- Remove implicit `operator bool` from ec_point/public_key/etc. which
was causing all sorts of implicit conversion mess and bugs.
- Change ec_point/public_key/etc. to use a `std::array<unsigned char,
32>` (via a base type) rather than a C-array of char that has to be
reinterpret_cast<>'ed all over the place.
- Add methods to ec_point/public_key/etc. that make it work more like a
container of bytes (`.data()`, `.size()`, `operator[]`, `begin()`,
`end()`).
- Make a generic `crypto::null<T>` that is a constexpr all-0 `T`, rather
than the mishmash `crypto::null_hash`, crypto::null_pkey,
crypto:#️⃣:null(), and so on.
- Replace three metric tons of `crypto::hash blahblah =
crypto::null_hash;` with the much simpler `crypto::hash blahblah{};`,
because there's no need to make a copy of a null hash in all these
cases. (Likewise for a few other null_whatevers).
- Remove a whole bunch of `if (blahblah == crypto::null_hash)` and `if
(blahblah != crypto::null_hash)` with the more concise `if
(!blahblah)` and `if (blahblah)` (which are fine via the newly
*explicit* bool conversion operators).
- `crypto::signature` becomes a 64-byte container (as above) but with
`c()` and `r()` to get the c() and r() data pointers. (Previously
`.c` and `.r` were `ec_scalar`s).
- Delete with great prejudice CRYPTO_MAKE_COMPARABLE and
CRYPTO_MAKE_HASHABLE and all the other utter trash in
`crypto/generic-ops.h`.
- De-inline functions in very common crypto/*.h files so that they don't
have to get compiled 300 times.
- Remove the disgusting include-a-C-header-inside-a-C++-namespace
garbage from some crypto headers trying to be both a C and *different*
C++ header at once.
- Remove the toxic, disgusting, shameful `operator&` on ec_scalar, etc.
that replace `&x` with `reinterpret_cast x into an unsigned char*`.
This was pure toxic waste.
- changed some `<<` outputs to fmt
- Random other small changes encountered while fixing everything that
cascaded out of the above changes.
oxen::log::info(...), etc. are a bit too verbose; this simplifies them
to just `log::info(...)`, etc. by aliasing the `oxen::log` namespace
into most of the common namespaces we use in core.
This result is usage that is shorter but also reads better:
oxen::log::info(logcat, "blah: {}", 42);
log::info(logcat, "blah: {}", 42);
This replaces the current epee logging system with our oxen::log
library. It replaces the easylogging library with spdlog, removes the
macros and replaces with functions and standardises how we call the
logs.
Fixes a few merge conflicts, several compilation errors, and
some behavioral incorrectness. Still a few bugs with wallet3
but as far as I can tell wallet2 and daemon etc. should be working
correctly.
All the encoding parts move to oxen-encoding recently; this updates to
the latest version of oxen-mq, adds oxen-encoding, and converts
everything to use oxenc headers rather than the oxenmq compatibility
shims.
tx scanning for basic transactions working
- TODO: subadresses. The scanning code is there, but it does not
currently know/care about any subaddresses.
daemon comms for basic syncing working
(multi-)wallet sync more or less working properly
- seem to have a dangling shared_ptr somewhere when removing a wallet from
daemon comms, so not working perfectly yet.
Lots of TODOs and cleanup needed, as well as further features of course.
This communicates with the Ledger over TCP, which is what the ledger
emulator requires.
To use, specify:
--hw-device LedgerTCP --hw-device-address localhost:9999
to the wallet command-line arguments.
- Clean up a bunch of not very nice C and older C++ code in the
`device/` tree.
- Rename device/device_io_* source files to io_*, and remove their `_io`
suffix from the class names (since they are *already* inside an `io`
namespace).
We can't call cryptonote::add_tx_secret_key_to_tx_extra from `device`
code because that isn't necessarily available in `device` (though for
some odd reason this only actually showed up on the i386 build).
This amends the call to just get the secret key, leaving the actual job
of adding it to tx.extra to the caller (which is a cleaner way to do it
anyway).
