New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bp7 #2883

Merged
merged 9 commits into from Dec 8, 2017

Conversation

5 participants
@moneromooo-monero
Contributor

moneromooo-monero commented Dec 3, 2017

The fork numbers and checking will be changed in a few days (especially the testnet/mainnet fork height for consensus).

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Dec 5, 2017

Contributor

New version of the last commit, which changes serialization to fill V from outPk, rather than the other way round, which will play better with pruning.

Contributor

moneromooo-monero commented Dec 5, 2017

New version of the last commit, which changes serialization to fill V from outPk, rather than the other way round, which will play better with pruning.

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Dec 7, 2017

Contributor

A few fixes and tweaks as last 3 commits, I'm keeping them out for now for ease of review, but I'll squash them before they get merged (fluffypony, ping me for this).

Contributor

moneromooo-monero commented Dec 7, 2017

A few fixes and tweaks as last 3 commits, I'm keeping them out for now for ease of review, but I'll squash them before they get merged (fluffypony, ping me for this).

@danrmiller

This comment has been minimized.

Show comment
Hide comment
@danrmiller

danrmiller Dec 7, 2017

Contributor

Some minor build oddities I brought up on IRC, but I think it could be worth considering working around them so that people can build easily with default setups.

Ubuntu 16.04 gcc 5.4:
https://build.getmonero.org/builders/monero-static-ubuntu-amd64/builds/2972/steps/compile/logs/stdio

/home/vagrant/slave/monero-static-ubuntu-amd64/build/src/cryptonote_basic/cryptonote_boost_serialization.h:287:38: error: logical 'and' of mutually exclusive tests is always false [-Werror=logical-op]
     if (x.type == rct::RCTTypeSimple && x.type == rct::RCTTypeSimpleBulletproof)
                                      ^

For this one (Clang3.8), should I just set CFLAGS=-Wno-error when I build, or do you think we should handle it specifically?:

https://build.getmonero.org/builders/monero-static-debian-armv8/builds/2590/steps/compile/logs/stdio

/mnt/buildbot/buildbot/slave/monero-static-debian-armv8/build/src/ringct/bulletproofs.cc:250:2: error: TODO: find a better invert func ? Though it seems pretty fast anyway [-Werror,-W#warnings]
#warning TODO: find a better invert func ? Though it seems pretty fast anyway
 ^
1 error generated.
Contributor

danrmiller commented Dec 7, 2017

Some minor build oddities I brought up on IRC, but I think it could be worth considering working around them so that people can build easily with default setups.

Ubuntu 16.04 gcc 5.4:
https://build.getmonero.org/builders/monero-static-ubuntu-amd64/builds/2972/steps/compile/logs/stdio

/home/vagrant/slave/monero-static-ubuntu-amd64/build/src/cryptonote_basic/cryptonote_boost_serialization.h:287:38: error: logical 'and' of mutually exclusive tests is always false [-Werror=logical-op]
     if (x.type == rct::RCTTypeSimple && x.type == rct::RCTTypeSimpleBulletproof)
                                      ^

For this one (Clang3.8), should I just set CFLAGS=-Wno-error when I build, or do you think we should handle it specifically?:

https://build.getmonero.org/builders/monero-static-debian-armv8/builds/2590/steps/compile/logs/stdio

/mnt/buildbot/buildbot/slave/monero-static-debian-armv8/build/src/ringct/bulletproofs.cc:250:2: error: TODO: find a better invert func ? Though it seems pretty fast anyway [-Werror,-W#warnings]
#warning TODO: find a better invert func ? Though it seems pretty fast anyway
 ^
1 error generated.
@fluffypony

Reviewed; hard to thoroughly review the crypto for robustness, but that's what testnet deployment is for:)

moneromooo-monero and others added some commits Dec 7, 2017

epee: add do while(0) around brace statement in a macro
Allows use in more complex expressions
@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Dec 7, 2017

Contributor

Odd about that #warning, it's not seen as an error for me... Maybe -Werror is set for CLANG only ?
Anyway, I'll remove it.

Contributor

moneromooo-monero commented Dec 7, 2017

Odd about that #warning, it's not seen as an error for me... Maybe -Werror is set for CLANG only ?
Anyway, I'll remove it.

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Dec 7, 2017

Contributor

Fixed, and rebased.

Contributor

moneromooo-monero commented Dec 7, 2017

Fixed, and rebased.

Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
else
{
CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.ecdhInfo.size(), "Mismatched sizes of rv.outPk and rv.ecdhInfo");
}

This comment has been minimized.

@stoffu

stoffu Dec 8, 2017

Contributor

I don't see the equivalent changes made to decodeRct. Does this mean that the BPs are somehow disallowed for the Full RingCT? But that sounds strange, because the range proofs and the input ring signatures are completely independent. Also, the proving part genRct takes a switch bulletproof and does use BP.

