Merge branch 'main' of https://github.com/salvium/salvium

Co-authored-by: srdg <srdg@srdg.io>

.github/workflows/depends.yml

@@ -0,0 +1,127 @@
+name: ci/gh-actions/depends
+
+on:
+  push:
+    paths-ignore:
+      - 'docs/**'
+      - '**/README.md'
+  pull_request:
+    paths-ignore:
+      - 'docs/**'
+      - '**/README.md'
+
+env:
+  APT_SET_CONF: |
+        echo "Acquire::Retries \"3\";"         | sudo tee -a /etc/apt/apt.conf.d/80-custom
+        echo "Acquire::http::Timeout \"120\";" | sudo tee -a /etc/apt/apt.conf.d/80-custom
+        echo "Acquire::ftp::Timeout \"120\";"  | sudo tee -a /etc/apt/apt.conf.d/80-custom
+  CCACHE_SETTINGS: |
+        ccache --max-size=150M
+        ccache --set-config=compression=true
+  USE_DEVICE_TREZOR_MANDATORY: ON
+
+jobs:
+  build-cross:
+    runs-on: ubuntu-20.04
+    env:
+      CCACHE_TEMPDIR: /tmp/.ccache-temp
+    strategy:
+      fail-fast: false
+      matrix:
+        toolchain:
+          - name: "RISCV 64bit"
+            host: "riscv64-linux-gnu"
+            packages: "python3 gperf g++-riscv64-linux-gnu"
+          - name: "ARM v7"
+            host: "arm-linux-gnueabihf"
+            packages: "python3 gperf g++-arm-linux-gnueabihf"
+          - name: "ARM v8"
+            host: "aarch64-linux-gnu"
+            packages: "python3 gperf g++-aarch64-linux-gnu"
+          - name: "i686 Win"
+            host: "i686-w64-mingw32"
+            packages: "python3 g++-mingw-w64-i686"
+          - name: "i686 Linux"
+            host: "i686-pc-linux-gnu"
+            packages: "gperf cmake g++-multilib python3-zmq"
+          - name: "Win64"
+            host: "x86_64-w64-mingw32"
+            packages: "cmake python3 g++-mingw-w64-x86-64"
+          - name: "x86_64 Linux"
+            host: "x86_64-unknown-linux-gnu"
+            packages: "gperf cmake python3-zmq libdbus-1-dev libharfbuzz-dev"
+          - name: "Cross-Mac x86_64"
+            host: "x86_64-apple-darwin"
+            packages: "cmake imagemagick libcap-dev librsvg2-bin libz-dev libbz2-dev libtiff-tools python-dev python3-setuptools-git"
+          - name: "Cross-Mac aarch64"
+            host: "aarch64-apple-darwin"
+            packages: "cmake imagemagick libcap-dev librsvg2-bin libz-dev libbz2-dev libtiff-tools python-dev python3-setuptools-git"
+          - name: "x86_64 Freebsd"
+            host: "x86_64-unknown-freebsd"
+            packages: "clang-8 gperf cmake python3-zmq libdbus-1-dev libharfbuzz-dev"
+              #          - name: "ARMv8 Android"
+              #            host: "aarch64-linux-android"
+              #            packages: "gperf cmake python3"
+    name: ${{ matrix.toolchain.name }}
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        submodules: recursive
+# Most volatile cache
+    - name: ccache
+      uses: actions/cache@v4
+      with:
+        path: ~/.ccache
+        key: ccache-${{ matrix.toolchain.host }}-${{ github.sha }}
+        restore-keys: ccache-${{ matrix.toolchain.host }}-
+# Less volatile cache
+    - name: depends cache
+      uses: actions/cache@v4
+      with:
+        path: contrib/depends/built
+        key: depends-${{ matrix.toolchain.host }}-${{ hashFiles('contrib/depends/packages/*') }}
+        restore-keys: |
+          depends-${{ matrix.toolchain.host }}-${{ hashFiles('contrib/depends/packages/*') }}
+          depends-${{ matrix.toolchain.host }}-
+# Static cache
+    - name: OSX SDK cache
+      uses: actions/cache@v4
+      with:
+        path: contrib/depends/sdk-sources
+        key: sdk-${{ matrix.toolchain.host }}-${{ matrix.toolchain.osx_sdk }}
+        restore-keys: sdk-${{ matrix.toolchain.host }}-${{ matrix.toolchain.osx_sdk }}
+    - name: set apt conf
+      run: ${{env.APT_SET_CONF}}
+    - name: install dependencies
+      run: sudo apt update; sudo apt -y install build-essential libtool libssl-dev cmake autotools-dev automake pkg-config bsdmainutils curl git ca-certificates ccache ${{ matrix.toolchain.packages }}
+    - name: prepare w64-mingw32
+      if: ${{ matrix.toolchain.host == 'x86_64-w64-mingw32' || matrix.toolchain.host == 'i686-w64-mingw32' }}
+      run: |
+        sudo update-alternatives --set ${{ matrix.toolchain.host }}-g++ $(which ${{ matrix.toolchain.host }}-g++-posix)
+        sudo update-alternatives --set ${{ matrix.toolchain.host }}-gcc $(which ${{ matrix.toolchain.host }}-gcc-posix)
+    - name: build
+      run: |
+        ${{env.CCACHE_SETTINGS}}
+        make depends target=${{ matrix.toolchain.host }} -j2
+    - uses: actions/upload-artifact@v4
+      if: ${{ matrix.toolchain.host == 'x86_64-w64-mingw32' || matrix.toolchain.host == 'x86_64-apple-darwin' || matrix.toolchain.host == 'aarch64-apple-darwin' || matrix.toolchain.host == 'x86_64-unknown-linux-gnu' }}
+      with:
+        name: ${{ matrix.toolchain.name }}
+        path: |
+          /home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}/build/${{ matrix.toolchain.host }}/release/bin/salvium-wallet-*
+          /home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}/build/${{ matrix.toolchain.host }}/release/bin/salviumd*
+    - name: zip daemon & cli
+      run: |
+        zip salvium-${GITHUB_REF_NAME}-${{ matrix.toolchain.host }}.zip /home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}/build/${{ matrix.toolchain.host }}/release/bin/salvium-wallet-rpc* /home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}/build/${{ matrix.toolchain.host }}/release/bin/salvium-wallet-cli* /home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}/build/${{ matrix.toolchain.host }}/release/bin/salviumd*
+        ls -l
+    - name: "Deploy"
+      uses: keithweaver/aws-s3-github-action@v1.0.0
+      with:
+        command: cp
+        source: ./salvium-${{ github.ref_name }}-${{ matrix.toolchain.host }}.zip
+        destination: s3://${{ vars.S3_BUCKET }}/salvium-${{ github.ref_name }}-${{ matrix.toolchain.host }}.zip
+        aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws_region: eu-west-1
+        flags: --acl public-read

CMakeLists.txt

@@ -538,7 +538,7 @@ elseif (DEPENDS AND NOT LINUX)
   set(DEFAULT_STACK_TRACE OFF)
   set(LIBUNWIND_LIBRARIES "")
 elseif(CMAKE_C_COMPILER_ID STREQUAL "GNU" AND NOT MINGW)
-  set(DEFAULT_STACK_TRACE ON)
+  set(DEFAULT_STACK_TRACE OFF)
   set(STACK_TRACE_LIB "easylogging++") # for diag output only
   set(LIBUNWIND_LIBRARIES "")
 elseif (ARM)
@@ -547,7 +547,7 @@ elseif (ARM)
 else()
   find_package(Libunwind)
   if(LIBUNWIND_FOUND)
-    set(DEFAULT_STACK_TRACE ON)
+    set(DEFAULT_STACK_TRACE OFF)
     set(STACK_TRACE_LIB "libunwind") # for diag output only
   else()
     set(DEFAULT_STACK_TRACE OFF)

README.md

@@ -1,4 +1,4 @@
-# Salvium Zero v0.4.1
+# Salvium Zero v0.7.0
 
 Copyright (c) 2023-2024, Salvium
 Portions Copyright (c) 2014-2023, The Monero Project
@@ -172,7 +172,7 @@ invokes cmake commands as needed.
 
     ```bash
     cd salvium
-    git checkout release-v0.18
+    git checkout v0.7.0
     make
     ```
 
@@ -251,7 +251,7 @@ Tested on a Raspberry Pi Zero with a clean install of minimal Raspbian Stretch (
     ```bash
     git clone https://github.com/salvium/salvium
     cd salvium
-    git checkout v0.4.1
+    git checkout v0.7.0
     ```
 
 * Build:
@@ -370,10 +370,10 @@ application.
     cd salvium
     ```
 
-* If you would like a specific [version/tag](https://github.com/salvium/salvium/tags), do a git checkout for that version. eg. 'v0.4.1'. If you don't care about the version and just want binaries from master, skip this step:
+* If you would like a specific [version/tag](https://github.com/salvium/salvium/tags), do a git checkout for that version. eg. 'v0.7.0'. If you don't care about the version and just want binaries from master, skip this step:
 
     ```bash
-    git checkout v0.4.1
+    git checkout v0.7.0
     ```
 
 * If you are on a 64-bit system, run:

cmake/CheckTrezor.cmake

@@ -6,10 +6,10 @@ function(_trezor_default_val val_name val_default)
 endfunction()
 
 # Define default options via env vars
-_trezor_default_val(USE_DEVICE_TREZOR ON)
+_trezor_default_val(USE_DEVICE_TREZOR OFF)
 _trezor_default_val(USE_DEVICE_TREZOR_MANDATORY OFF)
-_trezor_default_val(USE_DEVICE_TREZOR_PROTOBUF_TEST ON)
-_trezor_default_val(USE_DEVICE_TREZOR_LIBUSB ON)
+_trezor_default_val(USE_DEVICE_TREZOR_PROTOBUF_TEST OFF)
+_trezor_default_val(USE_DEVICE_TREZOR_LIBUSB OFF)
 _trezor_default_val(USE_DEVICE_TREZOR_UDP_RELEASE OFF)
 _trezor_default_val(USE_DEVICE_TREZOR_DEBUG OFF)
 _trezor_default_val(TREZOR_DEBUG OFF)

make_releases.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Get the git information
+TAG=`git tag -l --points-at HEAD`
+COMMIT=`git rev-parse --short=9 HEAD`
+
+# Build the 64-bit Windows release
+USE_DEVICE_TREZOR=OFF make depends target=x86_64-w64-mingw32 -j12
+pushd ./build/x86_64-w64-mingw32/release/bin > /dev/null
+zip -ur ~/releases/salvium-${TAG}-win64.zip salviumd.exe salvium-wallet-cli.exe salvium-wallet-rpc.exe
+popd > /dev/null
+
+# Build the 64-bit Apple Silicon release
+USE_DEVICE_TREZOR=OFF make depends target=aarch64-apple-darwin -j12
+pushd ./build/aarch64-apple-darwin/release/bin > /dev/null
+zip -ur ~/releases/salvium-${TAG}-macos-arm64.zip salviumd salvium-wallet-cli salvium-wallet-rpc
+popd > /dev/null
+
+# Build the 64-bit MacOS Intel Silicon release
+USE_DEVICE_TREZOR=OFF make depends target=x86_64-apple-darwin -j12
+pushd ./build/x86_64-apple-darwin/release/bin > /dev/null
+zip -ur ~/releases/salvium-${TAG}-macos-x86_64.zip salviumd salvium-wallet-cli salvium-wallet-rpc
+popd > /dev/null
+
+# Build the 64-bit Linux release
+USE_DEVICE_TREZOR=OFF make depends target=x86_64-linux-gnu -j12
+pushd ./build/x86_64-linux-gnu/release/bin > /dev/null
+zip -ur ~/releases/salvium-${TAG}-linux-x86_64.zip salviumd salvium-wallet-cli salvium-wallet-rpc
+popd > /dev/null
+
+# Finish

src/blockchain_db/blockchain_db.cpp

@@ -267,7 +267,7 @@ uint64_t BlockchainDB::add_block( const std::pair<block, blobdata>& blck
                                 , const difficulty_type& cumulative_difficulty
                                 , const uint64_t& coins_generated
                                 , const std::vector<std::pair<transaction, blobdata>>& txs
-                                , const cryptonote::network_type& nettype
+                                , const cryptonote::network_type nettype
                                 , cryptonote::yield_block_info& ybi
                                 )
 {

src/blockchain_db/blockchain_db.h

@@ -430,7 +430,7 @@ private:
                           const crypto::hash& blk_hash,
                           uint64_t slippage_total,
                           uint64_t yield_total,
-                          const cryptonote::network_type& nettype,
+                          const cryptonote::network_type nettype,
                           cryptonote::yield_block_info& ybi
                           ) = 0;
 
@@ -884,7 +884,7 @@ public:
                             , const difficulty_type& cumulative_difficulty
                             , const uint64_t& coins_generated
                             , const std::vector<std::pair<transaction, blobdata>>& txs
-                            , const cryptonote::network_type& nettype
+                            , const cryptonote::network_type nettype
                             , cryptonote::yield_block_info& ybi
                             );
 
@@ -1915,8 +1915,8 @@ public:
    */
   virtual uint64_t get_database_size() const = 0;
 
-  virtual int get_yield_block_info(const uint64_t height, yield_block_info& ybi) = 0;
-  virtual int get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container) = 0;
+  virtual int get_yield_block_info(const uint64_t height, yield_block_info& ybi) const = 0;
+  virtual int get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container) const = 0;
 
   
   /**

src/blockchain_db/lmdb/db_lmdb.cpp

@@ -800,7 +800,7 @@ estim:
   return threshold_size;
 }
 
-int BlockchainLMDB::get_yield_block_info(const uint64_t height, yield_block_info& ybi)
+int BlockchainLMDB::get_yield_block_info(const uint64_t height, yield_block_info& ybi) const
 {
   LOG_PRINT_L3("BlockchainLMDB::" << __func__);
   check_open();
@@ -825,11 +825,13 @@ int BlockchainLMDB::get_yield_block_info(const uint64_t height, yield_block_info
   yield_block_info *p = (yield_block_info*)v.mv_data;
   ybi = *p;
 
+  TXN_POSTFIX_RDONLY();
+
   // Return success to caller
   return ret;
 }
 
-int BlockchainLMDB::get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container)
+int BlockchainLMDB::get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container) const
 {
   LOG_PRINT_L3("BlockchainLMDB::" << __func__);
   check_open();
@@ -858,11 +860,13 @@ int BlockchainLMDB::get_yield_tx_info(const uint64_t height, std::vector<yield_t
     yti_container.emplace_back(*p);
   }
 
+  TXN_POSTFIX_RDONLY();
+
   // Return success to caller
   return 0;
 }
 
-void BlockchainLMDB::add_block(const block& blk, size_t block_weight, uint64_t long_term_block_weight, const difficulty_type& cumulative_difficulty, const uint64_t& coins_generated, uint64_t num_rct_outs, oracle::asset_type_counts& cum_rct_by_asset_type, const crypto::hash& blk_hash, uint64_t slippage_total, uint64_t yield_total, const cryptonote::network_type& nettype, cryptonote::yield_block_info& ybi)
+void BlockchainLMDB::add_block(const block& blk, size_t block_weight, uint64_t long_term_block_weight, const difficulty_type& cumulative_difficulty, const uint64_t& coins_generated, uint64_t num_rct_outs, oracle::asset_type_counts& cum_rct_by_asset_type, const crypto::hash& blk_hash, uint64_t slippage_total, uint64_t yield_total, const cryptonote::network_type nettype, cryptonote::yield_block_info& ybi)
 {
   LOG_PRINT_L3("BlockchainLMDB::" << __func__);
   check_open();
@@ -1257,7 +1261,17 @@ uint64_t BlockchainLMDB::add_transaction_data(const crypto::hash& blk_hash, cons
     yield_tx_info yield_data;
     yield_data.block_height = m_height;
     yield_data.tx_hash = tx_hash;
-    yield_data.return_address = tx.return_address;
+    if (tx.version == TRANSACTION_VERSION_2_OUTS) {
+      if (tx.return_address == crypto::null_pkey)
+        throw0(DB_ERROR("missing return_address entry (needed to create yield data for PROTOCOL_TX)  - v2 STAKE"));
+      yield_data.return_address = tx.return_address;
+    } else if (tx.version >= TRANSACTION_VERSION_N_OUTS) {
+      if (tx.return_address_list.empty())
+        throw0(DB_ERROR("no return_address_list entry (needed to create yield data for the PROTOCOL_TX)"));
+      else if (tx.return_address_list.size() > 1)
+        throw0(DB_ERROR("too many return_address_list entries provided (only one needed to create yield data for the PROTOCOL_TX)"));
+      yield_data.return_address = tx.return_address_list[0];
+    }
     yield_data.locked_coins = tx.amount_burnt;
     if (tx.vin.empty())
       throw0(DB_ERROR("tx.vin is empty (needed to create yield data for the PROTOCOL_TX)"));
@@ -3469,9 +3483,12 @@ std::map<std::string,uint64_t> BlockchainLMDB::get_circulating_supply() const
   uint64_t m_coinbase = get_block_already_generated_coins(m_height-1);
   LOG_PRINT_L3("BlockchainLMDB::" << __func__ << " - mined supply for SAL = " << m_coinbase);
 
-  // SRCG: For V1, we can simply return this number, because there is no other source of coins
-  //circulating_supply["SAL"] = m_coinbase;
-  //return circulating_supply;
+  uint64_t staked_coins = 0;
+  yield_block_info ybi;
+  int result = get_yield_block_info(m_height-1, ybi);
+  if (result)
+    throw0(DB_ERROR(lmdb_error("Failed to get YBI when querying supply: ", result).c_str()));
+  staked_coins = ybi.locked_coins_tally;
   
   check_open();
   
@@ -3480,8 +3497,6 @@ std::map<std::string,uint64_t> BlockchainLMDB::get_circulating_supply() const
 
   MDB_val k;
   MDB_val v;
-  int result = 0;
-
   MDB_cursor_op op = MDB_FIRST;
   while (1)
   {
@@ -3513,7 +3528,11 @@ std::map<std::string,uint64_t> BlockchainLMDB::get_circulating_supply() const
   if (circulating_supply.empty()) {
     circulating_supply["SAL"] = m_coinbase;
   }
-  circulating_supply["BURN"] = m_coinbase - circulating_supply["SAL"];
+
+  // Adjust the supply to account for the staked coins
+  circulating_supply["STAKE"] = staked_coins;
+  
+  circulating_supply["BURN"] = m_coinbase - circulating_supply["SAL"] - circulating_supply["STAKE"];
   return circulating_supply;
 }
 
@@ -4705,7 +4724,7 @@ void BlockchainLMDB::block_rtxn_abort() const
 }
 
 uint64_t BlockchainLMDB::add_block(const std::pair<block, blobdata>& blk, size_t block_weight, uint64_t long_term_block_weight, const difficulty_type& cumulative_difficulty, const uint64_t& coins_generated,
-                                   const std::vector<std::pair<transaction, blobdata>>& txs, const cryptonote::network_type& nettype, cryptonote::yield_block_info& ybi)
+                                   const std::vector<std::pair<transaction, blobdata>>& txs, const cryptonote::network_type nettype, cryptonote::yield_block_info& ybi)
 {
   LOG_PRINT_L3("BlockchainLMDB::" << __func__);
   check_open();

src/blockchain_db/lmdb/db_lmdb.h

@@ -341,7 +341,7 @@ public:
                             , const difficulty_type& cumulative_difficulty
                             , const uint64_t& coins_generated
                             , const std::vector<std::pair<transaction, blobdata>>& txs
-                            , const cryptonote::network_type& nettype
+                            , const cryptonote::network_type nettype
                             , cryptonote::yield_block_info& ybi
                             );
 
@@ -400,7 +400,7 @@ private:
                           const crypto::hash& blk_hash,
                           uint64_t slippage_total,
                           uint64_t yield_total,
-                          const cryptonote::network_type& nettype,
+                          const cryptonote::network_type nettype,
                           cryptonote::yield_block_info& ybi
                           );
 
@@ -459,8 +459,8 @@ private:
   //void migrate_0_1();
   void cleanup_batch();
 
-  virtual int get_yield_block_info(const uint64_t height, yield_block_info& ybi);
-  virtual int get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container);
+  virtual int get_yield_block_info(const uint64_t height, yield_block_info& ybi) const;
+  virtual int get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container) const;
 
 private:
   MDB_env* m_env;

src/blockchain_db/testdb.h

@@ -76,7 +76,7 @@ public:
   virtual uint64_t get_block_height(const crypto::hash& h) const override { return 0; }
   virtual cryptonote::block_header get_block_header(const crypto::hash& h) const override { return cryptonote::block_header(); }
   virtual uint64_t get_block_timestamp(const uint64_t& height) const override { return 0; }
-  virtual std::vector<uint64_t> get_block_cumulative_rct_outputs(const std::vector<uint64_t> &heights) const override { return {}; }
+  virtual std::pair<std::vector<uint64_t>, uint64_t> get_block_cumulative_rct_outputs(const std::vector<uint64_t> &heights, const std::string asset_type) const override { return {}; }
   virtual uint64_t get_top_block_timestamp() const override { return 0; }
   virtual size_t get_block_weight(const uint64_t& height) const override { return 128; }
   virtual std::vector<uint64_t> get_block_weights(uint64_t start_height, size_t count) const override { return {}; }
@@ -92,6 +92,7 @@ public:
   virtual crypto::hash top_block_hash(uint64_t *block_height = NULL) const override { if (block_height) *block_height = 0; return crypto::hash(); }
   virtual cryptonote::block get_top_block() const override { return cryptonote::block(); }
   virtual uint64_t height() const override { return 1; }
+  virtual std::map<std::string, uint64_t> get_circulating_supply() const override { return std::map<std::string, uint64_t>{}; }
   virtual bool tx_exists(const crypto::hash& h) const override { return false; }
   virtual bool tx_exists(const crypto::hash& h, uint64_t& tx_index) const override { return false; }
   virtual uint64_t get_tx_unlock_time(const crypto::hash& h) const override { return 0; }
@@ -101,20 +102,23 @@ public:
   virtual std::vector<cryptonote::transaction> get_tx_list(const std::vector<crypto::hash>& hlist) const override { return std::vector<cryptonote::transaction>(); }
   virtual uint64_t get_tx_block_height(const crypto::hash& h) const override { return 0; }
   virtual uint64_t get_num_outputs(const uint64_t& amount) const override { return 1; }
+  virtual uint64_t get_num_outputs_of_asset_type(const std::string asset_type) const override { return 1; }
   virtual uint64_t get_indexing_base() const override { return 0; }
   virtual cryptonote::output_data_t get_output_key(const uint64_t& amount, const uint64_t& index, bool include_commitmemt) const override { return cryptonote::output_data_t(); }
   virtual cryptonote::tx_out_index get_output_tx_and_index_from_global(const uint64_t& index) const override { return cryptonote::tx_out_index(); }
   virtual cryptonote::tx_out_index get_output_tx_and_index(const uint64_t& amount, const uint64_t& index) const override { return cryptonote::tx_out_index(); }
   virtual void get_output_tx_and_index(const uint64_t& amount, const std::vector<uint64_t> &offsets, std::vector<cryptonote::tx_out_index> &indices) const override {}
   virtual void get_output_key(const epee::span<const uint64_t> &amounts, const std::vector<uint64_t> &offsets, std::vector<cryptonote::output_data_t> &outputs, bool allow_partial = false) const override {}
+  virtual void get_output_id_from_asset_type_output_index(const std::string asset_type, const std::vector<uint64_t> &asset_type_output_indices, std::vector<uint64_t> &output_indices) const override {}
+  virtual uint64_t get_output_id_from_asset_type_output_index(const std::string asset_type, const uint64_t &asset_type_output_index) const override { return 1; }
   virtual bool can_thread_bulk_indices() const override { return false; }
-  virtual std::vector<std::vector<uint64_t>> get_tx_amount_output_indices(const uint64_t tx_index, size_t n_txes) const override { return std::vector<std::vector<uint64_t>>(); }
+  virtual std::vector<std::vector<std::pair<uint64_t, uint64_t>>> get_tx_amount_output_indices(const uint64_t tx_index, size_t n_txes) const override { return std::vector<std::vector<std::pair<uint64_t, uint64_t>>>(); }
   virtual bool has_key_image(const crypto::key_image& img) const override { return false; }
   virtual void remove_block() override { }
-  virtual uint64_t add_transaction_data(const crypto::hash& blk_hash, const std::pair<cryptonote::transaction, cryptonote::blobdata_ref>& tx, const crypto::hash& tx_hash, const crypto::hash& tx_prunable_hash) override {return 0;}
-  virtual void remove_transaction_data(const crypto::hash& tx_hash, const cryptonote::transaction& tx) override {}
-  virtual uint64_t add_output(const crypto::hash& tx_hash, const cryptonote::tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time, const rct::key *commitment) override {return 0;}
-  virtual void add_tx_amount_output_indices(const uint64_t tx_index, const std::vector<uint64_t>& amount_output_indices) override {}
+  virtual uint64_t add_transaction_data(const crypto::hash& blk_hash, const std::pair<cryptonote::transaction, cryptonote::blobdata_ref>& tx, const crypto::hash& tx_hash, const crypto::hash& tx_prunable_hash, const bool miner_tx) override {return 0;}
+  virtual void remove_transaction_data(const crypto::hash& tx_hash, const cryptonote::transaction& tx, const bool miner_tx) override {}
+  virtual std::pair<uint64_t, uint64_t> add_output(const crypto::hash& tx_hash, const cryptonote::tx_out& tx_output, const uint64_t& local_index, const uint64_t unlock_time, const rct::key *commitment) override {return std::make_pair(0,0);}
+  virtual void add_tx_amount_output_indices(const uint64_t tx_index, const std::vector<std::pair<uint64_t, uint64_t>>& amount_output_indices) override {}
   virtual void add_spent_key(const crypto::key_image& k_image) override {}
   virtual void remove_spent_key(const crypto::key_image& k_image) override {}
 
@@ -135,17 +139,26 @@ public:
   virtual bool get_txpool_tx_meta(const crypto::hash& txid, cryptonote::txpool_tx_meta_t &meta) const override { return false; }
   virtual bool get_txpool_tx_blob(const crypto::hash& txid, cryptonote::blobdata &bd, relay_category tx_category) const override { return false; }
   virtual uint64_t get_database_size() const override { return 0; }
+
+  virtual int get_yield_block_info(const uint64_t height, yield_block_info& ybi) const override { return 0; }
+  virtual int get_yield_tx_info(const uint64_t height, std::vector<yield_tx_info>& yti_container) const override { return 0; }
+
   virtual cryptonote::blobdata get_txpool_tx_blob(const crypto::hash& txid, relay_category tx_category) const override { return ""; }
   virtual bool for_all_txpool_txes(std::function<bool(const crypto::hash&, const cryptonote::txpool_tx_meta_t&, const cryptonote::blobdata_ref*)>, bool include_blob = false, relay_category category = relay_category::broadcasted) const override { return false; }
 
-  virtual void add_block( const cryptonote::block& blk
-                        , size_t block_weight
-                        , uint64_t long_term_block_weight
-                        , const cryptonote::difficulty_type& cumulative_difficulty
-                        , const uint64_t& coins_generated
-                        , uint64_t num_rct_outs
-                        , const crypto::hash& blk_hash
-                        ) override { }
+  virtual void add_block( const block& blk,
+                          size_t block_weight,
+                          uint64_t long_term_block_weight,
+                          const difficulty_type& cumulative_difficulty,
+                          const uint64_t& coins_generated,
+                          uint64_t num_rct_outs,
+                          oracle::asset_type_counts& cum_rct_by_asset_type,
+                          const crypto::hash& blk_hash,
+                          uint64_t slippage_total,
+                          uint64_t yield_total,
+                          const cryptonote::network_type nettype,
+                          cryptonote::yield_block_info& ybi
+                          ) override { }
   virtual cryptonote::block get_block_from_height(const uint64_t& height) const override { return cryptonote::block(); }
   virtual void set_hard_fork_version(uint64_t height, uint8_t version) override {}
   virtual uint8_t get_hard_fork_version(uint64_t height) const override { return 0; }

src/blockchain_utilities/CMakeLists.txt

@@ -133,6 +133,16 @@ monero_private_headers(blockchain_stats
 	  ${blockchain_stats_private_headers})
 
 
+set(blockchain_scanner_sources
+  blockchain_scanner.cpp
+  )
+
+set(blockchain_scanner_private_headers)
+
+monero_private_headers(blockchain_scanner
+	  ${blockchain_scanner_private_headers})
+
+
 monero_add_executable(blockchain_import
   ${blockchain_import_sources}
   ${blockchain_import_private_headers})
@@ -281,6 +291,27 @@ set_property(TARGET blockchain_depth
 	OUTPUT_NAME "salvium-blockchain-depth")
 install(TARGETS blockchain_depth DESTINATION bin)
 
+monero_add_executable(blockchain_scanner
+  ${blockchain_scanner_sources}
+  ${blockchain_scanner_private_headers})
+
+target_link_libraries(blockchain_scanner
+  PRIVATE
+    cryptonote_core
+    blockchain_db
+    version
+    epee
+    ${Boost_FILESYSTEM_LIBRARY}
+    ${Boost_SYSTEM_LIBRARY}
+    ${Boost_THREAD_LIBRARY}
+    ${CMAKE_THREAD_LIBS_INIT}
+    ${EXTRA_LIBRARIES})
+
+set_property(TARGET blockchain_scanner
+	PROPERTY
+	OUTPUT_NAME "salvium-blockchain-scanner")
+install(TARGETS blockchain_scanner DESTINATION bin)
+
 monero_add_executable(blockchain_stats
   ${blockchain_stats_sources}
   ${blockchain_stats_private_headers})

src/blockchain_utilities/blockchain_scanner.cpp

@@ -0,0 +1,499 @@
+// Copyright (c) 2014-2019, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include <boost/algorithm/string.hpp>
+#include <boost/filesystem.hpp>
+#include "common/command_line.h"
+#include "common/varint.h"
+#include "cryptonote_basic/cryptonote_boost_serialization.h"
+#include "cryptonote_core/tx_pool.h"
+#include "cryptonote_core/cryptonote_core.h"
+#include "cryptonote_core/cryptonote_tx_utils.h"
+#include "cryptonote_core/blockchain.h"
+#include "blockchain_db/blockchain_db.h"
+#include "oracle/pricing_record.h"
+#include "version.h"
+
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "bcutil"
+
+#define DELIM "|"
+
+namespace po = boost::program_options;
+using namespace epee;
+using namespace cryptonote;
+
+static bool stop_requested = false;
+
+int main(int argc, char* argv[])
+{
+  TRY_ENTRY();
+
+  epee::string_tools::set_module_name_and_folder(argv[0]);
+
+  uint32_t log_level = 0;
+  uint64_t block_start = 0;
+  uint64_t block_stop = 0;
+
+  tools::on_startup();
+
+  boost::filesystem::path output_file_path;
+
+  po::options_description desc_cmd_only("Command line options");
+  po::options_description desc_cmd_sett("Command line options and settings options");
+  const command_line::arg_descriptor<std::string> arg_log_level  = {"log-level",  "0-4 or categories", ""};
+  const command_line::arg_descriptor<uint64_t> arg_block_start  = {"block-start", "start at block number", block_start};
+  const command_line::arg_descriptor<uint64_t> arg_block_stop = {"block-stop", "Stop at block number", block_stop};
+  const command_line::arg_descriptor<std::string> arg_delimiter  = {"delimiter", "\"<string>\"", DELIM};
+
+  command_line::add_arg(desc_cmd_sett, cryptonote::arg_data_dir);
+  command_line::add_arg(desc_cmd_sett, cryptonote::arg_testnet_on);
+  command_line::add_arg(desc_cmd_sett, cryptonote::arg_stagenet_on);
+  command_line::add_arg(desc_cmd_sett, arg_log_level);
+  command_line::add_arg(desc_cmd_sett, arg_block_start);
+  command_line::add_arg(desc_cmd_sett, arg_block_stop);
+  command_line::add_arg(desc_cmd_sett, arg_delimiter);
+  command_line::add_arg(desc_cmd_only, command_line::arg_help);
+
+  po::options_description desc_options("Allowed options");
+  desc_options.add(desc_cmd_only).add(desc_cmd_sett);
+
+  po::variables_map vm;
+  bool r = command_line::handle_error_helper(desc_options, [&]()
+  {
+    auto parser = po::command_line_parser(argc, argv).options(desc_options);
+    po::store(parser.run(), vm);
+    po::notify(vm);
+    return true;
+  });
+  if (! r)
+    return 1;
+
+  if (command_line::get_arg(vm, command_line::arg_help))
+  {
+    std::cout << "Salvium '" << MONERO_RELEASE_NAME << "' (v" << MONERO_VERSION_FULL << ")" << ENDL << ENDL;
+    std::cout << desc_options << std::endl;
+    return 1;
+  }
+
+  mlog_configure(mlog_get_default_log_path("monero-blockchain-stats.log"), true);
+  if (!command_line::is_arg_defaulted(vm, arg_log_level))
+    mlog_set_log(command_line::get_arg(vm, arg_log_level).c_str());
+  else
+    mlog_set_log(std::string(std::to_string(log_level) + ",bcutil:INFO").c_str());
+
+  LOG_PRINT_L0("Starting...");
+
+  std::string opt_data_dir = command_line::get_arg(vm, cryptonote::arg_data_dir);
+  bool opt_testnet = command_line::get_arg(vm, cryptonote::arg_testnet_on);
+  bool opt_stagenet = command_line::get_arg(vm, cryptonote::arg_stagenet_on);
+  network_type net_type = opt_testnet ? TESTNET : opt_stagenet ? STAGENET : MAINNET;
+  block_start = command_line::get_arg(vm, arg_block_start);
+  block_stop = command_line::get_arg(vm, arg_block_stop);
+  std::string delimiter = command_line::get_arg(vm, arg_delimiter);
+
+  // If we wanted to use the memory pool, we would set up a fake_core.
+
+  // Use Blockchain instead of lower-level BlockchainDB for two reasons:
+  // 1. Blockchain has the init() method for easy setup
+  // 2. exporter needs to use get_current_blockchain_height(), get_block_id_by_height(), get_block_by_hash()
+  //
+  // cannot match blockchain_storage setup above with just one line,
+  // e.g.
+  //   Blockchain* core_storage = new Blockchain(NULL);
+  // because unlike blockchain_storage constructor, which takes a pointer to
+  // tx_memory_pool, Blockchain's constructor takes tx_memory_pool object.
+  LOG_PRINT_L0("Initializing source blockchain (BlockchainDB)");
+  std::unique_ptr<BlockchainAndPool> core_storage = std::make_unique<BlockchainAndPool>();
+
+  BlockchainDB* db = new_db();
+  if (db == NULL)
+  {
+    LOG_ERROR("Failed to initialize a database");
+    throw std::runtime_error("Failed to initialize a database");
+  }
+  LOG_PRINT_L0("database: LMDB");
+
+  boost::filesystem::path folder(opt_data_dir);
+  if (opt_stagenet) {
+    folder /= std::to_string(STAGENET_VERSION);
+  } else if (opt_testnet) {
+    folder /= std::to_string(TESTNET_VERSION);
+  }
+  folder /= db->get_db_name();
+  LOG_PRINT_L0("Loading blockchain from folder " << folder << " ...");
+  const std::string filename = folder.string();
+
+  try
+  {
+    db->open(filename, DBF_RDONLY);
+  }
+  catch (const std::exception& e)
+  {
+    LOG_PRINT_L0("Error opening database: " << e.what());
+    return 1;
+  }
+  r = core_storage->blockchain.init(db, opt_testnet ? cryptonote::TESTNET : opt_stagenet ? cryptonote::STAGENET : cryptonote::MAINNET);
+
+  CHECK_AND_ASSERT_MES(r, 1, "Failed to initialize source blockchain storage");
+  LOG_PRINT_L0("Source blockchain storage initialized OK");
+
+  tools::signal_handler::install([](int type) {
+    stop_requested = true;
+  });
+
+  const uint64_t db_height = db->height();
+  if (!block_stop)
+      block_stop = db_height;
+  MINFO("Starting from height " << block_start << ", stopping at height " << block_stop);
+
+/*
+ * The default output can be plotted with GnuPlot using these commands:
+set key autotitle columnhead
+set title "Salvium Blockchain Growth"
+set timefmt "%Y-%m-%d"
+set xdata time
+set xrange ["2014-04-17":*]
+set format x "%Y-%m-%d"
+set yrange [0:*]
+set y2range [0:*]
+set ylabel "Txs/Day"
+set y2label "Bytes"
+set y2tics nomirror
+plot 'stats.csv' index "DATA" using (timecolumn(1,"%Y-%m-%d")):4 with lines, '' using (timecolumn(1,"%Y-%m-%d")):7 axes x1y2 with lines
+ */
+
+  // spit out a comment that GnuPlot can use as an index
+  std::cout << ENDL << "# DATA" << ENDL;
+  std::cout << "Date" << delimiter << "Height" << delimiter << "Transaction ID" << delimiter << "Reason" << delimiter << "Extra Information";
+  std::cout << ENDL;
+
+#define MAX_INOUT	0xffffffff
+#define MAX_RINGS	0xffffffff
+
+  struct tm prevtm = {0}, currtm;
+  uint64_t prevsz = 0, currsz = 0;
+  uint64_t prevtxs = 0, currtxs = 0;
+  uint64_t currblks = 0;
+  uint32_t txhr[24] = {0};
+  unsigned int i;
+
+  for (uint64_t h = block_start; h < block_stop; ++h)
+  {
+    cryptonote::blobdata bd = db->get_block_blob_from_height(h);
+    cryptonote::block blk;
+    if (!cryptonote::parse_and_validate_block_from_blob(bd, blk))
+    {
+      LOG_PRINT_L0("Bad block from db");
+      return 1;
+    }
+    time_t tt = blk.timestamp;
+    char timebuf[64];
+    epee::misc_utils::get_gmt_time(tt, currtm);
+    if (!prevtm.tm_year)
+      prevtm = currtm;
+    // catch change of day
+    if (currtm.tm_mday > prevtm.tm_mday || (currtm.tm_mday == 1 && prevtm.tm_mday > 27))
+    {
+      // check for timestamp fudging around month ends
+      if (prevtm.tm_mday == 1 && currtm.tm_mday > 27)
+        goto skip;
+      strftime(timebuf, sizeof(timebuf), "%Y-%m-%d", &currtm);
+      prevtm = currtm;
+    }
+skip:
+    currsz += bd.size();
+    uint64_t coinbase_amount;
+    uint64_t tx_fee_amount = 0;
+    std::set<std::string> used_assets, miner_tx_assets, protocol_tx_assets;
+    std::map<size_t, std::vector<std::string>> used_tx_versions;
+    used_assets.insert("SAL");
+
+    // Check TX versions
+    if (blk.miner_tx.version != 2) {
+      std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << blk.miner_tx.hash << "" << delimiter << "invalid miner TX version detected" << delimiter << "version:" << blk.miner_tx.version << std::endl;
+    }
+    if (blk.protocol_tx.version != 2) {
+      std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << blk.protocol_tx.hash << "" << delimiter << "invalid protocol TX version detected" << delimiter << "version:" << blk.protocol_tx.version << std::endl;
+    }
+    
+    // Get the miner_tx assets
+    for (const auto& miner_tx_vout : blk.miner_tx.vout) {
+      std::string asset_type;
+      if (!cryptonote::get_output_asset_type(miner_tx_vout, asset_type)) {
+        throw std::runtime_error("Aborting: failed to get output asset type from miner_tx");
+      } else if (asset_type != "SAL") {
+        throw std::runtime_error("Aborting: invalid output asset type from miner_tx");
+      }
+      miner_tx_assets.insert(asset_type);
+    }
+
+    // Get the protocol_tx assets
+    for (const auto& protocol_tx_vout : blk.protocol_tx.vout) {
+      std::string asset_type;
+      if (!cryptonote::get_output_asset_type(protocol_tx_vout, asset_type)) {
+        throw std::runtime_error("Aborting: failed to get output asset type from protocol_tx");
+      } else if (asset_type != "SAL") {
+        throw std::runtime_error("Aborting: invalid output asset type from protocol_tx");
+      }
+      protocol_tx_assets.insert(asset_type);
+    }
+
+    for (const auto& tx_id : blk.tx_hashes)
+    {
+      if (tx_id == crypto::null_hash)
+      {
+        throw std::runtime_error("Aborting: tx == null_hash");
+      }
+      if (!db->get_pruned_tx_blob(tx_id, bd))
+      {
+        throw std::runtime_error("Aborting: tx not found");
+      }
+      transaction tx;
+      if (!parse_and_validate_tx_base_from_blob(bd, tx))
+      {
+        std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "invalid TX detected" << delimiter << std::endl;
+        continue;
+      }
+      currsz += bd.size();
+      if (db->get_prunable_tx_blob(tx_id, bd))
+        currsz += bd.size();
+      currtxs++;
+
+      if (tx.version != 2) {
+        std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "invalid TX version detected" << delimiter << "version:" << tx.version << std::endl;
+      }
+      
+      /*
+      std::string source;
+      std::string dest;
+      offshore::pricing_record pr;
+      if (!cryptonote::get_tx_asset_types(tx, source, dest, false)) {
+        std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "At least 1 input or 1 output of the tx was invalid" << delimiter << "get_tx_asset_types() failed : ";
+        if (source.empty()) {
+          std::cout << "source is empty" << std::endl;
+        }
+        if (dest.empty()) {
+          std::cout << "dest is empty" << std::endl;
+        }
+      }
+      if (!cryptonote::get_tx_type(source, dest, offshore, onshore, offshore_transfer, xusd_to_xasset, xasset_to_xusd, xasset_transfer)) {
+        std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "At least 1 input or 1 output of the tx was invalid" << delimiter << "get_tx_type() failed" << std::endl;
+      }
+      */
+      
+      // Add the source currency to the list of expected ones
+      used_assets.insert(tx.source_asset_type);
+      /*        
+      if ((offshore && !tx.rct_signatures.txnOffshoreFee) ||
+          (onshore && !tx.rct_signatures.txnOffshoreFee_usd) ||
+          (xusd_to_xasset && !tx.rct_signatures.txnOffshoreFee_usd) ||
+          (xasset_to_xusd && !tx.rct_signatures.txnOffshoreFee_xasset)) {
+        std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "Missing conversion fee." << delimiter << "" <<
+          "Source:" << source << ", dest:" << dest <<
+          ", XHV fees:" << tx.rct_signatures.txnFee << "," << tx.rct_signatures.txnOffshoreFee <<
+          ", XUSD fees:" << tx.rct_signatures.txnFee_usd << "," << tx.rct_signatures.txnOffshoreFee_usd <<
+          ", burnt:" << tx.amount_burnt << ", minted:" << tx.amount_minted << std::endl;
+      } else if ((offshore || onshore || xusd_to_xasset || xasset_to_xusd) && (!tx.amount_burnt || !tx.amount_minted)) {
+        std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "Missing burnt/minted value." << std::endl;
+      }
+      */
+      /*
+      // Only run these checks for conversions
+      if (source != dest) {
+
+        // Check PR record is not too old
+        if (h > (tx.pricing_record_height + 10)) {
+          std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "pricing record used by tx was too old" <<
+            delimiter << "tx.pricing_record_height = " << tx.pricing_record_height << std::endl;
+        }
+
+        // Get the PR used by the TX
+        cryptonote::blobdata bd_pr = db->get_block_blob_from_height(tx.pricing_record_height);
+        cryptonote::block blk_pr;
+        if (!cryptonote::parse_and_validate_block_from_blob(bd_pr, blk_pr)) {
+          LOG_PRINT_L0("Bad block from db");
+          return 1;
+        }
+
+        // Get a more convenient handle on the conversion PR
+        pr = blk_pr.pricing_record;
+        
+        // Verify the fees in 128-bit space
+        boost::multiprecision::uint128_t burnt_128 = tx.amount_burnt;
+        boost::multiprecision::uint128_t minted_128 = tx.amount_minted;
+
+        // calculate conversion fees
+        uint32_t fees_version = (h >= 831700) ? 2 : (h >= 653565) ? 2 : 1;
+        uint64_t blocks_to_unlock = tx.unlock_time - h + 1;
+
+        boost::multiprecision::uint128_t fee;
+        if (offshore) {
+          if (fees_version >= 3) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter
+                      << "invalid fee version " << fees_version << "" << delimiter << "..." << std::endl;
+          } else if (fees_version == 2) {
+
+            fee = 
+              (blocks_to_unlock >= 5030) ? (tx.amount_burnt / 500) :
+              (blocks_to_unlock >= 1430) ? (tx.amount_burnt / 20) :
+              (blocks_to_unlock >= 710) ? (tx.amount_burnt / 10) :
+              tx.amount_burnt / 5;
+
+          } else {
+
+            // Calculate the priority based on the unlock time
+            uint64_t priority =
+              (blocks_to_unlock >= 5030) ? 1 :
+              (blocks_to_unlock >= 1430) ? 2 :
+              (blocks_to_unlock >= 710) ? 3 :
+              4;
+            uint64_t unlock_time = 60 * pow(3, 4-priority);
+
+            // abs() implementation for uint64_t's
+            uint64_t delta = (pr.unused1 > pr.xUSD) ? pr.unused1 - pr.xUSD : pr.xUSD - pr.unused1;
+
+            // Estimate the fee
+            double scale = exp((M_PI / -1000.0) * (unlock_time - 60) * 1.2);
+            scale *= delta;
+            scale *= tx.amount_burnt;
+            scale /= 1000000000000;
+            fee = (boost::multiprecision::uint128_t)(scale);
+          }
+
+          if ((h >= 658500) && (fee != tx.rct_signatures.txnOffshoreFee)) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter
+                      << "invalid fee " << tx.rct_signatures.txnOffshoreFee << "" << delimiter << "check:" << fee << std::endl;
+          }
+        
+        } else if (onshore) {
+          
+          if (fees_version >= 3) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter
+                      << "invalid fee version " << fees_version << "" << delimiter << "..." << std::endl;
+          } else if (fees_version == 2) {
+
+            fee = 
+              (blocks_to_unlock >= 5030) ? (tx.amount_burnt / 500) :
+              (blocks_to_unlock >= 1430) ? (tx.amount_burnt / 20) :
+              (blocks_to_unlock >= 710) ? (tx.amount_burnt / 10) :
+              tx.amount_burnt / 5;
+            
+          } else {
+            
+            // Calculate the priority based on the unlock time
+            uint64_t priority =
+              (blocks_to_unlock >= 5030) ? 1 :
+              (blocks_to_unlock >= 1430) ? 2 :
+              (blocks_to_unlock >= 710) ? 3 :
+              4;
+            uint64_t unlock_time = 60 * pow(3, 4-priority);
+
+            // abs() implementation for uint64_t's
+            uint64_t delta = (pr.unused1 > pr.xUSD) ? pr.unused1 - pr.xUSD : pr.xUSD - pr.unused1;
+
+            // Estimate the fee
+            double scale = exp((M_PI / -1000.0) * (unlock_time - 60) * 1.2);
+            scale *= delta;
+            scale *= tx.amount_burnt;
+            scale /= 1000000000000;
+            fee = (boost::multiprecision::uint128_t)(scale);
+          }
+
+          if ((h >= 658500) && (fee != tx.rct_signatures.txnOffshoreFee_usd)) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter
+                      << "invalid offshore fee " << tx.rct_signatures.txnOffshoreFee_usd << "" << delimiter << "check:" << fee << std::endl;
+          }
+
+        } else if (xusd_to_xasset) {
+
+          fee = tx.amount_burnt;
+          fee *= 3;
+          fee /= 1000;
+          
+          if (fee != tx.rct_signatures.txnOffshoreFee_usd) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter
+                      << "invalid xusd_to_xasset fee " << tx.rct_signatures.txnOffshoreFee_usd << "" << delimiter << "check:" << fee << std::endl;
+          }
+
+        } else if (xasset_to_xusd) {
+
+          fee = tx.amount_burnt;
+          fee *= 3;
+          fee /= 1000;
+          
+          if (fee != tx.rct_signatures.txnOffshoreFee_xasset) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter
+                      << "invalid xasset_to_xusd fee " << tx.rct_signatures.txnOffshoreFee_xasset << "" << delimiter << "check:" << fee << std::endl;
+          }
+
+        }
+        
+        // Check for 0 price in the source or destination currency
+        if (offshore|| xusd_to_xasset) {
+          if (!pr[dest]) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "0 exchange rate used for dest " << dest << "" << delimiter << "..." << std::endl;
+          } else if (pr[dest] == 1000000000000) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "1.0000 exchange rate used for dest " << dest << "" << delimiter << "..." << std::endl;
+          }
+        } else if (onshore || xasset_to_xusd) {
+          if (!pr[source]) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "0 exchange rate used for source " << source << "" << delimiter << "..." << std::endl;
+          } else if (pr[source] == 1000000000000) {
+            std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << tx_id << "" << delimiter << "1.0000 exchange rate used for source " << source << "" << delimiter << "..." << std::endl;
+          }
+        }
+      }
+      */
+    }
+
+    /*
+    // compare the asset sets
+    if (used_assets == miner_tx_assets) {
+    } else if (used_assets.empty() && (miner_tx_assets.size() == 1) && (miner_tx_assets.count("XHV") == 1)) {
+    } else {
+      std::cout << timebuf << "" << delimiter << "" << h << "" << delimiter << "" << blk.miner_tx.hash << "" << delimiter << "Mismatch in miner reward assets detected" << delimiter << "Used assets = { ";
+      for (auto const &i: used_assets)
+        std::cout << i << " ";
+      std::cout << "}, miner_tx claimed { ";
+      for (auto const &i: miner_tx_assets)
+        std::cout << i << " ";
+      std::cout << "}" << std::endl;
+    }
+    */
+    
+    currblks++;
+
+    if (stop_requested)
+      break;
+  }
+
+  return 0;
+
+  CATCH_ENTRY("Stats reporting error", 1);
+}

src/checkpoints/checkpoints.cpp

@@ -204,6 +204,7 @@ namespace cryptonote
       ADD_CHECKPOINT2(180,   "e20bc8ac6aabb6b0792f23a29ce42a577c6a57d177a8ac1a51b68fb6de508045", "0x262b40");
       ADD_CHECKPOINT2(190,   "f69fdad7a15471b63a82668b618ee5b2a384291269d944b11974a723c1604124", "0x2856a3");
       ADD_CHECKPOINT2(200,   "eba53fa7006dfcdc837a56c0bc8f0e1883cf34861c26934d680252a6878a3f5d", "0x2aa022");
+      ADD_CHECKPOINT2(90000, "e125b5c1b26521f98e29df6ec88f041c176a2c0a3fcacd5bd0ad2278e9b02fd2", "0xc99801f937888"); // 3546475285149832
     }
     return true;
   }
@@ -249,22 +250,22 @@ namespace cryptonote
     std::vector<std::string> records;
 
     // All four MoneroPulse domains have DNSSEC on and valid
-    static const std::vector<std::string> dns_urls = { "checkpoints.moneropulse.se"
+    static const std::vector<std::string> dns_urls = { /*"checkpoints.moneropulse.se"
 						     , "checkpoints.moneropulse.org"
 						     , "checkpoints.moneropulse.net"
-						     , "checkpoints.moneropulse.co"
+						     , "checkpoints.moneropulse.co"*/
     };
 
-    static const std::vector<std::string> testnet_dns_urls = { "testpoints.moneropulse.se"
+    static const std::vector<std::string> testnet_dns_urls = { /*"testpoints.moneropulse.se"
 							     , "testpoints.moneropulse.org"
 							     , "testpoints.moneropulse.net"
-							     , "testpoints.moneropulse.co"
+							     , "testpoints.moneropulse.co"*/
     };
 
-    static const std::vector<std::string> stagenet_dns_urls = { "stagenetpoints.moneropulse.se"
+    static const std::vector<std::string> stagenet_dns_urls = { /*"stagenetpoints.moneropulse.se"
                    , "stagenetpoints.moneropulse.org"
                    , "stagenetpoints.moneropulse.net"
-                   , "stagenetpoints.moneropulse.co"
+                   , "stagenetpoints.moneropulse.co"*/
     };
 
     if (!tools::dns_utils::load_txt_records_from_dns(records, nettype == TESTNET ? testnet_dns_urls : nettype == STAGENET ? stagenet_dns_urls : dns_urls))

src/crypto/crypto.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2022, The Monero Project
+// Copyright (c) 2014-2024, The Monero Project
 // 
 // All rights reserved.
 // 
@@ -171,7 +171,9 @@ namespace crypto {
   /* Generate a value filled with random bytes.
    */
   template<typename T>
-  typename std::enable_if<std::is_pod<T>::value, T>::type rand() {
+  T rand() {
+    static_assert(std::is_standard_layout_v<T>, "cannot write random bytes into non-standard layout type");
+    static_assert(std::is_trivially_copyable_v<T>, "cannot write random bytes into non-trivially copyable type");
     typename std::remove_cv<T>::type res;
     generate_random_bytes_thread_safe(sizeof(T), (uint8_t*)&res);
     return res;
@@ -314,8 +316,14 @@ namespace crypto {
   inline std::ostream &operator <<(std::ostream &o, const crypto::public_key &v) {
     epee::to_hex::formatted(o, epee::as_byte_span(v)); return o;
   }
-  inline std::ostream &operator <<(std::ostream &o, const crypto::secret_key &v) {
-    epee::to_hex::formatted(o, epee::as_byte_span(v)); return o;
+  /* Do NOT overload the << operator for crypto::secret_key here. Use secret_key_explicit_print_ref
+   * instead to prevent accidental implicit dumping of secret key material to the logs (which has
+   * happened before). For the same reason, do not overload it for crypto::ec_scalar either since
+   * crypto::secret_key is a subclass. I'm not sorry that it's obtuse; that's the point, bozo.
+   */
+  struct secret_key_explicit_print_ref { const crypto::secret_key &sk; };
+  inline std::ostream &operator <<(std::ostream &o, const secret_key_explicit_print_ref v) {
+    epee::to_hex::formatted(o, epee::as_byte_span(unwrap(unwrap(v.sk)))); return o;
   }
   inline std::ostream &operator <<(std::ostream &o, const crypto::key_derivation &v) {
     epee::to_hex::formatted(o, epee::as_byte_span(v)); return o;
@@ -335,8 +343,16 @@ namespace crypto {
 
   inline bool operator<(const public_key &p1, const public_key &p2) { return memcmp(&p1, &p2, sizeof(public_key)) < 0; }
   inline bool operator>(const public_key &p1, const public_key &p2) { return p2 < p1; }
+  inline bool operator<(const key_image &p1, const key_image &p2) { return memcmp(&p1, &p2, sizeof(key_image)) < 0; }
+  inline bool operator>(const key_image &p1, const key_image &p2) { return p2 < p1; }
 }
 
+// type conversions for easier calls to sc_add(), sc_sub(), hash functions
+inline unsigned char* to_bytes(crypto::ec_scalar &scalar) { return &reinterpret_cast<unsigned char&>(scalar); }
+inline const unsigned char* to_bytes(const crypto::ec_scalar &scalar) { return &reinterpret_cast<const unsigned char&>(scalar); }
+inline unsigned char* to_bytes(crypto::ec_point &point) { return &reinterpret_cast<unsigned char&>(point); }
+inline const unsigned char* to_bytes(const crypto::ec_point &point) { return &reinterpret_cast<const unsigned char&>(point); }
+
 CRYPTO_MAKE_HASHABLE(public_key)
 CRYPTO_MAKE_HASHABLE_CONSTANT_TIME(secret_key)
 CRYPTO_MAKE_HASHABLE_CONSTANT_TIME(public_key_memsafe)

src/cryptonote_basic/cryptonote_basic.h

@@ -200,8 +200,11 @@ namespace cryptonote
     std::vector<uint8_t> extra;
     // TX type
     cryptonote::transaction_type type;
-    // Return address
     crypto::public_key return_address;
+    // Return address list (must be at least 1 and at most BULLETPROOF_MAX_OUTPUTS-1 - the "-1" is for the change output)
+    std::vector<crypto::public_key> return_address_list;
+    //return_address_change_mask
+    std::vector<uint8_t> return_address_change_mask;
     // Return TX public key
     crypto::public_key return_pubkey;
     // Source asset type
@@ -224,8 +227,13 @@ namespace cryptonote
       if (type != cryptonote::transaction_type::PROTOCOL) {
         VARINT_FIELD(amount_burnt)
         if (type != cryptonote::transaction_type::MINER) {
-          FIELD(return_address)
-          FIELD(return_pubkey)
+          if (type == cryptonote::transaction_type::TRANSFER && version >= TRANSACTION_VERSION_N_OUTS) {
+            FIELD(return_address_list)
+            FIELD(return_address_change_mask)
+          } else {
+            FIELD(return_address)
+            FIELD(return_pubkey)
+          }
           FIELD(source_asset_type)
           FIELD(destination_asset_type)
           VARINT_FIELD(amount_slippage_limit)
@@ -244,6 +252,8 @@ namespace cryptonote
       extra.clear();
       type = cryptonote::transaction_type::UNSET;
       return_address = crypto::null_pkey;
+      return_address_list.clear();
+      return_address_change_mask.clear();
       return_pubkey = crypto::null_pkey;
       source_asset_type.clear();
       destination_asset_type.clear();

src/cryptonote_basic/cryptonote_basic_impl.cpp

@@ -70,8 +70,6 @@ namespace cryptonote {
   {
     if (version < 2)
       return CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1;
-    if (version < 5)
-      return CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V2;
     return CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5;
   }
   //-----------------------------------------------------------------------------------------------

src/cryptonote_basic/cryptonote_boost_serialization.h

@@ -166,24 +166,7 @@ namespace boost
   inline void serialize(Archive &a, cryptonote::transaction_prefix &x, const boost::serialization::version_type ver)
   {
     a & x.version;
-    a & x.vin;
-    a & x.vout;
-    a & x.extra;
-    a & x.type;
-    if (x.type != cryptonote::transaction_type::MINER && x.type != cryptonote::transaction_type::PROTOCOL) {
-      a & x.return_address;
-      a & x.return_pubkey;
-      a & x.source_asset_type;
-      a & x.destination_asset_type;
-      a & x.amount_burnt;
-      a & x.amount_slippage_limit;
-    }
-  }
-
-  template <class Archive>
-  inline void serialize(Archive &a, cryptonote::transaction &x, const boost::serialization::version_type ver)
-  {
-    a & x.version;
+    a & x.unlock_time;
     a & x.vin;
     a & x.vout;
     a & x.extra;
@@ -191,8 +174,39 @@ namespace boost
     if (x.type != cryptonote::transaction_type::PROTOCOL) {
       a & x.amount_burnt;
       if (x.type != cryptonote::transaction_type::MINER) {
-        a & x.return_address;
-        a & x.return_pubkey;
+        if (x.type == cryptonote::transaction_type::TRANSFER && x.version >= TRANSACTION_VERSION_N_OUTS) {
+          a & x.return_address_list;
+          a & x.return_address_change_mask;
+        } else {
+          a & x.return_address;
+          a & x.return_pubkey;
+        }
+        a & x.source_asset_type;
+        a & x.destination_asset_type;
+        a & x.amount_slippage_limit;
+      }
+    }
+  }
+
+  template <class Archive>
+  inline void serialize(Archive &a, cryptonote::transaction &x, const boost::serialization::version_type ver)
+  {
+    a & x.version;
+    a & x.unlock_time;
+    a & x.vin;
+    a & x.vout;
+    a & x.extra;
+    a & x.type;
+    if (x.type != cryptonote::transaction_type::PROTOCOL) {
+      a & x.amount_burnt;
+      if (x.type != cryptonote::transaction_type::MINER) {
+        if (x.type == cryptonote::transaction_type::TRANSFER && x.version >= TRANSACTION_VERSION_N_OUTS) {
+          a & x.return_address_list;
+          a & x.return_address_change_mask;
+        } else {
+          a & x.return_address;
+          a & x.return_pubkey;
+        }
         a & x.source_asset_type;
         a & x.destination_asset_type;
         a & x.amount_slippage_limit;
@@ -336,6 +350,14 @@ namespace boost
     a & x.D;
   }
 
+  template <class Archive>
+  inline void serialize(Archive &a, rct::zk_proof &x, const boost::serialization::version_type ver)
+  {
+    a & x.R;
+    a & x.z1;
+    a & x.z2;
+  }
+
   template <class Archive>
   inline void serialize(Archive &a, rct::ecdhTuple &x, const boost::serialization::version_type ver)
   {
@@ -389,7 +411,7 @@ namespace boost
     a & x.type;
     if (x.type == rct::RCTTypeNull)
       return;
-    if (x.type != rct::RCTTypeFull && x.type != rct::RCTTypeSimple && x.type != rct::RCTTypeBulletproof && x.type != rct::RCTTypeBulletproof2 && x.type != rct::RCTTypeCLSAG && x.type != rct::RCTTypeBulletproofPlus)
+    if (x.type != rct::RCTTypeFull && x.type != rct::RCTTypeSimple && x.type != rct::RCTTypeBulletproof && x.type != rct::RCTTypeBulletproof2 && x.type != rct::RCTTypeCLSAG && x.type != rct::RCTTypeBulletproofPlus && x.type != rct::RCTTypeFullProofs)
       throw boost::archive::archive_exception(boost::archive::archive_exception::other_exception, "Unsupported rct type");
     // a & x.message; message is not serialized, as it can be reconstructed from the tx data
     // a & x.mixRing; mixRing is not serialized, as it can be reconstructed from the offsets
@@ -399,6 +421,10 @@ namespace boost
     serializeOutPk(a, x.outPk, ver);
     a & x.txnFee;
     a & x.p_r;
+    if (x.type == rct::RCTTypeFullProofs) {
+      a & x.pr_proof;
+      a & x.sa_proof;
+    }
   }
 
   template <class Archive>
@@ -424,7 +450,7 @@ namespace boost
     a & x.type;
     if (x.type == rct::RCTTypeNull)
       return;
-    if (x.type != rct::RCTTypeFull && x.type != rct::RCTTypeSimple && x.type != rct::RCTTypeBulletproof && x.type != rct::RCTTypeBulletproof2 && x.type != rct::RCTTypeCLSAG && x.type != rct::RCTTypeBulletproofPlus)
+    if (x.type != rct::RCTTypeFull && x.type != rct::RCTTypeSimple && x.type != rct::RCTTypeBulletproof && x.type != rct::RCTTypeBulletproof2 && x.type != rct::RCTTypeCLSAG && x.type != rct::RCTTypeBulletproofPlus && x.type != rct::RCTTypeFullProofs)
       throw boost::archive::archive_exception(boost::archive::archive_exception::other_exception, "Unsupported rct type");
     // a & x.message; message is not serialized, as it can be reconstructed from the tx data
     // a & x.mixRing; mixRing is not serialized, as it can be reconstructed from the offsets
@@ -434,6 +460,10 @@ namespace boost
     serializeOutPk(a, x.outPk, ver);
     a & x.txnFee;
     a & x.p_r;
+    if (x.type == rct::RCTTypeFullProofs) {
+      a & x.pr_proof;
+      a & x.sa_proof;
+    }
     //--------------
     a & x.p.rangeSigs;
     if (x.p.rangeSigs.empty())
@@ -445,7 +475,7 @@ namespace boost
     a & x.p.MGs;
     if (ver >= 1u)
       a & x.p.CLSAGs;
-    if (x.type == rct::RCTTypeBulletproof || x.type == rct::RCTTypeBulletproof2 || x.type == rct::RCTTypeCLSAG || x.type == rct::RCTTypeBulletproofPlus)
+    if (x.type == rct::RCTTypeBulletproof || x.type == rct::RCTTypeBulletproof2 || x.type == rct::RCTTypeCLSAG || x.type == rct::RCTTypeBulletproofPlus || x.type == rct::RCTTypeFullProofs)
       a & x.p.pseudoOuts;
   }
 
@@ -487,5 +517,5 @@ namespace boost
 }
 
 BOOST_CLASS_VERSION(rct::rctSigPrunable, 2)
-BOOST_CLASS_VERSION(rct::rctSig, 2)
+BOOST_CLASS_VERSION(rct::rctSig, 3)
 BOOST_CLASS_VERSION(rct::multisig_out, 1)

src/cryptonote_basic/cryptonote_format_utils.cpp

@@ -110,7 +110,7 @@ namespace cryptonote
   uint64_t get_transaction_weight_clawback(const transaction &tx, size_t n_padded_outputs)
   {
     const rct::rctSig &rv = tx.rct_signatures;
-    const bool plus = rv.type == rct::RCTTypeBulletproofPlus;
+    const bool plus = (rv.type == rct::RCTTypeBulletproofPlus || rv.type == rct::RCTTypeFullProofs);
     const uint64_t bp_base = (32 * ((plus ? 6 : 9) + 7 * 2)) / 2; // notional size of a 2 output proof, normalized to 1 proof (ie, divided by 2)
     const size_t n_outputs = tx.vout.size();
     if (n_padded_outputs <= 2)
@@ -296,7 +296,7 @@ namespace cryptonote
     bool r = hwdev.generate_key_derivation(tx_public_key, ack.m_view_secret_key, recv_derivation);
     if (!r)
     {
-      MWARNING("key image helper: failed to generate_key_derivation(" << tx_public_key << ", " << ack.m_view_secret_key << ")");
+      MWARNING("key image helper: failed to generate_key_derivation(" << tx_public_key << ", <viewkey>)");
       memcpy(&recv_derivation, rct::identity().bytes, sizeof(recv_derivation));
     }
 
@@ -307,7 +307,7 @@ namespace cryptonote
       r = hwdev.generate_key_derivation(additional_tx_public_keys[i], ack.m_view_secret_key, additional_recv_derivation);
       if (!r)
       {
-        MWARNING("key image helper: failed to generate_key_derivation(" << additional_tx_public_keys[i] << ", " << ack.m_view_secret_key << ")");
+        MWARNING("key image helper: failed to generate_key_derivation(" << additional_tx_public_keys[i] << ", <viewkey>)");
       }
       else
       {
@@ -517,7 +517,7 @@ namespace cryptonote
   {
     CHECK_AND_ASSERT_MES(tx.pruned, std::numeric_limits<uint64_t>::max(), "get_pruned_transaction_weight does not support non pruned txes");
     CHECK_AND_ASSERT_MES(tx.version >= 2, std::numeric_limits<uint64_t>::max(), "get_pruned_transaction_weight does not support v1 txes");
-    CHECK_AND_ASSERT_MES(tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus,
+    CHECK_AND_ASSERT_MES(tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus || tx.rct_signatures.type == rct::RCTTypeFullProofs,
         std::numeric_limits<uint64_t>::max(), "Unsupported rct_signatures type in get_pruned_transaction_weight");
     CHECK_AND_ASSERT_MES(!tx.vin.empty(), std::numeric_limits<uint64_t>::max(), "empty vin");
     CHECK_AND_ASSERT_MES(tx.vin[0].type() == typeid(cryptonote::txin_to_key), std::numeric_limits<uint64_t>::max(), "empty vin");
@@ -1232,7 +1232,7 @@ namespace cryptonote
   {
     for (const auto &o: tx.vout)
     {
-      if (hf_version > HF_VERSION_VIEW_TAGS)
+      if (hf_version > HF_VERSION_REQUIRE_VIEW_TAGS)
       {
         // from v15, require outputs have view tags
         CHECK_AND_ASSERT_MES(o.target.type() == typeid(txout_to_tagged_key), false, "wrong variant type: "
@@ -1244,7 +1244,7 @@ namespace cryptonote
         CHECK_AND_ASSERT_MES(o.target.type() == typeid(txout_to_key), false, "wrong variant type: "
           << o.target.type().name() << ", expected txout_to_key in transaction id=" << get_transaction_hash(tx));
       }
-      else  //(hf_version == HF_VERSION_VIEW_TAGS)
+      else  //(hf_version == HF_VERSION_VIEW_TAGS || hf_version == HF_VERSION_VIEW_TAGS+1)
       {
         // require outputs be of type txout_to_key OR txout_to_tagged_key
         // to allow grace period before requiring all to be txout_to_tagged_key
@@ -1724,7 +1724,7 @@ namespace cryptonote
     blobdata blob = t_serializable_object_to_blob(static_cast<block_header>(b));
     crypto::hash tree_root_hash = get_tx_tree_hash(b);
     blob.append(reinterpret_cast<const char*>(&tree_root_hash), sizeof(tree_root_hash));
-    blob.append(tools::get_varint_data(b.tx_hashes.size()+1));
+    blob.append(tools::get_varint_data(b.tx_hashes.size() + (b.major_version >= HF_VERSION_ENABLE_N_OUTS ? 2 : 1)));
     return blob;
   }
   //---------------------------------------------------------------

src/cryptonote_basic/difficulty.cpp

@@ -33,6 +33,7 @@
 #include <cstddef>
 #include <cstdint>
 #include <vector>
+#include <boost/math/special_functions/round.hpp>
 
 #include "int-util.h"
 #include "crypto/hash.h"
@@ -239,6 +240,63 @@ namespace cryptonote {
     return res.convert_to<difficulty_type>();
   }
 
+  difficulty_type next_difficulty_v2(std::vector<std::uint64_t> timestamps, std::vector<difficulty_type> cumulative_difficulties, size_t target_seconds) {
+
+    // LWMA difficulty algorithm
+    // Copyright (c) 2017-2018 Zawy
+    // MIT license http://www.opensource.org/licenses/mit-license.php.
+    // This is an improved version of Tom Harding's (Deger8) "WT-144"
+    // Karbowanec, Masari, Bitcoin Gold, and Bitcoin Cash have contributed.
+    // See https://github.com/zawy12/difficulty-algorithms/issues/3 for other algos.
+    // Do not use "if solvetime < 0 then solvetime = 1" which allows a catastrophic exploit.
+    // T= target_solvetime;
+    // N=45, 55, 70, 90, 120 for T=600, 240, 120, 90, and 60
+
+    const int64_t T = static_cast<int64_t>(target_seconds);
+    size_t N = DIFFICULTY_WINDOW_V2;
+
+    if (timestamps.size() > N) {
+      timestamps.resize(N + 1);
+      cumulative_difficulties.resize(N + 1);
+    }
+    size_t n = timestamps.size();
+    assert(n == cumulative_difficulties.size());
+    assert(n <= DIFFICULTY_WINDOW_V2);
+    // If new coin, just "give away" first 5 blocks at low difficulty
+    if ( n < 6 ) { return  1; }
+    // If height "n" is from 6 to N, then reset N to n-1.
+    else if (n < N+1) { N=n-1; }
+
+    // To get an average solvetime to within +/- ~0.1%, use an adjustment factor.
+    // adjust=0.99 for 90 < N < 130
+    const long double adjust = 0.998;
+    // The divisor k normalizes LWMA.
+    const long double k = N * (N + 1) / 2;
+
+    long double LWMA(0), sum_inverse_D(0), harmonic_mean_D(0), nextDifficulty(0);
+    int64_t solveTime(0);
+    uint64_t difficulty(0), next_difficulty(0);
+
+    // Loop through N most recent blocks.
+    for (size_t i = 1; i <= N; i++) {
+      solveTime = static_cast<int64_t>(timestamps[i]) - static_cast<int64_t>(timestamps[i - 1]);
+      solveTime = std::min<int64_t>((T * 7), std::max<int64_t>(solveTime, (-7 * T)));
+      difficulty = (cumulative_difficulties[i] - cumulative_difficulties[i - 1]).convert_to<uint64_t>();
+      LWMA += (int64_t)(solveTime * i) / k;
+      sum_inverse_D += 1 / static_cast<double>(difficulty);
+    }
+
+    // Keep LWMA sane in case something unforeseen occurs.
+    if (static_cast<int64_t>(boost::math::round(LWMA)) < T / 20)
+      LWMA = static_cast<double>(T / 20);
+
+    harmonic_mean_D = N / sum_inverse_D * adjust;
+    nextDifficulty = harmonic_mean_D * T / LWMA;
+    next_difficulty = static_cast<uint64_t>(nextDifficulty);
+
+    return next_difficulty;
+  }
+  
   std::string hex(difficulty_type v)
   {
     static const char chars[] = "0123456789abcdef";

src/cryptonote_basic/difficulty.h

@@ -58,6 +58,7 @@ namespace cryptonote
     bool check_hash_128(const crypto::hash &hash, difficulty_type difficulty);
     bool check_hash(const crypto::hash &hash, difficulty_type difficulty);
     difficulty_type next_difficulty(std::vector<std::uint64_t> timestamps, std::vector<difficulty_type> cumulative_difficulties, size_t target_seconds);
-
+    difficulty_type next_difficulty_v2(std::vector<std::uint64_t> timestamps, std::vector<difficulty_type> cumulative_difficulties, size_t target_seconds);
+  
     std::string hex(difficulty_type v);
 }

src/cryptonote_basic/verification_context.h

@@ -59,6 +59,7 @@ namespace cryptonote
     bool m_fee_too_low;
     bool m_too_few_outputs;
     bool m_tx_extra_too_big;
+    bool m_version_mismatch; // TX version wrong for the currently-active HF version
   };
 
   struct block_verification_context

src/cryptonote_config.h

@@ -42,7 +42,9 @@
 #define CRYPTONOTE_MAX_TX_PER_BLOCK                     0x10000000
 #define CRYPTONOTE_PUBLIC_ADDRESS_TEXTBLOB_VER          0
 #define CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW            60
-#define CURRENT_TRANSACTION_VERSION                     2
+#define CURRENT_TRANSACTION_VERSION                     3
+#define TRANSACTION_VERSION_2_OUTS                      2
+#define TRANSACTION_VERSION_N_OUTS                      3
 #define CURRENT_BLOCK_MAJOR_VERSION                     1
 #define CURRENT_BLOCK_MINOR_VERSION                     1
 #define CRYPTONOTE_BLOCK_FUTURE_TIME_LIMIT              60*60*2
@@ -85,9 +87,11 @@
 
 #define DIFFICULTY_TARGET_V2                            120  // seconds
 #define DIFFICULTY_TARGET_V1                            60  // seconds - before first fork
+#define DIFFICULTY_WINDOW_V2                            70 // blocks
 #define DIFFICULTY_WINDOW                               720 // blocks
 #define DIFFICULTY_LAG                                  15  // !!!
 #define DIFFICULTY_CUT                                  60  // timestamps to cut after sorting
+#define DIFFICULTY_BLOCKS_COUNT_V2                      DIFFICULTY_WINDOW_V2
 #define DIFFICULTY_BLOCKS_COUNT                         DIFFICULTY_WINDOW + DIFFICULTY_LAG
 
 
@@ -212,11 +216,16 @@
 
 #define HF_VERSION_LONG_TERM_BLOCK_WEIGHT       2
 #define HF_VERSION_2021_SCALING                 2
-#define HF_VERSION_ENABLE_CONVERT               2
-#define HF_VERSION_ENABLE_ORACLE                2
-#define HF_VERSION_SLIPPAGE_YIELD               2
+#define HF_VERSION_ENABLE_N_OUTS                2
 
-#define TESTNET_VERSION                         11
+#define HF_VERSION_FULL_PROOFS                  3
+
+#define HF_VERSION_REQUIRE_VIEW_TAGS            255
+#define HF_VERSION_ENABLE_CONVERT               255
+#define HF_VERSION_ENABLE_ORACLE                255
+#define HF_VERSION_SLIPPAGE_YIELD               255
+
+#define TESTNET_VERSION                         12
 #define STAGENET_VERSION                        1
 
 #define PER_KB_FEE_QUANTIZATION_DECIMALS        8

src/cryptonote_core/blockchain.cpp

@@ -888,6 +888,15 @@ start:
   uint64_t height;
   auto new_top_hash = get_tail_id(height); // get it again now that we have the lock
   ++height;
+
+  uint8_t version = get_current_hard_fork_version();
+  size_t difficulty_blocks_count;
+  if (version == 1) {
+    difficulty_blocks_count = DIFFICULTY_BLOCKS_COUNT;
+  } else {
+    difficulty_blocks_count = DIFFICULTY_BLOCKS_COUNT_V2;
+  }
+
   if (!(new_top_hash == top_hash)) D=0;
   ss << "Re-locked, height " << height << ", tail id " << new_top_hash << (new_top_hash == top_hash ? "" : " (different)") << std::endl;
   top_hash = new_top_hash;
@@ -900,15 +909,15 @@ start:
   bool check = false;
   if (m_reset_timestamps_and_difficulties_height)
     m_timestamps_and_difficulties_height = 0;
-  if (m_timestamps_and_difficulties_height != 0 && ((height - m_timestamps_and_difficulties_height) == 1) && m_timestamps.size() >= DIFFICULTY_BLOCKS_COUNT)
+  if (m_timestamps_and_difficulties_height != 0 && ((height - m_timestamps_and_difficulties_height) == 1) && m_timestamps.size() >= difficulty_blocks_count)
   {
     uint64_t index = height - 1;
     m_timestamps.push_back(m_db->get_block_timestamp(index));
     m_difficulties.push_back(m_db->get_block_cumulative_difficulty(index));
 
-    while (m_timestamps.size() > DIFFICULTY_BLOCKS_COUNT)
+    while (m_timestamps.size() > difficulty_blocks_count)
       m_timestamps.erase(m_timestamps.begin());
-    while (m_difficulties.size() > DIFFICULTY_BLOCKS_COUNT)
+    while (m_difficulties.size() > difficulty_blocks_count)
       m_difficulties.erase(m_difficulties.begin());
 
     m_timestamps_and_difficulties_height = height;
@@ -921,7 +930,7 @@ start:
   std::vector<difficulty_type> difficulties_from_cache = difficulties;
 
   {
-    uint64_t offset = height - std::min <uint64_t> (height, static_cast<uint64_t>(DIFFICULTY_BLOCKS_COUNT));
+    uint64_t offset = height - std::min <uint64_t> (height, static_cast<uint64_t>(difficulty_blocks_count));
     if (offset == 0)
       ++offset;
 
@@ -967,7 +976,12 @@ start:
   }
 
   size_t target = get_difficulty_target();
-  difficulty_type diff = next_difficulty(timestamps, difficulties, target);
+  difficulty_type diff;
+  if (version == 1) {
+    diff = next_difficulty(timestamps, difficulties, target);
+  } else {
+    diff = next_difficulty_v2(timestamps, difficulties, target);
+  }
 
   CRITICAL_REGION_LOCAL1(m_difficulty_lock);
   m_difficulty_for_next_block_top_hash = top_hash;
@@ -1020,17 +1034,38 @@ size_t Blockchain::recalculate_difficulties(boost::optional<uint64_t> start_heig
   LOG_PRINT_L3("Blockchain::" << __func__);
   CRITICAL_REGION_LOCAL(m_blockchain_lock);
 
-  const uint64_t start_height = start_height_opt ? *start_height_opt : check_difficulty_checkpoints().second;
+  //uint64_t start_height = start_height_opt ? *start_height_opt : check_difficulty_checkpoints().second;
+  uint8_t version = get_current_hard_fork_version();
+  uint64_t start_height = 0;
+  if (start_height_opt) {
+    start_height = *start_height_opt;
+  } else {
+    bool found = false;
+    for (size_t i=0; i<num_mainnet_hard_forks; ++i) {
+      if (version == mainnet_hard_forks[i].version) {
+        start_height = mainnet_hard_forks[i].height;
+        found = true;
+        break;
+      }
+    }
+    start_height = std::max(start_height, check_difficulty_checkpoints().second);
+  }
   const uint64_t top_height = m_db->height() - 1;
   MGINFO("Recalculating difficulties from height " << start_height << " to height " << top_height);
 
   std::vector<uint64_t> timestamps;
   std::vector<difficulty_type> difficulties;
-  timestamps.reserve(DIFFICULTY_BLOCKS_COUNT + 1);
-  difficulties.reserve(DIFFICULTY_BLOCKS_COUNT + 1);
+  size_t difficulty_blocks_count;
+  if (version == 1) {
+    difficulty_blocks_count = DIFFICULTY_BLOCKS_COUNT;
+  } else {
+    difficulty_blocks_count = DIFFICULTY_BLOCKS_COUNT_V2;
+  }
+  timestamps.reserve(difficulty_blocks_count + 1);
+  difficulties.reserve(difficulty_blocks_count + 1);
   if (start_height > 1)
   {
-    for (uint64_t i = 0; i < DIFFICULTY_BLOCKS_COUNT; ++i)
+    for (uint64_t i = 0; i < difficulty_blocks_count; ++i)
     {
       uint64_t height = start_height - 1 - i;
       if (height == 0)
@@ -1045,7 +1080,9 @@ size_t Blockchain::recalculate_difficulties(boost::optional<uint64_t> start_heig
   for (uint64_t height = start_height; height <= top_height; ++height)
   {
     size_t target = DIFFICULTY_TARGET_V2;
-    difficulty_type recalculated_diff = next_difficulty(timestamps, difficulties, target);
+    difficulty_type recalculated_diff = (version == 1)
+      ? next_difficulty(timestamps, difficulties, target)
+      : next_difficulty_v2(timestamps, difficulties, target);
 
     boost::multiprecision::uint256_t recalculated_cum_diff_256 = boost::multiprecision::uint256_t(recalculated_diff) + last_cum_diff;
     CHECK_AND_ASSERT_THROW_MES(recalculated_cum_diff_256 <= std::numeric_limits<difficulty_type>::max(), "Difficulty overflow!");
@@ -1073,9 +1110,9 @@ size_t Blockchain::recalculate_difficulties(boost::optional<uint64_t> start_heig
       timestamps.push_back(m_db->get_block_timestamp(height));
       difficulties.push_back(recalculated_cum_diff);
     }
-    if (timestamps.size() > DIFFICULTY_BLOCKS_COUNT)
+    if (timestamps.size() > difficulty_blocks_count)
     {
-      CHECK_AND_ASSERT_THROW_MES(timestamps.size() == DIFFICULTY_BLOCKS_COUNT + 1, "Wrong timestamps size: " << timestamps.size());
+      CHECK_AND_ASSERT_THROW_MES(timestamps.size() == difficulty_blocks_count + 1, "Wrong timestamps size: " << timestamps.size());
       timestamps.erase(timestamps.begin());
       difficulties.erase(difficulties.begin());
     }
@@ -1299,16 +1336,23 @@ difficulty_type Blockchain::get_next_difficulty_for_alternative_chain(const std:
   LOG_PRINT_L3("Blockchain::" << __func__);
   std::vector<uint64_t> timestamps;
   std::vector<difficulty_type> cumulative_difficulties;
-
+  uint8_t version = get_current_hard_fork_version();
+  size_t difficulty_blocks_count;
+  if (version == 1) {
+    difficulty_blocks_count = DIFFICULTY_BLOCKS_COUNT;
+  } else {
+    difficulty_blocks_count = DIFFICULTY_BLOCKS_COUNT_V2;
+  }
+  
   // if the alt chain isn't long enough to calculate the difficulty target
   // based on its blocks alone, need to get more blocks from the main chain
-  if(alt_chain.size()< DIFFICULTY_BLOCKS_COUNT)
+  if(alt_chain.size()< difficulty_blocks_count)
   {
     CRITICAL_REGION_LOCAL(m_blockchain_lock);
 
     // Figure out start and stop offsets for main chain blocks
     size_t main_chain_stop_offset = alt_chain.size() ? alt_chain.front().height : bei.height;
-    size_t main_chain_count = DIFFICULTY_BLOCKS_COUNT - std::min(static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT), alt_chain.size());
+    size_t main_chain_count = difficulty_blocks_count - std::min(static_cast<size_t>(difficulty_blocks_count), alt_chain.size());
     main_chain_count = std::min(main_chain_count, main_chain_stop_offset);
     size_t main_chain_start_offset = main_chain_stop_offset - main_chain_count;
 
@@ -1323,7 +1367,7 @@ difficulty_type Blockchain::get_next_difficulty_for_alternative_chain(const std:
     }
 
     // make sure we haven't accidentally grabbed too many blocks...maybe don't need this check?
-    CHECK_AND_ASSERT_MES((alt_chain.size() + timestamps.size()) <= DIFFICULTY_BLOCKS_COUNT, false, "Internal error, alt_chain.size()[" << alt_chain.size() << "] + vtimestampsec.size()[" << timestamps.size() << "] NOT <= DIFFICULTY_WINDOW[]" << DIFFICULTY_BLOCKS_COUNT);
+    CHECK_AND_ASSERT_MES((alt_chain.size() + timestamps.size()) <= difficulty_blocks_count, false, "Internal error, alt_chain.size()[" << alt_chain.size() << "] + vtimestampsec.size()[" << timestamps.size() << "] NOT <= DIFFICULTY_WINDOW[]" << difficulty_blocks_count);
 
     for (const auto &bei : alt_chain)
     {
@@ -1335,8 +1379,8 @@ difficulty_type Blockchain::get_next_difficulty_for_alternative_chain(const std:
   // and timestamps from it alone
   else
   {
-    timestamps.resize(static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT));
-    cumulative_difficulties.resize(static_cast<size_t>(DIFFICULTY_BLOCKS_COUNT));
+    timestamps.resize(static_cast<size_t>(difficulty_blocks_count));
+    cumulative_difficulties.resize(static_cast<size_t>(difficulty_blocks_count));
     size_t count = 0;
     size_t max_i = timestamps.size()-1;
     // get difficulties and timestamps from most recent blocks in alt chain
@@ -1345,7 +1389,7 @@ difficulty_type Blockchain::get_next_difficulty_for_alternative_chain(const std:
       timestamps[max_i - count] = bei.bl.timestamp;
       cumulative_difficulties[max_i - count] = bei.cumulative_difficulty;
       count++;
-      if(count >= DIFFICULTY_BLOCKS_COUNT)
+      if(count >= difficulty_blocks_count)
         break;
     }
   }
@@ -1354,7 +1398,11 @@ difficulty_type Blockchain::get_next_difficulty_for_alternative_chain(const std:
   size_t target = DIFFICULTY_TARGET_V2;
 
   // calculate the difficulty target for the block and return it
-  return next_difficulty(timestamps, cumulative_difficulties, target);
+  if (version == 1) {
+    return next_difficulty(timestamps, cumulative_difficulties, target);
+  } else {
+    return next_difficulty_v2(timestamps, cumulative_difficulties, target);
+  }
 }
 //------------------------------------------------------------------
 // This function does a sanity check on basic things that all miner
@@ -1448,10 +1496,14 @@ bool Blockchain::validate_miner_transaction(const block& b, size_t cumulative_bl
 
   switch (version) {
   case HF_VERSION_BULLETPROOF_PLUS:
+  case HF_VERSION_ENABLE_N_OUTS:
+  case HF_VERSION_FULL_PROOFS:
     if (b.miner_tx.amount_burnt > 0) {
       CHECK_AND_ASSERT_MES(money_in_use + b.miner_tx.amount_burnt > money_in_use, false, "miner transaction is overflowed by amount_burnt");
       money_in_use += b.miner_tx.amount_burnt;
     }
+    if (already_generated_coins != 0)
+      CHECK_AND_ASSERT_MES(money_in_use / 5 == b.miner_tx.amount_burnt, false, "miner_transaction has incorrect amount_burnt amount");
     break;
   default:
     assert(false);
@@ -1478,7 +1530,7 @@ bool Blockchain::validate_miner_transaction(const block& b, size_t cumulative_bl
 }
 //------------------------------------------------------------------
 // SRCG
-bool Blockchain::validate_protocol_transaction(const block& b, uint64_t height, std::vector<std::pair<transaction, blobdata>>& txs, const std::map<std::string, uint64_t>& circ_supply, uint8_t hf_version)
+bool Blockchain::validate_protocol_transaction(const block& b, uint64_t height, std::vector<std::pair<transaction, blobdata>>& txs, uint8_t hf_version)
 {
   LOG_PRINT_L3("Blockchain::" << __func__);
   CHECK_AND_ASSERT_MES(b.tx_hashes.size() == txs.size(), false, "Invalid number of TXs / hashes supplied");
@@ -1488,6 +1540,17 @@ bool Blockchain::validate_protocol_transaction(const block& b, uint64_t height,
     CHECK_AND_ASSERT_MES(b.protocol_tx.vout.size() == 0, false, "void protocol transaction in the block has outputs");
     return true;
   }
+
+  if (!b.protocol_tx.vout.size()) {
+    // No money is minted, nothing to verify - bail out
+    return true;
+  }
+
+  // Get the circulating supply so we can verify 
+  std::map<std::string, uint64_t> circ_supply;
+  if (hf_version >= HF_VERSION_ENABLE_CONVERT) {
+    circ_supply = get_db().get_circulating_supply();
+  }
   
   // Build a map of outputs from the protocol_tx
   std::map<crypto::public_key, std::tuple<std::string, uint64_t, uint64_t>> outputs;
@@ -1495,16 +1558,19 @@ bool Blockchain::validate_protocol_transaction(const block& b, uint64_t height,
     if (o.target.type() == typeid(txout_to_key)) {
       txout_to_key out = boost::get<txout_to_key>(o.target);
       CHECK_AND_ASSERT_MES(out.unlock_time == CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, false, "Invalid unlock time on protocol_tx output");
+      CHECK_AND_ASSERT_MES(outputs.count(out.key) == 0, false, "Output duplicated in protocol_tx");
       outputs[out.key] = std::make_tuple(out.asset_type, o.amount, out.unlock_time);
     } else if (o.target.type() == typeid(txout_to_tagged_key)) {
       txout_to_tagged_key out = boost::get<txout_to_tagged_key>(o.target);
       CHECK_AND_ASSERT_MES(out.unlock_time == CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, false, "Invalid unlock time on protocol_tx output");
+      CHECK_AND_ASSERT_MES(outputs.count(out.key) == 0, false, "Output duplicated in protocol_tx");
       outputs[out.key] = std::make_tuple(out.asset_type, o.amount, out.unlock_time);
     } else {
       MERROR("Block at height: " << height << " attempting to add protocol transaction with invalid type " << o.target.type().name());
       return false;
     }
   }
+  CHECK_AND_ASSERT_MES(outputs.size() == b.protocol_tx.vout.size(), false, "Mismatch between vout and outputs for protocol_tx - aborting");
 
   // Maintain a count of outputs that we have verified
   std::vector<crypto::public_key> outputs_verified;
@@ -3555,6 +3621,16 @@ bool Blockchain::check_tx_outputs(const transaction& tx, tx_verification_context
     }
   }
 
+  if (hf_version >= HF_VERSION_FULL_PROOFS) {
+    if (tx.type == cryptonote::transaction_type::TRANSFER) {
+      if (tx.rct_signatures.type != rct::RCTTypeFullProofs) {
+        MERROR_VER("FullProofs required for TRANSFER TXs after v" + std::to_string(HF_VERSION_FULL_PROOFS));
+        tvc.m_invalid_output = true;
+        return false;
+      }
+    }
+  }
+  
   // from v15, require view tags and asset types on outputs
   if (!check_output_types(tx, hf_version))
   {
@@ -3565,6 +3641,52 @@ bool Blockchain::check_tx_outputs(const transaction& tx, tx_verification_context
   return true;
 }
 //------------------------------------------------------------------
+bool Blockchain::check_tx_type_and_version(const transaction& tx, tx_verification_context &tvc) const
+{
+  LOG_PRINT_L3("Blockchain::" << __func__);
+  CRITICAL_REGION_LOCAL(m_blockchain_lock);
+
+  const uint8_t hf_version = m_hardfork->get_current_version();
+
+  // Prior to v2, only allow TX v2
+  if (hf_version < HF_VERSION_ENABLE_N_OUTS) {
+
+    // Check for N-out TXs
+    if (tx.version >= TRANSACTION_VERSION_N_OUTS) {
+      MERROR_VER("N-out TXs are not permitted prior to v" + std::to_string(HF_VERSION_ENABLE_N_OUTS));
+      tvc.m_version_mismatch = true;
+      return false;
+    }
+
+    // Check for v1 TXs - genesis block protocol_tx exception required!
+    if (tx.version == 1 && epee::string_tools::pod_to_hex(cryptonote::get_transaction_hash(tx)) == "4f78ff511e860acd03138737a71505eb62eb78b620e180e58c8e13ed0e1e3e19") {
+      MERROR("v1 TXs are not permitted");
+      tvc.m_version_mismatch = true;
+      return false;
+    }
+  }
+
+  // After v2 allow N-out TXs for TRANSFER ONLY
+  if (hf_version >= HF_VERSION_ENABLE_N_OUTS) {
+    if (tx.version >= TRANSACTION_VERSION_N_OUTS && tx.type != cryptonote::transaction_type::TRANSFER) {
+      MERROR("N-out TXs are only permitted for TRANSFER TX type");
+      tvc.m_version_mismatch = true;
+      return false;
+    }
+  }
+
+  // Make sure CONVERT TXs are disabled until we are ready - belt and braces!
+  if (hf_version < HF_VERSION_ENABLE_CONVERT) {
+    if (tx.type == cryptonote::transaction_type::CONVERT) {
+      MERROR("CONVERT TXs are not permitted prior to v" + std::to_string(HF_VERSION_ENABLE_CONVERT));
+      tvc.m_version_mismatch = true;
+      return false;
+    }
+  }
+  
+  return true;
+}
+//------------------------------------------------------------------
 bool Blockchain::have_tx_keyimges_as_spent(const transaction &tx) const
 {
   LOG_PRINT_L3("Blockchain::" << __func__);
@@ -3579,7 +3701,7 @@ bool Blockchain::have_tx_keyimges_as_spent(const transaction &tx) const
 bool Blockchain::expand_transaction_2(transaction &tx, const crypto::hash &tx_prefix_hash, const std::vector<std::vector<rct::ctkey>> &pubkeys, const uint8_t &hf_version)
 {
   PERF_TIMER(expand_transaction_2);
-  CHECK_AND_ASSERT_MES(tx.version == 2, false, "Transaction version is not 2");
+  CHECK_AND_ASSERT_MES(tx.version == 2 || tx.version == 3, false, "Transaction version is not 2/3");
 
   rct::rctSig &rv = tx.rct_signatures;
 
@@ -3602,7 +3724,7 @@ bool Blockchain::expand_transaction_2(transaction &tx, const crypto::hash &tx_pr
       }
     }
   }
-  else if (rv.type == rct::RCTTypeSimple || rv.type == rct::RCTTypeBulletproof || rv.type == rct::RCTTypeBulletproof2 || rv.type == rct::RCTTypeCLSAG || rv.type == rct::RCTTypeBulletproofPlus)
+  else if (rv.type == rct::RCTTypeSimple || rv.type == rct::RCTTypeBulletproof || rv.type == rct::RCTTypeBulletproof2 || rv.type == rct::RCTTypeCLSAG || rv.type == rct::RCTTypeBulletproofPlus || rv.type == rct::RCTTypeFullProofs)
   {
     CHECK_AND_ASSERT_MES(!pubkeys.empty() && !pubkeys[0].empty(), false, "empty pubkeys");
     rv.mixRing.resize(pubkeys.size());
@@ -3643,7 +3765,7 @@ bool Blockchain::expand_transaction_2(transaction &tx, const crypto::hash &tx_pr
       }
     }
   }
-  else if (rv.type == rct::RCTTypeCLSAG || rv.type == rct::RCTTypeBulletproofPlus)
+  else if (rv.type == rct::RCTTypeCLSAG || rv.type == rct::RCTTypeBulletproofPlus || rv.type == rct::RCTTypeFullProofs)
   {
     if (!tx.pruned)
     {
@@ -3768,7 +3890,7 @@ bool Blockchain::check_tx_inputs(transaction& tx, tx_verification_context &tvc,
     }
 
     // min/max tx version based on HF, and we accept v1 txes if having a non mixable
-    const size_t max_tx_version = (hf_version < HF_VERSION_SLIPPAGE_YIELD) ? 2 : CURRENT_TRANSACTION_VERSION;
+    const size_t max_tx_version = (hf_version >= HF_VERSION_ENABLE_N_OUTS) ? TRANSACTION_VERSION_N_OUTS : TRANSACTION_VERSION_2_OUTS;
     if (tx.version > max_tx_version)
     {
       MERROR_VER("transaction version " << (unsigned)tx.version << " is higher than max accepted version " << max_tx_version);
@@ -3890,7 +4012,7 @@ bool Blockchain::check_tx_inputs(transaction& tx, tx_verification_context &tvc,
                        false, "Transaction spends at least one output which is too young");
 
   // Warn that new RCT types are present, and thus the cache is not being used effectively
-  static constexpr const std::uint8_t RCT_CACHE_TYPE = rct::RCTTypeBulletproofPlus;
+  static constexpr const std::uint8_t RCT_CACHE_TYPE = rct::RCTTypeFullProofs;
   if (tx.rct_signatures.type > RCT_CACHE_TYPE)
   {
     MWARNING("RCT cache is not caching new verification results. Please update RCT_CACHE_TYPE!");
@@ -3933,6 +4055,7 @@ bool Blockchain::check_tx_inputs(transaction& tx, tx_verification_context &tvc,
     case rct::RCTTypeBulletproof2:
     case rct::RCTTypeCLSAG:
     case rct::RCTTypeBulletproofPlus:
+    case rct::RCTTypeFullProofs:
     {
       if (!ver_rct_non_semantics_simple_cached(tx, pubkeys, m_rct_ver_cache, RCT_CACHE_TYPE, hf_version))
       {
@@ -4900,12 +5023,8 @@ leave:
   }
   TIME_MEASURE_FINISH(vmt);
 
-  TIME_MEASURE_START(gcs);
-  std::map<std::string, uint64_t> circ_supply = get_db().get_circulating_supply();
-  TIME_MEASURE_FINISH(gcs);
-
   TIME_MEASURE_START(vpt);
-  if(!validate_protocol_transaction(bl, blockchain_height, txs, circ_supply, m_hardfork->get_current_version()))
+  if(!validate_protocol_transaction(bl, blockchain_height, txs, m_hardfork->get_current_version()))
   {
     MERROR_VER("Block with id: " << id << " has incorrect protocol transaction");
     bvc.m_verifivation_failed = true;
@@ -6049,7 +6168,7 @@ void Blockchain::cancel()
 }
 
 #if defined(PER_BLOCK_CHECKPOINT)
-static const char expected_block_hashes_hash[] = "7f60b4980ea16b32e3f9fc1959d9d4116ba91f2b067bd70b3e21c44520096d14";
+static const char expected_block_hashes_hash[] = "5065d5361119a526b7a45e9e5bdf1d5be86f80e9eb43b0398bf0e47489c81c6d";
 void Blockchain::load_compiled_in_block_hashes(const GetCheckpointsCallback& get_checkpoints)
 {
   if (get_checkpoints == nullptr || !m_fast_sync)

src/cryptonote_core/blockchain.h

@@ -725,6 +725,19 @@ namespace cryptonote
      */
     bool check_tx_outputs(const transaction& tx, tx_verification_context &tvc) const;
 
+    /**
+     * @brief check that a transaction's version & type conforms to current standards
+     *
+     * This function checks, for example at the time of this writing, that
+     * the TX version and type is supported by the current HF version on-chain.
+     *
+     * @param tx the transaction to check the version and type of
+     * @param tvc returned info about tx verification
+     *
+     * @return false if the TX version and/or type is unsupported, otherwise true
+     */
+    bool check_tx_type_and_version(const transaction& tx, tx_verification_context &tvc) const;
+    
     /**
      * @brief gets the block weight limit based on recent blocks
      *
@@ -1521,7 +1534,7 @@ namespace cryptonote
      *
      * @return false if anything is found wrong with the protocol transaction, otherwise true
      */
-    bool validate_protocol_transaction(const block& b, uint64_t height, std::vector<std::pair<transaction, blobdata>>& txs, const std::map<std::string, uint64_t>& circ_supply, uint8_t hf_version);
+    bool validate_protocol_transaction(const block& b, uint64_t height, std::vector<std::pair<transaction, blobdata>>& txs, uint8_t hf_version);
 
     /**
      * @brief reverts the blockchain to its previous state following a failed switch

src/cryptonote_core/cryptonote_core.cpp

@@ -842,8 +842,8 @@ namespace cryptonote
     }
     bad_semantics_txes_lock.unlock();
 
-    uint8_t version = m_blockchain_storage.get_current_hard_fork_version();
-    const size_t max_tx_version = (version < HF_VERSION_SLIPPAGE_YIELD) ? 2 : CURRENT_TRANSACTION_VERSION;
+    uint8_t hf_version = m_blockchain_storage.get_current_hard_fork_version();
+    const size_t max_tx_version = (hf_version >= HF_VERSION_ENABLE_N_OUTS) ? TRANSACTION_VERSION_N_OUTS : TRANSACTION_VERSION_2_OUTS;
     if (tx.version == 0 || tx.version > max_tx_version)
     {
       // v2 is the latest one we know
@@ -970,6 +970,7 @@ namespace cryptonote
           rvv.push_back(&rv); // delayed batch verification
           break;
         case rct::RCTTypeBulletproofPlus:
+        case rct::RCTTypeFullProofs:
           if (!is_canonical_bulletproof_plus_layout(rv.p.bulletproofs_plus))
           {
             MERROR_VER("Bulletproof_plus does not have canonical form");
@@ -996,7 +997,7 @@ namespace cryptonote
       {
         if (!tx_info[n].result)
           continue;
-        if (tx_info[n].tx->rct_signatures.type != rct::RCTTypeBulletproof && tx_info[n].tx->rct_signatures.type != rct::RCTTypeBulletproof2 && tx_info[n].tx->rct_signatures.type != rct::RCTTypeCLSAG && tx_info[n].tx->rct_signatures.type != rct::RCTTypeBulletproofPlus)
+        if (tx_info[n].tx->rct_signatures.type != rct::RCTTypeBulletproof && tx_info[n].tx->rct_signatures.type != rct::RCTTypeBulletproof2 && tx_info[n].tx->rct_signatures.type != rct::RCTTypeCLSAG && tx_info[n].tx->rct_signatures.type != rct::RCTTypeBulletproofPlus && tx_info[n].tx->rct_signatures.type != rct::RCTTypeFullProofs)
           continue;
         if (!rct::verRctSemanticsSimple(tx_info[n].tx->rct_signatures,
                                         tx_info[n].tx->type == cryptonote::transaction_type::BURN ? tx_info[n].tx->amount_burnt :
@@ -1898,7 +1899,7 @@ namespace cryptonote
     if (!tools::check_updates(software, buildtag, version, hash))
       return false;
 
-    if (tools::vercmp(version.c_str(), MONERO_VERSION) <= 0)
+    if (tools::vercmp(version.c_str(), SALVIUM_VERSION) <= 0)
     {
       m_update_available = false;
       return true;

src/cryptonote_core/cryptonote_tx_utils.cpp

@@ -46,6 +46,11 @@ using namespace epee;
 #include "ringct/rctSigs.h"
 #include "oracle/asset_types.h"
 
+extern "C"
+{
+#include "crypto/keccak.h"
+#include "crypto/crypto-ops.h"
+}
 using namespace crypto;
 
 namespace cryptonote
@@ -110,7 +115,7 @@ namespace cryptonote
     CHECK_AND_ASSERT_THROW_MES(tmp == rct::identity(), "invert failed");
     return inv;
   }
-  
+
   //---------------------------------------------------------------
   void classify_addresses(const std::vector<tx_destination_entry> &destinations, const boost::optional<cryptonote::account_public_address>& change_addr, size_t &num_stdaddresses, size_t &num_subaddresses, account_public_address &single_dest_subaddress)
   {
@@ -497,7 +502,7 @@ namespace cryptonote
       crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
       crypto::public_key out_eph_public_key = AUTO_VAL_INIT(out_eph_public_key);
       bool r = crypto::generate_key_derivation(miner_address.m_view_public_key, txkey.sec, derivation);
-      CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << miner_address.m_view_public_key << ", " << txkey.sec << ")");
+      CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << miner_address.m_view_public_key << ", " << crypto::secret_key_explicit_print_ref{txkey.sec} << ")");
 
       r = crypto::derive_public_key(derivation, tx.vout.size(), miner_address.m_spend_public_key, out_eph_public_key);
       CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to derive_public_key(" << derivation << ", " << 0 << ", "<< miner_address.m_spend_public_key << ")");
@@ -510,7 +515,7 @@ namespace cryptonote
       crypto::key_derivation derivation_treasury = AUTO_VAL_INIT(derivation_treasury);
       crypto::public_key out_eph_public_key_treasury = AUTO_VAL_INIT(out_eph_public_key_treasury);
       r = crypto::generate_key_derivation(treasury_address.m_view_public_key, txkey.sec, derivation_treasury);
-      CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << treasury_address.m_view_public_key << ", " << txkey.sec << ")");
+      CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << treasury_address.m_view_public_key << ", " << crypto::secret_key_explicit_print_ref{txkey.sec} << ")");
 
       r = crypto::derive_public_key(derivation_treasury, tx.vout.size(), treasury_address.m_spend_public_key, out_eph_public_key_treasury);
       CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to derive_public_key(" << derivation << ", " << 0 << ", "<< miner_address.m_spend_public_key << ")");
@@ -564,7 +569,7 @@ namespace cryptonote
     crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
     crypto::public_key out_eph_public_key = AUTO_VAL_INIT(out_eph_public_key);
     bool r = crypto::generate_key_derivation(miner_address.m_view_public_key, txkey.sec, derivation);
-    CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << miner_address.m_view_public_key << ", " << txkey.sec << ")");
+    CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << miner_address.m_view_public_key << ", " << crypto::secret_key_explicit_print_ref{txkey.sec} << ")");
 
     r = crypto::derive_public_key(derivation, 0, miner_address.m_spend_public_key, out_eph_public_key);
     CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to derive_public_key(" << derivation << ", " << 0 << ", "<< miner_address.m_spend_public_key << ")");
@@ -572,10 +577,10 @@ namespace cryptonote
     uint64_t amount = block_reward;
     summary_amounts += amount;
 
-      bool use_view_tags = hard_fork_version >= HF_VERSION_VIEW_TAGS;
-      crypto::view_tag view_tag;
-      if (use_view_tags)
-        crypto::derive_view_tag(derivation, 0, view_tag);
+    bool use_view_tags = hard_fork_version >= HF_VERSION_VIEW_TAGS;
+    crypto::view_tag view_tag;
+    if (use_view_tags)
+      crypto::derive_view_tag(derivation, 0, view_tag);
 
     // Should we award some of the block reward to the stakers?
     if (height != 0) {
@@ -583,6 +588,8 @@ namespace cryptonote
       // Different forks take a different proportion of the block_reward for stakers
       switch (hard_fork_version) {
       case HF_VERSION_BULLETPROOF_PLUS:
+      case HF_VERSION_ENABLE_N_OUTS:
+      case HF_VERSION_FULL_PROOFS:
         // SRCG: subtract 20% that will be rewarded to staking users
         CHECK_AND_ASSERT_MES(tx.amount_burnt == 0, false, "while creating outs: amount_burnt is nonzero");
         tx.amount_burnt = amount / 5;
@@ -653,8 +660,11 @@ namespace cryptonote
     tx.set_null();
     amount_keys.clear();
 
-    if (hf_version >= HF_VERSION_SLIPPAGE_YIELD) {
-      tx.version = 3;
+    tx.type = (tx_type == cryptonote::transaction_type::RETURN) ? cryptonote::TRANSFER : tx_type;
+
+    // Configure the correct TX version for the current HF + TX type
+    if (hf_version >= HF_VERSION_ENABLE_N_OUTS && tx.type == cryptonote::transaction_type::TRANSFER) {
+      tx.version = TRANSACTION_VERSION_N_OUTS;
     } else {
       tx.version = 2;
     }
@@ -662,8 +672,6 @@ namespace cryptonote
     tx.extra = extra;
     crypto::public_key txkey_pub;
 
-    tx.type = (tx_type == cryptonote::transaction_type::RETURN) ? cryptonote::TRANSFER : tx_type;
-
     tx.source_asset_type = source_asset;
     tx.destination_asset_type = dest_asset;
     
@@ -849,7 +857,9 @@ namespace cryptonote
     uint64_t summary_outs_money = 0;
     //fill outputs
     size_t output_index = 0;
-    size_t change_index = 0;
+    crypto::secret_key x_change = crypto::null_skey;
+    rct::key key_yF;
+    uint8_t change_index = 0;
     for(const tx_destination_entry& dst_entr: destinations)
     {
       CHECK_AND_ASSERT_MES(dst_entr.amount > 0 || tx.version > 1, false, "Destination with wrong amount: " << dst_entr.amount);
@@ -880,7 +890,7 @@ namespace cryptonote
       LOG_ERROR("*****************************************************************************");
       LOG_ERROR("in construct_tx_With_tx_key()");
       LOG_ERROR("TX type   : TRANSFER");
-      LOG_ERROR("tx_key    : " << tx_key);
+      LOG_ERROR("tx_key    : " << crypto::secret_key_explicit_print_ref{tx_key});
       LOG_ERROR("tx_pubkey : " << txkey_pub);
       LOG_ERROR("P_change  : " << dst_entr.addr.m_spend_public_key);
       LOG_ERROR("aP_change : " << dst_entr.addr.m_view_public_key);
@@ -891,7 +901,7 @@ namespace cryptonote
                                            need_additional_txkeys, additional_tx_keys,
                                            additional_tx_public_keys, amount_keys, out_eph_public_key,
                                            use_view_tags, view_tag);
-
+      
       tx_out out;
       cryptonote::set_tx_out(dst_entr.amount, dst_entr.asset_type, dst_entr.is_change ? 0 : unlock_time, out_eph_public_key, use_view_tags, view_tag, out);
       tx.vout.push_back(out);
@@ -902,7 +912,86 @@ namespace cryptonote
 
     remove_field_from_tx_extra(tx.extra, typeid(tx_extra_additional_pub_keys));
 
-    if (tx.type == cryptonote::transaction_type::TRANSFER || tx.type == cryptonote::transaction_type::STAKE) {
+    if (hf_version >= HF_VERSION_ENABLE_N_OUTS && tx.type == cryptonote::transaction_type::TRANSFER) {
+
+      if (hf_version >= HF_VERSION_FULL_PROOFS) {
+
+        // Get the secret spend key for the change element
+        crypto::secret_key spend_skey = crypto::null_skey;
+        if (sender_account_keys.m_multisig_keys.empty())
+        {
+          // if not multisig, use normal spend skey
+          spend_skey = sender_account_keys.m_spend_secret_key;
+        }
+        else
+        {
+          // if multisig, use sum of multisig privkeys (local account's share of aggregate spend key)
+          for (const auto &multisig_key : sender_account_keys.m_multisig_keys)
+          {
+            sc_add((unsigned char*)spend_skey.data,
+                   (const unsigned char*)multisig_key.data,
+                   (const unsigned char*)spend_skey.data);
+          }
+        }
+      
+        // Obtain a separate key_derivation for the P_change output
+        //    (using the TX public key and the sender's private view key)
+        crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
+        CHECK_AND_ASSERT_MES(hwdev.generate_key_derivation(txkey_pub, sender_account_keys.m_view_secret_key, derivation), false, "Failed to generate key_derivation for P_change");
+        
+        // Calculate the secret spend key "x_change" for the P_change output
+        CHECK_AND_ASSERT_MES(hwdev.derive_secret_key(derivation, change_index, spend_skey, x_change), false, "Failed to derive secret key for P_change");
+      }
+      
+      // Get the output public key for the change output
+      crypto::public_key P_change = crypto::null_pkey;
+      CHECK_AND_ASSERT_MES(tx.vout.size() >= 2, false, "Internal error - too few outputs for TRANSFER tx");
+      CHECK_AND_ASSERT_MES(cryptonote::get_output_public_key(tx.vout[change_index], P_change), false, "Internal error - failed to get TX change output public key");
+      CHECK_AND_ASSERT_MES(P_change != crypto::null_pkey, false, "Internal error - not found TX change output for TRANSFER tx");
+
+      // Calculate the F points and change mask for every destination
+      for (size_t op_index=0; op_index<tx.vout.size(); ++op_index) {
+
+        // Calculate the y value for return_payment support
+        ec_scalar y;
+        struct {
+          char domain_separator[8];
+          rct::key amount_key;
+        } buf;
+        std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+        std::strncpy(buf.domain_separator, "RETURN", 7);
+        buf.amount_key = amount_keys[op_index];
+        crypto::hash_to_scalar(&buf, sizeof(buf), y);
+        
+        // Now generate the return address (and TX pubkey, although we will discard that)
+        crypto::public_key F = crypto::null_pkey;
+        crypto::public_key F_txpubkey = crypto::null_pkey;
+        CHECK_AND_ASSERT_MES(get_return_address(tx.version, tx.type, y, sender_account_keys, P_change, additional_tx_public_keys[op_index], F, F_txpubkey, hwdev), false, "Failed to get return_address");
+
+        // Push the F point into the TX vector of F points
+        tx.return_address_list.push_back(F);
+
+        // Calculate the shared secret yF
+        if (hf_version >= HF_VERSION_FULL_PROOFS) {
+          rct::key key_aP = rct::scalarmultKey(rct::pk2rct(P_change), rct::sk2rct(sender_account_keys.m_view_secret_key));
+          key_yF = rct::hash_to_scalar(key_aP);
+        }
+
+        // Calculate the encrypted_change_index data for this output
+        struct {
+          char domain_separator[8];
+          rct::key amount_key;
+        } eci_buf;
+        std::memset(eci_buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+        std::strncpy(eci_buf.domain_separator, "CHG_IDX", 8);
+        eci_buf.amount_key = amount_keys[op_index];
+        crypto::secret_key eci_out;
+        keccak((uint8_t *)&eci_buf, sizeof(eci_buf), (uint8_t*)&eci_out, sizeof(eci_out));
+        uint8_t eci_data = change_index ^ eci_out.data[0];
+        tx.return_address_change_mask.push_back(eci_data);
+      }
+
+    } else if (tx.type == cryptonote::transaction_type::TRANSFER || tx.type == cryptonote::transaction_type::STAKE) {
 
       // Get the output public key for the change output
       crypto::public_key P_change = crypto::null_pkey;
@@ -987,7 +1076,7 @@ namespace cryptonote
           crypto::generate_ring_signature(tx_prefix_hash, boost::get<txin_to_key>(tx.vin[i]).k_image, keys_ptrs, in_contexts[i].in_ephemeral.sec, src_entr.real_output, sigs.data());
         ss_ring_s << "signatures:" << ENDL;
         std::for_each(sigs.begin(), sigs.end(), [&](const crypto::signature& s){ss_ring_s << s << ENDL;});
-        ss_ring_s << "prefix_hash:" << tx_prefix_hash << ENDL << "in_ephemeral_key: " << in_contexts[i].in_ephemeral.sec << ENDL << "real_output: " << src_entr.real_output << ENDL;
+        ss_ring_s << "prefix_hash:" << tx_prefix_hash << ENDL << "in_ephemeral_key: " << crypto::secret_key_explicit_print_ref{in_contexts[i].in_ephemeral.sec} << ENDL << "real_output: " << src_entr.real_output << ENDL;
         i++;
       }
 
@@ -1102,26 +1191,7 @@ namespace cryptonote
         if (sources[i].rct)
           boost::get<txin_to_key>(tx.vin[i]).amount = 0;
       }
-      std::vector<bool> zero_masks;
-      zero_masks.reserve(tx.vout.size());
       for (size_t i = 0; i < tx.vout.size(); ++i) {
-        if (tx.type == cryptonote::transaction_type::STAKE) {
-          uint64_t unlock_time = 0;
-          bool ok = get_output_unlock_time(tx.vout[i], unlock_time);
-          if (!ok) {
-            LOG_ERROR("failed to get output asset type for tx.vout[" << i << "]");
-            return false;
-          }
-          if (unlock_time == 0) {
-            zero_masks.emplace_back(false);
-          } else {
-            zero_masks.emplace_back(true);
-          }
-        } else {
-          zero_masks.emplace_back(false);
-        }
-
-        // Clear the amount in the output
         tx.vout[i].amount = 0;
       }
       
@@ -1130,23 +1200,25 @@ namespace cryptonote
       rct::ctkeyV outSk;
       if (use_simple_rct)
         tx.rct_signatures = rct::genRctSimple(
-          rct::hash2rct(tx_prefix_hash),
-          inSk, 
-          destinations,
-          tx_type,
-          source_asset,
-          destination_asset_types,
-          zero_masks,
-          inamounts,
-          outamounts,
-          fee,
-          mixRing,
-          amount_keys,
-          index,
-          outSk,
-          rct_config,
-          hwdev
-        );
+                                              rct::hash2rct(tx_prefix_hash),
+                                              inSk, 
+                                              destinations,
+                                              tx_type,
+                                              source_asset,
+                                              destination_asset_types,
+                                              inamounts,
+                                              outamounts,
+                                              fee,
+                                              mixRing,
+                                              amount_keys,
+                                              index,
+                                              outSk,
+                                              rct_config,
+                                              hwdev,
+                                              rct::sk2rct(x_change),
+                                              change_index,
+                                              key_yF
+                                              );
       else
         tx.rct_signatures = rct::genRct(rct::hash2rct(tx_prefix_hash), inSk, destinations, outamounts, mixRing, amount_keys, sources[0].real_output, outSk, rct_config, hwdev); // same index assumption
       memwipe(inSk.data(), inSk.size() * sizeof(rct::ctkey));

src/cryptonote_core/cryptonote_tx_utils.h

@@ -150,6 +150,7 @@ namespace cryptonote
       FIELD(original)
       VARINT_FIELD(amount)
       FIELD(addr)
+      FIELD(asset_type)
       FIELD(is_subaddress)
       FIELD(is_integrated)
       FIELD(is_change)

src/cryptonote_core/tx_pool.cpp

@@ -112,8 +112,8 @@ namespace cryptonote
 
     uint64_t get_transaction_weight_limit(uint8_t version)
     {
-      // from v8, limit a tx to 50% of the minimum block weight
-      if (version >= 8)
+      // from v2, limit a tx to 50% of the minimum block weight
+      if (version >= 2)
         return get_min_block_weight(version) / 2 - CRYPTONOTE_COINBASE_BLOB_RESERVED_SIZE;
       else
         return get_min_block_weight(version) - CRYPTONOTE_COINBASE_BLOB_RESERVED_SIZE;
@@ -259,10 +259,10 @@ namespace cryptonote
       tvc.m_invalid_output = true;
       return false;
     }
-
+    
     // Check the TX type
-    if (tx.type <= cryptonote::transaction_type::UNSET || tx.type > cryptonote::transaction_type::MAX) {
-      LOG_PRINT_L1("Transaction with id= "<< id << " has invalid type " << (uint8_t)tx.type);
+    if (!m_blockchain.check_tx_type_and_version(tx, tvc)) {
+      LOG_PRINT_L1("Transaction with id= "<< id << " has invalid type " << (uint8_t)tx.type << " and/or version " << tx.version);
       tvc.m_verifivation_failed = true;
       return false;
     }

src/cryptonote_core/tx_verification_utils.cpp

@@ -130,7 +130,7 @@ bool ver_rct_non_semantics_simple_cached
     // mixring. Future versions of the protocol may differ in this regard, but if this assumptions
     // holds true in the future, enable the verification hash by modifying the `untested_tx`
     // condition below.
-    const bool untested_tx = tx.version > 2 || tx.rct_signatures.type > rct::RCTTypeBulletproofPlus;
+    const bool untested_tx = tx.version > 3 || tx.rct_signatures.type > rct::RCTTypeFullProofs;
     VER_ASSERT(!untested_tx, "Unknown TX type. Make sure RCT cache works correctly with this type and then enable it in the code here.");
 
     // Don't cache older (or newer) rctSig types

src/device/device_default.cpp

@@ -1,4 +1,4 @@
-// Copyright (c) 2017-2023, The Monero Project
+// Copyright (c) 2017-2024, The Monero Project
 // 
 // All rights reserved.
 // 
@@ -317,13 +317,15 @@ namespace hw {
             {
             // sending change to yourself; derivation = a*R
                 r = generate_key_derivation(txkey_pub, sender_account_keys.m_view_secret_key, derivation);
-                CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to generate_key_derivation(" << txkey_pub << ", " << sender_account_keys.m_view_secret_key << ")");
+                CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to generate_key_derivation(" << txkey_pub << ", <viewkey>)");
             }
             else
             {
             // sending to the recipient; derivation = r*A (or s*C in the subaddress scheme)
-                r = generate_key_derivation(dst_entr.addr.m_view_public_key, dst_entr.is_subaddress && need_additional_txkeys ? additional_txkey.sec : tx_key, derivation);
-                CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to generate_key_derivation(" << dst_entr.addr.m_view_public_key << ", " << (dst_entr.is_subaddress && need_additional_txkeys ? additional_txkey.sec : tx_key) << ")");
+                const crypto::secret_key &tx_privkey{dst_entr.is_subaddress && need_additional_txkeys ? additional_txkey.sec : tx_key};
+                r = generate_key_derivation(dst_entr.addr.m_view_public_key, tx_privkey, derivation);
+                CHECK_AND_ASSERT_MES(r, false, "at creation outs: failed to generate_key_derivation("
+                    << dst_entr.addr.m_view_public_key << ", " << crypto::secret_key_explicit_print_ref{tx_privkey} << ")");
             }
 
             if (need_additional_txkeys)

src/device/device_ledger.cpp

@@ -1929,7 +1929,7 @@ namespace hw {
 
         // ======  Aout, Bout, AKout, C, v, k ======
         kv_offset = data_offset;
-        if (type==rct::RCTTypeBulletproof2 || type==rct::RCTTypeCLSAG || type==rct::RCTTypeBulletproofPlus) {
+        if (type==rct::RCTTypeBulletproof2 || type==rct::RCTTypeCLSAG || type==rct::RCTTypeBulletproofPlus || type==rct::RCTTypeFullProofs) {
           C_offset = kv_offset+ (8)*outputs_size;
         } else {
           C_offset = kv_offset+ (32+32)*outputs_size;
@@ -1946,7 +1946,7 @@ namespace hw {
           offset = set_command_header(INS_VALIDATE, 0x02, i+1);
           //options
           this->buffer_send[offset] = (i==outputs_size-1)? 0x00:0x80 ;
-          this->buffer_send[offset] |= (type==rct::RCTTypeBulletproof2 || type==rct::RCTTypeCLSAG || type==rct::RCTTypeBulletproofPlus)?0x02:0x00;
+          this->buffer_send[offset] |= (type==rct::RCTTypeBulletproof2 || type==rct::RCTTypeCLSAG || type==rct::RCTTypeBulletproofPlus || type==rct::RCTTypeFullProofs)?0x02:0x00;
           offset += 1;
           //is_subaddress
           this->buffer_send[offset] = outKeys.is_subaddress;
@@ -1967,7 +1967,7 @@ namespace hw {
           memmove(this->buffer_send+offset, data+C_offset,32);
           offset += 32;
           C_offset += 32;
-          if (type==rct::RCTTypeBulletproof2 || type==rct::RCTTypeCLSAG || type==rct::RCTTypeBulletproofPlus) {
+          if (type==rct::RCTTypeBulletproof2 || type==rct::RCTTypeCLSAG || type==rct::RCTTypeBulletproofPlus || type==rct::RCTTypeFullProofs) {
             //k
             memset(this->buffer_send+offset, 0, 32);
             offset += 32;

src/hardforks/hardforks.cpp

@@ -35,8 +35,11 @@ const hardfork_t mainnet_hard_forks[] = {
   // version 1 from the start of the blockchain
   { 1, 1, 0, 1341378000 },
 
-  // version 2 starts from block 1000, which is on or around the 20th of March, 2016. Fork time finalised on 2015-09-20. No fork voting occurs for the v2 fork.
-  //{ 2, 1000, 0, 1442763710 },
+  // version 2 starts from block 89800, which is on or around the 4th of November, 2024. Fork time finalised on 2024-10-21. No fork voting occurs for the v2 fork.
+  { 2, 89800, 0, 1729518000 },
+
+  // version 3 starts from block 121100, which is on or around the 19th of December, 2024. Fork time finalised on 2024-12-18. No fork voting occurs for the v3 fork.
+  { 3, 121100, 0, 1734516900 },
 };
 const size_t num_mainnet_hard_forks = sizeof(mainnet_hard_forks) / sizeof(mainnet_hard_forks[0]);
 const uint64_t mainnet_hard_fork_version_1_till = ((uint64_t)-1);
@@ -45,8 +48,11 @@ const hardfork_t testnet_hard_forks[] = {
   // version 1 from the start of the blockchain
   { 1, 1, 0, 1341378000 },
 
-  // version 2 starts from block 1000, which is on or around the 23rd of November, 2015. Fork time finalised on 2015-11-20. No fork voting occurs for the v2 fork.
-  //{ 2, 1000, 0, 1445355000 },
+  // version 2 starts from block 250
+  { 2, 250, 0, 1445355000 },
+
+  // version 3 starts from block 500
+  { 3, 500, 0, 1729518000 },
 };
 const size_t num_testnet_hard_forks = sizeof(testnet_hard_forks) / sizeof(testnet_hard_forks[0]);
 const uint64_t testnet_hard_fork_version_1_till = ((uint64_t)-1);

src/multisig/multisig.cpp

@@ -84,13 +84,15 @@ namespace multisig
   }
   //----------------------------------------------------------------------------------------------------------------------
   bool generate_multisig_composite_key_image(const cryptonote::account_keys &keys,
-    const std::unordered_map<crypto::public_key, cryptonote::subaddress_index> &subaddresses,
-    const crypto::public_key &out_key,
-    const crypto::public_key &tx_public_key,
-    const std::vector<crypto::public_key> &additional_tx_public_keys,
-    std::size_t real_output_index,
-    const std::vector<crypto::key_image> &pkis,
-    crypto::key_image &ki)
+                                             const std::unordered_map<crypto::public_key, cryptonote::subaddress_index> &subaddresses,
+                                             const crypto::public_key &out_key,
+                                             const crypto::public_key &tx_public_key,
+                                             const std::vector<crypto::public_key> &additional_tx_public_keys,
+                                             std::size_t real_output_index,
+                                             const std::vector<crypto::key_image> &pkis,
+                                             crypto::key_image &ki,
+                                             const bool use_origin_data,
+                                             const cryptonote::origin_data& origin_tx_data)
   {
     // create a multisig partial key image
     // KI_partial = ([view key component] + [subaddress component] + [multisig privkeys]) * Hp(output one-time address)
@@ -98,11 +100,7 @@ namespace multisig
     // - later, we add in the components held by other participants
     cryptonote::keypair in_ephemeral;
 
-    // Populate this struct if you want to make use of multisig for Salvium!!!
-    assert(false);
-    cryptonote::origin_data origin_tx_data;
-    
-    if (!cryptonote::generate_key_image_helper(keys, subaddresses, out_key, tx_public_key, additional_tx_public_keys, real_output_index, in_ephemeral, ki, keys.get_device(), true, origin_tx_data))
+    if (!cryptonote::generate_key_image_helper(keys, subaddresses, out_key, tx_public_key, additional_tx_public_keys, real_output_index, in_ephemeral, ki, keys.get_device(), use_origin_data, origin_tx_data))
       return false;
     std::unordered_set<crypto::key_image> used;
 

src/multisig/multisig.h

@@ -59,11 +59,14 @@ namespace multisig
     crypto::public_key &L,
     crypto::public_key &R);
   bool generate_multisig_composite_key_image(const cryptonote::account_keys &keys,
-    const std::unordered_map<crypto::public_key, cryptonote::subaddress_index> &subaddresses,
-    const crypto::public_key &out_key,
-    const crypto::public_key &tx_public_key,
-    const std::vector<crypto::public_key> &additional_tx_public_keys,
-    std::size_t real_output_index,
-    const std::vector<crypto::key_image> &pkis,
-    crypto::key_image &ki);
+                                             const std::unordered_map<crypto::public_key, cryptonote::subaddress_index> &subaddresses,
+                                             const crypto::public_key &out_key,
+                                             const crypto::public_key &tx_public_key,
+                                             const std::vector<crypto::public_key> &additional_tx_public_keys,
+                                             std::size_t real_output_index,
+                                             const std::vector<crypto::key_image> &pkis,
+                                             crypto::key_image &ki,
+                                             const bool use_origin_data,
+                                             const cryptonote::origin_data& origin_tx_data
+                                             );
 } //namespace multisig

src/multisig/multisig_tx_builder_ringct.cpp

@@ -58,6 +58,67 @@
 
 namespace multisig {
 
+  rct::key sm(rct::key y, int n, const rct::key &x)
+  {
+    while (n--)
+      sc_mul(y.bytes, y.bytes, y.bytes);
+    sc_mul(y.bytes, y.bytes, x.bytes);
+    return y;
+  }
+
+  // Compute the inverse of a scalar, the clever way
+  rct::key invert(const rct::key &x)
+  {
+    rct::key _1, _10, _100, _11, _101, _111, _1001, _1011, _1111;
+
+    _1 = x;
+    sc_mul(_10.bytes, _1.bytes, _1.bytes);
+    sc_mul(_100.bytes, _10.bytes, _10.bytes);
+    sc_mul(_11.bytes, _10.bytes, _1.bytes);
+    sc_mul(_101.bytes, _10.bytes, _11.bytes);
+    sc_mul(_111.bytes, _10.bytes, _101.bytes);
+    sc_mul(_1001.bytes, _10.bytes, _111.bytes);
+    sc_mul(_1011.bytes, _10.bytes, _1001.bytes);
+    sc_mul(_1111.bytes, _100.bytes, _1011.bytes);
+
+    rct::key inv;
+    sc_mul(inv.bytes, _1111.bytes, _1.bytes);
+
+    inv = sm(inv, 123 + 3, _101);
+    inv = sm(inv, 2 + 2, _11);
+    inv = sm(inv, 1 + 4, _1111);
+    inv = sm(inv, 1 + 4, _1111);
+    inv = sm(inv, 4, _1001);
+    inv = sm(inv, 2, _11);
+    inv = sm(inv, 1 + 4, _1111);
+    inv = sm(inv, 1 + 3, _101);
+    inv = sm(inv, 3 + 3, _101);
+    inv = sm(inv, 3, _111);
+    inv = sm(inv, 1 + 4, _1111);
+    inv = sm(inv, 2 + 3, _111);
+    inv = sm(inv, 2 + 2, _11);
+    inv = sm(inv, 1 + 4, _1011);
+    inv = sm(inv, 2 + 4, _1011);
+    inv = sm(inv, 6 + 4, _1001);
+    inv = sm(inv, 2 + 2, _11);
+    inv = sm(inv, 3 + 2, _11);
+    inv = sm(inv, 3 + 2, _11);
+    inv = sm(inv, 1 + 4, _1001);
+    inv = sm(inv, 1 + 3, _111);
+    inv = sm(inv, 2 + 4, _1111);
+    inv = sm(inv, 1 + 4, _1011);
+    inv = sm(inv, 3, _101);
+    inv = sm(inv, 2 + 4, _1111);
+    inv = sm(inv, 3, _101);
+    inv = sm(inv, 1 + 2, _11);
+
+    // Sanity check for successful inversion
+    rct::key tmp;
+    sc_mul(tmp.bytes, inv.bytes, x.bytes);
+    CHECK_AND_ASSERT_THROW_MES(tmp == rct::identity(), "invert failed");
+    return inv;
+  }
+  
 namespace signing {
 //----------------------------------------------------------------------------------------------------------------------
 //----------------------------------------------------------------------------------------------------------------------
@@ -108,9 +169,12 @@ static bool compute_keys_for_sources(
     if (src.real_output >= src.outputs.size())
       return false;
 
+    /*
     // Populate this struct if you want to make use of multisig for Salvium!!!
     assert(false);
     cryptonote::origin_data origin_tx_data;
+    */
+    bool use_origin_data = (src.origin_tx_data.tx_type != cryptonote::transaction_type::UNSET);
 
     if (not cryptonote::generate_key_image_helper(
       account_keys,
@@ -122,8 +186,8 @@ static bool compute_keys_for_sources(
       tmp_keys,
       tmp_key_image,
       hwdev,
-      true,
-      origin_tx_data
+      use_origin_data,
+      src.origin_tx_data
     )) {
       return false;
     }
@@ -338,27 +402,28 @@ static bool compute_keys_for_destinations(
   std::vector<crypto::secret_key>& tx_aux_secret_keys,
   rct::keyV& output_public_keys,
   rct::keyV& output_amount_secret_keys,
+  std::vector<std::string>& asset_types,
   std::vector<crypto::view_tag>& view_tags,
+  std::vector<uint64_t>& destination_amounts,
+  const cryptonote::transaction_type& tx_type,
+  bool& found_change,
+  std::size_t& change_index,
   cryptonote::transaction& unsigned_tx
 )
 {
   hw::device &hwdev = account_keys.get_device();
 
-  // check non-zero change amount case
-  if (change.amount > 0)
-  {
-    // the change output must be directed to the local account
-    if (change.addr != hwdev.get_subaddress(account_keys, {subaddr_account}))
-      return false;
+  // the change output must be directed to the local account
+  if (change.addr != hwdev.get_subaddress(account_keys, {subaddr_account}))
+    return false;
 
-    // expect the change destination to be in the destination set
-    if (std::find_if(destinations.begin(), destinations.end(),
-        [&change](const auto &destination) -> bool
-        {
-          return destination.addr == change.addr;
-        }) == destinations.end())
-      return false;
-  }
+  // expect the change destination to be in the destination set
+  if (std::find_if(destinations.begin(), destinations.end(),
+                   [&change](const auto &destination) -> bool
+                   {
+                     return destination.addr == change.addr;
+                   }) == destinations.end())
+    return false;
 
   // collect non-change recipients into normal/subaddress buckets
   std::unordered_set<cryptonote::account_public_address> unique_subbaddr_recipients;
@@ -423,12 +488,35 @@ static bool compute_keys_for_destinations(
   }
 
   // additional tx pubkeys: R_t
-  output_public_keys.resize(num_destinations);
-  view_tags.resize(num_destinations);
+  output_public_keys.clear();
+  view_tags.clear();
+  asset_types.clear();
+  destination_amounts.clear();
+  found_change = false;
   std::vector<crypto::public_key> tx_aux_public_keys;
   crypto::public_key temp_output_public_key;
-
+  size_t output_index = 0;
+  uint64_t amount_burnt = 0;
+  uint64_t amount_slippage_limit = 0;
   for (std::size_t i = 0; i < num_destinations; ++i) {
+
+    // Is this a BURN or CONVERT TX?
+    if (tx_type == cryptonote::transaction_type::BURN || tx_type == cryptonote::transaction_type::CONVERT) {
+      // Do not create outputs that are for the destination asset type - discard them as unused
+      if (destinations[i].asset_type == unsigned_tx.destination_asset_type) {
+        amount_burnt += destinations[i].amount;
+        amount_slippage_limit = destinations[i].slippage_limit;
+        continue;
+      }
+    } else if (tx_type == cryptonote::transaction_type::STAKE) {
+      // Do not create outputs that are staked for yield - discard them as unused
+      if (!destinations[i].is_change) {
+        amount_burnt += destinations[i].amount;
+        continue;
+      }
+    }
+
+    crypto::view_tag vt; // Temporary variable to hold the view tag in case we create one
     if (not hwdev.generate_output_ephemeral_keys(
       unsigned_tx.version,
       account_keys,
@@ -436,23 +524,45 @@ static bool compute_keys_for_destinations(
       tx_secret_key,
       destinations[i],
       change.addr,
-      i,
+      output_index,
       need_tx_aux_keys,
       tx_aux_secret_keys,
       tx_aux_public_keys,
       output_amount_secret_keys,
       temp_output_public_key,
       use_view_tags,
-      view_tags[i]  //unused variable if use_view_tags is not set
+      vt
     )) {
       return false;
     }
-    output_public_keys[i] = rct::pk2rct(temp_output_public_key);
+    output_public_keys.push_back(rct::pk2rct(temp_output_public_key));
+    asset_types.push_back(destinations[i].asset_type);
+    if (use_view_tags)
+      view_tags.push_back(vt);
+    destination_amounts.push_back(destinations[i].amount);    
+    if (destinations[i].is_change) {
+      found_change = true;
+      change_index = output_index; // Store the change_index - we will need this
+
+      // Calculate the change spend key (x_change)
+      
+    }    
+    output_index++;
   }
 
-  if (num_destinations != output_amount_secret_keys.size())
-    return false;
+  //if (num_destinations != output_amount_secret_keys.size())
+  //  return false;
 
+  if (reconstruction) {
+    // Verify the values match the unsigned_tx
+    CHECK_AND_ASSERT_MES(amount_burnt == unsigned_tx.amount_burnt, false, "Internal error - amount_burnt does not match unsigned_tx");
+    CHECK_AND_ASSERT_MES(amount_slippage_limit == unsigned_tx.amount_slippage_limit, false, "Internal error - amount_slippage_limit does not match unsigned_tx");
+  } else {
+    // Store the calculated values
+    unsigned_tx.amount_burnt = amount_burnt;
+    unsigned_tx.amount_slippage_limit = amount_slippage_limit;
+  }
+  
   CHECK_AND_ASSERT_MES(
     tx_aux_public_keys.size() == tx_aux_secret_keys.size(),
     false,
@@ -500,7 +610,11 @@ static bool onetime_addresses_are_unique(const rct::keyV& output_public_keys)
 }
 //----------------------------------------------------------------------------------------------------------------------
 //----------------------------------------------------------------------------------------------------------------------
-static bool set_tx_outputs(const rct::keyV& output_public_keys, cryptonote::transaction& unsigned_tx)
+static bool set_tx_outputs(
+  const rct::keyV& output_public_keys,
+  const std::vector<std::string>& asset_types,
+  cryptonote::transaction& unsigned_tx
+)
 {
   // sanity check: all onetime addresses should be unique
   if (not onetime_addresses_are_unique(output_public_keys))
@@ -508,9 +622,11 @@ static bool set_tx_outputs(const rct::keyV& output_public_keys, cryptonote::tran
 
   // set the tx outputs
   const std::size_t num_destinations = output_public_keys.size();
+  CHECK_AND_ASSERT_MES(asset_types.size() == num_destinations, false,
+    "multisig signing protocol: internal error, asset_type array size mismatch.");
   unsigned_tx.vout.resize(num_destinations);
   for (std::size_t i = 0; i < num_destinations; ++i)
-    cryptonote::set_tx_out(0, "SAL", 0, rct::rct2pk(output_public_keys[i]), false, crypto::view_tag{}, unsigned_tx.vout[i]);
+    cryptonote::set_tx_out(0, asset_types[i], 0, rct::rct2pk(output_public_keys[i]), false, crypto::view_tag{}, unsigned_tx.vout[i]);
 
   return true;
 }
@@ -518,6 +634,7 @@ static bool set_tx_outputs(const rct::keyV& output_public_keys, cryptonote::tran
 //----------------------------------------------------------------------------------------------------------------------
 static bool set_tx_outputs_with_view_tags(
   const rct::keyV& output_public_keys,
+  const std::vector<std::string>& asset_types,
   const std::vector<crypto::view_tag>& view_tags,
   cryptonote::transaction& unsigned_tx
 )
@@ -528,11 +645,13 @@ static bool set_tx_outputs_with_view_tags(
 
   // set the tx outputs (with view tags)
   const std::size_t num_destinations = output_public_keys.size();
+  CHECK_AND_ASSERT_MES(asset_types.size() == num_destinations, false,
+    "multisig signing protocol: internal error, asset_type array size mismatch.");
   CHECK_AND_ASSERT_MES(view_tags.size() == num_destinations, false,
     "multisig signing protocol: internal error, view tag size mismatch.");
   unsigned_tx.vout.resize(num_destinations);
   for (std::size_t i = 0; i < num_destinations; ++i)
-    cryptonote::set_tx_out(0, "SAL", 0, rct::rct2pk(output_public_keys[i]), true, view_tags[i], unsigned_tx.vout[i]);
+    cryptonote::set_tx_out(0, asset_types[i], 0, rct::rct2pk(output_public_keys[i]), true, view_tags[i], unsigned_tx.vout[i]);
 
   return true;
 }
@@ -550,6 +669,8 @@ static void make_new_range_proofs(const int bp_version,
     sigs.bulletproofs.push_back(rct::bulletproof_PROVE(output_amounts, output_amount_masks));
   else if (bp_version == 4)
     sigs.bulletproofs_plus.push_back(rct::bulletproof_plus_PROVE(output_amounts, output_amount_masks));
+  else if (bp_version == 5)
+    sigs.bulletproofs_plus.push_back(rct::bulletproof_plus_PROVE(output_amounts, output_amount_masks));
 }
 //----------------------------------------------------------------------------------------------------------------------
 //----------------------------------------------------------------------------------------------------------------------
@@ -585,15 +706,122 @@ static bool try_reconstruct_range_proofs(const int bp_version,
       return false;
     return rct::bulletproof_plus_VERIFY(reconstructed_sigs.bulletproofs_plus);
   }
+  else if (bp_version == 5)
+  {
+    if (not try_reconstruct_range_proofs(original_sigs.bulletproofs_plus, reconstructed_sigs.bulletproofs_plus))
+      return false;
+    return rct::bulletproof_plus_VERIFY(reconstructed_sigs.bulletproofs_plus);
+  }
 
   return false;
 }
 //----------------------------------------------------------------------------------------------------------------------
+static bool set_tx_return_address_information(const uint8_t hf_version,
+                                              const cryptonote::account_keys& account_keys,
+                                              const bool reconstruction,
+                                              size_t change_index,
+                                              crypto::public_key& txkey_pub,
+                                              cryptonote::transaction& unsigned_tx
+                                              )
+{
+  if (unsigned_tx.type == cryptonote::transaction_type::TRANSFER || unsigned_tx.type == cryptonote::transaction_type::STAKE) {
+
+    // Get the output public key for the change output
+    crypto::public_key P_change = crypto::null_pkey;
+    if (unsigned_tx.type == cryptonote::transaction_type::TRANSFER) {
+      if (hf_version >= HF_VERSION_ENABLE_N_OUTS) {
+        CHECK_AND_ASSERT_MES(unsigned_tx.vout.size() >= 2, false, "Internal error - incorrect number of outputs (<2) for TRANSFER tx");
+      } else {
+        CHECK_AND_ASSERT_MES(unsigned_tx.vout.size() == 2, false, "Internal error - incorrect number of outputs (!=2) for TRANSFER tx");
+      }
+    } else if (unsigned_tx.type == cryptonote::transaction_type::STAKE) {
+      CHECK_AND_ASSERT_MES(unsigned_tx.vout.size() == 1, false, "Internal error - incorrect number of outputs (!=1) for STAKE tx");
+    }
+    CHECK_AND_ASSERT_MES(change_index < unsigned_tx.vout.size(), false, "Internal error - invalid change_index");
+    CHECK_AND_ASSERT_MES(cryptonote::get_output_public_key(unsigned_tx.vout[change_index], P_change), false, "Internal error - failed to get TX change output public key");
+    CHECK_AND_ASSERT_MES(P_change != crypto::null_pkey, false, "Internal error - not found TX change output for TRANSFER tx");
+      
+    // Get the uniqueness for this TX
+    crypto::ec_scalar y;
+    struct {
+      char domain_separator[8];
+      crypto::public_key pubkey;
+    } buf;
+    std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+    std::strncpy(buf.domain_separator, "RETURN", 7);
+    buf.pubkey = P_change;
+    crypto::hash_to_scalar(&buf, sizeof(buf), y);
+
+    hw::device& hwdev = account_keys.get_device();
+  
+    // First, we need to produce the multiplicative inverse of the scalar "y" (aka "y^-1")
+    rct::key key_y        = (rct::key&)(y);
+    rct::key key_inv_y    = invert(key_y);
+    crypto::public_key pk_aP_change = rct::rct2pk(rct::scalarmultKey(rct::pk2rct(P_change), rct::sk2rct(account_keys.m_view_secret_key)));
+
+    // Sanity check that we can reverse the invert safely
+    rct::key key_aP_change = rct::pk2rct(pk_aP_change);
+    rct::key key_F         = rct::scalarmultKey(key_aP_change, key_inv_y);
+    rct::key key_verify    = rct::scalarmultKey(key_F, key_y);
+    CHECK_AND_ASSERT_MES(key_verify == key_aP_change, false, "at get_return_address: failed to verify invert() function with smK() approach");
+
+    if (unsigned_tx.type == cryptonote::transaction_type::TRANSFER) {
+
+      // Store the F point - we do not need to generate a full return address in this instance
+      if (not reconstruction)
+        unsigned_tx.return_address = rct::rct2pk(key_F);
+      
+      // Clear the pubkey, because it isn't used
+      if (not reconstruction)
+        unsigned_tx.return_pubkey = crypto::null_pkey;
+
+    } else if (unsigned_tx.type == cryptonote::transaction_type::STAKE) {
+      
+      // CONVERT / YIELD Semantics
+      // From this point forward, we are departing from the original "return address" scheme
+      // We have to derive the full return address and TX pubkey, because PROTOCOL_TX cannot
+
+      // First, create a secret TX key (= s) - this will be lost at the end of this function, but that's OK
+      crypto::secret_key s = cryptonote::keypair::generate(hw::get_device("default")).sec;
+      
+      // Next, calculate the corresponding TX public key (= sP_change)
+      // This has to be done using smK() call because of g_k_d() performing a torsion clear
+      if (not reconstruction)
+        unsigned_tx.return_pubkey = rct::rct2pk(rct::scalarmultKey(rct::pk2rct(P_change), rct::sk2rct(s)));
+
+      // Next, calculate a derivation using the TX public key and our secret view key
+      crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
+      bool r = hwdev.generate_key_derivation(unsigned_tx.return_pubkey, account_keys.m_view_secret_key, derivation);
+      CHECK_AND_ASSERT_MES(r, false, "in get_return_address(): failed to generate_key_derivation(" << unsigned_tx.return_pubkey << ", <view secret key>)");
+
+      // Finally, calculate the onetime address to be used for returns
+      crypto::public_key out_eph_public_key = AUTO_VAL_INIT(out_eph_public_key);
+      r = crypto::derive_public_key(derivation, 0, P_change, out_eph_public_key);
+      CHECK_AND_ASSERT_MES(r, false, "in get_return_address(): failed to derive_public_key(" << derivation << ", " << key_y << ", "<< P_change << ")");
+
+      // Sanity checks
+      crypto::public_key P_change_verify = crypto::null_pkey;
+      r = crypto::derive_subaddress_public_key(out_eph_public_key, derivation, 0, P_change_verify);
+      CHECK_AND_ASSERT_MES(r, false, "in get_return_address(): failed sanity check derive_subaddress_public_key(" << out_eph_public_key << ", " << derivation << ", " << key_y << ", " << P_change_verify << ")");
+      CHECK_AND_ASSERT_MES(P_change == P_change_verify, false, "in get_return_address(): failed sanity check (keys do not match)");
+
+      // All is well - copy the return address
+      if (not reconstruction)
+        unsigned_tx.return_address = out_eph_public_key;
+
+    } else {
+
+      assert(false);
+    }
+  }
+  
+  return true;
+}
 //----------------------------------------------------------------------------------------------------------------------
 static bool set_tx_rct_signatures(
   const std::uint64_t fee,
   const std::vector<cryptonote::tx_source_entry>& sources,
-  const std::vector<cryptonote::tx_destination_entry>& destinations,
+  const std::vector<uint64_t>& destination_amounts,
   const rct::keyV& input_secret_keys,
   const rct::keyV& output_public_keys,
   const rct::keyV& output_amount_secret_keys,
@@ -601,16 +829,20 @@ static bool set_tx_rct_signatures(
   const bool reconstruction,
   cryptonote::transaction& unsigned_tx,
   std::vector<CLSAG_context_t>& CLSAG_contexts,
-  rct::keyV& cached_w
+  rct::keyV& cached_w,
+  const uint8_t change_index,
+  const rct::key& x_change,
+  const rct::key& hs_yF
 )
 {
   if (rct_config.bp_version != 3 &&
-      rct_config.bp_version != 4)
+      rct_config.bp_version != 4 &&
+      rct_config.bp_version != 5)
     return false;
   if (rct_config.range_proof_type != rct::RangeProofPaddedBulletproof)
     return false;
 
-  const std::size_t num_destinations = destinations.size();
+  const std::size_t num_destinations = destination_amounts.size();
   const std::size_t num_sources = sources.size();
 
   // rct_signatures component of tx
@@ -621,6 +853,8 @@ static bool set_tx_rct_signatures(
     rv.type = rct::RCTTypeCLSAG;
   else if (rct_config.bp_version == 4)
     rv.type = rct::RCTTypeBulletproofPlus;
+  else if (rct_config.bp_version == 5)
+    rv.type = rct::RCTTypeFullProofs;
   else
     return false;
   rv.txnFee = fee;
@@ -633,7 +867,7 @@ static bool set_tx_rct_signatures(
   rv.outPk.resize(num_destinations);
   for (std::size_t i = 0; i < num_destinations; ++i) {
     rv.outPk[i].dest = output_public_keys[i];
-    output_amounts[i] = destinations[i].amount;
+    output_amounts[i] = destination_amounts[i];
     output_amount_masks[i] = genCommitmentMask(output_amount_secret_keys[i]);
     rv.ecdhInfo[i].amount = rct::d2h(output_amounts[i]);
     rct::addKeys2(
@@ -677,35 +911,66 @@ static bool set_tx_rct_signatures(
   if (not reconstruction) {
     a.resize(num_sources);
     rv.p.pseudoOuts.resize(num_sources);
-    a[num_sources - 1] = rct::zero();
+    rct::key difference = rct::zero();
+    rct::key sumpouts = rct::zero();
+    rct::key sumouts = rct::zero();
     for (std::size_t i = 0; i < num_destinations; ++i) {
       sc_add(
-        a[num_sources - 1].bytes,
-        a[num_sources - 1].bytes,
+        sumouts.bytes,
+        sumouts.bytes,
         output_amount_masks[i].bytes
       );
     }
-    for (std::size_t i = 0; i < num_sources - 1; ++i) {
+    for (std::size_t i = 0; i < num_sources; ++i) {
       rct::skGen(a[i]);
-      sc_sub(
-        a[num_sources - 1].bytes,
-        a[num_sources - 1].bytes,
+      sc_add(
+        sumpouts.bytes,
+        sumpouts.bytes,
         a[i].bytes
       );
       rct::genC(rv.p.pseudoOuts[i], a[i], sources[i].amount);
     }
-    rct::genC(
-      rv.p.pseudoOuts[num_sources - 1],
-      a[num_sources - 1],
-      sources[num_sources - 1].amount
-    );
+    sc_sub(difference.bytes, sumpouts.bytes, sumouts.bytes);
+    rct::genC(rv.p_r, difference, 0);
+    if (rv.type == rct::RCTTypeFullProofs) {
+      rv.pr_proof = rct::PRProof_Gen(difference);
+#ifdef DBG
+      CHECK_AND_ASSERT_THROW_MES(rct::PRProof_Ver(rv.p_r, rv.pr_proof), "PRProof_Ver() failed on recently created proof");
+#endif
+    }
+
+    /*
+    // Check if spend authority proof is needed (only for TRANSFER TXs)
+    if (unsigned_tx.type == cryptonote::transaction_type::TRANSFER && rv.type == rct::RCTTypeFullProofs) {
+      rv.sa_proof = rct::SAProof_Gen(output_public_keys[change_index], x_change, hs_yF);
+#ifdef DBG
+      CHECK_AND_ASSERT_THROW_MES(rct::SAProof_Ver(rv.sa_proof, output_public_keys[change_index], hs_yF), "SAProof_Ver() failed on recently created proof");
+#endif
+    }
+    */
   }
   // check balance if reconstructing the tx
   else {
     rv.p.pseudoOuts = unsigned_tx.rct_signatures.p.pseudoOuts;
+    if (rv.type == rct::RCTTypeFullProofs) {
+      if (!rct::PRProof_Ver(unsigned_tx.rct_signatures.p_r, unsigned_tx.rct_signatures.pr_proof))
+        return false;
+      rv.p_r = unsigned_tx.rct_signatures.p_r;
+      rv.pr_proof = unsigned_tx.rct_signatures.pr_proof;
+      /*
+      if (!rct::SAProof_Ver(unsigned_tx.rct_signatures.sa_proof, output_public_keys[change_index], hs_yF))
+        return false;
+      rv.sa_proof = unsigned_tx.rct_signatures.sa_proof; // should verify this during reconstruction
+      */
+    } else {
+      rv.p_r = unsigned_tx.rct_signatures.p_r;
+    }
     if (num_sources != rv.p.pseudoOuts.size())
       return false;
     rct::key balance_accumulator = rct::scalarmultH(rct::d2h(fee));
+    rct::key txnAmountBurntKey = rct::scalarmultH(rct::d2h(unsigned_tx.amount_burnt));
+    rct::addKeys(balance_accumulator, balance_accumulator, rv.p_r);
+    rct::addKeys(balance_accumulator, balance_accumulator, txnAmountBurntKey);
     for (const auto& e: rv.outPk)
       rct::addKeys(balance_accumulator, balance_accumulator, e.mask);
     for (const auto& pseudoOut: rv.p.pseudoOuts)
@@ -828,6 +1093,8 @@ tx_builder_ringct_t::~tx_builder_ringct_t()
 bool tx_builder_ringct_t::init(
   const cryptonote::account_keys& account_keys,
   const std::vector<std::uint8_t>& extra,
+  const cryptonote::transaction_type& tx_type,
+  const std::uint8_t hf_version,
   const std::uint64_t unlock_time,
   const std::uint32_t subaddr_account,
   const std::set<std::uint32_t>& subaddr_minor_indices,
@@ -860,9 +1127,20 @@ bool tx_builder_ringct_t::init(
   // decide if view tags are needed
   const bool use_view_tags{view_tag_required(rct_config.bp_version)};
 
+  // Configure the correct TX version for the current HF + TX type
+  if (hf_version >= HF_VERSION_ENABLE_N_OUTS && tx_type == cryptonote::transaction_type::TRANSFER) {
+    unsigned_tx.version = TRANSACTION_VERSION_N_OUTS;
+  } else {
+    unsigned_tx.version = 2;
+  }
   // misc. fields
-  unsigned_tx.version = 2;  //rct = 2
   unsigned_tx.unlock_time = unlock_time;
+  unsigned_tx.type = (tx_type == cryptonote::transaction_type::RETURN) ? cryptonote::TRANSFER : tx_type;
+  unsigned_tx.source_asset_type = "SAL";
+  if (tx_type == cryptonote::transaction_type::BURN)
+    unsigned_tx.destination_asset_type = "BURN";
+  else
+    unsigned_tx.destination_asset_type = "SAL";
 
   // sort inputs
   sort_sources(sources);
@@ -899,7 +1177,11 @@ bool tx_builder_ringct_t::init(
   // prepare outputs
   rct::keyV output_public_keys;
   rct::keyV output_amount_secret_keys;
+  std::vector<std::string> asset_types;
   std::vector<crypto::view_tag> view_tags;
+  std::vector<uint64_t> destination_amounts;
+  bool found_change{false};
+  std::size_t change_index;
   auto output_amount_secret_keys_wiper = epee::misc_utils::create_scope_leave_handler([&]{
     memwipe(static_cast<rct::key *>(output_amount_secret_keys.data()), output_amount_secret_keys.size() * sizeof(rct::key));
   });
@@ -915,26 +1197,137 @@ bool tx_builder_ringct_t::init(
       tx_aux_secret_keys,
       output_public_keys,
       output_amount_secret_keys,
+      asset_types,
       view_tags,
+      destination_amounts,
+      tx_type,
+      found_change,
+      change_index,
       unsigned_tx))
     return false;
 
+  // Check that the change element was found
+  if (!found_change)
+    return false;
+
+  // 
+  
   // add inputs to tx
   set_tx_inputs(sources, unsigned_tx);
 
   // add output one-time addresses to tx
   bool set_tx_outputs_result{false};
   if (use_view_tags)
-    set_tx_outputs_result = set_tx_outputs_with_view_tags(output_public_keys, view_tags, unsigned_tx);
+    set_tx_outputs_result = set_tx_outputs_with_view_tags(output_public_keys, asset_types, view_tags, unsigned_tx);
   else
-    set_tx_outputs_result = set_tx_outputs(output_public_keys, unsigned_tx);
+    set_tx_outputs_result = set_tx_outputs(output_public_keys, asset_types, unsigned_tx);
 
   if (not set_tx_outputs_result)
     return false;
 
+  rct::key hs_yF;
+  rct::key x_change;
+  if (hf_version >= HF_VERSION_ENABLE_N_OUTS && unsigned_tx.type == cryptonote::transaction_type::TRANSFER) {
+    
+    // Get the output public key for the change output
+    crypto::public_key P_change = crypto::null_pkey;
+    CHECK_AND_ASSERT_MES(unsigned_tx.vout.size() >= 2, false, "Internal error - too few outputs for multisig TRANSFER tx");
+    CHECK_AND_ASSERT_MES(cryptonote::get_output_public_key(unsigned_tx.vout[change_index], P_change), false, "Internal error - failed to get multisig TX change output public key");
+    CHECK_AND_ASSERT_MES(P_change != crypto::null_pkey, false, "Internal error - not found TX change output for multisig TRANSFER tx");
+
+    // Calculate the F points and change mask for every destination
+    for (size_t op_index=0; op_index<unsigned_tx.vout.size(); ++op_index) {
+
+      // Calculate the y value for return_payment support
+      crypto::ec_scalar y;
+      struct {
+        char domain_separator[8];
+        rct::key amount_key;
+      } buf;
+      std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+      std::strncpy(buf.domain_separator, "RETURN", 7);
+      buf.amount_key = output_amount_secret_keys[op_index];
+      crypto::hash_to_scalar(&buf, sizeof(buf), y);
+        
+      // Now generate the return address EC point
+      // F = (y^-1).a.P_change
+
+      // First, we need to produce the multiplicative inverse of the scalar "y" (aka "y^-1")
+      rct::key key_y        = (rct::key&)(y);
+      rct::key key_inv_y    = invert(key_y);
+      crypto::public_key pk_aP_change = rct::rct2pk(rct::scalarmultKey(rct::pk2rct(P_change), rct::sk2rct(account_keys.m_view_secret_key)));
+
+      // Sanity check that we can reverse the invert safely
+      rct::key key_aP_change = rct::pk2rct(pk_aP_change);
+      rct::key key_F         = rct::scalarmultKey(key_aP_change, key_inv_y);
+      rct::key key_verify    = rct::scalarmultKey(key_F, key_y);
+      CHECK_AND_ASSERT_MES(key_verify == key_aP_change, false, "at get_return_address: failed to verify invert() function with smK() approach");
+      hs_yF = rct::hash_to_scalar(key_verify);
+
+      // Push the F point into the TX vector of F points
+      if (not reconstruction)
+        unsigned_tx.return_address_list.push_back(rct::rct2pk(key_F));
+
+      // Calculate the encrypted_change_index data for this output
+      struct {
+        char domain_separator[8];
+        rct::key amount_key;
+      } eci_buf;
+      std::memset(eci_buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+      std::strncpy(eci_buf.domain_separator, "CHG_IDX", 8);
+      eci_buf.amount_key = output_amount_secret_keys[op_index];
+      crypto::secret_key eci_out;
+      keccak((uint8_t *)&eci_buf, sizeof(eci_buf), (uint8_t*)&eci_out, sizeof(eci_out));
+      uint8_t eci_data = change_index ^ eci_out.data[0];
+      if (not reconstruction)
+        unsigned_tx.return_address_change_mask.push_back(eci_data);
+    }
+
+    if (hf_version >= HF_VERSION_FULL_PROOFS) {
+
+      // Get the secret spend key for the change element
+      crypto::secret_key spend_skey = crypto::null_skey;
+      for (const auto &multisig_key : account_keys.m_multisig_keys) {
+        sc_add((unsigned char*)spend_skey.data,
+               (const unsigned char*)multisig_key.data,
+               (const unsigned char*)spend_skey.data);
+      }
+      
+      // Calculate z_i (the shared secret between sender and ourselves for the original TX)
+      crypto::public_key txkey_pub = crypto::null_pkey; // R
+      const std::vector<crypto::public_key> in_additional_tx_pub_keys = cryptonote::get_additional_tx_pub_keys_from_extra(unsigned_tx);
+      if (in_additional_tx_pub_keys.size() != 0) {
+        CHECK_AND_ASSERT_MES(in_additional_tx_pub_keys.size() == unsigned_tx.vout.size(), false, "incorrect number of additional TX pubkeys in origin TX for return_payment");
+        txkey_pub = in_additional_tx_pub_keys[change_index];
+      } else {
+        txkey_pub = cryptonote::get_tx_pub_key_from_extra(unsigned_tx);
+      }
+      
+      // Obtain a separate key_derivation for the P_change output
+      //    (using the TX public key and the sender's private view key)
+      hw::device &hwdev = account_keys.get_device();
+      crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
+      CHECK_AND_ASSERT_MES(hwdev.generate_key_derivation(txkey_pub, account_keys.m_view_secret_key, derivation), false, "Failed to generate key_derivation for P_change");
+        
+      // Calculate the secret spend key "x_change" for the P_change output
+      crypto::secret_key s_change = crypto::null_skey;
+      CHECK_AND_ASSERT_MES(hwdev.derive_secret_key(derivation, change_index, spend_skey, s_change), false, "Failed to derive secret key for P_change");
+      x_change = rct::sk2rct(s_change);
+    }
+
+  } else if (unsigned_tx.type == cryptonote::transaction_type::TRANSFER || unsigned_tx.type == cryptonote::transaction_type::STAKE) {
+
+    // Get the tx public key
+    crypto::public_key txkey_pub = crypto::null_pkey;
+    
+    // Calculate the return_address information needed
+    if (not set_tx_return_address_information(hf_version, account_keys, reconstruction, change_index, txkey_pub, unsigned_tx))
+      return false;
+  }
+
   // prepare input signatures
-  if (not set_tx_rct_signatures(fee, sources, destinations, input_secret_keys, output_public_keys, output_amount_secret_keys,
-      rct_config, reconstruction, unsigned_tx, CLSAG_contexts, cached_w))
+  if (not set_tx_rct_signatures(fee, sources, destination_amounts, input_secret_keys, output_public_keys, output_amount_secret_keys,
+                                rct_config, reconstruction, unsigned_tx, CLSAG_contexts, cached_w, change_index, x_change, hs_yF))
     return false;
 
   initialized = true;

src/multisig/multisig_tx_builder_ringct.h

@@ -29,6 +29,7 @@
 
 #pragma once
 
+#include "cryptonote_protocol/enums.h"
 #include "ringct/rctTypes.h"
 
 #include <set>
@@ -71,6 +72,8 @@ public:
   bool init(
     const cryptonote::account_keys& account_keys,
     const std::vector<std::uint8_t>& extra,
+    const cryptonote::transaction_type& type,
+    const std::uint8_t hf_version,
     const std::uint64_t unlock_time,
     const std::uint32_t subaddr_account,
     const std::set<std::uint32_t>& subaddr_minor_indices,

src/p2p/net_node.inl

@@ -705,9 +705,9 @@ namespace nodetool
     std::set<std::string> full_addrs;
     if (m_nettype == cryptonote::TESTNET)
     {
-      full_addrs.insert("152.42.130.46:29080");
-      full_addrs.insert("45.55.138.87:29080");
-      full_addrs.insert("209.97.164.15:29080");
+      full_addrs.insert("72.5.43.63:29080");
+      full_addrs.insert("195.85.114.217:29080");
+      full_addrs.insert("206.188.197.72:29080");
     }
     else if (m_nettype == cryptonote::STAGENET)
     {
@@ -720,9 +720,9 @@ namespace nodetool
     }
     else
     {
-      full_addrs.insert("152.42.130.46:19080");
-      full_addrs.insert("45.55.138.87:19080");
-      full_addrs.insert("209.97.164.15:19080");
+      full_addrs.insert("193.149.187.26:19080");
+      full_addrs.insert("67.217.228.15:19080");
+      full_addrs.insert("216.245.184.4:19080");
     }
     return full_addrs;
   }

src/ringct/rctSigs.cpp

@@ -521,7 +521,45 @@ namespace rct {
         sc_sub(c.bytes, c_old.bytes, rv.cc.bytes);
         return sc_isnonzero(c.bytes) == 0;  
     }
-    
+
+    zk_proof PRProof_Gen(const rct::key &difference) {
+        zk_proof proof;
+
+        // Generate a random scalar for blinding
+        rct::key r = rct::skGen();
+        
+        // Compute R = r * G
+        proof.R = rct::scalarmultBase(r);
+        
+        // Compute the commitment to the difference
+        rct::key comm_diff;
+        genC(comm_diff, difference, 0);
+        
+        // Calculate challenge c = H_p(R)
+        std::vector<rct::key> keys{proof.R, comm_diff};
+        rct::key c = rct::hash_to_scalar(keys);
+        
+        // Calculate response z = r + c * difference
+        sc_muladd(proof.z1.bytes, difference.bytes, c.bytes, r.bytes);
+        proof.z2 = rct::zero();
+        
+        return proof;
+    }
+
+    bool PRProof_Ver(const rct::key &C, const zk_proof &proof) {
+        // Compute challenge c = H_p(R)
+        std::vector<rct::key> keys{proof.R, C};
+        rct::key c = rct::hash_to_scalar(keys);
+        
+        // Recalculate R' = z * G - c * C (where C is the commitment rv.p_r)
+        rct::key zG = rct::scalarmultBase(proof.z1);
+        rct::key cC = rct::scalarmultKey(C, c);
+        rct::key R_prime;
+        rct::subKeys(R_prime, zG, cC);
+
+        // Verify R' ?= R
+        return rct::equalKeys(R_prime, proof.R);
+    }  
 
 
     //proveRange and verRange
@@ -639,7 +677,7 @@ namespace rct {
           kv.push_back(p.t);
         }
       }
-      else if (rv.type == RCTTypeBulletproofPlus)
+      else if (rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs)
       {
         kv.reserve((6*2+6) * rv.p.bulletproofs_plus.size());
         for (const auto &p: rv.p.bulletproofs_plus)
@@ -1032,6 +1070,55 @@ namespace rct {
         return index;
     }
 