Being able to pass the hash to the Ledger might be abusable (e.g. if it
passed a different hash, with a different secret key to try to sign
something else using the device's secret keys).
We add the tx secret key to the tx_extra in staking transactions so that
values can be decoded, but the tx secret key value that we have on hand
is encrypted and so we can't access it.
This moves the call that adds the secret key into the device code so
that devices can provide this. It also adds the tx version/type earlier
in the process (into `open_tx`) so that the device can know early on
that this is a stake transaction and therefore that leaking the tx
secret key is okay (and can also apply other stake-specific behaviour).
Fixes lots of crappy C++ code. I strongly get the impression from these
changes that whoever wrote this code was a C programmer with very little
C++ experience. Sadly no one in the upstream Monero PR review tried to
help or seemed to care about the code quality.
- Get rid of superfluous `this->` throughout the ledger code.
- DRY: abstract away sending sequences of bytes, replacing:
memmove(buffer, this->buffer_send+offset, 32);
offset += 32
with:
send_bytes(buffer, 32, offset);
- DRY: abstract sending/receiving u32
- DRY: abstract receiving bytes/u32
- properly prefix memcpy/memmove with std::
- use std::string_view and std::string for setting/retrieving name
- rename `this->controle_device` to `debug_device`
- replace `f(void)` -> `f()` (on C++ methods, FFS!)
- DRY: replace set-length-then-exchange dance with a function
- DRY: merge nearly-identical exchange() and exchange_wait_for_input()
- remove never-used ok/mask arguments from exchange()
- Remove ASSERT_SW macro used only in one place
- Replace dumb ASSERT_X macro that was just an alias for another macro
- remove ASSERT_T0 macro that isn't used anywhere
don't send 32 null bytes for no reason in INS_GEN_TXOUT_KEYS when there
is no additional txkey (this doesn't even match the case when there
is one since we send it encrypted, requiring 64 bytes).
It's slow and unnecessary and depends on no keys in the hardware wallet
(c is public info in CLSAG). If the wallet was to provide a changed c
value then verification would simply fail.
The hard wallet debug code had no way to enable it, and if you did
manually add the define, didn't compile. It was also nasty, gross,
disgusting code that someone slopped into the file.
This fixes it, adds a cmake option for it, and significantly cleans it
up--just because code is for debugging doesn't mean it should be nasty
and broken.
- Sending one 32-byte key at a time is noticeably slower than sending in
larger chunks.
- Sending in 256-byte chunks was broken because the size field is only
254 bytes. Since we are actually sending these for Keccak, it makes
some sense to chunk it at 136 bytes (i.e. keccak block size).
- Change how multipart works to send as parts 1->2->...->0. Previously
0xff (rather than 0) marked the last chunk.
- Allow multi-part chunks to wrap by wrapping the part after 255 to 1
(skipping 0 since that now means "last").
- Use multi-part chunk scheme for CLSAG in addition to prefix hashing.
Function signatures (especially in headers) should be readable!
Also removes useless "const" on pass-by-value parameters from headers,
and pass the bool argument by value instead of by const lvalue
reference.
The blockchain doesn't accept MLSAG txes anymore (since HF16 + 10
blocks), so there is no need to keep the generation code around.
Also renames mlsag_prehash to clsag_prehash since that is where it is
primarily used now.
Tx prefix communication was missing some needed information on the tx
type, and was a little inefficient. This redoes the protocol to send
the tx type info and then the entire prefix (rather than starting from a
few bytes in). It also changes how we number requests and signal the
final piece of a multi-piece transmission.
Loki-side updates for Ledger Nano S support:
- Add a get-network command (and bump protocol version) so that we can
verify that the Ledger is set to the correct network type (i.e. mainnet
or testnet). Previously there was no check at all, so you could have a
testnet wallet on desktop using mainnet keys on the Ledger. Now they
get checked and an error occurs on mismatch.
- Reset required version to 0.9.0
Jason Rhinelander
Sean Darcy
Thomas Winget
Sean Darcy
François Colas
cslashm