@stoffu

stoffu Dec 8, 2017

Contributor

I don't see the equivalent changes made to decodeRct. Does this mean that the BPs are somehow disallowed for the Full RingCT? But that sounds strange, because the range proofs and the input ring signatures are completely independent. Also, the proving part genRct takes a switch bulletproof and does use BP.

Show outdated Hide outdated src/ringct/rctTypes.h Outdated
Show outdated Hide outdated src/ringct/rctTypes.h Outdated
@@ -490,5 +545,6 @@ VARIANT_TAG(json_archive, rct::mgSig, "rct_mgSig");
VARIANT_TAG(json_archive, rct::rangeSig, "rct_rangeSig");
VARIANT_TAG(json_archive, rct::boroSig, "rct_boroSig");
VARIANT_TAG(json_archive, rct::rctSig, "rct_rctSig");
VARIANT_TAG(json_archive, rct::Bulletproof, "rct_bulletproof");

This comment has been minimized.

@stoffu

stoffu Dec 8, 2017

Contributor

Perhaps src/serialization/json_object needs to be updated as well? Just a guess.

@stoffu

stoffu Dec 8, 2017

Contributor

Perhaps src/serialization/json_object needs to be updated as well? Just a guess.

This comment has been minimized.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

Hmm. I guess, I don't know about this one... I think it's a new 0mq one. I'll fix it up too.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

Hmm. I guess, I don't know about this one... I think it's a new 0mq one. I'll fix it up too.

Show outdated Hide outdated src/wallet/wallet2.cpp Outdated
Show outdated Hide outdated src/wallet/wallet2.cpp Outdated
Show outdated Hide outdated src/wallet/wallet2.cpp Outdated
@@ -132,7 +132,7 @@ bool gen_rct_tx_validation_base::generate_with(std::vector<test_event_entry>& ev
CHECK_AND_ASSERT_MES(r, false, "Failed to generate key derivation");
crypto::secret_key amount_key;
crypto::derivation_to_scalar(derivation, o, amount_key);
if (rct_txes[n].rct_signatures.type == rct::RCTTypeSimple)
if (rct_txes[n].rct_signatures.type == rct::RCTTypeSimple || rct_txes[n].rct_signatures.type == rct::RCTTypeSimpleBulletproof)

This comment has been minimized.

@stoffu

stoffu Dec 8, 2017

Contributor

I think a similar change is needed for this line tests/performance_tests/check_tx_signature.h:83:

  if (m_tx.rct_signatures.type == rct::RCTTypeFull)
@stoffu

stoffu Dec 8, 2017

Contributor

I think a similar change is needed for this line tests/performance_tests/check_tx_signature.h:83:

  if (m_tx.rct_signatures.type == rct::RCTTypeFull)
Show outdated Hide outdated src/ringct/bulletproofs.h Outdated
Show outdated Hide outdated src/ringct/bulletproofs.cc Outdated
rct::key ipt = inner_product(twoN, aL);
sc_muladd(test_t0.bytes, zsq.bytes, ipt.bytes, test_t0.bytes);
sc_add(test_t0.bytes, test_t0.bytes, k.bytes);
CHECK_AND_ASSERT_THROW_MES(t0 == test_t0, "t0 check failed");

This comment has been minimized.

@stoffu

stoffu Dec 8, 2017

Contributor

If this debug code is to be activated under some circumstance, I think this shouldn't throw here, because otherwise the unit test doesn't pass for the intended failure cases.

@stoffu

stoffu Dec 8, 2017

Contributor

If this debug code is to be activated under some circumstance, I think this shouldn't throw here, because otherwise the unit test doesn't pass for the intended failure cases.

This comment has been minimized.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

I don't think this is an intended failure case, it checks the code above is correct. Which unit test is not passing when this is enabled ?

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

I don't think this is an intended failure case, it checks the code above is correct. Which unit test is not passing when this is enabled ?

This comment has been minimized.

@stoffu

stoffu Dec 8, 2017

Contributor

This is what I get when DEBUG_BP is activated:

[----------] 4 tests from bulletproofs
[ RUN      ] bulletproofs.valid_zero
[       OK ] bulletproofs.valid_zero (211 ms)
[ RUN      ] bulletproofs.valid_max
[       OK ] bulletproofs.valid_max (236 ms)
[ RUN      ] bulletproofs.invalid_8
2017-12-08 09:22:35.557	  0x7fffae0623c0	ERROR	bulletproofs	src/ringct/bulletproofs.cc:395	t0 check failed
unknown file: Failure
C++ exception with description "t0 check failed" thrown in the test body.
[  FAILED  ] bulletproofs.invalid_8 (54 ms)
[ RUN      ] bulletproofs.invalid_31
2017-12-08 09:22:35.614	  0x7fffae0623c0	ERROR	bulletproofs	src/ringct/bulletproofs.cc:395	t0 check failed
unknown file: Failure
C++ exception with description "t0 check failed" thrown in the test body.
[  FAILED  ] bulletproofs.invalid_31 (52 ms)
[----------] 4 tests from bulletproofs (554 ms total)
@stoffu

stoffu Dec 8, 2017

Contributor

This is what I get when DEBUG_BP is activated:

[----------] 4 tests from bulletproofs
[ RUN      ] bulletproofs.valid_zero
[       OK ] bulletproofs.valid_zero (211 ms)
[ RUN      ] bulletproofs.valid_max
[       OK ] bulletproofs.valid_max (236 ms)
[ RUN      ] bulletproofs.invalid_8
2017-12-08 09:22:35.557	  0x7fffae0623c0	ERROR	bulletproofs	src/ringct/bulletproofs.cc:395	t0 check failed
unknown file: Failure
C++ exception with description "t0 check failed" thrown in the test body.
[  FAILED  ] bulletproofs.invalid_8 (54 ms)
[ RUN      ] bulletproofs.invalid_31
2017-12-08 09:22:35.614	  0x7fffae0623c0	ERROR	bulletproofs	src/ringct/bulletproofs.cc:395	t0 check failed
unknown file: Failure
C++ exception with description "t0 check failed" thrown in the test body.
[  FAILED  ] bulletproofs.invalid_31 (52 ms)
[----------] 4 tests from bulletproofs (554 ms total)

This comment has been minimized.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

I see, that's because I split the function in two so I could monkey with the keyed amount. Will fix.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

I see, that's because I split the function in two so I could monkey with the keyed amount. Will fix.

This comment has been minimized.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

Actually I'll leave this one as is. Just don't run the unit tests with the debug code in. We want to be able to check the verification fails on such a proof.

@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

Actually I'll leave this one as is. Just don't run the unit tests with the debug code in. We want to be able to check the verification fails on such a proof.

Show outdated Hide outdated src/ringct/bulletproofs.cc Outdated
rct::key test_t;
sc_muladd(test_t.bytes, t1.bytes, x.bytes, t0.bytes);
sc_muladd(test_t.bytes, t2.bytes, xsq.bytes, test_t.bytes);
CHECK_AND_ASSERT_THROW_MES(test_t == t, "test_t check failed");

This comment has been minimized.

@stoffu

stoffu Dec 8, 2017

Contributor

Same comment about throwing (or not)

@stoffu

stoffu Dec 8, 2017

Contributor

Same comment about throwing (or not)

Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated
Show outdated Hide outdated src/ringct/rctSigs.cpp Outdated

moneromooo-monero added some commits Nov 30, 2017

add bulletproofs to the build, with basic unit tests
Based on Java code from Sarang Noether
@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Dec 8, 2017

Contributor

This now uses OpenSSL for inverse, rather than GMP.

Contributor

moneromooo-monero commented Dec 8, 2017

This now uses OpenSSL for inverse, rather than GMP.

@stoffu

stoffu approved these changes Dec 8, 2017

@fluffypony

Reviewed

@fluffypony fluffypony merged commit c83d0b3 into monero-project:master Dec 8, 2017

4 of 13 checks passed

buildbot/monero-static-alpine-3.5-x86_64 Build done.
Details
buildbot/monero-static-dragonflybsd-amd64 Build done.
Details
buildbot/monero-static-freebsd64 Build done.
Details
buildbot/monero-static-openbsd-amd64 Build done.
Details
buildbot/monero-static-ubuntu-amd64 Build done.
Details
buildbot/monero-static-ubuntu-i686 Build done.
Details
buildbot/monero-static-win32 Build done.
Details
buildbot/monero-static-win64 Build done.
Details
buildbot/monero-static-debian-armv8 Build started.
Details
buildbot/monero-android-armv7 Build done.
Details
buildbot/monero-static-osx-10.10 Build done.
Details
buildbot/monero-static-osx-10.11 Build done.
Details
buildbot/monero-static-osx-10.12 Build done.
Details

fluffypony added a commit that referenced this pull request Dec 8, 2017

Merge pull request #2883
c83d0b3 add bulletproofs from v7 on testnet (moneromooo-monero)
8620ef0 bulletproofs: switch H/G in Pedersen commitments to match rct (moneromooo-monero)
d58835b integrate bulletproofs into monero (moneromooo-monero)
90b8d9f add bulletproofs to the build, with basic unit tests (moneromooo-monero)
fe12026 perf_timer: add non scoped start/stop timer defines (moneromooo-monero)
ada4291 add a version of ge_double_scalarmult_precomp_vartime with A precomp (moneromooo-monero)
d43eef6 ringct: add a version of addKeys which returns the result (moneromooo-monero)
7ff0792 sc_mul and sc_muladd (luigi1111)
3d0b54b epee: add do while(0) around brace statement in a macro (moneromooo-monero)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment