Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
use std_shims::{vec, vec::Vec};
|
|
|
|
|
|
|
|
|
|
use curve25519_dalek::{
|
|
|
|
|
constants::{ED25519_BASEPOINT_POINT, ED25519_BASEPOINT_TABLE},
|
|
|
|
|
Scalar, EdwardsPoint,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
use crate::{
|
|
|
|
|
io::{varint_len, write_varint},
|
|
|
|
|
primitives::Commitment,
|
|
|
|
|
ringct::{
|
|
|
|
|
clsag::Clsag, bulletproofs::Bulletproof, EncryptedAmount, RctType, RctBase, RctPrunable,
|
|
|
|
|
RctProofs,
|
|
|
|
|
},
|
|
|
|
|
transaction::{Input, Output, Timelock, TransactionPrefix, Transaction},
|
|
|
|
|
extra::{ARBITRARY_DATA_MARKER, PaymentId, ExtraField, Extra},
|
|
|
|
|
send::{InternalPayment, SignableTransaction, SignableTransactionWithKeyImages},
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
impl SignableTransaction {
|
|
|
|
|
// Output the inputs for this transaction.
|
|
|
|
|
pub(crate) fn inputs(&self, key_images: &[EdwardsPoint]) -> Vec<Input> {
|
|
|
|
|
debug_assert_eq!(self.inputs.len(), key_images.len());
|
|
|
|
|
|
|
|
|
|
let mut res = Vec::with_capacity(self.inputs.len());
|
2024-07-08 00:30:42 -04:00
|
|
|
for (input, key_image) in self.inputs.iter().zip(key_images) {
|
Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
res.push(Input::ToKey {
|
|
|
|
|
amount: None,
|
2024-07-08 00:30:42 -04:00
|
|
|
key_offsets: input.decoys().offsets().to_vec(),
|
Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
key_image: *key_image,
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
res
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Output the outputs for this transaction.
|
|
|
|
|
pub(crate) fn outputs(&self, key_images: &[EdwardsPoint]) -> Vec<Output> {
|
|
|
|
|
let shared_key_derivations = self.shared_key_derivations(key_images);
|
|
|
|
|
debug_assert_eq!(self.payments.len(), shared_key_derivations.len());
|
|
|
|
|
|
|
|
|
|
let mut res = Vec::with_capacity(self.payments.len());
|
|
|
|
|
for (payment, shared_key_derivations) in self.payments.iter().zip(&shared_key_derivations) {
|
|
|
|
|
let key =
|
|
|
|
|
(&shared_key_derivations.shared_key * ED25519_BASEPOINT_TABLE) + payment.address().spend();
|
|
|
|
|
res.push(Output {
|
|
|
|
|
key: key.compress(),
|
|
|
|
|
amount: None,
|
|
|
|
|
view_tag: (match self.rct_type {
|
|
|
|
|
RctType::ClsagBulletproof => false,
|
|
|
|
|
RctType::ClsagBulletproofPlus => true,
|
|
|
|
|
_ => panic!("unsupported RctType"),
|
|
|
|
|
})
|
|
|
|
|
.then_some(shared_key_derivations.view_tag),
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
res
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Calculate the TX extra for this transaction.
|
|
|
|
|
pub(crate) fn extra(&self) -> Vec<u8> {
|
|
|
|
|
let (tx_key, additional_keys) = self.transaction_keys_pub();
|
|
|
|
|
debug_assert!(additional_keys.is_empty() || (additional_keys.len() == self.payments.len()));
|
|
|
|
|
let payment_id_xors = self.payment_id_xors();
|
|
|
|
|
debug_assert_eq!(self.payments.len(), payment_id_xors.len());
|
|
|
|
|
|
|
|
|
|
let amount_of_keys = 1 + additional_keys.len();
|
|
|
|
|
let mut extra = Extra::new(tx_key, additional_keys);
|
|
|
|
|
|
|
|
|
|
if let Some((id, id_xor)) =
|
|
|
|
|
self.payments.iter().zip(&payment_id_xors).find_map(|(payment, payment_id_xor)| {
|
|
|
|
|
payment.address().payment_id().map(|id| (id, payment_id_xor))
|
|
|
|
|
})
|
|
|
|
|
{
|
|
|
|
|
let id = (u64::from_le_bytes(id) ^ u64::from_le_bytes(*id_xor)).to_le_bytes();
|
|
|
|
|
let mut id_vec = Vec::with_capacity(1 + 8);
|
|
|
|
|
PaymentId::Encrypted(id).write(&mut id_vec).unwrap();
|
|
|
|
|
extra.push(ExtraField::Nonce(id_vec));
|
|
|
|
|
} else {
|
|
|
|
|
// If there's no payment ID, we push a dummy (as wallet2 does) if there's only one payment
|
|
|
|
|
if (self.payments.len() == 2) &&
|
2024-07-08 20:00:09 -04:00
|
|
|
self.payments.iter().any(|payment| matches!(payment, InternalPayment::Change(_)))
|
Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
{
|
|
|
|
|
let (_, payment_id_xor) = self
|
|
|
|
|
.payments
|
|
|
|
|
.iter()
|
|
|
|
|
.zip(&payment_id_xors)
|
|
|
|
|
.find(|(payment, _)| matches!(payment, InternalPayment::Payment(_, _)))
|
|
|
|
|
.expect("multiple change outputs?");
|
|
|
|
|
let mut id_vec = Vec::with_capacity(1 + 8);
|
|
|
|
|
// The dummy payment ID is [0; 8], which when xor'd with the mask, is just the mask
|
|
|
|
|
PaymentId::Encrypted(*payment_id_xor).write(&mut id_vec).unwrap();
|
|
|
|
|
extra.push(ExtraField::Nonce(id_vec));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Include data if present
|
|
|
|
|
for part in &self.data {
|
|
|
|
|
let mut arb = vec![ARBITRARY_DATA_MARKER];
|
|
|
|
|
arb.extend(part);
|
|
|
|
|
extra.push(ExtraField::Nonce(arb));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let mut serialized = Vec::with_capacity(32 * amount_of_keys);
|
|
|
|
|
extra.write(&mut serialized).unwrap();
|
|
|
|
|
serialized
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub(crate) fn weight_and_necessary_fee(&self) -> (usize, u64) {
|
|
|
|
|
/*
|
|
|
|
|
This transaction is variable length to:
|
|
|
|
|
- The decoy offsets (fixed)
|
|
|
|
|
- The TX extra (variable to key images, requiring an interactive protocol)
|
|
|
|
|
|
|
|
|
|
Thankfully, the TX extra *length* is fixed. Accordingly, we can calculate the inevitable TX's
|
|
|
|
|
weight at this time with a shimmed transaction.
|
|
|
|
|
*/
|
|
|
|
|
let base_weight = {
|
|
|
|
|
let mut key_images = Vec::with_capacity(self.inputs.len());
|
|
|
|
|
let mut clsags = Vec::with_capacity(self.inputs.len());
|
|
|
|
|
let mut pseudo_outs = Vec::with_capacity(self.inputs.len());
|
|
|
|
|
for _ in &self.inputs {
|
|
|
|
|
key_images.push(ED25519_BASEPOINT_POINT);
|
|
|
|
|
clsags.push(Clsag {
|
|
|
|
|
D: ED25519_BASEPOINT_POINT,
|
|
|
|
|
s: vec![
|
|
|
|
|
Scalar::ZERO;
|
|
|
|
|
match self.rct_type {
|
|
|
|
|
RctType::ClsagBulletproof => 11,
|
|
|
|
|
RctType::ClsagBulletproofPlus => 16,
|
|
|
|
|
_ => unreachable!("unsupported RCT type"),
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
c1: Scalar::ZERO,
|
|
|
|
|
});
|
|
|
|
|
pseudo_outs.push(ED25519_BASEPOINT_POINT);
|
|
|
|
|
}
|
|
|
|
|
let mut encrypted_amounts = Vec::with_capacity(self.payments.len());
|
|
|
|
|
let mut bp_commitments = Vec::with_capacity(self.payments.len());
|
|
|
|
|
let mut commitments = Vec::with_capacity(self.payments.len());
|
|
|
|
|
for _ in &self.payments {
|
|
|
|
|
encrypted_amounts.push(EncryptedAmount::Compact { amount: [0; 8] });
|
|
|
|
|
bp_commitments.push(Commitment::zero());
|
|
|
|
|
commitments.push(ED25519_BASEPOINT_POINT);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let padded_log2 = {
|
|
|
|
|
let mut log2_find = 0;
|
|
|
|
|
while (1 << log2_find) < self.payments.len() {
|
|
|
|
|
log2_find += 1;
|
|
|
|
|
}
|
|
|
|
|
log2_find
|
|
|
|
|
};
|
|
|
|
|
// This is log2 the padded amount of IPA rows
|
|
|
|
|
// We have 64 rows per commitment, so we need 64 * c IPA rows
|
|
|
|
|
// We rewrite this as 2**6 * c
|
|
|
|
|
// By finding the padded log2 of c, we get 2**6 * 2**p
|
|
|
|
|
// This declares the log2 to be 6 + p
|
|
|
|
|
let lr_len = 6 + padded_log2;
|
|
|
|
|
|
|
|
|
|
let bulletproof = match self.rct_type {
|
|
|
|
|
RctType::ClsagBulletproof => {
|
|
|
|
|
let mut bp = Vec::with_capacity(((9 + (2 * lr_len)) * 32) + 2);
|
|
|
|
|
let push_point = |bp: &mut Vec<u8>| {
|
|
|
|
|
bp.push(1);
|
|
|
|
|
bp.extend([0; 31]);
|
|
|
|
|
};
|
|
|
|
|
let push_scalar = |bp: &mut Vec<u8>| bp.extend([0; 32]);
|
|
|
|
|
for _ in 0 .. 4 {
|
|
|
|
|
push_point(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
for _ in 0 .. 2 {
|
|
|
|
|
push_scalar(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
for _ in 0 .. 2 {
|
|
|
|
|
write_varint(&lr_len, &mut bp).unwrap();
|
|
|
|
|
for _ in 0 .. lr_len {
|
|
|
|
|
push_point(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
for _ in 0 .. 3 {
|
|
|
|
|
push_scalar(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
Bulletproof::read(&mut bp.as_slice()).expect("made an invalid dummy BP")
|
|
|
|
|
}
|
|
|
|
|
RctType::ClsagBulletproofPlus => {
|
|
|
|
|
let mut bp = Vec::with_capacity(((6 + (2 * lr_len)) * 32) + 2);
|
|
|
|
|
let push_point = |bp: &mut Vec<u8>| {
|
|
|
|
|
bp.push(1);
|
|
|
|
|
bp.extend([0; 31]);
|
|
|
|
|
};
|
|
|
|
|
let push_scalar = |bp: &mut Vec<u8>| bp.extend([0; 32]);
|
|
|
|
|
for _ in 0 .. 3 {
|
|
|
|
|
push_point(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
for _ in 0 .. 3 {
|
|
|
|
|
push_scalar(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
for _ in 0 .. 2 {
|
|
|
|
|
write_varint(&lr_len, &mut bp).unwrap();
|
|
|
|
|
for _ in 0 .. lr_len {
|
|
|
|
|
push_point(&mut bp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Bulletproof::read_plus(&mut bp.as_slice()).expect("made an invalid dummy BP+")
|
|
|
|
|
}
|
|
|
|
|
_ => panic!("unsupported RctType"),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// `- 1` to remove the one byte for the 0 fee
|
|
|
|
|
Transaction::V2 {
|
|
|
|
|
prefix: TransactionPrefix {
|
|
|
|
|
additional_timelock: Timelock::None,
|
|
|
|
|
inputs: self.inputs(&key_images),
|
|
|
|
|
outputs: self.outputs(&key_images),
|
|
|
|
|
extra: self.extra(),
|
|
|
|
|
},
|
|
|
|
|
proofs: Some(RctProofs {
|
|
|
|
|
base: RctBase { fee: 0, encrypted_amounts, pseudo_outs: vec![], commitments },
|
|
|
|
|
prunable: RctPrunable::Clsag { bulletproof, clsags, pseudo_outs },
|
|
|
|
|
}),
|
|
|
|
|
}
|
|
|
|
|
.weight() -
|
|
|
|
|
1
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// We now have the base weight, without the fee encoded
|
|
|
|
|
// The fee itself will impact the weight as its encoding is [1, 9] bytes long
|
|
|
|
|
let mut possible_weights = Vec::with_capacity(9);
|
|
|
|
|
for i in 1 ..= 9 {
|
|
|
|
|
possible_weights.push(base_weight + i);
|
|
|
|
|
}
|
|
|
|
|
debug_assert_eq!(possible_weights.len(), 9);
|
|
|
|
|
|
|
|
|
|
// We now calculate the fee which would be used for each weight
|
|
|
|
|
let mut possible_fees = Vec::with_capacity(9);
|
|
|
|
|
for weight in possible_weights {
|
|
|
|
|
possible_fees.push(self.fee_rate.calculate_fee_from_weight(weight));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// We now look for the fee whose length matches the length used to derive it
|
|
|
|
|
let mut weight_and_fee = None;
|
|
|
|
|
for (fee_len, possible_fee) in possible_fees.into_iter().enumerate() {
|
|
|
|
|
let fee_len = 1 + fee_len;
|
|
|
|
|
debug_assert!(1 <= fee_len);
|
|
|
|
|
debug_assert!(fee_len <= 9);
|
|
|
|
|
|
|
|
|
|
// We use the first fee whose encoded length is not larger than the length used within this
|
|
|
|
|
// weight
|
|
|
|
|
// This should be because the lengths are equal, yet means if somehow none are equal, this
|
|
|
|
|
// will still terminate successfully
|
|
|
|
|
if varint_len(possible_fee) <= fee_len {
|
|
|
|
|
weight_and_fee = Some((base_weight + fee_len, possible_fee));
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
weight_and_fee.unwrap()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl SignableTransactionWithKeyImages {
|
|
|
|
|
pub(crate) fn transaction_without_signatures(&self) -> Transaction {
|
|
|
|
|
let commitments_and_encrypted_amounts =
|
|
|
|
|
self.intent.commitments_and_encrypted_amounts(&self.key_images);
|
|
|
|
|
let mut commitments = Vec::with_capacity(self.intent.payments.len());
|
|
|
|
|
let mut bp_commitments = Vec::with_capacity(self.intent.payments.len());
|
|
|
|
|
let mut encrypted_amounts = Vec::with_capacity(self.intent.payments.len());
|
|
|
|
|
for (commitment, encrypted_amount) in commitments_and_encrypted_amounts {
|
|
|
|
|
commitments.push(commitment.calculate());
|
|
|
|
|
bp_commitments.push(commitment);
|
|
|
|
|
encrypted_amounts.push(encrypted_amount);
|
|
|
|
|
}
|
|
|
|
|
let bulletproof = {
|
|
|
|
|
let mut bp_rng = self.intent.seeded_rng(b"bulletproof");
|
|
|
|
|
(match self.intent.rct_type {
|
|
|
|
|
RctType::ClsagBulletproof => Bulletproof::prove(&mut bp_rng, &bp_commitments),
|
|
|
|
|
RctType::ClsagBulletproofPlus => Bulletproof::prove_plus(&mut bp_rng, bp_commitments),
|
|
|
|
|
_ => panic!("unsupported RctType"),
|
|
|
|
|
})
|
|
|
|
|
.expect("couldn't prove BP(+)s for this many payments despite checking in constructor?")
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Transaction::V2 {
|
|
|
|
|
prefix: TransactionPrefix {
|
|
|
|
|
additional_timelock: Timelock::None,
|
|
|
|
|
inputs: self.intent.inputs(&self.key_images),
|
|
|
|
|
outputs: self.intent.outputs(&self.key_images),
|
|
|
|
|
extra: self.intent.extra(),
|
|
|
|
|
},
|
|
|
|
|
proofs: Some(RctProofs {
|
|
|
|
|
base: RctBase {
|
|
|
|
|
fee: if self
|
|
|
|
|
.intent
|
|
|
|
|
.payments
|
|
|
|
|
.iter()
|
2024-07-08 20:00:09 -04:00
|
|
|
.any(|payment| matches!(payment, InternalPayment::Change(_)))
|
Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
{
|
|
|
|
|
// The necessary fee is the fee
|
|
|
|
|
self.intent.weight_and_necessary_fee().1
|
|
|
|
|
} else {
|
|
|
|
|
// If we don't have a change output, the difference is the fee
|
|
|
|
|
let inputs =
|
2024-07-08 00:30:42 -04:00
|
|
|
self.intent.inputs.iter().map(|input| input.commitment().amount).sum::<u64>();
|
Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
let payments = self
|
|
|
|
|
.intent
|
|
|
|
|
.payments
|
|
|
|
|
.iter()
|
|
|
|
|
.filter_map(|payment| match payment {
|
|
|
|
|
InternalPayment::Payment(_, amount) => Some(amount),
|
2024-07-08 20:00:09 -04:00
|
|
|
InternalPayment::Change(_) => None,
|
Clean the Monero lib for auditing (#577)
* Remove unsafe creation of dalek_ff_group::EdwardsPoint in BP+
* Rename Bulletproofs to Bulletproof, since they are a single Bulletproof
Also bifurcates prove with prove_plus, and adds a few documentation items.
* Make CLSAG signing private
Also adds a bit more documentation and does a bit more tidying.
* Remove the distribution cache
It's a notable bandwidth/performance improvement, yet it's not ready. We need a
dedicated Distribution struct which is managed by the wallet and passed in.
While we can do that now, it's not currently worth the effort.
* Tidy Borromean/MLSAG a tad
* Remove experimental feature from monero-serai
* Move amount_decryption into EncryptedAmount::decrypt
* Various RingCT doc comments
* Begin crate smashing
* Further documentation, start shoring up API boundaries of existing crates
* Document and clean clsag
* Add a dedicated send/recv CLSAG mask struct
Abstracts the types used internally.
Also moves the tests from monero-serai to monero-clsag.
* Smash out monero-bulletproofs
Removes usage of dalek-ff-group/multiexp for curve25519-dalek.
Makes compiling in the generators an optional feature.
Adds a structured batch verifier which should be notably more performant.
Documentation and clean up still necessary.
* Correct no-std builds for monero-clsag and monero-bulletproofs
* Tidy and document monero-bulletproofs
I still don't like the impl of the original Bulletproofs...
* Error if missing documentation
* Smash out MLSAG
* Smash out Borromean
* Tidy up monero-serai as a meta crate
* Smash out RPC, wallet
* Document the RPC
* Improve docs a bit
* Move Protocol to monero-wallet
* Incomplete work on using Option to remove panic cases
* Finish documenting monero-serai
* Remove TODO on reading pseudo_outs for AggregateMlsagBorromean
* Only read transactions with one Input::Gen or all Input::ToKey
Also adds a helper to fetch a transaction's prefix.
* Smash out polyseed
* Smash out seed
* Get the repo to compile again
* Smash out Monero addresses
* Document cargo features
Credit to @hinto-janai for adding such sections to their work on documenting
monero-serai in #568.
* Fix deserializing v2 miner transactions
* Rewrite monero-wallet's send code
I have yet to redo the multisig code and the builder. This should be much
cleaner, albeit slower due to redoing work.
This compiles with clippy --all-features. I have to finish the multisig/builder
for --all-targets to work (and start updating the rest of Serai).
* Add SignableTransaction Read/Write
* Restore Monero multisig TX code
* Correct invalid RPC type def in monero-rpc
* Update monero-wallet tests to compile
Some are _consistently_ failing due to the inputs we attempt to spend being too
young. I'm unsure what's up with that. Most seem to pass _consistently_,
implying it's not a random issue yet some configuration/env aspect.
* Clean and document monero-address
* Sync rest of repo with monero-serai changes
* Represent height/block number as a u32
* Diversify ViewPair/Scanner into ViewPair/GuaranteedViewPair and Scanner/GuaranteedScanner
Also cleans the Scanner impl.
* Remove non-small-order view key bound
Guaranteed addresses are in fact guaranteed even with this due to prefixing key
images causing zeroing the ECDH to not zero the shared key.
* Finish documenting monero-serai
* Correct imports for no-std
* Remove possible panic in monero-serai on systems < 32 bits
This was done by requiring the system's usize can represent a certain number.
* Restore the reserialize chain binary
* fmt, machete, GH CI
* Correct misc TODOs in monero-serai
* Have Monero test runner evaluate an Eventuality for all signed TXs
* Fix a pair of bugs in the decoy tests
Unfortunately, this test is still failing.
* Fix remaining bugs in monero-wallet tests
* Reject torsioned spend keys to ensure we can spend the outputs we scan
* Tidy inlined epee code in the RPC
* Correct the accidental swap of stagenet/testnet address bytes
* Remove unused dep from processor
* Handle Monero fee logic properly in the processor
* Document v2 TX/RCT output relation assumed when scanning
* Adjust how we mine the initial blocks due to some CI test failures
* Fix weight estimation for RctType::ClsagBulletproof TXs
* Again increase the amount of blocks we mine prior to running tests
* Correct the if check about when to mine blocks on start
Finally fixes the lack of decoy candidates failures in CI.
* Run Monero on Debian, even for internal testnets
Change made due to a segfault incurred when locally testing.
https://github.com/monero-project/monero/issues/9141 for the upstream.
* Don't attempt running tests on the verify-chain binary
Adds a minimum XMR fee to the processor and runs fmt.
* Increase minimum Monero fee in processor
I'm truly unsure why this is required right now.
* Distinguish fee from necessary_fee in monero-wallet
If there's no change, the fee is difference of the inputs to the outputs. The
prior code wouldn't check that amount is greater than or equal to the necessary
fee, and returning the would-be change amount as the fee isn't necessarily
helpful.
Now the fee is validated in such cases and the necessary fee is returned,
enabling operating off of that.
* Restore minimum Monero fee from develop
2024-07-07 03:57:18 -07:00
|
|
|
})
|
|
|
|
|
.sum::<u64>();
|
|
|
|
|
// Safe since the constructor checks inputs >= (payments + fee)
|
|
|
|
|
inputs - payments
|
|
|
|
|
},
|
|
|
|
|
encrypted_amounts,
|
|
|
|
|
pseudo_outs: vec![],
|
|
|
|
|
commitments,
|
|
|
|
|
},
|
|
|
|
|
prunable: RctPrunable::Clsag { bulletproof, clsags: vec![], pseudo_outs: vec![] },
|
|
|
|
|
}),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|