Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

0.21.kyo.2 #50

Open
wants to merge 22 commits into
base: 0.21.base
Choose a base branch
from
Open

0.21.kyo.2 #50

wants to merge 22 commits into from

Conversation

akyo8
Copy link

@akyo8 akyo8 commented Feb 20, 2021

The issue with 'secp256k1_ecdsa_verify' failing when verifying transaction signature hashes has now been resolved. The pubkey signature check has now been re-enabled. This is currently a more complete and stable version of the codebase and should be pulled upstream please.

Feel like adding this is a step back if we go with SegWit enabled at a later point. I actually went and looked at the oldballs Bitcoin code and compared it to Cloak2 implementation.

Bitcoin:
https://github.com/bitcoin/bitcoin/blob/881a85a22d76c875f519cd54388a419ec6f70857/src/script.cpp (before the inline serializer commit)

"Inline signature serializer

Instead of building a full copy of a CTransaction being signed, and
then modifying bits and pieces until its fits the form necessary
for computing the signature hash, use a wrapper serializer that
only serializes the necessary bits on-the-fly.

This makes it easier to see which data is actually being hash,
reduces load on the heap, and also marginally improves performances
(around 3-4us/sigcheck here). The performance improvements are much
larger for large transactions, though.

The old implementation of SignatureHash is moved to a unit tests,
to test whether the old and new algorithm result in the same value
for randomly-constructed transactions."

Cloak:
https://github.com/CloakProject/CloakCoin/blob/master/src/script.cpp

Seems like there is nothing different in how the hash is constructed tbh, so this might be unnecessary. In fact, the only difference is that Bitcoin uses

CHashWriter ss(SER_GETHASH, 0); ss << txTmp << nHashType; return ss.GetHash();

while Cloak has

CDataStream ss(SER_GETHASH, 0); ss.reserve(10000); ss << txTmp << nHashType; return Hash(ss.begin(), ss.end());

After doing more research into SegWit details, I am very inclined to not even consider SegWit implementation in the Cloak code due to possible min(t)er previous block signatures retention:

https://www.youtube.com/watch?v=VoFb3mcxluY
https://twitter.com/peterktodd/status/881206218659946496
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-December/012103.html

Transaction malleability should be resolved in a non-SegWit way. ACK and approved.

Update hash.h to include X13 functionality
Validate
Add PoS placeholder and params
Update clientversion
Change MAKX_MONEY value from 21M to 10M.
Sync improvements for older clients.
TimeHash wrapper for stake modifier hash timestamps (fixes old uint256 sorting issue).
Some further work to stake modifier genetion (WIP)
Added some debug code for debugging stake modier generation
:q
q
A lot more proof-of-stake code available. need debugging for syncing.
Note : CPubKey::Verify currently hardcoded to return TRUE always. This is done sidestpe a sep256k headache should be addressed!
Note : GetStakeModifiedCheckSum currently producint wrong value.
Non-segwit transaction (currently all transactions) are now hashed using the legacy code from previous Cloak code base. This ensures a matching TX comparison hash is always generated for use with TX signature hash validation.
It is doubtful that this code will need to change in fture, but if it is decided that the verification method needs to change, then a network fork will need to be performed so that newer blocks use a new TX signature hash.
@anorakthagreat
Copy link
Collaborator

anorakthagreat commented Mar 13, 2021

@akyo8 : You are correct, the issues you highlighted with SegWit is the exact reason why it was not included in the codebase in the first place. Especially point #5 in the video of Dr. Rizun and the thought experiment in the end, is concerning.
We will not be implementing SegWit in Cloak.

@anorakthagreat
Copy link
Collaborator

@akyo8 REM build_msvc/libbitcoinconsensus/Source.cpp

@@ -22,7 +22,7 @@ static const CAmount COIN = 100000000;
* critical; in unusual circumstances like a(nother) overflow bug that allowed
* for the creation of coins out of thin air modification could lead to a fork.
* */
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what happened to
static const CAmount CENT = 1000000;
I believe this was used across different files?

@@ -63,6 +67,12 @@ class CBlockFileInfo
nBlocks = 0;
nSize = 0;
nUndoSize = 0;
nFlags = 0;
Copy link
Collaborator

@anorakthagreat anorakthagreat Mar 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes belong in the CBlockIndex class, not here in CBlockFileInfo. Please move these.

Also, CBlockIndex is completely missing the SetNull method, which is called on COutPoint prevoutStake across the file and possibly elsewhere.

Take a look at the file on 0.17 here:
https://github.com/CloakProject/codename-phoenix/blob/0.17.cloak/src/chain.h

Please make sure you're careful when you move code, it needs to be added to appropriate locations - this is important as some properties are purposely mem-only or not serialized at all depending on usage. I understand you were trying to short-hand initialize the values on declaration with {0}, but this has other implications, security and byte-size included (declaring a var doesn't reserve memory, sometimes there is no stack at all depending on the compiler optimization), so some classes don't need all the properties or we don't want them on disk.

public:
uint256 hashPrev;

CDiskBlockIndex() {
hashPrev = uint256();

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing blockHash = uint256();

@@ -67,74 +70,131 @@ class CMainParams : public CChainParams {
consensus.signet_blocks = false;
consensus.signet_challenge.clear();
consensus.nSubsidyHalvingInterval = 210000;
consensus.BIP16Exception = uint256S("0x00000000000002dc756eebf4f49723ed8d30cc28a5f108eb94b1ba88ac4f9c22");
consensus.BIP16Exception = uint256S("0x00000000000002dc756eebf4f49723ed8d30cc28a5f108eb94b1ba88ac4f9c22"); // P2SH
consensus.BIP34Height = 227931;
Copy link
Collaborator

@anorakthagreat anorakthagreat Mar 14, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rem: consensus.BIP34Height = 227931; (redefined below)

consensus.BIP34Height = 227931;
consensus.BIP34Height = 0;
consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rem: consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); (redefined below)

consensus.powLimit = uint256S("00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
consensus.nPowTargetTimespan = 14 * 24 * 60 * 60; // two weeks
consensus.BIP34Hash = uint256S("0x2d8251121940abce6e28df134c6432e8c5a00d59989a2451806c2778c3a06112"); // Block v2, Height in Coinbase [using genesis]
consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 consensus.BIP65Height = 388381; // OP_CHECKLOCKTIMEVERIFY [Consensus (soft fork)] - forced far into future for now
Copy link
Collaborator

@anorakthagreat anorakthagreat Mar 14, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: We will want BIP65 implemented and functional in the new codebase, CheckLockTimeVerify is a crucial and paramount piece needed for timed locks and ultimately - atomic swaps (along with P2SH).
I know for a fact CLTV wasn't fully implemented in the current codebase, IIRC some pieces of code were not pulled in from the newer Bitcoin core. This will need a closer/detailed look.

BIP65 might need to be set to something in the future as an activation height to enable CLTV & atomic swaps, but maybe we can leave it as is so it's immediately active when implemented (older clients will have this value already)
The value here is from btc core and way back in the past (Cloak has 60s block time).

consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 consensus.BIP65Height = 388381; // OP_CHECKLOCKTIMEVERIFY [Consensus (soft fork)] - forced far into future for now
consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 consensus.BIP66Height = 363725; // Strict DER signatures [Consensus (soft fork)] - forced far into future for now
consensus.nProofOfStakeLimit = UintToArith256(uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
consensus.nPowTargetTimespan = 14 * 24 * 60 * 60; // two weeks consensus.nPowTargetTimespan = 3.5 * 24 * 60 * 60; // 3.5 days
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rem:

consensus.nProofOfStakeLimit = UintToArith256(uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
consensus.nPowTargetTimespan = 14 * 24 * 60 * 60; // two weeks

redefined below, values above are from btc core

pchMessageStart[0] = 0xf9;
pchMessageStart[0] = 0x70;
pchMessageStart[1] = 0xbe;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

duplicate definitions here as well...

consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0;
consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016
consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017
consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1809129600; // May 1st, 2027

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This whole section is a mess, with duplicate definitions and everything moved out of place.
This needs cleanup. See

CMainParams() {

consensus.powLimit = uint256S("00000377ae000000000000000000000000000000000000000000000000000000");
consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28;

onsensus.nProofOfStakeLimit = UintToArith256(uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

c missing?
cmon man...

@@ -443,7 +563,7 @@ class CRegTestParams : public CChainParams {
base58Prefixes[EXT_PUBLIC_KEY] = {0x04, 0x35, 0x87, 0xCF};
base58Prefixes[EXT_SECRET_KEY] = {0x04, 0x35, 0x83, 0x94};

bech32_hrp = "bcrt";
bech32_hrp = "ccrt";
}

/**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This whole file is a mess, needs to be reverted to btc core version and Cloak specific values applied from: https://github.com/CloakProject/codename-phoenix/blob/0.17.cloak/src/chainparams.cpp

@@ -91,6 +91,11 @@ class CChainParams
const std::vector<SeedSpec6>& FixedSeeds() const { return vFixedSeeds; }
const CCheckpointData& Checkpoints() const { return checkpointData; }
const ChainTxData& TxData() const { return chainTxData; }
const arith_uint256& ProofOfWorkLimit() const { return consensus.nProofOfWorkLimit; }
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing:

// MODIFIER_INTERVAL: time to elapse before new modifier is computed
static const unsigned int MODIFIER_INTERVAL = 5 * 60; // * 60; // 20 minutes

// MODIFIER_INTERVAL_RATIO:
// ratio of group interval length between the last group and the first group
static const int MODIFIER_INTERVAL_RATIO = 3;

arith_uint256 nProofOfStakeLimit;
unsigned int nStakeMinAge;
unsigned int nStakeMaxAge;
unsigned int nStakeTargetSpacing;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing:

unsigned int nStakeModifierInterval;
unsigned int nCoinbaseMaturity;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants