seraphis_core compiles

jeffro256 · Jun 3, 2024 · 5ffc4f8 · 5ffc4f8
1 parent ada4a0b
commit 5ffc4f8
Show file tree

Hide file tree

Showing 19 changed files with 486 additions and 299 deletions.
diff --git a/src/crypto/generators.cpp b/src/crypto/generators.cpp
@@ -75,7 +75,7 @@ constexpr public_key H = bytes_to<public_key>({ 0x8b, 0x65, 0x59, 0x70, 0x15, 0x
 //seraphis generator X: keccak_to_pt(keccak("seraphis_X"))
 constexpr public_key X = bytes_to<public_key>({ 0xa4, 0xfb, 0x43, 0xca, 0x69, 0x5e, 0x12, 0x99, 0x88, 0x02, 0xa2, 0x0a, 0x15,
     0x8f, 0x12, 0xea, 0x79, 0x47, 0x4f, 0xb9, 0x01, 0x21, 0x16, 0x95, 0x6a, 0x69, 0x76, 0x7c, 0x4d, 0x41, 0x11, 0x0f });
-//seraphis generator U: keccak_to_pt(keccak("seraphis_U"))
+//seraphis generator U: keccak_to_pt(keccak("Monero Generator T"))
 constexpr public_key U = bytes_to<public_key>({ 0x10, 0x94, 0x8b, 0x00, 0xd2, 0xde, 0x50, 0xb5, 0x76, 0x99, 0x8c, 0x11, 0xe8,
     0x3c, 0x59, 0xa7, 0x96, 0x84, 0xd2, 0x5c, 0x9f, 0x8a, 0x0d, 0xc6, 0x86, 0x45, 0x70, 0xd7, 0x97, 0xb9, 0xc1, 0x6e });
 static ge_p3 G_p3;
@@ -167,9 +167,9 @@ static public_key reproduce_generator_X()
 //-------------------------------------------------------------------------------------------------------------------
 static public_key reproduce_generator_U()
 {
-    // U = H_p(keccak("seraphis_U"))
+    // U = H_p(keccak("Monero Generator T"))
     const std::string U_salt{config::HASH_KEY_SERAPHIS_U};
-    hash U_temp_hash{cn_fast_hash(U_salt.data(), U_salt.size())};
+    const hash U_temp_hash{cn_fast_hash(U_salt.data(), U_salt.size())};
     public_key reproduced_U;
     hash_to_point(U_temp_hash, reproduced_U);
 
@@ -206,6 +206,9 @@ static void init_gens()
         ge_p3_to_cached(&X_cached, &X_p3);
         ge_p3_to_cached(&U_cached, &U_p3);
 
+        // @TODO: remove
+        std::cout << "U: " << epee::to_hex::string({(const unsigned char*)U.data, 32}) << std::endl;
+
         // in debug mode, check that generators are reproducible
         (void)reproduce_generator_G; assert(reproduce_generator_G() == G);
         (void)reproduce_generator_H; assert(reproduce_generator_H() == H);

diff --git a/src/cryptonote_config.h b/src/cryptonote_config.h
@@ -271,7 +271,7 @@ namespace config
   const constexpr char HASH_KEY_TXHASH_AND_MIXRING[] = "txhash_and_mixring";
   const constexpr char HASH_KEY_MULTISIG_BINONCE_MERGE_FACTOR[] = "multisig_binonce_merge_factor";
   const constexpr char HASH_KEY_SERAPHIS_X[] = "seraphis_X";
-  const constexpr char HASH_KEY_SERAPHIS_U[] = "seraphis_U";
+  const constexpr char HASH_KEY_SERAPHIS_U[] = "Monero Generator T"; // to match https://github.com/kayabaNerve/fcmp-plus-plus/blob/00242acf9a1402d6361f057e51deecebf73e17b4/coins/monero/generators/src/lib.rs#L39-L44
 
   const constexpr char TRANSCRIPT_PREFIX[] = "monero";
 

diff --git a/src/seraphis_core/jamtis_account_secrets.h b/src/seraphis_core/jamtis_account_secrets.h
@@ -46,6 +46,7 @@
 //standard headers
 
 //forward declarations
+namespace rct { struct key; }
 
 
 namespace sp
@@ -102,13 +103,13 @@ void make_jamtis_exchangebase_pubkey(const crypto::x25519_secret_key &d_unlock_r
 void make_jamtis_identifyreceived_key(const crypto::secret_key &k_view_balance,
     crypto::x25519_secret_key &d_identify_received_out);
 /**
-* brief: make_jamtis_identityreceived_pubkey - D_ir
+* brief: make_jamtis_identifyreceived_pubkey - D_ir
 *   - D_ir = D_ir * D_base
 * param: d_identify_received - d_ir
 * param: exchangebase_pubkey - D_base
 * outparam: identifyreceived_pubkey_out - D_ir
 */
-void make_jamtis_identityreceived_pubkey(const crypto::x25519_secret_key &d_identify_received,
+void make_jamtis_identifyreceived_pubkey(const crypto::x25519_secret_key &d_identify_received,
     const crypto::x25519_pubkey &exchangebase_pubkey,
     crypto::x25519_pubkey &identifyreceived_pubkey_out);
 /**
@@ -124,7 +125,7 @@ void make_jamtis_filterassist_key(const crypto::secret_key &s_view_balance,
 *   D_fa = d_fa * D_base
 * param: d_filter_assist - d_fa
 * param: exchangebase_pubkey - D_base
-* outparam: filterassist_pubky_out - D_fa
+* outparam: filterassist_pubkey_out - D_fa
 */
 void make_jamtis_filterassist_pubkey(const crypto::x25519_secret_key &d_filter_assist,
     const crypto::x25519_pubkey &exchangebase_pubkey,
@@ -145,6 +146,15 @@ void make_jamtis_generateaddress_secret(const crypto::secret_key &s_view_balance
 */
 void make_jamtis_ciphertag_secret(const crypto::secret_key &s_generate_address,
     crypto::secret_key &s_cipher_tag_out);
-
+/**
+ * brief: make_rct_spendkey - base public spendkey for RingCTv2
+ *   K_s = k_gi U + k_ps G
+ * param: k_generate_image - k_gi
+ * param: k_prove_spend - k_ps
+ * outparam: spend_pubkey_out - K_s
+*/
+void make_rct_spendkey(const crypto::secret_key &k_generate_image,
+    const crypto::secret_key &k_prove_spend,
+    rct::key &spend_pubkey_out);
 } //namespace jamtis
 } //namespace sp
diff --git a/src/seraphis_core/jamtis_destination.cpp b/src/seraphis_core/jamtis_destination.cpp
@@ -56,14 +56,14 @@ bool operator==(const JamtisDestinationV1 &a, const JamtisDestinationV1 &b)
 {
     return (a.addr_Ks    == b.addr_Ks)    &&
            (a.addr_Dfa   == b.addr_Dfa)   &&
-           (a.addr_Dvr   == b.addr_Dvr)   &&
+           (a.addr_Dir   == b.addr_Dir)   &&
            (a.addr_Dbase == b.addr_Dbase) &&
            (a.addr_tag   == b.addr_tag);
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_jamtis_destination_v1(const rct::key &spend_pubkey,
     const crypto::x25519_pubkey &filterassist_pubkey,
-    const crypto::x25519_pubkey &viewreceived_pubkey,
+    const crypto::x25519_pubkey &identifyreceived_pubkey,
     const crypto::x25519_pubkey &exchangebase_pubkey,
     const crypto::secret_key &s_generate_address,
     const address_index_t &j,
@@ -79,8 +79,8 @@ void make_jamtis_destination_v1(const rct::key &spend_pubkey,
     // D^j_fa = d^j_a * D_fa
     x25519_scmul_key(address_privkey, filterassist_pubkey, destination_out.addr_Dfa);
 
-    // D^j_vr = d^j_a * D_vr
-    x25519_scmul_key(address_privkey, viewreceived_pubkey, destination_out.addr_Dvr);
+    // D^j_ir = d^j_a * D_vr
+    x25519_scmul_key(address_privkey, identifyreceived_pubkey, destination_out.addr_Dir);
 
     // D^j_base = d^j_a * D_base
     x25519_scmul_key(address_privkey, exchangebase_pubkey, destination_out.addr_Dbase);
@@ -96,7 +96,7 @@ void make_jamtis_destination_v1(const rct::key &spend_pubkey,
 bool try_get_jamtis_index_from_destination_v1(const JamtisDestinationV1 &destination,
     const rct::key &spend_pubkey,
     const crypto::x25519_pubkey &filterassist_pubkey,
-    const crypto::x25519_pubkey &viewreceived_pubkey,
+    const crypto::x25519_pubkey &identifyreceived_pubkey,
     const crypto::x25519_pubkey &exchangebase_pubkey,
     const crypto::secret_key &s_generate_address,
     address_index_t &j_out)
@@ -114,7 +114,7 @@ bool try_get_jamtis_index_from_destination_v1(const JamtisDestinationV1 &destina
 
