Copyright (c) 2018 The Mask Project.
Copyright (c) 2014-2018 The Monero Project.
Portions Copyright (c) 2012-2013 The Cryptonote developers.
Mask is a highly private, secure, untraceable, decentralised digital currency with a default 60-mixin. You are your bank, you control your funds, and nobody can trace your transfers unless you allow them to do so.
Privacy: Mask uses a cryptographically sound system to allow you to send and receive funds without your transactions being easily revealed on the blockchain (the ledger of transactions that everyone has). This ensures that your purchases, receipts, and all transfers remain absolutely private by default.
Security: Using the power of a distributed peer-to-peer consensus network, every transaction on the network is cryptographically secured. Individual wallets have a 25 word mnemonic seed that is only displayed once, and can be written down to backup the wallet. Wallet files are encrypted with a passphrase to ensure they are useless if stolen.
Untraceability: By taking advantage of ring signatures, a special property of a certain type of cryptography, Mask is able to ensure that transactions are not only untraceable, but have an optional measure of ambiguity that ensures that transactions cannot easily be tied back to an individual user or computer.
Scalability: By taking advantage of ring signatures, a special property of a certain type of cryptography, Mask is able to ensure that transactions are not only untraceable, but have an optional measure of ambiguity that ensures that transactions cannot easily be tied back to an individual user or computer.
About this project
This is the core implementation of Mask. It is open source and completely free to use without restrictions, except for those specified in the license agreement below. There are no restrictions on anyone creating an alternative implementation of Mask that uses the protocol and network in a compatible manner.
As with many development projects, the repository on Github is considered to be the "staging" area for the latest changes. Before changes are merged into that branch on the main repository, they are tested by individual developers in their own branches, submitted as a pull request, and then subsequently tested by contributors who focus on testing and code reviews. That having been said, the repository should be carefully considered before using it in a production environment, unless there is a patch in the repository for a particular show-stopping issue you are experiencing. It is generally a better idea to use a tagged release for stability.
Anyone is welcome to contribute to Mask's codebase! If you have a fix or code change, feel free to submit it as a pull request directly to the "master" branch. In cases where the change is relatively small or does not affect other parts of the codebase it may be merged in immediately by any one of the collaborators. On the other hand, if the change is particularly large or complex, it is expected that it will be discussed at length either well in advance of the pull request being submitted, or even directly on the pull request.
If you want to help out, see CONTRIBUTING for a set of guidelines.
Release staging schedule and protocol
Approximately three months prior to a scheduled software upgrade, a branch from Master will be created with the new release version tag. Pull requests that address bugs should then be made to both Master and the new release branch. Pull requests that require extensive review and testing (generally, optimizations and new features) should not be made to the release branch.
Compiling Mask from source
The following table summarizes the tools and libraries required to build. A
few of the libraries are also included in this repository (marked as
"Vendored"). By default, the build uses the library installed on the system,
and ignores the vendored sources. However, if no library is found installed on
the system, then the vendored source will be built and used. The vendored
sources are also used for statically-linked builds because distribution
packages often include only shared library binaries (
.so) but not static
library archives (
|Dep||Min. version||Vendored||Debian/Ubuntu pkg||Arch pkg||Fedora||Optional||Purpose|
[^] On Debian/Ubuntu
libgtest-dev only includes sources and headers. You must
build the library binary manually. This can be done with the following command
sudo apt-get install libgtest-dev && cd /usr/src/gtest && sudo cmake . && sudo make && sudo mv libg* /usr/lib/
Cloning the repository
Clone recursively to pull-in needed submodule(s):
$ git clone --recursive https://github.com/mask-project/mask
If you already have a repo cloned, initialize and update:
$ cd mask && git submodule init && git submodule update
Mask uses the CMake build system and a top-level Makefile that invokes cmake commands as needed.
On Linux and OS X
Install the dependencies
For 'release-static' make sure to install
Change to the root of the source code directory and build:
cd mask make
Optional: If your machine has several cores and enough memory, enable parallel build by running
make -j<number of threads>instead of
make. For this to be worthwhile, the machine should have one core and about 2GB of RAM available per thread.
Note: If cmake can not find zmq.hpp file on OS X, installing
zmq.hppfrom https://github.com/zeromq/cppzmq to
/usr/local/includeshould fix that error.
The resulting executables can be found in
Run Mask with
Optional: build and run the test suite to verify the binaries:
core_teststest may take a few hours to complete.
Optional: to build binaries suitable for debugging:
Optional: to build statically-linked binaries:
Optional: build documentation in
graphvizis not installed):
HAVE_DOT=YES doxygen Doxyfile
Binaries for Windows are built on Windows using the MinGW toolchain within MSYS2 environment. The MSYS2 environment emulates a POSIX system. The toolchain runs within the environment and cross-compiles binaries that can run outside of the environment as a regular Windows application.
Preparing the build environment
Download and install the MSYS2 installer, either the 64-bit or the 32-bit package, depending on your system.
Open the MSYS shell via the
Update packages using pacman:
Exit the MSYS shell using Alt+F4
Edit the properties for the
MSYS2 Shellshortcut changing "msys2_shell.bat" to "msys2_shell.cmd -mingw64" for 64-bit builds or "msys2_shell.cmd -mingw32" for 32-bit builds
Restart MSYS shell via modified shortcut and update packages again using pacman:
To build for 64-bit Windows:
pacman -S mingw-w64-x86_64-toolchain make mingw-w64-x86_64-cmake mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-zeromq mingw-w64-x86_64-libsodium
To build for 32-bit Windows:
pacman -S mingw-w64-i686-toolchain make mingw-w64-i686-cmake mingw-w64-i686-boost mingw-w64-i686-openssl mingw-w64-i686-zeromq mingw-w64-i686-libsodium
Open the MingW shell via
MinGW-w64-Win64 Shellshortcut on 64-bit Windows or
MinGW-w64-Win64 Shellshortcut on 32-bit Windows. Note that if you are running 64-bit Windows, you will have both 64-bit and 32-bit MinGW shells.
If you are on a 64-bit system, run:
If you are on a 32-bit system, run:
The resulting executables can be found in
# Create boost building directory mkdir ~/boost cd ~/boost # Fetch boost source ftp -o boost_1_64_0.tar.bz2 https://netcologne.dl.sourceforge.net/project/boost/boost/1.64.0/boost_1_64_0.tar.bz2 # MUST output: (SHA256) boost_1_64_0.tar.bz2: OK echo "7bcc5caace97baa948931d712ea5f37038dbb1c5d89b43ad4def4ed7cb683332 boost_1_64_0.tar.bz2" | sha256 -c tar xfj boost_1_64_0.tar.bz2 # Fetch and apply boost patches, required for OpenBSD ftp -o boost_test_impl_execution_monitor_ipp.patch https://raw.githubusercontent.com/openbsd/ports/bee9e6df517077a7269ff0dfd57995f5c6a10379/devel/boost/patches/patch-boost_test_impl_execution_monitor_ipp ftp -o boost_config_platform_bsd_hpp.patch https://raw.githubusercontent.com/openbsd/ports/90658284fb786f5a60dd9d6e8d14500c167bdaa0/devel/boost/patches/patch-boost_config_platform_bsd_hpp # MUST output: (SHA256) boost_config_platform_bsd_hpp.patch: OK echo "1f5e59d1154f16ee1e0cc169395f30d5e7d22a5bd9f86358f738b0ccaea5e51d boost_config_platform_bsd_hpp.patch" | sha256 -c # MUST output: (SHA256) boost_test_impl_execution_monitor_ipp.patch: OK echo "30cec182a1437d40c3e0bd9a866ab5ddc1400a56185b7e671bb3782634ed0206 boost_test_impl_execution_monitor_ipp.patch" | sha256 -c cd boost_1_64_0 patch -p0 < ../boost_test_impl_execution_monitor_ipp.patch patch -p0 < ../boost_config_platform_bsd_hpp.patch # Start building boost echo 'using clang : : c++ : <cxxflags>"-fvisibility=hidden -fPIC" <linkflags>"" <archiver>"ar" <striper>"strip" <ranlib>"ranlib" <rc>"" : ;' > user-config.jam ./bootstrap.sh --without-icu --with-libraries=chrono,filesystem,program_options,system,thread,test,date_time,regex,serialization,locale --with-toolset=clang ./b2 toolset=clang cxxflags="-stdlib=libc++" linkflags="-stdlib=libc++" -sICONV_PATH=/usr/local doas ./b2 -d0 runtime-link=shared threadapi=pthread threading=multi link=static variant=release --layout=tagged --build-type=complete --user-config=user-config.jam -sNO_BZIP2=1 -sICONV_PATH=/usr/local --prefix=/usr/local install
Build the cppzmq bindings.
We assume you are compiling with a non-root user and you have
# Create cppzmq building directory mkdir ~/cppzmq cd ~/cppzmq # Fetch cppzmq source ftp -o cppzmq-4.2.3.tar.gz https://github.com/zeromq/cppzmq/archive/v4.2.3.tar.gz # MUST output: (SHA256) cppzmq-4.2.3.tar.gz: OK echo "3e6b57bf49115f4ae893b1ff7848ead7267013087dc7be1ab27636a97144d373 cppzmq-4.2.3.tar.gz" | sha256 -c tar xfz cppzmq-4.2.3.tar.gz # Start building cppzmq cd cppzmq-4.2.3 mkdir build cd build cmake .. doas make install
env DEVELOPER_LOCAL_TOOLS=1 BOOST_ROOT=/usr/local make release-static
On Linux for Android (using docker):
# Build image (select android64.Dockerfile for aarch64) cd utils/build_scripts/ && docker build -f android32.Dockerfile -t mask-android . # Create container docker create -it --name mask-android mask-android bash # Get binaries docker cp mask-android:/opt/android/mask/build/release/bin .
Building portable statically linked binaries
By default, in either dynamically or statically linked builds, binaries target the specific host processor on which the build happens and are not portable to other processors. Portable binaries can be built using the following targets:
make release-static-linux-x86_64builds binaries on Linux on x86_64 portable across POSIX systems on x86_64 processors
make release-static-linux-i686builds binaries on Linux on x86_64 or i686 portable across POSIX systems on i686 processors
make release-static-linux-armv8builds binaries on Linux portable across POSIX systems on armv8 processors
make release-static-linux-armv7builds binaries on Linux portable across POSIX systems on armv7 processors
make release-static-linux-armv6builds binaries on Linux portable across POSIX systems on armv6 processors
make release-static-win64builds binaries on 64-bit Windows portable across 64-bit Windows systems
make release-static-win32builds binaries on 64-bit or 32-bit Windows portable across 32-bit Windows systems
The build places the binary in
bin/ sub-directory within the build directory
from which cmake was invoked (repository root by default). To run in
To list all available options, run
./bin/maskd --help. Options can be
specified either on the command line or in a configuration file passed by the
--config-file argument. To specify an option in the configuration file, add
a line with the syntax
argumentname is the name
of the argument without the leading dashes, for example
To run in background:
./bin/maskd --log-file maskd.log --detach
To run as a systemd service, copy
/etc/. The example
service assumes that the user
and its home is the data directory specified in the example
If you're on Mac, you may need to add the
--max-concurrency 1 option to
mask-wallet-cli, and possibly maskd, if you get crashes refreshing.
While Mask isn't made to integrate with Tor, it can be used wrapped with torsocks, by setting the following configuration parameters and environment variables:
--p2p-bind-ip 127.0.0.1on the command line or
p2p-bind-ip=127.0.0.1in maskd.conf to disable listening for connections on external interfaces.
--no-igdon the command line or
no-igd=1in maskd.conf to disable IGD (UPnP port forwarding negotiation), which is pointless with Tor.
DNS_PUBLIC=tcp://x.x.x.xwhere x.x.x.x is the IP of the desired DNS server, for DNS requests to go over TCP, so that they are routed through Tor. When IP is not specified, maskd uses the default list of servers defined in src/common/dns_utils.cpp.
TORSOCKS_ALLOW_INBOUND=1to tell torsocks to allow maskd to bind to interfaces to accept connections from the wallet. On some Linux systems, torsocks allows binding to localhost by default, so setting this variable is only necessary to allow binding to local LAN/VPN interfaces to allow wallets to connect from remote hosts. On other systems, it may be needed for local wallets as well.
- Do NOT pass
--detachwhen running through torsocks with systemd, (see utils/systemd/maskd.service for details).
Example command line to start maskd through Tor:
DNS_PUBLIC=tcp torsocks maskd --p2p-bind-ip 127.0.0.1 --no-igd
Using Tor on Tails
TAILS ships with a very restrictive set of firewall rules. Therefore, you need to add a rule to allow this connection too, in addition to telling torsocks to allow inbound connections. Full example:
sudo iptables -I OUTPUT 2 -p tcp -d 127.0.0.1 -m tcp --dport 18081 -j ACCEPT DNS_PUBLIC=tcp torsocks ./maskd --p2p-bind-ip 127.0.0.1 --no-igd --rpc-bind-ip 127.0.0.1 \ --data-dir /home/amnesia/Persistent/your/directory/to/the/blockchain
This section contains general instructions for debugging failed installs or problems encountered with Mask. First ensure you are running the latest version built from the Github repo.
Obtaining stack traces and core dumps on Unix systems
We generally use the tool
gdb (GNU debugger) to provide stack trace functionality, and
ulimit to provide core dumps in builds which crash or segfault.
- To use gdb in order to obtain a stack trace for a build that has stalled:
Run the build.
Once it stalls, enter the following command:
gdb /path/to/maskd `pidof maskd`
thread apply all bt within gdb in order to obtain the stack trace
- If however the core dumps or segfaults:
ulimit -c unlimited on the command line to enable unlimited filesizes for core dumps
echo core | sudo tee /proc/sys/kernel/core_pattern to stop cores from being hijacked by other tools
Run the build.
When it terminates with an output along the lines of "Segmentation fault (core dumped)", there should be a core dump file in the same directory as maskd. It may be named just
core.xxxx with numbers appended.
You can now analyse this core dump with
gdb as follows:
gdb /path/to/maskd /path/to/dumpfile
Print the stack trace with
- To run mask within gdb:
Pass command-line options with
--args followed by the relevant arguments
run to run maskd
Analysing memory corruption
We use the tool
valgrind for this.
valgrind /path/to/maskd. It will be slow.
Instructions for debugging suspected blockchain corruption as per @HYC
There is an
mdb_stat command in the LMDB source that can print statistics about the database but it's not routinely built. This can be built with the following command:
cd ~/mask/external/db_drivers/liblmdb && make
The output of
mdb_stat -ea <path to blockchain dir> will indicate inconsistencies in the blocks, block_heights and block_info table.
The output of
mdb_dump -s blocks <path to blockchain dir> and
mdb_dump -s block_info <path to blockchain dir> is useful for indicating whether blocks and block_info contain the same keys.
These records are dumped as hex data, where the first line is the key and the second line is the data.