Commit graph

309 commits

Author SHA1 Message Date
Luke Parker
d2c1592c61
Resolve merging crypto-{audit, tweaks} and use the proper transcript in Bitcoin 2023-03-16 16:59:20 -04:00
Luke Parker
caf37527eb
Merge branch 'develop' into crypto-tweaks 2023-03-16 16:43:04 -04:00
Luke Parker
f4e2da2767
Move where we check the Monero node's protocol
The genesis block has a version of 1, so immediately checking (before new
blocks are added) will cause failures.
2023-03-14 01:54:08 -04:00
Luke Parker
48078d0b4b
Remove Protocol::Unsupported 2023-03-13 08:03:13 -04:00
Luke Parker
14203bbb46
Use an async Mutex for the Monero distribution
Enables safe async/thread-safe usage.
2023-03-12 04:13:43 -04:00
Luke Parker
f5fa6f020d
Remove note about adding in a DB handle
It'd arguably be safer yet it isn't worth the API complexity.
2023-03-12 03:55:17 -04:00
Luke Parker
41a285ddfa
Add a TX size check to Monero
This isn't perfect yet should ensure the eventual TX is less than 100k bytes.
2023-03-12 03:54:30 -04:00
Luke Parker
36034c2f72
Move ecdh derivation up to prevent Scalar::one() * ecdh 2023-03-11 10:51:40 -05:00
Luke Parker
5e62072a0f
Fix #237 2023-03-11 10:31:58 -05:00
Luke Parker
e56495d624
Prefix arbitrary data with 127
Since we cannot expect/guarantee a payment ID will be included, the previous
position-based code for determining arbitrary data wasn't sufficient.
2023-03-11 05:47:25 -05:00
Luke Parker
71dbc798b5
Fix #251 2023-03-11 05:23:38 -05:00
akildemir
77de28f77a
add monero seed support (#252)
* add monero seed support

* fix some of the pr comments

* remove languages module and unnecessary error returns

* Clean classic seed impl

Fixes a few issues regarding Zeroize usage/API safety. Mainly a cleanup.

---------

Co-authored-by: Luke Parker <lukeparker5132@gmail.com>
2023-03-10 14:16:00 -05:00
Luke Parker
62dfc63532
Fix Ethereum, again 2023-03-07 06:25:21 -05:00
Luke Parker
6bff3866ea
Correct Ethereum 2023-03-07 05:25:25 -05:00
Luke Parker
0e8c55e050
Update and remove unused dependencies 2023-03-07 03:06:46 -05:00
Luke Parker
2729882d65
Update to {k, p}256 0.12 2023-03-07 02:34:10 -05:00
Luke Parker
c37cc0b4e2
Update Zeroize pin to ^1.5 from 1.5 2023-03-07 02:29:59 -05:00
Luke Parker
8144956f8a
Further document get_unlocked_outputs 2023-03-02 05:31:22 -05:00
Luke Parker
2d56d24d9c
3.3.3 (cont) Add a dedicated Participant type 2023-02-23 06:50:45 -05:00
Luke Parker
8260ec1a9e
Add another TODO 2023-02-15 20:44:53 -05:00
Luke Parker
07f424b484
cargo fmt 2023-02-15 20:39:22 -05:00
Luke Parker
5de8bf3295
Add additional checks/documentation to monero 2023-02-15 01:56:36 -05:00
Luke Parker
82a096e90e
Scanner assert on is_torsion_free 2023-02-14 15:49:16 -05:00
Luke Parker
df75782e54
Re-license bitcoin-serai to MIT
It's pretty basic code, yet would still be quite pleasant to the larger
community.

Also adds documentation.
2023-01-31 09:45:25 -05:00
Luke Parker
a3267034b6
Bitcoin External/Branch/Change addresses
Adds support for offset inputs to the Bitcoin lib
2023-01-31 08:10:28 -05:00
VRx
c6bd00e778
Bitcoin processor (#232)
* serai Dockerfile & Makefile fixed

* added new bitcoin mod & bitcoinhram

* couple changes

* added odd&even check for bitcoin signing

* sign message updated

* print_keys commented out

* fixed signing process

* Added new bitcoin library & added most of bitcoin processor logic

* added new crate and refactored the bitcoin coin library

* added signing test function

* moved signature.rs

* publish set to false

* tests moved back to the root

* added new functions to rpc

* added utxo test

* added new rpc methods and refactored bitcoin processor

* added spendable output & fixed errors & added new logic for sighash & opened port 18443 for bitcoin docker

* changed tweak keys

* added tweak_keys & publish transaction and refactored bitcoin processor

* added new structs and fixed problems for testing purposes

* reverted dockerfile back its original

* reverted block generation of bitcoin to 5 seconds

* deleted unnecessary test function

* added new sighash & added new dbg messages & fixed couple errors

* fixed couple issue & removed unused functions

* fix for signing process

* crypto file for bitcoin refactored

* disabled test_send & removed some of the debug logs

* signing implemented & transaction weight calculation added & change address logic added

