Fixed SAL

index.js

@@ -130,14 +130,14 @@ module.exports.RavenBlockTemplate = function(rpcData, poolAddress) {
     header.writeUInt32BE(rpcData.version, position += 32, 4);           // version        121-153
     header = reverseBuffer(header);
   }
-  
+
   let blob = Buffer.concat([
     header, // 80 bytes
     Buffer.from('AAAAAAAAAAAAAAAA', 'hex'), // 8 bytes
     Buffer.from('BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', 'hex'), // 32 bytes
     varuint.encode(rpcData.transactions.length + 1, Buffer.alloc(varuint.encodingLength(rpcData.transactions.length + 1)), 0)
   ]);
-  const offset1 = blob.length; 
+  const offset1 = blob.length;
   blob = Buffer.concat([ blob, Buffer.from(txCoinbase.toHex(), 'hex') ]);
 
   rpcData.transactions.forEach(function (value) {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cryptoforknote-util",
-  "version": "15.6.2",
+  "version": "15.8.4",
   "author": {
     "name": "LucasJones",
     "email": "lucasjonesdev@hotmail.co.uk"

src/carrot_core/core_types.h

@@ -0,0 +1,104 @@
+// Copyright (c) 2024, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//! @file Supporting types for Carrot (anchor, view tag, etc.).
+
+#pragma once
+
+//standard headers
+#include <cstdint>
+#include <cstddef>
+
+//forward declarations
+
+namespace carrot
+{
+
+constexpr std::size_t JANUS_ANCHOR_BYTES{16};
+
+/// either encodes randomness the private key of, or an HMAC of, the ephemeral pubkey
+struct janus_anchor_t final
+{
+    unsigned char bytes[JANUS_ANCHOR_BYTES];
+};
+
+/// carrot janus anchor XORd with a user-defined secret
+using encrypted_janus_anchor_t = janus_anchor_t;
+
+/// carrot enote types
+enum class CarrotEnoteType : unsigned char
+{
+    PAYMENT = 0,
+    CHANGE = 1
+};
+
+/// carrot encrypted amount
+constexpr std::size_t ENCRYPTED_AMOUNT_BYTES{8};
+struct encrypted_amount_t final
+{
+    unsigned char bytes[ENCRYPTED_AMOUNT_BYTES];
+};
+
+/// legacy payment ID
+constexpr std::size_t PAYMENT_ID_BYTES{8};
+struct payment_id_t final
+{
+    unsigned char bytes[PAYMENT_ID_BYTES];
+};
+static constexpr payment_id_t null_payment_id{{0}};
+
+/// legacy encrypted payment ID
+struct encrypted_payment_id_t final
+{
+    unsigned char bytes[PAYMENT_ID_BYTES];
+};
+
+/// carrot view tags
+constexpr std::size_t VIEW_TAG_BYTES{3};
+struct view_tag_t final
+{
+    unsigned char bytes[VIEW_TAG_BYTES];
+};
+
+static_assert(sizeof(view_tag_t) < 32, "uint8_t cannot index all view tag bits");
+
+/// carrot input context
+constexpr std::size_t INPUT_CONTEXT_BYTES{1 + 32};
+struct input_context_t final
+{
+    unsigned char bytes[INPUT_CONTEXT_BYTES];
+};
+
+// SPARC encrypted return public key
+constexpr std::size_t ENCRYPTED_RETURN_PUBKEY_BYTES{32};
+struct encrypted_return_pubkey_t final
+{
+    unsigned char bytes[ENCRYPTED_RETURN_PUBKEY_BYTES];
+};
+
+} //namespace carrot

src/cryptonote_basic/cryptonote_basic.h

@@ -26,9 +26,11 @@
 #include "tx_extra.h"
 #include "ringct/rctTypes.h"
 #include "cryptonote_protocol/blobdatatype.h"
+#include "cryptonote_protocol/enums.h"
 #include "offshore/pricing_record.h"
 #include "zephyr_oracle/pricing_record.h"
 #include "salvium_oracle/pricing_record.h"
+#include "carrot_core/core_types.h"
 #include "arq_txtypes.h"
 
 
@@ -50,19 +52,6 @@ namespace cryptonote
 
   typedef std::vector<crypto::signature> ring_signature;
 
-  enum salvium_transaction_type
-  {
-    UNSET = 0,
-    MINER = 1,
-    PROTOCOL = 2,
-    TRANSFER = 3,
-    CONVERT = 4,
-    BURN = 5,
-    STAKE = 6,
-    RETURN = 7,
-    MAX = 7
-  };
-
   /* outputs */
 
   struct txout_to_script
@@ -216,6 +205,25 @@ namespace cryptonote
     END_SERIALIZE()
   };
 
+
+  struct txout_to_carrot_v1
+  {
+    crypto::public_key key;                                  // K_o
+    std::string asset_type;
+    carrot::view_tag_t view_tag;                             // vt
+    carrot::encrypted_janus_anchor_t encrypted_janus_anchor; // anchor_enc
+
+    // Encrypted amount a_enc and amount commitment C_a are stored in rct::rctSigBase
+    // This allows for reuse of this output type between coinbase and non-coinbase txs
+
+    BEGIN_SERIALIZE_OBJECT()
+      FIELD(key)
+      FIELD(asset_type)
+      FIELD(view_tag)
+      FIELD(encrypted_janus_anchor)
+    END_SERIALIZE()
+  };
+
   /* inputs */
 
   struct txin_gen
@@ -361,6 +369,7 @@ namespace cryptonote
   typedef boost::variant<txout_to_script, txout_to_scripthash, txout_to_key, txout_to_tagged_key> txout_target_v;
   typedef boost::variant<txout_to_script, txout_to_scripthash, txout_to_key, txout_offshore, txout_xasset, txout_haven_key, txout_haven_tagged_key> txout_xhv_target_v;
   typedef boost::variant<txout_to_script, txout_to_scripthash, txout_salvium_key, txout_salvium_tagged_key> txout_salvium_target_v;
+  typedef boost::variant<txout_to_script, txout_to_scripthash, txout_salvium_key, txout_salvium_tagged_key, txout_to_carrot_v1> txout_carrot_target_v;
 
   typedef boost::variant<txout_to_script, txout_to_scripthash, txout_zephyr_tagged_key> txout_stablero_target_v;
 
@@ -400,7 +409,7 @@ namespace cryptonote
   struct tx_out_salvium
   {
     uint64_t amount;
-    txout_salvium_target_v target;
+    txout_carrot_target_v target;
 
     BEGIN_SERIALIZE_OBJECT()
       VARINT_FIELD(amount)
@@ -408,6 +417,23 @@ namespace cryptonote
     END_SERIALIZE()
   };
 
+  class protocol_tx_data_t {
+  public:
+    uint8_t version;
+    crypto::public_key return_address;
+    crypto::public_key return_pubkey;
+    carrot::view_tag_t return_view_tag;
+    carrot::encrypted_janus_anchor_t return_anchor_enc;
+
+    BEGIN_SERIALIZE_OBJECT()
+      VARINT_FIELD(version)
+      FIELD(return_address)
+      FIELD(return_pubkey)
+      FIELD(return_view_tag)
+      FIELD(return_anchor_enc)
+    END_SERIALIZE()
+  };
+
 
   enum loki_version
   {
@@ -465,6 +491,7 @@ namespace cryptonote
     //uint64_t amount_burnt;
     // Slippage limit
     uint64_t amount_slippage_limit;
+    protocol_tx_data_t protocol_tx_data;
 
 
     //
@@ -734,21 +761,27 @@ namespace cryptonote
       } else if (blob_type == BLOB_TYPE_CRYPTONOTE_SALVIUM) {
 
         VARINT_FIELD(version)
-        //if(version == 0 || CURRENT_TRANSACTION_VERSION < version) return false;
+        if(version == 0 || 4 < version) return false;
         VARINT_FIELD(unlock_time)
         FIELD(vin_salvium)
         FIELD(vout_salvium)
         FIELD(extra)
         VARINT_FIELD(sal_tx_type)
-        if (sal_tx_type != cryptonote::salvium_transaction_type::PROTOCOL) {
+        if (sal_tx_type != cryptonote::salvium_transaction_type::UNSET && sal_tx_type != cryptonote::salvium_transaction_type::PROTOCOL) {
           VARINT_FIELD(amount_burnt)
           if (sal_tx_type != cryptonote::salvium_transaction_type::MINER) {
-            if (type == cryptonote::salvium_transaction_type::TRANSFER && version >= TRANSACTION_VERSION_N_OUTS) {
+            if (sal_tx_type == cryptonote::salvium_transaction_type::TRANSFER && version >= TRANSACTION_VERSION_N_OUTS) {
               FIELD(return_address_list)
               FIELD(return_address_change_mask)
             } else {
-              FIELD(return_address)
+              if (sal_tx_type == cryptonote::salvium_transaction_type::STAKE &&
-              FIELD(return_pubkey)
+                  version >= TRANSACTION_VERSION_CARROT)
+              {
+                FIELD(protocol_tx_data)
+              } else {
+                FIELD(return_address)
+                FIELD(return_pubkey)
+              }
             }
             FIELD(source_asset_type)
             FIELD(destination_asset_type)
@@ -941,6 +974,10 @@ namespace cryptonote
     return_address_list.clear();
     return_address_change_mask.clear();
     return_pubkey = cryptonote::null_pkey;
+    protocol_tx_data.return_address = cryptonote::null_pkey;
+    protocol_tx_data.return_pubkey = cryptonote::null_pkey;
+    protocol_tx_data.return_view_tag = {};
+    protocol_tx_data.return_anchor_enc = {};
     source_asset_type.clear();
     destination_asset_type.clear();
     amount_slippage_limit = 0;
@@ -1209,6 +1246,7 @@ namespace cryptonote
   {
     crypto::public_key m_spend_public_key;
     crypto::public_key m_view_public_key;
+    bool m_is_carrot;
 
     BEGIN_SERIALIZE_OBJECT()
       FIELD(m_spend_public_key)
@@ -1219,6 +1257,18 @@ namespace cryptonote
       KV_SERIALIZE_VAL_POD_AS_BLOB_FORCE(m_spend_public_key)
       KV_SERIALIZE_VAL_POD_AS_BLOB_FORCE(m_view_public_key)
     END_KV_SERIALIZE_MAP()
+
+    bool operator==(const account_public_address& rhs) const
+    {
+      return m_spend_public_key == rhs.m_spend_public_key &&
+             m_view_public_key == rhs.m_view_public_key &&
+             m_is_carrot == rhs.m_is_carrot;
+    }
+
+    bool operator!=(const account_public_address& rhs) const
+    {
+      return !(*this == rhs);
+    }
   };
 
   struct integrated_address {
@@ -1261,6 +1311,7 @@ VARIANT_TAG(binary_archive, cryptonote::txout_zephyr_tagged_key, 0x2);
 VARIANT_TAG(binary_archive, cryptonote::txout_to_tagged_key, 0x3);
 VARIANT_TAG(binary_archive, cryptonote::txout_salvium_tagged_key, 0x3);
 VARIANT_TAG(binary_archive, cryptonote::txout_offshore, 0x3);
+VARIANT_TAG(binary_archive, cryptonote::txout_to_carrot_v1, 0x4);
 VARIANT_TAG(binary_archive, cryptonote::txout_xasset, 0x5);
 VARIANT_TAG(binary_archive, cryptonote::txout_haven_key, 0x6);
 VARIANT_TAG(binary_archive, cryptonote::txout_haven_tagged_key, 0x7);

src/cryptonote_basic/tx_extra.h

@@ -1,21 +1,21 @@
 // Copyright (c) 2014-2018, The Monero Project
-// 
+//
 // All rights reserved.
-// 
+//
 // Redistribution and use in source and binary forms, with or without modification, are
 // permitted provided that the following conditions are met:
-// 
+//
 // 1. Redistributions of source code must retain the above copyright notice, this list of
 //    conditions and the following disclaimer.
-// 
+//
 // 2. Redistributions in binary form must reproduce the above copyright notice, this list
 //    of conditions and the following disclaimer in the documentation and/or other
 //    materials provided with the distribution.
-// 
+//
 // 3. Neither the name of the copyright holder nor the names of its contributors may be
 //    used to endorse or promote products derived from this software without specific
 //    prior written permission.
-// 
+//
 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
 // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
@@ -25,7 +25,7 @@
 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// 
+//
 // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
 
 #pragma once
@@ -221,7 +221,7 @@ namespace cryptonote
       FIELD(data)
     END_SERIALIZE()
   };
-  
+
   struct tx_extra_service_node_winner
   {
     crypto::public_key m_service_node_key;

src/cryptonote_config.h

@@ -10,6 +10,7 @@
 #define HF_VERSION_USE_COLLATERAL       20
 #define HF_VERSION_ENABLE_N_OUTS         2
 #define TRANSACTION_VERSION_N_OUTS       3
+#define TRANSACTION_VERSION_CARROT       4
 
 // UNLOCK TIMES
 #define TX_V6_OFFSHORE_UNLOCK_BLOCKS                    21*720  // 21 day unlock time

src/cryptonote_protocol/enums.h

@@ -0,0 +1,48 @@
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+#ifndef CRYPTONOTE_ENUMS_H
+#define CRYPTONOTE_ENUMS_H
+
+#include <cstdint>
+
+namespace cryptonote
+{
+  enum salvium_transaction_type
+  {
+    UNSET = 0,
+    MINER = 1,
+    PROTOCOL = 2,
+    TRANSFER = 3,
+    CONVERT = 4,
+    BURN = 5,
+    STAKE = 6,
+    RETURN = 7,
+    AUDIT = 8,
+    MAX = 8
+  };
+}
+
+#endif // CRYPTONOTE_ENUMS_H

src/ringct/rctTypes.h

@@ -52,6 +52,8 @@ extern "C" {
 #include "serialization/vector.h"
 #include "serialization/binary_archive.h"
 
+#include "cryptonote_protocol/enums.h"
+
 
 //Define this flag when debugging to get additional info on the console
 #ifdef DBG
@@ -111,6 +113,22 @@ namespace rct {
     typedef std::vector<ctkey> ctkeyV;
     typedef std::vector<ctkeyV> ctkeyM;
 
+    struct carrot_ctkey {
+      key x;
+      key y;
+      key mask; //C here if public
+
+      bool operator==(const carrot_ctkey &other) const {
+        return (x == other.x) && (y == other.y) && (mask == other.mask);
+      }
+
+      bool operator!=(const carrot_ctkey &other) const {
+        return !(*this == other);
+      }
+    };
+    typedef std::vector<carrot_ctkey> carrot_ctkeyV;
+    typedef std::vector<carrot_ctkey> carrot_ctkeyM;
+
     //used for multisig data
     struct multisig_kLRki {
         key k;
@@ -159,12 +177,12 @@ namespace rct {
         key64 s1;
         key ee;
     };
-  
+
     //Container for precomp
     struct geDsmp {
         ge_dsmp k;
     };
-    
+
     //just contains the necessary keys to represent MLSAG sigs
     //c.f. https://eprint.iacr.org/2015/1098
     struct mgSig {
@@ -195,6 +213,24 @@ namespace rct {
         END_SERIALIZE()
     };
 
+    // TCLSAG signature
+    struct tclsag {
+        keyV sx; // x scalars(responses)
+        keyV sy; // y scalars(responses)
+        key c1;
+
+        key I; // signing key image
+        key D; // commitment key image
+
+        BEGIN_SERIALIZE_OBJECT()
+            FIELD(sx)
+            FIELD(sy)
+            FIELD(c1)
+            // FIELD(I) - not serialized, it can be reconstructed
+            FIELD(D)
+        END_SERIALIZE()
+    };
+
     //contains the data for an Borromean sig
     // also contains the "Ci" values such that
     // \sum Ci = C
@@ -305,7 +341,9 @@ namespace rct {
       RCTTypeBulletproof2 = 4,
       RCTTypeCLSAG = 5,
       RCTTypeBulletproofPlus = 6,
-      RCTTypeFullProofs = 7
+      RCTTypeFullProofs = 7,
+      RCTTypeSalviumZero = 8,
+      RCTTypeSalviumOne = 9
     };
     enum RangeProofType { RangeProofBorromean, RangeProofBulletproof, RangeProofMultiOutputBulletproof, RangeProofPaddedBulletproof };
     struct RCTConfig {
@@ -318,6 +356,51 @@ namespace rct {
         VARINT_FIELD(bp_version)
       END_SERIALIZE()
     };
+
+    enum SalviumDataType { SalviumZero=0, SalviumZeroAudit=1, SalviumOne=2 };
+    struct salvium_input_data_t {
+      crypto::key_derivation aR;
+      xmr_amount amount;
+      size_t i;
+      uint8_t origin_tx_type;
+      crypto::key_derivation aR_stake;
+      size_t i_stake;
+
+      BEGIN_SERIALIZE_OBJECT()
+        FIELD(aR)
+        VARINT_FIELD(amount)
+        VARINT_FIELD(i)
+        VARINT_FIELD(origin_tx_type)
+        if (origin_tx_type != cryptonote::salvium_transaction_type::UNSET) {
+          FIELD(aR_stake)
+          FIELD(i_stake)
+        }
+      END_SERIALIZE()
+    };
+    struct salvium_data_t {
+
+      uint8_t salvium_data_type; // flag to indicate what type of data is valid
+      zk_proof pr_proof; // p_r
+      zk_proof sa_proof; // spend authority proof
+      zk_proof cz_proof; // change is zero proof
+      std::vector<salvium_input_data_t> input_verification_data;
+      crypto::public_key spend_pubkey;
+      std::string enc_view_privkey_str;
+
+      BEGIN_SERIALIZE_OBJECT()
+        VARINT_FIELD(salvium_data_type)
+        FIELD(pr_proof)
+        FIELD(sa_proof)
+        if (salvium_data_type == SalviumZeroAudit)
+        {
+          FIELD(cz_proof)
+          FIELD(input_verification_data)
+          FIELD(spend_pubkey)
+          FIELD(enc_view_privkey_str)
+        }
+      END_SERIALIZE()
+    };
+
     struct rctSigBase {
       uint8_t type;
       key message;
@@ -328,20 +411,21 @@ namespace rct {
       ctkeyV outPk;
       xmr_amount txnFee = 0; // contains b
       key p_r;
-      zk_proof pr_proof; // p_r 
+      zk_proof pr_proof; // p_r
       zk_proof sa_proof; // spend authority proof
-      
+      salvium_data_t salvium_data;
+
       rctSigBase() :
         type(RCTTypeNull), message{}, mixRing{}, pseudoOuts{}, ecdhInfo{}, outPk{}, txnFee(0), p_r{}, pr_proof{}, sa_proof{}
       {}
-      
+
       template<bool W, template <bool> class Archive>
       bool serialize_rctsig_base(Archive<W> &ar, size_t inputs, size_t outputs)
       {
         FIELD(type)
         if (type == RCTTypeNull)
           return ar.stream().good();
-        if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus && type != RCTTypeFullProofs)
+        if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus && type != RCTTypeFullProofs && type != RCTTypeSalviumZero && type != RCTTypeSalviumOne)
           return false;
         VARINT_FIELD(txnFee)
         // inputs/outputs not saved, only here for serialization help
@@ -354,7 +438,7 @@ namespace rct {
           return false;
         for (size_t i = 0; i < outputs; ++i)
         {
-            if (type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
+       	    if (type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs || type == RCTTypeSalviumZero || type == RCTTypeSalviumOne)
             {
               // Since RCTTypeBulletproof2 enote types, we don't serialize the blinding factor, and only serialize the
               // first 8 bytes of ecdhInfo[i].amount
@@ -370,10 +454,10 @@ namespace rct {
               FIELDS(ecdhInfo[i])
             }
             if (outputs - i > 1)
-              ar.delimit_array(); 
+              ar.delimit_array();
         }
         ar.end_array();
-        
+
         ar.tag("outPk");
         ar.begin_array();
         PREPARE_CUSTOM_VECTOR_SERIALIZATION(outputs, outPk);
@@ -388,7 +472,11 @@ namespace rct {
         ar.end_array();
 
         FIELD(p_r)
-        if (type == RCTTypeFullProofs)
+        if (type == RCTTypeSalviumZero || type == RCTTypeSalviumOne)
+        {
+          FIELD(salvium_data)
+        }
+        else if (type == RCTTypeFullProofs)
         {
           FIELD(pr_proof)
           FIELD(sa_proof)
@@ -405,7 +493,11 @@ namespace rct {
           FIELD(outPk)
           VARINT_FIELD(txnFee)
           FIELD(p_r)
-          if (type == RCTTypeFullProofs) {
+	  if (type == RCTTypeSalviumZero || type == RCTTypeSalviumOne)
+          {
+            FIELD(salvium_data)
+          }
+          else if (type == RCTTypeFullProofs) {
             FIELD(pr_proof)
             FIELD(sa_proof)
           }
@@ -417,6 +509,7 @@ namespace rct {
         std::vector<BulletproofPlus> bulletproofs_plus;
         std::vector<mgSig> MGs; // simple rct has N, full has 1
         std::vector<clsag> CLSAGs;
+	std::vector<tclsag> TCLSAGs;
         keyV pseudoOuts; //C - for simple rct
 
         // when changing this function, update cryptonote::get_pruned_transaction_weight
@@ -431,9 +524,9 @@ namespace rct {
             return false;
           if (type == RCTTypeNull)
             return ar.stream().good();
-          if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus && type != RCTTypeFullProofs)
+	  if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus && type != RCTTypeFullProofs && type != RCTTypeSalviumZero && type != RCTTypeSalviumOne)
             return false;
-          if (type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
+	  if (type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs || type == RCTTypeSalviumZero || type == RCTTypeSalviumOne)
           {
             uint32_t nbp = bulletproofs_plus.size();
             VARINT_FIELD(nbp)
@@ -490,7 +583,60 @@ namespace rct {
             ar.end_array();
           }
 
-          if (type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
+	  if (type == RCTTypeSalviumOne)
+          {
+            ar.tag("TCLSAGs");
+            ar.begin_array();
+            PREPARE_CUSTOM_VECTOR_SERIALIZATION(inputs, TCLSAGs);
+            if (TCLSAGs.size() != inputs)
+              return false;
+            for (size_t i = 0; i < inputs; ++i)
+            {
+              // we save the TCLSAGs contents directly, because we want it to save its
+              // arrays without the size prefixes, and the load can't know what size
+              // to expect if it's not in the data
+              ar.begin_object();
+              ar.tag("sx");
+              ar.begin_array();
+              PREPARE_CUSTOM_VECTOR_SERIALIZATION(mixin + 1, TCLSAGs[i].sx);
+              if (TCLSAGs[i].sx.size() != mixin + 1)
+                return false;
+              for (size_t j = 0; j <= mixin; ++j)
+              {
+                FIELDS(TCLSAGs[i].sx[j])
+                if (mixin + 1 - j > 1)
+                  ar.delimit_array();
+              }
+              ar.end_array();
+
+              ar.tag("sy");
+              ar.begin_array();
+              PREPARE_CUSTOM_VECTOR_SERIALIZATION(mixin + 1, TCLSAGs[i].sy);
+              if (TCLSAGs[i].sy.size() != mixin + 1)
+                return false;
+              for (size_t j = 0; j <= mixin; ++j)
+              {
+                FIELDS(TCLSAGs[i].sy[j])
+                if (mixin + 1 - j > 1)
+                  ar.delimit_array();
+              }
+              ar.end_array();
+
+              ar.tag("c1");
+              FIELDS(TCLSAGs[i].c1)
+
+              // CLSAGs[i].I not saved, it can be reconstructed
+              ar.tag("D");
+              FIELDS(TCLSAGs[i].D)
+              ar.end_object();
+
+              if (inputs - i > 1)
+                 ar.delimit_array();
+            }
+
+            ar.end_array();
+
+          } else if (type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs || type == RCTTypeSalviumZero)
           {
             ar.tag("CLSAGs");
             ar.begin_array();
@@ -565,7 +711,7 @@ namespace rct {
                     ar.delimit_array();
                 }
                 ar.end_array();
-  
+
                 if (mixin + 1 - j > 1)
                   ar.delimit_array();
               }
@@ -581,7 +727,7 @@ namespace rct {
             }
             ar.end_array();
           }
-          if (type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
+	  if (type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs || type == RCTTypeSalviumZero || type == RCTTypeSalviumOne)
           {
             ar.tag("pseudoOuts");
             ar.begin_array();
@@ -605,6 +751,7 @@ namespace rct {
           FIELD(bulletproofs_plus)
           FIELD(MGs)
           FIELD(CLSAGs)
+	  FIELD(TCLSAGs)
           FIELD(pseudoOuts)
         END_SERIALIZE()
     };
@@ -613,12 +760,12 @@ namespace rct {
 
         keyV& get_pseudo_outs()
         {
-          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs ? p.pseudoOuts : pseudoOuts;
+  	  return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs || type == RCTTypeSalviumZero || type == RCTTypeSalviumOne ? p.pseudoOuts : pseudoOuts;
         }
 
         keyV const& get_pseudo_outs() const
         {
-          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs ? p.pseudoOuts : pseudoOuts;
+          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs || type == RCTTypeSalviumZero || type == RCTTypeSalviumOne ? p.pseudoOuts : pseudoOuts;
         }
 
         BEGIN_SERIALIZE_OBJECT()
@@ -790,5 +937,8 @@ VARIANT_TAG(binary_archive, rct::multisig_out, 0x9e);
 VARIANT_TAG(binary_archive, rct::clsag, 0x9f);
 VARIANT_TAG(binary_archive, rct::BulletproofPlus, 0xa0);
 VARIANT_TAG(binary_archive, rct::zk_proof, 0xa1);
+VARIANT_TAG(binary_archive, rct::salvium_input_data_t, 0xa2);
+VARIANT_TAG(binary_archive, rct::salvium_data_t, 0xa3);
+VARIANT_TAG(binary_archive, rct::tclsag, 0xa4);
 
 #endif  /* RCTTYPES_H */

src/serialization/crypto.h

@@ -10,6 +10,7 @@
 #include "crypto/chacha8.h"
 #include "crypto/crypto.h"
 #include "crypto/hash.h"
+#include "carrot_core/core_types.h"
 
 // read
 template <template <bool> class Archive>
@@ -62,3 +63,5 @@ BLOB_SERIALIZER(crypto::key_derivation);
 BLOB_SERIALIZER(crypto::key_image);
 BLOB_SERIALIZER(crypto::signature);
 BLOB_SERIALIZER(crypto::view_tag);
+BLOB_SERIALIZER(carrot::view_tag_t);
+BLOB_SERIALIZER(carrot::janus_anchor_t);

src/serialization/zephyr_pricing_record.h

@@ -1,21 +1,21 @@
 // Copyright (c) 2019, Haven Protocol
-// 
+//
 // All rights reserved.
-// 
+//
 // Redistribution and use in source and binary forms, with or without modification, are
 // permitted provided that the following conditions are met:
-// 
+//
 // 1. Redistributions of source code must retain the above copyright notice, this list of
 //    conditions and the following disclaimer.
-// 
+//
 // 2. Redistributions in binary form must reproduce the above copyright notice, this list
 //    of conditions and the following disclaimer in the documentation and/or other
 //    materials provided with the distribution.
-// 
+//
 // 3. Neither the name of the copyright holder nor the names of its contributors may be
 //    used to endorse or promote products derived from this software without specific
 //    prior written permission.
-// 
+//
 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
 // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
@@ -25,7 +25,7 @@
 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// 
+//
 // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
 
 #pragma once
@@ -40,6 +40,7 @@
 template <template <bool> class Archive>
 bool do_serialize(Archive<false> &ar, zephyr_oracle::pricing_record &pr, uint8_t version)
 {
+
   if (version >= 6)
   {
     // very basic sanity check

src/zephyr_oracle/asset_types.h

@@ -32,23 +32,37 @@
 namespace zephyr_oracle {
 
   const std::vector<std::string> ASSET_TYPES = {"ZEPH", "ZEPHUSD", "ZEPHRSV", "ZYIELD"};
+  const std::vector<std::string> RESERVE_TYPES = {"ZEPH", "ZEPHUSD", "ZEPHRSV", "ZYIELD", "ZYIELDRSV"};
+
+  const std::vector<std::string> ASSET_TYPES_V2 = {"ZPH", "ZSD", "ZRS", "ZYS"};
+  const std::vector<std::string> RESERVE_TYPES_V2 = {"DJED", "YIELD"};
 
   class asset_type_counts
   {
 
     public:
 
-      // Fields 
+      // Fields
       uint64_t ZEPH;
       uint64_t ZEPHUSD;
       uint64_t ZEPHRSV;
       uint64_t ZYIELD;
 
+      // v2 fields
+      uint64_t ZPH;
+      uint64_t ZSD;
+      uint64_t ZRS;
+      uint64_t ZYS;
+
       asset_type_counts() noexcept
         : ZEPH(0)
         , ZEPHUSD(0)
         , ZEPHRSV(0)
         , ZYIELD(0)
+        , ZPH(0)
+        , ZSD(0)
+        , ZRS(0)
+        , ZYS(0)
       {
       }
 
@@ -62,6 +76,14 @@ namespace zephyr_oracle {
           return ZEPHRSV;
         } else if (asset_type == "ZYIELD") {
           return ZYIELD;
+        } else if (asset_type == "ZPH") {
+          return ZPH;
+        } else if (asset_type == "ZSD") {
+          return ZSD;
+        } else if (asset_type == "ZRS") {
+          return ZRS;
+        } else if (asset_type == "ZYS") {
+          return ZYS;
         }
 
         return 0;
@@ -77,6 +99,14 @@ namespace zephyr_oracle {
           ZEPHRSV += val;
         } else if (asset_type == "ZYIELD") {
           ZYIELD += val;
+        } else if (asset_type == "ZPH") {
+          ZPH += val;
+        } else if (asset_type == "ZSD") {
+          ZSD += val;
+        } else if (asset_type == "ZRS") {
+          ZRS += val;
+        } else if (asset_type == "ZYS") {
+          ZYS += val;
         }
       }
   };

src/zephyr_oracle/pricing_record.cpp

@@ -67,7 +67,7 @@ namespace zephyr_oracle
       END_KV_SERIALIZE_MAP()
     };
   }
-  
+
   pricing_record::pricing_record() noexcept
     : spot(0)
     , moving_average(0)
@@ -152,7 +152,7 @@ namespace zephyr_oracle
     ::memcpy(signature, orig.signature, sizeof(signature));
     return *this;
   }
-  
+
   bool pricing_record::equal(const pricing_record& other) const noexcept
   {
     return ((spot == other.spot) &&
@@ -256,7 +256,7 @@ namespace zephyr_oracle
   }
 
   // overload for pr validation for block
-  bool pricing_record::valid(uint32_t hf_version, uint64_t bl_timestamp, uint64_t last_bl_timestamp) const 
+  bool pricing_record::valid(uint32_t hf_version, uint64_t bl_timestamp, uint64_t last_bl_timestamp) const
   {
     if (hf_version < 3) {
       if (!this->empty())
@@ -298,4 +298,3 @@ namespace zephyr_oracle
     return true;
   }
 }
-

src/zephyr_oracle/pricing_record.h

@@ -91,7 +91,7 @@ namespace zephyr_oracle
 
     public:
 
-      // Fields 
+      // Fields
       uint64_t spot;
       uint64_t moving_average;
       uint64_t stable;
@@ -127,7 +127,7 @@ namespace zephyr_oracle
   {
    return a.equal(b);
   }
-  
+
   inline bool operator!=(const pricing_record& a, const pricing_record& b) noexcept
   {
    return !a.equal(b);
@@ -252,4 +252,4 @@ namespace zephyr_oracle
     };
   };
 
-} // oracle
+} // zephyr_oracle

tests/sal.js

@@ -2,14 +2,14 @@
 let u = require('../build/Release/cryptoforknote');
 
 const b = Buffer.from(
-'0202fdaca8b906b1670506d0dc45b11cbc87f9ceedfd0cbfa56c14da72ccc27c45105391d2340300000000020001ffbabe0501a1ca9fab2a035c20fce0617f61abf3872058e15b90650b2ac812bf344766f56ee54b680f571e0353414c3c863401618163d383093580900f735ea9ad5d3d0029dd94c2f2a35db88ec37dc32e863302110000bcdd9d15420000000000000000000001c8f2e7ca0a00020001ffbabe05002301bb1086494863ac8de0987e09f7193ac85a356f8abf8725202cbf4dea8b2611f20400020000'
+'0a0ad3efb6c706668aaad0289b8bf3bf8cd109d6da4107b48f4242185fa6d50b78575c55e728b400000000043c01ffdcb91401bac68dc22104fd2c8f800bd4c33b96cde12515224a403ea052736d98cf8c5d5a5ff4a66dddc00453414c3151042efafd5871735ab1f3dcb6c380e595b2d0340136a86969f8e7a0c4bd739cd6163b38e3c76f1fb443f7a552e755b305b11c53510211000000000000000000000000000000000001ceb1c3b00800043c01ffdcb91400020200020001c0d11e47cd1d4ef51d152f6f186f76a91623b8ce922687ce8c907a5dfda26237'
 , 'hex');
 const b2 = u.convert_blob(b, 15);
 const h1 = b2.toString('hex');
 
-if (h1 === '0202fdaca8b906b1670506d0dc45b11cbc87f9ceedfd0cbfa56c14da72ccc27c45105391d2340300000000604ec6923c81b6477bb224a9c53158cea5c5aee36100aad59c498d3dab92750402') {
+if (h1 === '0a0ad3efb6c706668aaad0289b8bf3bf8cd109d6da4107b48f4242185fa6d50b78575c55e728b4000000003dc5e186a15e0b48571088e8b3c0a04597ff88a3dc3661cae2f0a2a8a2a81d7403') {
   console.log('PASSED');
 } else {
   console.log('FAILED: ' + h1);
   process.exit(1);
-}
+}