Sigma fixes (#777)

* Sigma fixes * Tests fix
firoorg · Dec 2, 2019 · af20f12 · af20f12
1 parent 2a1dad7
commit af20f12
Show file tree

Hide file tree

Showing 52 changed files with 413 additions and 139 deletions.
diff --git a/configure.ac b/configure.ac
@@ -3,7 +3,7 @@ AC_PREREQ([2.60])
 define(_CLIENT_VERSION_MAJOR, 0)
 define(_CLIENT_VERSION_MINOR, 13)
 define(_CLIENT_VERSION_REVISION, 8)
-define(_CLIENT_VERSION_BUILD, 5)
+define(_CLIENT_VERSION_BUILD, 8)
 define(_CLIENT_VERSION_IS_RELEASE, true)
 define(_COPYRIGHT_YEAR, 2019)
 define(_COPYRIGHT_HOLDERS,[The %s developers])

diff --git a/qa/rpc-tests/exodus_sendspend.py b/qa/rpc-tests/exodus_sendspend.py
@@ -7,7 +7,7 @@ class ExodusSendSpendTest(ExodusTestFramework):
     def run_test(self):
         super().run_test()
 
-        sigma_starting_block = 500
+        sigma_starting_block = 550
 
         self.nodes[0].generatetoaddress(sigma_starting_block - self.nodes[0].getblockcount(), self.addrs[0])
         self.sync_all()

diff --git a/qa/rpc-tests/exodus_sigma_reindex.py b/qa/rpc-tests/exodus_sigma_reindex.py
@@ -6,7 +6,7 @@ class ExodusSigmaReindexTest(ExodusTestFramework):
     def run_test(self):
         super().run_test()
 
-        sigma_start_block = 500
+        sigma_start_block = 550
         self.nodes[0].generate(sigma_start_block - self.nodes[0].getblockcount())
 
         # generate mints to spend

diff --git a/qa/rpc-tests/exodus_sigma_reorg.py b/qa/rpc-tests/exodus_sigma_reorg.py
@@ -6,7 +6,7 @@ class ExodusSigmaReorgTest(ExodusTestFramework):
     def run_test(self):
         super().run_test()
 
-        sigma_start_block = 500
+        sigma_start_block = 550
         self.nodes[0].generate(sigma_start_block - self.nodes[0].getblockcount())
 
         # generate mints to spend
@@ -75,4 +75,4 @@ def run_test(self):
         assert_equal(balance, self.nodes[0].exodus_getbalance(self.addrs[0], sigma_property)['balance'])
 
 if __name__ == '__main__':
-    ExodusSigmaReorgTest().main()
+    ExodusSigmaReorgTest().main()
diff --git a/qa/rpc-tests/sigma_meetspend.py b/qa/rpc-tests/sigma_meetspend.py
@@ -20,7 +20,7 @@ def run_test(self):
         # Decimal formating: 6 digits for balance will be enought 000.000
         getcontext().prec = 6
 
-        self.nodes[0].generate(400)
+        self.nodes[0].generate(500)
         self.sync_all()
 
         start_bal = self.nodes[0].getbalance()

diff --git a/qa/rpc-tests/sigma_mintspend.py b/qa/rpc-tests/sigma_mintspend.py
@@ -19,15 +19,14 @@ def setup_nodes(self):
     def run_test(self):
         # Decimal formating: 6 digits for balance will be enought 000.000
         getcontext().prec = 6
-        self.nodes[0].generate(400)
+        self.nodes[0].generate(551)
         self.sync_all()
 
         # old denomination
         # TODO should be changed after RPC will be updated
         denoms = [0.1, 0.5, 1, 10, 100]
 
         start_bal = self.nodes[0].getbalance()
-        assert start_bal == 14918.000, 'Unexpected start balance: {}'.format(start_bal)
 
         mint_trans = list()
         for denom in denoms:
@@ -146,4 +145,4 @@ def run_test(self):
 
 
 if __name__ == '__main__':
-    SigmaMintSpendTest().main()
+    SigmaMintSpendTest().main()
diff --git a/src/chainparams.cpp b/src/chainparams.cpp
@@ -253,6 +253,8 @@ class CMainParams : public CChainParams {
 
         // Sigma related values.
         consensus.nSigmaStartBlock = ZC_SIGMA_STARTING_BLOCK;
+        consensus.nSigmaPaddingBlock = ZC_SIGMA_PADDING_BLOCK;
+        consensus.nDisableUnpaddedSigmaBlock = ZC_SIGMA_DISABLE_UNPADDED_BLOCK;
         consensus.nOldSigmaBanBlock = ZC_OLD_SIGMA_BAN_BLOCK;
         consensus.nZerocoinV2MintMempoolGracefulPeriod = ZC_V2_MINT_GRACEFUL_MEMPOOL_PERIOD;
         consensus.nZerocoinV2MintGracefulPeriod = ZC_V2_MINT_GRACEFUL_PERIOD;
@@ -441,6 +443,8 @@ class CTestNetParams : public CChainParams {
 
         // Sigma related values.
         consensus.nSigmaStartBlock = ZC_SIGMA_TESTNET_STARTING_BLOCK;
+        consensus.nSigmaPaddingBlock = ZC_SIGMA_TESTNET_PADDING_BLOCK;
+        consensus.nDisableUnpaddedSigmaBlock = ZC_SIGMA_TESTNET_DISABLE_UNPADDED_BLOCK;
         consensus.nOldSigmaBanBlock = 70416;
         consensus.nZerocoinV2MintMempoolGracefulPeriod = ZC_V2_MINT_TESTNET_GRACEFUL_MEMPOOL_PERIOD;
         consensus.nZerocoinV2MintGracefulPeriod = ZC_V2_MINT_TESTNET_GRACEFUL_PERIOD;
@@ -595,6 +599,8 @@ class CRegTestParams : public CChainParams {
 
         // Sigma related values.
         consensus.nSigmaStartBlock = 400;
+        consensus.nSigmaPaddingBlock = 550;
+        consensus.nDisableUnpaddedSigmaBlock = 510;
         consensus.nOldSigmaBanBlock = 450;
         consensus.nZerocoinV2MintMempoolGracefulPeriod = 2;
         consensus.nZerocoinV2MintGracefulPeriod = 5;

diff --git a/src/clientversion.h b/src/clientversion.h
@@ -17,7 +17,7 @@
 #define CLIENT_VERSION_MAJOR 0
 #define CLIENT_VERSION_MINOR 13
 #define CLIENT_VERSION_REVISION 8
-#define CLIENT_VERSION_BUILD 5 
+#define CLIENT_VERSION_BUILD 8 
 
 //! Set to true for release, false for prerelease or test build
 #define CLIENT_VERSION_IS_RELEASE true

diff --git a/src/consensus/params.h b/src/consensus/params.h
@@ -128,6 +128,10 @@ struct Params {
     // The block number after which sigma are accepted.
     int nSigmaStartBlock;
 
+    int nSigmaPaddingBlock;
+
+    int nDisableUnpaddedSigmaBlock;
+
     // The block number after which old sigma clients are banned.
     int nOldSigmaBanBlock;
 

diff --git a/src/exodus/rpctx.cpp b/src/exodus/rpctx.cpp
@@ -1711,7 +1711,10 @@ UniValue exodus_sendspend(const UniValue& params, bool fHelp)
     std::vector<unsigned char> payload;
 
     try {
-        auto spend = wallet->CreateSigmaSpend(propertyId, denomination);
+
+        bool fPadding = chainActive.Height() >= ::Params().GetConsensus().nSigmaPaddingBlock;
+
+        auto spend = wallet->CreateSigmaSpend(propertyId, denomination, fPadding);
         mint = spend.mint;
 
         payload = CreatePayload_SimpleSpend(

diff --git a/src/exodus/sigma.cpp b/src/exodus/sigma.cpp
@@ -16,7 +16,8 @@ bool VerifySigmaSpend(
     SigmaDenomination denomination,
     SigmaMintGroup group,
     size_t groupSize,
-    const SigmaProof& proof)
+    const SigmaProof& proof,
+    bool fPadding)
 {
     std::vector<SigmaPublicKey> anonimitySet; // Don't preallocate the vector due to it will allow attacker to crash all client.
 
@@ -30,7 +31,7 @@ bool VerifySigmaSpend(
         return false;
     }
 
-    return proof.Verify(anonimitySet.begin(), anonimitySet.end());
+    return proof.Verify(anonimitySet.begin(), anonimitySet.end(), fPadding);
 }
 
 } // namespace exodus
diff --git a/src/exodus/sigma.h b/src/exodus/sigma.h
@@ -13,7 +13,8 @@ bool VerifySigmaSpend(
     SigmaDenomination denomination,
     SigmaMintGroup group,
     size_t groupSize,
-    const SigmaProof& proof);
+    const SigmaProof& proof,
+    bool fPadding);
 
 } // namespace exodus
 

diff --git a/src/exodus/sigmaprimitives.h b/src/exodus/sigmaprimitives.h
@@ -113,10 +113,10 @@ class SigmaProof
     explicit SigmaProof(const SigmaParams& params);
 
     template<typename PublicKey>
-    SigmaProof(const SigmaParams& params, const SigmaPrivateKey& key, PublicKey first, PublicKey last) :
+    SigmaProof(const SigmaParams& params, const SigmaPrivateKey& key, PublicKey first, PublicKey last, bool fPadding) :
         SigmaProof(params)
     {
-        Generate(key, first, last);
+        Generate(key, first, last, fPadding);
     }
 
 public:
@@ -125,7 +125,7 @@ class SigmaProof
 
 public:
     template<typename PublicKey>
-    bool Verify(PublicKey first, PublicKey last) const
+    bool Verify(PublicKey first, PublicKey last, bool fPadding) const
     {
         // Create commitment set.
         auto gs = (params.g * serial).inverse();
@@ -145,12 +145,12 @@ class SigmaProof
             params.m
         );
 
-        return verifier.verify(commits, proof);
+        return verifier.verify(commits, proof, fPadding);
     }
 
 public:
     template<typename PublicKey>
-    void Generate(const SigmaPrivateKey& priv, PublicKey first, PublicKey last)
+    void Generate(const SigmaPrivateKey& priv, PublicKey first, PublicKey last, bool fPadding)
     {
         if (!priv.IsValid()) {
             throw std::invalid_argument("Private key is not valid");
@@ -186,7 +186,7 @@ class SigmaProof
             params.m
         );
 
-        prover.proof(commits, *index, priv.randomness, proof);
+        prover.proof(commits, *index, priv.randomness, fPadding, proof);
         serial = priv.serial;
     }
 

diff --git a/src/exodus/test/create_payload_tests.cpp b/src/exodus/test/create_payload_tests.cpp
@@ -560,7 +560,7 @@ BOOST_AUTO_TEST_CASE(payload_create_simple_spend)
     key1.Generate();
     key2.Generate();
     anonimitySet = { SigmaPublicKey(key1, params), SigmaPublicKey(key2, params) };
-    spend.Generate(key1, anonimitySet.begin(), anonimitySet.end());
+    spend.Generate(key1, anonimitySet.begin(), anonimitySet.end(), false);
     buffer << spend;
 
     std::vector<unsigned char> payload;

diff --git a/src/exodus/test/sigma_tests.cpp b/src/exodus/test/sigma_tests.cpp
@@ -65,7 +65,7 @@ BOOST_FIXTURE_TEST_CASE(verify_spend, SigmaDatabaseFixture)
         anonimitySet.push_back(mint);
     }
 
-    proof.Generate(key, anonimitySet.begin(), anonimitySet.end());
+    proof.Generate(key, anonimitySet.begin(), anonimitySet.end(), false);
 
     // Generate spendable group.
     for (unsigned i = 0; i < sigmaDb->groupSize; i++) {
@@ -91,13 +91,13 @@ BOOST_FIXTURE_TEST_CASE(verify_spend, SigmaDatabaseFixture)
         sigmaDb->RecordMint(3, 0, mint, block);
     }
 
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, anonimitySet.size(), proof), true);
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, anonimitySet.size() - 1, proof), false);
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, anonimitySet.size() + 1, proof), false);
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, sigmaDb->groupSize + 1, proof), false);
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 1, 0, sigmaDb->groupSize, proof), false);
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(4, 0, 0, sigmaDb->groupSize, proof), false);
-    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 1, sigmaDb->groupSize, proof), false);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, anonimitySet.size(), proof, false), true);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, anonimitySet.size() - 1, proof, false), false);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, anonimitySet.size() + 1, proof, false), false);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 0, sigmaDb->groupSize + 1, proof, false), false);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 1, 0, sigmaDb->groupSize, proof, false), false);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(4, 0, 0, sigmaDb->groupSize, proof, false), false);
+    BOOST_CHECK_EQUAL(VerifySigmaSpend(3, 0, 1, sigmaDb->groupSize, proof, false), false);
 }
 
 BOOST_AUTO_TEST_SUITE_END()

diff --git a/src/exodus/test/sigmaprimitives_tests.cpp b/src/exodus/test/sigmaprimitives_tests.cpp
@@ -107,10 +107,10 @@ BOOST_AUTO_TEST_CASE(proof)
         SigmaPublicKey(key3, params)
     });
 
-    proof.Generate(key2, pubs.begin(), pubs.end());
+    proof.Generate(key2, pubs.begin(), pubs.end(), false);
 
-    BOOST_CHECK_EQUAL(proof.Verify(pubs.begin(), pubs.end()), true);
-    BOOST_CHECK_EQUAL(proof.Verify(pubs.begin(), pubs.end() - 1), false);
+    BOOST_CHECK_EQUAL(proof.Verify(pubs.begin(), pubs.end(), false), true);
+    BOOST_CHECK_EQUAL(proof.Verify(pubs.begin(), pubs.end() - 1, false), false);
 }
 
 BOOST_AUTO_TEST_CASE(spend_with_large_anonimity_group)
@@ -129,11 +129,11 @@ BOOST_AUTO_TEST_CASE(spend_with_large_anonimity_group)
     }
 
     SigmaProof validProof(params), invalidProof(params);
-    validProof.Generate(key, pubs.begin() + 1, pubs.end()); // prove with 2 ^ 14 coins
-    invalidProof.Generate(key, pubs.begin(), pubs.end()); // prove with 2 ^ 14 + 1 coins
+    validProof.Generate(key, pubs.begin() + 1, pubs.end(), false); // prove with 2 ^ 14 coins
+    invalidProof.Generate(key, pubs.begin(), pubs.end(), false); // prove with 2 ^ 14 + 1 coins
 
-    BOOST_CHECK_EQUAL(validProof.Verify(pubs.begin() + 1, pubs.end()), true);
-    BOOST_CHECK_EQUAL(invalidProof.Verify(pubs.begin(), pubs.end()), false);
+    BOOST_CHECK_EQUAL(validProof.Verify(pubs.begin() + 1, pubs.end(), false), true);
+    BOOST_CHECK_EQUAL(invalidProof.Verify(pubs.begin(), pubs.end(), false), false);
 }
 
 BOOST_AUTO_TEST_SUITE_END()

diff --git a/src/exodus/test/wallet_tests.cpp b/src/exodus/test/wallet_tests.cpp
@@ -124,22 +124,22 @@ BOOST_AUTO_TEST_CASE(sigma_mint_create_multi)
 BOOST_AUTO_TEST_CASE(sigma_spend_create_no_spendable_mint)
 {
     // No any mints.
-    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 0), InsufficientFunds);
+    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 0, false), InsufficientFunds);
 
     // Different denomination and property type.
     auto mintId = wallet->CreateSigmaMint(3, 0);
 
-    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 1), InsufficientFunds);
-    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(4, 0), InsufficientFunds);
+    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 1, false), InsufficientFunds);
+    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(4, 0, false), InsufficientFunds);
 
     // Pending mint.
-    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 0), InsufficientFunds);
+    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 0, false), InsufficientFunds);
 
     // Already spent.
     sigmaDb->RecordMint(3, 0, mintId.pubKey, 100);
     wallet->SetSigmaMintUsedTransaction(mintId, uint256S("890e968f9b65dbacd576100c9b1c446f06471ed27df845ab7a24931cb640b388"));
 
-    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 0), InsufficientFunds);
+    BOOST_CHECK_THROW(wallet->CreateSigmaSpend(3, 0, false), InsufficientFunds);
 }
 
 BOOST_AUTO_TEST_CASE(sigma_spend_create_with_spendable_mints)
@@ -153,7 +153,7 @@ BOOST_AUTO_TEST_CASE(sigma_spend_create_with_spendable_mints)
         sigmaDb->RecordMint(3, 0, mintid.pubKey, 100 + i);
     }
 
-    auto spend = wallet->CreateSigmaSpend(3, 0);
+    auto spend = wallet->CreateSigmaSpend(3, 0, false);
 
     BOOST_CHECK_EQUAL(spend.mint, expectedMintId);
     BOOST_CHECK_EQUAL(spend.group, 0);
@@ -165,7 +165,7 @@ BOOST_AUTO_TEST_CASE(sigma_spend_create_not_enough_anonimity)
     auto mintId = wallet->CreateSigmaMint(3, 0);
     sigmaDb->RecordMint(3, 0, mintId.pubKey, 100);
 
-    BOOST_CHECK_EXCEPTION(wallet->CreateSigmaSpend(3, 0), WalletError, [] (const WalletError& e) {
+    BOOST_CHECK_EXCEPTION(wallet->CreateSigmaSpend(3, 0, false), WalletError, [] (const WalletError& e) {
         return e.what() == std::string("Amount of coins in anonimity set is not enough to spend");
     });
 }

diff --git a/src/exodus/test/walletmodels_tests.cpp b/src/exodus/test/walletmodels_tests.cpp
@@ -335,7 +335,7 @@ BOOST_AUTO_TEST_CASE(sigma_spend_init)
     SigmaMint mint(3, 0, Hash160({0x00}), Hash160({0x01}));
 
     std::vector<SigmaPublicKey> anonimitySet = { pub1, pub2 };
-    SigmaProof proof(params, key1, anonimitySet.begin(), anonimitySet.end());
+    SigmaProof proof(params, key1, anonimitySet.begin(), anonimitySet.end(), false);
     SigmaSpend spend(id, 1, 100, proof);
 
     BOOST_CHECK_EQUAL(spend.mint, id);

diff --git a/src/exodus/txprocessor.cpp b/src/exodus/txprocessor.cpp
@@ -158,12 +158,14 @@ int TxProcessor::ProcessSimpleSpend(const CMPTransaction& tx)
     auto group = tx.getGroup();
     auto groupSize = tx.getGroupSize();
 
+    bool const fPadding = block >= ::Params().GetConsensus().nSigmaPaddingBlock;
+
     assert(spend);
 
     // check serial in database
     uint256 spendTx;
     if (sigmaDb->HasSpendSerial(property, denomination, spend->serial, spendTx)
-        || !VerifySigmaSpend(property, denomination, group, groupSize, *spend)) {
+        || !VerifySigmaSpend(property, denomination, group, groupSize, *spend, fPadding)) {
         PrintToLog("%s(): rejected: spend is invalid\n", __func__);
         return PKT_ERROR_SIGMA - 907;
     }

diff --git a/src/exodus/wallet.cpp b/src/exodus/wallet.cpp
@@ -77,7 +77,7 @@ void Wallet::ClearAllChainState()
     mintWallet.ClearMintsChainState();
 }
 
-SigmaSpend Wallet::CreateSigmaSpend(PropertyId property, SigmaDenomination denomination)
+SigmaSpend Wallet::CreateSigmaSpend(PropertyId property, SigmaDenomination denomination, bool fPadding)
 {
     LOCK(cs_main);
 
@@ -102,9 +102,9 @@ SigmaSpend Wallet::CreateSigmaSpend(PropertyId property, SigmaDenomination denom
 
     // Create spend.
     auto key = GetKey(mint.get());
-    SigmaProof proof(DefaultSigmaParams, key, anonimitySet.begin(), anonimitySet.end());
+    SigmaProof proof(DefaultSigmaParams, key, anonimitySet.begin(), anonimitySet.end(), fPadding);
 
-    if (!VerifySigmaSpend(mint->property, mint->denomination, mint->chainState.group, anonimitySet.size(), proof)) {
+    if (!VerifySigmaSpend(mint->property, mint->denomination, mint->chainState.group, anonimitySet.size(), proof, fPadding)) {
         throw WalletError(_("Failed to create spendable spend"));
     }
 

diff --git a/src/exodus/wallet.h b/src/exodus/wallet.h
@@ -46,7 +46,7 @@ class Wallet
 
     void ClearAllChainState();
 
-    SigmaSpend CreateSigmaSpend(PropertyId property, SigmaDenomination denomination);
+    SigmaSpend CreateSigmaSpend(PropertyId property, SigmaDenomination denomination, bool fPadding);
     void DeleteUnconfirmedSigmaMint(SigmaMintId const &id);
 
 public: