Electroneum
hw::trezor::protocol::ki Namespace Reference

Typedefs

using ElectroneumTransferDetails = messages::electroneum::ElectroneumKeyImageSyncStepRequest_ElectroneumTransferDetails
 
using ElectroneumSubAddressIndicesList = messages::electroneum::ElectroneumKeyImageExportInitRequest_ElectroneumSubAddressIndicesList
 
using ElectroneumExportedKeyImage = messages::electroneum::ElectroneumKeyImageSyncStepAck_ElectroneumExportedKeyImage
 
using exported_key_image = hw::device_cold::exported_key_image
 

Functions

bool key_image_data (wallet_shim *wallet, const std::vector< tools::wallet2::transfer_details > &transfers, std::vector< ElectroneumTransferDetails > &res)
 
std::string compute_hash (const ElectroneumTransferDetails &rr)
 
void generate_commitment (std::vector< ElectroneumTransferDetails > &mtds, const std::vector< tools::wallet2::transfer_details > &transfers, std::shared_ptr< messages::Electroneum::ElectroneumKeyImageExportInitRequest > &req)
 
void live_refresh_ack (const ::crypto::secret_key &view_key_priv, const ::crypto::public_key &out_key, const std::shared_ptr< messages::Electroneum::ElectroneumLiveRefreshStepAck > &ack, ::cryptonote::keypair &in_ephemeral, ::crypto::key_image &ki)
 
void generate_commitment (std::vector< ElectroneumTransferDetails > &mtds, const std::vector< tools::wallet2::transfer_details > &transfers, std::shared_ptr< messages::electroneum::ElectroneumKeyImageExportInitRequest > &req)
 
void live_refresh_ack (const ::crypto::secret_key &view_key_priv, const ::crypto::public_key &out_key, const std::shared_ptr< messages::electroneum::ElectroneumLiveRefreshStepAck > &ack, ::cryptonote::keypair &in_ephemeral, ::crypto::key_image &ki)
 

Typedef Documentation

◆ ElectroneumExportedKeyImage

using hw::trezor::protocol::ki::ElectroneumExportedKeyImage = typedef messages::electroneum::ElectroneumKeyImageSyncStepAck_ElectroneumExportedKeyImage

Definition at line 113 of file protocol.hpp.

◆ ElectroneumSubAddressIndicesList

using hw::trezor::protocol::ki::ElectroneumSubAddressIndicesList = typedef messages::electroneum::ElectroneumKeyImageExportInitRequest_ElectroneumSubAddressIndicesList

Definition at line 112 of file protocol.hpp.

◆ ElectroneumTransferDetails

using hw::trezor::protocol::ki::ElectroneumTransferDetails = typedef messages::electroneum::ElectroneumKeyImageSyncStepRequest_ElectroneumTransferDetails

Definition at line 111 of file protocol.hpp.

◆ exported_key_image

Function Documentation

◆ compute_hash()

std::string hw::trezor::protocol::ki::compute_hash ( const ElectroneumTransferDetails rr)

Computes a hash over ElectroneumTransferDetails. Commitment used in the KI sync.

Definition at line 167 of file protocol.cpp.

167  {
168  KECCAK_CTX kck;
169  uint8_t md[32];
170 
171  CHECK_AND_ASSERT_THROW_MES(rr.out_key().size() == 32, "Invalid out_key size");
172  CHECK_AND_ASSERT_THROW_MES(rr.tx_pub_key().size() == 32, "Invalid tx_pub_key size");
173 
174  keccak_init(&kck);
175  keccak_update(&kck, reinterpret_cast<const uint8_t *>(rr.out_key().data()), 32);
176  keccak_update(&kck, reinterpret_cast<const uint8_t *>(rr.tx_pub_key().data()), 32);
177  for (const auto &aux : rr.additional_tx_pub_keys()){
178  CHECK_AND_ASSERT_THROW_MES(aux.size() == 32, "Invalid aux size");
179  keccak_update(&kck, reinterpret_cast<const uint8_t *>(aux.data()), 32);
180  }
181 
182  auto index_serialized = tools::get_varint_data(rr.internal_output_index());
183  keccak_update(&kck, reinterpret_cast<const uint8_t *>(index_serialized.data()), index_serialized.size());
184  keccak_finish(&kck, md);
185  return std::string(reinterpret_cast<const char*>(md), sizeof(md));
186  }
#define CHECK_AND_ASSERT_THROW_MES(expr, message)
Definition: misc_log_ex.h:173
::std::string string
Definition: gtest-port.h:1097
void keccak_finish(KECCAK_CTX *ctx, uint8_t *md)
unsigned char uint8_t
Definition: stdint.h:124
std::string get_varint_data(const T &v)
Returns the string that represents the varint.
Definition: varint.h:85
void keccak_init(KECCAK_CTX *ctx)
void keccak_update(KECCAK_CTX *ctx, const uint8_t *in, size_t inlen)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ generate_commitment() [1/2]

void hw::trezor::protocol::ki::generate_commitment ( std::vector< ElectroneumTransferDetails > &  mtds,
const std::vector< tools::wallet2::transfer_details > &  transfers,
std::shared_ptr< messages::electroneum::ElectroneumKeyImageExportInitRequest > &  req 
)

Generates KI sync request with commitments computed.

◆ generate_commitment() [2/2]

void hw::trezor::protocol::ki::generate_commitment ( std::vector< ElectroneumTransferDetails > &  mtds,
const std::vector< tools::wallet2::transfer_details > &  transfers,
std::shared_ptr< messages::Electroneum::ElectroneumKeyImageExportInitRequest > &  req 
)

Definition at line 188 of file protocol.cpp.

191  {
192  req = std::make_shared<messages::Electroneum::ElectroneumKeyImageExportInitRequest>();
193 
194  KECCAK_CTX kck;
195  uint8_t final_hash[32];
196  keccak_init(&kck);
197 
198  for(auto &cur : mtds){
199  auto hash = compute_hash(cur);
200  keccak_update(&kck, reinterpret_cast<const uint8_t *>(hash.data()), hash.size());
201  }
202  keccak_finish(&kck, final_hash);
203 
204  req = std::make_shared<messages::Electroneum::ElectroneumKeyImageExportInitRequest>();
205  req->set_hash(std::string(reinterpret_cast<const char*>(final_hash), 32));
206  req->set_num(transfers.size());
207 
208  std::unordered_map<uint32_t, std::set<uint32_t>> sub_indices;
209  for (auto &cur : transfers){
210  auto search = sub_indices.emplace(cur.m_subaddr_index.major, std::set<uint32_t>());
211  auto & st = search.first->second;
212  st.insert(cur.m_subaddr_index.minor);
213  }
214 
215  for (auto& x: sub_indices){
216  auto subs = req->add_subs();
217  subs->set_account(x.first);
218  for(auto minor : x.second){
219  subs->add_minor_indices(minor);
220  }
221  }
222  }
::std::string string
Definition: gtest-port.h:1097
void keccak_finish(KECCAK_CTX *ctx, uint8_t *md)
unsigned char uint8_t
Definition: stdint.h:124
std::string compute_hash(const ElectroneumTransferDetails &rr)
Definition: protocol.cpp:167
void keccak_init(KECCAK_CTX *ctx)
void keccak_update(KECCAK_CTX *ctx, const uint8_t *in, size_t inlen)
POD_CLASS hash
Definition: hash.h:50
Here is the call graph for this function:

◆ key_image_data()

bool hw::trezor::protocol::ki::key_image_data ( wallet_shim wallet,
const std::vector< tools::wallet2::transfer_details > &  transfers,
std::vector< ElectroneumTransferDetails > &  res 
)

Converts transfer details to the ElectroneumTransferDetails required for KI sync

Definition at line 145 of file protocol.cpp.

148  {
149  for(auto & td : transfers){
150  ::crypto::public_key tx_pub_key = wallet->get_tx_pub_key_from_received_outs(td);
151  const std::vector<::crypto::public_key> additional_tx_pub_keys = cryptonote::get_additional_tx_pub_keys_from_extra(td.m_tx);
152 
153  res.emplace_back();
154  auto & cres = res.back();
155 
156  cres.set_out_key(key_to_string(boost::get<cryptonote::txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key));
157  cres.set_tx_pub_key(key_to_string(tx_pub_key));
158  cres.set_internal_output_index(td.m_internal_output_index);
159  for(auto & aux : additional_tx_pub_keys){
160  cres.add_additional_tx_pub_keys(key_to_string(aux));
161  }
162  }
163 
164  return true;
165  }
const char * res
Definition: hmac_keccak.cpp:41
std::string key_to_string(const ::rct::key &key)
Definition: protocol.cpp:92
POD_CLASS public_key
Definition: crypto.h:76
std::vector< crypto::public_key > get_additional_tx_pub_keys_from_extra(const std::vector< uint8_t > &tx_extra)
Here is the call graph for this function:

◆ live_refresh_ack() [1/2]

void hw::trezor::protocol::ki::live_refresh_ack ( const ::crypto::secret_key view_key_priv,
const ::crypto::public_key out_key,
const std::shared_ptr< messages::electroneum::ElectroneumLiveRefreshStepAck > &  ack,
::cryptonote::keypair in_ephemeral,
::crypto::key_image ki 
)

Processes Live refresh step response, parses KI, checks the signature

◆ live_refresh_ack() [2/2]

void hw::trezor::protocol::ki::live_refresh_ack ( const ::crypto::secret_key view_key_priv,
const ::crypto::public_key out_key,
const std::shared_ptr< messages::Electroneum::ElectroneumLiveRefreshStepAck > &  ack,
::cryptonote::keypair in_ephemeral,
::crypto::key_image ki 
)

Definition at line 224 of file protocol.cpp.

229  {
230  std::string str_out_key(out_key.data, sizeof(out_key.data));
231  auto enc_key = protocol::tx::compute_enc_key(view_key_priv, str_out_key, ack->salt());
232 
233  const size_t len_ciphertext = ack->key_image().size(); // IV || keys
235 
236  size_t ki_len = len_ciphertext - crypto::chacha::IV_SIZE - crypto::chacha::TAG_SIZE;
237  std::unique_ptr<uint8_t[]> plaintext(new uint8_t[ki_len]);
238  uint8_t * buff = plaintext.get();
239 
241  ack->key_image().data() + crypto::chacha::IV_SIZE,
242  len_ciphertext - crypto::chacha::IV_SIZE,
243  reinterpret_cast<const uint8_t *>(enc_key.data),
244  reinterpret_cast<const uint8_t *>(ack->key_image().data()),
245  reinterpret_cast<char *>(buff), &ki_len);
246 
247  CHECK_AND_ASSERT_THROW_MES(ki_len == 3*32, "Invalid size");
248  ::crypto::signature sig{};
249  memcpy(ki.data, buff, 32);
250  memcpy(sig.c.data, buff + 32, 32);
251  memcpy(sig.r.data, buff + 64, 32);
252  in_ephemeral.pub = out_key;
253  in_ephemeral.sec = ::crypto::null_skey;
254 
255  // Verification
256  std::vector<const ::crypto::public_key*> pkeys;
257  pkeys.push_back(&out_key);
258 
260  "Key image out of validity domain: key image " << epee::string_tools::pod_to_hex(ki));
261 
263  "Signature failed for key image " << epee::string_tools::pod_to_hex(ki)
264  << ", signature " + epee::string_tools::pod_to_hex(sig)
265  << ", pubkey " + epee::string_tools::pod_to_hex(*pkeys[0]));
266  }
crypto::public_key pub
#define CHECK_AND_ASSERT_THROW_MES(expr, message)
Definition: misc_log_ex.h:173
key curveOrder()
Definition: rctOps.h:76
crypto::secret_key sec
::std::string string
Definition: gtest-port.h:1097
void scalarmultKey(key &aP, const key &P, const key &a)
Definition: rctOps.cpp:368
bool check_ring_signature(const hash &prefix_hash, const key_image &image, const public_key *const *pubs, std::size_t pubs_count, const signature *sig)
Definition: crypto.h:333
unsigned char uint8_t
Definition: stdint.h:124
const crypto::secret_key null_skey
Definition: crypto.cpp:73
std::string pod_to_hex(const t_pod_type &s)
Definition: string_tools.h:317
::crypto::secret_key compute_enc_key(const ::crypto::secret_key &private_view_key, const std::string &aux, const std::string &salt)
Definition: protocol.cpp:351
void decrypt(const void *ciphertext, size_t length, const uint8_t *key, const uint8_t *iv, char *plaintext, size_t *plaintext_len)
Definition: protocol.cpp:120
POD_CLASS signature
Definition: crypto.h:108
key identity()
Definition: rctOps.h:73
void * memcpy(void *a, const void *b, size_t c)
POD_CLASS hash
Definition: hash.h:50
Here is the call graph for this function: