d0s3t3ch/wownero
1
0
Fork 0
mirror of https://git.wownero.com/wownero/wownero.git synced 2024-08-15 01:03:23 +00:00
Code Issues Projects Releases Wiki Activity

rct: make the amount key derivable by a third party with the tx key

Browse source 
Scheme design from luigi1114.
This commit is contained in:
moneromooo-monero 2016-07-24 17:53:34 +01:00
parent cf33e1a52a
commit 9b70856ccb
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3
12 changed files with 141 additions and 93 deletions
Download patch file Download diff file Expand all files Collapse all files

8
tests/core_tests/rct.cpp
View file

@ -125,13 +125,11 @@ bool gen_rct_tx_validation_base::generate_with(std::vector<test_event_entry>& ev
crypto::public_key tx_pub_key = get_tx_pub_key_from_extra(rct_txes[n]);
for (size_t o = 0; o < 4; ++o)
{
cryptonote::keypair in_ephemeral;
crypto::key_image ki;
cryptonote::generate_key_image_helper(miner_accounts[n].get_keys(), tx_pub_key, o, in_ephemeral, ki);
rct::key amount_key = rct::hash_to_scalar(rct::scalarmultKey(rct::pk2rct(tx_pub_key), rct::sk2rct(miner_accounts[n].get_keys().m_view_secret_key)));
if (rct_txes[n].rct_signatures.simple)
rct::decodeRctSimple(rct_txes[n].rct_signatures, rct::sk2rct(in_ephemeral.sec), o, rct_tx_masks[o+n*4]);
rct::decodeRctSimpleFromSharedSecret(rct_txes[n].rct_signatures, amount_key, o, rct_tx_masks[o+n*4]);
else
rct::decodeRct(rct_txes[n].rct_signatures, rct::sk2rct(in_ephemeral.sec), o, rct_tx_masks[o+n*4]);
rct::decodeRctFromSharedSecret(rct_txes[n].rct_signatures, amount_key, o, rct_tx_masks[o+n*4]);
}
CHECK_AND_ASSERT_MES(generator.construct_block_manually(blk_txes[n], blk_last, miner_account,

43
tests/unit_tests/ringct.cpp
View file

@ -171,10 +171,12 @@ TEST(ringct, range_proofs)
sc.push_back(sctmp);
pc.push_back(pctmp);
vector<xmr_amount >amounts;
rct::keyV amount_keys;
key mask;
//add output 500
amounts.push_back(500);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
keyV destinations;
key Sk, Pk;
skpkGen(Sk, Pk);
@ -183,17 +185,18 @@ TEST(ringct, range_proofs)
//add output for 12500
amounts.push_back(12500);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
skpkGen(Sk, Pk);
destinations.push_back(Pk);
//compute rct data with mixin 500
rctSig s = genRct(rct::zero(), sc, pc, destinations, amounts, 3);
rctSig s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
//verify rct data
ASSERT_TRUE(verRct(s));
//decode received amount
ASSERT_TRUE(decodeRct(s, Sk, 1));
ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask));
// Ring CT with failing MG sig part should not verify!
// Since sum of inputs != outputs
@ -204,13 +207,13 @@ TEST(ringct, range_proofs)
//compute rct data with mixin 500
s = genRct(rct::zero(), sc, pc, destinations, amounts, 3);
s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
//verify rct data
ASSERT_FALSE(verRct(s));
//decode received amount
ASSERT_TRUE(decodeRct(s, Sk, 1));
ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask));
}
TEST(ringct, range_proofs_with_fee)
@ -229,10 +232,12 @@ TEST(ringct, range_proofs_with_fee)
sc.push_back(sctmp);
pc.push_back(pctmp);
vector<xmr_amount >amounts;
keyV amount_keys;
key mask;
//add output 500
amounts.push_back(500);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
keyV destinations;
key Sk, Pk;
skpkGen(Sk, Pk);
@ -241,20 +246,22 @@ TEST(ringct, range_proofs_with_fee)
//add txn fee for 1
//has no corresponding destination..
amounts.push_back(1);
amount_keys.push_back(hash_to_scalar(zero()));
//add output for 12500
amounts.push_back(12500);
amount_keys.push_back(hash_to_scalar(zero()));
skpkGen(Sk, Pk);
destinations.push_back(Pk);
//compute rct data with mixin 500
rctSig s = genRct(rct::zero(), sc, pc, destinations, amounts, 3);
rctSig s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
//verify rct data
ASSERT_TRUE(verRct(s));
//decode received amount
ASSERT_TRUE(decodeRct(s, Sk, 1));
ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask));
// Ring CT with failing MG sig part should not verify!
// Since sum of inputs != outputs
@ -265,13 +272,13 @@ TEST(ringct, range_proofs_with_fee)
//compute rct data with mixin 500
s = genRct(rct::zero(), sc, pc, destinations, amounts, 3);
s = genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
//verify rct data
ASSERT_FALSE(verRct(s));
//decode received amount
ASSERT_TRUE(decodeRct(s, Sk, 1));
ASSERT_TRUE(decodeRctFromSharedSecret(s, amount_keys[1], 1, mask));
}
TEST(ringct, simple)
@ -284,6 +291,8 @@ TEST(ringct, simple)
vector<xmr_amount>inamounts;
//this keyV corresponds to destination pubkeys
keyV destinations;
keyV amount_keys;
key mask;
//add fake input 3000
//the sc is secret data
@ -303,6 +312,7 @@ TEST(ringct, simple)
//add output 5000
outamounts.push_back(5000);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
//add the corresponding destination pubkey
key Sk, Pk;
skpkGen(Sk, Pk);
@ -310,6 +320,7 @@ TEST(ringct, simple)
//add output 999
outamounts.push_back(999);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
//add the corresponding destination pubkey
skpkGen(Sk, Pk);
destinations.push_back(Pk);
@ -319,13 +330,13 @@ TEST(ringct, simple)
//compute sig with mixin 2
xmr_amount txnfee = 1;
rctSig s = genRctSimple(message, sc, pc, destinations,inamounts, outamounts, txnfee, 2);
rctSig s = genRctSimple(message, sc, pc, destinations,inamounts, outamounts, amount_keys, txnfee, 2);
//verify ring ct signature
ASSERT_TRUE(verRctSimple(s));
//decode received amount corresponding to output pubkey index 1
ASSERT_TRUE(decodeRctSimple(s, Sk, 1));
ASSERT_TRUE(decodeRctSimpleFromSharedSecret(s, amount_keys[1], 1, mask));
}
static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], bool last_is_fee)
@ -334,6 +345,7 @@ static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amount
ctkey sctmp, pctmp;
vector<xmr_amount >amounts;
keyV destinations;
keyV amount_keys;
key Sk, Pk;
for (int n = 0; n < n_inputs; ++n) {
@ -344,12 +356,13 @@ static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amount
for (int n = 0; n < n_outputs; ++n) {
amounts.push_back(output_amounts[n]);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
skpkGen(Sk, Pk);
if (n < n_outputs - 1 || !last_is_fee)
destinations.push_back(Pk);
}
return genRct(rct::zero(), sc, pc, destinations, amounts, 3);;
return genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);;
}
static rct::rctSig make_sample_simple_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], uint64_t fee)
@ -358,6 +371,7 @@ static rct::rctSig make_sample_simple_rct_sig(int n_inputs, const uint64_t input
ctkey sctmp, pctmp;
vector<xmr_amount> inamounts, outamounts;
keyV destinations;
keyV amount_keys;
key Sk, Pk;
for (int n = 0; n < n_inputs; ++n) {
@ -369,11 +383,12 @@ static rct::rctSig make_sample_simple_rct_sig(int n_inputs, const uint64_t input
for (int n = 0; n < n_outputs; ++n) {
outamounts.push_back(output_amounts[n]);
amount_keys.push_back(hash_to_scalar(zero()));
skpkGen(Sk, Pk);
destinations.push_back(Pk);
}
return genRctSimple(rct::zero(), sc, pc, destinations, inamounts, outamounts, fee, 3);;
return genRctSimple(rct::zero(), sc, pc, destinations, inamounts, outamounts, amount_keys, fee, 3);;
}
static bool range_proof_test(bool expected_valid,

4
tests/unit_tests/serialization.cpp
View file

@ -554,6 +554,7 @@ TEST(Serialization, serializes_ringct_types)
sc.push_back(sctmp);
pc.push_back(pctmp);
vector<uint64_t> amounts;
rct::keyV amount_keys;
//add output 500
amounts.push_back(500);
rct::keyV destinations;
@ -562,10 +563,11 @@ TEST(Serialization, serializes_ringct_types)
destinations.push_back(Pk);
//add output for 12500
amounts.push_back(12500);
amount_keys.push_back(rct::hash_to_scalar(rct::zero()));
rct::skpkGen(Sk, Pk);
destinations.push_back(Pk);
//compute rct data with mixin 500
s0 = rct::genRct(rct::zero(), sc, pc, destinations, amounts, 3);
s0 = rct::genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3);
mg0 = s0.MG;
ASSERT_TRUE(serialization::dump_binary(mg0, blob));