mirror of
https://git.wownero.com/wownero/wownero.git
synced 2024-08-15 01:03:23 +00:00
multisig key exchange update and refactor
This commit is contained in:
koe
parent
b58a9fb12e
commit
e08abaa43f
30 changed files with 2224 additions and 952 deletions
|
|
@ -836,7 +836,7 @@ inline bool do_replay_file(const std::string& filename)
|
|||
{ \
|
||||
for (size_t msidx = 0; msidx < total; ++msidx) \
|
||||
account[msidx].generate(); \
|
||||
make_multisig_accounts(account, threshold); \
|
||||
CHECK_AND_ASSERT_MES(make_multisig_accounts(account, threshold), false, "Failed to make multisig accounts."); \
|
||||
} while(0)
|
||||
|
||||
#define MAKE_ACCOUNT(VEC_EVENTS, account) \
|
||||
|
|
|
|||
|
|
@ -28,98 +28,88 @@
|
|||
//
|
||||
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
|
||||
|
||||
#include "ringct/rctSigs.h"
|
||||
#include "cryptonote_basic/cryptonote_basic.h"
|
||||
#include "multisig/multisig.h"
|
||||
#include "common/apply_permutation.h"
|
||||
#include "chaingen.h"
|
||||
#include "multisig.h"
|
||||
|
||||
#include "common/apply_permutation.h"
|
||||
#include "crypto/crypto.h"
|
||||
#include "cryptonote_basic/cryptonote_basic.h"
|
||||
#include "device/device.hpp"
|
||||
#include "multisig/multisig.h"
|
||||
#include "multisig/multisig_account.h"
|
||||
#include "multisig/multisig_kex_msg.h"
|
||||
#include "ringct/rctOps.h"
|
||||
#include "ringct/rctSigs.h"
|
||||
|
||||
using namespace epee;
|
||||
using namespace crypto;
|
||||
using namespace cryptonote;
|
||||
using namespace multisig;
|
||||
|
||||
//#define NO_MULTISIG
|
||||
|
||||
void make_multisig_accounts(std::vector<cryptonote::account_base>& account, uint32_t threshold)
|
||||
static bool make_multisig_accounts(std::vector<cryptonote::account_base> &accounts, const uint32_t threshold)
|
||||
{
|
||||
std::vector<crypto::secret_key> all_view_keys;
|
||||
std::vector<std::vector<crypto::public_key>> derivations(account.size());
|
||||
//storage for all set of multisig derivations and spend public key (in first round)
|
||||
std::unordered_set<crypto::public_key> exchanging_keys;
|
||||
CHECK_AND_ASSERT_MES(accounts.size() > 0, false, "Invalid multisig scheme");
|
||||
|
||||
for (size_t msidx = 0; msidx < account.size(); ++msidx)
|
||||
std::vector<multisig_account> multisig_accounts;
|
||||
std::vector<crypto::public_key> signers;
|
||||
std::vector<multisig_kex_msg> round_msgs;
|
||||
multisig_accounts.reserve(accounts.size());
|
||||
signers.reserve(accounts.size());
|
||||
round_msgs.reserve(accounts.size());
|
||||
|
||||
// create multisig accounts
|
||||
for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index)
|
||||
{
|
||||
crypto::secret_key vkh = cryptonote::get_multisig_blinded_secret_key(account[msidx].get_keys().m_view_secret_key);
|
||||
all_view_keys.push_back(vkh);
|
||||
// create account and collect signer
|
||||
multisig_accounts.emplace_back(
|
||||
multisig_account{
|
||||
get_multisig_blinded_secret_key(accounts[account_index].get_keys().m_spend_secret_key),
|
||||
get_multisig_blinded_secret_key(accounts[account_index].get_keys().m_view_secret_key)
|
||||
}
|
||||
);
|
||||
|
||||
crypto::secret_key skh = cryptonote::get_multisig_blinded_secret_key(account[msidx].get_keys().m_spend_secret_key);
|
||||
crypto::public_key pskh;
|
||||
crypto::secret_key_to_public_key(skh, pskh);
|
||||
signers.emplace_back(multisig_accounts.back().get_base_pubkey());
|
||||
|
||||
derivations[msidx].push_back(pskh);
|
||||
exchanging_keys.insert(pskh);
|
||||
// collect account's first kex msg
|
||||
round_msgs.emplace_back(multisig_accounts.back().get_next_kex_round_msg());
|
||||
}
|
||||
|
||||
uint32_t roundsTotal = 1;
|
||||
if (threshold < account.size())
|
||||
roundsTotal = account.size() - threshold;
|
||||
|
||||
//secret multisig keys of every account
|
||||
std::vector<std::vector<crypto::secret_key>> multisig_keys(account.size());
|
||||
std::vector<crypto::secret_key> spend_skey(account.size());
|
||||
std::vector<crypto::public_key> spend_pkey(account.size());
|
||||
for (uint32_t round = 0; round < roundsTotal; ++round)
|
||||
// initialize accounts and collect kex messages for the next round
|
||||
std::vector<multisig_kex_msg> temp_round_msgs(multisig_accounts.size());
|
||||
for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index)
|
||||
{
|
||||
std::unordered_set<crypto::public_key> roundKeys;
|
||||
for (size_t msidx = 0; msidx < account.size(); ++msidx)
|
||||
multisig_accounts[account_index].initialize_kex(threshold, signers, round_msgs);
|
||||
|
||||
if (!multisig_accounts[account_index].multisig_is_ready())
|
||||
temp_round_msgs[account_index] = multisig_accounts[account_index].get_next_kex_round_msg();
|
||||
}
|
||||
|
||||
// perform key exchange rounds
|
||||
while (!multisig_accounts[0].multisig_is_ready())
|
||||
{
|
||||
round_msgs = temp_round_msgs;
|
||||
|
||||
for (std::size_t account_index{0}; account_index < multisig_accounts.size(); ++account_index)
|
||||
{
|
||||
// subtracting one's keys from set of all unique keys is the same as key exchange
|
||||
auto myKeys = exchanging_keys;
|
||||
for (const auto& d: derivations[msidx])
|
||||
myKeys.erase(d);
|
||||
multisig_accounts[account_index].kex_update(round_msgs);
|
||||
|
||||
if (threshold == account.size())
|
||||
{
|
||||
cryptonote::generate_multisig_N_N(account[msidx].get_keys(), std::vector<crypto::public_key>(myKeys.begin(), myKeys.end()), multisig_keys[msidx], (rct::key&)spend_skey[msidx], (rct::key&)spend_pkey[msidx]);
|
||||
}
|
||||
else
|
||||
{
|
||||
derivations[msidx] = cryptonote::generate_multisig_derivations(account[msidx].get_keys(), std::vector<crypto::public_key>(myKeys.begin(), myKeys.end()));
|
||||
roundKeys.insert(derivations[msidx].begin(), derivations[msidx].end());
|
||||
}
|
||||
if (!multisig_accounts[account_index].multisig_is_ready())
|
||||
temp_round_msgs[account_index] = multisig_accounts[account_index].get_next_kex_round_msg();
|
||||
}
|
||||
|
||||
exchanging_keys = roundKeys;
|
||||
roundKeys.clear();
|
||||
}
|
||||
|
||||
std::unordered_set<crypto::public_key> all_multisig_keys;
|
||||
for (size_t msidx = 0; msidx < account.size(); ++msidx)
|
||||
// update accounts post key exchange
|
||||
for (std::size_t account_index{0}; account_index < accounts.size(); ++account_index)
|
||||
{
|
||||
std::unordered_set<crypto::secret_key> view_keys(all_view_keys.begin(), all_view_keys.end());
|
||||
view_keys.erase(all_view_keys[msidx]);
|
||||
|
||||
crypto::secret_key view_skey = cryptonote::generate_multisig_view_secret_key(account[msidx].get_keys().m_view_secret_key, std::vector<secret_key>(view_keys.begin(), view_keys.end()));
|
||||
if (threshold < account.size())
|
||||
{
|
||||
multisig_keys[msidx] = cryptonote::calculate_multisig_keys(derivations[msidx]);
|
||||
spend_skey[msidx] = cryptonote::calculate_multisig_signer_key(multisig_keys[msidx]);
|
||||
}
|
||||
account[msidx].make_multisig(view_skey, spend_skey[msidx], spend_pkey[msidx], multisig_keys[msidx]);
|
||||
for (const auto &k: multisig_keys[msidx]) {
|
||||
all_multisig_keys.insert(rct::rct2pk(rct::scalarmultBase(rct::sk2rct(k))));
|
||||
}
|
||||
accounts[account_index].make_multisig(multisig_accounts[account_index].get_common_privkey(),
|
||||
multisig_accounts[account_index].get_base_privkey(),
|
||||
multisig_accounts[account_index].get_multisig_pubkey(),
|
||||
multisig_accounts[account_index].get_multisig_privkeys());
|
||||
}
|
||||
|
||||
if (threshold < account.size())
|
||||
{
|
||||
std::vector<crypto::public_key> public_keys(std::vector<crypto::public_key>(all_multisig_keys.begin(), all_multisig_keys.end()));
|
||||
crypto::public_key spend_pkey = cryptonote::generate_multisig_M_N_spend_public_key(public_keys);
|
||||
|
||||
for (size_t msidx = 0; msidx < account.size(); ++msidx)
|
||||
account[msidx].finalize_multisig(spend_pkey);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
//----------------------------------------------------------------------------------------------------------------------
|
||||
|
|
@ -238,13 +228,13 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
|
|||
for (size_t n = 0; n < nlr; ++n)
|
||||
{
|
||||
account_k[msidx][tdidx].push_back(rct::rct2sk(rct::skGen()));
|
||||
cryptonote::generate_multisig_LR(output_pub_key[tdidx], account_k[msidx][tdidx][n], account_L[msidx][tdidx][n], account_R[msidx][tdidx][n]);
|
||||
multisig::generate_multisig_LR(output_pub_key[tdidx], account_k[msidx][tdidx][n], account_L[msidx][tdidx][n], account_R[msidx][tdidx][n]);
|
||||
}
|
||||
size_t numki = miner_account[msidx].get_multisig_keys().size();
|
||||
account_ki[msidx][tdidx].resize(numki);
|
||||
for (size_t kiidx = 0; kiidx < numki; ++kiidx)
|
||||
{
|
||||
r = cryptonote::generate_multisig_key_image(miner_account[msidx].get_keys(), kiidx, output_pub_key[tdidx], account_ki[msidx][tdidx][kiidx]);
|
||||
r = multisig::generate_multisig_key_image(miner_account[msidx].get_keys(), kiidx, output_pub_key[tdidx], account_ki[msidx][tdidx][kiidx]);
|
||||
CHECK_AND_ASSERT_MES(r, false, "Failed to generate multisig export key image");
|
||||
}
|
||||
MDEBUG("Party " << msidx << ":");
|
||||
|
|
@ -303,7 +293,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
|
|||
for (size_t msidx = 0; msidx < total; ++msidx)
|
||||
for (size_t n = 0; n < account_ki[msidx][tdidx].size(); ++n)
|
||||
pkis.push_back(account_ki[msidx][tdidx][n]);
|
||||
r = cryptonote::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki);
|
||||
r = multisig::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki);
|
||||
CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image");
|
||||
MDEBUG("composite ki: " << kLRki.ki);
|
||||
MDEBUG("L: " << kLRki.L);
|
||||
|
|
@ -311,7 +301,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
|
|||
for (size_t n = 1; n < total; ++n)
|
||||
{
|
||||
rct::key ki;
|
||||
r = cryptonote::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki);
|
||||
r = multisig::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki);
|
||||
CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image");
|
||||
CHECK_AND_ASSERT_MES(kLRki.ki == ki, false, "Composite key images do not match");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,40 +39,40 @@ from framework.wallet import Wallet
|
|||
class MultisigTest():
|
||||
def run_test(self):
|
||||
self.reset()
|
||||
self.mine('493DsrfJPqiN3Suv9RcRDoZEbQtKZX1sNcGPA3GhkKYEEmivk8kjQrTdRdVc4ZbmzWJuE157z9NNUKmF2VDfdYDR3CziGMk', 5)
|
||||
self.mine('42jSRGmmKN96V2j3B8X2DbiNThBXW1tSi1rW1uwkqbyURenq3eC3yosNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRPP7p5y', 5)
|
||||
self.mine('47fF32AdrmXG84FcPY697uZdd42pMMGiH5UpiTRTt3YX2pZC7t7wkzEMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUgxRd53', 5)
|
||||
self.mine('44SKxxLQw929wRF6BA9paQ1EWFshNnKhXM3qz6Mo3JGDE2YG3xyzVutMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUiqhcwR', 5)
|
||||
self.mine('4ADHswEU3XBUee8pudBkZQd9beJainqNo1BQKkHJujAEPJyQrLj9U4dNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRUDxgjW', 5)
|
||||
self.mine('45J58b7PmKJFSiNPFFrTdtfMcFGnruP7V4CMuRpX7NsH4j3jGHKAjo3YJP2RePX6HMaSkbvTbrWUFhDNcNcHgtNmQ3gr7sG', 5)
|
||||
self.mine('44G2TQNfsiURKkvxp7gbgaJY8WynZvANnhmyMAwv6WeEbAvyAWMfKXRhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5duN94i', 5)
|
||||
self.mine('41mro238grj56GnrWkakAKTkBy2yDcXYsUZ2iXCM9pe5Ueajd2RRc6Fhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5ief4ZP', 5)
|
||||
self.mine('44vZSprQKJQRFe6t1VHgU4ESvq2dv7TjBLVGE7QscKxMdFSiyyPCEV64NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6dakeff', 5)
|
||||
self.mine('47puypSwsV1gvUDratmX4y58fSwikXVehEiBhVLxJA1gRCxHyrRgTDr4NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6aRPj5U', 5)
|
||||
self.mine('42ey1afDFnn4886T7196doS9GPMzexD9gXpsZJDwVjeRVdFCSoHnv7KPbBeGpzJBzHRCAs9UxqeoyFQMYbqSWYTfJJQAWDm', 60)
|
||||
|
||||
self.test_states()
|
||||
|
||||
self.create_multisig_wallets(2, 2, '493DsrfJPqiN3Suv9RcRDoZEbQtKZX1sNcGPA3GhkKYEEmivk8kjQrTdRdVc4ZbmzWJuE157z9NNUKmF2VDfdYDR3CziGMk')
|
||||
self.create_multisig_wallets(2, 2, '45J58b7PmKJFSiNPFFrTdtfMcFGnruP7V4CMuRpX7NsH4j3jGHKAjo3YJP2RePX6HMaSkbvTbrWUFhDNcNcHgtNmQ3gr7sG')
|
||||
self.import_multisig_info([1, 0], 5)
|
||||
txid = self.transfer([1, 0])
|
||||
self.import_multisig_info([0, 1], 6)
|
||||
self.check_transaction(txid)
|
||||
|
||||
self.create_multisig_wallets(2, 3, '42jSRGmmKN96V2j3B8X2DbiNThBXW1tSi1rW1uwkqbyURenq3eC3yosNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRPP7p5y')
|
||||
self.create_multisig_wallets(2, 3, '44G2TQNfsiURKkvxp7gbgaJY8WynZvANnhmyMAwv6WeEbAvyAWMfKXRhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5duN94i')
|
||||
self.import_multisig_info([0, 2], 5)
|
||||
txid = self.transfer([0, 2])
|
||||
self.import_multisig_info([0, 1, 2], 6)
|
||||
self.check_transaction(txid)
|
||||
|
||||
self.create_multisig_wallets(3, 3, '4ADHswEU3XBUee8pudBkZQd9beJainqNo1BQKkHJujAEPJyQrLj9U4dNm8HEMdHuWwKMFGzMUB3RCTvcTaW9kHpdRUDxgjW')
|
||||
self.create_multisig_wallets(3, 3, '41mro238grj56GnrWkakAKTkBy2yDcXYsUZ2iXCM9pe5Ueajd2RRc6Fhh3uBXT2UAKhAsUJ7Fg5zjjF2U1iGciFk5ief4ZP')
|
||||
self.import_multisig_info([2, 0, 1], 5)
|
||||
txid = self.transfer([2, 1, 0])
|
||||
self.import_multisig_info([0, 2, 1], 6)
|
||||
self.check_transaction(txid)
|
||||
|
||||
self.create_multisig_wallets(3, 4, '47fF32AdrmXG84FcPY697uZdd42pMMGiH5UpiTRTt3YX2pZC7t7wkzEMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUgxRd53')
|
||||
self.create_multisig_wallets(3, 4, '44vZSprQKJQRFe6t1VHgU4ESvq2dv7TjBLVGE7QscKxMdFSiyyPCEV64NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6dakeff')
|
||||
self.import_multisig_info([0, 2, 3], 5)
|
||||
txid = self.transfer([0, 2, 3])
|
||||
self.import_multisig_info([0, 1, 2, 3], 6)
|
||||
self.check_transaction(txid)
|
||||
|
||||
self.create_multisig_wallets(2, 4, '44SKxxLQw929wRF6BA9paQ1EWFshNnKhXM3qz6Mo3JGDE2YG3xyzVutMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUiqhcwR')
|
||||
self.create_multisig_wallets(2, 4, '47puypSwsV1gvUDratmX4y58fSwikXVehEiBhVLxJA1gRCxHyrRgTDr4NnKUQssFPyWxc2meyt7j63F2S2qtCTRL6aRPj5U')
|
||||
self.import_multisig_info([1, 2], 5)
|
||||
txid = self.transfer([1, 2])
|
||||
self.import_multisig_info([0, 1, 2, 3], 6)
|
||||
|
|
@ -176,10 +176,6 @@ class MultisigTest():
|
|||
info.append(res.multisig_info)
|
||||
|
||||
for i in range(3):
|
||||
ok = False
|
||||
try: res = wallet[i].finalize_multisig(info)
|
||||
except: ok = True
|
||||
assert ok
|
||||
ok = False
|
||||
try: res = wallet[i].exchange_multisig_keys(info)
|
||||
except: ok = True
|
||||
|
|
@ -192,11 +188,6 @@ class MultisigTest():
|
|||
assert res.multisig
|
||||
assert res.ready
|
||||
|
||||
ok = False
|
||||
try: res = wallet[0].finalize_multisig(info)
|
||||
except: ok = True
|
||||
assert ok
|
||||
|
||||
ok = False
|
||||
try: res = wallet[0].prepare_multisig()
|
||||
except: ok = True
|
||||
|
|
|
|||
|
|
@ -26,12 +26,16 @@
|
|||
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
|
||||
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
#include "crypto/crypto.h"
|
||||
#include "multisig/multisig_account.h"
|
||||
#include "multisig/multisig_kex_msg.h"
|
||||
#include "ringct/rctOps.h"
|
||||
#include "wallet/wallet2.h"
|
||||
|
||||
#include "gtest/gtest.h"
|
||||
|
||||
#include <cstdint>
|
||||
|
||||
#include "wallet/wallet2.h"
|
||||
|
||||
static const struct
|
||||
{
|
||||
const char *address;
|
||||
|
|
@ -86,59 +90,145 @@ static void make_wallet(unsigned int idx, tools::wallet2 &wallet)
|
|||
}
|
||||
}
|
||||
|
||||
static std::vector<std::string> exchange_round(std::vector<tools::wallet2>& wallets, const std::vector<std::string>& mis)
|
||||
static std::vector<std::string> exchange_round(std::vector<tools::wallet2>& wallets, const std::vector<std::string>& infos)
|
||||
{
|
||||
std::vector<std::string> new_infos;
|
||||
for (size_t i = 0; i < wallets.size(); ++i) {
|
||||
new_infos.push_back(wallets[i].exchange_multisig_keys("", mis));
|
||||
new_infos.reserve(infos.size());
|
||||
|
||||
for (size_t i = 0; i < wallets.size(); ++i)
|
||||
{
|
||||
new_infos.push_back(wallets[i].exchange_multisig_keys("", infos));
|
||||
}
|
||||
|
||||
return new_infos;
|
||||
}
|
||||
|
||||
static void check_results(const std::vector<std::string> &intermediate_infos,
|
||||
std::vector<tools::wallet2>& wallets,
|
||||
std::uint32_t M)
|
||||
{
|
||||
// check results
|
||||
std::unordered_set<crypto::secret_key> unique_privkeys;
|
||||
rct::key composite_pubkey = rct::identity();
|
||||
|
||||
wallets[0].decrypt_keys("");
|
||||
crypto::public_key spend_pubkey = wallets[0].get_account().get_keys().m_account_address.m_spend_public_key;
|
||||
crypto::secret_key view_privkey = wallets[0].get_account().get_keys().m_view_secret_key;
|
||||
crypto::public_key view_pubkey;
|
||||
EXPECT_TRUE(crypto::secret_key_to_public_key(view_privkey, view_pubkey));
|
||||
wallets[0].encrypt_keys("");
|
||||
|
||||
for (size_t i = 0; i < wallets.size(); ++i)
|
||||
{
|
||||
EXPECT_TRUE(intermediate_infos[i].empty());
|
||||
bool ready;
|
||||
uint32_t threshold, total;
|
||||
EXPECT_TRUE(wallets[i].multisig(&ready, &threshold, &total));
|
||||
EXPECT_TRUE(ready);
|
||||
EXPECT_TRUE(threshold == M);
|
||||
EXPECT_TRUE(total == wallets.size());
|
||||
|
||||
wallets[i].decrypt_keys("");
|
||||
|
||||
if (i != 0)
|
||||
{
|
||||
// "equals" is transitive relation so we need only to compare first wallet's address to each others' addresses.
|
||||
// no need to compare 0's address with itself.
|
||||
EXPECT_TRUE(wallets[0].get_account().get_public_address_str(cryptonote::TESTNET) ==
|
||||
wallets[i].get_account().get_public_address_str(cryptonote::TESTNET));
|
||||
|
||||
EXPECT_EQ(spend_pubkey, wallets[i].get_account().get_keys().m_account_address.m_spend_public_key);
|
||||
EXPECT_EQ(view_privkey, wallets[i].get_account().get_keys().m_view_secret_key);
|
||||
EXPECT_EQ(view_pubkey, wallets[i].get_account().get_keys().m_account_address.m_view_public_key);
|
||||
}
|
||||
|
||||
// sum together unique multisig keys
|
||||
for (const auto &privkey : wallets[i].get_account().get_keys().m_multisig_keys)
|
||||
{
|
||||
EXPECT_NE(privkey, crypto::null_skey);
|
||||
|
||||
if (unique_privkeys.find(privkey) == unique_privkeys.end())
|
||||
{
|
||||
unique_privkeys.insert(privkey);
|
||||
crypto::public_key pubkey;
|
||||
crypto::secret_key_to_public_key(privkey, pubkey);
|
||||
EXPECT_NE(privkey, crypto::null_skey);
|
||||
EXPECT_NE(pubkey, crypto::null_pkey);
|
||||
EXPECT_NE(pubkey, rct::rct2pk(rct::identity()));
|
||||
rct::addKeys(composite_pubkey, composite_pubkey, rct::pk2rct(pubkey));
|
||||
}
|
||||
}
|
||||
wallets[i].encrypt_keys("");
|
||||
}
|
||||
|
||||
// final key via sums should equal the wallets' public spend key
|
||||
wallets[0].decrypt_keys("");
|
||||
EXPECT_EQ(wallets[0].get_account().get_keys().m_account_address.m_spend_public_key, rct::rct2pk(composite_pubkey));
|
||||
wallets[0].encrypt_keys("");
|
||||
}
|
||||
|
||||
static void make_wallets(std::vector<tools::wallet2>& wallets, unsigned int M)
|
||||
{
|
||||
ASSERT_TRUE(wallets.size() > 1 && wallets.size() <= KEYS_COUNT);
|
||||
ASSERT_TRUE(M <= wallets.size());
|
||||
std::uint32_t rounds_required = multisig::multisig_kex_rounds_required(wallets.size(), M);
|
||||
std::uint32_t rounds_complete{0};
|
||||
|
||||
std::vector<std::string> mis(wallets.size());
|
||||
// initialize wallets, get first round multisig kex msgs
|
||||
std::vector<std::string> initial_infos(wallets.size());
|
||||
|
||||
for (size_t i = 0; i < wallets.size(); ++i) {
|
||||
for (size_t i = 0; i < wallets.size(); ++i)
|
||||
{
|
||||
make_wallet(i, wallets[i]);
|
||||
|
||||
wallets[i].decrypt_keys("");
|
||||
mis[i] = wallets[i].get_multisig_info();
|
||||
initial_infos[i] = wallets[i].get_multisig_first_kex_msg();
|
||||
wallets[i].encrypt_keys("");
|
||||
}
|
||||
|
||||
for (auto& wallet: wallets) {
|
||||
// wallets should not be multisig yet
|
||||
for (const auto &wallet: wallets)
|
||||
{
|
||||
ASSERT_FALSE(wallet.multisig());
|
||||
}
|
||||
|
||||
std::vector<std::string> mxis;
|
||||
for (size_t i = 0; i < wallets.size(); ++i) {
|
||||
// it's ok to put all of multisig keys in this function. it throws in case of error
|
||||
mxis.push_back(wallets[i].make_multisig("", mis, M));
|
||||
// make wallets multisig, get second round kex messages (if appropriate)
|
||||
std::vector<std::string> intermediate_infos(wallets.size());
|
||||
|
||||
for (size_t i = 0; i < wallets.size(); ++i)
|
||||
{
|
||||
intermediate_infos[i] = wallets[i].make_multisig("", initial_infos, M);
|
||||
}
|
||||
|
||||
while (!mxis[0].empty()) {
|
||||
mxis = exchange_round(wallets, mxis);
|
||||
++rounds_complete;
|
||||
|
||||
// perform kex rounds until kex is complete
|
||||
while (!intermediate_infos[0].empty())
|
||||
{
|
||||
bool ready{false};
|
||||
wallets[0].multisig(&ready);
|
||||
EXPECT_FALSE(ready);
|
||||
|
||||
intermediate_infos = exchange_round(wallets, intermediate_infos);
|
||||
|
||||
++rounds_complete;
|
||||
}
|
||||
|
||||
for (size_t i = 0; i < wallets.size(); ++i) {
|
||||
ASSERT_TRUE(mxis[i].empty());
|
||||
bool ready;
|
||||
uint32_t threshold, total;
|
||||
ASSERT_TRUE(wallets[i].multisig(&ready, &threshold, &total));
|
||||
ASSERT_TRUE(ready);
|
||||
ASSERT_TRUE(threshold == M);
|
||||
ASSERT_TRUE(total == wallets.size());
|
||||
EXPECT_EQ(rounds_required, rounds_complete);
|
||||
|
||||
if (i != 0) {
|
||||
// "equals" is transitive relation so we need only to compare first wallet's address to each others' addresses. no need to compare 0's address with itself.
|
||||
ASSERT_TRUE(wallets[0].get_account().get_public_address_str(cryptonote::TESTNET) == wallets[i].get_account().get_public_address_str(cryptonote::TESTNET));
|
||||
}
|
||||
}
|
||||
check_results(intermediate_infos, wallets, M);
|
||||
}
|
||||
|
||||
TEST(multisig, make_1_2)
|
||||
{
|
||||
std::vector<tools::wallet2> wallets(2);
|
||||
make_wallets(wallets, 1);
|
||||
}
|
||||
|
||||
TEST(multisig, make_1_3)
|
||||
{
|
||||
std::vector<tools::wallet2> wallets(3);
|
||||
make_wallets(wallets, 1);
|
||||
}
|
||||
|
||||
TEST(multisig, make_2_2)
|
||||
|
|
@ -165,8 +255,88 @@ TEST(multisig, make_2_4)
|
|||
make_wallets(wallets, 2);
|
||||
}
|
||||
|
||||
TEST(multisig, make_2_5)
|
||||
TEST(multisig, multisig_kex_msg)
|
||||
{
|
||||
std::vector<tools::wallet2> wallets(5);
|
||||
make_wallets(wallets, 2);
|
||||
using namespace multisig;
|
||||
|
||||
crypto::public_key pubkey1;
|
||||
crypto::public_key pubkey2;
|
||||
crypto::public_key pubkey3;
|
||||
crypto::secret_key_to_public_key(rct::rct2sk(rct::skGen()), pubkey1);
|
||||
crypto::secret_key_to_public_key(rct::rct2sk(rct::skGen()), pubkey2);
|
||||
crypto::secret_key_to_public_key(rct::rct2sk(rct::skGen()), pubkey3);
|
||||
|
||||
crypto::secret_key signing_skey = rct::rct2sk(rct::skGen());
|
||||
crypto::public_key signing_pubkey;
|
||||
while(!crypto::secret_key_to_public_key(signing_skey, signing_pubkey))
|
||||
{
|
||||
signing_skey = rct::rct2sk(rct::skGen());
|
||||
}
|
||||
|
||||
crypto::secret_key ancillary_skey = rct::rct2sk(rct::skGen());
|
||||
while (ancillary_skey == crypto::null_skey)
|
||||
ancillary_skey = rct::rct2sk(rct::skGen());
|
||||
|
||||
// misc. edge cases
|
||||
EXPECT_NO_THROW((multisig_kex_msg{}));
|
||||
EXPECT_ANY_THROW((multisig_kex_msg{multisig_kex_msg{}.get_msg()}));
|
||||
EXPECT_ANY_THROW((multisig_kex_msg{"abc"}));
|
||||
EXPECT_ANY_THROW((multisig_kex_msg{0, crypto::null_skey, std::vector<crypto::public_key>{}, crypto::null_skey}));
|
||||
EXPECT_ANY_THROW((multisig_kex_msg{1, crypto::null_skey, std::vector<crypto::public_key>{}, crypto::null_skey}));
|
||||
EXPECT_ANY_THROW((multisig_kex_msg{1, signing_skey, std::vector<crypto::public_key>{}, crypto::null_skey}));
|
||||
EXPECT_ANY_THROW((multisig_kex_msg{1, crypto::null_skey, std::vector<crypto::public_key>{}, ancillary_skey}));
|
||||
|
||||
// test that messages are both constructible and reversible
|
||||
|
||||
// round 1
|
||||
EXPECT_NO_THROW((multisig_kex_msg{
|
||||
multisig_kex_msg{1, signing_skey, std::vector<crypto::public_key>{}, ancillary_skey}.get_msg()
|
||||
}));
|
||||
EXPECT_NO_THROW((multisig_kex_msg{
|
||||
multisig_kex_msg{1, signing_skey, std::vector<crypto::public_key>{pubkey1}, ancillary_skey}.get_msg()
|
||||
}));
|
||||
|
||||
// round 2
|
||||
EXPECT_NO_THROW((multisig_kex_msg{
|
||||
multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1}, ancillary_skey}.get_msg()
|
||||
}));
|
||||
EXPECT_NO_THROW((multisig_kex_msg{
|
||||
multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1}, crypto::null_skey}.get_msg()
|
||||
}));
|
||||
EXPECT_NO_THROW((multisig_kex_msg{
|
||||
multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1, pubkey2}, ancillary_skey}.get_msg()
|
||||
}));
|
||||
EXPECT_NO_THROW((multisig_kex_msg{
|
||||
multisig_kex_msg{2, signing_skey, std::vector<crypto::public_key>{pubkey1, pubkey2, pubkey3}, crypto::null_skey}.get_msg()
|
||||
}));
|
||||
|
||||
// test that keys can be recovered if stored in a message and the message's reverse
|
||||
|
||||
// round 1
|
||||
multisig_kex_msg msg_rnd1{1, signing_skey, std::vector<crypto::public_key>{pubkey1}, ancillary_skey};
|
||||
multisig_kex_msg msg_rnd1_reverse{msg_rnd1.get_msg()};
|
||||
EXPECT_EQ(msg_rnd1.get_round(), 1);
|
||||
EXPECT_EQ(msg_rnd1.get_round(), msg_rnd1_reverse.get_round());
|
||||
EXPECT_EQ(msg_rnd1.get_signing_pubkey(), signing_pubkey);
|
||||
EXPECT_EQ(msg_rnd1.get_signing_pubkey(), msg_rnd1_reverse.get_signing_pubkey());
|
||||
EXPECT_EQ(msg_rnd1.get_msg_pubkeys().size(), 0);
|
||||
EXPECT_EQ(msg_rnd1.get_msg_pubkeys().size(), msg_rnd1_reverse.get_msg_pubkeys().size());
|
||||
EXPECT_EQ(msg_rnd1.get_msg_privkey(), ancillary_skey);
|
||||
EXPECT_EQ(msg_rnd1.get_msg_privkey(), msg_rnd1_reverse.get_msg_privkey());
|
||||
|
||||
// round 2
|
||||
multisig_kex_msg msg_rnd2{2, signing_skey, std::vector<crypto::public_key>{pubkey1, pubkey2}, ancillary_skey};
|
||||
multisig_kex_msg msg_rnd2_reverse{msg_rnd2.get_msg()};
|
||||
EXPECT_EQ(msg_rnd2.get_round(), 2);
|
||||
EXPECT_EQ(msg_rnd2.get_round(), msg_rnd2_reverse.get_round());
|
||||
EXPECT_EQ(msg_rnd2.get_signing_pubkey(), signing_pubkey);
|
||||
EXPECT_EQ(msg_rnd2.get_signing_pubkey(), msg_rnd2_reverse.get_signing_pubkey());
|
||||
ASSERT_EQ(msg_rnd2.get_msg_pubkeys().size(), 2);
|
||||
ASSERT_EQ(msg_rnd2.get_msg_pubkeys().size(), msg_rnd2_reverse.get_msg_pubkeys().size());
|
||||
EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[0], pubkey1);
|
||||
EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[1], pubkey2);
|
||||
EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[0], msg_rnd2_reverse.get_msg_pubkeys()[0]);
|
||||
EXPECT_EQ(msg_rnd2.get_msg_pubkeys()[1], msg_rnd2_reverse.get_msg_pubkeys()[1]);
|
||||
EXPECT_EQ(msg_rnd2.get_msg_privkey(), crypto::null_skey);
|
||||
EXPECT_EQ(msg_rnd2.get_msg_privkey(), msg_rnd2_reverse.get_msg_privkey());
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue