Skip to content

Commit

Permalink
revert the changes on reserialize_chain
Browse files Browse the repository at this point in the history 
plus other misc changes
  • Loading branch information
@Boog900
Boog900 committed Sep 28, 2023
1 parent c811ce8 commit 96e4680
Show file tree
Hide file tree
Showing 7 changed files with 80 additions and 141 deletions.
187 changes: 66 additions & 121 deletions coins/monero/src/bin/reserialize_chain.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,66 +20,7 @@ mod binaries {
rpc::{RpcError, Rpc, HttpRpc},
};

async fn get_outs(rpc: &Rpc<HttpRpc>, amount: u64, indexes: &[u64]) -> Vec<[EdwardsPoint; 2]> {
#[derive(Deserialize, Debug)]
struct Out {
key: String,
mask: String,
}

#[derive(Deserialize, Debug)]
struct Outs {
outs: Vec<Out>,
}

let outs: Outs = loop {
match rpc
.rpc_call(
"get_outs",
Some(json!({
"get_txid": true,
"outputs": indexes.iter().map(|o| json!({
"amount": amount,
"index": o
})).collect::<Vec<_>>()
})),
)
.await
{
Ok(outs) => break outs,
Err(RpcError::ConnectionError) => {
println!("get_outs ConnectionError");
continue;
}
Err(e) => panic!("couldn't connect to RPC to get outs: {e:?}"),
}
};

let rpc_point = |point: &str| {
CompressedEdwardsY(
hex::decode(point)
.expect("invalid hex for ring member")
.try_into()
.expect("invalid point len for ring member"),
)
.decompress()
.expect("invalid point for ring member")
};

outs
.outs
.iter()
.map(|out| {
let mask = rpc_point(&out.mask);
if amount != 0 {
assert_eq!(mask, Commitment::new(Scalar::from(1u8), amount).calculate());
}
[rpc_point(&out.key), mask]
})
.collect()
}
pub(crate) use tokio::task::JoinHandle;
use monero_serai::ringct::mlsag::RingMatrix;

pub(crate) async fn check_block(rpc: Arc<Rpc<HttpRpc>>, block_i: usize) {
let hash = loop {
Expand Down Expand Up @@ -188,68 +129,9 @@ mod binaries {
// Accordingly, making sure our signature_hash algorithm is correct is great, and further
// making sure the verification functions are valid is appreciated
match tx.rct_signatures.prunable {
RctPrunable::Null => {}
RctPrunable::AggregateMlsagBorromean { borromean, mlsag } => {
borromean
.iter()
.zip(&tx.rct_signatures.base.commitments)
.for_each(|(borro, commitment)| assert!(borro.verify(commitment)));

let mut ring = RingMatrix::aggregate_builder(
&tx.rct_signatures.base.commitments,
tx.rct_signatures.base.fee,
);
let mut key_images = Vec::new();

for input in &tx.prefix.inputs {
let (amount, key_offsets, image) = match input {
Input::Gen(_) => panic!("Input::Gen"),
Input::ToKey { amount, key_offsets, key_image } => (amount, key_offsets, key_image),
};

let mut running_sum = 0;
let mut actual_indexes = vec![];
for offset in key_offsets {
running_sum += offset;
actual_indexes.push(running_sum);
}

ring.push_ring(&get_outs(&rpc, amount.unwrap_or(0), &actual_indexes).await).unwrap();
key_images.push(image);
}

mlsag.verify(&sig_hash, &ring.finish(), &key_images).unwrap();
}
RctPrunable::MlsagBorromean { borromean, mlsags } => {
borromean
.iter()
.zip(tx.rct_signatures.base.commitments)
.for_each(|(borro, commitment)| assert!(borro.verify(&commitment)));

for ((i, mlsag), pseudo_out) in
mlsags.into_iter().enumerate().zip(tx.rct_signatures.base.pseudo_outs)
{
let (amount, key_offsets, image) = match &tx.prefix.inputs[i] {
Input::Gen(_) => panic!("Input::Gen"),
Input::ToKey { amount, key_offsets, key_image } => (amount, key_offsets, key_image),
};

let mut running_sum = 0;
let mut actual_indexes = vec![];
for offset in key_offsets {
running_sum += offset;
actual_indexes.push(running_sum);
}

let ring = RingMatrix::simple(
&get_outs(&rpc, amount.unwrap_or(0), &actual_indexes).await,
pseudo_out,
)
.unwrap();

mlsag.verify(&sig_hash, &ring, &[image]).unwrap();
}
}
RctPrunable::Null |
RctPrunable::AggregateMlsagBorromean { .. } |
RctPrunable::MlsagBorromean { .. } => {}
RctPrunable::MlsagBulletproofs { bulletproofs, .. } => {
assert!(bulletproofs.batch_verify(
&mut rand_core::OsRng,
Expand Down Expand Up @@ -279,6 +161,69 @@ mod binaries {
actual_indexes.push(running_sum);
}

async fn get_outs(
rpc: &Rpc<HttpRpc>,
amount: u64,
indexes: &[u64],
) -> Vec<[EdwardsPoint; 2]> {
#[derive(Deserialize, Debug)]
struct Out {
key: String,
mask: String,
}

#[derive(Deserialize, Debug)]
struct Outs {
outs: Vec<Out>,
}

let outs: Outs = loop {
match rpc
.rpc_call(
"get_outs",
Some(json!({
"get_txid": true,
"outputs": indexes.iter().map(|o| json!({
"amount": amount,
"index": o
})).collect::<Vec<_>>()
})),
)
.await
{
Ok(outs) => break outs,
Err(RpcError::ConnectionError) => {
println!("get_outs ConnectionError");
continue;
}
Err(e) => panic!("couldn't connect to RPC to get outs: {e:?}"),
}
};

let rpc_point = |point: &str| {
CompressedEdwardsY(
hex::decode(point)
.expect("invalid hex for ring member")
.try_into()
.expect("invalid point len for ring member"),
)
.decompress()
.expect("invalid point for ring member")
};

outs
.outs
.iter()
.map(|out| {
let mask = rpc_point(&out.mask);
if amount != 0 {
assert_eq!(mask, Commitment::new(Scalar::from(1u8), amount).calculate());
}
[rpc_point(&out.key), mask]
})
.collect()
}

clsag
.verify(
&get_outs(&rpc, amount.unwrap_or(0), &actual_indexes).await,
Expand Down
4 changes: 1 addition & 3 deletions coins/monero/src/ring_signatures.rs
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
use std_shims::io::{self, *};

use curve25519_dalek::edwards::EdwardsPoint;
use curve25519_dalek::scalar::Scalar;
use dalek_ff_group::ED25519_BASEPOINT_TABLE;
use curve25519_dalek::{EdwardsPoint, Scalar, constants::ED25519_BASEPOINT_TABLE};

use monero_generators::hash_to_point;

Expand Down
8 changes: 2 additions & 6 deletions coins/monero/src/ringct/borromean.rs
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,11 @@
use core::fmt::Debug;
use std_shims::io::{self, Read, Write};

use curve25519_dalek::edwards::EdwardsPoint;
use curve25519_dalek::scalar::Scalar;
use curve25519_dalek::traits::Identity;
use curve25519_dalek::{EdwardsPoint, Scalar, traits::Identity};

use monero_generators::H_pow_2;

use crate::hash_to_scalar;
use crate::unreduced_scalar::UnreducedScalar;
use crate::serialize::*;
use crate::{hash_to_scalar, unreduced_scalar::UnreducedScalar, serialize::*};

/// 64 Borromean ring signatures.
///
Expand Down
2 changes: 1 addition & 1 deletion coins/monero/src/ringct/clsag/multisig.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ impl ClsagMultisig {
ClsagMultisig {
transcript,

H: hash_to_point(output_key),
H: hash_to_point(&output_key),
image: EdwardsPoint::identity(),

details,
Expand Down
14 changes: 6 additions & 8 deletions coins/monero/src/ringct/mlsag.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,11 @@ use std_shims::{
io::{self, Read, Write},
};

use curve25519_dalek::scalar::Scalar;
use curve25519_dalek::edwards::EdwardsPoint;
use curve25519_dalek::{Scalar, EdwardsPoint};

use monero_generators::H;

use crate::serialize::*;
use crate::{hash_to_scalar, ringct::hash_to_point};
use crate::{hash_to_scalar, ringct::hash_to_point, serialize::*};

#[derive(Clone, Copy, PartialEq, Eq, Debug)]
#[cfg_attr(feature = "std", derive(thiserror::Error))]
Expand Down Expand Up @@ -67,18 +65,18 @@ impl Mlsag {
let key_images_iter = key_images.iter().map(|ki| Some(*ki)).chain(Some(None));

for (ring_member, ss) in ring.iter().zip(&self.ss) {
for ((ring_member_layer, s), ki) in ring_member.iter().zip(ss).zip(key_images_iter.clone()) {
for ((ring_member_entry, s), ki) in ring_member.iter().zip(ss).zip(key_images_iter.clone()) {
#[allow(non_snake_case)]
let L = EdwardsPoint::vartime_double_scalar_mul_basepoint(&ci, ring_member_layer, s);
let L = EdwardsPoint::vartime_double_scalar_mul_basepoint(&ci, ring_member_entry, s);

buf.extend_from_slice(ring_member_layer.compress().as_bytes());
buf.extend_from_slice(ring_member_entry.compress().as_bytes());
buf.extend_from_slice(L.compress().as_bytes());

// Not all dimensions need to be linkable, e.g. commitments, and only linkable layers need
// to have key images.
if let Some(ki) = ki {
#[allow(non_snake_case)]
let R = (s * hash_to_point(ring_member_layer)) + (ci * ki);
let R = (s * hash_to_point(ring_member_entry)) + (ci * ki);
buf.extend_from_slice(R.compress().as_bytes());
}
}
Expand Down
2 changes: 1 addition & 1 deletion coins/monero/src/ringct/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ impl EncryptedAmount {
pub enum RctType {
/// No RCT proofs.
Null,
/// One MLSAG for a single input and a Borromean range proof (RCTTypeFull).
/// One MLSAG for multiple inputs and Borromean range proofs (RCTTypeFull).
MlsagAggregate,
// One MLSAG for each input and a Borromean range proof (RCTTypeSimple).
MlsagIndividual,
Expand Down
4 changes: 3 additions & 1 deletion coins/monero/src/wallet/send/multisig.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -406,7 +406,9 @@ impl SignatureMachine<Transaction> for TransactionSignatureMachine {
pseudo_outs.push(pseudo_out);
}
}
RctPrunable::MlsagBorromean { .. } | RctPrunable::MlsagBulletproofs { .. } => {
RctPrunable::AggregateMlsagBorromean { .. } |
RctPrunable::MlsagBorromean { .. } |
RctPrunable::MlsagBulletproofs { .. } => {
unreachable!("attempted to sign a multisig TX which wasn't CLSAG")
}
}
Expand Down

0 comments on commit 96e4680

Please sign in to comment.