitted_dsts, extra, tx, unlock_time, tx_key, amount_keys); + bool r = cryptonote::construct_tx_and_get_tx_key(m_account.get_keys(), sources, splitted_dsts, extra, tx, unlock_time, tx_key); THROW_WALLET_EXCEPTION_IF(!r, error::tx_not_constructed, sources, splitted_dsts, unlock_time, m_testnet); THROW_WALLET_EXCEPTION_IF(upper_transaction_size_limit <= get_object_blobsize(tx), error::tx_too_big, tx, upper_transaction_size_limit); @@ -3785,7 +3785,6 @@ void wallet2::transfer_from(const std::vector &outs, size_t num_outputs, ptx.change_dts = change_dts; ptx.selected_transfers = selected_transfers; ptx.tx_key = tx_key; - ptx.amount_keys = amount_keys; ptx.dests = dsts; } diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index 488902d5d..0d61f90e2 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -162,7 +162,6 @@ namespace tools std::list selected_transfers; std::string key_images; crypto::secret_key tx_key; - std::vector amount_keys; std::vector dests; }; @@ -828,8 +827,7 @@ namespace tools } crypto::secret_key tx_key; - std::vector amount_keys; - bool r = cryptonote::construct_tx_and_get_tx_keys(m_account.get_keys(), sources, splitted_dsts, extra, tx, unlock_time, tx_key, amount_keys); + bool r = cryptonote::construct_tx_and_get_tx_key(m_account.get_keys(), sources, splitted_dsts, extra, tx, unlock_time, tx_key); THROW_WALLET_EXCEPTION_IF(!r, error::tx_not_constructed, sources, splitted_dsts, unlock_time, m_testnet); THROW_WALLET_EXCEPTION_IF(upper_transaction_size_limit <= get_object_blobsize(tx), error::tx_too_big, tx, upper_transaction_size_limit); @@ -855,7 +853,6 @@ namespace tools ptx.change_dts = change_dts; ptx.selected_transfers = selected_transfers; ptx.tx_key = tx_key; - ptx.amount_keys = amount_keys; ptx.dests = dsts; } diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp index 1786b776f..4c190b005 100644 --- a/src/wallet/wallet_rpc_server.cpp +++ b/src/wallet/wallet_rpc_server.cpp @@ -256,13 +256,6 @@ namespace tools if (req.get_tx_key) { res.tx_key = epee::string_tools::pod_to_hex(ptx_vector.back().tx_key); - if (ptx_vector.back().tx.version > 1) - { - for (const auto &i: ptx_vector.back().amount_keys) - { - res.amount_keys.push_back(epee::string_tools::pod_to_hex(i)); - } - } } return true; } @@ -325,14 +318,6 @@ namespace tools if (req.get_tx_keys) { res.tx_key_list.push_back(epee::string_tools::pod_to_hex(ptx.tx_key)); - res.amount_key_list.push_back(wallet_rpc::COMMAND_RPC_TRANSFER_SPLIT::key_list()); - if (ptx.tx.version > 1) - { - for (const auto &i: ptx.amount_keys) - { - res.amount_key_list.back().keys.push_back(epee::string_tools::pod_to_hex(i)); - } - } } } @@ -381,14 +366,6 @@ namespace tools if (req.get_tx_keys) { res.tx_key_list.push_back(epee::string_tools::pod_to_hex(ptx.tx_key)); - res.amount_key_list.push_back(wallet_rpc::COMMAND_RPC_SWEEP_DUST::key_list()); - if (ptx.tx.version > 1) - { - for (const auto &i: ptx.amount_keys) - { - res.amount_key_list.back().keys.push_back(epee::string_tools::pod_to_hex(i)); - } - } } } @@ -450,14 +427,6 @@ namespace tools if (req.get_tx_keys) { res.tx_key_list.push_back(epee::string_tools::pod_to_hex(ptx.tx_key)); - res.amount_key_list.push_back(wallet_rpc::COMMAND_RPC_SWEEP_ALL::key_list()); - if (ptx.tx.version > 1) - { - for (const auto &i: ptx.amount_keys) - { - res.amount_key_list.back().keys.push_back(epee::string_tools::pod_to_hex(i)); - } - } } } diff --git a/src/wallet/wallet_rpc_server_commands_defs.h b/src/wallet/wallet_rpc_server_commands_defs.h index 4df259242..27b897dab 100644 --- a/src/wallet/wallet_rpc_server_commands_defs.h +++ b/src/wallet/wallet_rpc_server_commands_defs.h @@ -178,12 +178,10 @@ namespace wallet_rpc { std::list tx_hash_list; std::list tx_key_list; - std::list amount_key_list; BEGIN_KV_SERIALIZE_MAP() KV_SERIALIZE(tx_hash_list) KV_SERIALIZE(tx_key_list) - KV_SERIALIZE(amount_key_list) END_KV_SERIALIZE_MAP() }; }; @@ -214,12 +212,10 @@ namespace wallet_rpc { std::list tx_hash_list; std::list tx_key_list; - std::list amount_key_list; BEGIN_KV_SERIALIZE_MAP() KV_SERIALIZE(tx_hash_list) KV_SERIALIZE(tx_key_list) - KV_SERIALIZE(amount_key_list) END_KV_SERIALIZE_MAP() }; }; @@ -260,12 +256,10 @@ namespace wallet_rpc { std::list tx_hash_list; std::list tx_key_list; - std::list amount_key_list; BEGIN_KV_SERIALIZE_MAP() KV_SERIALIZE(tx_hash_list) KV_SERIALIZE(tx_key_list) - KV_SERIALIZE(amount_key_list) END_KV_SERIALIZE_MAP() }; }; diff --git a/tests/core_tests/rct.cpp b/tests/core_tests/rct.cpp index d03e208b6..b358ce8b2 100644 --- a/tests/core_tests/rct.cpp +++ b/tests/core_tests/rct.cpp @@ -116,20 +116,22 @@ bool gen_rct_tx_validation_base::generate_with(std::vector& ev destinations.push_back(td); // 30 -> 7.39 * 4 crypto::secret_key tx_key; - std::vector amount_keys; - bool r = construct_tx_and_get_tx_keys(miner_accounts[n].get_keys(), sources, destinations, std::vector(), rct_txes[n], 0, tx_key, amount_keys, true); + bool r = construct_tx_and_get_tx_key(miner_accounts[n].get_keys(), sources, destinations, std::vector(), rct_txes[n], 0, tx_key, true); CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction"); events.push_back(rct_txes[n]); starting_rct_tx_hashes.push_back(get_transaction_hash(rct_txes[n])); - crypto::public_key tx_pub_key = get_tx_pub_key_from_extra(rct_txes[n]); for (size_t o = 0; o < 4; ++o) { - rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(tx_pub_key), rct::sk2rct(miner_accounts[n].get_keys().m_view_secret_key))); + crypto::key_derivation derivation; + bool r = crypto::generate_key_derivation(destinations[o].addr.m_view_public_key, tx_key, derivation); + CHECK_AND_ASSERT_MES(r, false, "Failed to generate key derivation"); + crypto::secret_key amount_key; + crypto::derivation_to_scalar(derivation, o, amount_key); if (rct_txes[n].rct_signatures.type == rct::RCTTypeSimple) - rct::decodeRctSimpleFromSharedSecret(rct_txes[n].rct_signatures, amount_key, o, rct_tx_masks[o+n*4]); + rct::decodeRctSimple(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4]); else - rct::decodeRctFromSharedSecret(rct_txes[n].rct_signatures, amount_key, o, rct_tx_masks[o+n*4]); + rct::decodeRct(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4]); } CHECK_AND_ASSERT_MES(generator.construct_block_manually(blk_txes[n], blk_last, miner_account, @@ -205,8 +207,7 @@ bool gen_rct_tx_validation_base::generate_with(std::vector& ev transaction tx; crypto::secret_key tx_key; - std::vector amount_keys; - bool r = construct_tx_and_get_tx_keys(miner_accounts[0].get_keys(), sources, destinations, std::vector(), tx, 0, tx_key, amount_keys, true); + bool r = construct_tx_and_get_tx_key(miner_accounts[0].get_keys(), sources, destinations, std::vector(), tx, 0, tx_key, true); CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction"); if (post_tx) diff --git a/tests/unit_tests/ringct.cpp b/tests/unit_tests/ringct.cpp index 16234ce52..224e32e61 100644 --- a/tests/unit_tests/ringct.cpp +++ b/tests/unit_tests/ringct.cpp @@ -196,7 +196,7 @@ TEST(ringct, range_proofs) ASSERT_TRUE(verRct(s)); //decode received amount - ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask)); + ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask)); // Ring CT with failing MG sig part should not verify! // Since sum of inputs != outputs @@ -213,7 +213,7 @@ TEST(ringct, range_proofs) ASSERT_FALSE(verRct(s)); //decode received amount - ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask)); + ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask)); } TEST(ringct, range_proofs_with_fee) @@ -261,7 +261,7 @@ TEST(ringct, range_proofs_with_fee) ASSERT_TRUE(verRct(s)); //decode received amount - ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask)); + ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask)); // Ring CT with failing MG sig part should not verify! // Since sum of inputs != outputs @@ -278,7 +278,7 @@ TEST(ringct, range_proofs_with_fee) ASSERT_FALSE(verRct(s)); //decode received amount - ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask)); + ASSERT_TRUE(decodeRct(s, amount_keys[1], 1, mask)); } TEST(ringct, simple) @@ -336,7 +336,7 @@ TEST(ringct, simple) ASSERT_TRUE(verRctSimple(s)); //decode received amount corresponding to output pubkey index 1 - ASSERT_TRUE(decodeRctSimpleFromSharedSecret(s, amount_keys[1], 1, mask)); + ASSERT_TRUE(decodeRctSimple(s, amount_keys[1], 1, mask)); } static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], bool last_is_fee) @@ -843,17 +843,17 @@ static const xmr_amount test_amounts[]={0, 1, 2, 3, 4, 5, 10000, 100000000000000 TEST(ringct, ecdh_roundtrip) { - key k, P1; + key k; ecdhTuple t0, t1; for (auto amount: test_amounts) { - skpkGen(k, P1); + skGen(k); t0.mask = skGen(); t0.amount = d2h(amount); t1 = t0; - ecdhEncode(t1, P1); + ecdhEncode(t1, k); ecdhDecode(t1, k); ASSERT_TRUE(t0.mask == t1.mask); ASSERT_TRUE(equalKeys(t0.mask, t1.mask));