Luke Parker
244d1b6b68
Clarify FROST's hash functions
...
Updates the keygen challenge to a format not vulnerable to collisions
due to having multiple variable length elements.
2022-05-28 20:34:44 -04:00
Luke Parker
b5bdb545cc
Add basic key management to the processor
2022-05-28 19:57:10 -04:00
Luke Parker
e950b9682b
Add get_block_transactions_possible which automatically filters invalid TXs
...
Adds Clone to the various error types, which they already should've had.
2022-05-28 05:08:37 -04:00
Luke Parker
ba032cca4a
Optimize decoy selection
...
Saves roughly 0.8s when running the tests, which took 16.6s and now take
15.8 (5%).
Removes the larger sample size, which replaced the closest selected
decoy with the real spend, per advice of Rucknium.
2022-05-28 03:17:02 -04:00
Luke Parker
c90e957e6a
Add a batch verifier to multiexp, along with constant time variants
...
Saves ~8% during FROST key gen, even with dropping a vartime for a
constant time (as needed to be secure), as the new batch verifier is
used where batch verification previously wasn't. The new multiexp API
itself also offered a very slight performance boost, which may solely be
a measurement error.
Handles most of https://github.com/serai-dex/serai/issues/10 . The blame
function isn't binary searched nor randomly sorted yet.
2022-05-27 00:52:44 -04:00
Luke Parker
4ddb838a5a
Drop the Monero patch version spec now that it's no longer relevant
...
Also adds a comment to FROST.
2022-05-26 03:52:45 -04:00
Luke Parker
5ca0945cbf
Implement serialization for SpendableOutput
...
Changes the output index to a u8. While it may expand to a u16 at some
point, this can remain canonical using little endian serialization while
dropping the latter byte if it's 0 (or simply only using u16 when it's
actually possible).
2022-05-26 03:51:27 -04:00
Luke Parker
3a2e5bea0d
Move the CLSAG test to the newly modular FROST test setup
2022-05-25 00:30:51 -04:00
Luke Parker
d67d6f2f98
Add PartialEq to structs
2022-05-25 00:21:01 -04:00
Luke Parker
d10c6e16dc
Move FROST to HashMaps
...
Honestly, the borrowed keys are frustrating, and this probably reduces
performance while no longer offering an order when iterating. That said,
they enable full u16 indexing and should mildly improve the API.
Cleans the Proof of Knowledge handling present in key gen.
2022-05-24 21:41:14 -04:00
Luke Parker
5ff65bd268
Move the DLEQProof to a Transcript
2022-05-23 03:24:33 -04:00
Luke Parker
0eb2386ef0
Have the C++ RNG apply a DST
2022-05-22 15:56:12 -04:00
Luke Parker
30529038f2
Move serialize from a folder to a file
2022-05-22 02:24:35 -04:00
Luke Parker
cc65b6e055
Move RingCT code to a deciated folder
...
Should help keep things ordered as more RingCT code is added.
2022-05-22 02:24:24 -04:00
Luke Parker
790e89902a
Override Monero's random function with a Rust-seedable random
...
Closes https://github.com/serai-dex/serai/issues/2 . Also finishes the
implementation of
https://github.com/monero-project/research-lab/issues/103 .
2022-05-22 01:56:17 -04:00
Luke Parker
0c01ad69d8
Correct RctPrunable decoding
2022-05-21 23:16:06 -04:00
Luke Parker
882d67838e
Fix test failure reporting
2022-05-21 22:23:16 -04:00
Luke Parker
e1fd462a50
Properly calculate uniqueness when creating change outputs
...
It was missing sorting its inputs by their key images.
2022-05-21 21:44:57 -04:00
Luke Parker
890f7104f7
Remove a stray dbg
2022-05-21 21:39:20 -04:00
Luke Parker
ec6927e66e
Add Clone/Debug derivations to structs
2022-05-21 21:36:28 -04:00
Luke Parker
703b18c6e8
Implement Block types
...
Finishes updating the RPC to not use monero, tests now pass
2022-05-21 21:35:25 -04:00
Luke Parker
3282b19536
Transaction deserialization
2022-05-21 20:27:21 -04:00
Luke Parker
aa5d95ef1d
Changes meant for the previous commit
2022-05-21 20:26:28 -04:00
Luke Parker
517db6448a
Remove monero-rs types
...
Still missing an updated RPC file. Restructures the library as it makes
sense
2022-05-21 15:33:35 -04:00
Luke Parker
573f847a9b
Implement shared key derivation according to https://github.com/monero-project/research-lab/issues/103
...
Currently solely used for single signer change outputs, intended to be
used for funds into Serai and multisig change outputs (dependent on #2 ).
Also cleans the file layout, makes scanning a bit more robust, doesn't
return outputs of amount 0, and shuffles outputs.
2022-05-20 01:03:54 -04:00
Luke Parker
8945b50988
Minor lint
2022-05-19 16:49:45 -04:00
Luke Parker
90fccc444b
Remove .is_some() unwraps for if let Some
2022-05-18 01:08:54 -04:00
Luke Parker
7c0886a113
Support signing Monero TXs with multiple inputs
...
Remove's CLSAG's msg Rc for the msg available through AlgorithmMachine.
Potentially slightly more inefficient, as it needs to be converted from
a slice to a [u8; 32], yet removes a re-impl.
Also removes a match for an if.
2022-05-18 00:53:13 -04:00
Luke Parker
3a13f80bdd
Patch for previous commit
2022-05-17 19:51:04 -04:00
Luke Parker
fd0fd77cf5
Simplify Monero key image handling
2022-05-17 19:15:53 -04:00
Luke Parker
3f02ab3037
Optimize decoy selection by batching the get_outputs call per input
2022-05-14 02:12:54 -04:00
Luke Parker
bf4d83ba70
Remove simd_backend as a used dalek feature
...
It's great performance yet not mandatory.
2022-05-14 00:59:14 -04:00
Luke Parker
94bd30083b
Slightly simplify CLSAG signing
...
Expands its test to test all possible ring indexes, though just 0 and a
single n would be sufficient.
2022-05-14 00:45:13 -04:00
Luke Parker
0aeab04c70
Move Rust definitions of C functions to their respective files
2022-05-13 20:26:53 -04:00
Luke Parker
3533e66c7f
Add Rust CLSAG verification
...
Marked experimental, not guaranteed to match Monero yet
2022-05-13 20:26:29 -04:00
Luke Parker
bb840da44d
Get Monero tests to pass on a brand new network
...
Updates decoy selection with an explicit panic, the removal of a divide
by 0 (causing tests to fail on new chains), and a minor optimization
when dealing with a large quantity of locked outputs.
Also increases documentation, acknowledging infinite loops and breakage
from Monero more.
2022-05-13 00:05:34 -04:00
Luke Parker
3e7598315c
Reorganize CLSAG sign flow
2022-05-06 19:07:37 -04:00
Luke Parker
a541903895
Replace the term mixin with decoy
...
https://libera.monerologs.net/monero-research-lab/20211002#c34977
2022-05-06 08:12:30 -04:00
Luke Parker
3dab26cd94
Correct discrepancies with the IETF draft
...
While all the transcript/extension code works as expected, which means,
they don't cause any conflicts, n was still capped at u64::MAX at
creation when it needs to be u16. Furthermore, participant index and
scalars/points were little endian instead of big endian/curve dependent.
2022-05-06 07:49:18 -04:00
Luke Parker
b443747994
Remove more specific versions from the monero package
2022-05-06 07:33:44 -04:00
Luke Parker
964cb357e6
Use a global transcript
2022-05-06 07:33:08 -04:00
Luke Parker
cc9c2e0d40
Use dom-sep tags in the transcripts
...
Also simplifies form in some places
2022-05-06 01:35:23 -04:00
Luke Parker
0f481773df
Use a gamma distribution for mixin selection
2022-05-04 08:18:43 -04:00
Luke Parker
f856faa762
Implement simple random mixin selection which passes sanity
2022-05-04 06:24:52 -04:00
Luke Parker
9a42391b75
Cleanup which makes transcript optional, only required for multisig
2022-05-03 08:49:46 -04:00
Luke Parker
bf257b3a1f
Transcript crate with both a merlin backend and a basic label len value backend
...
Moves binding factor/seeded RNGs over to the transcripts.
2022-05-03 07:20:24 -04:00
Luke Parker
87f38cafe4
Rename sign folder to crypto
...
Inspired by #3 and #5 .
2022-05-03 00:46:50 -04:00
Luke Parker
9ccf683e9d
Working multisig TXs
2022-04-30 04:32:19 -04:00
Luke Parker
d6649fffb1
Merge InputMultisig into Multisig
...
There's no reason to use the latter.
2022-04-30 01:43:15 -04:00
Luke Parker
22ac5ce3b6
Update the CLSAG multisig API for TX signing
2022-04-30 01:41:05 -04:00
Luke Parker
d0506e2e9b
Make a trait out of sign::StateMachine for more complex Transaction flows
2022-04-29 22:36:43 -04:00
Luke Parker
27396a6291
Implement a CLSAG algorithm extension which also does key images
...
Practically, this should be mergeable. There's little reason to do a
CLSAG and not also a key image. Keeps them isolated for now.
2022-04-29 22:03:34 -04:00
Luke Parker
45559e14ee
Various corrections to multisig API
2022-04-29 15:28:04 -04:00
Luke Parker
8821eb0984
Consolidate FROST testing code
2022-04-28 21:47:25 -04:00
Luke Parker
777bb3df34
Add a send test
2022-04-28 20:41:43 -04:00
Luke Parker
1d0a0c7c16
Clean up code, correct a few bugs, add leader based one-time-key/BP gen
2022-04-28 20:09:31 -04:00
Luke Parker
c4b7cb71d7
Move SignableInput to clsag::Input
2022-04-28 17:29:56 -04:00
Luke Parker
7ed1fca270
Use a SeedableRng for CLSAG multisig signing
2022-04-28 17:12:54 -04:00
Luke Parker
20f214c300
Update CLSAG multisig to work again
2022-04-28 12:01:20 -04:00
Luke Parker
f3a5e3c27e
Implement TX creation
...
Updates CLSAG signing as needed. Moves around Error types.
CLSAG multisig and the multisig feature is currently completely borked
because of this. The created TXs are accepted by Monero nodes.
2022-04-28 03:31:09 -04:00
Luke Parker
b10b531311
Correct the placement of the wrapper rebuild in the build script
2022-04-27 22:49:18 -04:00
Luke Parker
a37a21f891
Rename monero-sign to monero-serai
2022-04-27 22:48:58 -04:00
Luke Parker
c9537a08a1
Files meant for the previous commit
2022-04-27 00:09:25 -04:00
Luke Parker
df4be9ca0c
Move the Monero create to coins/
...
Includes misc bug fixes
2022-04-27 00:09:05 -04:00