diff --git a/src/carrot_impl/CMakeLists.txt b/src/carrot_impl/CMakeLists.txt index 93dd26203..4c8b92b02 100644 --- a/src/carrot_impl/CMakeLists.txt +++ b/src/carrot_impl/CMakeLists.txt @@ -27,6 +27,7 @@ # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. set(carrot_impl_sources + account.cpp address_device_ram_borrowed.cpp address_utils_compat.cpp format_utils.cpp diff --git a/src/carrot_impl/account.cpp b/src/carrot_impl/account.cpp new file mode 100644 index 000000000..b530b4c57 --- /dev/null +++ b/src/carrot_impl/account.cpp @@ -0,0 +1,318 @@ +// Copyright (c) 2014-2022, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include + +#include "include_base_utils.h" +#include "account.h" +#include "warnings.h" +#include "crypto/crypto.h" +#include "crypto/generators.h" +extern "C" +{ +#include "crypto/keccak.h" +} +#include "cryptonote_config.h" +#include "ringct/rctOps.h" + +#undef MONERO_DEFAULT_LOG_CATEGORY +#define MONERO_DEFAULT_LOG_CATEGORY "carrot_impl_account" + +using namespace std; + +DISABLE_VS_WARNINGS(4244 4345) + +namespace carrot +{ +//---------------------------------------------------------------------------------------------------------------------- +CarrotDestinationV1 carrot_and_legacy_keys::cryptonote_address(const payment_id_t payment_id, + const AddressDeriveType derive_type) const +{ + CarrotDestinationV1 addr; + switch (resolve_derive_type(derive_type)) + { + case AddressDeriveType::Carrot: + make_carrot_integrated_address_v1(carrot_account_spend_pubkey, + legacy_acb.get_keys().m_account_address.m_view_public_key, + payment_id, + addr); + break; + case AddressDeriveType::PreCarrot: + make_carrot_integrated_address_v1(legacy_acb.get_keys().m_account_address.m_spend_public_key, + legacy_acb.get_keys().m_account_address.m_view_public_key, + payment_id, + addr); + break; + default: + throw std::runtime_error("address derive type not recognized"); + } + return addr; +} +//---------------------------------------------------------------------------------------------------------------------- +CarrotDestinationV1 carrot_and_legacy_keys::subaddress(const subaddress_index_extended &subaddress_index) const +{ + if (!subaddress_index.index.is_subaddress()) + return cryptonote_address(null_payment_id, subaddress_index.derive_type); + + const cryptonote::account_keys &lkeys = legacy_acb.get_keys(); + + CarrotDestinationV1 addr; + cryptonote::account_public_address cnaddr; + switch (resolve_derive_type(subaddress_index.derive_type)) + { + case AddressDeriveType::Carrot: + make_carrot_subaddress_v1(carrot_account_spend_pubkey, + carrot_account_view_pubkey, + s_generate_address_dev, + subaddress_index.index.major, + subaddress_index.index.minor, + addr); + break; + case AddressDeriveType::PreCarrot: + cnaddr = + lkeys.m_device->get_subaddress(lkeys, {subaddress_index.index.major, subaddress_index.index.minor}); + addr = CarrotDestinationV1{ + .address_spend_pubkey = cnaddr.m_spend_public_key, + .address_view_pubkey = cnaddr.m_view_public_key, + .is_subaddress = true, + .payment_id = null_payment_id + }; + break; + default: + throw std::runtime_error("address derive type not recognized"); + } + return addr; +} +//---------------------------------------------------------------------------------------------------------------------- +std::unordered_map carrot_and_legacy_keys::subaddress_map_cn() const +{ + std::unordered_map res; + for (const auto &p : subaddress_map) + if (p.second.derive_type == AddressDeriveType::PreCarrot) + res.emplace(p.first, cryptonote::subaddress_index{p.second.index.major, p.second.index.minor}); + CHECK_AND_ASSERT_THROW_MES(!res.empty(), + "carrot_and_legacy_keys::subaddress_map_cn: subaddress map does not contain pre-carrot subaddresses"); + return res; +} +//---------------------------------------------------------------------------------------------------------------------- +void carrot_and_legacy_keys::opening_for_subaddress(const subaddress_index_extended &subaddress_index, + crypto::secret_key &address_privkey_g_out, + crypto::secret_key &address_privkey_t_out, + crypto::public_key &address_spend_pubkey_out) const +{ + const bool is_subaddress = subaddress_index.index.is_subaddress(); + const uint32_t major_index = subaddress_index.index.major; + const uint32_t minor_index = subaddress_index.index.minor; + + const cryptonote::account_keys &lkeys = legacy_acb.get_keys(); + + crypto::secret_key address_index_generator; + crypto::secret_key subaddress_scalar; + crypto::secret_key subaddress_extension; + + switch (resolve_derive_type(subaddress_index.derive_type)) + { + case AddressDeriveType::Carrot: + // s^j_gen = H_32[s_ga](j_major, j_minor) + make_carrot_index_extension_generator(s_generate_address, major_index, minor_index, address_index_generator); + + if (is_subaddress) + { + // k^j_subscal = H_n(K_s, j_major, j_minor, s^j_gen) + make_carrot_subaddress_scalar(carrot_account_spend_pubkey, address_index_generator, major_index, minor_index, subaddress_scalar); + } + else + { + // k^j_subscal = 1 + sc_1(to_bytes(subaddress_scalar)); + } + + // k^g_a = k_gi * k^j_subscal + sc_mul(to_bytes(address_privkey_g_out), to_bytes(k_generate_image), to_bytes(subaddress_scalar)); + + // k^t_a = k_ps * k^j_subscal + sc_mul(to_bytes(address_privkey_t_out), to_bytes(k_prove_spend), to_bytes(subaddress_scalar)); + break; + case AddressDeriveType::PreCarrot: + // m = Hn(k_v || j_major || j_minor) if subaddress else 0 + subaddress_extension = is_subaddress + ? lkeys.get_device().get_subaddress_secret_key(lkeys.m_view_secret_key, {major_index, minor_index}) + : crypto::null_skey; + + // k^g_a = k_s + m + sc_add(to_bytes(address_privkey_g_out), to_bytes(lkeys.m_spend_secret_key), to_bytes(subaddress_extension)); + + // k^t_a = 0 + memset(address_privkey_t_out.data, 0, sizeof(address_privkey_t_out)); + break; + default: + throw std::runtime_error("address derive type not recognized"); + } + + // perform sanity check + const CarrotDestinationV1 addr = subaddress(subaddress_index); + rct::key recomputed_address_spend_pubkey; + rct::addKeys2(recomputed_address_spend_pubkey, + rct::sk2rct(address_privkey_g_out), + rct::sk2rct(address_privkey_t_out), + rct::pk2rct(crypto::get_T())); + CHECK_AND_ASSERT_THROW_MES(rct::rct2pk(recomputed_address_spend_pubkey) == addr.address_spend_pubkey, + "mock carrot or legacy keys: opening for subaddress: failed sanity check"); + address_spend_pubkey_out = addr.address_spend_pubkey; +} +//---------------------------------------------------------------------------------------------------------------------- +bool carrot_and_legacy_keys::try_searching_for_opening_for_subaddress(const crypto::public_key &address_spend_pubkey, + crypto::secret_key &address_privkey_g_out, + crypto::secret_key &address_privkey_t_out) const +{ + const auto it = subaddress_map.find(address_spend_pubkey); + if (it == subaddress_map.cend()) + return false; + + crypto::public_key recomputed_address_spend_pubkey; + opening_for_subaddress(it->second, + address_privkey_g_out, + address_privkey_t_out, + recomputed_address_spend_pubkey); + + return address_spend_pubkey == recomputed_address_spend_pubkey; +} +bool carrot_and_legacy_keys::try_searching_for_opening_for_onetime_address(const crypto::public_key &address_spend_pubkey, + const crypto::secret_key &sender_extension_g, + const crypto::secret_key &sender_extension_t, + crypto::secret_key &x_out, + crypto::secret_key &y_out) const +{ + // k^{j,g}_addr, k^{j,t}_addr + crypto::secret_key address_privkey_g; + crypto::secret_key address_privkey_t; + if (!try_searching_for_opening_for_subaddress(address_spend_pubkey, + address_privkey_g, + address_privkey_t)) + return false; + + // x = k^{j,g}_addr + k^g_o + sc_add(to_bytes(x_out), to_bytes(address_privkey_g), to_bytes(sender_extension_g)); + + // y = k^{j,t}_addr + k^t_o + sc_add(to_bytes(y_out), to_bytes(address_privkey_t), to_bytes(sender_extension_t)); + + return true; +} +//---------------------------------------------------------------------------------------------------------------------- +bool carrot_and_legacy_keys::can_open_fcmp_onetime_address(const crypto::public_key &address_spend_pubkey, + const crypto::secret_key &sender_extension_g, + const crypto::secret_key &sender_extension_t, + const crypto::public_key &onetime_address) const +{ + crypto::secret_key x, y; + if (!try_searching_for_opening_for_onetime_address(address_spend_pubkey, + sender_extension_g, + sender_extension_t, + x, + y)) + return false; + + // O' = x G + y T + rct::key recomputed_onetime_address; + rct::addKeys2(recomputed_onetime_address, + rct::sk2rct(x), + rct::sk2rct(y), + rct::pk2rct(crypto::get_T())); + + // O' ?= O + return 0 == memcmp(&recomputed_onetime_address, &onetime_address, sizeof(rct::key)); +} +//---------------------------------------------------------------------------------------------------------------------- +crypto::key_image carrot_and_legacy_keys::derive_key_image(const crypto::public_key &address_spend_pubkey, + const crypto::secret_key &sender_extension_g, + const crypto::secret_key &sender_extension_t, + const crypto::public_key &onetime_address) const +{ + CHECK_AND_ASSERT_THROW_MES(can_open_fcmp_onetime_address( + address_spend_pubkey, + sender_extension_g, + sender_extension_t, + onetime_address), + "mock carrot and legacy keys: derive key image: cannot open onetime address"); + + crypto::secret_key x, y; + try_searching_for_opening_for_onetime_address(address_spend_pubkey, + sender_extension_g, + sender_extension_t, + x, + y); + + crypto::key_image L; + crypto::generate_key_image(onetime_address, x, L); + return L; +} +//---------------------------------------------------------------------------------------------------------------------- +void carrot_and_legacy_keys::generate_subaddress_map() +{ + const std::vector derive_types{AddressDeriveType::Carrot, AddressDeriveType::PreCarrot}; + + for (uint32_t major_index = 0; major_index <= MAX_SUBADDRESS_MAJOR_INDEX; ++major_index) + { + for (uint32_t minor_index = 0; minor_index <= MAX_SUBADDRESS_MINOR_INDEX; ++minor_index) + { + for (const AddressDeriveType derive_type : derive_types) + { + const subaddress_index_extended subaddr_index{{major_index, minor_index}, derive_type}; + const CarrotDestinationV1 addr = subaddress(subaddr_index); + subaddress_map.insert({addr.address_spend_pubkey, subaddr_index}); + } + } + } +} +//---------------------------------------------------------------------------------------------------------------------- +void carrot_and_legacy_keys::generate(const AddressDeriveType default_derive_type) +{ + legacy_acb.generate(); + + crypto::generate_random_bytes_thread_safe(sizeof(crypto::secret_key), to_bytes(s_master)); + make_carrot_provespend_key(s_master, k_prove_spend); + make_carrot_viewbalance_secret(s_master, s_view_balance); + make_carrot_generateimage_key(s_view_balance, k_generate_image); + make_carrot_generateaddress_secret(s_view_balance, s_generate_address); + + make_carrot_spend_pubkey(k_generate_image, k_prove_spend, carrot_account_spend_pubkey); + k_view_incoming_dev.view_key_scalar_mult_ed25519(carrot_account_spend_pubkey, + carrot_account_view_pubkey); + + this->default_derive_type = default_derive_type; + + generate_subaddress_map(); +} +//---------------------------------------------------------------------------------------------------------------------- +AddressDeriveType carrot_and_legacy_keys::resolve_derive_type(const AddressDeriveType derive_type) const +{ + return derive_type == AddressDeriveType::Auto ? default_derive_type : derive_type; +} +} +//------------------------------------------------------------------------------------------------------------------- diff --git a/src/carrot_impl/account.h b/src/carrot_impl/account.h new file mode 100644 index 000000000..68455208a --- /dev/null +++ b/src/carrot_impl/account.h @@ -0,0 +1,117 @@ +// Copyright (c) 2025, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#pragma once + +#include "carrot_core/account_secrets.h" +#include "carrot_core/address_utils.h" +#include "carrot_core/destination.h" +#include "carrot_core/device_ram_borrowed.h" +#include "carrot_core/enote_utils.h" +#include "carrot_impl/subaddress_index.h" +#include "cryptonote_basic/account.h" +#include "cryptonote_basic/subaddress_index.h" + +//---------------------------------------------------------------------------------------------------------------------- +static constexpr std::uint32_t MAX_SUBADDRESS_MAJOR_INDEX = 5; +static constexpr std::uint32_t MAX_SUBADDRESS_MINOR_INDEX = 20; + +namespace carrot +{ + struct carrot_and_legacy_keys + { + cryptonote::account_base legacy_acb; + + crypto::secret_key s_master; + crypto::secret_key k_prove_spend; + crypto::secret_key s_view_balance; + crypto::secret_key k_generate_image; + crypto::secret_key s_generate_address; + + crypto::public_key carrot_account_spend_pubkey; + crypto::public_key carrot_account_view_pubkey; + + view_incoming_key_ram_borrowed_device k_view_incoming_dev; + view_balance_secret_ram_borrowed_device s_view_balance_dev; + generate_address_secret_ram_borrowed_device s_generate_address_dev; + + std::unordered_map subaddress_map; + + AddressDeriveType default_derive_type; + + carrot_and_legacy_keys(): k_view_incoming_dev(legacy_acb.get_keys().m_view_secret_key), + s_view_balance_dev(s_view_balance), + s_generate_address_dev(s_generate_address) + {} + + carrot_and_legacy_keys(const carrot_and_legacy_keys &k) = delete; + carrot_and_legacy_keys(carrot_and_legacy_keys&&) = delete; + + carrot_and_legacy_keys& operator=(const carrot_and_legacy_keys&) = delete; + carrot_and_legacy_keys& operator=(carrot_and_legacy_keys&&) = delete; + + CarrotDestinationV1 cryptonote_address(const payment_id_t payment_id = null_payment_id, + const AddressDeriveType derive_type = AddressDeriveType::Auto) const; + + CarrotDestinationV1 subaddress(const subaddress_index_extended &subaddress_index) const; + + std::unordered_map subaddress_map_cn() const; + + // brief: opening_for_subaddress - return (k^g_a, k^t_a) for j s.t. K^j_s = (k^g_a * G + k^t_a * T) + void opening_for_subaddress(const subaddress_index_extended &subaddress_index, + crypto::secret_key &address_privkey_g_out, + crypto::secret_key &address_privkey_t_out, + crypto::public_key &address_spend_pubkey_out) const; + + bool try_searching_for_opening_for_subaddress(const crypto::public_key &address_spend_pubkey, + crypto::secret_key &address_privkey_g_out, + crypto::secret_key &address_privkey_t_out) const; + + bool try_searching_for_opening_for_onetime_address(const crypto::public_key &address_spend_pubkey, + const crypto::secret_key &sender_extension_g, + const crypto::secret_key &sender_extension_t, + crypto::secret_key &x_out, + crypto::secret_key &y_out) const; + + bool can_open_fcmp_onetime_address(const crypto::public_key &address_spend_pubkey, + const crypto::secret_key &sender_extension_g, + const crypto::secret_key &sender_extension_t, + const crypto::public_key &onetime_address) const; + + crypto::key_image derive_key_image(const crypto::public_key &address_spend_pubkey, + const crypto::secret_key &sender_extension_g, + const crypto::secret_key &sender_extension_t, + const crypto::public_key &onetime_address) const; + + void generate_subaddress_map(); + + void generate(const AddressDeriveType default_derive_type = AddressDeriveType::Carrot); + + AddressDeriveType resolve_derive_type(const AddressDeriveType derive_type) const; + }; +} diff --git a/src/cryptonote_basic/account.cpp b/src/cryptonote_basic/account.cpp index 1c552e34b..6ca717330 100644 --- a/src/cryptonote_basic/account.cpp +++ b/src/cryptonote_basic/account.cpp @@ -128,10 +128,7 @@ DISABLE_VS_WARNINGS(4244 4345) encrypt_viewkey(key); } //----------------------------------------------------------------- - account_base::account_base() : - k_view_incoming_dev(m_keys.m_view_secret_key), - s_view_balance_dev(m_keys.s_view_balance), - s_generate_address_dev(m_keys.s_generate_address) + account_base::account_base() { set_null(); } @@ -285,179 +282,6 @@ DISABLE_VS_WARNINGS(4244 4345) //TODO: change this code into base 58 return get_account_integrated_address_as_str(nettype, m_keys.m_account_address, payment_id); } - //----------------------------------------------------------------- - carrot::AddressDeriveType account_base::resolve_derive_type(const carrot::AddressDeriveType derive_type) const - { - return derive_type == carrot::AddressDeriveType::Auto ? carrot::AddressDeriveType::Carrot : derive_type; - } - //---------------------------------------------------------------------------------------------------------------------- - carrot::CarrotDestinationV1 account_base::cryptonote_address(const carrot::payment_id_t payment_id, - const carrot::AddressDeriveType derive_type) const - { - carrot::CarrotDestinationV1 addr; - switch (resolve_derive_type(derive_type)) - { - case carrot::AddressDeriveType::Carrot: - make_carrot_integrated_address_v1(m_keys.carrot_account_spend_pubkey, - m_keys.m_account_address.m_view_public_key, - payment_id, - addr); - break; - case carrot::AddressDeriveType::PreCarrot: - make_carrot_integrated_address_v1(m_keys.m_account_address.m_spend_public_key, - m_keys.m_account_address.m_view_public_key, - payment_id, - addr); - break; - default: - throw std::runtime_error("address derive type not recognized"); - } - return addr; - } - //------------------------------------------------------------------------------------------------------------------- - carrot::CarrotDestinationV1 account_base::subaddress(const carrot::subaddress_index_extended &subaddress_index) const - { - if (!subaddress_index.index.is_subaddress()) - return cryptonote_address(carrot::null_payment_id, subaddress_index.derive_type); - - const cryptonote::account_keys &lkeys = m_keys; - - carrot::CarrotDestinationV1 addr; - cryptonote::account_public_address cnaddr; - switch (resolve_derive_type(subaddress_index.derive_type)) - { - case carrot::AddressDeriveType::Carrot: - make_carrot_subaddress_v1(m_keys.carrot_account_spend_pubkey, - m_keys.carrot_account_view_pubkey, - s_generate_address_dev, - subaddress_index.index.major, - subaddress_index.index.minor, - addr); - break; - case carrot::AddressDeriveType::PreCarrot: - cnaddr = - lkeys.m_device->get_subaddress(lkeys, {subaddress_index.index.major, subaddress_index.index.minor}); - addr = carrot::CarrotDestinationV1{ - .address_spend_pubkey = cnaddr.m_spend_public_key, - .address_view_pubkey = cnaddr.m_view_public_key, - .is_subaddress = true, - .payment_id = carrot::null_payment_id - }; - break; - default: - throw std::runtime_error("address derive type not recognized"); - } - return addr; - } - //------------------------------------------------------------------------------------------------------------------- - void account_base::opening_for_subaddress( - const carrot::subaddress_index_extended &subaddress_index, - crypto::secret_key &address_privkey_g_out, - crypto::secret_key &address_privkey_t_out, - crypto::public_key &address_spend_pubkey_out) const - { - const bool is_subaddress = subaddress_index.index.is_subaddress(); - const uint32_t major_index = subaddress_index.index.major; - const uint32_t minor_index = subaddress_index.index.minor; - - const cryptonote::account_keys &lkeys = m_keys; - - crypto::secret_key address_index_generator; - crypto::secret_key subaddress_scalar; - crypto::secret_key subaddress_extension; - - switch (resolve_derive_type(subaddress_index.derive_type)) - { - case carrot::AddressDeriveType::Carrot: - // s^j_gen = H_32[s_ga](j_major, j_minor) - carrot::make_carrot_index_extension_generator(lkeys.s_generate_address, major_index, minor_index, address_index_generator); - - if (is_subaddress) - { - // k^j_subscal = H_n(K_s, j_major, j_minor, s^j_gen) - carrot::make_carrot_subaddress_scalar(lkeys.carrot_account_spend_pubkey, address_index_generator, major_index, minor_index, subaddress_scalar); - } - else - { - // k^j_subscal = 1 - sc_1(to_bytes(subaddress_scalar)); - } - - // k^g_a = k_gi * k^j_subscal - sc_mul(to_bytes(address_privkey_g_out), to_bytes(lkeys.k_generate_image), to_bytes(subaddress_scalar)); - - // k^t_a = k_ps * k^j_subscal - sc_mul(to_bytes(address_privkey_t_out), to_bytes(lkeys.k_prove_spend), to_bytes(subaddress_scalar)); - break; - case carrot::AddressDeriveType::PreCarrot: - // m = Hn(k_v || j_major || j_minor) if subaddress else 0 - subaddress_extension = is_subaddress - ? lkeys.get_device().get_subaddress_secret_key(lkeys.m_view_secret_key, {major_index, minor_index}) - : crypto::null_skey; - - // k^g_a = k_s + m - sc_add(to_bytes(address_privkey_g_out), to_bytes(lkeys.m_spend_secret_key), to_bytes(subaddress_extension)); - - // k^t_a = 0 - memset(address_privkey_t_out.data, 0, sizeof(address_privkey_t_out)); - break; - default: - throw std::runtime_error("address derive type not recognized"); - } - - // perform sanity check - const carrot::CarrotDestinationV1 addr = subaddress(subaddress_index); - rct::key recomputed_address_spend_pubkey; - rct::addKeys2(recomputed_address_spend_pubkey, - rct::sk2rct(address_privkey_g_out), - rct::sk2rct(address_privkey_t_out), - rct::pk2rct(crypto::get_T())); - CHECK_AND_ASSERT_THROW_MES(rct::rct2pk(recomputed_address_spend_pubkey) == addr.address_spend_pubkey, - "mock carrot or legacy keys: opening for subaddress: failed sanity check"); - address_spend_pubkey_out = addr.address_spend_pubkey; - } - //------------------------------------------------------------------------------------------------------------------- - bool account_base::try_searching_for_opening_for_subaddress( - const crypto::public_key &address_spend_pubkey, - crypto::secret_key &address_privkey_g_out, - crypto::secret_key &address_privkey_t_out) const - { - const auto it = subaddress_map.find(address_spend_pubkey); - if (it == subaddress_map.cend()) - return false; - - crypto::public_key recomputed_address_spend_pubkey; - opening_for_subaddress(it->second, - address_privkey_g_out, - address_privkey_t_out, - recomputed_address_spend_pubkey); - - return address_spend_pubkey == recomputed_address_spend_pubkey; - } - //------------------------------------------------------------------------------------------------------------------- - bool account_base::try_searching_for_opening_for_onetime_address( - const crypto::public_key &address_spend_pubkey, - const crypto::secret_key &sender_extension_g, - const crypto::secret_key &sender_extension_t, - crypto::secret_key &x_out, - crypto::secret_key &y_out) const - { - // k^{j,g}_addr, k^{j,t}_addr - crypto::secret_key address_privkey_g; - crypto::secret_key address_privkey_t; - if (!try_searching_for_opening_for_subaddress(address_spend_pubkey, - address_privkey_g, - address_privkey_t)) - return false; - - // x = k^{j,g}_addr + k^g_o - sc_add(to_bytes(x_out), to_bytes(address_privkey_g), to_bytes(sender_extension_g)); - - // y = k^{j,t}_addr + k^t_o - sc_add(to_bytes(y_out), to_bytes(address_privkey_t), to_bytes(sender_extension_t)); - - return true; - } } //------------------------------------------------------------------------------------------------------------------- diff --git a/src/cryptonote_basic/account.h b/src/cryptonote_basic/account.h index 467a55365..9b7616af6 100644 --- a/src/cryptonote_basic/account.h +++ b/src/cryptonote_basic/account.h @@ -121,46 +121,6 @@ namespace cryptonote void encrypt_viewkey(const crypto::chacha_key &key) { m_keys.encrypt_viewkey(key); } void decrypt_viewkey(const crypto::chacha_key &key) { m_keys.decrypt_viewkey(key); } - carrot::AddressDeriveType resolve_derive_type(const carrot::AddressDeriveType derive_type) const; - - carrot::CarrotDestinationV1 cryptonote_address(const carrot::payment_id_t payment_id = carrot::null_payment_id, - const carrot::AddressDeriveType derive_type = carrot::AddressDeriveType::Auto) const; - - carrot::CarrotDestinationV1 subaddress(const carrot::subaddress_index_extended &subaddress_index) const; - - std::unordered_map subaddress_map_cn() const; - - // brief: opening_for_subaddress - return (k^g_a, k^t_a) for j s.t. K^j_s = (k^g_a * G + k^t_a * T) - void opening_for_subaddress(const carrot::subaddress_index_extended &subaddress_index, - crypto::secret_key &address_privkey_g_out, - crypto::secret_key &address_privkey_t_out, - crypto::public_key &address_spend_pubkey_out) const; - - bool try_searching_for_opening_for_subaddress(const crypto::public_key &address_spend_pubkey, - crypto::secret_key &address_privkey_g_out, - crypto::secret_key &address_privkey_t_out) const; - - bool try_searching_for_opening_for_onetime_address(const crypto::public_key &address_spend_pubkey, - const crypto::secret_key &sender_extension_g, - const crypto::secret_key &sender_extension_t, - crypto::secret_key &x_out, - crypto::secret_key &y_out) const; - /* - bool can_open_fcmp_onetime_address(const crypto::public_key &address_spend_pubkey, - const crypto::secret_key &sender_extension_g, - const crypto::secret_key &sender_extension_t, - const crypto::public_key &onetime_address) const; - - crypto::key_image derive_key_image(const crypto::public_key &address_spend_pubkey, - const crypto::secret_key &sender_extension_g, - const crypto::secret_key &sender_extension_t, - const crypto::public_key &onetime_address) const; - - void generate_subaddress_map(); - - void generate(const carrot::AddressDeriveType default_derive_type = carrot::AddressDeriveType::Carrot); - */ - template inline void serialize(t_archive &a, const unsigned int /*ver*/) { @@ -177,11 +137,5 @@ namespace cryptonote void set_null(); account_keys m_keys; uint64_t m_creation_timestamp; - - std::unordered_map subaddress_map; - - carrot::view_incoming_key_ram_borrowed_device k_view_incoming_dev; - carrot::view_balance_secret_ram_borrowed_device s_view_balance_dev; - carrot::generate_address_secret_ram_borrowed_device s_generate_address_dev; }; }