     make_jamtis_destination_v1(spend_pubkey,
         filterassist_pubkey,
-        viewreceived_pubkey,
+        identifyreceived_pubkey,
         exchangebase_pubkey,
         s_generate_address,
         nominal_address_index,
@@ -134,7 +134,7 @@ JamtisDestinationV1 gen_jamtis_destination_v1()
     JamtisDestinationV1 temp;
     temp.addr_Ks = rct::pkGen();
     temp.addr_Dfa = crypto::x25519_pubkey_gen();
-    temp.addr_Dvr = crypto::x25519_pubkey_gen();
+    temp.addr_Dir = crypto::x25519_pubkey_gen();
     temp.addr_Dbase = crypto::x25519_pubkey_gen();
     crypto::rand(sizeof(address_tag_t), temp.addr_tag.bytes);
 

diff --git a/src/seraphis_core/jamtis_destination.h b/src/seraphis_core/jamtis_destination.h
@@ -58,8 +58,8 @@ struct JamtisDestinationV1 final
     rct::key addr_Ks;
     /// D^j_fa   = d^j_a * D_fa                      (address filter-assist key)
     crypto::x25519_pubkey addr_Dfa;
-    /// D^j_vr   = d^j_a * D_vr                      (address view-received key)
-    crypto::x25519_pubkey addr_Dvr;
+    /// D^j_ir   = d^j_a * D_ir                      (address identify-received key)
+    crypto::x25519_pubkey addr_Dir;
     /// D^j_base = d^j_a * D_base                    (address DH base key)
     crypto::x25519_pubkey addr_Dbase;
     /// addr_tag
@@ -70,18 +70,35 @@ struct JamtisDestinationV1 final
 bool operator==(const JamtisDestinationV1 &a, const JamtisDestinationV1 &b);
 
 /**
-* brief: make_jamtis_destination_v1 - make a destination address
-* param: spend_pubkey - K_s = k_vb X + k_m U
+* brief: make_jamtis_destination_v1 - make a destination address for the Seraphis protocol
+* param: spend_pubkey - K_s = k_gi X + k_ps U
 * param: filterassist_pubkey - D_fa = d_fa D_base
-* param: viewreceived_pubkey - D_vr = d_vr D_base
-* param: exchangebase_pubkey - D_base = d_vr xG
+* param: identifyreceived_pubkey - D_ir = d_ir D_base
+* param: exchangebase_pubkey - D_base = d_ur xG
 * param: s_generate_address - s_ga
 * param: j - address_index
 * outparam: destination_out - the full address, with address tag
 */
-void make_jamtis_destination_v1(const rct::key &spend_pubkey,
+void make_jamtis_destination_v1_sp(const rct::key &spend_pubkey,
     const crypto::x25519_pubkey &filterassist_pubkey,
-    const crypto::x25519_pubkey &viewreceived_pubkey,
+    const crypto::x25519_pubkey &identifyreceived_pubkey,
+    const crypto::x25519_pubkey &exchangebase_pubkey,
+    const crypto::secret_key &s_generate_address,
+    const address_index_t &j,
+    JamtisDestinationV1 &destination_out);
+/**
+* brief: make_jamtis_destination_v1 - make a destination address for the RingCTv2 protocol
+* param: spend_pubkey - K_s = k_gi U + k_ps G
+* param: filterassist_pubkey - D_fa = d_fa D_base
+* param: identifyreceived_pubkey - D_ir = d_ir D_base
+* param: exchangebase_pubkey - D_base = d_ur xG
+* param: s_generate_address - s_ga
+* param: j - address_index
+* outparam: destination_out - the full address, with address tag
+*/
+void make_jamtis_destination_v1_rct(const rct::key &spend_pubkey,
+    const crypto::x25519_pubkey &filterassist_pubkey,
+    const crypto::x25519_pubkey &identifyreceived_pubkey,
     const crypto::x25519_pubkey &exchangebase_pubkey,
     const crypto::secret_key &s_generate_address,
     const address_index_t &j,
@@ -92,16 +109,16 @@ void make_jamtis_destination_v1(const rct::key &spend_pubkey,
 * param: destination - destination address to recreate
 * param: spend_pubkey - K_s
 * param: filterassist_pubkey - D_fa = d_fa xG
-* param: viewreceived_pubkey - D_vr = d_vr xG
-* param: exchangebase_pubkey - D_base = d_vr xG
+* param: identifyreceived_pubkey - D_ir = d_ir xG
+* param: exchangebase_pubkey - D_base = d_ur xG
 * param: s_generate_address - s_ga
 * outparam: j_out - address index (if successful)
 * return: true if the destination can be recreated
 */
 bool try_get_jamtis_index_from_destination_v1(const JamtisDestinationV1 &destination,
     const rct::key &spend_pubkey,
     const crypto::x25519_pubkey &filterassist_pubkey,
-    const crypto::x25519_pubkey &viewreceived_pubkey,
+    const crypto::x25519_pubkey &identifyreceived_pubkey,
     const crypto::x25519_pubkey &exchangebase_pubkey,
     const crypto::secret_key &s_generate_address,
     address_index_t &j_out);