Commit Graph

255 Commits

Author SHA1 Message Date
moneromooo-monero
c3b3260ae5
New "Halfway RingCT" outputs for coinbase transactions
When RingCT is enabled, outputs from coinbase transactions
are created as a single output, and stored as RingCT output,
with a fake mask. Their amount is not hidden on the blockchain
itself, but they are then able to be used as fake inputs in
a RingCT ring. Since the output amounts are hidden, their
"dustiness" is not an obstacle anymore to mixing, and this
makes the coinbase transactions a lot smaller, as well as
helping the TXO set to grow more slowly.

Also add a new "Null" type of rct signature, which decreases
the size required when no signatures are to be stored, as
in a coinbase tx.
2016-08-28 21:30:26 +01:00
moneromooo-monero
d4b62a1e29
rct amount key modified as per luigi1111's recommendations
This allows the key to be not the same for two outputs sent to
the same address (eg, if you pay yourself, and also get change
back). Also remove the key amounts lists and return parameters
since we don't actually generate random ones, so we don't need
to save them as we can recalculate them when needed if we have
the correct keys.
2016-08-28 21:30:19 +01:00
moneromooo-monero
93f5c625f0
rct: rework v2 txes into prunable and non prunable data
Nothing is pruned, but this allows easier changes later.
2016-08-28 21:30:18 +01:00
moneromooo-monero
d93746b6d3
rct: rework the verification preparation process
The whole rct data apart from the MLSAGs is now included in
the signed message, to avoid malleability issues.

Instead of passing the data that's not serialized as extra
parameters to the verification API, the transaction is modified
to fill all that information. This means the transaction can
not be const anymore, but it cleaner in other ways.
2016-08-28 21:30:16 +01:00
moneromooo-monero
3ab2ab3e76
rct: change the simple flag to a type
for future expansion
2016-08-28 21:30:14 +01:00
Shen Noether
c5be4b0bea
rct: avoid the need for the last II element
This element is used in the generation of the MLSAG, but isn't
needed in verification.
Also misc changes in the cryptonote code to match, by mooo.
2016-08-28 21:30:12 +01:00
moneromooo-monero
a47ceee83b
wallet: do not store signatures in the wallet cache
Saves some substantial space.
Also avoid calculating tx hashes we don't need.
2016-08-28 21:30:10 +01:00
moneromooo-monero
b337aea6cc
rct: do not serialize senderPk - it is not used anymore 2016-08-28 21:30:01 +01:00
moneromooo-monero
e5a9a4755b
core_tests: fix a couple pre-rct tests using rct 2016-08-28 21:29:58 +01:00
moneromooo-monero
37bdf6ebe3
change fork settings to allow pre-rct txes for one more fork cycle 2016-08-28 21:29:50 +01:00
moneromooo-monero
9b70856ccb
rct: make the amount key derivable by a third party with the tx key
Scheme design from luigi1114.
2016-08-28 21:29:46 +01:00
moneromooo-monero
cf33e1a52a
rct: do not serialize public keys in outPk
They can be reconstructed from vout
2016-08-28 21:29:43 +01:00
moneromooo-monero
ce5de8b430
tests: add tests for wallet output selection 2016-08-28 21:29:34 +01:00
moneromooo-monero
e81a2b2cfa
port get_tx_key/check_tx_key to rct 2016-08-28 21:29:24 +01:00
moneromooo-monero
e06faefde4
tests: add basic tests for simple rct api 2016-08-28 21:29:22 +01:00
moneromooo-monero
a4d4d6194b
integrate simple rct api 2016-08-28 21:29:20 +01:00
moneromooo-monero
59a66e209a
move the rct commitments to the output_amounts database
Since these are needed at the same time as the output pubkeys,
this is a whole lot faster, and takes less space. Only outputs
of 0 amount store the commitment. When reading other outputs,
a fake commitment is regenerated on the fly. This avoids having
to rewrite the database to add space for fake commitments for
existing outputs.

This code relies on two things:

- LMDB must support fixed size records per key, rather than
per database (ie, all records on key 0 are the same size, all
records for non 0 keys are same size, but records from key 0
and non 0 keys do have different sizes).

- the commitment must be directly after the rest of the data
in outkey and output_data_t.
2016-08-28 21:29:02 +01:00
moneromooo-monero
6d0e47148b
rct: add the tx prefix hash into the MLSAG
to protect the non-signatures parts of the tx from tampering.
2016-08-28 21:28:58 +01:00
moneromooo-monero
20e50ec7f7
ringct: do not serialize what can be reconstructed
The mixRing (output keys and commitments) and II fields (key images)
can be reconstructed from vin data.
This saves some modest amount of space in the tx.
2016-08-28 21:28:55 +01:00
moneromooo-monero
106e3dc3d4
Add rct core tests 2016-08-28 21:28:53 +01:00
moneromooo-monero
161551e13b
tests: test for ringct rctSig data sizes
ie, more data or less data than expected in various fields
2016-08-28 21:28:42 +01:00
moneromooo-monero
dc4aad7eb5
add rct to the protocol
It is not yet constrained to a fork, so don't use on the real network
or you'll be orphaned or rejected.
2016-08-28 21:28:37 +01:00
moneromooo-monero
cc7f449d57
make rct tx serialization work
It may be suboptimal, but it's a pain to have to rebuild everything
when some of this changes.
Also, no clue why there seems to be two different code paths for
serializing a tx...
2016-08-28 21:28:31 +01:00
moneromooo-monero
54f7429cf6
ringct: allow no outputs, and add tests for this and fees 2016-08-28 21:28:27 +01:00
Shen Noether
f8c04ad94f
ringct: txn fee stuff 2016-08-28 21:28:23 +01:00
moneromooo-monero
eb56d0f994
blockchain_db: add functions for adding/removing/getting rct commitments 2016-08-28 21:28:11 +01:00
Shen Noether
53cdf4df5e
tests: new ringct test for checking H2 values
Ported from Shen's RingCT repo
2016-08-28 21:28:01 +01:00
moneromooo-monero
720ac85553
tests: zero inputs/outputs are in fact supposed to be accepted 2016-08-28 21:27:52 +01:00
moneromooo-monero
84948eabae
ringct: add a test for prooveRange being non deterministic 2016-08-28 21:27:50 +01:00
moneromooo-monero
700248f59e
tests: more ringct range proof tests 2016-08-28 21:27:43 +01:00
moneromooo-monero
9e82b694da
remove original Cryptonote blockchain_storage blockchain format 2016-08-28 21:27:32 +01:00
moneromooo-monero
57779abe27
tests: add some more ringct building block tests 2016-08-28 21:27:26 +01:00
moneromooo-monero
2d6303fb2c
tests: add Shen Noether's basic ringct tests 2016-08-28 21:27:19 +01:00
Ilya Kitaev
99dd57258f libwallet_api: tests: checking for result while opening wallet 2016-08-23 14:13:30 +03:00
Ilya Kitaev
bcf7b67cd6 libwallet_api: Wallet::amountFromString fixed 2016-08-23 13:47:21 +03:00
Ilya Kitaev
cbe534db1a libwallet_api: tests: removed logged passwords 2016-08-22 23:14:58 +03:00
Ilya Kitaev
b1a5a937ff libwallet_api: do not store wallet on close if status is not ok 2016-08-22 22:47:59 +03:00
moneromooo-monero
11dc091464
Fake outs set is now decided by the wallet
This plugs a privacy leak from the wallet to the daemon,
as the daemon could previously see what input is included
as a transaction input, which the daemon hadn't previously
supplied. Now, the wallet requests a particular set of
outputs, including the real one.

This can result in transactions that can't be accepted if
the wallet happens to select too many outputs with non standard
unlock times. The daemon could know this and select another
output, but the wallet is blind to it. It's currently very
unlikely since I don't think anything uses non default
unlock times. The wallet requests more outputs than necessary
so it can use spares if any of the returns outputs are still
locked. If there are not enough spares to reach the desired
mixin, the transaction will fail.
2016-08-11 14:35:27 +01:00
moneromooo-monero
46188734f6
tests: fix a bitflag test typo 2016-07-26 22:40:46 +01:00
moneromooo-monero
89e68d778d
unit_tests: check adding checkpoints succeeded 2016-07-26 22:40:38 +01:00
Riccardo Spagni
b582764bd6
Merge pull request #915
d7597c5 refreshing wallet even if error happened (Ilya Kitaev)
6d32a3d wallet_api: async init, Wallet::connected status, log level (Ilya Kitaev)
193d251 libwallet_api cmake: conditionally creating libwallet_merged2 only for STATIC build (Ilya Kitaev)
10c06dd wallet_api: segfault on refresh fixed (Ilya Kitaev)
9d2cb4f WalletListener functionality (Ilya Kitaev)
d27b883 hack to successfull linking for MSYS2 (Ilya Kitaev)
083380c Transaction fee multiplier aka priority integraged (Ilya Kitaev)
00ed12b Wallet::paymentIdValid (Ilya Kitaev)
2016-07-23 09:17:21 +02:00
anonimal
61ed40a618
Tests: fix signed/unsigned comparison in hash-target
* References #886
2016-07-22 22:05:35 +00:00
Ilya Kitaev
6d32a3d16b wallet_api: async init, Wallet::connected status, log level 2016-07-18 23:03:09 +03:00
Ilya Kitaev
9d2cb4f36c WalletListener functionality 2016-07-18 23:02:47 +03:00
Ilya Kitaev
083380cb8f Transaction fee multiplier aka priority integraged 2016-07-18 23:02:18 +03:00
moneromooo-monero
d7b681cd65
remove hf_starting_height db
It's not really needed, it used to be an optimization for when
that code was not using the db and needed to recalculate things
fast on startup.
2016-07-13 21:38:34 +01:00
Ilya Kitaev
ab61ba0c9b Merge branch 'master' of https://github.com/mbg033/bitmonero 2016-06-23 16:23:09 +03:00
Ilya Kitaev
ca61153003 Wallet: payment id and integrated address 2016-06-23 16:01:41 +03:00
Ilya Kitaev
2efec04f74 Wallet::createTransaction: added mixin_count param 2016-06-23 16:01:41 +03:00
Ilya Kitaev
85a632244e double/string to monero integer convertion methods 2016-06-23 16:01:41 +03:00