+  zk_proof SAProof_Gen(const key &P, const key &x_change, const key &key_yF) {
+
+    // Sanity checks for inputs
+    CHECK_AND_ASSERT_THROW_MES(!rct::equalKeys(P, rct::zero()), "SAProof_Gen() failed - invalid public key provided");
+    CHECK_AND_ASSERT_THROW_MES(!rct::equalKeys(x_change, rct::zero()), "SAProof_Gen() failed - invalid x_change key provided");
+    CHECK_AND_ASSERT_THROW_MES(!rct::equalKeys(key_yF, rct::zero()), "SAProof_Gen() failed - invalid shared secret key provided");
+    
+    // Declare a return structure
+    zk_proof proof{};
+    proof.z2 = rct::zero();
+
+    // Calculate a random r value and calculate a commitment R for it
+    rct::key r = rct::skGen();
+    proof.R = rct::scalarmultBase(r);
+
+    // Calculate the challenge hash from the commitment plus the pubkey plus the shared secret
+    keyV challenge_keys{proof.R, P, key_yF};
+    rct::key c = rct::hash_to_scalar(challenge_keys);
+
+    rct::key z_x;
+    sc_muladd(z_x.bytes, x_change.bytes, c.bytes, r.bytes);
+    proof.z1 = z_x;
+
+    // Return the proof to the caller
+    return proof;
+  }
+
+  bool SAProof_Ver(const zk_proof &proof, const key &P, const key &key_yF) {
+    
+    // Sanity checks for inputs
+    CHECK_AND_ASSERT_THROW_MES(!rct::equalKeys(P, rct::zero()), "SAProof_Ver() failed - invalid public key provided");
+    CHECK_AND_ASSERT_THROW_MES(!rct::equalKeys(key_yF, rct::zero()), "SAProof_Ver() failed - invalid shared secret key provided");
+
+    // Recompute the challenge hash
+    keyV challenge_keys{proof.R, P, key_yF};
+    rct::key c = rct::hash_to_scalar(challenge_keys);
+
+    // Recalculate the expected commitment using the formula: z_x * G = R + c * P
+    rct::key expected_commitment = rct::addKeys(proof.R, rct::scalarmultKey(P, c));
+
+    // Verify z_x * G matches the expected commitment
+    if (!rct::equalKeys(rct::scalarmultBase(proof.z1), expected_commitment)) {
+        return false; // Verification failed
+    }
+
+    // All checks passed
+    return true;
+  }
+  
     //RingCT protocol
     //genRct: 
     //   creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the
@@ -1074,7 +1161,7 @@ namespace rct {
             //mask amount and mask
             rv.ecdhInfo[i].mask = copy(outSk[i].mask);
             rv.ecdhInfo[i].amount = d2h(amounts[i]);
-            hwdev.ecdhEncode(rv.ecdhInfo[i], amount_keys[i], rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus);
+            hwdev.ecdhEncode(rv.ecdhInfo[i], amount_keys[i], rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs);
         }
 
         //set txn fee
@@ -1104,22 +1191,25 @@ namespace rct {
     //RCT simple    
     //for post-rct only
     rctSig genRctSimple(
-      const key &message,
-      const ctkeyV & inSk,
-      const keyV & destinations,
-      const cryptonote::transaction_type tx_type,
-      const std::string& in_asset_type,
-      const std::vector<std::string> & destination_asset_types,
-      const std::vector<bool> &zero_masks,
-      const std::vector<xmr_amount> &inamounts,
-      const std::vector<xmr_amount> &outamounts,
-      xmr_amount txnFee,
-      const ctkeyM & mixRing,
-      const keyV &amount_keys,
-      const std::vector<unsigned int> & index,
-      ctkeyV &outSk,
-      const RCTConfig &rct_config,
-      hw::device &hwdev)
+                        const key &message,
+                        const ctkeyV & inSk,
+                        const keyV & destinations,
+                        const cryptonote::transaction_type tx_type,
+                        const std::string& in_asset_type,
+                        const std::vector<std::string> & destination_asset_types,
+                        const std::vector<xmr_amount> &inamounts,
+                        const std::vector<xmr_amount> &outamounts,
+                        xmr_amount txnFee,
+                        const ctkeyM & mixRing,
+                        const keyV &amount_keys,
+                        const std::vector<unsigned int> & index,
+                        ctkeyV &outSk,
+                        const RCTConfig &rct_config,
+                        hw::device &hwdev,
+                        const key &x_change,
+                        const size_t change_index,
+                        const key &key_yF
+                        )
     {
         const bool bulletproof_or_plus = rct_config.range_proof_type > RangeProofBorromean;
         CHECK_AND_ASSERT_THROW_MES(destination_asset_types.size() == destinations.size(), "Different number of amount_keys/destinations");
@@ -1127,7 +1217,6 @@ namespace rct {
         CHECK_AND_ASSERT_THROW_MES(inamounts.size() == inSk.size(), "Different number of inamounts/inSk");
         CHECK_AND_ASSERT_THROW_MES(outamounts.size() == destinations.size(), "Different number of amounts/destinations");
         CHECK_AND_ASSERT_THROW_MES(amount_keys.size() == destinations.size(), "Different number of amount_keys/destinations");
-        CHECK_AND_ASSERT_THROW_MES(zero_masks.size() == destinations.size(), "Different number of zero_masks/destinations");
         CHECK_AND_ASSERT_THROW_MES(index.size() == inSk.size(), "Different number of index/inSk");
         CHECK_AND_ASSERT_THROW_MES(mixRing.size() == inSk.size(), "Different number of mixRing/inSk");
         for (size_t n = 0; n < mixRing.size(); ++n) {
@@ -1143,6 +1232,9 @@ namespace rct {
             case 4:
               rv.type = RCTTypeBulletproofPlus;
               break;
+            case 5:
+              rv.type = RCTTypeFullProofs;
+              break;
             default:
               ASSERT_MES_AND_THROW("Unsupported BP version: " << rct_config.bp_version);
           }
@@ -1259,7 +1351,7 @@ namespace rct {
             //mask amount and mask
             rv.ecdhInfo[i].mask = copy(outSk[i].mask);
             rv.ecdhInfo[i].amount = d2h(outamounts[i]);
-            hwdev.ecdhEncode(rv.ecdhInfo[i], amount_keys[i], rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus);
+            hwdev.ecdhEncode(rv.ecdhInfo[i], amount_keys[i], rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs);
         }
             
         //set txn fee
@@ -1284,7 +1376,23 @@ namespace rct {
         sc_sub(difference.bytes, sumpouts.bytes, sumout.bytes);
         genC(rv.p_r, difference, 0);
         DP(rv.p_r);
+        if (rv.type == RCTTypeFullProofs) {
+          rv.pr_proof = PRProof_Gen(difference);
+#ifdef DBG
+          CHECK_AND_ASSERT_THROW_MES(PRProof_Ver(rv.p_r, rv.pr_proof), "PRProof_Ver() failed on recently created proof");
+#endif
+        }
 
+        /*
+        // Check if spend authority proof is needed (only for TRANSFER TXs)
+        if (tx_type == cryptonote::transaction_type::TRANSFER && rv.type == rct::RCTTypeFullProofs) {
+          rv.sa_proof = SAProof_Gen(destinations[change_index], x_change, key_yF);
+#ifdef DBG
+          CHECK_AND_ASSERT_THROW_MES(SAProof_Ver(rv.sa_proof, destinations[change_index], key_yF), "SAProof_Ver() failed on recently created proof");
+#endif
+        }
+        */
+        
         key full_message = get_pre_mlsag_hash(rv,hwdev);
 
         for (i = 0 ; i < inamounts.size(); i++)
@@ -1301,25 +1409,28 @@ namespace rct {
                 rv.p.MGs[i] = proveRctMGSimple(full_message, rv.mixRing[i], inSk[i], a[i], pseudoOuts[i], index[i], hwdev);
             }
         }
+
         return rv;
     }
 
     rctSig genRctSimple(
-      const key &message,
-      const ctkeyV & inSk,
-      const ctkeyV & inPk,
-      const keyV & destinations,
-      const cryptonote::transaction_type tx_type,
-      const std::string& in_asset_type,
-      const std::vector<std::string> & destination_asset_types,
-      const std::vector<bool> &zero_masks,
-      const std::vector<xmr_amount> &inamounts,
-      const std::vector<xmr_amount> &outamounts,
-      const keyV &amount_keys,
-      xmr_amount txnFee,
-      unsigned int mixin,
-      const RCTConfig &rct_config,
-      hw::device &hwdev
+                        const key &message,
+                        const ctkeyV & inSk,
+                        const ctkeyV & inPk,
+                        const keyV & destinations,
+                        const cryptonote::transaction_type tx_type,
+                        const std::string& in_asset_type,
+                        const std::vector<std::string> & destination_asset_types,
+                        const std::vector<xmr_amount> &inamounts,
+                        const std::vector<xmr_amount> &outamounts,
+                        const keyV &amount_keys,
+                        xmr_amount txnFee,
+                        unsigned int mixin,
+                        const RCTConfig &rct_config,
+                        hw::device &hwdev,
+                        const key &x_change,
+                        const size_t change_index,
+                        const key &key_yF
     ) {
         std::vector<unsigned int> index;
         index.resize(inPk.size());
@@ -1330,7 +1441,7 @@ namespace rct {
           mixRing[i].resize(mixin+1);
           index[i] = populateFromBlockchainSimple(mixRing[i], inPk[i], mixin);
         }
-        return genRctSimple(message, inSk, destinations, tx_type, in_asset_type, destination_asset_types, zero_masks, inamounts, outamounts, txnFee, mixRing, amount_keys, index, outSk, rct_config, hwdev);
+        return genRctSimple(message, inSk, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, outamounts, txnFee, mixRing, amount_keys, index, outSk, rct_config, hwdev, x_change, change_index, key_yF);
     }
 
     //RingCT protocol
@@ -1419,8 +1530,10 @@ namespace rct {
         std::vector<const BulletproofPlus*> bpp_proofs;
         size_t max_non_bp_proofs = 0, offset = 0;
 
-        CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus,
+        CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs,
                              false, "verRctSemanticsSimple called on non simple rctSig");
+        if (rv.type == RCTTypeFullProofs)
+          CHECK_AND_ASSERT_MES(PRProof_Ver(rv.p_r, rv.pr_proof), false, "Invalid p_r commitment to difference");
         const bool bulletproof = is_rct_bulletproof(rv.type);
         const bool bulletproof_plus = is_rct_bulletproof_plus(rv.type);
         if (bulletproof || bulletproof_plus)
@@ -1543,7 +1656,7 @@ namespace rct {
       {
         PERF_TIMER(verRctNonSemanticsSimple);
 
-        CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus,
+        CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs,
             false, "verRctNonSemanticsSimple called on non simple rctSig");
         const bool bulletproof = is_rct_bulletproof(rv.type);
         const bool bulletproof_plus = is_rct_bulletproof_plus(rv.type);
@@ -1615,7 +1728,7 @@ namespace rct {
 
         //mask amount and mask
         ecdhTuple ecdh_info = rv.ecdhInfo[i];
-        hwdev.ecdhDecode(ecdh_info, sk, rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus);
+        hwdev.ecdhDecode(ecdh_info, sk, rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs);
         mask = ecdh_info.mask;
         key amount = ecdh_info.amount;
         key C = rv.outPk[i].mask;
@@ -1639,14 +1752,14 @@ namespace rct {
     }
 
     xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask, hw::device &hwdev) {
-        CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus,
+        CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs,
             false, "decodeRct called on non simple rctSig");
         CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index");
         CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.ecdhInfo.size(), "Mismatched sizes of rv.outPk and rv.ecdhInfo");
 
         //mask amount and mask
         ecdhTuple ecdh_info = rv.ecdhInfo[i];
-        hwdev.ecdhDecode(ecdh_info, sk, rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus);
+        hwdev.ecdhDecode(ecdh_info, sk, rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus || rv.type == RCTTypeFullProofs);
         mask = ecdh_info.mask;
         key amount = ecdh_info.amount;
         key C = rv.outPk[i].mask;

src/ringct/rctSigs.h

@@ -85,6 +85,12 @@ namespace rct {
     clsag proveRctCLSAGSimple(const key &, const ctkeyV &, const ctkey &, const key &, const key &, unsigned int, hw::device &);
     bool verRctCLSAGSimple(const key &, const clsag &, const ctkeyV &, const key &);
 
+    zk_proof PRProof_Gen(const rct::key &difference);
+    bool PRProof_Ver(const rct::key &C, const zk_proof &proof);
+  
+    zk_proof SAProof_Gen(const key &P, const key &x_change, const key &key_yF);
+    bool SAProof_Ver(const zk_proof &proof, const key &P, const key &key_yF);
+  
     //proveRange and verRange
     //proveRange gives C, and mask such that \sumCi = C
     //   c.f. https://eprint.iacr.org/2015/1098 section 5.1
@@ -136,14 +142,16 @@ namespace rct {
         const cryptonote::transaction_type tx_type,
         const std::string& in_asset_type,
         const std::vector<std::string> & destination_asset_types,
-        const std::vector<bool> &zero_masks,
         const std::vector<xmr_amount> & inamounts,
         const std::vector<xmr_amount> & outamounts,
         const keyV &amount_keys,
         xmr_amount txnFee,
         unsigned int mixin,
         const RCTConfig &rct_config,
-        hw::device &hwdev
+        hw::device &hwdev,
+        const key &x_change = rct::zero(),
+        const size_t change_index = 0,
+        const key &key_yF = rct::zero()
     );
     rctSig genRctSimple(
         const key & message,
@@ -152,7 +160,6 @@ namespace rct {
         const cryptonote::transaction_type tx_type,
         const std::string& in_asset_type,
         const std::vector<std::string> & destination_asset_types,
-        const std::vector<bool> &zero_masks,
         const std::vector<xmr_amount> & inamounts,
         const std::vector<xmr_amount> & outamounts,
         xmr_amount txnFee,
@@ -161,7 +168,10 @@ namespace rct {
         const std::vector<unsigned int> & index,
         ctkeyV &outSk,
         const RCTConfig &rct_config,
-        hw::device &hwdev
+        hw::device &hwdev,
+        const key &x_change = rct::zero(),
+        const size_t change_index = 0,
+        const key &key_yF = rct::zero()
     );
     bool verRct(const rctSig & rv, bool semantics);
     static inline bool verRct(const rctSig & rv) { return verRct(rv, true) && verRct(rv, false); }

src/ringct/rctTypes.cpp

@@ -197,6 +197,7 @@ namespace rct {
             case RCTTypeBulletproof2:
             case RCTTypeCLSAG:
             case RCTTypeBulletproofPlus:
+            case RCTTypeFullProofs:
                 return true;
             default:
                 return false;
@@ -221,6 +222,7 @@ namespace rct {
         switch (type)
         {
             case RCTTypeBulletproofPlus:
+            case RCTTypeFullProofs:
                 return true;
             default:
                 return false;
@@ -245,6 +247,7 @@ namespace rct {
         {
             case RCTTypeCLSAG:
             case RCTTypeBulletproofPlus:
+            case RCTTypeFullProofs:
                 return true;
             default:
                 return false;

src/ringct/rctTypes.h

@@ -90,6 +90,18 @@ namespace rct {
     typedef std::vector<key> keyV; //vector of keys
     typedef std::vector<keyV> keyM; //matrix of keys (indexed by column first)
 
+    struct zk_proof {
+        key R; // Commitment
+        key z1; // Response
+        key z2; // Response
+
+        BEGIN_SERIALIZE_OBJECT()
+          FIELD(R)
+          FIELD(z1)
+          FIELD(z2)
+        END_SERIALIZE()
+    };
+
     //containers For CT operations
     //if it's  representing a private ctkey then "dest" contains the secret key of the address
     // while "mask" contains a where C = aG + bH is CT pedersen commitment and b is the amount
@@ -304,6 +316,7 @@ namespace rct {
       RCTTypeBulletproof2 = 4,
       RCTTypeCLSAG = 5,
       RCTTypeBulletproofPlus = 6,
+      RCTTypeFullProofs = 7
     };
     enum RangeProofType { RangeProofBorromean, RangeProofBulletproof, RangeProofMultiOutputBulletproof, RangeProofPaddedBulletproof };
     struct RCTConfig {
@@ -326,9 +339,11 @@ namespace rct {
         ctkeyV outPk;
         xmr_amount txnFee; // contains b
         key p_r;
+        zk_proof pr_proof; // p_r 
+        zk_proof sa_proof; // spend authority proof
 
         rctSigBase() :
-          type(RCTTypeNull), message{}, mixRing{}, pseudoOuts{}, ecdhInfo{}, outPk{}, txnFee(0)
+          type(RCTTypeNull), message{}, mixRing{}, pseudoOuts{}, ecdhInfo{}, outPk{}, txnFee(0), p_r{}, pr_proof{}, sa_proof{}
         {}
 
         template<bool W, template <bool> class Archive>
@@ -337,7 +352,7 @@ namespace rct {
           FIELD(type)
           if (type == RCTTypeNull)
             return ar.good();
-          if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus)
+          if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus && type != RCTTypeFullProofs)
             return false;
           VARINT_FIELD(txnFee)
           // inputs/outputs not saved, only here for serialization help
@@ -366,7 +381,7 @@ namespace rct {
             return false;
           for (size_t i = 0; i < outputs; ++i)
           {
-            if (type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus)
+            if (type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
             {
               // Since RCTTypeBulletproof2 enote types, we don't serialize the blinding factor, and only serialize the
               // first 8 bytes of ecdhInfo[i].amount
@@ -403,6 +418,11 @@ namespace rct {
           }
           ar.end_array();
           FIELD(p_r)
+          if (type == RCTTypeFullProofs)
+          {
+            FIELD(pr_proof)
+            FIELD(sa_proof)
+          }
           return ar.good();
         }
 
@@ -415,6 +435,10 @@ namespace rct {
           FIELD(outPk)
           VARINT_FIELD(txnFee)
           FIELD(p_r)
+          if (type == RCTTypeFullProofs) {
+            FIELD(pr_proof)
+            FIELD(sa_proof)
+          }
         END_SERIALIZE()
     };
     struct rctSigPrunable {
@@ -437,9 +461,9 @@ namespace rct {
             return false;
           if (type == RCTTypeNull)
             return ar.good();
-          if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus)
+          if (type != RCTTypeFull && type != RCTTypeSimple && type != RCTTypeBulletproof && type != RCTTypeBulletproof2 && type != RCTTypeCLSAG && type != RCTTypeBulletproofPlus && type != RCTTypeFullProofs)
             return false;
-          if (type == RCTTypeBulletproofPlus)
+          if (type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
           {
             uint32_t nbp = bulletproofs_plus.size();
             VARINT_FIELD(nbp)
@@ -496,7 +520,7 @@ namespace rct {
             ar.end_array();
           }
 
-          if (type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus)
+          if (type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
           {
             ar.tag("CLSAGs");
             ar.begin_array();
@@ -587,7 +611,7 @@ namespace rct {
             }
             ar.end_array();
           }
-          if (type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus)
+          if (type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs)
           {
             ar.tag("pseudoOuts");
             ar.begin_array();
@@ -619,12 +643,12 @@ namespace rct {
 
         keyV& get_pseudo_outs()
         {
-          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus ? p.pseudoOuts : pseudoOuts;
+          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs ? p.pseudoOuts : pseudoOuts;
         }
 
         keyV const& get_pseudo_outs() const
         {
-          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus ? p.pseudoOuts : pseudoOuts;
+          return type == RCTTypeBulletproof || type == RCTTypeBulletproof2 || type == RCTTypeCLSAG || type == RCTTypeBulletproofPlus || type == RCTTypeFullProofs ? p.pseudoOuts : pseudoOuts;
         }
 
         BEGIN_SERIALIZE_OBJECT()
@@ -795,6 +819,7 @@ VARIANT_TAG(debug_archive, rct::multisig_kLRki, "rct::multisig_kLRki");
 VARIANT_TAG(debug_archive, rct::multisig_out, "rct::multisig_out");
 VARIANT_TAG(debug_archive, rct::clsag, "rct::clsag");
 VARIANT_TAG(debug_archive, rct::BulletproofPlus, "rct::bulletproof_plus");
+VARIANT_TAG(debug_archive, rct::zk_proof, "rct::zk_proof");
 
 VARIANT_TAG(binary_archive, rct::key, 0x90);
 VARIANT_TAG(binary_archive, rct::key64, 0x91);
@@ -813,6 +838,7 @@ VARIANT_TAG(binary_archive, rct::multisig_kLRki, 0x9d);
 VARIANT_TAG(binary_archive, rct::multisig_out, 0x9e);
 VARIANT_TAG(binary_archive, rct::clsag, 0x9f);
 VARIANT_TAG(binary_archive, rct::BulletproofPlus, 0xa0);
+VARIANT_TAG(binary_archive, rct::zk_proof, 0xa1);
 
 VARIANT_TAG(json_archive, rct::key, "rct_key");
 VARIANT_TAG(json_archive, rct::key64, "rct_key64");
@@ -831,5 +857,6 @@ VARIANT_TAG(json_archive, rct::multisig_kLRki, "rct_multisig_kLR");
 VARIANT_TAG(json_archive, rct::multisig_out, "rct_multisig_out");
 VARIANT_TAG(json_archive, rct::clsag, "rct_clsag");
 VARIANT_TAG(json_archive, rct::BulletproofPlus, "rct_bulletproof_plus");
+VARIANT_TAG(json_archive, rct::zk_proof, "rct_zk_proof");
 
 #endif  /* RCTTYPES_H */

src/rpc/core_rpc_server.cpp

@@ -2998,6 +2998,7 @@ namespace cryptonote
   //------------------------------------------------------------------------------------------------------------------------------
   bool core_rpc_server::on_get_yield_info(const COMMAND_RPC_GET_YIELD_INFO::request& req, COMMAND_RPC_GET_YIELD_INFO::response& res, epee::json_rpc::error& error_resp, const connection_context *ctx)
   {
+    CHECK_CORE_READY();
     PERF_TIMER(on_get_yield_info);
     uint64_t height = m_core.get_current_blockchain_height();
     std::map<uint64_t, yield_block_info> ybi_cache;
@@ -3183,7 +3184,7 @@ namespace cryptonote
       return true;
     }
 
-    static const char software[] = "monero";
+    static const char software[] = "salvium";
 #ifdef BUILD_TAG
     static const char buildtag[] = BOOST_PP_STRINGIZE(BUILD_TAG);
     static const char subdir[] = "cli";
@@ -3204,7 +3205,7 @@ namespace cryptonote
       res.status = "Error checking for updates";
       return true;
     }
-    if (tools::vercmp(version.c_str(), MONERO_VERSION) <= 0)
+    if (tools::vercmp(version.c_str(), SALVIUM_VERSION) <= 0)
     {
       res.update = false;
       res.status = CORE_RPC_STATUS_OK;

src/rpc/rpc_args.cpp

@@ -98,7 +98,7 @@ namespace cryptonote
      , rpc_login({"rpc-login", rpc_args::tr("Specify username[:password] required for RPC server"), "", true})
      , confirm_external_bind({"confirm-external-bind", rpc_args::tr("Confirm rpc-bind-ip value is NOT a loopback (local) IP")})
      , rpc_access_control_origins({"rpc-access-control-origins", rpc_args::tr("Specify a comma separated list of origins to allow cross origin resource sharing"), ""})
-     , rpc_ssl({"rpc-ssl", rpc_args::tr("Enable SSL on RPC connections: enabled|disabled|autodetect"), "autodetect"})
+     , rpc_ssl({"rpc-ssl", rpc_args::tr("Enable SSL on RPC connections: enabled|disabled|autodetect"), "disabled"})
      , rpc_ssl_private_key({"rpc-ssl-private-key", rpc_args::tr("Path to a PEM format private key"), ""})
      , rpc_ssl_certificate({"rpc-ssl-certificate", rpc_args::tr("Path to a PEM format certificate"), ""})
      , rpc_ssl_ca_certificates({"rpc-ssl-ca-certificates", rpc_args::tr("Path to file containing concatenated PEM format certificate(s) to replace system CA(s)."), ""})

src/serialization/json_object.cpp

@@ -269,6 +269,22 @@ void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const cryptonote::t
   INSERT_INTO_JSON_OBJECT(dest, inputs, tx.vin);
   INSERT_INTO_JSON_OBJECT(dest, outputs, tx.vout);
   INSERT_INTO_JSON_OBJECT(dest, extra, tx.extra);
+  INSERT_INTO_JSON_OBJECT(dest, type, static_cast<uint8_t>(tx.type));
+  if (tx.type != cryptonote::transaction_type::PROTOCOL) {
+    INSERT_INTO_JSON_OBJECT(dest, amount_burnt, tx.amount_burnt);
+    if (tx.type != cryptonote::transaction_type::MINER) {
+      if (tx.type == cryptonote::transaction_type::TRANSFER && tx.version >= TRANSACTION_VERSION_N_OUTS) {
+        INSERT_INTO_JSON_OBJECT(dest, return_address_list, tx.return_address_list);
+        INSERT_INTO_JSON_OBJECT(dest, return_address_change_mask, tx.return_address_change_mask);
+      } else {
+        INSERT_INTO_JSON_OBJECT(dest, return_address, tx.return_address);
+        INSERT_INTO_JSON_OBJECT(dest, return_pubkey, tx.return_pubkey);
+      }
+      INSERT_INTO_JSON_OBJECT(dest, source_asset_type, tx.source_asset_type);
+      INSERT_INTO_JSON_OBJECT(dest, destination_asset_type, tx.destination_asset_type);
+      INSERT_INTO_JSON_OBJECT(dest, amount_slippage_limit, tx.amount_slippage_limit);
+    }
+  }
   if (!tx.pruned)
   {
     INSERT_INTO_JSON_OBJECT(dest, signatures, tx.signatures);
@@ -291,6 +307,24 @@ void fromJsonValue(const rapidjson::Value& val, cryptonote::transaction& tx)
   GET_FROM_JSON_OBJECT(val, tx.vin, inputs);
   GET_FROM_JSON_OBJECT(val, tx.vout, outputs);
   GET_FROM_JSON_OBJECT(val, tx.extra, extra);
+  uint8_t tx_type = 0;
+  GET_FROM_JSON_OBJECT(val, tx_type, type);
+  tx.type = static_cast<cryptonote::transaction_type>(tx_type);
+  if (tx.type != cryptonote::transaction_type::PROTOCOL) {
+    GET_FROM_JSON_OBJECT(val, tx.amount_burnt, amount_burnt);
+    if (tx.type != cryptonote::transaction_type::MINER) {
+      if (tx.type == cryptonote::transaction_type::TRANSFER && tx.version >= TRANSACTION_VERSION_N_OUTS) {
+        GET_FROM_JSON_OBJECT(val, tx.return_address_list, return_address_list);
+        GET_FROM_JSON_OBJECT(val, tx.return_address_change_mask, return_address_change_mask);
+      } else {
+        GET_FROM_JSON_OBJECT(val, tx.return_address, return_address);
+        GET_FROM_JSON_OBJECT(val, tx.return_pubkey, return_pubkey);
+      }
+      GET_FROM_JSON_OBJECT(val, tx.source_asset_type, source_asset_type);
+      GET_FROM_JSON_OBJECT(val, tx.destination_asset_type, destination_asset_type);
+      GET_FROM_JSON_OBJECT(val, tx.amount_slippage_limit, amount_slippage_limit);
+    }
+  }
   GET_FROM_JSON_OBJECT(val, tx.rct_signatures, ringct);
 
   const auto& sigs = val.FindMember("signatures");
@@ -1138,6 +1172,11 @@ void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const rct::rctSig&
     INSERT_INTO_JSON_OBJECT(dest, encrypted, sig.ecdhInfo);
     INSERT_INTO_JSON_OBJECT(dest, commitments, transform(sig.outPk, just_mask));
     INSERT_INTO_JSON_OBJECT(dest, fee, sig.txnFee);
+    INSERT_INTO_JSON_OBJECT(dest, p_r, sig.p_r);
+    if (sig.type == rct::RCTTypeFullProofs) {
+      INSERT_INTO_JSON_OBJECT(dest, pr_proof, sig.pr_proof);
+      INSERT_INTO_JSON_OBJECT(dest, sa_proof, sig.sa_proof);
+    }
   }
 
   // prunable
@@ -1174,6 +1213,11 @@ void fromJsonValue(const rapidjson::Value& val, rct::rctSig& sig)
     GET_FROM_JSON_OBJECT(val, sig.ecdhInfo, encrypted);
     GET_FROM_JSON_OBJECT(val, sig.outPk, commitments);
     GET_FROM_JSON_OBJECT(val, sig.txnFee, fee);
+    GET_FROM_JSON_OBJECT(val, sig.p_r, p_r);
+    if (sig.type == rct::RCTTypeFullProofs) {
+      GET_FROM_JSON_OBJECT(val, sig.pr_proof, pr_proof);
+      GET_FROM_JSON_OBJECT(val, sig.sa_proof, sa_proof);
+    }
   }
 
   // prunable
@@ -1429,6 +1473,29 @@ void fromJsonValue(const rapidjson::Value& val, rct::clsag& sig)
   GET_FROM_JSON_OBJECT(val, sig.D, D);
 }
 
+void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const rct::zk_proof& proof)
+{
+  dest.StartObject();
+
+  INSERT_INTO_JSON_OBJECT(dest, R, proof.R);
+  INSERT_INTO_JSON_OBJECT(dest, z1, proof.z1);
+  INSERT_INTO_JSON_OBJECT(dest, z2, proof.z2);
+
+  dest.EndObject();
+}
+
+void fromJsonValue(const rapidjson::Value& val, rct::zk_proof& proof)
+{
+  if (!val.IsObject())
+  {
+    throw WRONG_TYPE("zk_proof (rct::zk_proof)");
+  }
+
+  GET_FROM_JSON_OBJECT(val, proof.R, R);
+  GET_FROM_JSON_OBJECT(val, proof.z1, z1);
+  GET_FROM_JSON_OBJECT(val, proof.z2, z2);
+}
+
 void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const cryptonote::rpc::DaemonInfo& info)
 {
   dest.StartObject();

src/serialization/json_object.h

@@ -307,6 +307,9 @@ void fromJsonValue(const rapidjson::Value& val, rct::mgSig& sig);
 void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const rct::clsag& sig);
 void fromJsonValue(const rapidjson::Value& val, rct::clsag& sig);
 
+void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const rct::zk_proof& p);
+void fromJsonValue(const rapidjson::Value& val, rct::zk_proof& p);
+
 void toJsonValue(rapidjson::Writer<epee::byte_stream>& dest, const cryptonote::rpc::DaemonInfo& info);
 void fromJsonValue(const rapidjson::Value& val, cryptonote::rpc::DaemonInfo& info);
 

src/simplewallet/simplewallet.cpp

@@ -1691,7 +1691,7 @@ bool simple_wallet::export_raw_multisig(const std::vector<std::string> &args)
     for (auto &ptx: txs.m_ptx)
     {
       const crypto::hash txid = cryptonote::get_transaction_hash(ptx.tx);
-      const std::string filename = std::string("raw_multisig_monero_tx_") + epee::string_tools::pod_to_hex(txid);
+      const std::string filename = std::string("raw_multisig_salvium_tx_") + epee::string_tools::pod_to_hex(txid);
       if (!filenames.empty())
         filenames += ", ";
       filenames += filename;
@@ -1999,7 +1999,7 @@ bool simple_wallet::rpc_payment_info(const std::vector<std::string> &args)
     crypto::public_key pkey;
     crypto::secret_key_to_public_key(m_wallet->get_rpc_client_secret_key(), pkey);
     message_writer() << tr("RPC client ID: ") << pkey;
-    message_writer() << tr("RPC client secret key: ") << m_wallet->get_rpc_client_secret_key();
+    message_writer() << tr("RPC client secret key: ") << crypto::secret_key_explicit_print_ref{m_wallet->get_rpc_client_secret_key()};
     if (!m_wallet->get_rpc_payment_info(false, payment_required, credits, diff, credits_per_hash_found, hashing_blob, height, seed_height, seed_hash, next_seed_hash, cookie))
     {
       fail_msg_writer() << tr("Failed to query daemon");
@@ -3432,7 +3432,7 @@ simple_wallet::simple_wallet()
                            boost::bind(&simple_wallet::on_command, this, &simple_wallet::sign_transfer, _1),
                            tr(USAGE_SIGN_TRANSFER),
                            tr("Sign a transaction from a file. If the parameter \"export_raw\" is specified, transaction raw hex data suitable for the daemon RPC /sendrawtransaction is exported.\n"
-                              "Use the parameter <filename> to specify the file to read from. If not specified, the default \"unsigned_monero_tx\" will be used."));
+                              "Use the parameter <filename> to specify the file to read from. If not specified, the default \"unsigned_salvium_tx\" will be used."));
   m_cmd_binder.set_handler("submit_transfer",
                            boost::bind(&simple_wallet::on_command, this, &simple_wallet::submit_transfer, _1),
                            tr("Submit a signed transaction from a file."));
@@ -6942,7 +6942,7 @@ bool simple_wallet::transfer_main(
   {
     // figure out what tx will be necessary
     std::vector<tools::wallet2::pending_tx> ptx_vector;
-    uint64_t bc_height, unlock_block = 0;
+    uint64_t unlock_block = 0;
     std::string err;
     switch (transfer_type)
     {
@@ -6959,12 +6959,6 @@ bool simple_wallet::transfer_main(
         ptx_vector = m_wallet->create_transactions_2(dsts, source_asset, dest_asset, cryptonote::transaction_type::STAKE, fake_outs_count, unlock_block /* unlock_time */, priority, extra, m_current_subaddress_account, subaddr_indices, subtract_fee_from_outputs);
       break;
       case TransferLocked:
-        bc_height = get_daemon_blockchain_height(err);
-        if (!err.empty())
-        {
-          fail_msg_writer() << tr("failed to get blockchain height: ") << err;
-          return false;
-        }
         unlock_block = locked_blocks;
         ptx_vector = m_wallet->create_transactions_2(dsts, source_asset, dest_asset, cryptonote::transaction_type::TRANSFER, fake_outs_count, unlock_block /* unlock_time */, priority, extra, m_current_subaddress_account, subaddr_indices, subtract_fee_from_outputs);
       break;
@@ -7141,7 +7135,7 @@ bool simple_wallet::transfer_main(
     }
     else if (m_wallet->multisig())
     {
-      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_monero_tx");
+      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
@@ -7149,7 +7143,7 @@ bool simple_wallet::transfer_main(
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_salvium_tx";
       }
     }
     else if (m_wallet->get_account().get_device().has_tx_cold_sign())
@@ -7178,7 +7172,7 @@ bool simple_wallet::transfer_main(
     }
     else if (m_wallet->watch_only())
     {
-      bool r = m_wallet->save_tx(ptx_vector, "unsigned_monero_tx");
+      bool r = m_wallet->save_tx(ptx_vector, "unsigned_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
@@ -7186,7 +7180,7 @@ bool simple_wallet::transfer_main(
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_salvium_tx";
       }
     }
     else
@@ -7249,7 +7243,7 @@ bool simple_wallet::locked_transfer(const std::vector<std::string> &args_)
   // TODO: add locked versions
   if (args_.size() < 2)
   {
-    PRINT_USAGE(USAGE_TRANSFER);
+    PRINT_USAGE(USAGE_LOCKED_TRANSFER);
     return true;
   }
 
@@ -7344,26 +7338,26 @@ bool simple_wallet::sweep_unmixable(const std::vector<std::string> &args_)
     if (m_wallet->multisig())
     {
       CHECK_MULTISIG_ENABLED();
-      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_monero_tx");
+      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_salvium_tx";
       }
     }
     else if (m_wallet->watch_only())
     {
-      bool r = m_wallet->save_tx(ptx_vector, "unsigned_monero_tx");
+      bool r = m_wallet->save_tx(ptx_vector, "unsigned_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_salvium_tx";
       }
     }
     else
@@ -7652,14 +7646,14 @@ bool simple_wallet::sweep_main(uint32_t account, uint64_t below, bool locked, co
     if (m_wallet->multisig())
     {
       CHECK_MULTISIG_ENABLED();
-      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_monero_tx");
+      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_salvium_tx";
       }
     }
     else if (m_wallet->get_account().get_device().has_tx_cold_sign())
@@ -7689,14 +7683,14 @@ bool simple_wallet::sweep_main(uint32_t account, uint64_t below, bool locked, co
     }
     else if (m_wallet->watch_only())
     {
-      bool r = m_wallet->save_tx(ptx_vector, "unsigned_monero_tx");
+      bool r = m_wallet->save_tx(ptx_vector, "unsigned_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_salvium_tx";
       }
     }
     else
@@ -7887,14 +7881,14 @@ bool simple_wallet::sweep_single(const std::vector<std::string> &args_)
     if (m_wallet->multisig())
     {
       CHECK_MULTISIG_ENABLED();
-      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_monero_tx");
+      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_salvium_tx";
       }
     }
     else if (m_wallet->get_account().get_device().has_tx_cold_sign())
@@ -7925,14 +7919,14 @@ bool simple_wallet::sweep_single(const std::vector<std::string> &args_)
     }
     else if (m_wallet->watch_only())
     {
-      bool r = m_wallet->save_tx(ptx_vector, "unsigned_monero_tx");
+      bool r = m_wallet->save_tx(ptx_vector, "unsigned_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_salvium_tx";
       }
     }
     else
@@ -8043,10 +8037,17 @@ bool simple_wallet::return_payment(const std::vector<std::string> &args_)
       return true;
     }
 
-    // Verify we have a valid return_address and tx_pubkey
-    if (td.m_tx.return_address == crypto::null_pkey || td.m_tx.return_pubkey != crypto::null_pkey) {
-      fail_msg_writer() << tr("invalid return_address/return_pubkey for txid ") << args_[0];
-      return true;
+    if (td.m_tx.version >= TRANSACTION_VERSION_N_OUTS) {
+      if (td.m_tx.return_address_list.empty() || td.m_tx.return_address_change_mask.empty()) {
+        fail_msg_writer() << tr("invalid return_address_list for txid ") << args_[0];
+        return true;
+      }
+    } else {
+      // Verify we have a valid return_address and tx_pubkey
+      if (td.m_tx.return_address == crypto::null_pkey || td.m_tx.return_pubkey != crypto::null_pkey) {
+        fail_msg_writer() << tr("invalid return_address/return_pubkey for txid ") << args_[0];
+        return true;
+      }
     }
 
     // Check that we have the key image information, and that it is usable
@@ -8110,14 +8111,14 @@ bool simple_wallet::return_payment(const std::vector<std::string> &args_)
     if (m_wallet->multisig())
     {
       CHECK_MULTISIG_ENABLED();
-      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_monero_tx");
+      bool r = m_wallet->save_multisig_tx(ptx_vector, "multisig_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "multisig_salvium_tx";
       }
     }
     else if (m_wallet->get_account().get_device().has_tx_cold_sign())
@@ -8152,14 +8153,14 @@ bool simple_wallet::return_payment(const std::vector<std::string> &args_)
     }
     else if (m_wallet->watch_only())
     {
-      bool r = m_wallet->save_tx(ptx_vector, "unsigned_monero_tx");
+      bool r = m_wallet->save_tx(ptx_vector, "unsigned_salvium_tx");
       if (!r)
       {
         fail_msg_writer() << tr("Failed to write transaction(s) to file");
       }
       else
       {
-        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_monero_tx";
+        success_msg_writer(true) << tr("Unsigned transaction(s) successfully written to file: ") << "unsigned_salvium_tx";
       }
     }
     else
@@ -8306,6 +8307,12 @@ bool simple_wallet::stake(const std::vector<std::string> &args_)
     return true;
   }
 
+  if(m_wallet->multisig())
+  {
+     fail_msg_writer() << tr("This is a multisig wallet, staking is not currently supported");
+     return true;
+  }
+  
   std::vector<std::string> local_args;
   local_args.push_back(m_wallet->get_subaddress_as_str({m_current_subaddress_account,0}));
   local_args.insert(local_args.end(), args_.begin(), args_.end());
@@ -8367,7 +8374,7 @@ bool simple_wallet::supply_info(const std::vector<std::string> &args) {
   message_writer(console_color_default, false) << boost::format(tr("SUPPLY INFO"));
   
   // For each asset, print the circulating supply and value
-  boost::multiprecision::uint128_t total_supply = 0;
+  //boost::multiprecision::uint128_t total_supply = 0;
   for (auto supply_asset: supply_amounts) {
 
     // get supply
@@ -8394,86 +8401,46 @@ bool simple_wallet::supply_info(const std::vector<std::string> &args) {
 //----------------------------------------------------------------------------------------------------
 bool simple_wallet::yield_info(const std::vector<std::string> &args) {
 
-  // Get the total circulating supply of SALs
-  std::vector<std::pair<std::string, std::string>> supply_amounts;
-  if(!m_wallet->get_circulating_supply(supply_amounts)) {
-    fail_msg_writer() << "failed to get circulating supply. Make sure you are connected to a daemon.";
+  // EXPERIMENTAL - change to get_yield_summary_info() method
+  uint64_t t_burnt, t_supply, t_locked, t_yield, yps, ybi_size;
+  std::vector<std::tuple<size_t, std::string, uint64_t, uint64_t>> yield_payouts;
+  if (!m_wallet->get_yield_summary_info(t_burnt, t_supply, t_locked, t_yield, yps, ybi_size, yield_payouts)) {
+    fail_msg_writer() << "failed to get yield info. Make sure you are connected to a daemon.";
     return false;
   }
-  boost::multiprecision::uint128_t total_supply_128 = 0;
-  for (auto supply_asset: supply_amounts) {
-    if (supply_asset.first == "SAL") {
-      boost::multiprecision::uint128_t supply_128(supply_asset.second);
-      total_supply_128 = supply_128;
-      break;
-    }
-  }
 
-  // Get the yield data from the blockchain
-  std::vector<cryptonote::yield_block_info> ybi_data;
-  bool r = m_wallet->get_yield_info(ybi_data);
-  if (!r)
-    return false;
-
-  // Scan the entries we have received to gather the state (total yield over period captured)
-  uint64_t total_burnt = 0;
-  uint64_t total_yield = 0;
-  uint64_t yield_per_stake = 0;
-  for (size_t idx=1; idx<ybi_data.size(); ++idx) {
-    if (ybi_data[idx].locked_coins_tally == 0) {
-      total_burnt += ybi_data[idx].slippage_total_this_block;
-    } else {
-      total_yield += ybi_data[idx].slippage_total_this_block;
-    }
-  }
-
-  // Calculate the yield_per_staked_SAL value
-  if (ybi_data.back().locked_coins_tally > 0) {
-    boost::multiprecision::uint128_t yield_per_stake_128 = ybi_data.back().slippage_total_this_block;
-    yield_per_stake_128 *= COIN;
-    yield_per_stake_128 /= ybi_data.back().locked_coins_tally;
-    yield_per_stake = yield_per_stake_128.convert_to<uint64_t>();
-  }
+  // Get the chain height
+  const uint64_t blockchain_height = m_wallet->get_blockchain_current_height();
   
-  // Output the necessary information about yield stats
-  message_writer(console_color_default, false) << boost::format(tr("YIELD INFO:\n\tSupply coins burnt over last %s: %d\n\tTotal coins locked: %d\n\tYield accrued over last %s: %d\n\tYield per SAL staked: %d"))
-    % get_human_readable_timespan((ybi_data.size()-1) * DIFFICULTY_TARGET_V2)
-    % print_money(total_burnt)
-    % print_money(ybi_data.back().locked_coins_tally)
-    % get_human_readable_timespan((ybi_data.size()-1) * DIFFICULTY_TARGET_V2)
-    % print_money(total_yield)
-    % print_money(yield_per_stake);
-
-  // Now summarise our own YIELD TXs that are yet to mature
-  tools::wallet2::transfer_container transfers;
-  m_wallet->get_transfers(transfers);
-  if (transfers.empty())
-    return true;
-  
-  std::map<size_t, size_t> payouts;
   message_writer(console_color_default, false) << boost::format(tr("\nSTAKED FUNDS:"));
-  for (size_t idx = transfers.size()-1; idx>0; --idx) {
-    const tools::wallet2::transfer_details& td = transfers[idx];
-    //if (td.m_block_height < ybi_data[0].block_height) break;
-    if (td.m_tx.type == cryptonote::transaction_type::STAKE) {
-      if (payouts.count(idx)) {
-	message_writer(console_color_green, true) << boost::format(tr("Height %d, txid %s, staked %s SAL, earned %s SAL"))
-	  % td.m_block_height
-	  % td.m_txid
-	  % print_money(td.m_tx.amount_burnt)
-	  % print_money(transfers[payouts[idx]].m_amount - td.m_tx.amount_burnt);
-      } else {
-	message_writer(console_color_green, false) << boost::format(tr("Height %d, txid %s, staked %s SAL"))
-	  % td.m_block_height
-	  % td.m_txid
-	  % print_money(td.m_tx.amount_burnt);
-      }
-    } else if (td.m_tx.type == cryptonote::transaction_type::PROTOCOL) {
-      // Store list of reverse-lookup indices to tell YIELD TXs how much they earned
-      if (transfers[td.m_td_origin_idx].m_tx.type == cryptonote::transaction_type::STAKE)
-	payouts[td.m_td_origin_idx] = idx;
-    }
-  }
+  for (auto &p: yield_payouts) {
+    uint64_t height, burnt, yield;
+    std::string txid;
+    std::tie(height, txid, burnt, yield) = p;
+    if (blockchain_height > ybi_size + height)
+      message_writer(console_color_green, true) << boost::format(tr("Height %d, txid %s, staked %s SAL, earned %s SAL"))
+        % height
+        % txid
+        % print_money(burnt)
+        % print_money(yield);
+    else 
+      message_writer(console_color_green, false) << boost::format(tr("Height %d (matures %d), txid %s, staked %s SAL, %s SAL accrued so far"))
+        % height
+        % (height + 21601)
+        % txid
+        % print_money(burnt)
+        % print_money(yield);
+ }
+
+  // Output the necessary information about yield stats
+  message_writer(console_color_default, false) << boost::format(tr("\nYIELD INFO:\n\tSupply coins burnt over last %s: %d\n\tTotal coins locked: %d\n\tYield accrued over last %s: %d\n\tYield per SAL staked: %d"))
+    % get_human_readable_timespan((ybi_size-1) * DIFFICULTY_TARGET_V2)
+    % print_money(t_burnt)
+    % print_money(t_locked)
+    % get_human_readable_timespan((ybi_size-1) * DIFFICULTY_TARGET_V2)
+    % print_money(t_yield)
+    % print_money(yps);
+  
   return true;
 }
 //----------------------------------------------------------------------------------------------------
@@ -8722,7 +8689,7 @@ bool simple_wallet::sign_transfer(const std::vector<std::string> &args_)
   }
 
   bool export_raw = false;
-  std::string unsigned_filename = "unsigned_monero_tx";
+  std::string unsigned_filename = "unsigned_salvium_tx";
   if (args_.size() > 2 || (args_.size() == 2 && args_[0] != "export_raw"))
   {
     PRINT_USAGE(USAGE_SIGN_TRANSFER);
@@ -8746,7 +8713,7 @@ bool simple_wallet::sign_transfer(const std::vector<std::string> &args_)
   std::vector<tools::wallet2::pending_tx> ptx;
   try
   {
-    bool r = m_wallet->sign_tx(unsigned_filename, "signed_monero_tx", ptx, [&](const tools::wallet2::unsigned_tx_set &tx){ return accept_loaded_tx(tx); }, export_raw);
+    bool r = m_wallet->sign_tx(unsigned_filename, "signed_salvium_tx", ptx, [&](const tools::wallet2::unsigned_tx_set &tx){ return accept_loaded_tx(tx); }, export_raw);
     if (!r)
     {
       fail_msg_writer() << tr("Failed to sign transaction");
@@ -8766,7 +8733,7 @@ bool simple_wallet::sign_transfer(const std::vector<std::string> &args_)
       txids_as_text += (", ");
     txids_as_text += epee::string_tools::pod_to_hex(get_transaction_hash(t.tx));
   }
-  success_msg_writer(true) << tr("Transaction successfully signed to file ") << "signed_monero_tx" << ", txid " << txids_as_text;
+  success_msg_writer(true) << tr("Transaction successfully signed to file ") << "signed_salvium_tx" << ", txid " << txids_as_text;
   if (export_raw)
   {
     std::string rawfiles_as_text;
@@ -8774,7 +8741,7 @@ bool simple_wallet::sign_transfer(const std::vector<std::string> &args_)
     {
       if (i > 0)
         rawfiles_as_text += ", ";
-      rawfiles_as_text += "signed_monero_tx_raw" + (ptx.size() == 1 ? "" : ("_" + std::to_string(i)));
+      rawfiles_as_text += "signed_salvium_tx_raw" + (ptx.size() == 1 ? "" : ("_" + std::to_string(i)));
     }
     success_msg_writer(true) << tr("Transaction raw hex data exported to ") << rawfiles_as_text;
   }
@@ -8794,7 +8761,7 @@ bool simple_wallet::submit_transfer(const std::vector<std::string> &args_)
   try
   {
     std::vector<tools::wallet2::pending_tx> ptx_vector;
-    bool r = m_wallet->load_tx("signed_monero_tx", ptx_vector, [&](const tools::wallet2::signed_tx_set &tx){ return accept_loaded_tx(tx); });
+    bool r = m_wallet->load_tx("signed_salvium_tx", ptx_vector, [&](const tools::wallet2::signed_tx_set &tx){ return accept_loaded_tx(tx); });
     if (!r)
     {
       fail_msg_writer() << tr("Failed to load transaction from file");
@@ -11401,7 +11368,7 @@ void simple_wallet::commit_or_save(std::vector<tools::wallet2::pending_tx>& ptx_
       cryptonote::blobdata blob;
       tx_to_blob(ptx.tx, blob);
       const std::string blob_hex = epee::string_tools::buff_to_hex_nodelimer(blob);
-      const std::string filename = "raw_monero_tx" + (ptx_vector.size() == 1 ? "" : ("_" + std::to_string(i++)));
+      const std::string filename = "raw_salvium_tx" + (ptx_vector.size() == 1 ? "" : ("_" + std::to_string(i++)));
       if (m_wallet->save_to_file(filename, blob_hex, true))
         success_msg_writer(true) << tr("Transaction successfully saved to ") << filename << tr(", txid ") << txid;
       else

src/version.cpp.in

@@ -1,5 +1,5 @@
 #define DEF_SALVIUM_VERSION_TAG "@VERSIONTAG@"
-#define DEF_SALVIUM_VERSION "0.4.4-beta2"
+#define DEF_SALVIUM_VERSION "0.7.0"
 #define DEF_MONERO_VERSION_TAG "release"
 #define DEF_MONERO_VERSION "0.18.3.3"
 #define DEF_MONERO_RELEASE_NAME "Zero"

src/wallet/api/wallet_manager.cpp

@@ -370,7 +370,7 @@ std::tuple<bool, std::string, std::string, std::string, std::string> WalletManag
     if (!tools::check_updates(software, buildtag, version, hash))
       return std::make_tuple(false, "", "", "", "");
 
-    if (tools::vercmp(version.c_str(), current_version != nullptr ? current_version : MONERO_VERSION) > 0)
+    if (tools::vercmp(version.c_str(), current_version != nullptr ? current_version : SALVIUM_VERSION) > 0)
     {
       std::string user_url = tools::get_update_url(software, subdir, buildtag, version, true);
       std::string auto_url = tools::get_update_url(software, subdir, buildtag, version, false);

src/wallet/wallet2.cpp

@@ -881,6 +881,11 @@ uint8_t get_view_tag_fork()
   return HF_VERSION_VIEW_TAGS;
 }
 
+uint8_t get_full_proofs_fork()
+{
+  return HF_VERSION_FULL_PROOFS;
+}
+
 uint64_t calculate_fee(bool use_per_byte_fee, const cryptonote::transaction &tx, size_t blob_size, uint64_t base_fee, uint64_t fee_quantization_mask)
 {
   if (use_per_byte_fee)
@@ -2142,6 +2147,7 @@ static uint64_t decodeRct(const rct::rctSig & rv, const crypto::key_derivation &
     case rct::RCTTypeBulletproof2:
     case rct::RCTTypeCLSAG:
     case rct::RCTTypeBulletproofPlus:
+    case rct::RCTTypeFullProofs:
       return rct::decodeRctSimple(rv, rct::sk2rct(scalar1), i, mask, hwdev);
     case rct::RCTTypeFull:
       return rct::decodeRct(rv, rct::sk2rct(scalar1), i, mask, hwdev);
@@ -2236,7 +2242,7 @@ void wallet2::scan_output(const cryptonote::transaction &tx, bool miner_tx, cons
   */
   // Populate the unlock_time
   THROW_WALLET_EXCEPTION_IF(!cryptonote::get_output_unlock_time(tx.vout[i], tx_scan_info.unlock_time), error::wallet_internal_error, "failed to get output unlock_time");
-  
+
   outs.push_back(i);
   THROW_WALLET_EXCEPTION_IF(tx_money_got_in_outs[tx_scan_info.received->index][tx_scan_info.asset_type] >= std::numeric_limits<uint64_t>::max() - tx_scan_info.money_transfered,
       error::wallet_internal_error, "Overflow in received amounts");
@@ -2411,6 +2417,28 @@ bool wallet2::get_yield_summary_info(uint64_t &total_burnt,
     return false;
 
   ybi_data_size = ybi_data.size();
+
+  // Iterate over the transfers in our wallet
+  std::map<size_t, size_t> map_payouts;
+  std::map<std::string, std::pair<size_t, std::pair<uint64_t, uint64_t>>> payouts_active;
+  if (m_transfers.size() > 0) {
+    for (size_t idx = m_transfers.size()-1; idx>0; --idx) {
+      const tools::wallet2::transfer_details& td = m_transfers[idx];
+      //if (td.m_block_height < ybi_data[0].block_height) break;
+      if (td.m_tx.type == cryptonote::transaction_type::STAKE) {
+        if (map_payouts.count(idx)) {
+          payouts.push_back(std::make_tuple(td.m_block_height, epee::string_tools::pod_to_hex(td.m_txid), td.m_tx.amount_burnt, m_transfers[map_payouts[idx]].m_amount - td.m_tx.amount_burnt));
+        } else {
+          //payouts.push_back(std::make_tuple(td.m_block_height, epee::string_tools::pod_to_hex(td.m_txid), td.m_tx.amount_burnt, 0));
+          payouts_active[epee::string_tools::pod_to_hex(td.m_txid)] = std::make_pair(td.m_block_height, std::make_pair(td.m_tx.amount_burnt, 0));
+        }
+      } else if (td.m_tx.type == cryptonote::transaction_type::PROTOCOL) {
+        // Store list of reverse-lookup indices to tell YIELD TXs how much they earned
+        if (m_transfers[td.m_td_origin_idx].m_tx.type == cryptonote::transaction_type::STAKE)
+          map_payouts[td.m_td_origin_idx] = idx;
+      }
+    }
+  }
   
   // Scan the entries we have received to gather the state (total yield over period captured)
   total_burnt = 0;
@@ -2421,9 +2449,23 @@ bool wallet2::get_yield_summary_info(uint64_t &total_burnt,
       total_burnt += ybi_data[idx].slippage_total_this_block;
     } else {
       total_yield += ybi_data[idx].slippage_total_this_block;
+
+      // EXPERIMENTAL - add up yield earned for active STAKE TXs
+      for (auto &payout: payouts_active) {
+        if (ybi_data[idx].block_height < payout.second.first) continue; 
+        boost::multiprecision::uint128_t amount_128 = ybi_data[idx].slippage_total_this_block;
+        amount_128 *= payout.second.second.first;
+        amount_128 /= ybi_data[idx].locked_coins_tally;
+        payout.second.second.second += amount_128.convert_to<uint64_t>();
+      }
     }
   }
 
+  for (auto &payout: payouts_active) {
+    // Copy to the list of payouts proper
+    payouts.push_back(std::make_tuple(payout.second.first, payout.first, payout.second.second.first, payout.second.second.second));
+  }
+
   // Get the total currently locked
   total_locked = ybi_data.back().locked_coins_tally;
   
@@ -2434,48 +2476,79 @@ bool wallet2::get_yield_summary_info(uint64_t &total_burnt,
     yield_per_stake_128 /= ybi_data.back().locked_coins_tally;
     yield_per_stake = yield_per_stake_128.convert_to<uint64_t>();
   }
-
-  // Iterate over the transfers in our wallet
-  std::map<size_t, size_t> map_payouts;
-  for (size_t idx = m_transfers.size()-1; idx>0; --idx) {
-    const tools::wallet2::transfer_details& td = m_transfers[idx];
-    //if (td.m_block_height < ybi_data[0].block_height) break;
-    if (td.m_tx.type == cryptonote::transaction_type::STAKE) {
-      if (map_payouts.count(idx)) {
-        payouts.push_back(std::make_tuple(td.m_block_height, epee::string_tools::pod_to_hex(td.m_txid), td.m_tx.amount_burnt, m_transfers[map_payouts[idx]].m_amount - td.m_tx.amount_burnt));
-      } else {
-        payouts.push_back(std::make_tuple(td.m_block_height, epee::string_tools::pod_to_hex(td.m_txid), td.m_tx.amount_burnt, 0));
-      }
-    } else if (td.m_tx.type == cryptonote::transaction_type::PROTOCOL) {
-      // Store list of reverse-lookup indices to tell YIELD TXs how much they earned
-      if (m_transfers[td.m_td_origin_idx].m_tx.type == cryptonote::transaction_type::STAKE)
-        map_payouts[td.m_td_origin_idx] = idx;
-    }
-  }
   
   // Return success to caller
   return true;
 }
 //----------------------------------------------------------------------------------------------------
-bool wallet2::get_yield_payouts(std::vector<std::tuple<size_t, std::string, uint64_t, uint64_t>> &payouts) {
+bool wallet2::verify_spend_authority_proof(const cryptonote::transaction &tx, const size_t i, const tx_scan_info_t &tx_scan_info)
+{
+  // Sanity checks
+  if (tx.type != cryptonote::transaction_type::TRANSFER) return true;
+  if (tx.version < TRANSACTION_VERSION_N_OUTS) return true;
+  if (tx.rct_signatures.type != rct::RCTTypeFullProofs) return true;
 
-  // Iterate over the transfers in our wallet
-  std::map<size_t, size_t> map_payouts;
-  for (size_t idx = m_transfers.size()-1; idx>0; --idx) {
-    const tools::wallet2::transfer_details& td = m_transfers[idx];
-    //if (td.m_block_height < ybi_data[0].block_height) break;
-    if (td.m_tx.type == cryptonote::transaction_type::STAKE) {
-      if (map_payouts.count(idx)) {
-        payouts.push_back(std::make_tuple(td.m_block_height, epee::string_tools::pod_to_hex(td.m_txid), td.m_tx.amount_burnt, m_transfers[map_payouts[idx]].m_amount - td.m_tx.amount_burnt));
-      } else {
-        payouts.push_back(std::make_tuple(td.m_block_height, epee::string_tools::pod_to_hex(td.m_txid), td.m_tx.amount_burnt, 0));
-      }
-    } else if (td.m_tx.type == cryptonote::transaction_type::PROTOCOL) {
-      // Store list of reverse-lookup indices to tell YIELD TXs how much they earned
-      if (m_transfers[td.m_td_origin_idx].m_tx.type == cryptonote::transaction_type::STAKE)
-        map_payouts[td.m_td_origin_idx] = idx;
-    }
+  // To verify the spend authority proof, we need to know the y value to process the F value
+  ec_scalar y;
+  
+  // Get P_change from the TX
+  crypto::public_key P_change = crypto::null_pkey;
+    
+  // Calculate z_i (the shared secret between sender and ourselves for the original TX)
+  crypto::public_key txkey_pub = null_pkey; // R
+  const std::vector<crypto::public_key> in_additional_tx_pub_keys = get_additional_tx_pub_keys_from_extra(tx);
+  if (in_additional_tx_pub_keys.size() != 0) {
+    THROW_WALLET_EXCEPTION_IF(in_additional_tx_pub_keys.size() != tx.vout.size(),
+                              error::wallet_internal_error,
+                              tr("at verify_spend_authority_proof(): incorrect number of additional TX pubkeys in TX"));
+    txkey_pub = in_additional_tx_pub_keys[i];
+  } else {
+    txkey_pub = get_tx_pub_key_from_extra(tx);
   }
+  crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
+  THROW_WALLET_EXCEPTION_IF(!generate_key_derivation(txkey_pub, m_account.get_keys().m_view_secret_key, derivation),
+                            error::wallet_internal_error,
+                            tr("at verify_spend_authority_proof(): failed to generate_key_derivation"));
+  crypto::secret_key z_i;
+  derivation_to_scalar(derivation, i, z_i);
+    
+  // Calculate the y value for return_payment support
+  struct {
+    char domain_separator[8];
+    rct::key amount_key;
+  } buf;
+  std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+  std::strncpy(buf.domain_separator, "RETURN", 7);
+  buf.amount_key = rct::sk2rct(z_i);
+  crypto::hash_to_scalar(&buf, sizeof(buf), y);
+
+  // The change_index needs decoding too
+  uint8_t eci_data = tx.return_address_change_mask[i];
+      
+  // Calculate the encrypted_change_index data for this output
+  std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+  std::strncpy(buf.domain_separator, "CHG_IDX", 8);
+  crypto::secret_key eci_out;
+  keccak((uint8_t *)&buf, sizeof(buf), (uint8_t*)&eci_out, sizeof(eci_out));
+  uint8_t change_index = eci_data ^ eci_out.data[0];
+  THROW_WALLET_EXCEPTION_IF(change_index >= tx.vout.size(), error::wallet_internal_error, tr("at verify_spend_authority_proof(): invalid change_index calculated"));
+
+  // Now we know the index, we can get P_change
+  THROW_WALLET_EXCEPTION_IF(!cryptonote::get_output_public_key(tx.vout[change_index], P_change), error::wallet_internal_error, tr("at verify_spend_authority_proof(): failed to get P_change"));
+  rct::key key_P_change = rct::pk2rct(P_change);
+
+  // Calculate the shared secret yF
+  rct::key key_y         = (rct::key&)(y);
+  rct::key key_F         = (rct::key&)(tx.return_address_list[i]);
+  rct::key key_yF        = rct::scalarmultKey(key_F, key_y);
+  rct::key hs_yF         = rct::hash_to_scalar(key_yF);
+
+  // Now we can verify the proof itself
+  if (!rct::SAProof_Ver(tx.rct_signatures.sa_proof, key_P_change, hs_yF)) {
+    return false;
+  }
+
+  // Return success to caller
   return true;
 }
 //----------------------------------------------------------------------------------------------------
@@ -2714,9 +2787,9 @@ void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote
             THROW_WALLET_EXCEPTION_IF(!cryptonote::get_output_asset_type(tx.vout[o], asset_type), error::wallet_internal_error, "failed to get output_asset_type");
             m_transfers.push_back(transfer_details{});
             if (m_transfers_indices.count(asset_type) == 0) {
-              m_transfers_indices[asset_type] = std::vector<size_t>{};
+              m_transfers_indices[asset_type] = std::set<size_t>{};
             }
-            m_transfers_indices[asset_type].push_back(m_transfers.size()-1);
+            m_transfers_indices[asset_type].insert(m_transfers.size()-1);
             transfer_details& td = m_transfers.back();
             td.m_block_height = height;
             td.m_internal_output_index = o;
@@ -2782,6 +2855,17 @@ void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote
               if (m_multisig_rescan_info && m_multisig_rescan_info->front().size() >= m_transfers.size())
                 update_multisig_rescan_info(*m_multisig_rescan_k, *m_multisig_rescan_info, m_transfers.size() - 1);
             }
+
+            /*
+            // Verify the spend authority proof
+            if (!verify_spend_authority_proof(tx, o, tx_scan_info[o])) {
+              // Freeze the output
+              LOG_ERROR("Spend authority proof for TX: " << txid << " failed verification. The output has been frozen.");
+              LOG_ERROR("Please review the transaction and verify that the sender is someone you trust before thawing this payment.");
+              td.m_frozen = true;
+            }
+            */
+            
             LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << txid);
             if (!ignore_callbacks && 0 != m_callback)
               m_callback->on_money_received(height, txid, tx, td.m_amount, td.asset_type, 0, td.m_subaddr_index, spends_one_of_ours(tx), td.m_tx.unlock_time, td.m_td_origin_idx);
@@ -2898,6 +2982,16 @@ void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote
             }
             THROW_WALLET_EXCEPTION_IF(td.get_public_key() != tx_scan_info[o].in_ephemeral.pub, error::wallet_internal_error, "Inconsistent public keys");
             THROW_WALLET_EXCEPTION_IF(td.m_spent, error::wallet_internal_error, "Inconsistent spent status");
+
+            /*
+            // Verify the spend authority proof
+            if (!verify_spend_authority_proof(tx, o, tx_scan_info[o])) {
+              // Freeze the output
+              LOG_ERROR("Spend authority proof for TX: " << txid << " failed verification. The output has been frozen.");
+              LOG_ERROR("Please review the transaction and verify that the sender is someone you trust before thawing this payment.");
+              td.m_frozen = true;
+            }
+            */
             
             LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << txid);
             if (!ignore_callbacks && 0 != m_callback)
@@ -6921,7 +7015,7 @@ uint64_t wallet2::balance(uint32_t index_major, const std::string& asset_type, b
   uint64_t amount = 0;
   for (const auto& i : balance_per_subaddress(index_major, asset_type, strict))
     amount += i.second;
-  if (asset_type == "SAL") {
+  if (index_major == 0 && asset_type == "SAL") {
     // Iterate over the locked coins, adding them to the _locked_ balance
     for (const auto& i : m_locked_coins)
       amount += i.second.m_amount;
@@ -8293,6 +8387,8 @@ bool wallet2::sign_multisig_tx(multisig_tx_set &exported_txs, std::vector<crypto
       not multisig_tx_builder.init(
         m_account.get_keys(),
         ptx.construction_data.extra,
+        ptx.tx.type,
+        get_current_hard_fork(),
         ptx.construction_data.unlock_time,
         ptx.construction_data.subaddr_account,
         ptx.construction_data.subaddr_indices,
@@ -10097,15 +10193,20 @@ void wallet2::transfer_selected_rct(std::vector<cryptonote::tx_destination_entry
   LOG_PRINT_L2("constructing tx");
   auto sources_copy = sources;
   multisig::signing::tx_builder_ringct_t multisig_tx_builder;
+  uint32_t hf_version = get_current_hard_fork();
   if (m_multisig) {
     // prepare the core part of a multisig tx (many tx attempts for different signer groups can be spun off this core piece)
     std::set<std::uint32_t> subaddr_minor_indices;
     for (size_t idx: selected_transfers) {
       subaddr_minor_indices.insert(m_transfers[idx].m_subaddr_index.minor);
     }
+    // Store the TX type
+    tx.type = tx_type;
     THROW_WALLET_EXCEPTION_IF(
       not multisig_tx_builder.init(m_account.get_keys(),
         extra,
+        tx_type,
+        hf_version,
         unlock_time,
         subaddr_account,
         subaddr_minor_indices,
@@ -10125,7 +10226,6 @@ void wallet2::transfer_selected_rct(std::vector<cryptonote::tx_destination_entry
     );
   }
   else {
-    uint32_t hf_version = get_current_hard_fork();
     // Get the circulating supply data
     std::vector<std::pair<std::string, std::string>> circ_amounts;
     THROW_WALLET_EXCEPTION_IF(!get_circulating_supply(circ_amounts), error::wallet_internal_error, "Failed to get circulating supply");
@@ -10256,11 +10356,11 @@ void wallet2::transfer_selected_rct(std::vector<cryptonote::tx_destination_entry
   ptx.construction_data.extra = tx.extra;
   ptx.construction_data.unlock_time = unlock_time;
   ptx.construction_data.use_rct = true;
-  ptx.construction_data.rct_config = {
+  ptx.construction_data.rct_config = rct_config;/*{
     rct::RangeProofPaddedBulletproof,
     use_fork_rules(HF_VERSION_BULLETPROOF_PLUS, -10) ? 4 : 3
-  };
-  ptx.construction_data.use_view_tags = use_fork_rules(get_view_tag_fork(), 0);
+    };*/
+  ptx.construction_data.use_view_tags = use_view_tags;//use_fork_rules(get_view_tag_fork(), 0);
   ptx.construction_data.dests = dsts;
   // record which subaddress indices are being used as inputs
   ptx.construction_data.subaddr_account = subaddr_account;
@@ -10284,7 +10384,7 @@ std::vector<size_t> wallet2::pick_preferred_rct_inputs(uint64_t needed_money, ui
   }
   
   // try to find a rct input of enough size
-  for (size_t& i: m_transfers_indices[asset_type])
+  for (size_t i: m_transfers_indices[asset_type])
   {
     const transfer_details& td = m_transfers[i];
     if (!is_spent(td, false) && !td.m_frozen && td.is_rct() && td.amount() >= needed_money && is_transfer_unlocked(td) && td.m_subaddr_index.major == subaddr_account && subaddr_indices.count(td.m_subaddr_index.minor) == 1)
@@ -10304,25 +10404,28 @@ std::vector<size_t> wallet2::pick_preferred_rct_inputs(uint64_t needed_money, ui
   // this could be made better by picking one of the outputs to be a small one, since those
   // are less useful since often below the needed money, so if one can be used in a pair,
   // it gets rid of it for the future
-  for (size_t i = 0; i < m_transfers_indices[asset_type].size(); i++)
+  for (auto i=m_transfers_indices[asset_type].begin(); i!= m_transfers_indices[asset_type].end(); ++i)
   {
-    size_t idx = m_transfers_indices[asset_type][i];
-    const transfer_details& td = m_transfers[i];
+    size_t idx = *i;
+    const transfer_details& td = m_transfers[idx];
     if (!is_spent(td, false) && !td.m_frozen && !td.m_key_image_partial && td.is_rct() && is_transfer_unlocked(td) && td.m_subaddr_index.major == subaddr_account && subaddr_indices.count(td.m_subaddr_index.minor) == 1)
     {
       if (td.amount() > m_ignore_outputs_above || td.amount() < m_ignore_outputs_below)
       {
-        MDEBUG("Ignoring output " << i << " of amount " << print_money(td.amount()) << " which is outside prescribed range [" << print_money(m_ignore_outputs_below) << ", " << print_money(m_ignore_outputs_above) << "]");
+        MDEBUG("Ignoring output " << idx << " of amount " << print_money(td.amount()) << " which is outside prescribed range [" << print_money(m_ignore_outputs_below) << ", " << print_money(m_ignore_outputs_above) << "]");
         continue;
       }
-      LOG_PRINT_L2("Considering input " << i << ", " << print_money(td.amount()));
-      for (size_t j = i + 1; j < m_transfers_indices[asset_type].size(); ++j)
+      LOG_PRINT_L2("Considering input " << idx << ", " << print_money(td.amount()));
+      if (i == m_transfers_indices[asset_type].end()) continue;
+      auto j = i;
+      std::advance(j, 1);
+      for (; j!=m_transfers_indices[asset_type].end(); ++j)
       {
-        size_t idx2 = m_transfers_indices[asset_type][j];
+        size_t idx2 = *j;
         const transfer_details& td2 = m_transfers[idx2];
         if (td2.amount() > m_ignore_outputs_above || td2.amount() < m_ignore_outputs_below)
         {
-          MDEBUG("Ignoring output " << j << " of amount " << print_money(td2.amount()) << " which is outside prescribed range [" << print_money(m_ignore_outputs_below) << ", " << print_money(m_ignore_outputs_above) << "]");
+          MDEBUG("Ignoring output " << idx2 << " of amount " << print_money(td2.amount()) << " which is outside prescribed range [" << print_money(m_ignore_outputs_below) << ", " << print_money(m_ignore_outputs_above) << "]");
           continue;
         }
         if (!is_spent(td2, false) && !td2.m_frozen && !td2.m_key_image_partial && td2.is_rct() && td.amount() + td2.amount() >= needed_money && is_transfer_unlocked(td2) && td2.m_subaddr_index == td.m_subaddr_index)
@@ -10331,16 +10434,16 @@ std::vector<size_t> wallet2::pick_preferred_rct_inputs(uint64_t needed_money, ui
           // already found. If the same, don't update, and oldest suitable outputs
           // will be used in preference.
           float relatedness = get_output_relatedness(td, td2);
-          LOG_PRINT_L2("  with input " << j << ", " << print_money(td2.amount()) << ", relatedness " << relatedness);
+          LOG_PRINT_L2("  with input " << idx2 << ", " << print_money(td2.amount()) << ", relatedness " << relatedness);
           if (relatedness < current_output_relatdness)
           {
             // reset the current picks with those, and return them directly
             // if they're unrelated. If they are related, we'll end up returning
             // them if we find nothing better
             picks.clear();
-            picks.push_back(i);
-            picks.push_back(j);
-            LOG_PRINT_L0("we could use " << i << " and " << j);
+            picks.push_back(idx);
+            picks.push_back(idx2);
+            LOG_PRINT_L0("we could use " << idx << " and " << idx2);
             if (relatedness == 0.0f)
               return picks;
             current_output_relatdness = relatedness;
@@ -10548,7 +10651,8 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
   const bool bulletproof = true;
   const bool bulletproof_plus = true;
   const bool clsag = true;
-  const rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, 4 };
+  const bool use_fullproofs = use_fork_rules(get_full_proofs_fork(), 0);
+  const rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, use_fullproofs ? 5 : 4 };
   const bool use_view_tags = use_fork_rules(get_view_tag_fork(), 0);
   std::unordered_set<crypto::public_key> valid_public_keys_cache;
 
@@ -10592,6 +10696,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
     break;
   case transaction_type::STAKE:
     THROW_WALLET_EXCEPTION_IF(dest_asset != "SAL", error::wallet_internal_error, "Yield TX must specify 'SAL' destination asset type");
+    THROW_WALLET_EXCEPTION_IF(subaddr_account != 0, error::wallet_internal_error, "Staking is only permitted from main account, not secondary accounts");
     break;
   default:
     THROW_WALLET_EXCEPTION(error::wallet_internal_error, "Invalid tx type specified: " + static_cast<uint64_t>(tx_type));
@@ -10656,7 +10761,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
   // Verify that we have outputs in our wallet for the correct asset_type
   THROW_WALLET_EXCEPTION_IF(!m_transfers_indices.count(source_asset), error::wallet_internal_error, "Cannot find outputs with correct asset_type to pay for TX");
   
-  for (size_t& i: m_transfers_indices[source_asset])
+  for (size_t i: m_transfers_indices[source_asset])
   {
     const transfer_details& td = m_transfers[i];
     if (m_ignore_fractional_outputs && td.amount() < fractional_threshold)
@@ -11245,7 +11350,8 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(uint64_t below
   const bool bulletproof = true;
   const bool bulletproof_plus = true;
   const bool clsag = true;
-  const rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, 4 };
+  const bool use_fullproofs = use_fork_rules(get_full_proofs_fork(), 0);
+  const rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, use_fullproofs ? 5 : 4 };
   const bool use_view_tags = use_fork_rules(get_view_tag_fork(), 0);
   const uint64_t base_fee  = get_base_fee(priority);
   const size_t tx_weight_one_ring = estimate_tx_weight(use_rct, 1, fake_outs_count, 2, 0, bulletproof, clsag, bulletproof_plus, use_view_tags);
@@ -11261,8 +11367,10 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_all(uint64_t below
 
   // gather all dust and non-dust outputs of specified subaddress (if any) and below specified threshold (if any)
   bool fund_found = false;
-  for (size_t i = 0; i < m_transfers.size(); ++i)
+  //for (size_t idx = 0; idx < m_transfers_indices[asset_type].size(); idx++)
+  for (const auto& i: m_transfers_indices[asset_type])
   {
+    //size_t i = m_transfers_indices[asset_type][idx];
     const transfer_details& td = m_transfers[i];
     if (m_ignore_fractional_outputs && td.amount() < fractional_threshold)
     {
@@ -11333,9 +11441,9 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_single(const crypt
 std::vector<wallet2::pending_tx> wallet2::create_transactions_return(std::vector<size_t> transfers_indices)
 {
   // Get the asset_type and associated information
-  THROW_WALLET_EXCEPTION_IF(transfers_indices.empty() || transfers_indices.size()>1, error::wallet_internal_error, "Incorrect number of transfers_indices on return_payment");
+  THROW_WALLET_EXCEPTION_IF(transfers_indices.empty() || transfers_indices.size()>1, error::wallet_internal_error, tr("Incorrect number of transfers_indices on return_payment"));
   size_t idx = transfers_indices[0];
-  THROW_WALLET_EXCEPTION_IF(idx >= get_num_transfer_details(), error::wallet_internal_error, "cannot locate return_payment origin index in m_transfers");
+  THROW_WALLET_EXCEPTION_IF(idx >= get_num_transfer_details(), error::wallet_internal_error, tr("cannot locate return_payment origin index in m_transfers"));
   const transfer_details& td_origin = get_transfer_details(idx);
   const std::string asset_type = td_origin.m_tx.source_asset_type;
   bool is_subaddress = true;
@@ -11346,24 +11454,95 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_return(std::vector
   uint32_t priority = adjust_priority(0);
   std::vector<uint8_t> extra; // No need for a TX extra beyond that which will be calculated herein
 
+  // To return a payment, we need to know the y value to process the F value
+  // ...but the y value is calculated differently depending on the original TX
+  ec_scalar y;
+  crypto::public_key return_address = null_pkey;
+  
   // Get P_change from the TX
   crypto::public_key P_change = crypto::null_pkey;
-  size_t change_index = (td_origin.m_internal_output_index == 0) ? 1 : 0;
-  THROW_WALLET_EXCEPTION_IF(!cryptonote::get_output_public_key(td_origin.m_tx.vout[change_index], P_change), error::wallet_internal_error, "Failed to identify change output");
+  uint8_t change_index;
+  uint32_t hf_version = get_current_hard_fork();
+  if (td_origin.m_tx.version >= TRANSACTION_VERSION_N_OUTS) {
+    
+    // Calculate z_i (the shared secret between sender and ourselves for the original TX)
+    crypto::public_key txkey_pub = null_pkey; // R
+    const std::vector<crypto::public_key> in_additional_tx_pub_keys = get_additional_tx_pub_keys_from_extra(td_origin.m_tx);
+    if (in_additional_tx_pub_keys.size() != 0) {
+      THROW_WALLET_EXCEPTION_IF(in_additional_tx_pub_keys.size() != td_origin.m_tx.vout.size(),
+                                error::wallet_internal_error,
+                                tr("at create_transactions_return(): incorrect number of additional TX pubkeys in origin TX for return_payment"));
+      txkey_pub = in_additional_tx_pub_keys[td_origin.m_internal_output_index];
+    } else {
+      txkey_pub = get_tx_pub_key_from_extra(td_origin.m_tx);
+    }
+    crypto::key_derivation derivation = AUTO_VAL_INIT(derivation);
+    THROW_WALLET_EXCEPTION_IF(!generate_key_derivation(txkey_pub, m_account.get_keys().m_view_secret_key, derivation),
+                              error::wallet_internal_error,
+                              tr("at create_transactions_return(): failed to generate_key_derivation"));
+    crypto::secret_key z_i;
+    derivation_to_scalar(derivation, td_origin.m_internal_output_index, z_i);
+    
+    // Calculate the y value for return_payment support
+    struct {
+      char domain_separator[8];
+      rct::key amount_key;
+    } buf;
+    std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+    std::strncpy(buf.domain_separator, "RETURN", 7);
+    buf.amount_key = rct::sk2rct(z_i);
+    crypto::hash_to_scalar(&buf, sizeof(buf), y);
 
+    // The change_index needs decoding too
+    uint8_t eci_data = td_origin.m_tx.return_address_change_mask[td_origin.m_internal_output_index];
+      
+    // Calculate the encrypted_change_index data for this output
+    std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+    std::strncpy(buf.domain_separator, "CHG_IDX", 8);
+    crypto::secret_key eci_out;
+    keccak((uint8_t *)&buf, sizeof(buf), (uint8_t*)&eci_out, sizeof(eci_out));
+    change_index = eci_data ^ eci_out.data[0];
+    
+    return_address = td_origin.m_tx.return_address_list[td_origin.m_internal_output_index];
+    
+    // Sanity check that we aren't attempting to return our own TX change output to ourselves
+    THROW_WALLET_EXCEPTION_IF(change_index == td_origin.m_internal_output_index, error::wallet_internal_error, tr("Attempting to return change to ourself"));
+
+    // Sanity check that we can obtain the change output from the origin TX
+    THROW_WALLET_EXCEPTION_IF(!cryptonote::get_output_public_key(td_origin.m_tx.vout[change_index], P_change),
+                              error::wallet_internal_error,
+                              tr("Failed to identify change output"));
+    
+  } else {
+
+    // Change index is the one we didn't receive
+    change_index = (td_origin.m_internal_output_index == 0) ? 1 : 0;
+
+    // Return address was provided
+    return_address = td_origin.m_tx.return_address;
+    
+    // Sanity check that we aren't attempting to return our own TX change output to ourselves
+    THROW_WALLET_EXCEPTION_IF(change_index == td_origin.m_internal_output_index, error::wallet_internal_error, tr("Attempting to return change to ourself"));
+    
+    // Sanity check that we can obtain the change output from the origin TX
+    THROW_WALLET_EXCEPTION_IF(!cryptonote::get_output_public_key(td_origin.m_tx.vout[change_index], P_change),
+                              error::wallet_internal_error,
+                              tr("Failed to identify change output"));
+  
+    // Calculate y
+    struct {
+      char domain_separator[8];
+      crypto::public_key pubkey;
+    } buf;
+    std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
+    std::strncpy(buf.domain_separator, "RETURN", 6);
+    buf.pubkey = P_change;
+    crypto::hash_to_scalar(&buf, sizeof(buf), y);
+  }
+  
   // Calculate yF
-  ec_scalar y;
-  struct {
-    char domain_separator[8];
-    crypto::public_key pubkey;
-  } buf;
-  std::memset(buf.domain_separator, 0x0, sizeof(buf.domain_separator));
-  std::strncpy(buf.domain_separator, "RETURN", 6);
-  buf.pubkey = P_change;
-  crypto::hash_to_scalar(&buf, sizeof(buf), y);
-
   rct::key key_y         = (rct::key&)(y);
-  rct::key key_F         = (rct::key&)(td_origin.m_tx.return_address);
+  rct::key key_F         = (rct::key&)(return_address);
   rct::key key_yF        = rct::scalarmultKey(key_F, key_y);
 
   // Build the subaddress to send the return to
@@ -11373,7 +11552,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_return(std::vector
   
   LOG_ERROR("*****************************************************************************");
   LOG_ERROR("TX type   : RETURN");
-  LOG_ERROR("a         : " << m_account.get_keys().m_view_secret_key);
+  LOG_ERROR("a         : " << crypto::secret_key_explicit_print_ref{m_account.get_keys().m_view_secret_key});
   LOG_ERROR("F         : " << key_F);
   LOG_ERROR("y         : " << key_y);
   LOG_ERROR("P_change  : " << P_change);
@@ -11414,7 +11593,8 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_from(const crypton
   const bool bulletproof = true;
   const bool bulletproof_plus = true;
   const bool clsag = true;
-  const rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, 4 };
+  const bool use_fullproofs = use_fork_rules(get_full_proofs_fork(), 0);
+  const rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, use_fullproofs ? 5 : 4 };
   const bool use_view_tags = use_fork_rules(get_view_tag_fork(), 0);
   const uint64_t base_fee  = get_base_fee(priority);
   const uint64_t fee_quantization_mask = get_fee_quantization_mask();
@@ -11510,7 +11690,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_from(const crypton
       if (outputs > 1)
         tx.dsts.push_back(tx_destination_entry(1, address, is_subaddress));
 
-      THROW_WALLET_EXCEPTION_IF(needed_fee > available_for_fee, error::wallet_internal_error, "Transaction cannot pay for itself");
+      THROW_WALLET_EXCEPTION_IF(needed_fee > available_for_fee, error::wallet_internal_error, tr("Transaction cannot pay for itself"));
 
       do {
         LOG_PRINT_L2("We made a tx, adjusting fee and saving it, we need " << print_money(needed_fee) << " and we have " << print_money(test_ptx.fee));
@@ -11606,7 +11786,7 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_from(const crypton
   }
   std::vector<cryptonote::tx_destination_entry> synthetic_dsts(1, cryptonote::tx_destination_entry("", a, address, is_subaddress, tx_type == cryptonote::transaction_type::RETURN));
   synthetic_dsts.back().asset_type = asset_type;
-  THROW_WALLET_EXCEPTION_IF(!sanity_check(ptx_vector, synthetic_dsts), error::wallet_internal_error, "Created transaction(s) failed sanity check");
+  THROW_WALLET_EXCEPTION_IF(!sanity_check(ptx_vector, synthetic_dsts), error::wallet_internal_error, tr("Created transaction(s) failed sanity check"));
 
   // if we made it this far, we're OK to actually send the transactions
   return ptx_vector;
@@ -11726,8 +11906,8 @@ uint64_t wallet2::get_upper_transaction_weight_limit()
 {
   if (m_upper_transaction_weight_limit > 0)
     return m_upper_transaction_weight_limit;
-  uint64_t full_reward_zone = use_fork_rules(5, 10) ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : use_fork_rules(2, 10) ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V2 : CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1;
-  if (use_fork_rules(8, 10))
+  uint64_t full_reward_zone = use_fork_rules(2, 0) ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V1;
+  if (use_fork_rules(2, 0))
     return full_reward_zone / 2 - CRYPTONOTE_COINBASE_BLOB_RESERVED_SIZE;
   else
     return full_reward_zone - CRYPTONOTE_COINBASE_BLOB_RESERVED_SIZE;
@@ -12335,7 +12515,7 @@ void wallet2::check_tx_key_helper(const cryptonote::transaction &tx, const crypt
         crypto::secret_key scalar1;
         crypto::derivation_to_scalar(found_derivation, n, scalar1);
         rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
-        rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
+        rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus || tx.rct_signatures.type == rct::RCTTypeFullProofs);
         const rct::key C = tx.rct_signatures.outPk[n].mask;
         rct::key Ctmp;
         THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.mask.bytes) != 0, error::wallet_internal_error, "Bad ECDH input mask");
@@ -13029,7 +13209,7 @@ bool wallet2::check_reserve_proof(const cryptonote::account_public_address &addr
       crypto::secret_key shared_secret;
       crypto::derivation_to_scalar(derivation, proof.index_in_tx, shared_secret);
       rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[proof.index_in_tx];
-      rct::ecdhDecode(ecdh_info, rct::sk2rct(shared_secret), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
+      rct::ecdhDecode(ecdh_info, rct::sk2rct(shared_secret), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus || tx.rct_signatures.type == rct::RCTTypeFullProofs);
       amount = rct::h2d(ecdh_info.amount);
     }
     total += amount;
@@ -14401,7 +14581,21 @@ crypto::key_image wallet2::get_multisig_composite_key_image(size_t n) const
   for (const auto &info: td.m_multisig_info)
     for (const auto &pki: info.m_partial_key_images)
       pkis.push_back(pki);
-  bool r = multisig::generate_multisig_composite_key_image(get_account().get_keys(), m_subaddresses, td.get_public_key(), tx_key, additional_tx_keys, td.m_internal_output_index, pkis, ki);
+
+  // SRCG: work out if we have origin data to use
+  bool use_origin_data = false;
+  cryptonote::origin_data origin_tx_data;
+  if (td.m_td_origin_idx != (uint64_t)-1) {
+  
+    // Flag to indicate this is a TX that uses a return_address
+    const transfer_details& td_origin = get_transfer_details(td.m_td_origin_idx);
+    origin_tx_data.tx_pub_key = get_tx_pub_key_from_extra(td_origin.m_tx);
+    origin_tx_data.output_index = td_origin.m_internal_output_index;
+    origin_tx_data.tx_type = td_origin.m_tx.type;
+    use_origin_data = true;
+  }
+  
+  bool r = multisig::generate_multisig_composite_key_image(get_account().get_keys(), m_subaddresses, td.get_public_key(), tx_key, additional_tx_keys, td.m_internal_output_index, pkis, ki, use_origin_data, origin_tx_data);
   THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "Failed to generate key image");
   return ki;
 }

src/wallet/wallet2.h

@@ -625,7 +625,7 @@ private:
     };
 
     typedef std::vector<transfer_details> transfer_container;
-    typedef serializable_unordered_map<std::string, std::vector<size_t>> transfer_details_indices;
+    typedef serializable_unordered_map<std::string, std::set<size_t>> transfer_details_indices;
     typedef serializable_unordered_multimap<crypto::hash, payment_details> payment_container;
     typedef std::set<uint32_t> unique_index_container;
 
@@ -1191,6 +1191,8 @@ private:
 
     std::vector<cryptonote::public_node> get_public_nodes(bool white_only = true);
 
+    bool verify_spend_authority_proof(const cryptonote::transaction &tx, const size_t i, const tx_scan_info_t &tx_scan_info);
+    
     template <class t_archive>
     inline void serialize(t_archive &a, const unsigned int ver)
     {
@@ -1755,7 +1757,6 @@ private:
                                 uint64_t &ybi_data_size,
                                 std::vector<std::tuple<size_t, std::string, uint64_t, uint64_t>> &payouts
                                 );
-    bool get_yield_payouts(std::vector<std::tuple<size_t, std::string, uint64_t, uint64_t>> &payouts);
     
   private:
     /*!

src/wallet/wallet_args.cpp

@@ -135,7 +135,7 @@ namespace wallet_args
     command_line::add_arg(desc_params, arg_max_concurrency);
     command_line::add_arg(desc_params, arg_config_file);
 
-    i18n_set_language("translations", "monero", lang);
+    i18n_set_language("translations", "salvium", lang);
 
     po::options_description desc_all;
     desc_all.add(desc_general).add(desc_params);

src/wallet/wallet_rpc_server.cpp

@@ -392,6 +392,7 @@ namespace tools
       td.address = d.address(m_wallet->nettype(), pd.m_payment_id);
     }
 
+    entry.asset_type = pd.m_tx.source_asset_type;
     entry.type = "out";
     entry.subaddr_index = { pd.m_subaddr_account, 0 };
     for (uint32_t i: pd.m_subaddr_indices)
@@ -424,6 +425,7 @@ namespace tools
     }
 
     entry.type = is_failed ? "failed" : "pending";
+    entry.asset_type = pd.m_tx.source_asset_type;
     entry.subaddr_index = { pd.m_subaddr_account, 0 };
     for (uint32_t i: pd.m_subaddr_indices)
       entry.subaddr_indices.push_back({pd.m_subaddr_account, i});

tests/block_weight/block_weight.cpp

@@ -67,6 +67,10 @@ public:
                         , uint64_t num_rct_outs
                         , oracle::asset_type_counts& cum_rct_by_asset_type
                         , const crypto::hash& blk_hash
+                        , uint64_t slippage_total
+                        , uint64_t yield_total
+                        , const cryptonote::network_type nettype
+                        , cryptonote::yield_block_info& ybi
                         ) override {
     blocks.push_back({block_weight, long_term_block_weight});
   }
@@ -111,9 +115,6 @@ private:
 }
 
 #define PREFIX_WINDOW(hf_version,window) \
-  std::unique_ptr<cryptonote::Blockchain> bc; \
-  cryptonote::tx_memory_pool txpool(*bc); \
-  bc.reset(new cryptonote::Blockchain(txpool)); \
   struct get_test_options { \
     const std::pair<uint8_t, uint64_t> hard_forks[3]; \
     const cryptonote::test_options test_options = { \
@@ -122,7 +123,9 @@ private:
     }; \
     get_test_options(): hard_forks{std::make_pair(1, (uint64_t)0), std::make_pair((uint8_t)hf_version, (uint64_t)LONG_TERM_BLOCK_WEIGHT_WINDOW), std::make_pair((uint8_t)0, (uint64_t)0)} {} \
   } opts; \
-  cryptonote::Blockchain *blockchain = bc.get(); \
+  cryptonote::BlockchainAndPool bap; \
+  cryptonote::Blockchain *blockchain = &bap.blockchain; \
+  cryptonote::Blockchain *bc = blockchain; \
   bool r = blockchain->init(new TestDB(), cryptonote::FAKECHAIN, true, &opts.test_options, 0, NULL); \
   if (!r) \
   { \
@@ -149,7 +152,8 @@ static void test(test_t t, uint64_t blocks)
     cryptonote::block b;
     b.major_version = 1;
     b.minor_version = 1;
-    bc->get_db().add_block(std::make_pair(b, ""), 300000, 300000, bc->get_db().height(), bc->get_db().height(), {});
+    cryptonote::yield_block_info ybi;
+    bc->get_db().add_block(std::make_pair(b, ""), 300000, 300000, bc->get_db().height(), bc->get_db().height(), {}, cryptonote::FAKECHAIN, ybi);
     if (!bc->update_next_cumulative_weight_limit())
     {
       fprintf(stderr, "Failed to update cumulative weight limit 1\n");
@@ -181,9 +185,10 @@ static void test(test_t t, uint64_t blocks)
     }
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
     cryptonote::block b;
-    b.major_version = 10;
-    b.minor_version = 10;
-    bc->get_db().add_block(std::make_pair(std::move(b), ""), w, ltw, bc->get_db().height(), bc->get_db().height(), {});
+    b.major_version = HF_VERSION_2021_SCALING;
+    b.minor_version = HF_VERSION_2021_SCALING;
+    cryptonote::yield_block_info ybi;
+    bc->get_db().add_block(std::make_pair(std::move(b), ""), w, ltw, bc->get_db().height(), bc->get_db().height(), {}, cryptonote::FAKECHAIN, ybi);
 
     if (!bc->update_next_cumulative_weight_limit())
     {

tests/core_tests/block_validation.cpp

@@ -350,7 +350,7 @@ bool gen_block_miner_tx_has_2_in::generate(std::vector<test_event_entry>& events
   destinations.push_back(de);
 
   transaction tmp_tx;
-  if (!construct_tx(miner_account.get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tmp_tx, 0))
+  if (!construct_tx(miner_account.get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tmp_tx, 0))
     return false;
 
   MAKE_MINER_TX_MANUALLY(miner_tx, blk_0);
@@ -393,7 +393,7 @@ bool gen_block_miner_tx_with_txin_to_key::generate(std::vector<test_event_entry>
   destinations.push_back(de);
 
   transaction tmp_tx;
-  if (!construct_tx(miner_account.get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tmp_tx, 0))
+  if (!construct_tx(miner_account.get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tmp_tx, 0))
     return false;
 
   MAKE_MINER_TX_MANUALLY(miner_tx, blk_1);
@@ -687,7 +687,7 @@ bool gen_block_miner_tx_out_has_no_view_tag_before_hf_view_tags::generate(std::v
   cryptonote::get_output_public_key(miner_tx.vout[0], output_public_key);
 
   // explicitly call the setter to ensure it does not set a view tag on the miner tx output
-  cryptonote::set_tx_out(miner_tx.vout[0].amount, "FULM", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
+  cryptonote::set_tx_out(miner_tx.vout[0].amount, "SAL", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
   CHECK_AND_ASSERT_MES(!cryptonote::get_output_view_tag(miner_tx.vout[0]), false, "output should still not have a view tag");
 
   block blk_1;
@@ -713,7 +713,7 @@ bool gen_block_miner_tx_out_has_no_view_tag_from_hf_view_tags::generate(std::vec
   cryptonote::get_output_public_key(miner_tx.vout[0], output_public_key);
 
   // remove the view tag that is currently set on the miner tx output at this point
-  cryptonote::set_tx_out(miner_tx.vout[0].amount, "FULM", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
+  cryptonote::set_tx_out(miner_tx.vout[0].amount, "SAL", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
   CHECK_AND_ASSERT_MES(!cryptonote::get_output_view_tag(miner_tx.vout[0]), false, "output should not have a view tag");
 
   block blk_1;
@@ -745,7 +745,7 @@ bool gen_block_miner_tx_out_has_view_tag_before_hf_view_tags::generate(std::vect
   crypto::derive_view_tag(derivation, 0, view_tag);
 
   // set the view tag on the miner tx output
-  cryptonote::set_tx_out(miner_tx.vout[0].amount, "FULM", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
+  cryptonote::set_tx_out(miner_tx.vout[0].amount, "SAL", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
   boost::optional<crypto::view_tag> actual_vt = cryptonote::get_output_view_tag(miner_tx.vout[0]);
   CHECK_AND_ASSERT_MES(actual_vt && *actual_vt == view_tag, false, "unexpected output view tag");
 
@@ -781,7 +781,7 @@ bool gen_block_miner_tx_out_has_view_tag_from_hf_view_tags::generate(std::vector
   CHECK_AND_ASSERT_MES(actual_vt && *actual_vt == view_tag, false, "unexpected output view tag");
 
   // set the view tag on the miner tx output
-  cryptonote::set_tx_out(miner_tx.vout[0].amount, "FULM", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
+  cryptonote::set_tx_out(miner_tx.vout[0].amount, "SAL", CRYPTONOTE_MINED_MONEY_UNLOCK_WINDOW, output_public_key, use_view_tags, view_tag, miner_tx.vout[0]);
   boost::optional<crypto::view_tag> actual_vt_after_setting = cryptonote::get_output_view_tag(miner_tx.vout[0]);
   CHECK_AND_ASSERT_MES(actual_vt_after_setting && *actual_vt_after_setting == view_tag, false, "unexpected output view tag after setting");
 

tests/core_tests/chaingen.cpp

@@ -81,15 +81,19 @@ namespace
   public:
     TestDB() { m_open = true; }
 
-    virtual void add_block( const cryptonote::block& blk
-        , size_t block_weight
-        , uint64_t long_term_block_weight
-        , const cryptonote::difficulty_type& cumulative_difficulty
-        , const uint64_t& coins_generated
-        , uint64_t num_rct_outs
-                        , oracle::asset_type_counts& cum_rct_by_asset_type
-        , const crypto::hash& blk_hash
-    ) override
+    virtual void add_block( const block& blk,
+                            size_t block_weight,
+                            uint64_t long_term_block_weight,
+                            const difficulty_type& cumulative_difficulty,
+                            const uint64_t& coins_generated,
+                            uint64_t num_rct_outs,
+                            oracle::asset_type_counts& cum_rct_by_asset_type,
+                            const crypto::hash& blk_hash,
+                            uint64_t slippage_total,
+                            uint64_t yield_total,
+                            const cryptonote::network_type nettype,
+                            cryptonote::yield_block_info& ybi
+                            ) override
     {
       blocks.push_back({blk, blk_hash});
     }
@@ -144,9 +148,8 @@ namespace
 
 }
 
-static std::unique_ptr<cryptonote::Blockchain> init_blockchain(const std::vector<test_event_entry> & events, cryptonote::network_type nettype)
+static std::unique_ptr<cryptonote::BlockchainAndPool> init_blockchain(const std::vector<test_event_entry> & events, cryptonote::network_type nettype)
 {
-  std::unique_ptr<cryptonote::Blockchain> bc;
   v_hardforks_t hardforks;
   cryptonote::test_options test_options_tmp{nullptr, 0};
   const cryptonote::test_options * test_options = &test_options_tmp;
@@ -160,10 +163,8 @@ static std::unique_ptr<cryptonote::Blockchain> init_blockchain(const std::vector
   test_options_tmp.hard_forks = hardforks.data();
   test_options = &test_options_tmp;
 
-  cryptonote::tx_memory_pool txpool(*bc);
-  bc.reset(new cryptonote::Blockchain(txpool));
+  std::unique_ptr<cryptonote::BlockchainAndPool> bap(new BlockchainAndPool());
 
-  cryptonote::Blockchain *blockchain = bc.get();
   auto bdb = new TestDB();
 
   BOOST_FOREACH(const test_event_entry &ev, events)
@@ -176,12 +177,13 @@ static std::unique_ptr<cryptonote::Blockchain> init_blockchain(const std::vector
     const block *blk = &boost::get<block>(ev);
     auto blk_hash = get_block_hash(*blk);
     oracle::asset_type_counts num_rct_outs_by_asset_type;
-    bdb->add_block(*blk, 1, 1, 1, 0, 0, num_rct_outs_by_asset_type, blk_hash);
+    cryptonote::yield_block_info ybi;
+    bdb->add_block(*blk, 1, 1, 1, 0, 0, num_rct_outs_by_asset_type, blk_hash, 0, 0, cryptonote::FAKECHAIN, ybi);
   }
 
-  bool r = blockchain->init(bdb, nettype, true, test_options, 2, nullptr);
+  bool r = bap->blockchain.init(bdb, nettype, true, test_options, 2, nullptr);
   CHECK_AND_ASSERT_THROW_MES(r, "could not init blockchain from events");
-  return bc;
+  return bap;
 }
 
 void test_generator::get_block_chain(std::vector<block_info>& blockchain, const crypto::hash& head, size_t n) const
@@ -395,7 +397,7 @@ bool test_generator::construct_block_manually_tx(cryptonote::block& blk, const c
 void test_generator::fill_nonce(cryptonote::block& blk, const difficulty_type& diffic, uint64_t height)
 {
   const cryptonote::Blockchain *blockchain = nullptr;
-  std::unique_ptr<cryptonote::Blockchain> bc;
+  std::unique_ptr<cryptonote::BlockchainAndPool> bap;
 
   if (blk.major_version >= RX_BLOCK_VERSION && diffic > 1)
   {
@@ -405,8 +407,8 @@ void test_generator::fill_nonce(cryptonote::block& blk, const difficulty_type& d
     }
     else
     {
-      bc = init_blockchain(*m_events, m_nettype);
-      blockchain = bc.get();
+      bap = init_blockchain(*m_events, m_nettype);
+      blockchain = &bap->blockchain;
     }
   }
 
@@ -489,7 +491,8 @@ bool init_spent_output_indices(map_output_idx_t& outs, map_output_t& outs_mine,
             crypto::public_key out_key = boost::get<txout_to_key>(oi.out).key;
             std::unordered_map<crypto::public_key, cryptonote::subaddress_index> subaddresses;
             subaddresses[from.get_keys().m_account_address.m_spend_public_key] = {0,0};
-            generate_key_image_helper(from.get_keys(), subaddresses, out_key, get_tx_pub_key_from_extra(*oi.p_tx), get_additional_tx_pub_keys_from_extra(*oi.p_tx), oi.out_no, in_ephemeral, img, hw::get_device(("default")));
+            cryptonote::origin_data od{3, crypto::null_pkey, 0};
+            generate_key_image_helper(from.get_keys(), subaddresses, out_key, get_tx_pub_key_from_extra(*oi.p_tx), get_additional_tx_pub_keys_from_extra(*oi.p_tx), oi.out_no, in_ephemeral, img, hw::get_device(("default")), false, od);
 
             // lookup for this key image in the events vector
             BOOST_FOREACH(auto& tx_pair, mtx) {

tests/core_tests/chaingen.h

@@ -44,7 +44,7 @@
 #include <boost/functional/hash.hpp>
 
 #include "include_base_utils.h"
-#include "common/boost_serialization_helper.h"
+#include "chaingen_serialization.h"
 #include "common/command_line.h"
 #include "common/threadpool.h"
 

tests/core_tests/double_spend.inl

@@ -144,7 +144,7 @@ bool gen_double_spend_in_tx<txs_keeped_by_block>::generate(std::vector<test_even
   destinations.push_back(de);
 
   cryptonote::transaction tx_1;
-  if (!construct_tx(bob_account.get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_1, 0))
+  if (!construct_tx(bob_account.get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_1, 0))
     return false;
 
   SET_EVENT_VISITOR_SETT(events, txs_keeped_by_block ? event_visitor_settings::set_txs_keeped_by_block : 0);

tests/core_tests/integer_overflow.cpp

@@ -174,7 +174,7 @@ bool gen_uint_overflow_2::generate(std::vector<test_event_entry>& events) const
   destinations.push_back(tx_destination_entry(sources.front().amount - MONEY_SUPPLY - MONEY_SUPPLY + 1 - TESTS_DEFAULT_FEE, bob_addr, false));
 
   cryptonote::transaction tx_1;
-  if (!construct_tx(miner_account.get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_1, 0))
+  if (!construct_tx(miner_account.get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_1, 0))
     return false;
   events.push_back(tx_1);
 
@@ -200,7 +200,7 @@ bool gen_uint_overflow_2::generate(std::vector<test_event_entry>& events) const
   destinations.push_back(de);
 
   cryptonote::transaction tx_2;
-  if (!construct_tx(bob_account.get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_2, 0))
+  if (!construct_tx(bob_account.get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_2, 0))
     return false;
   events.push_back(tx_2);
 

tests/core_tests/multisig.cpp

@@ -227,13 +227,13 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
         CHECK_AND_ASSERT_MES(r, false, "Failed to generate multisig export key image");
       }
       MDEBUG("Party " << msidx << ":");
-      MDEBUG("spend: sec " << miner_account[msidx].get_keys().m_spend_secret_key << ", pub " << miner_account[msidx].get_keys().m_account_address.m_spend_public_key);
-      MDEBUG("view: sec " << miner_account[msidx].get_keys().m_view_secret_key << ", pub " << miner_account[msidx].get_keys().m_account_address.m_view_public_key);
+      MDEBUG("spend: sec " << crypto::secret_key_explicit_print_ref{miner_account[msidx].get_keys().m_spend_secret_key} << ", pub " << miner_account[msidx].get_keys().m_account_address.m_spend_public_key);
+      MDEBUG("view: sec " << crypto::secret_key_explicit_print_ref{miner_account[msidx].get_keys().m_view_secret_key} << ", pub " << miner_account[msidx].get_keys().m_account_address.m_view_public_key);
       for (const auto &k: miner_account[msidx].get_multisig_keys())
-        MDEBUG("msk: " << k);
+        MDEBUG("msk: " << crypto::secret_key_explicit_print_ref{k});
       for (size_t n = 0; n < account_k[msidx][tdidx].size(); ++n)
       {
-        MDEBUG("k: " << account_k[msidx][tdidx][n]);
+        MDEBUG("k: " << crypto::secret_key_explicit_print_ref{account_k[msidx][tdidx][n]});
         MDEBUG("L: " << account_L[msidx][tdidx][n]);
         MDEBUG("R: " << account_R[msidx][tdidx][n]);
       }
@@ -245,6 +245,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
   // create kLRki
   std::vector<rct::multisig_kLRki> kLRkis;
   std::unordered_set<crypto::public_key> used_L;
+  const cryptonote::origin_data origin_tx_data{3,crypto::null_pkey, 0};
   for (size_t tdidx = 0; tdidx < inputs; ++tdidx)
   {
     kLRkis.push_back(rct::multisig_kLRki());
@@ -253,13 +254,13 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
     for (size_t msidx = 0; msidx < total; ++msidx)
       for (size_t n = 0; n < account_ki[msidx][tdidx].size(); ++n)
         pkis.push_back(account_ki[msidx][tdidx][n]);
-    r = multisig::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki);
+    r = multisig::generate_multisig_composite_key_image(miner_account[0].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)kLRki.ki, false, origin_tx_data);
     CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image");
     MDEBUG("composite ki: " << kLRki.ki);
     for (size_t n = 1; n < total; ++n)
     {
       rct::key ki;
-      r = multisig::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki);
+      r = multisig::generate_multisig_composite_key_image(miner_account[n].get_keys(), subaddresses, output_pub_key[tdidx], tx_pub_key[tdidx], additional_tx_keys, 0, pkis, (crypto::key_image&)ki, false, origin_tx_data);
       CHECK_AND_ASSERT_MES(r, false, "Failed to generate composite key image");
       CHECK_AND_ASSERT_MES(kLRki.ki == ki, false, "Composite key images do not match");
     }
@@ -310,7 +311,7 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
   crypto::secret_key multisig_tx_key_entropy;
   auto sources_copy = sources;
   multisig::signing::tx_builder_ringct_t tx_builder;
-  CHECK_AND_ASSERT_MES(tx_builder.init(miner_account[creator].get_keys(), {}, 0, 0, {0}, sources, destinations, {}, {rct::RangeProofPaddedBulletproof, 4}, true, false, tx_key, additional_tx_secret_keys, multisig_tx_key_entropy, tx), false, "error: multisig::signing::tx_builder_ringct_t::init");
+  CHECK_AND_ASSERT_MES(tx_builder.init(miner_account[creator].get_keys(), {}, cryptonote::transaction_type::TRANSFER, 1, 0, 0, {0}, sources, destinations, {}, {rct::RangeProofPaddedBulletproof, 4}, true, false, tx_key, additional_tx_secret_keys, multisig_tx_key_entropy, tx), false, "error: multisig::signing::tx_builder_ringct_t::init");
 
   // work out the permutation done on sources
   std::vector<size_t> ins_order;
@@ -399,14 +400,14 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
     }
     tools::apply_permutation(ins_order, k);
     multisig::signing::tx_builder_ringct_t signer_tx_builder;
-    CHECK_AND_ASSERT_MES(signer_tx_builder.init(miner_account[signer].get_keys(), {}, 0, 0, {0}, sources, destinations, {}, {rct::RangeProofPaddedBulletproof, 4}, true, true, tx_key, additional_tx_secret_keys, multisig_tx_key_entropy, tx), false, "error: multisig::signing::tx_builder_ringct_t::init");
+    CHECK_AND_ASSERT_MES(signer_tx_builder.init(miner_account[signer].get_keys(), {}, cryptonote::transaction_type::TRANSFER, 1, 0, 0, {0}, sources, destinations, {}, {rct::RangeProofPaddedBulletproof, 4}, true, true, tx_key, additional_tx_secret_keys, multisig_tx_key_entropy, tx), false, "error: multisig::signing::tx_builder_ringct_t::init");
 
     MDEBUG("signing with k size " << k.size());
     for (size_t n = 0; n < multisig::signing::kAlphaComponents; ++n)
       MDEBUG("signing with k " << k.back()[n]);
     MDEBUG("signing with sk " << skey);
     for (const auto &sk: used_keys)
-      MDEBUG("  created with sk " << sk);
+      MDEBUG("  created with sk " << crypto::secret_key_explicit_print_ref{sk});
     CHECK_AND_ASSERT_MES(signer_tx_builder.next_partial_sign(sig.total_alpha_G, sig.total_alpha_H, k, skey, sig.c_0, sig.s), false, "error: multisig::signing::tx_builder_ringct_t::next_partial_sign");
 
     // in round-robin signing, the last signer finalizes the tx

tests/core_tests/transaction_tests.cpp

@@ -157,7 +157,7 @@ bool test_transaction_generation_and_ring_signature()
   destinations.push_back(td);
 
   transaction tx_rc1;
-  bool r = construct_tx(miner_acc2.get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_rc1, 0);
+  bool r = construct_tx(miner_acc2.get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx_rc1, 0);
   CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction");
 
   crypto::hash pref_hash = get_transaction_prefix_hash(tx_rc1);

tests/core_tests/tx_validation.cpp

@@ -63,7 +63,8 @@ namespace
         std::unordered_map<crypto::public_key, cryptonote::subaddress_index> subaddresses;
         subaddresses[sender_account_keys.m_account_address.m_spend_public_key] = {0,0};
         auto& out_key = reinterpret_cast<const crypto::public_key&>(src_entr.outputs[src_entr.real_output].second.dest);
-        generate_key_image_helper(sender_account_keys, subaddresses, out_key, src_entr.real_out_tx_key, src_entr.real_out_additional_tx_keys, src_entr.real_output_in_tx_index, in_ephemeral, img, hw::get_device(("default")));
+        const cryptonote::origin_data od{3, crypto::null_pkey, src_entr.real_output};
+        generate_key_image_helper(sender_account_keys, subaddresses, out_key, src_entr.real_out_tx_key, src_entr.real_out_additional_tx_keys, src_entr.real_output_in_tx_index, in_ephemeral, img, hw::get_device(("default")), false, od);
 
         // put key image into tx input
         txin_to_key input_to_key;

tests/core_tests/v2_tests.cpp

@@ -107,7 +107,7 @@ bool gen_v2_tx_validation_base::generate_with(std::vector<test_event_entry>& eve
   destinations.push_back(td);
 
   transaction tx;
-  bool r = construct_tx(miner_accounts[0].get_keys(), sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx, 0);
+  bool r = construct_tx(miner_accounts[0].get_keys(), sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), tx, 0);
   CHECK_AND_ASSERT_MES(r, false, "failed to construct transaction");
   if (!valid)
     DO_CALLBACK(events, "mark_invalid_tx");

tests/functional_tests/transactions_flow_test.cpp

@@ -172,7 +172,7 @@ bool transactions_flow_test(std::string& working_folder,
 
   //wait for money, until balance will have enough money
   w1.refresh(true, blocks_fetched, received_money, ok);
-  while(w1.unlocked_balance(0, true) < amount_to_transfer)
+  while(w1.unlocked_balance(0, "SAL", true) < amount_to_transfer)
   {
     misc_utils::sleep_no_w(1000);
     w1.refresh(true, blocks_fetched, received_money, ok);
@@ -185,7 +185,7 @@ bool transactions_flow_test(std::string& working_folder,
   {
     tools::wallet2::transfer_container incoming_transfers;
     w1.get_transfers(incoming_transfers);
-    if(incoming_transfers.size() > FIRST_N_TRANSFERS && get_money_in_first_transfers(incoming_transfers, FIRST_N_TRANSFERS) < w1.unlocked_balance(0, true) )
+    if(incoming_transfers.size() > FIRST_N_TRANSFERS && get_money_in_first_transfers(incoming_transfers, FIRST_N_TRANSFERS) < w1.unlocked_balance(0, "SAL", true) )
     {
       //lets go!
       size_t count = 0;
@@ -220,7 +220,7 @@ bool transactions_flow_test(std::string& working_folder,
   for(i = 0; i != transactions_count; i++)
   {
     uint64_t amount_to_tx = (amount_to_transfer - transfered_money) > transfer_size ? transfer_size: (amount_to_transfer - transfered_money);
-    while(w1.unlocked_balance(0, true) < amount_to_tx + TEST_FEE)
+    while(w1.unlocked_balance(0, "SAL", true) < amount_to_tx + TEST_FEE)
     {
       misc_utils::sleep_no_w(1000);
       LOG_PRINT_L0("not enough money, waiting for cashback or mining");
@@ -269,7 +269,7 @@ bool transactions_flow_test(std::string& working_folder,
     misc_utils::sleep_no_w(DIFFICULTY_BLOCKS_ESTIMATE_TIMESPAN*1000);//wait two blocks before sync on another wallet on another daemon
   }
 
-  uint64_t money_2 = w2.balance(0, true);
+  uint64_t money_2 = w2.balance(0, "SAL", true);
   if(money_2 == transfered_money)
   {
     MGINFO_GREEN("-----------------------FINISHING TRANSACTIONS FLOW TEST OK-----------------------");

tests/performance_tests/ge_frombytes_vartime.h

@@ -57,7 +57,7 @@ public:
     std::vector<tx_destination_entry> destinations;
     destinations.push_back(tx_destination_entry(1, m_alice.get_keys().m_account_address, false));
 
-    if (!construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), m_tx, 0))
+    if (!construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), m_tx, 0))
       return false;
 
     const cryptonote::txin_to_key& txin = boost::get<cryptonote::txin_to_key>(m_tx.vin[0]);

tests/performance_tests/ge_tobytes.h

@@ -57,7 +57,7 @@ public:
     std::vector<tx_destination_entry> destinations;
     destinations.push_back(tx_destination_entry(1, m_alice.get_keys().m_account_address, false));
 
-    if (!construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, 1/*hf_version*/, "FULM", "FULM", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), m_tx, 0))
+    if (!construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, 1/*hf_version*/, "SAL", cryptonote::transaction_type::TRANSFER, boost::none, std::vector<uint8_t>(), m_tx, 0))
       return false;
     
     const cryptonote::txin_to_key& txin = boost::get<cryptonote::txin_to_key>(m_tx.vin[0]);

tests/performance_tests/generate_key_image_helper.h

@@ -49,6 +49,7 @@ public:
     std::unordered_map<crypto::public_key, cryptonote::subaddress_index> subaddresses;
     subaddresses[m_bob.get_keys().m_account_address.m_spend_public_key] = {0,0};
     crypto::public_key out_key = boost::get<cryptonote::txout_to_key>(m_tx.vout[0].target).key;
-    return cryptonote::generate_key_image_helper(m_bob.get_keys(), subaddresses, out_key, m_tx_pub_key, m_additional_tx_pub_keys, 0, in_ephemeral, ki, hw::get_device("default"));
+    cryptonote::origin_data od{3,crypto::null_pkey,0};
+    return cryptonote::generate_key_image_helper(m_bob.get_keys(), subaddresses, out_key, m_tx_pub_key, m_additional_tx_pub_keys, 0, in_ephemeral, ki, hw::get_device("default"), false, od);
   }
 };

tests/unit_tests/address_from_url.cpp

@@ -84,7 +84,7 @@ TEST(AddressFromTXT, Failure)
 
 TEST(AddressFromURL, Success)
 {
-  const std::string addr = FULMO_DONATION_ADDR;
+  const std::string addr = SALVIUM_DONATION_ADDR;
   
   bool dnssec_result = false;
 

tests/unit_tests/blockchain_db.cpp

@@ -274,8 +274,9 @@ TYPED_TEST(BlockchainDBTest, AddBlock)
   // no blocks have been added yet (because genesis has no parent).
   //ASSERT_THROW(this->m_db->add_block(this->m_blocks[1], t_sizes[1], t_sizes[1], t_diffs[1], t_coins[1], this->m_txs[1]), BLOCK_PARENT_DNE);
 
-  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[0], t_sizes[0], t_sizes[0], t_diffs[0], t_coins[0], this->m_txs[0]));
-  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[1], t_sizes[1], t_sizes[1], t_diffs[1], t_coins[1], this->m_txs[1]));
+  cryptonote::yield_block_info ybi;
+  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[0], t_sizes[0], t_sizes[0], t_diffs[0], t_coins[0], this->m_txs[0], cryptonote::FAKECHAIN, ybi));
+  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[1], t_sizes[1], t_sizes[1], t_diffs[1], t_coins[1], this->m_txs[1], cryptonote::FAKECHAIN, ybi));
 
   block b;
   ASSERT_TRUE(this->m_db->block_exists(get_block_hash(this->m_blocks[0].first)));
@@ -288,7 +289,7 @@ TYPED_TEST(BlockchainDBTest, AddBlock)
   ASSERT_TRUE(compare_blocks(this->m_blocks[0].first, b));
 
   // assert that we can't add the same block twice
-  ASSERT_THROW(this->m_db->add_block(this->m_blocks[0], t_sizes[0], t_sizes[0], t_diffs[0], t_coins[0], this->m_txs[0]), TX_EXISTS);
+  ASSERT_THROW(this->m_db->add_block(this->m_blocks[0], t_sizes[0], t_sizes[0], t_diffs[0], t_coins[0], this->m_txs[0], cryptonote::FAKECHAIN, ybi), TX_EXISTS);
 
   for (auto& h : this->m_blocks[0].first.tx_hashes)
   {
@@ -314,14 +315,15 @@ TYPED_TEST(BlockchainDBTest, RetrieveBlockData)
 
   db_wtxn_guard guard(this->m_db);
 
-  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[0], t_sizes[0], t_sizes[0],  t_diffs[0], t_coins[0], this->m_txs[0]));
+  cryptonote::yield_block_info ybi;
+  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[0], t_sizes[0], t_sizes[0],  t_diffs[0], t_coins[0], this->m_txs[0], cryptonote::FAKECHAIN, ybi));
 
   ASSERT_EQ(t_sizes[0], this->m_db->get_block_weight(0));
   ASSERT_EQ(t_diffs[0], this->m_db->get_block_cumulative_difficulty(0));
   ASSERT_EQ(t_diffs[0], this->m_db->get_block_difficulty(0));
   ASSERT_EQ(t_coins[0], this->m_db->get_block_already_generated_coins(0));
 
-  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[1], t_sizes[1], t_sizes[1], t_diffs[1], t_coins[1], this->m_txs[1]));
+  ASSERT_NO_THROW(this->m_db->add_block(this->m_blocks[1], t_sizes[1], t_sizes[1], t_diffs[1], t_coins[1], this->m_txs[1], cryptonote::FAKECHAIN, ybi));
   ASSERT_EQ(t_diffs[1] - t_diffs[0], this->m_db->get_block_difficulty(1));
 
   ASSERT_HASH_EQ(get_block_hash(this->m_blocks[0].first), this->m_db->get_block_hash_from_height(0));

tests/unit_tests/bulletproofs.cpp

@@ -133,10 +133,10 @@ TEST(bulletproofs, multi_splitting)
     rct::ctkeyV outSk;
     rct::RCTConfig rct_config { rct::RangeProofPaddedBulletproof, 4 };
     cryptonote::transaction_type tx_type = cryptonote::transaction_type::TRANSFER;
-    std::string in_asset_type = "FULM";
+    std::string in_asset_type = "SAL";
     std::vector<std::string> destination_asset_types;
     for (size_t i = 0; i < destinations.size(); ++i)
-      destination_asset_types.push_back("FULM");
+      destination_asset_types.push_back("SAL");
 
     rct::rctSig s = rct::genRctSimple(rct::zero(), sc, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, outamounts, available, mixRing, amount_keys, index, outSk, rct_config, hw::get_device("default"));
     ASSERT_TRUE(rct::verRctSimple(s));

tests/unit_tests/crypto.cpp

@@ -72,10 +72,10 @@ TEST(Crypto, Ostream)
   EXPECT_TRUE(is_formatted<crypto::hash8>());
   EXPECT_TRUE(is_formatted<crypto::hash>());
   EXPECT_TRUE(is_formatted<crypto::public_key>());
-  EXPECT_TRUE(is_formatted<crypto::secret_key>());
   EXPECT_TRUE(is_formatted<crypto::signature>());
   EXPECT_TRUE(is_formatted<crypto::key_derivation>());
   EXPECT_TRUE(is_formatted<crypto::key_image>());
+  EXPECT_TRUE(is_formatted<rct::key>());
 }
 
 TEST(Crypto, null_keys)

tests/unit_tests/hardfork.cpp

@@ -47,14 +47,18 @@ namespace
 class TestDB: public cryptonote::BaseTestDB {
 public:
   virtual uint64_t height() const override { return blocks.size(); }
-  virtual void add_block( const block& blk
+  virtual void add_block( const cryptonote::block& blk
                         , size_t block_weight
                         , uint64_t long_term_block_weight
-                        , const difficulty_type& cumulative_difficulty
+                        , const cryptonote::difficulty_type& cumulative_difficulty
                         , const uint64_t& coins_generated
                         , uint64_t num_rct_outs
                         , oracle::asset_type_counts& cum_rct_by_asset_type
                         , const crypto::hash& blk_hash
+                        , uint64_t slippage_total
+                        , uint64_t yield_total
+                        , const cryptonote::network_type nettype
+                        , cryptonote::yield_block_info& ybi
                         ) override {
     blocks.push_back(blk);
   }
@@ -99,6 +103,7 @@ TEST(major, Only)
   TestDB db;
   HardFork hf(db, 1, 0, 0, 0, 1, 0); // no voting
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   //                      v  h  t
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
@@ -109,20 +114,20 @@ TEST(major, Only)
   ASSERT_FALSE(hf.add(mkblock(0, 2), 0));
   ASSERT_FALSE(hf.add(mkblock(2, 2), 0));
   ASSERT_TRUE(hf.add(mkblock(1, 2), 0));
-  db.add_block(mkblock(1, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+  db.add_block(mkblock(1, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
 
   // block height 1, only version 1 is accepted
   ASSERT_FALSE(hf.add(mkblock(0, 2), 1));
   ASSERT_FALSE(hf.add(mkblock(2, 2), 1));
   ASSERT_TRUE(hf.add(mkblock(1, 2), 1));
-  db.add_block(mkblock(1, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+  db.add_block(mkblock(1, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
 
   // block height 2, only version 2 is accepted
   ASSERT_FALSE(hf.add(mkblock(0, 2), 2));
   ASSERT_FALSE(hf.add(mkblock(1, 2), 2));
   ASSERT_FALSE(hf.add(mkblock(3, 2), 2));
   ASSERT_TRUE(hf.add(mkblock(2, 2), 2));
-  db.add_block(mkblock(2, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+  db.add_block(mkblock(2, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
 }
 
 TEST(empty_hardforks, Success)
@@ -130,6 +135,7 @@ TEST(empty_hardforks, Success)
   TestDB db;
   HardFork hf(db);
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
   hf.init();
@@ -137,7 +143,7 @@ TEST(empty_hardforks, Success)
   ASSERT_TRUE(hf.get_state(time(NULL) + 3600*24*400) == HardFork::Ready);
 
   for (uint64_t h = 0; h <= 10; ++h) {
-    db.add_block(mkblock(hf, h, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
   ASSERT_EQ(hf.get(0), 1);
@@ -164,6 +170,7 @@ TEST(check_for_height, Success)
   TestDB db;
   HardFork hf(db, 1, 0, 0, 0, 1, 0); // no voting
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
   ASSERT_TRUE(hf.add_fork(2, 5, 1));
@@ -172,14 +179,14 @@ TEST(check_for_height, Success)
   for (uint64_t h = 0; h <= 4; ++h) {
     ASSERT_TRUE(hf.check_for_height(mkblock(1, 1), h));
     ASSERT_FALSE(hf.check_for_height(mkblock(2, 2), h));  // block version is too high
-    db.add_block(mkblock(hf, h, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 
   for (uint64_t h = 5; h <= 10; ++h) {
     ASSERT_FALSE(hf.check_for_height(mkblock(1, 1), h));  // block version is too low
     ASSERT_TRUE(hf.check_for_height(mkblock(2, 2), h));
-    db.add_block(mkblock(hf, h, 2), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 2), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 }
@@ -189,6 +196,7 @@ TEST(get, next_version)
   TestDB db;
   HardFork hf(db);
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
   ASSERT_TRUE(hf.add_fork(2, 5, 1));
@@ -197,19 +205,19 @@ TEST(get, next_version)
 
   for (uint64_t h = 0; h <= 4; ++h) {
     ASSERT_EQ(2, hf.get_next_version());
-    db.add_block(mkblock(hf, h, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 
   for (uint64_t h = 5; h <= 9; ++h) {
     ASSERT_EQ(4, hf.get_next_version());
-    db.add_block(mkblock(hf, h, 2), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 2), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 
   for (uint64_t h = 10; h <= 15; ++h) {
     ASSERT_EQ(4, hf.get_next_version());
-    db.add_block(mkblock(hf, h, 4), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 4), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 }
@@ -243,6 +251,7 @@ TEST(steps_asap, Success)
   TestDB db;
   HardFork hf(db, 1,0,1,1,1);
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   //                 v  h  t
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
@@ -252,7 +261,7 @@ TEST(steps_asap, Success)
   hf.init();
 
   for (uint64_t h = 0; h < 10; ++h) {
-    db.add_block(mkblock(hf, h, 9), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, 9), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 
@@ -273,6 +282,7 @@ TEST(steps_1, Success)
   TestDB db;
   HardFork hf(db, 1,0,1,1,1);
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
   for (int n = 1 ; n < 10; ++n)
@@ -280,7 +290,7 @@ TEST(steps_1, Success)
   hf.init();
 
   for (uint64_t h = 0 ; h < 10; ++h) {
-    db.add_block(mkblock(hf, h, h+1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, h+1), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 
@@ -295,7 +305,8 @@ TEST(reorganize, Same)
     TestDB db;
     HardFork hf(db, 1, 0, 1, 1, history, 100);
     oracle::asset_type_counts num_rct_outs_by_asset_type;
-
+    cryptonote::yield_block_info ybi;
+  
     //                 v  h  t
     ASSERT_TRUE(hf.add_fork(1, 0, 0));
     ASSERT_TRUE(hf.add_fork(4, 2, 1));
@@ -306,7 +317,7 @@ TEST(reorganize, Same)
     //                                 index  0  1  2  3  4  5  6  7  8  9
     static const uint8_t block_versions[] = { 1, 1, 4, 4, 7, 7, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9 };
     for (uint64_t h = 0; h < 20; ++h) {
-      db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+      db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
       ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
     }
 
@@ -325,6 +336,7 @@ TEST(reorganize, Changed)
   TestDB db;
   HardFork hf(db, 1, 0, 1, 1, 4, 100);
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   //                 v  h  t
   ASSERT_TRUE(hf.add_fork(1, 0, 0));
@@ -338,7 +350,7 @@ TEST(reorganize, Changed)
   static const uint8_t block_versions[] =    { 1, 1, 4, 4, 7, 7, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9 };
   static const uint8_t expected_versions[] = { 1, 1, 1, 1, 1, 1, 4, 4, 7, 7, 9, 9, 9, 9, 9, 9 };
   for (uint64_t h = 0; h < 16; ++h) {
-    db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE (hf.add(db.get_block_from_height(h), h));
   }
 
@@ -358,7 +370,7 @@ TEST(reorganize, Changed)
   ASSERT_EQ(db.height(), 3);
   hf.reorganize_from_block_height(2);
   for (uint64_t h = 3; h < 16; ++h) {
-    db.add_block(mkblock(hf, h, block_versions_new[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, block_versions_new[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     bool ret = hf.add(db.get_block_from_height(h), h);
     ASSERT_EQ (ret, h < 15);
   }
@@ -372,6 +384,7 @@ TEST(reorganize, Changed)
 TEST(voting, threshold)
 {
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
   for (int threshold = 87; threshold <= 88; ++threshold) {
     TestDB db;
     HardFork hf(db, 1, 0, 1, 1, 8, threshold);
@@ -383,7 +396,7 @@ TEST(voting, threshold)
 
     for (uint64_t h = 0; h <= 8; ++h) {
       uint8_t v = 1 + !!(h % 8);
-      db.add_block(mkblock(hf, h, v), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+      db.add_block(mkblock(hf, h, v), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
       bool ret = hf.add(db.get_block_from_height(h), h);
       if (h >= 8 && threshold == 87) {
         // for threshold 87, we reach the treshold at height 7, so from height 8, hard fork to version 2, but 8 tries to add 1
@@ -402,6 +415,7 @@ TEST(voting, threshold)
 TEST(voting, different_thresholds)
 {
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
   for (int threshold = 87; threshold <= 88; ++threshold) {
     TestDB db;
     HardFork hf(db, 1, 0, 1, 1, 4, 50); // window size 4
@@ -418,7 +432,7 @@ TEST(voting, different_thresholds)
     static const uint8_t expected_versions[] = { 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4 };
 
     for (uint64_t h = 0; h < sizeof(block_versions) / sizeof(block_versions[0]); ++h) {
-      db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+      db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
       bool ret = hf.add(db.get_block_from_height(h), h);
       ASSERT_EQ(ret, true);
     }
@@ -433,6 +447,7 @@ TEST(voting, info)
   TestDB db;
   HardFork hf(db, 1, 0, 1, 1, 4, 50); // window size 4, default threshold 50%
   oracle::asset_type_counts num_rct_outs_by_asset_type;
+  cryptonote::yield_block_info ybi;
 
   //                      v  h  ts
   ASSERT_TRUE(hf.add_fork(1, 0,  0));
@@ -472,7 +487,7 @@ TEST(voting, info)
     ASSERT_EQ(expected_thresholds[h], threshold);
     ASSERT_EQ(4, voting);
 
-    db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash());
+    db.add_block(mkblock(hf, h, block_versions[h]), 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(hf.add(db.get_block_from_height(h), h));
   }
 }
@@ -536,7 +551,8 @@ TEST(reorganize, changed)
   do { \
     cryptonote::block b = mkblock(hf, h, v); \
     oracle::asset_type_counts num_rct_outs_by_asset_type; \
-    db.add_block(b, 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash()); \
+    cryptonote::yield_block_info ybi; \
+    db.add_block(b, 0, 0, 0, 0, 0, num_rct_outs_by_asset_type, crypto::hash(), 0, 0, cryptonote::FAKECHAIN, ybi); \
     ASSERT_##a(hf.add(b, h)); \
   } while(0)
 #define ADD_TRUE(v, h) ADD(v, h, TRUE)

tests/unit_tests/long_term_block_weight.cpp

@@ -59,6 +59,10 @@ public:
                         , uint64_t num_rct_outs
                         , oracle::asset_type_counts& cum_rct_by_asset_type
                         , const crypto::hash& blk_hash
+                        , uint64_t slippage_total
+                        , uint64_t yield_total
+                        , const cryptonote::network_type nettype
+                        , cryptonote::yield_block_info& ybi
                         ) override {
     blocks.push_back({block_weight, long_term_block_weight});
   }
@@ -107,16 +111,10 @@ static uint32_t lcg()
 
 }
 
-struct BlockchainAndPool
-{
-  cryptonote::tx_memory_pool txpool;
-  cryptonote::Blockchain bc;
-  BlockchainAndPool(): txpool(bc), bc(txpool) {}
-};
-
 #define PREFIX_WINDOW(hf_version,window) \
-  BlockchainAndPool bap; \
-  cryptonote::Blockchain *bc = &bap.bc; \
+  cryptonote::BlockchainAndPool bap; \
+  cryptonote::Blockchain *bc = &bap.blockchain; \
+  cryptonote::yield_block_info ybi; \
   struct get_test_options { \
     const std::pair<uint8_t, uint64_t> hard_forks[3]; \
     const cryptonote::test_options test_options = { \
@@ -148,7 +146,7 @@ TEST(long_term_block_weight, identical_before_fork)
   {
     size_t w = h < CRYPTONOTE_REWARD_BLOCKS_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
   for (uint64_t h = 0; h < 10 * TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW; ++h)
@@ -165,7 +163,7 @@ TEST(long_term_block_weight, identical_after_fork_before_long_term_window)
   {
     size_t w = h < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
   for (uint64_t h = 0; h < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW; ++h)
@@ -182,7 +180,7 @@ TEST(long_term_block_weight, ceiling_at_30000000)
   {
     size_t w = h < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
   ASSERT_EQ(bc->get_current_cumulative_block_weight_median(), 15000000);
@@ -197,7 +195,7 @@ TEST(long_term_block_weight, multi_pop)
   {
     size_t w = h < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
 
@@ -209,7 +207,7 @@ TEST(long_term_block_weight, multi_pop)
   {
     size_t w = bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
 
@@ -231,7 +229,7 @@ TEST(long_term_block_weight, multiple_updates)
   {
     size_t w = h < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
     const uint64_t effective_median = bc->get_current_cumulative_block_weight_median();
     const uint64_t effective_limit = bc->get_current_cumulative_block_weight_limit();
@@ -255,7 +253,7 @@ TEST(long_term_block_weight, pop_invariant_max)
   {
     size_t w = bc->get_db().height() < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
 
@@ -283,7 +281,7 @@ TEST(long_term_block_weight, pop_invariant_max)
     {
       size_t w = bc->get_db().height() < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : bc->get_current_cumulative_block_weight_limit();
       uint64_t ltw = bc->get_next_long_term_block_weight(w);
-      bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, bc->get_db().height(), bc->get_db().height(), {});
+      bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, bc->get_db().height(), bc->get_db().height(), {}, cryptonote::FAKECHAIN, ybi);
       ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
     }
 
@@ -305,7 +303,7 @@ TEST(long_term_block_weight, pop_invariant_random)
     uint32_t r = lcg();
     size_t w = bc->get_db().height() < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : (r % bc->get_current_cumulative_block_weight_limit());
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
   }
 
@@ -340,7 +338,7 @@ TEST(long_term_block_weight, pop_invariant_random)
       uint32_t r = lcg();
       size_t w = bc->get_db().height() < TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW ? CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5 : (r % bc->get_current_cumulative_block_weight_limit());
       uint64_t ltw = bc->get_next_long_term_block_weight(w);
-      bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, bc->get_db().height(), bc->get_db().height(), {});
+      bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, bc->get_db().height(), bc->get_db().height(), {}, cryptonote::FAKECHAIN, ybi);
       ASSERT_TRUE(bc->update_next_cumulative_weight_limit());
       const uint64_t effective_median = bc->get_current_cumulative_block_weight_median();
       const uint64_t effective_limit = bc->get_current_cumulative_block_weight_limit();
@@ -368,7 +366,7 @@ TEST(long_term_block_weight, long_growth_spike_and_drop)
   {
     size_t w = CRYPTONOTE_BLOCK_GRANTED_FULL_REWARD_ZONE_V5;
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit(&long_term_effective_median_block_weight));
   }
   ASSERT_EQ(long_term_effective_median_block_weight, 300000);
@@ -380,7 +378,7 @@ TEST(long_term_block_weight, long_growth_spike_and_drop)
     float t = h / float(365 * 720 * TEST_LONG_TERM_BLOCK_WEIGHT_WINDOW / 100000);
     size_t w = 300000 + t * 30000;
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit(&long_term_effective_median_block_weight));
   }
   ASSERT_GT(long_term_effective_median_block_weight, 300000 * 1.07);
@@ -391,7 +389,7 @@ TEST(long_term_block_weight, long_growth_spike_and_drop)
   {
     size_t w = bc->get_current_cumulative_block_weight_limit();
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit(&long_term_effective_median_block_weight));
   }
   ASSERT_GT(long_term_effective_median_block_weight, 300000 * 1.07);
@@ -402,7 +400,7 @@ TEST(long_term_block_weight, long_growth_spike_and_drop)
   {
     size_t w = bc->get_current_cumulative_block_weight_median() * .25;
     uint64_t ltw = bc->get_next_long_term_block_weight(w);
-    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {});
+    bc->get_db().add_block(std::make_pair(cryptonote::block(), ""), w, ltw, h, h, {}, cryptonote::FAKECHAIN, ybi);
     ASSERT_TRUE(bc->update_next_cumulative_weight_limit(&long_term_effective_median_block_weight));
   }
   ASSERT_GT(long_term_effective_median_block_weight, 300000 * 1.07);

tests/unit_tests/net.cpp

@@ -555,8 +555,6 @@ TEST(i2p_address, invalid)
     EXPECT_TRUE(net::i2p_address::make(".b32.i2p:").has_error());
     EXPECT_TRUE(net::i2p_address::make(b32_i2p + 1).has_error());
     EXPECT_TRUE(net::i2p_address::make(boost::string_ref{b32_i2p, sizeof(b32_i2p) - 2}).has_error());
-    EXPECT_TRUE(net::i2p_address::make(std::string{b32_i2p} + ":65536").has_error());
-    EXPECT_TRUE(net::i2p_address::make(std::string{b32_i2p} + ":-1").has_error());
 
     std::string i2p{b32_i2p};
     i2p.at(10) = 1;
@@ -570,7 +568,7 @@ TEST(i2p_address, unblockable_types)
     ASSERT_NE(nullptr, i2p.host_str());
     EXPECT_STREQ("<unknown i2p host>", i2p.host_str());
     EXPECT_STREQ("<unknown i2p host>", i2p.str().c_str());
-    EXPECT_EQ(0u, i2p.port());
+    EXPECT_EQ(1u, i2p.port());
     EXPECT_TRUE(i2p.is_unknown());
     EXPECT_FALSE(i2p.is_local());
     EXPECT_FALSE(i2p.is_loopback());
@@ -581,7 +579,7 @@ TEST(i2p_address, unblockable_types)
     ASSERT_NE(nullptr, i2p.host_str());
     EXPECT_STREQ("<unknown i2p host>", i2p.host_str());
     EXPECT_STREQ("<unknown i2p host>", i2p.str().c_str());
-    EXPECT_EQ(0u, i2p.port());
+    EXPECT_EQ(1u, i2p.port());
     EXPECT_TRUE(i2p.is_unknown());
     EXPECT_FALSE(i2p.is_local());
     EXPECT_FALSE(i2p.is_loopback());
@@ -596,14 +594,14 @@ TEST(i2p_address, valid)
     const auto address1 = net::i2p_address::make(b32_i2p);
 
     ASSERT_TRUE(address1.has_value());
-    EXPECT_EQ(0u, address1->port());
+    EXPECT_EQ(1u, address1->port());
     EXPECT_STREQ(b32_i2p, address1->host_str());
     EXPECT_STREQ(b32_i2p, address1->str().c_str());
     EXPECT_TRUE(address1->is_blockable());
 
     net::i2p_address address2{*address1};
 
-    EXPECT_EQ(0u, address2.port());
+    EXPECT_EQ(1u, address2.port());
     EXPECT_STREQ(b32_i2p, address2.host_str());
     EXPECT_STREQ(b32_i2p, address2.str().c_str());
     EXPECT_TRUE(address2.is_blockable());
@@ -620,9 +618,9 @@ TEST(i2p_address, valid)
 
     address2 = MONERO_UNWRAP(net::i2p_address::make(std::string{b32_i2p_2} + ":6545"));
 
-    EXPECT_EQ(6545, address2.port());
+    EXPECT_EQ(1u, address2.port());
     EXPECT_STREQ(b32_i2p_2, address2.host_str());
-    EXPECT_EQ(std::string{b32_i2p_2} + ":6545", address2.str().c_str());
+    EXPECT_EQ(std::string{b32_i2p_2}, address2.str().c_str());
     EXPECT_TRUE(address2.is_blockable());
     EXPECT_FALSE(address2.equal(*address1));
     EXPECT_FALSE(address1->equal(address2));
@@ -635,22 +633,22 @@ TEST(i2p_address, valid)
     EXPECT_FALSE(address2.less(*address1));
     EXPECT_TRUE(address1->less(address2));
 
-    net::i2p_address address3 = MONERO_UNWRAP(net::i2p_address::make(std::string{b32_i2p} + ":", 65535));
+    net::i2p_address address3 = MONERO_UNWRAP(net::i2p_address::make(std::string{b32_i2p} + ":65535"));
 
-    EXPECT_EQ(65535, address3.port());
+    EXPECT_EQ(1u, address3.port());
     EXPECT_STREQ(b32_i2p, address3.host_str());
-    EXPECT_EQ(std::string{b32_i2p} + ":65535", address3.str().c_str());
+    EXPECT_EQ(std::string{b32_i2p}, address3.str().c_str());
     EXPECT_TRUE(address3.is_blockable());
-    EXPECT_FALSE(address3.equal(*address1));
-    EXPECT_FALSE(address1->equal(address3));
-    EXPECT_FALSE(address3 == *address1);
-    EXPECT_FALSE(*address1 == address3);
-    EXPECT_TRUE(address3 != *address1);
-    EXPECT_TRUE(*address1 != address3);
+    EXPECT_TRUE(address3.equal(*address1));
+    EXPECT_TRUE(address1->equal(address3));
+    EXPECT_TRUE(address3 == *address1);
+    EXPECT_TRUE(*address1 == address3);
+    EXPECT_FALSE(address3 != *address1);
+    EXPECT_FALSE(*address1 != address3);
     EXPECT_TRUE(address3.is_same_host(*address1));
     EXPECT_TRUE(address1->is_same_host(address3));
     EXPECT_FALSE(address3.less(*address1));
-    EXPECT_TRUE(address1->less(address3));
+    EXPECT_FALSE(address1->less(address3));
 
     EXPECT_FALSE(address3.equal(address2));
     EXPECT_FALSE(address2.equal(address3));
@@ -666,8 +664,8 @@ TEST(i2p_address, valid)
 
 TEST(i2p_address, generic_network_address)
 {
-    const epee::net_utils::network_address i2p1{MONERO_UNWRAP(net::i2p_address::make(b32_i2p, 8080))};
-    const epee::net_utils::network_address i2p2{MONERO_UNWRAP(net::i2p_address::make(b32_i2p, 8080))};
+    const epee::net_utils::network_address i2p1{MONERO_UNWRAP(net::i2p_address::make(b32_i2p))};
+    const epee::net_utils::network_address i2p2{MONERO_UNWRAP(net::i2p_address::make(b32_i2p))};
     const epee::net_utils::network_address ip{epee::net_utils::ipv4_network_address{100, 200}};
 
     EXPECT_EQ(i2p1, i2p2);
@@ -675,7 +673,7 @@ TEST(i2p_address, generic_network_address)
     EXPECT_LT(ip, i2p1);
 
     EXPECT_STREQ(b32_i2p, i2p1.host_str().c_str());
-    EXPECT_EQ(std::string{b32_i2p} + ":8080", i2p1.str());
+    EXPECT_STREQ(b32_i2p, i2p1.str().c_str());
     EXPECT_EQ(epee::net_utils::address_type::i2p, i2p1.get_type_id());
     EXPECT_EQ(epee::net_utils::address_type::i2p, i2p2.get_type_id());
     EXPECT_EQ(epee::net_utils::address_type::ipv4, ip.get_type_id());
@@ -703,11 +701,11 @@ TEST(i2p_address, epee_serializev_b32)
 {
     epee::byte_slice buffer{};
     {
-        test_command_i2p command{MONERO_UNWRAP(net::i2p_address::make(b32_i2p, 10))};
+        test_command_i2p command{MONERO_UNWRAP(net::i2p_address::make(b32_i2p))};
         EXPECT_FALSE(command.i2p.is_unknown());
         EXPECT_NE(net::i2p_address{}, command.i2p);
         EXPECT_STREQ(b32_i2p, command.i2p.host_str());
-        EXPECT_EQ(10u, command.i2p.port());
+        EXPECT_EQ(1u, command.i2p.port());
 
         epee::serialization::portable_storage stg{};
         EXPECT_TRUE(command.store(stg));
@@ -719,7 +717,7 @@ TEST(i2p_address, epee_serializev_b32)
         EXPECT_TRUE(command.i2p.is_unknown());
         EXPECT_EQ(net::i2p_address{}, command.i2p);
         EXPECT_STREQ(net::i2p_address::unknown_str(), command.i2p.host_str());
-        EXPECT_EQ(0u, command.i2p.port());
+        EXPECT_EQ(1u, command.i2p.port());
 
         epee::serialization::portable_storage stg{};
         EXPECT_TRUE(stg.load_from_binary(epee::to_span(buffer)));
@@ -728,7 +726,7 @@ TEST(i2p_address, epee_serializev_b32)
     EXPECT_FALSE(command.i2p.is_unknown());
     EXPECT_NE(net::i2p_address{}, command.i2p);
     EXPECT_STREQ(b32_i2p, command.i2p.host_str());
-    EXPECT_EQ(10u, command.i2p.port());
+    EXPECT_EQ(1u, command.i2p.port());
 
     // make sure that exceeding max buffer doesn't destroy i2p_address::_load
     {
@@ -747,7 +745,7 @@ TEST(i2p_address, epee_serializev_b32)
     EXPECT_TRUE(command.i2p.is_unknown());
     EXPECT_EQ(net::i2p_address{}, command.i2p);
     EXPECT_STRNE(b32_i2p, command.i2p.host_str());
-    EXPECT_EQ(0u, command.i2p.port());
+    EXPECT_EQ(1u, command.i2p.port());
 }
 
 TEST(i2p_address, epee_serialize_unknown)
@@ -758,7 +756,7 @@ TEST(i2p_address, epee_serialize_unknown)
         EXPECT_TRUE(command.i2p.is_unknown());
         EXPECT_EQ(net::i2p_address{}, command.i2p);
         EXPECT_STREQ(net::i2p_address::unknown_str(), command.i2p.host_str());
-        EXPECT_EQ(0u, command.i2p.port());
+        EXPECT_EQ(1u, command.i2p.port());
 
         epee::serialization::portable_storage stg{};
         EXPECT_TRUE(command.store(stg));
@@ -770,7 +768,7 @@ TEST(i2p_address, epee_serialize_unknown)
         EXPECT_TRUE(command.i2p.is_unknown());
         EXPECT_EQ(net::i2p_address{}, command.i2p);
         EXPECT_STRNE(b32_i2p, command.i2p.host_str());
-        EXPECT_EQ(0u, command.i2p.port());
+        EXPECT_EQ(1u, command.i2p.port());
 
         epee::serialization::portable_storage stg{};
         EXPECT_TRUE(stg.load_from_binary(epee::to_span(buffer)));
@@ -779,7 +777,7 @@ TEST(i2p_address, epee_serialize_unknown)
     EXPECT_TRUE(command.i2p.is_unknown());
     EXPECT_EQ(net::i2p_address{}, command.i2p);
     EXPECT_STREQ(net::i2p_address::unknown_str(), command.i2p.host_str());
-    EXPECT_EQ(0u, command.i2p.port());
+    EXPECT_EQ(1u, command.i2p.port());
 
     // make sure that exceeding max buffer doesn't destroy i2p_address::_load
     {
@@ -798,18 +796,18 @@ TEST(i2p_address, epee_serialize_unknown)
     EXPECT_TRUE(command.i2p.is_unknown());
     EXPECT_EQ(net::i2p_address{}, command.i2p);
     EXPECT_STRNE(b32_i2p, command.i2p.host_str());
-    EXPECT_EQ(0u, command.i2p.port());
+    EXPECT_EQ(1u, command.i2p.port());
 }
 
 TEST(i2p_address, boost_serialize_b32)
 {
     std::string buffer{};
     {
-        const net::i2p_address i2p = MONERO_UNWRAP(net::i2p_address::make(b32_i2p, 10));
+        const net::i2p_address i2p = MONERO_UNWRAP(net::i2p_address::make(b32_i2p));
         EXPECT_FALSE(i2p.is_unknown());
         EXPECT_NE(net::i2p_address{}, i2p);
         EXPECT_STREQ(b32_i2p, i2p.host_str());
-        EXPECT_EQ(10u, i2p.port());
+        EXPECT_EQ(1u, i2p.port());
 
         std::ostringstream stream{};
         {
@@ -824,7 +822,7 @@ TEST(i2p_address, boost_serialize_b32)
         EXPECT_TRUE(i2p.is_unknown());
         EXPECT_EQ(net::i2p_address{}, i2p);
         EXPECT_STREQ(net::i2p_address::unknown_str(), i2p.host_str());
-        EXPECT_EQ(0u, i2p.port());
+        EXPECT_EQ(1u, i2p.port());
 
         std::istringstream stream{buffer};
         boost::archive::portable_binary_iarchive archive{stream};
@@ -833,7 +831,7 @@ TEST(i2p_address, boost_serialize_b32)
     EXPECT_FALSE(i2p.is_unknown());
     EXPECT_NE(net::i2p_address{}, i2p);
     EXPECT_STREQ(b32_i2p, i2p.host_str());
-    EXPECT_EQ(10u, i2p.port());
+    EXPECT_EQ(1u, i2p.port());
 }
 
 TEST(i2p_address, boost_serialize_unknown)
@@ -844,7 +842,7 @@ TEST(i2p_address, boost_serialize_unknown)
         EXPECT_TRUE(i2p.is_unknown());
         EXPECT_EQ(net::i2p_address::unknown(), i2p);
         EXPECT_STREQ(net::i2p_address::unknown_str(), i2p.host_str());
-        EXPECT_EQ(0u, i2p.port());
+        EXPECT_EQ(1u, i2p.port());
 
         std::ostringstream stream{};
         {
@@ -859,7 +857,7 @@ TEST(i2p_address, boost_serialize_unknown)
         EXPECT_TRUE(i2p.is_unknown());
         EXPECT_EQ(net::i2p_address{}, i2p);
         EXPECT_STREQ(net::i2p_address::unknown_str(), i2p.host_str());
-        EXPECT_EQ(0u, i2p.port());
+        EXPECT_EQ(1u, i2p.port());
 
         std::istringstream stream{buffer};
         boost::archive::portable_binary_iarchive archive{stream};
@@ -868,7 +866,7 @@ TEST(i2p_address, boost_serialize_unknown)
     EXPECT_TRUE(i2p.is_unknown());
     EXPECT_EQ(net::i2p_address::unknown(), i2p);
     EXPECT_STREQ(net::i2p_address::unknown_str(), i2p.host_str());
-    EXPECT_EQ(0u, i2p.port());
+    EXPECT_EQ(1u, i2p.port());
 }
 
 TEST(get_network_address, i2p)
@@ -884,16 +882,13 @@ TEST(get_network_address, i2p)
     ASSERT_TRUE(bool(address));
     EXPECT_EQ(epee::net_utils::address_type::i2p, address->get_type_id());
     EXPECT_STREQ(b32_i2p, address->host_str().c_str());
-    EXPECT_EQ(std::string{b32_i2p} + ":1000", address->str());
+    EXPECT_EQ(std::string{b32_i2p}, address->str());
 
     address = net::get_network_address(std::string{b32_i2p} + ":2000", 1000);
     ASSERT_TRUE(bool(address));
     EXPECT_EQ(epee::net_utils::address_type::i2p, address->get_type_id());
     EXPECT_STREQ(b32_i2p, address->host_str().c_str());
-    EXPECT_EQ(std::string{b32_i2p} + ":2000", address->str());
-
-    address = net::get_network_address(std::string{b32_i2p} + ":65536", 1000);
-    EXPECT_EQ(net::error::invalid_port, address);
+    EXPECT_EQ(std::string{b32_i2p}, address->str());
 }
 
 TEST(get_network_address, ipv4)

tests/unit_tests/node_server.cpp

@@ -433,6 +433,7 @@ TEST(cryptonote_protocol_handler, race_condition)
     const block_t &block,
     const stat::chain &stat
   ){
+    cryptonote::yield_block_info ybi;
     core.get_blockchain_storage().get_db().batch_start({}, {});
     core.get_blockchain_storage().get_db().add_block(
       {block, cryptonote::block_to_blob(block)},
@@ -442,7 +443,9 @@ TEST(cryptonote_protocol_handler, race_condition)
       ),
       stat.diff,
       stat.reward,
-      {}
+      {},
+      cryptonote::FAKECHAIN,
+      ybi
     );
     core.get_blockchain_storage().get_db().batch_stop();
   };

tests/unit_tests/output_distribution.cpp

@@ -30,10 +30,7 @@
 #include "gtest/gtest.h"
 #include "misc_log_ex.h"
 #include "rpc/rpc_handler.h"
-#include "blockchain_db/blockchain_db.h"
 #include "cryptonote_core/cryptonote_core.h"
-#include "cryptonote_core/tx_pool.h"
-#include "cryptonote_core/blockchain.h"
 #include "blockchain_db/testdb.h"
 
 static const uint64_t test_distribution[32] = {
@@ -77,9 +74,6 @@ public:
 
 bool get_output_distribution(uint64_t amount, std::string asset_type, uint64_t from, uint64_t to, uint64_t &start_height, std::vector<uint64_t> &distribution, uint64_t &base, uint64_t &num_spendable_global_outs)
 {
-  std::unique_ptr<cryptonote::Blockchain> bc;
-  cryptonote::tx_memory_pool txpool(*bc);
-  bc.reset(new cryptonote::Blockchain(txpool));
   struct get_test_options {
     const std::pair<uint8_t, uint64_t> hard_forks[2];
     const cryptonote::test_options test_options = {
@@ -87,9 +81,9 @@ bool get_output_distribution(uint64_t amount, std::string asset_type, uint64_t f
     };
     get_test_options():hard_forks{std::make_pair((uint8_t)1, (uint64_t)0), std::make_pair((uint8_t)0, (uint64_t)0)}{}
   } opts;
-  cryptonote::Blockchain *blockchain = bc.get();
-  bool r = blockchain->init(new TestDB(test_distribution_size), cryptonote::FAKECHAIN, true, &opts.test_options, 0, NULL);
-  return r && bc->get_output_distribution(amount, "FULM", from, to, start_height, distribution, base, num_spendable_global_outs);
+  cryptonote::BlockchainAndPool bap;
+  bool r = bap.blockchain.init(new TestDB(test_distribution_size), cryptonote::FAKECHAIN, true, &opts.test_options, 0, NULL);
+  return r && bap.blockchain.get_output_distribution(amount, asset_type, from, to, start_height, distribution, base, num_spendable_global_outs);
 }
 
 crypto::hash get_block_hash(uint64_t height)
@@ -103,32 +97,32 @@ TEST(output_distribution, extend)
 {
   boost::optional<cryptonote::rpc::output_distribution_data> res;
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 28, 29, ::get_block_hash, false, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 28, 29, ::get_block_hash, false, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 2);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({5, 0}));
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 28, 29, ::get_block_hash, true, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 28, 29, ::get_block_hash, true, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 2);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({55, 55}));
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 28, 30, ::get_block_hash, false, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 28, 30, ::get_block_hash, false, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 3);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({5, 0, 2}));
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 28, 30, ::get_block_hash, true, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 28, 30, ::get_block_hash, true, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 3);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({55, 55, 57}));
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 28, 31, ::get_block_hash, false, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 28, 31, ::get_block_hash, false, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 4);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({5, 0, 2, 3}));
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 28, 31, ::get_block_hash, true, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 28, 31, ::get_block_hash, true, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 4);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({55, 55, 57, 60}));
@@ -138,7 +132,7 @@ TEST(output_distribution, one)
 {
   boost::optional<cryptonote::rpc::output_distribution_data> res;
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 0, 0, ::get_block_hash, false, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 0, 0, ::get_block_hash, false, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 1);
   ASSERT_EQ(res->distribution.back(), 0);
@@ -148,7 +142,7 @@ TEST(output_distribution, full_cumulative)
 {
   boost::optional<cryptonote::rpc::output_distribution_data> res;
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 0, 31, ::get_block_hash, true, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 0, 31, ::get_block_hash, true, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 32);
   ASSERT_EQ(res->distribution.back(), 60);
@@ -158,7 +152,7 @@ TEST(output_distribution, full_noncumulative)
 {
   boost::optional<cryptonote::rpc::output_distribution_data> res;
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 0, 31, ::get_block_hash, false, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 0, 31, ::get_block_hash, false, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 32);
   for (size_t i = 0; i < 32; ++i)
@@ -169,7 +163,7 @@ TEST(output_distribution, part_cumulative)
 {
   boost::optional<cryptonote::rpc::output_distribution_data> res;
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 4, 8, ::get_block_hash, true, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 4, 8, ::get_block_hash, true, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 5);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({0, 1, 6, 7, 11}));
@@ -179,7 +173,7 @@ TEST(output_distribution, part_noncumulative)
 {
   boost::optional<cryptonote::rpc::output_distribution_data> res;
 
-  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "FULM", 4, 8, ::get_block_hash, false, test_distribution_size);
+  res = cryptonote::rpc::RpcHandler::get_output_distribution(::get_output_distribution, 0, "SAL", 4, 8, ::get_block_hash, false, test_distribution_size);
   ASSERT_TRUE(res != boost::none);
   ASSERT_EQ(res->distribution.size(), 5);
   ASSERT_EQ(res->distribution, std::vector<uint64_t>({0, 1, 5, 1, 4}));

tests/unit_tests/pricing_record.cpp

@@ -42,19 +42,12 @@ TEST(pricing_record, verify_serialization)
   oracle::pricing_record pr;
   oracle::pricing_record pr1;
   pr.pr_version = 1;
+  pr.height = 1234;
+  pr.supply = {100000,0};
   pr.timestamp = 1632401454;
-  pr.spot = COIN<<1;
-  pr.moving_average = (COIN * 3) >> 2;
-  memset(pr.signature, 0, 64);
+  pr.assets = {};
+  pr.signature = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
 
-  /*
-  oracle::pricing_record_entry foo;
-  foo.first = "FULM";
-  foo.second.first = 2;
-  foo.second.second = 3;
-  pr.assets.push_back(foo);
-  */
-  
   std::string blob;
   ASSERT_TRUE(serialization::dump_binary(pr, blob));
   ASSERT_TRUE(serialization::parse_binary(blob, pr1));

tests/unit_tests/ringct.cpp

@@ -345,10 +345,10 @@ TEST(ringct, range_proofs)
         ASSERT_TRUE(ok);
 
         cryptonote::transaction_type tx_type = cryptonote::transaction_type::TRANSFER;
-        std::string in_asset_type = "FULM";
+        std::string in_asset_type = "SAL";
         std::vector<std::string> destination_asset_types;
         for (size_t i = 0; i < destinations.size(); ++i)
-          destination_asset_types.push_back("FULM");
+          destination_asset_types.push_back("SAL");
 
         //compute rct data with mixin 3
         rctSig s = genRctSimple(rct::zero(), sc, pc, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, amounts, amount_keys, 0, 3, rct_config, hw::get_device("default"));
@@ -416,10 +416,10 @@ TEST(ringct, range_proofs_with_fee)
         const rct::RCTConfig rct_config { RangeProofBorromean, 0 };
 
         cryptonote::transaction_type tx_type = cryptonote::transaction_type::TRANSFER;
-        std::string in_asset_type = "FULM";
+        std::string in_asset_type = "SAL";
         std::vector<std::string> destination_asset_types;
         for (size_t i = 0; i < destinations.size(); ++i)
-          destination_asset_types.push_back("FULM");
+          destination_asset_types.push_back("SAL");
 
         //compute rct data with mixin 3
         rctSig s = genRctSimple(rct::zero(), sc, pc, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, amounts, amount_keys, 1, 3, rct_config, hw::get_device("default"));
@@ -499,10 +499,10 @@ TEST(ringct, simple)
 
         const rct::RCTConfig rct_config { RangeProofBorromean, 0 };
         cryptonote::transaction_type tx_type = cryptonote::transaction_type::TRANSFER;
-        std::string in_asset_type = "FULM";
+        std::string in_asset_type = "SAL";
         std::vector<std::string> destination_asset_types;
         for (size_t i = 0; i < destinations.size(); ++i)
-          destination_asset_types.push_back("FULM");
+          destination_asset_types.push_back("SAL");
 
         rctSig s = genRctSimple(message, sc, pc, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, outamounts, amount_keys, txnfee, 2, rct_config, hw::get_device("default"));
 
@@ -538,7 +538,7 @@ static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amount
         }
     }
 
-    const rct::RCTConfig rct_config { RangeProofBorromean, 0 };
+    const rct::RCTConfig rct_config { RangeProofBorromean, 0 };    
     return genRct(rct::zero(), sc, pc, destinations, amounts, amount_keys, 3, rct_config, hw::get_device("default"));
 }
 
@@ -567,10 +567,10 @@ static rct::rctSig make_sample_simple_rct_sig(int n_inputs, const uint64_t input
 
     const rct::RCTConfig rct_config { RangeProofBorromean, 0 };
     cryptonote::transaction_type tx_type = cryptonote::transaction_type::TRANSFER;
-    std::string in_asset_type = "FULM";
+    std::string in_asset_type = "SAL";
     std::vector<std::string> destination_asset_types;
     for (size_t i = 0; i < destinations.size(); ++i)
-      destination_asset_types.push_back("FULM");
+      destination_asset_types.push_back("SAL");
 
     return genRctSimple(rct::zero(), sc, pc, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, outamounts, amount_keys, fee, 3, rct_config, hw::get_device("default"));
 }
@@ -1291,3 +1291,39 @@ TEST(ringct, aggregated)
     ASSERT_TRUE(verRctSemanticsSimple(s[n]));
   }
 }
+
+TEST(ringct, pr_proof)
+{
+  // Create a random commitment with 0 amount
+  int success = 0, failure = 0;
+  for (size_t i=0; i<1000; i++) {
+    key Sk = skGen();
+    sc_reduce32(Sk.bytes);
+    key C;
+    genC(C, Sk, i%100 ? 0 : i%99);
+    zk_proof proof = PRProof_Gen(Sk);
+    if (PRProof_Ver(C, proof))
+      success++;
+    else
+      failure++;
+  }
+  ASSERT_EQ(failure, 9);
+}
+
+TEST(ringct, sa_proof)
+{
+  // Create a random commitment with 0 amount
+  int success = 0, failure = 0;
+  for (size_t i=0; i<1000; i++) {
+    key Sk = skGen();
+    sc_reduce32(Sk.bytes);
+    key C;
+    genC(C, Sk, i%100 ? 0 : i%99);
+    zk_proof proof = PRProof_Gen(Sk);
+    if (PRProof_Ver(C, proof))
+      success++;
+    else
+      failure++;
+  }
+  ASSERT_EQ(failure, 9);
+}

tests/unit_tests/scaling_2021.cpp

@@ -50,9 +50,6 @@ public:
 }
 
 #define PREFIX_WINDOW(hf_version,window) \
-  std::unique_ptr<cryptonote::Blockchain> bc; \
-  cryptonote::tx_memory_pool txpool(*bc); \
-  bc.reset(new cryptonote::Blockchain(txpool)); \
   struct get_test_options { \
     const std::pair<uint8_t, uint64_t> hard_forks[3]; \
     const cryptonote::test_options test_options = { \
@@ -61,7 +58,9 @@ public:
     }; \
     get_test_options(): hard_forks{std::make_pair(1, (uint64_t)0), std::make_pair((uint8_t)hf_version, (uint64_t)1), std::make_pair((uint8_t)0, (uint64_t)0)} {} \
   } opts; \
-  cryptonote::Blockchain *blockchain = bc.get(); \
+  cryptonote::BlockchainAndPool bap; \
+  cryptonote::Blockchain *blockchain = &bap.blockchain; \
+  cryptonote::Blockchain *bc = blockchain; \
   bool r = blockchain->init(new TestDB(), cryptonote::FAKECHAIN, true, &opts.test_options, 0, NULL); \
   ASSERT_TRUE(r)
 

tests/unit_tests/serialization.cpp

@@ -59,9 +59,7 @@ struct Struct
 };
 
 template <class Archive>
-struct serializer<Archive, Struct>
-{
-  static bool serialize(Archive &ar, Struct &s) {
+static bool do_serialize(Archive &ar, Struct &s) {
     ar.begin_object();
     ar.tag("a");
     ar.serialize_int(s.a);
@@ -71,8 +69,7 @@ struct serializer<Archive, Struct>
     ar.serialize_blob(s.blob, sizeof(s.blob));
     ar.end_object();
     return true;
-  }
-};
+}
 
 struct Struct1
 {
@@ -122,6 +119,22 @@ bool try_parse(const string &blob)
   return serialization::parse_binary(blob, s1);
 }
 
+namespace example_namespace
+{
+  struct ADLExampleStruct
+  {
+    std::string msg;
+  };
+  template <class Archive>
+  static bool do_serialize(Archive &ar, ADLExampleStruct &aes)
+  {
+    ar.begin_object();
+    FIELD_N("custom_fieldname", aes.msg);
+    ar.end_object();
+    return ar.good();
+  }
+}
+
 TEST(Serialization, BinaryArchiveInts) {
   uint64_t x = 0xff00000000, x1;
 
@@ -595,10 +608,11 @@ TEST(Serialization, serializes_ringct_types)
   //compute rct data with mixin 3
   const rct::RCTConfig rct_config{ rct::RangeProofPaddedBulletproof, 2 };
   cryptonote::transaction_type tx_type = cryptonote::transaction_type::TRANSFER;
-  std::string in_asset_type = "FULM";
+  std::string in_asset_type = "SAL";
   std::vector<std::string> destination_asset_types;
   for (size_t i = 0; i < destinations.size(); ++i)
-    destination_asset_types.push_back("FULM");
+    destination_asset_types.push_back("SAL");
+    
   s0 = rct::genRctSimple(rct::zero(), sc, pc, destinations, tx_type, in_asset_type, destination_asset_types, inamounts, amounts, amount_keys, 0, 3, rct_config, hw::get_device("default"));
 
   ASSERT_FALSE(s0.p.MGs.empty());
@@ -1094,7 +1108,7 @@ TEST(Serialization, portability_signed_tx)
   ASSERT_TRUE(ptx.selected_transfers.front() == 2);
   // ptx.{key_images, tx_key}
   ASSERT_TRUE(ptx.key_images == "<6c3cd6af97c4070a7aef9b1344e7463e29c7cd245076fdb65da447a34da3ca76> ");
-  ASSERT_TRUE(epee::string_tools::pod_to_hex(ptx.tx_key) == "0100000000000000000000000000000000000000000000000000000000000000");
+  ASSERT_TRUE(epee::string_tools::pod_to_hex(unwrap(unwrap(ptx.tx_key))) == "0100000000000000000000000000000000000000000000000000000000000000");
   // ptx.dests
   ASSERT_TRUE(ptx.dests.size() == 1);
   ASSERT_TRUE(ptx.dests[0].amount == 1400000000000);
@@ -1183,3 +1197,15 @@ TEST(Serialization, difficulty_type)
 
   ASSERT_EQ(v_original, v_unserialized);
 }
+
+TEST(Serialization, adl_free_function)
+{
+  std::stringstream ss;
+  json_archive<true> ar(ss);
+  const std::string msg = "Howdy, World!";
+  example_namespace::ADLExampleStruct aes{msg};
+  ASSERT_TRUE(serialization::serialize(ar, aes));
+  //                                                       VVVVVVVVVVVVVVVVVVVVVVVVVV weird string serialization artifact
+  const std::string expected = "{\"custom_fieldname\": " + std::to_string(msg.size()) + '"' + epee::string_tools::buff_to_hex_nodelimer(msg) + "\"}";
+  EXPECT_EQ(expected, ss.str());
+}