mirror of
https://github.com/monero-project/monero.git
synced 2024-12-23 20:19:34 +00:00
Merge pull request #1992
d5f1cef7
simplewallet: removed unneeded LOCK_IDLE_SCOPE() from check_tx_key() (stoffu)8df918f8
simplewallet: replace assert(m_wallet) with error out (stoffu)8da82256
crypto: moved boost::lock_guard into a smaller scope (stoffu)c9e0e944
Signature proving payment to destination by only revealing key derivation, not the actual tx secret key (stoffu)
This commit is contained in:
commit
05365e1726
4 changed files with 389 additions and 26 deletions
|
@ -81,12 +81,16 @@ namespace crypto {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* generate a random 32-byte (256-bit) integer and copy it to res */
|
/* generate a random 32-byte (256-bit) integer and copy it to res */
|
||||||
static inline void random_scalar(ec_scalar &res) {
|
static inline void random_scalar_not_thread_safe(ec_scalar &res) {
|
||||||
unsigned char tmp[64];
|
unsigned char tmp[64];
|
||||||
generate_random_bytes_not_thread_safe(64, tmp);
|
generate_random_bytes_not_thread_safe(64, tmp);
|
||||||
sc_reduce(tmp);
|
sc_reduce(tmp);
|
||||||
memcpy(&res, tmp, 32);
|
memcpy(&res, tmp, 32);
|
||||||
}
|
}
|
||||||
|
static inline void random_scalar(ec_scalar &res) {
|
||||||
|
boost::lock_guard<boost::mutex> lock(random_lock);
|
||||||
|
random_scalar_not_thread_safe(res);
|
||||||
|
}
|
||||||
|
|
||||||
static inline void hash_to_scalar(const void *data, size_t length, ec_scalar &res) {
|
static inline void hash_to_scalar(const void *data, size_t length, ec_scalar &res) {
|
||||||
cn_fast_hash(data, length, reinterpret_cast<hash &>(res));
|
cn_fast_hash(data, length, reinterpret_cast<hash &>(res));
|
||||||
|
@ -99,7 +103,6 @@ namespace crypto {
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
secret_key crypto_ops::generate_keys(public_key &pub, secret_key &sec, const secret_key& recovery_key, bool recover) {
|
secret_key crypto_ops::generate_keys(public_key &pub, secret_key &sec, const secret_key& recovery_key, bool recover) {
|
||||||
boost::lock_guard<boost::mutex> lock(random_lock);
|
|
||||||
ge_p3 point;
|
ge_p3 point;
|
||||||
|
|
||||||
secret_key rng;
|
secret_key rng;
|
||||||
|
@ -197,8 +200,14 @@ namespace crypto {
|
||||||
ec_point comm;
|
ec_point comm;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
struct s_comm_2 {
|
||||||
|
hash msg;
|
||||||
|
ec_point D;
|
||||||
|
ec_point X;
|
||||||
|
ec_point Y;
|
||||||
|
};
|
||||||
|
|
||||||
void crypto_ops::generate_signature(const hash &prefix_hash, const public_key &pub, const secret_key &sec, signature &sig) {
|
void crypto_ops::generate_signature(const hash &prefix_hash, const public_key &pub, const secret_key &sec, signature &sig) {
|
||||||
boost::lock_guard<boost::mutex> lock(random_lock);
|
|
||||||
ge_p3 tmp3;
|
ge_p3 tmp3;
|
||||||
ec_scalar k;
|
ec_scalar k;
|
||||||
s_comm buf;
|
s_comm buf;
|
||||||
|
@ -242,6 +251,124 @@ namespace crypto {
|
||||||
return sc_isnonzero(&c) == 0;
|
return sc_isnonzero(&c) == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void crypto_ops::generate_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const public_key &D, const secret_key &r, signature &sig) {
|
||||||
|
// sanity check
|
||||||
|
ge_p3 R_p3;
|
||||||
|
ge_p3 A_p3;
|
||||||
|
ge_p3 D_p3;
|
||||||
|
if (ge_frombytes_vartime(&R_p3, &R) != 0) throw std::runtime_error("tx pubkey is invalid");
|
||||||
|
if (ge_frombytes_vartime(&A_p3, &A) != 0) throw std::runtime_error("recipient view pubkey is invalid");
|
||||||
|