* refactored tweak_keys

* refactored mine_block & fixed change_address logic

* implemented new traits to bitcoin processor& refactored bitcoin processor

* added new line to tests file

* added new line to bitcoin's wallet.rs

* deleted Cargo.toml from coins folder

* edited bitcoin's Cargo.toml and added LICENSE

* added new line to bitcoin's Cargo.toml

* added spaces

* added spaces

* deleted unnecessary object

* added spaces

* deleted patch numbers

* updated sha256 parameter for message

* updated tag as const

* deleted unnecessary brackets and imports

* updated rpc.rs to 2 space indent

* deleted unnecessary brackers

* deleted unnecessary brackets

* changed it to explicit

* updated to explicit

* deleted unnecessary parsing

* added ? for easy return

* updated imports

* updated height to number

* deleted unnecessary brackets

* updated clsag to sig & to_vec to as_ref

* updated _sig to schnorr_signature

* deleted unnecessary variable

* updated Cargo.toml of processor and bitcoin

* updated imports of bitcoin processor

* updated MBlock to BBlock

* updated MSignable to BSignable

* updated imports

* deleted mask from Fee

* updated get_block function return

* updated comparison logic for scripts

* updated assert to debug_assert

* updated height to number

* updated txid logic

* updated tweak_keys definition

* updated imports

* deleted new line

* delete HashMap from monero

* deleted old test code parts

* updated test amount to a round number

* changed the test code part back to its original

* updated imports of rpc.rs

* deleted unnecessary return assignments

* deleted get_fee_per_byte

* deleted create_raw_transaction

* deleted fund_raw_transaction

* deleted sign transaction rpc

* delete verify_message rpc

* deleted get_balance

* deleted decode_raw_transaction rpc

* deleted list_transactions rpc

* changed test_send to p2wpkh

* updated imports of test_send

* fixed imports of test_send

* updated bitcoin's mine_block function

* updated bitcoin's test_send

* updated bitcoin's hram and test_signing

* deleted 2 rpc function (is_confirmed & get_transaction_block_number)

* deleted get_raw_transaction_hex

* deleted get_raw_transaction_info

* deleted new_address

* deleted test_mempool_accept

* updated remove(0) to remove(index)

* deleted ger_raw_transaction

* deleted RawTx trait and converted type to Transaction

* reverted raw_hex feature back

* added NotEnoughFunds to CoinError

* changed Sighash to all

* removed lifetime of RpcParams

* changed pub to pub(crate) & changed sig_hash line

* changed taproot_key_spend_signature_hash to internal

* added Clone to RpcError & deleted get_utxo_for

* changed to_hex to as_bytes for weight calculation

* updated SpendableOutput

* deleted unnecessary parentheses

* updated serialize of Output s id field

* deleted unused crate & added lazy_static

* updated RPC init function

* added lazy_static for TAG_HASH & updated imported crates

* changed get_block_index to get_block_number

* deleted get_block_info

* updated get_height to get_latest_block_number

* removed GetBlockWithDetailResult and get_block_with_transactions

* deleted unnecessary imports from rpc_helper

* removed lock and unlock_unspent

* deleted get_transactions and get_transaction and renamed get_raw_transaction to get_transaction

* updated opt_into_json

* changed payment_address and amount to output_script and amount for transcript

* refactored error logic for rpc & deleted anyhow crate

* added a dedicated file for json helper functions

* refactored imports and deleted unused code

* added clippy::non_snake_case

* removed unused Error items

* added new line to Cargo

* rekmoved Block and used bitcoin::Block direcetly

* removed added println and futures.len check

* removed HashMap from coin mod.rs

* updated Testnet to Regtest

* removed unnecessary variable

* updated as_str to &

* removed RawTx trait

* added newline

* changed test transaction to p2pkh

* updated test_send

* updated test_send

* updated test_send

* reformatted bitcoin processor

* moved sighash logic into signmachine

* removed generate_to_address

* added test_address function to bitcoin processor

* updated RpcResponse to enum and added Clone trait

* removed old RpcResponse

* updated shared_key to internal_key

* updated fee part

* updated test_send block logic

* added a test function for getting spendables

* updated tweaking keys logic

* updated calculate_weight logic

* added todo for BitcoinSchnorr Algorithm

* updated calculate_weight

* updated calculate_weight

* updated calculate_weight

* added a TODO for bitcoin's signing process

* removed unused code

* Finish merging develop

* cargo fmt

* cargo machete

* Handle most clippy lints on bitcoin

Doesn't handle the unused transcript due to pending cryptographic considerations.

* Rearrange imports and clippy tests

* Misc processor lint

* Update deny.toml

* Remove unnecessary RPC code

* updated test_send

* added bitcoin ci & updated test-dependencies yml

* fixed bitcoin ci

* updated bitcoin ci yml

* Remove mining from the bitcoin/monero docker files

The tests should control block production in order to test various
circumstances. The automatic mining disrupts assumptions made in testing. Since
we're now using the Bitcoin docker container for testing...

* Multiple fixes to the Bitcoin processor

Doesn't unwrap on RPC errors. Returns the expected connection error.

Fee calculation has a random - 1. This has been removed.

Supports the change address being an Option, as it is. This should not have
been blindly unwrapped.

* Remove unnecessary RPC code

* Further RPC simplifications

* Simplify Bitcoin action

It should not be mining.

* cargo fmt

* Finish RPC simplifications

* Run bitcoind as a daemon

* Remove the requirement on txindex

Saves tens of GB.

Also has attempt_send no longer return a list of outputs. That's incompatible
with this and only relevant to old scheduling designs.

* Remove number from Bitcoin SignableTransaction

Monero requires the current block number for decoy selection. Bitcoin doesn't
have a use.

* Ban coinbase transactions

These are burdened by maturity, so it's critically flawed to support them.

This causes the test_send function to fail as its working was premised on
a coinbase output. While it does make an actual output, it had insufficient
funds for the test's expectations due to regtest halving every 150 blocks.

In order to workaround this, the test will invalidate any existing chain,
offering a fresh start.

Also removes test_get_spendables and simplifies test_send.

* Various simplifications

Modifies SpendableOutput further to not require RPC calls at time of sign.

Removes the need to have get_transaction in the RPC.

* Clean prepare_send

* Update the Bitcoin TransactionMachine to output a Transaction

* Bitcoin TransactionMachine simplifications

* Update XOnly key handling

* Use a single sighash cache

* Move tweak_keys

* Remove unnecessary PSBT sets

* Restore removed newlines

* Other newlines

* Replace calculate_weight's custom math with a dummy TX serialize

* Move BTC TX construction code from processor to bitcoin

* Rename transactions.rs to wallet.rs

* Remove unused crate

* Note TODO

* Clean bitcoin signature test

* Make unit test out of BTC FROST signing test

* Final lint

* Remove usage of PartiallySignedTransaction

---------

Co-authored-by: Luke Parker <lukeparker5132@gmail.com>
2023-01-31 07:48:14 -05:00
Luke Parker
b6f9a1f8b6
Rename file with dashes to having underscores 2023-01-30 04:27:39 -05:00
akildemir
9e01588b11
add test send to wallet-rpc with arb data (#246)
* add test send to wallet-rpc with arb data

* convert literals to const
2023-01-30 04:25:46 -05:00
Luke Parker
a4fdff3e3b
Make progress on #235
I'm still not exactly sure where the trap handler in Monero for this is...
until then, this remains potentially fingerprintable.
2023-01-28 03:18:41 -05:00
akildemir
f12cc2cca6
Add more tests (#240)
* add wallet-rpc-compatibility tests

* fmt + clippy

* add wallet-rpc receive tests

* add (0,0) subaddress check to standard address
2023-01-24 15:22:07 -05:00
Luke Parker
19664967ed
Use Monero-compatible additional TX keys
This still sends a fingerprinting flare up if you send to a subaddress which
needs to be fixed. Despite that, Monero no should no longer fail to scan TXs
from monero-serai regarding additional keys.

Previously it failed becuase we supplied one key as THE key, and n-1 as
additional. Monero expects n for additional.

This does correctly select when to use THE key versus when to use the additional
key when sending. That removes the ability for recipients to fingerprint
monero-serai by receiving to a standard address yet needing to use an additional
key.
2023-01-21 01:29:02 -05:00
Luke Parker
8ca90e7905
Initial In Instructions pallet and Serai client lib (#233)
* Initial work on an In Inherents pallet

* Add an event for when a batch is executed

* Add a dummy provider for InInstructions

* Add in-instructions to the node

* Add the Serai runtime API to the processor

* Move processor tests around

* Build a subxt Client around Serai

* Successfully get Batch events from Serai

Renamed processor/substrate to processor/serai.

* Much more robust InInstruction pallet

* Implement the workaround from https://github.com/paritytech/subxt/issues/602

* Initial prototype of processor generated InInstructions

* Correct PendingCoins data flow for InInstructions

* Minor lint to in-instructions

* Remove the global Serai connection for a partial re-impl

* Correct ID handling of the processor test

* Workaround the delay in the subscription

* Make an unwrap an if let Some, remove old comments

* Lint the processor toml

* Rebase and update

* Move substrate/in-instructions to substrate/in-instructions/pallet

* Start an in-instructions primitives lib

* Properly update processor to subxt 0.24

Also corrects failures from the rebase.

* in-instructions cargo update

* Implement IsFatalError

* is_inherent -> true

* Rename in-instructions crates and misc cleanup

* Update documentation

* cargo update

* Misc update fixes

* Replace height with block_number

* Update processor src to latest subxt

* Correct pipeline for InInstructions testing

* Remove runtime::AccountId for serai_primitives::NativeAddress

* Rewrite the in-instructions pallet

Complete with respect to the currently written docs.

Drops the custom serializer for just using SCALE.

Makes slight tweaks as relevant.

* Move instructions' InherentDataProvider to a client crate

* Correct doc gen

* Add serde to in-instructions-primitives

* Add in-instructions-primitives to pallet

* Heights -> BlockNumbers

* Get batch pub test loop working

* Update in instructions pallet terminology

Removes the ambiguous Coin for Update.

Removes pending/artificial latency for furture client work.

Also moves to using serai_primitives::Coin.

* Add a BlockNumber primitive

* Belated cargo fmt

* Further document why DifferentBatch isn't fatal

* Correct processor sleeps

* Remove metadata at compile time, add test framework for Serai nodes

* Remove manual RPC client

* Simplify update test

* Improve re-exporting behavior of serai-runtime

It now re-exports all pallets underneath it.

* Add a function to get storage values to the Serai RPC

* Update substrate/ to latest substrate

* Create a dedicated crate for the Serai RPC

* Remove unused dependencies in substrate/

* Remove unused dependencies in coins/

Out of scope for this branch, just minor and path of least resistance.

* Use substrate/serai/client for the Serai RPC lib

It's a bit out of place, since these client folders are intended for the node to
access pallets and so on. This is for end-users to access Serai as a whole.

In that sense, it made more sense as a top level folder, yet that also felt
out of place.

* Move InInstructions test to serai-client for now

* Final cleanup

* Update deny.toml

* Cargo.lock update from merging develop

* Update nightly

Attempt to work around the current CI failure, which is a Rust ICE.

We previously didn't upgrade due to clippy 10134, yet that's been reverted.

* clippy

* clippy

* fmt

* NativeAddress -> SeraiAddress

* Sec fix on non-provided updates and doc fixes

* Add Serai as a Coin

Necessary in order to swap to Serai.

* Add a BlockHash type, used for batch IDs

* Remove origin from InInstruction

Makes InInstructionTarget. Adds RefundableInInstruction with origin.

* Document storage items in in-instructions

* Rename serai/client/tests/serai.rs to updates.rs

It only tested publishing updates and their successful acceptance.
2023-01-20 11:00:18 -05:00
akildemir
3b920ad471
Monerolib Improvements (#224)
* convert AddressSpec subbaddress to tuple

* add wallet-rpc tests

* fix payment id decryption bug

* run fmt

* fix CI

* use monero-rs wallet-rpc for tests

* update the subaddress index type

* fix wallet-rpc CI

* fix monero-wallet-rpc CI actions

* pull latest monero for CI

* fix pr issues

* detach monero wallet  rpc

Co-authored-by: Luke Parker <lukeparker5132@gmail.com>
2023-01-16 16:17:54 -05:00
Luke Parker
375887bb29
Update licenses 2023-01-11 23:05:31 -05:00
Luke Parker
8ffa5553ff
Use ok_or_else instead of ok_or in a couple places in Monero 2023-01-10 06:57:25 -05:00
Luke Parker
6b591c0df9
Export Timelocked so documentation for it is generated 2023-01-08 09:09:03 -05:00
Luke Parker
4be3290e40
Convert the FeaturedAddress tuple to a struct
Not only did we already have multiple booleans in it, yet it theoretically
could expand in the future. Not only is this more explicit, it actually cleans
some existing code.
2023-01-07 05:37:43 -05:00
Luke Parker
7b0b8a20ec
Standardize serialization within the Monero lib
read for R: Read
write for W: Write
serialize for -> Vec<u8>

Also uses std::io::{self, Read, Write} consistently.
2023-01-07 05:18:35 -05:00
Luke Parker
7508106650
Use an explicit SubaddressIndex type 2023-01-07 04:44:23 -05:00
Luke Parker
1d6df0099c
Exposed a hash-based API for accessing blocks
Also corrects a few panics, which shouldn't have been present, and unnecessary
Cursor uses.
2023-01-07 04:00:12 -05:00
Luke Parker
a646ec5aaa
Squashed commit of the following:
commit e0a9e8825d6c22c797fb84e26ed6ef10136ca9c2
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Fri Jan 6 04:24:08 2023 -0500

    Remove Scanner::address

    It either needed to return an Option, panic on misconfiguration, or return a
    distinct Scanner type based on burning bug immunity to offer this API properly.
    Panicking wouldn't be proper, and the Option<Address> would've been... awkward.
    The new register_subaddress function, maintaining the needed functionality,
    also provides further clarity on the intended side effect of the previously
    present Scanner::address function.

commit 7359360ab2fc8c9255c6f58250c214252ce217a4
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Fri Jan 6 01:35:02 2023 -0500

    fmt/clippy from last commit

commit 80d912fc19cd268f3b019a9d9961a48b2c45e828
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Thu Jan 5 19:36:49 2023 -0500

    Add Substrate "assets" pallet

    While over-engineered for our purposes, it's still usable.

    Also cleans the runtime a bit.

commit 2ed2944b6598d75bdc3c995aaf39b717846207de
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Wed Jan 4 23:09:58 2023 -0500

    Remove the timestamp pallet

    It was needed for contracts, which has since been removed. We now no longer
    need it.

commit 7fc1fc2dccecebe1d94cb7b4c00f2b5cb271c87b
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Wed Jan 4 22:52:41 2023 -0500

    Initial validator sets pallet (#187)

    * Initial work on a Validator Sets pallet

    * Update Validator Set docs per current discussions

    * Update validator-sets primitives and storage handling

    * Add validator set pallets to deny.toml

    * Remove Curve from primitives

    Since we aren't reusing keys across coins, there's no reason for it to be
    on-chain (as previously planned).

    * Update documentation on Validator Sets

    * Use Twox64Concat instead of Identity

    Ensures an even distribution of keys. While xxhash is breakable, these keys
    aren't manipulatable by users.

    * Add math ops on Amount and define a coin as 1e8

    * Add validator-sets to the runtime and remove contracts

    Also removes the randomness pallet which was only required by the contracts
    runtime.

    Does not remove the contracts folder yet so they can still be referred to while
    validator-sets is under development. Does remove them from Cargo.toml.

    * Add vote function to validator-sets

    * Remove contracts folder

    * Create an event for the Validator Sets pallet

    * Remove old contracts crates from deny.toml

    * Remove line from staking branch

    * Remove staking from runtime

    * Correct VS Config in runtime

    * cargo update

    * Resolve a few PR comments on terminology

    * Create a serai-primitives crate

    Move types such as Amount/Coin out of validator-sets. Will be expanded in the
    future.

    * Fixes for last commit

    * Don't reserve set 0

    * Further fixes

    * Add files meant for last commit

    * Remove Staking transfer

commit 3309295911d22177bd68972d138aea2f8658eb5f
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Wed Jan 4 06:17:00 2023 -0500

    Reorder coins in README by market cap

commit db5d19cad33ccf067d876b7f5b7cca47c228e2fc
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Wed Jan 4 06:07:58 2023 -0500

    Update README

commit 606484d744b1c6cc408382994c77f1def25d3e7d
Author: Luke Parker <lukeparker5132@gmail.com>
Date:   Wed Jan 4 03:17:36 2023 -0500

    cargo update

commit 3a319b229f
Author: akildemir <aeg_asd@hotmail.com>
Date:   Wed Jan 4 16:26:25 2023 +0300

    update address public API design

commit d9fa88fa76
Author: akildemir <aeg_asd@hotmail.com>
Date:   Mon Jan 2 13:35:06 2023 +0300

    fix clippy error

commit cc722e897b
Merge: cafa9b3 eeca440
Author: akildemir <aeg_asd@hotmail.com>
Date:   Mon Jan 2 11:39:04 2023 +0300

    Merge https://github.com/serai-dex/serai into develop

commit cafa9b361e
Author: akildemir <aeg_asd@hotmail.com>
Date:   Mon Jan 2 11:38:26 2023 +0300

    fix build errors

commit ce5b5f2b37
Merge: f502d67 49c4acf
Author: akildemir <aeg_asd@hotmail.com>
Date:   Sun Jan 1 15:16:25 2023 +0300

    Merge https://github.com/serai-dex/serai into develop

commit f502d67282
Author: akildemir <aeg_asd@hotmail.com>
Date:   Thu Dec 22 13:13:09 2022 +0300

    fix pr issues

commit 26ffb226d4
Author: akildemir <aeg_asd@hotmail.com>
Date:   Thu Dec 22 13:11:43 2022 +0300

    remove extraneous rpc call

commit 0e829f8531
Author: akildemir <aeg_asd@hotmail.com>
Date:   Thu Dec 15 13:56:53 2022 +0300

    add scan tests

commit 5123c7f121
Author: akildemir <aeg_asd@hotmail.com>
Date:   Thu Dec 15 13:56:13 2022 +0300

    add new address functions & comments
2023-01-06 04:33:17 -05:00
Luke Parker
5599a052ad
Run latest nightly clippy
Also runs clippy on the tests and updates the CI accordingly
2023-01-01 04:18:23 -05:00
Luke Parker
5b3c9bf5d0
DKG Blame (#196)
* Standardize the DLEq serialization function naming

They mismatched from the rest of the project.

This commit is technically incomplete as it doesn't update the dkg crate.

* Rewrite DKG encryption to enable per-message decryption without side effects

This isn't technically true as I already know a break in this which I'll
correct for shortly.

Does update documentation to explain the new scheme. Required for blame.

* Add a verifiable system for blame during the FROST DKG

Previously, if sent an invalid key share, the participant would realize that
and could accuse the sender. Without further evidence, either the accuser
or the accused could be guilty. Now, the accuser has a proof the accused is
in the wrong.

Reworks KeyMachine to return BlameMachine. This explicitly acknowledges how
locally complete keys still need group acknowledgement before the protocol
can be complete and provides a way for others to verify blame, even after a
locally successful run.

If any blame is cast, the protocol is no longer considered complete-able
(instead aborting). Further accusations of blame can still be handled however.

Updates documentation on network behavior.

Also starts to remove "OnDrop". We now use Zeroizing for anything which should
be zeroized on drop. This is a lot more piece-meal and reduces clones.

* Tweak Zeroizing and Debug impls

Expands Zeroizing to be more comprehensive.

Also updates Zeroizing<CachedPreprocess([u8; 32])> to
CachedPreprocess(Zeroizing<[u8; 32]>) so zeroizing is the first thing done
and last step before exposing the copy-able [u8; 32].

Removes private keys from Debug.

* Fix a bug where adversaries could claim to be using another user's encryption keys to learn their messages

Mentioned a few commits ago, now fixed.

This wouldn't have affected Serai, which aborts on failure, nor any DKG
currently supported. It's just about ensuring the DKG encryption is robust and
proper.

* Finish moving dleq from ser/deser to write/read

* Add tests for dkg blame

* Add a FROST test for invalid signature shares

* Batch verify encrypted messages' ephemeral keys' PoP
2023-01-01 01:54:18 -05:00
Luke Parker
35a4f5bf9f
Use count instead of iter.map(|_| 1).sum
Also replaces the expectation the miner TX was first with a check for
Input::Gen.
2022-12-24 15:17:49 -05:00
Luke Parker
3ec5189fbf
Use Zeroize for the ViewPair 2022-12-14 09:27:49 -05:00
Luke Parker
25f1549c6c
Move verify_share to return batch-verifiable statements
While the previous construction achieved n/2 average detection,
this will run in log2(n). Unfortunately, the need to keep entropy
around (or take in an RNG here) remains.
2022-12-13 20:31:00 -05:00
Luke Parker
9c65518dc3
Have included return a reference instead of a cloned Vec 2022-12-13 19:40:54 -05:00
Luke Parker
4871fc7441 Update scan.rs 2022-12-12 11:27:42 -05:00
Luke Parker
259e5815c8
Correct global index offsetting
Technically, non-0-amount outputs can still appear and this considered them
as part of the global 0-amount pool. Now, only outputs which are 0-amount are
counted.
2022-12-11 10:26:11 -05:00
akildemir
d5a5704ba4
support add/read multiple arbitrary tx data (#189)
* support add/read multiple arbitrary tx  data

* fix clippy errors

* resolve pr issues
2022-12-09 10:58:11 -05:00
Luke Parker
9e82416e7d
Correct derives on errors 2022-12-09 09:50:00 -05:00
Luke Parker
af86b7a499
Support caching preprocesses in FROST (#190)
* Remove the explicit included participants from FROST

Now, whoever submits preprocesses becomes the signing set. Better separates
preprocess from sign, at the cost of slightly more annoying integrations
(Monero needs to now independently lagrange/offset its key images).

* Support caching preprocesses

Closes https://github.com/serai-dex/serai/issues/40.

I *could* have added a serialization trait to Algorithm and written a ton of
data to disk, while requiring Algorithm implementors also accept such work.
Instead, I moved preprocess to a seeded RNG (Chacha20) which should be as
secure as the regular RNG. Rebuilding from cache simply loads the previously
used Chacha seed, making the Algorithm oblivious to the fact it's being
rebuilt from a cache. This removes any requirements for it to be modified
while guaranteeing equivalency.

This builds on the last commit which delayed determining the signing set till
post-preprocess acquisition. Unfortunately, that commit did force preprocess
from ThresholdView to ThresholdKeys which had visible effects on Monero.

Serai will actually need delayed set determination for #163, and overall,
it remains better, hence it's inclusion.

* Document FROST preprocess caching

* Update ethereum to new FROST

* Fix bug in Monero offset calculation and update processor
2022-12-08 19:04:35 -05:00
Luke Parker
bec92c10ad
Update to ethers 1.0
Removes rust_decimal as a depend, which added borsh and multiple other misc
packages in the previous commit.
2022-12-07 18:05:06 -05:00
akildemir
ba157ea84b
fix for #166 & cleanup (#184)
* add vscode

* fix for #166 & cleanup

* remove unused self

* fix issues on pr
2022-12-07 10:08:04 -05:00
Luke Parker
7d3a06ac05
Add missing mine_blocks call to the Monero test runner 2022-12-06 06:02:13 -05:00
Luke Parker
8f352353ba
Write a test runner for Monero transactions
Also includes a few fixes for the library itself. Supersedes #172.
2022-12-05 17:25:09 -05:00
Luke Parker
0350cd803d
Add debug assertions to CLSAG/Bulletproofs proving 2022-12-01 11:50:03 -05:00
Luke Parker
f0957c8d52
Add a builder API to the Monero library
Enables more composable construction flows.
2022-12-01 11:35:05 -05:00
Luke Parker
3f503d92fb
Remove dbg! from previous commit 2022-11-24 04:57:25 -05:00
Luke Parker
409d1151b2
Add dbg to help resolve https://github.com/serai-dex/serai/issues/166 2022-11-23 22:15:50 -05:00
Luke Parker
4a3178ed8f
Support handling addresses from other networks
A type alias of MoneroAddress is provided to abstract away the generic. 
To keep the rest of the library sane, MoneroAddress is used everywhere.

If someone wants to use this library with another coin, they *should* be 
able to parse a custom address and then recreate it as a Monero address. 
While that's annoying to them, better them than any person using this 
lib for Monero.

Closes #152.
2022-11-15 00:06:15 -05:00
Luke Parker
83060a914a
Have the RPC return the unsupported version when Unsupported 2022-11-14 23:56:28 -05:00
Luke Parker
6acbfdcc45
Support custom Monero protocol definitions 2022-11-14 23:28:39 -05:00
Luke Parker
6f9cf510da
Support an authenticated Monero RPC
Closes https://github.com/serai-dex/serai/issues/143.
2022-11-14 23:24:35 -05:00
Luke Parker
b05a223b69
Monero json_rpc_call 2022-11-14 21:49:49 -05:00
Luke Parker
84de427d72
Fix https://github.com/serai-dex/serai/issues/150 2022-11-10 22:35:09 -05:00
Luke Parker
be61bff074
cargo fmt 2022-11-05 18:47:57 -04:00
Luke Parker
8de465af87
Have Transcript::append_message take in AsRef<[u8]>, not &[u8]
Simplifies calling it.
2022-11-05 18:43:36 -04:00
github-actions[bot]
8e53522780
November 2022 - Rust Nightly Update (#144)
* Update nightly

* Have the latest nightly clippy pass

Co-authored-by: GitHub Actions <>
Co-authored-by: Luke Parker <lukeparker5132@gmail.com>
2022-11-01 00:03:36 -05:00
Luke Parker
6ef624ab7e
Correct monero's dev dependencies 2022-10-29 05:52:56 -04:00
Luke Parker
e67e406d95
Correct ed448 versioning 2022-10-29 05:25:58 -04:00
Luke Parker
2379855b31
Create a dedicated crate for the DKG (#141)
* Add dkg crate

* Remove F_len and G_len

They're generally no longer used.

* Replace hash_to_vec with a provided method around associated type H: Digest

Part of trying to minimize this trait so it can be moved elsewhere. Vec, 
which isn't std, may have been a blocker.

* Encrypt secret shares within the FROST library

Reduces requirements on callers in order to be correct.

* Update usage of Zeroize within FROST

* Inline functions in key_gen

There was no reason to have them separated as they were. sign probably 
has the same statement available, yet that isn't the focus right now.

* Add a ciphersuite package which provides hash_to_F

* Set the Ciphersuite version to something valid

* Have ed448 export Scalar/FieldElement/Point at the top level

* Move FROST over to Ciphersuite

* Correct usage of ff in ciphersuite

* Correct documentation handling

* Move Schnorr signatures to their own crate

* Remove unused feature from schnorr

* Fix Schnorr tests

* Split DKG into a separate crate

* Add serialize to Commitments and SecretShare

Helper for buf = vec![]; .write(buf).unwrap(); buf

* Move FROST over to the new dkg crate

* Update Monero lib to latest FROST

* Correct ethereum's usage of features

* Add serialize to GeneratorProof

* Add serialize helper function to FROST

* Rename AddendumSerialize to WriteAddendum

* Update processor

* Slight fix to processor
2022-10-29 03:54:42 -05:00
Luke Parker
cbceaff678
Create dedicated message structures for FROST messages (#140)
* Create message types for FROST key gen

Taking in reader borrows absolutely wasn't feasible. Now, proper types
which can be read (and then passed directly, without a mutable borrow)
exist for key_gen. sign coming next.

* Move FROST signing to messages, not Readers/Writers/Vec<u8>

Also takes the nonce handling code and makes a dedicated file for it, 
aiming to resolve complex types and make the code more legible by 
replacing its previously inlined state.

* clippy

* Update FROST tests

* read_signature_share

* Update the Monero library to the new FROST packages

* Update processor to latest FROST

* Tweaks to terminology and documentation
2022-10-25 23:17:25 -05:00
Luke Parker
19488cf446
Fill out Cargo.tomls
Updated missing fields/sections, even if some won't be used, to 
standardize.

Also made FROST tests feature-gated.
2022-10-15 23:46:22 -04:00
Luke Parker
e5955f82c7
Remove Monero RPC panics for an invalid/malicious node 2022-10-15 22:32:56 -04:00
Luke Parker
514563cef0
Remove height as a term
Unbeknowst to me, height doesn't have a universal definition of the 
chain length.

Bitcoin defines height as the block number, with getblockcount existing 
for the chain length.

Ethereum uses the unambiguous term "block number".

Monero defines height as both the block number and the chain length.

Instead of arguing about who's right, it's agreed it referring to both 
isn't productive. While we could provide our own definition, taking a 
side, moving to the unambiguous block number prevents future hiccups.

height is now only a term in the Monero code, where it takes its 
Monero-specific definition, as documented in the processor.
2022-10-15 21:39:06 -04:00
Luke Parker
4629e88a28
Add is_confirmed with a TODO: Remove
Closes https://github.com/serai-dex/serai/issues/129.
2022-10-15 19:51:59 -04:00
Luke Parker
9ff4cfab0d
Add a repository field to monero-generators 2022-09-29 10:37:25 -04:00
Luke Parker
503ae02cae
Version bump monero-generators to consolidate a dependency 2022-09-29 10:36:40 -04:00
Luke Parker
695f7ec5f9
Version bump Monero for documentation purposes 2022-09-29 10:35:11 -04:00
Luke Parker
8da0743361
Use sha3 in monero-generators 2022-09-29 08:08:49 -04:00
Luke Parker
7870084b9e
Add further FROST documentation 2022-09-29 06:02:43 -04:00
Luke Parker
ca091a5f04
Expand and correct documentation 2022-09-29 05:25:29 -04:00
Luke Parker
19cd609cba
Use doc_auto_cfg 2022-09-29 04:47:55 -04:00
Luke Parker
8b0f0a3713
Publish an alpha version of the Monero crate (#123)
* Label the version as an alpha

* Add versions to Cargo.tomls

* Update to Zeroize 1.5

* Drop patch versions from monero-serai Cargo.toml

* Add a repository field

* Move generators to OUT_DIR

IIRC, I didn't do this originally as it constantly re-generated them. 
Unfortunately, since cargo is complaining about .generators, we have to.

* Remove Timelock::fee_weight

Transaction::fee_weight's has a comment, "Assumes Timelock::None since 
this library won't let you create a TX with a timelock". Accordingly, 
this is dead code.
2022-09-29 01:24:33 -05:00
Luke Parker
49749d96a0
Replace tiny_keccak with sha3 in Monero 2022-09-28 09:29:58 -04:00
Luke Parker
fd48bbd15e
Initial documentation for the Monero libraries (#122)
* Document all features

* Largely document the Monero libraries

Relevant to https://github.com/serai-dex/serai/issues/103 and likely 
sufficient to get this removed from 
https://github.com/serai-dex/serai/issues/102.
2022-09-28 07:44:49 -05:00
Luke Parker
f48a48ec3f
Support v1 transactions
Closes https://github.com/serai-dex/serai/issues/117.
2022-09-28 05:28:42 -04:00
Luke Parker
65c20638ce
fmt/clippy 2022-09-17 04:35:08 -04:00
Luke Parker
31b64b3082
Update according to the latest clippy 2022-09-04 21:23:38 -04:00
Luke Parker
faa43b6874
Move the featured address vectors to a vectors folder 2022-08-31 01:01:51 -04:00
Luke Parker
c5256d9b06
Use ChaCha20 instead of ChaCha12
Despite being slower and only used for blinding values, its still 
extremely performant. 20 is far more standard and will avoid an eye 
raise from reviewers.
2022-08-30 20:01:46 -04:00
Luke Parker
6093f4ec93
Fix clippy 2022-08-30 16:48:59 -04:00
Luke Parker
139dcde69c
Support including arbitrary data in TXs and return it with outputs
Fixes a bug where all payments identified as being to (0, 0) instead of 
their actual subaddress.
2022-08-30 15:42:23 -04:00
Luke Parker
8d56c43f5e
Update to work against the latest foundry
Links the Ethereum contract tests as well
2022-08-30 02:13:53 -04:00
Luke Parker
6045f4ae59
fmt/clippy for previous commit 2022-08-30 01:05:18 -04:00
Luke Parker
d620231530
Remove Monero torsion-free requirement and make output keys 32 bytes
Maintains the torsion-free requirement in the one place it's used (key 
images).

In the modern day, the output keys are checked to be points, yet in 
older protocol versions they were allowed to be arbitrary bytes.

Closes https://github.com/serai-dex/serai/issues/23 and 
https://github.com/serai-dex/serai/issues/25.
2022-08-30 01:02:55 -04:00
Luke Parker
4881ddae87
Update Monero crate description 2022-08-25 04:02:30 -04:00
Luke Parker
546b772be3
Clarify licensing per https://github.com/serai-dex/serai/issues/13
Implements bullets 2-4 of 
https://github.com/serai-dex/serai/issues/13#issuecomment-1212689876.
2022-08-25 04:02:13 -04:00
Luke Parker
5b2940e161
Lint previous commit 2022-08-22 13:35:49 -04:00