if (ge_frombytes_vartime(&D_p3, &D) != 0) throw std::runtime_error("key derivation is invalid");
|
||||||
|
#if !defined(NDEBUG)
|
||||||
|
{
|
||||||
|
assert(sc_check(&r) == 0);
|
||||||
|
// check R == r*G
|
||||||
|
ge_p3 dbg_R_p3;
|
||||||
|
ge_scalarmult_base(&dbg_R_p3, &r);
|
||||||
|
public_key dbg_R;
|
||||||
|
ge_p3_tobytes(&dbg_R, &dbg_R_p3);
|
||||||
|
assert(R == dbg_R);
|
||||||
|
// check D == r*A
|
||||||
|
ge_p2 dbg_D_p2;
|
||||||
|
ge_scalarmult(&dbg_D_p2, &r, &A_p3);
|
||||||
|
public_key dbg_D;
|
||||||
|
ge_tobytes(&dbg_D, &dbg_D_p2);
|
||||||
|
assert(D == dbg_D);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
// pick random k
|
||||||
|
ec_scalar k;
|
||||||
|
random_scalar(k);
|
||||||
|
|
||||||
|
// compute X = k*G
|
||||||
|
ge_p3 X_p3;
|
||||||
|
ge_scalarmult_base(&X_p3, &k);
|
||||||
|
|
||||||
|
// compute Y = k*A
|
||||||
|
ge_p2 Y_p2;
|
||||||
|
ge_scalarmult(&Y_p2, &k, &A_p3);
|
||||||
|
|
||||||
|
// sig.c = Hs(Msg || D || X || Y)
|
||||||
|
s_comm_2 buf;
|
||||||
|
buf.msg = prefix_hash;
|
||||||
|
buf.D = D;
|
||||||
|
ge_p3_tobytes(&buf.X, &X_p3);
|
||||||
|
ge_tobytes(&buf.Y, &Y_p2);
|
||||||
|
hash_to_scalar(&buf, sizeof(s_comm_2), sig.c);
|
||||||
|
|
||||||
|
// sig.r = k - sig.c*r
|
||||||
|
sc_mulsub(&sig.r, &sig.c, &r, &k);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool crypto_ops::check_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const public_key &D, const signature &sig) {
|
||||||
|
// sanity check
|
||||||
|
ge_p3 R_p3;
|
||||||
|
ge_p3 A_p3;
|
||||||
|
ge_p3 D_p3;
|
||||||
|
if (ge_frombytes_vartime(&R_p3, &R) != 0) return false;
|
||||||
|
if (ge_frombytes_vartime(&A_p3, &A) != 0) return false;
|
||||||
|
if (ge_frombytes_vartime(&D_p3, &D) != 0) return false;
|
||||||
|
if (sc_check(&sig.c) != 0 || sc_check(&sig.r) != 0) return false;
|
||||||
|
|
||||||
|
// compute sig.c*R
|
||||||
|
ge_p2 cR_p2;
|
||||||
|
ge_scalarmult(&cR_p2, &sig.c, &R_p3);
|
||||||
|
|
||||||
|
// compute sig.r*G
|
||||||
|
ge_p3 rG_p3;
|
||||||
|
ge_scalarmult_base(&rG_p3, &sig.r);
|
||||||
|
|
||||||
|
// compute sig.c*D
|
||||||
|
ge_p2 cD_p2;
|
||||||
|
ge_scalarmult(&cD_p2, &sig.c, &D_p3);
|
||||||
|
|
||||||
|
// compute sig.r*A
|
||||||
|
ge_p2 rA_p2;
|
||||||
|
ge_scalarmult(&rA_p2, &sig.r, &A_p3);
|
||||||
|
|
||||||
|
// compute X = sig.c*R + sig.r*G
|
||||||
|
public_key cR;
|
||||||
|
ge_tobytes(&cR, &cR_p2);
|
||||||
|
ge_p3 cR_p3;
|
||||||
|
if (ge_frombytes_vartime(&cR_p3, &cR) != 0) return false;
|
||||||
|
ge_cached rG_cached;
|
||||||
|
ge_p3_to_cached(&rG_cached, &rG_p3);
|
||||||
|
ge_p1p1 X_p1p1;
|
||||||
|
ge_add(&X_p1p1, &cR_p3, &rG_cached);
|
||||||
|
ge_p2 X_p2;
|
||||||
|
ge_p1p1_to_p2(&X_p2, &X_p1p1);
|
||||||
|
|
||||||
|
// compute Y = sig.c*D + sig.r*A
|
||||||
|
public_key cD;
|
||||||
|
public_key rA;
|
||||||
|
ge_tobytes(&cD, &cD_p2);
|
||||||
|
ge_tobytes(&rA, &rA_p2);
|
||||||
|
ge_p3 cD_p3;
|
||||||
|
ge_p3 rA_p3;
|
||||||
|
if (ge_frombytes_vartime(&cD_p3, &cD) != 0) return false;
|
||||||
|
if (ge_frombytes_vartime(&rA_p3, &rA) != 0) return false;
|
||||||
|
ge_cached rA_cached;
|
||||||
|
ge_p3_to_cached(&rA_cached, &rA_p3);
|
||||||
|
ge_p1p1 Y_p1p1;
|
||||||
|
ge_add(&Y_p1p1, &cD_p3, &rA_cached);
|
||||||
|
ge_p2 Y_p2;
|
||||||
|
ge_p1p1_to_p2(&Y_p2, &Y_p1p1);
|
||||||
|
|
||||||
|
// compute c2 = Hs(Msg || D || X || Y)
|
||||||
|
s_comm_2 buf;
|
||||||
|
buf.msg = prefix_hash;
|
||||||
|
buf.D = D;
|
||||||
|
ge_tobytes(&buf.X, &X_p2);
|
||||||
|
ge_tobytes(&buf.Y, &Y_p2);
|
||||||
|
ec_scalar c2;
|
||||||
|
hash_to_scalar(&buf, sizeof(s_comm_2), c2);
|
||||||
|
|
||||||
|
// test if c2 == sig.c
|
||||||
|
sc_sub(&c2, &c2, &sig.c);
|
||||||
|
return sc_isnonzero(&c2) == 0;
|
||||||
|
}
|
||||||
|
|
||||||
static void hash_to_ec(const public_key &key, ge_p3 &res) {
|
static void hash_to_ec(const public_key &key, ge_p3 &res) {
|
||||||
hash h;
|
hash h;
|
||||||
ge_p2 point;
|
ge_p2 point;
|
||||||
|
@ -280,7 +407,6 @@ POP_WARNINGS
|
||||||
const public_key *const *pubs, size_t pubs_count,
|
const public_key *const *pubs, size_t pubs_count,
|
||||||
const secret_key &sec, size_t sec_index,
|
const secret_key &sec, size_t sec_index,
|
||||||
signature *sig) {
|
signature *sig) {
|
||||||
boost::lock_guard<boost::mutex> lock(random_lock);
|
|
||||||
size_t i;
|
size_t i;
|
||||||
ge_p3 image_unp;
|
ge_p3 image_unp;
|
||||||
ge_dsmp image_pre;
|
ge_dsmp image_pre;
|
||||||
|
|
|
@ -123,6 +123,10 @@ namespace crypto {
|
||||||
friend void generate_signature(const hash &, const public_key &, const secret_key &, signature &);
|
friend void generate_signature(const hash &, const public_key &, const secret_key &, signature &);
|
||||||
static bool check_signature(const hash &, const public_key &, const signature &);
|
static bool check_signature(const hash &, const public_key &, const signature &);
|
||||||
friend bool check_signature(const hash &, const public_key &, const signature &);
|
friend bool check_signature(const hash &, const public_key &, const signature &);
|
||||||
|
static void generate_tx_proof(const hash &, const public_key &, const public_key &, const public_key &, const secret_key &, signature &);
|
||||||
|
friend void generate_tx_proof(const hash &, const public_key &, const public_key &, const public_key &, const secret_key &, signature &);
|
||||||
|
static bool check_tx_proof(const hash &, const public_key &, const public_key &, const public_key &, const signature &);
|
||||||
|
friend bool check_tx_proof(const hash &, const public_key &, const public_key &, const public_key &, const signature &);
|
||||||
static void generate_key_image(const public_key &, const secret_key &, key_image &);
|
static void generate_key_image(const public_key &, const secret_key &, key_image &);
|
||||||
friend void generate_key_image(const public_key &, const secret_key &, key_image &);
|
friend void generate_key_image(const public_key &, const secret_key &, key_image &);
|
||||||
static void generate_ring_signature(const hash &, const key_image &,
|
static void generate_ring_signature(const hash &, const key_image &,
|
||||||
|
@ -200,6 +204,16 @@ namespace crypto {
|
||||||
return crypto_ops::check_signature(prefix_hash, pub, sig);
|
return crypto_ops::check_signature(prefix_hash, pub, sig);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Generation and checking of a tx proof; given a tx pubkey R, the recipient's view pubkey A, and the key
|
||||||
|
* derivation D, the signature proves the knowledge of the tx secret key r such that R=r*G and D=r*A
|
||||||
|
*/
|
||||||
|
inline void generate_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const public_key &D, const secret_key &r, signature &sig) {
|
||||||
|
crypto_ops::generate_tx_proof(prefix_hash, R, A, D, r, sig);
|
||||||
|
}
|
||||||
|
inline bool check_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const public_key &D, const signature &sig) {
|
||||||
|
return crypto_ops::check_tx_proof(prefix_hash, R, A, D, sig);
|
||||||
|
}
|
||||||
|
|
||||||
/* To send money to a key:
|
/* To send money to a key:
|
||||||
* * The sender generates an ephemeral key and includes it in transaction output.
|
* * The sender generates an ephemeral key and includes it in transaction output.
|
||||||
* * To spend the money, the receiver generates a key image from it.
|
* * To spend the money, the receiver generates a key image from it.
|
||||||
|
|
|
@ -47,6 +47,7 @@
|
||||||
#include "common/command_line.h"
|
#include "common/command_line.h"
|
||||||
#include "common/util.h"
|
#include "common/util.h"
|
||||||
#include "common/dns_utils.h"
|
#include "common/dns_utils.h"
|
||||||
|
#include "common/base58.h"
|
||||||
#include "p2p/net_node.h"
|
#include "p2p/net_node.h"
|
||||||
#include "cryptonote_protocol/cryptonote_protocol_handler.h"
|
#include "cryptonote_protocol/cryptonote_protocol_handler.h"
|
||||||
#include "simplewallet.h"
|
#include "simplewallet.h"
|
||||||
|
@ -714,6 +715,8 @@ simple_wallet::simple_wallet()
|
||||||
m_cmd_binder.set_handler("rescan_spent", boost::bind(&simple_wallet::rescan_spent, this, _1), tr("Rescan blockchain for spent outputs"));
|
m_cmd_binder.set_handler("rescan_spent", boost::bind(&simple_wallet::rescan_spent, this, _1), tr("Rescan blockchain for spent outputs"));
|
||||||
m_cmd_binder.set_handler("get_tx_key", boost::bind(&simple_wallet::get_tx_key, this, _1), tr("Get transaction key (r) for a given <txid>"));
|
m_cmd_binder.set_handler("get_tx_key", boost::bind(&simple_wallet::get_tx_key, this, _1), tr("Get transaction key (r) for a given <txid>"));
|
||||||
m_cmd_binder.set_handler("check_tx_key", boost::bind(&simple_wallet::check_tx_key, this, _1), tr("Check amount going to <address> in <txid>"));
|
m_cmd_binder.set_handler("check_tx_key", boost::bind(&simple_wallet::check_tx_key, this, _1), tr("Check amount going to <address> in <txid>"));
|
||||||
|
m_cmd_binder.set_handler("get_tx_proof", boost::bind(&simple_wallet::get_tx_proof, this, _1), tr("Generate a signature to prove payment to <address> in <txid> using the transaction secret key (r) without revealing it"));
|
||||||
|
m_cmd_binder.set_handler("check_tx_proof", boost::bind(&simple_wallet::check_tx_proof, this, _1), tr("Check tx proof for payment going to <address> in <txid>"));
|
||||||
m_cmd_binder.set_handler("show_transfers", boost::bind(&simple_wallet::show_transfers, this, _1), tr("show_transfers [in|out|pending|failed|pool] [<min_height> [<max_height>]] - Show incoming/outgoing transfers within an optional height range"));
|
m_cmd_binder.set_handler("show_transfers", boost::bind(&simple_wallet::show_transfers, this, _1), tr("show_transfers [in|out|pending|failed|pool] [<min_height> [<max_height>]] - Show incoming/outgoing transfers within an optional height range"));
|
||||||
m_cmd_binder.set_handler("unspent_outputs", boost::bind(&simple_wallet::unspent_outputs, this, _1), tr("unspent_outputs [<min_amount> <max_amount>] - Show unspent outputs within an optional amount range)"));
|
m_cmd_binder.set_handler("unspent_outputs", boost::bind(&simple_wallet::unspent_outputs, this, _1), tr("unspent_outputs [<min_amount> <max_amount>] - Show unspent outputs within an optional amount range)"));
|
||||||
m_cmd_binder.set_handler("rescan_bc", boost::bind(&simple_wallet::rescan_blockchain, this, _1), tr("Rescan blockchain from scratch"));
|
m_cmd_binder.set_handler("rescan_bc", boost::bind(&simple_wallet::rescan_blockchain, this, _1), tr("Rescan blockchain from scratch"));
|
||||||
|
@ -1190,7 +1193,11 @@ bool simple_wallet::init(const boost::program_options::variables_map& vm)
|
||||||
bool r = open_wallet(vm);
|
bool r = open_wallet(vm);
|
||||||
CHECK_AND_ASSERT_MES(r, false, tr("failed to open account"));
|
CHECK_AND_ASSERT_MES(r, false, tr("failed to open account"));
|
||||||
}
|
}
|
||||||
assert(m_wallet);
|
if (!m_wallet)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("wallet is null");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// set --trusted-daemon if local
|
// set --trusted-daemon if local
|
||||||
try
|
try
|
||||||
|
@ -1570,7 +1577,11 @@ bool simple_wallet::start_mining(const std::vector<std::string>& args)
|
||||||
if (!try_connect_to_daemon())
|
if (!try_connect_to_daemon())
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
assert(m_wallet);
|
if (!m_wallet)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("wallet is null");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
COMMAND_RPC_START_MINING::request req = AUTO_VAL_INIT(req);
|
COMMAND_RPC_START_MINING::request req = AUTO_VAL_INIT(req);
|
||||||
req.miner_address = m_wallet->get_account().get_public_address_str(m_wallet->testnet());
|
req.miner_address = m_wallet->get_account().get_public_address_str(m_wallet->testnet());
|
||||||
|
|
||||||
|
@ -1613,7 +1624,11 @@ bool simple_wallet::stop_mining(const std::vector<std::string>& args)
|
||||||
if (!try_connect_to_daemon())
|
if (!try_connect_to_daemon())
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
assert(m_wallet);
|
if (!m_wallet)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("wallet is null");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
COMMAND_RPC_STOP_MINING::request req;
|
COMMAND_RPC_STOP_MINING::request req;
|
||||||
COMMAND_RPC_STOP_MINING::response res;
|
COMMAND_RPC_STOP_MINING::response res;
|
||||||
bool r = net_utils::invoke_http_json("/stop_mining", req, res, m_http_client);
|
bool r = net_utils::invoke_http_json("/stop_mining", req, res, m_http_client);
|
||||||
|
@ -1630,7 +1645,11 @@ bool simple_wallet::save_bc(const std::vector<std::string>& args)
|
||||||
if (!try_connect_to_daemon())
|
if (!try_connect_to_daemon())
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
assert(m_wallet);
|
if (!m_wallet)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("wallet is null");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
COMMAND_RPC_SAVE_BC::request req;
|
COMMAND_RPC_SAVE_BC::request req;
|
||||||
COMMAND_RPC_SAVE_BC::response res;
|
COMMAND_RPC_SAVE_BC::response res;
|
||||||
bool r = net_utils::invoke_http_json("/save_bc", req, res, m_http_client);
|
bool r = net_utils::invoke_http_json("/save_bc", req, res, m_http_client);
|
||||||
|
@ -3232,6 +3251,85 @@ bool simple_wallet::get_tx_key(const std::vector<std::string> &args_)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//----------------------------------------------------------------------------------------------------
|
//----------------------------------------------------------------------------------------------------
|
||||||
|
bool simple_wallet::get_tx_proof(const std::vector<std::string> &args)
|
||||||
|
{
|
||||||
|
if(args.size() != 2 && args.size() != 3) {
|
||||||
|
fail_msg_writer() << tr("usage: get_tx_proof <txid> <dest_address> [<tx_key>]");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (m_wallet->ask_password() && !get_and_verify_password()) { return true; }
|
||||||
|
|
||||||
|
cryptonote::blobdata txid_data;
|
||||||
|
if(!epee::string_tools::parse_hexstr_to_binbuff(args[0], txid_data) || txid_data.size() != sizeof(crypto::hash))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to parse txid");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
crypto::hash txid = *reinterpret_cast<const crypto::hash*>(txid_data.data());
|
||||||
|
|
||||||
|
cryptonote::account_public_address address;
|
||||||
|
bool has_payment_id;
|
||||||
|
crypto::hash8 payment_id;
|
||||||
|
if(!cryptonote::get_account_address_from_str_or_url(address, has_payment_id, payment_id, m_wallet->testnet(), args[1]))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to parse address");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
LOCK_IDLE_SCOPE();
|
||||||
|
|
||||||
|
crypto::secret_key tx_key, tx_key2;
|
||||||
|
bool r = m_wallet->get_tx_key(txid, tx_key);
|
||||||
|
cryptonote::blobdata tx_key_data;
|
||||||
|
if (args.size() == 3)
|
||||||
|
{
|
||||||
|
if(!epee::string_tools::parse_hexstr_to_binbuff(args[2], tx_key_data) || tx_key_data.size() != sizeof(crypto::secret_key))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to parse tx_key");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
tx_key2 = *reinterpret_cast<const crypto::secret_key*>(tx_key_data.data());
|
||||||
|
}
|
||||||
|
if (r)
|
||||||
|
{
|
||||||
|
if (args.size() == 3 && tx_key != rct::sk2rct(tx_key2))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Tx secret key was found for the given txid, but you've also provided another tx secret key which doesn't match the found one.");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (tx_key_data.empty())
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Tx secret key wasn't found in the wallet file. Provide it as the optional third parameter if you have it elsewhere.");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
tx_key = tx_key2;
|
||||||
|
}
|
||||||
|
|
||||||
|
crypto::public_key R;
|
||||||
|
crypto::secret_key_to_public_key(tx_key, R);
|
||||||
|
crypto::public_key rA = rct::rct2pk(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key)));
|
||||||
|
crypto::signature sig;
|
||||||
|
try
|
||||||
|
{
|
||||||
|
crypto::generate_tx_proof(txid, R, address.m_view_public_key, rA, tx_key, sig);
|
||||||
|
}
|
||||||
|
catch (const std::runtime_error &e)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << e.what();
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
std::string sig_str = std::string("ProofV1") +
|
||||||
|
tools::base58::encode(std::string((const char *)&rA, sizeof(crypto::public_key))) +
|
||||||
|
tools::base58::encode(std::string((const char *)&sig, sizeof(crypto::signature)));
|
||||||
|
|
||||||
|
success_msg_writer() << tr("Signature: ") << sig_str;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
//----------------------------------------------------------------------------------------------------
|
||||||
bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
{
|
{
|
||||||
std::vector<std::string> local_args = args_;
|
std::vector<std::string> local_args = args_;
|
||||||
|
@ -3244,7 +3342,11 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
if (!try_connect_to_daemon())
|
if (!try_connect_to_daemon())
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
assert(m_wallet);
|
if (!m_wallet)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("wallet is null");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
cryptonote::blobdata txid_data;
|
cryptonote::blobdata txid_data;
|
||||||
if(!epee::string_tools::parse_hexstr_to_binbuff(local_args[0], txid_data) || txid_data.size() != sizeof(crypto::hash))
|
if(!epee::string_tools::parse_hexstr_to_binbuff(local_args[0], txid_data) || txid_data.size() != sizeof(crypto::hash))
|
||||||
{
|
{
|
||||||
|
@ -3253,8 +3355,6 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
}
|
}
|
||||||
crypto::hash txid = *reinterpret_cast<const crypto::hash*>(txid_data.data());
|
crypto::hash txid = *reinterpret_cast<const crypto::hash*>(txid_data.data());
|
||||||
|
|
||||||
LOCK_IDLE_SCOPE();
|
|
||||||
|
|
||||||
if (local_args[1].size() < 64 || local_args[1].size() % 64)
|
if (local_args[1].size() < 64 || local_args[1].size() % 64)
|
||||||
{
|
{
|
||||||
fail_msg_writer() << tr("failed to parse tx key");
|
fail_msg_writer() << tr("failed to parse tx key");
|
||||||
|
@ -3278,6 +3378,18 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
crypto::key_derivation derivation;
|
||||||
|
if (!crypto::generate_key_derivation(address.m_view_public_key, tx_key, derivation))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to generate key derivation from supplied parameters");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return check_tx_key_helper(txid, address, derivation);
|
||||||
|
}
|
||||||
|
//----------------------------------------------------------------------------------------------------
|
||||||
|
bool simple_wallet::check_tx_key_helper(const crypto::hash &txid, const cryptonote::account_public_address &address, const crypto::key_derivation &derivation)
|
||||||
|
{
|
||||||
COMMAND_RPC_GET_TRANSACTIONS::request req;
|
COMMAND_RPC_GET_TRANSACTIONS::request req;
|
||||||
COMMAND_RPC_GET_TRANSACTIONS::response res;
|
COMMAND_RPC_GET_TRANSACTIONS::response res;
|
||||||
req.txs_hashes.push_back(epee::string_tools::pod_to_hex(txid));
|
req.txs_hashes.push_back(epee::string_tools::pod_to_hex(txid));
|
||||||
|
@ -3311,13 +3423,6 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
crypto::key_derivation derivation;
|
|
||||||
if (!crypto::generate_key_derivation(address.m_view_public_key, tx_key, derivation))
|
|
||||||
{
|
|
||||||
fail_msg_writer() << tr("failed to generate key derivation from supplied parameters");
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
uint64_t received = 0;
|
uint64_t received = 0;
|
||||||
try {
|
try {
|
||||||
for (size_t n = 0; n < tx.vout.size(); ++n)
|
for (size_t n = 0; n < tx.vout.size(); ++n)
|
||||||
|
@ -3340,14 +3445,6 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
{
|
{
|
||||||
rct::key Ctmp;
|
rct::key Ctmp;
|
||||||
//rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key)));
|
//rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(address.m_view_public_key), rct::sk2rct(tx_key)));
|
||||||
crypto::key_derivation derivation;
|
|
||||||
bool r = crypto::generate_key_derivation(address.m_view_public_key, tx_key, derivation);
|
|
||||||
if (!r)
|
|
||||||
{
|
|
||||||
LOG_ERROR("Failed to generate key derivation to decode rct output " << n);
|
|
||||||
amount = 0;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
crypto::secret_key scalar1;
|
crypto::secret_key scalar1;
|
||||||
crypto::derivation_to_scalar(derivation, n, scalar1);
|
crypto::derivation_to_scalar(derivation, n, scalar1);
|
||||||
|
@ -3404,6 +3501,129 @@ bool simple_wallet::check_tx_key(const std::vector<std::string> &args_)
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//----------------------------------------------------------------------------------------------------
|
//----------------------------------------------------------------------------------------------------
|
||||||
|
bool simple_wallet::check_tx_proof(const std::vector<std::string> &args)
|
||||||
|
{
|
||||||
|
if(args.size() != 3) {
|
||||||
|
fail_msg_writer() << tr("usage: check_tx_proof <txid> <address> <signature>");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!try_connect_to_daemon())
|
||||||
|
return true;
|
||||||
|
|
||||||
|
// parse txid
|
||||||
|
cryptonote::blobdata txid_data;
|
||||||
|
if(!epee::string_tools::parse_hexstr_to_binbuff(args[0], txid_data) || txid_data.size() != sizeof(crypto::hash))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to parse txid");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
crypto::hash txid = *reinterpret_cast<const crypto::hash*>(txid_data.data());
|
||||||
|
|
||||||
|
// parse address
|
||||||
|
cryptonote::account_public_address address;
|
||||||
|
bool has_payment_id;
|
||||||
|
crypto::hash8 payment_id;
|
||||||
|
if(!cryptonote::get_account_address_from_str_or_url(address, has_payment_id, payment_id, m_wallet->testnet(), args[1]))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to parse address");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// parse pubkey r*A & signature
|
||||||
|
std::string sig_str = args[2];
|
||||||
|
const size_t header_len = strlen("ProofV1");
|
||||||
|
if (sig_str.size() < header_len || sig_str.substr(0, header_len) != "ProofV1")
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Signature header check error");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
crypto::public_key rA;
|
||||||
|
crypto::signature sig;
|
||||||
|
const size_t rA_len = tools::base58::encode(std::string((const char *)&rA, sizeof(crypto::public_key))).size();
|
||||||
|
const size_t sig_len = tools::base58::encode(std::string((const char *)&sig, sizeof(crypto::signature))).size();
|
||||||
|
std::string rA_decoded;
|
||||||
|
std::string sig_decoded;
|
||||||
|
if (!tools::base58::decode(sig_str.substr(header_len, rA_len), rA_decoded))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Signature decoding error");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (!tools::base58::decode(sig_str.substr(header_len + rA_len, sig_len), sig_decoded))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Signature decoding error");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (sizeof(crypto::public_key) != rA_decoded.size() || sizeof(crypto::signature) != sig_decoded.size())
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Signature decoding error");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
memcpy(&rA, rA_decoded.data(), sizeof(crypto::public_key));
|
||||||
|
memcpy(&sig, sig_decoded.data(), sizeof(crypto::signature));
|
||||||
|
|
||||||
|
// fetch tx pubkey from the daemon
|
||||||
|
COMMAND_RPC_GET_TRANSACTIONS::request req;
|
||||||
|
COMMAND_RPC_GET_TRANSACTIONS::response res;
|
||||||
|
req.txs_hashes.push_back(epee::string_tools::pod_to_hex(txid));
|
||||||
|
if (!net_utils::invoke_http_json("/gettransactions", req, res, m_http_client) ||
|
||||||
|
(res.txs.size() != 1 && res.txs_as_hex.size() != 1))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to get transaction from daemon");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
cryptonote::blobdata tx_data;
|
||||||
|
bool ok;
|
||||||
|
if (res.txs.size() == 1)
|
||||||
|
ok = string_tools::parse_hexstr_to_binbuff(res.txs.front().as_hex, tx_data);
|
||||||
|
else
|
||||||
|
ok = string_tools::parse_hexstr_to_binbuff(res.txs_as_hex.front(), tx_data);
|
||||||
|
if (!ok)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to parse transaction from daemon");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
crypto::hash tx_hash, tx_prefix_hash;
|
||||||
|
cryptonote::transaction tx;
|
||||||
|
if (!cryptonote::parse_and_validate_tx_from_blob(tx_data, tx, tx_hash, tx_prefix_hash))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to validate transaction from daemon");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (tx_hash != txid)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to get the right transaction from daemon");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
crypto::public_key R = get_tx_pub_key_from_extra(tx);
|
||||||
|
if (R == null_pkey)
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Tx pubkey was not found");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// check signature
|
||||||
|
if (crypto::check_tx_proof(txid, R, address.m_view_public_key, rA, sig))
|
||||||
|
{
|
||||||
|
success_msg_writer() << tr("Good signature");
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("Bad signature");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// obtain key derivation by multiplying scalar 1 to the pubkey r*A included in the signature
|
||||||
|
crypto::key_derivation derivation;
|
||||||
|
if (!crypto::generate_key_derivation(rA, rct::rct2sk(rct::I), derivation))
|
||||||
|
{
|
||||||
|
fail_msg_writer() << tr("failed to generate key derivation");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return check_tx_key_helper(txid, address, derivation);
|
||||||
|
}
|
||||||
|
//----------------------------------------------------------------------------------------------------
|
||||||
static std::string get_human_readable_timestamp(uint64_t ts)
|
static std::string get_human_readable_timestamp(uint64_t ts)
|
||||||
{
|
{
|
||||||
char buffer[64];
|
char buffer[64];
|
||||||
|
|
|
@ -154,6 +154,9 @@ namespace cryptonote
|
||||||
bool set_log(const std::vector<std::string> &args);
|
bool set_log(const std::vector<std::string> &args);
|
||||||
bool get_tx_key(const std::vector<std::string> &args);
|
bool get_tx_key(const std::vector<std::string> &args);
|
||||||
bool check_tx_key(const std::vector<std::string> &args);
|
bool check_tx_key(const std::vector<std::string> &args);
|
||||||
|
bool check_tx_key_helper(const crypto::hash &txid, const cryptonote::account_public_address &address, const crypto::key_derivation &derivation);
|
||||||
|
bool get_tx_proof(const std::vector<std::string> &args);
|
||||||
|
bool check_tx_proof(const std::vector<std::string> &args);
|
||||||
bool show_transfers(const std::vector<std::string> &args);
|
bool show_transfers(const std::vector<std::string> &args);
|
||||||
bool unspent_outputs(const std::vector<std::string> &args);
|
bool unspent_outputs(const std::vector<std::string> &args);
|
||||||
bool rescan_blockchain(const std::vector<std::string> &args);
|
bool rescan_blockchain(const std::vector<std::string> &args);
|
||||||
|
|
Loading…
Reference in a new issue