// Copyright (c) 2014-2019, The Monero Project // Copyright (c) 2018, The Loki Project // // All rights reserved. // // Redistribution and use in source and binary forms, with or without modification, are // permitted provided that the following conditions are met: // // 1. Redistributions of source code must retain the above copyright notice, this list of // conditions and the following disclaimer. // // 2. Redistributions in binary form must reproduce the above copyright notice, this list // of conditions and the following disclaimer in the documentation and/or other // materials provided with the distribution. // // 3. Neither the name of the copyright holder nor the names of its contributors may be // used to endorse or promote products derived from this software without specific // prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers #include "wallet2.h" #include #include #include #include #include #include #include #include #include #include #include "common/apply_permutation.h" #include "common/base58.h" #include "common/boost_serialization_helper.h" #include "common/combinator.h" #include "common/command_line.h" #include "common/file.h" #include "common/fs-format.h" #include "common/hex.h" #include "common/i18n.h" #include "common/notify.h" #include "common/password.h" #include "common/rules.h" #include "common/string_util.h" #include "common/threadpool.h" #include "common/util.h" #include "crypto/crypto.h" #include "cryptonote_basic/cryptonote_basic_impl.h" #include "cryptonote_basic/cryptonote_format_utils.h" #include "cryptonote_basic/hardfork.h" #include "cryptonote_basic/tx_extra.h" #include "cryptonote_config.h" #include "cryptonote_core/oxen_name_system.h" #include "cryptonote_core/tx_sanity_check.h" #include "device/device_cold.hpp" #include "epee/memwipe.h" #include "mnemonics/electrum-words.h" #include "multisig/multisig.h" #include "rapidjson/document.h" #include "rapidjson/stringbuffer.h" #include "rapidjson/writer.h" #include "ringct/fmt.h" #include "ringct/rctSigs.h" #include "ringdb.h" #include "rpc/core_rpc_server_commands_defs.h" #include "serialization/binary_utils.h" #include "serialization/boost_std_variant.h" #include "serialization/string.h" #include "wallet/wallet_errors.h" #ifdef DEVICE_TREZOR_READY #include "device_trezor/device_trezor.hpp" #endif #include #include "common/oxen.h" #include "cryptonote_core/service_node_list.h" #include "cryptonote_core/service_node_rules.h" #include "logging/oxen_logger.h" #include "oxen_economy.h" extern "C" { #include #include "crypto/crypto-ops.h" #include "crypto/keccak.h" } // Uncomment to enable scanning of the genesis block (which is only useful for the actual // testnet/devnet governance wallets) // #define SCAN_GENESIS_BLOCK using namespace crypto; using namespace cryptonote; namespace tools { namespace { static auto logcat = log::Cat("wallet.wallet2"); constexpr std::string_view UNSIGNED_TX_PREFIX = "Loki unsigned tx set\004"sv; constexpr std::string_view SIGNED_TX_PREFIX = "Loki signed tx set\004"sv; constexpr std::string_view MULTISIG_UNSIGNED_TX_PREFIX = "Loki multisig unsigned tx set\001"sv; constexpr std::string_view UNSIGNED_TX_PREFIX_NOVER = UNSIGNED_TX_PREFIX.substr(0, UNSIGNED_TX_PREFIX.size() - 1); constexpr std::string_view SIGNED_TX_PREFIX_NOVER = SIGNED_TX_PREFIX.substr(0, SIGNED_TX_PREFIX.size() - 1); constexpr std::string_view MULTISIG_UNSIGNED_TX_PREFIX_NOVER = MULTISIG_UNSIGNED_TX_PREFIX.substr(0, MULTISIG_UNSIGNED_TX_PREFIX.size() - 1); constexpr float RECENT_OUTPUT_RATIO = 0.5f; // 50% of outputs are from the recent zone constexpr float RECENT_OUTPUT_DAYS = 1.8f; // last 1.8 day makes up the recent zone (taken from // monerolink.pdf, Miller et al) constexpr time_t RECENT_OUTPUT_ZONE = RECENT_OUTPUT_DAYS * 86400; constexpr uint64_t RECENT_OUTPUT_BLOCKS = RECENT_OUTPUT_DAYS * BLOCKS_PER_DAY; constexpr uint64_t FEE_ESTIMATE_GRACE_BLOCKS = 10; // estimate fee valid for that many blocks constexpr float SECOND_OUTPUT_RELATEDNESS_THRESHOLD = 0.0f; constexpr std::string_view KEY_IMAGE_EXPORT_FILE_MAGIC = "Loki key image export\002"sv; constexpr std::string_view MULTISIG_EXPORT_FILE_MAGIC = "Loki multisig export\001"sv; constexpr std::string_view OUTPUT_EXPORT_FILE_MAGIC = "Loki output export\003"sv; constexpr uint64_t SEGREGATION_FORK_HEIGHT = 99999999; constexpr uint64_t SEGREGATION_FORK_VICINITY = 1500; // blocks constexpr uint64_t FIRST_REFRESH_GRANULARITY = 1024; constexpr double GAMMA_SHAPE = 19.28; constexpr double GAMMA_SCALE = 1 / 1.61; constexpr uint32_t DEFAULT_MIN_OUTPUT_COUNT = 5; constexpr uint64_t DEFAULT_MIN_OUTPUT_VALUE = 2 * oxen::COIN; constexpr auto DEFAULT_INACTIVITY_LOCK_TIMEOUT = 10min; constexpr hf IGNORE_LONG_PAYMENT_ID_FROM_BLOCK_VERSION = hf::hf12_checkpointing; constexpr std::string_view SIG_MAGIC = "SigV1"sv; constexpr std::string_view MULTISIG_MAGIC = "MultisigV1"sv; constexpr std::string_view MULTISIG_SIGNATURE_MAGIC = "SigMultisigPkV1"sv; constexpr std::string_view MULTISIG_EXTRA_INFO_MAGIC = "MultisigxV1"sv; constexpr std::string_view SPEND_PROOF_MAGIC = "SpendProofV1"sv; constexpr std::string_view OUTBOUND_PROOF_MAGIC = "OutProofV1"sv; constexpr std::string_view INBOUND_PROOF_MAGIC = "InProofV1"sv; constexpr std::string_view RESERVE_PROOF_MAGIC = "ReserveProofV1"sv; // used to target a given block weight (additional outputs may be added on top to build fee) constexpr uint64_t tx_weight_target(uint64_t bytes) { return bytes * 2 / 3; } std::string get_default_ringdb_path() { // remove .oxen, replace with .shared-ringdb return tools::get_default_data_dir().replace_filename(".shared-ringdb").u8string(); } std::string pack_multisignature_keys( const std::vector& keys, const crypto::secret_key& signer_secret_key) { std::string data; crypto::public_key signer; CHECK_AND_ASSERT_THROW_MES( crypto::secret_key_to_public_key(signer_secret_key, signer), "Failed to derive public spend key"); data += std::string((const char*)&signer, sizeof(crypto::public_key)); for (const auto& key : keys) { data += std::string((const char*)&key, sizeof(crypto::public_key)); } data.resize(data.size() + sizeof(crypto::signature)); crypto::hash hash; crypto::cn_fast_hash(data.data(), data.size() - sizeof(crypto::signature), hash); crypto::signature& signature = *(crypto::signature*)&data[data.size() - sizeof(crypto::signature)]; crypto::generate_signature(hash, signer, signer_secret_key, signature); return std::string{MULTISIG_EXTRA_INFO_MAGIC} + tools::base58::encode(data); } std::vector secret_keys_to_public_keys( const std::vector& keys) { std::vector public_keys; public_keys.reserve(keys.size()); std::transform( keys.begin(), keys.end(), std::back_inserter(public_keys), [](const crypto::secret_key& k) -> crypto::public_key { crypto::public_key p; CHECK_AND_ASSERT_THROW_MES( crypto::secret_key_to_public_key(k, p), "Failed to derive public spend key"); return p; }); return public_keys; } bool keys_intersect( const std::unordered_set& s1, const std::unordered_set& s2) { if (s1.empty() || s2.empty()) return false; for (const auto& e : s1) { if (s2.find(e) != s2.end()) return true; } return false; } std::string get_text_reason( const nlohmann::json& res, cryptonote::transaction const* tx, bool blink) { if (blink) { return res["reason"].get(); } else { std::ostringstream os; const auto tvc = res["tvc"]; if (auto got = tvc.find("m_verbose_error"); got != tvc.end()) os << res["tvc"]["m_verbose_error"].get() << "\n"; if (auto got = tvc.find("m_verifivation_failed"); got != tvc.end()) os << "Verification failed, connection should be dropped, "; // bad tx, should drop // connection if (auto got = tvc.find("m_verifivation_impossible"); got != tvc.end()) os << "Verification impossible, related to alt chain, "; // the transaction is // related with an // alternative blockchain if (auto got = tvc.find("m_should_be_relayed"); got == tvc.end()) os << "TX should NOT be relayed, "; if (auto got = tvc.find("m_added_to_pool"); got != tvc.end()) os << "TX added to pool, "; if (auto got = tvc.find("m_low_mixin"); got != tvc.end()) os << "Insufficient mixin, "; if (auto got = tvc.find("m_double_spend"); got != tvc.end()) os << "Double spend TX, "; if (auto got = tvc.find("m_invalid_input"); got != tvc.end()) os << "Invalid inputs, "; if (auto got = tvc.find("m_invalid_output"); got != tvc.end()) os << "Invalid outputs, "; if (auto got = tvc.find("m_too_few_outputs"); got != tvc.end()) os << "Need at least 2 outputs, "; if (auto got = tvc.find("m_too_big"); got != tvc.end()) os << "TX too big, "; if (auto got = tvc.find("m_overspend"); got != tvc.end()) os << "Overspend, "; if (auto got = tvc.find("m_fee_too_low"); got != tvc.end()) os << "Fee too low, "; if (auto got = tvc.find("m_invalid_version"); got != tvc.end()) os << "TX has invalid version, "; if (auto got = tvc.find("m_invalid_type"); got != tvc.end()) os << "TX has invalid type, "; if (auto got = tvc.find("m_key_image_locked_by_snode"); got != tvc.end()) os << "Key image is locked by service node, "; if (auto got = tvc.find("m_key_image_blacklisted"); got != tvc.end()) os << "Key image is blacklisted on the service node network, "; const auto m_vote_ctx = tvc["m_vote_ctx"]; if (auto got = m_vote_ctx.find("m_validator_index_out_of_bounds"); got != m_vote_ctx.end()) os << "Validator index out of bounds"; if (auto got = m_vote_ctx.find("m_signature_not_valid"); got != m_vote_ctx.end()) os << "Signature not valid, "; if (auto got = m_vote_ctx.find("m_added_to_pool"); got != m_vote_ctx.end()) os << "Added to pool, "; if (auto got = m_vote_ctx.find("m_not_enough_votes"); got != m_vote_ctx.end()) os << "Not enough votes, "; if (auto got = m_vote_ctx.find("m_incorrect_voting_group"); got != m_vote_ctx.end()) os << "Incorrect voting group specified,"; if (auto got = m_vote_ctx.find("m_votes_not_sorted"); got != m_vote_ctx.end()) os << "Votes are not stored in ascending order"; if (tx) os << "TX Version: {}, Type: {}"_format(tx->version, tx->type); std::string buf = os.str(); if (buf.size() >= 2 && buf[buf.size() - 2] == ',') buf.resize(buf.size() - 2); return buf; } } size_t get_num_outputs( const std::vector& dsts, const std::vector& transfers, const std::vector& selected_transfers, const oxen_construct_tx_params& tx_params) { size_t outputs = dsts.size(); uint64_t needed_money = 0; for (const auto& dt : dsts) needed_money += dt.amount; uint64_t found_money = 0; for (size_t idx : selected_transfers) found_money += transfers[idx].amount(); if (found_money != needed_money) ++outputs; // change if (outputs < (tx_params.tx_type == cryptonote::txtype::oxen_name_system ? 1 : 2)) ++outputs; // extra 0 dummy output return outputs; } // Create on-demand to prevent static initialization order fiasco issues. struct options { const command_line::arg_descriptor daemon_address = { "daemon-address", tools::wallet2::tr("Use oxend RPC at [http://][:]"), ""}; const command_line::arg_descriptor daemon_login = { "daemon-login", tools::wallet2::tr("Specify username[:password] for daemon RPC client"), "", true}; const command_line::arg_descriptor proxy = { "proxy", tools::wallet2::tr("Use socks proxy at [socks4a://]: for daemon " "connections"), "", true}; const command_line::arg_descriptor trusted_daemon = { "trusted-daemon", tools::wallet2::tr("Enable commands which rely on a trusted daemon"), false}; const command_line::arg_descriptor untrusted_daemon = { "untrusted-daemon", tools::wallet2::tr("Disable commands which rely on a trusted daemon"), false}; const command_line::arg_descriptor daemon_ssl_private_key = { "daemon-ssl-private-key", tools::wallet2::tr("Path to a PEM format private key for HTTPS client " "authentication"), ""}; const command_line::arg_descriptor daemon_ssl_certificate = { "daemon-ssl-certificate", tools::wallet2::tr("Path to a PEM format certificate for HTTPS client " "authentication"), ""}; const command_line::arg_descriptor daemon_ssl_ca_certificates = { "daemon-ssl-ca-certificates", tools::wallet2::tr("Path to a CA certificate bundle to use to verify the remote " "node's HTTPS certificate instead of using your operating " "system CAs.")}; const command_line::arg_descriptor daemon_ssl_allow_any_cert = { "daemon-ssl-allow-any-cert", tools::wallet2::tr("Make the HTTPS connection insecure by allowing any SSL " "certificate from the daemon."), false}; // Deprecated and not listed in --help const command_line::arg_descriptor daemon_host = { "daemon-host", tools::wallet2::tr("Deprecated. Use --daemon-address instead"), ""}; const command_line::arg_descriptor daemon_port = { "daemon-port", tools::wallet2::tr("Deprecated. Use --daemon-address instead"), 0}; const command_line::arg_descriptor daemon_ssl = { "daemon-ssl", tools::wallet2::tr("Deprecated. Use --daemon-address https://... instead"), ""}; const command_line::arg_descriptor password = { "password", tools::wallet2::tr("Wallet password (escape/quote as needed)"), "", true}; const command_line::arg_descriptor password_file = { "password-file", tools::wallet2::tr("Wallet password file"), "", true}; const command_line::arg_descriptor testnet = { "testnet", tools::wallet2::tr("For testnet. Daemon must also be launched with --testnet flag"), false}; const command_line::arg_descriptor devnet = { "devnet", tools::wallet2::tr("For devnet. Daemon must also be launched with --devnet flag"), false}; const command_line::arg_descriptor regtest = { "regtest", tools::wallet2::tr("For regression testing. Daemon must also be launched with " "--regtest flag"), false}; const command_line::arg_descriptor disable_rpc_long_poll = { "disable-rpc-long-poll", tools::wallet2::tr("Disable TX pool long polling functionality for instantaneous " "TX detection"), false}; const command_line::arg_descriptor shared_ringdb_dir = { "shared-ringdb-dir", tools::wallet2::tr("Set shared ring database path"), get_default_ringdb_path(), {{&testnet, &devnet, ®test}}, [](std::array test_dev_fake, bool defaulted, std::string val) -> std::string { if (test_dev_fake[0]) return (fs::u8path(val) / "testnet").u8string(); else if (test_dev_fake[1]) return (fs::u8path(val) / "devnet").u8string(); else if (test_dev_fake[2]) return (fs::u8path(val) / "fake").u8string(); return val; }}; const command_line::arg_descriptor kdf_rounds = { "kdf-rounds", tools::wallet2::tr("Number of rounds for the key derivation function"), 1}; const command_line::arg_descriptor hw_device = { "hw-device", tools::wallet2::tr("HW device to use"), ""}; const command_line::arg_descriptor hw_device_address = { "hw-device-address", tools::wallet2::tr("HW device address, if required"), ""}; const command_line::arg_descriptor hw_device_derivation_path = { "hw-device-deriv-path", tools::wallet2::tr("HW device wallet derivation path (e.g., SLIP-10)"), ""}; const command_line::arg_descriptor tx_notify = { "tx-notify", "Run a program for each new incoming transaction, '%s' will be replaced by the " "transaction hash", ""}; const command_line::arg_descriptor offline = { "offline", tools::wallet2::tr("Do not connect to a daemon"), false}; const command_line::arg_descriptor extra_entropy = { "extra-entropy", tools::wallet2::tr("File containing extra entropy to initialize the PRNG (any " "data, aim for 256 bits of entropy to be useful, wihch " "typically means more than 256 bits of data)")}; }; void do_prepare_file_names( const fs::path& file_path, fs::path& keys_file, fs::path& wallet_file #ifdef WALLET_ENABLE_MMS , fs::path& mms_file #endif ) { keys_file = file_path; wallet_file = file_path; if (keys_file.extension() == ".keys") // provided keys file name wallet_file.replace_extension(); else // provided wallet file name keys_file += ".keys"; #ifdef WALLET_ENABLE_MMS (mms_file = keys_file).replace_extension(".mms"); #endif } uint64_t calculate_fee_from_weight( byte_and_output_fees base_fees, uint64_t weight, uint64_t outputs, uint64_t fee_percent, uint64_t fee_fixed, uint64_t fee_quantization_mask) { uint64_t fee = (weight * base_fees.first + outputs * base_fees.second) * fee_percent / 100; fee = (fee + fee_quantization_mask - 1) / fee_quantization_mask * fee_quantization_mask + fee_fixed; return fee; } std::string get_weight_string(size_t weight) { return std::to_string(weight) + " weight"; } std::string get_weight_string(const cryptonote::transaction& tx, size_t blob_size) { return get_weight_string(get_transaction_weight(tx, blob_size)); } static const std::regex protocol_re{R"(^([a-zA-Z][a-zA-Z0-9+.-]*):)"}; std::unique_ptr make_basic( const boost::program_options::variables_map& vm, bool unattended, const options& opts, const std::function(const char*, bool)>& password_prompter) { const bool testnet = command_line::get_arg(vm, opts.testnet); const bool devnet = command_line::get_arg(vm, opts.devnet); const bool fakenet = command_line::get_arg(vm, opts.regtest); network_type nettype = testnet ? network_type::TESTNET : devnet ? network_type::DEVNET : fakenet ? network_type::FAKECHAIN : network_type::MAINNET; THROW_WALLET_EXCEPTION_IF( testnet + devnet + fakenet > 1, tools::error::wallet_internal_error, "At most one of --testnet, --devnet, or --regtest may be specified"); const uint64_t kdf_rounds = command_line::get_arg(vm, opts.kdf_rounds); THROW_WALLET_EXCEPTION_IF( kdf_rounds == 0, tools::error::wallet_internal_error, "KDF rounds must not be 0"); const bool use_proxy = command_line::has_arg(vm, opts.proxy); auto daemon_address = command_line::get_arg(vm, opts.daemon_address); // Deprecated: auto daemon_host = command_line::get_arg(vm, opts.daemon_host); auto daemon_port = command_line::get_arg(vm, opts.daemon_port); auto device_name = command_line::get_arg(vm, opts.hw_device); auto device_addr = command_line::get_arg(vm, opts.hw_device_address); auto device_derivation_path = command_line::get_arg(vm, opts.hw_device_derivation_path); THROW_WALLET_EXCEPTION_IF( !daemon_address.empty() && (!daemon_host.empty() || 0 != daemon_port), tools::error::wallet_internal_error, tools::wallet2::tr("--daemon-host/--daemon-port options are deprecated and cannot " "be combined with --daemon-address")); std::optional login; if (command_line::has_arg(vm, opts.daemon_login)) { login = tools::login::parse( command_line::get_arg(vm, opts.daemon_login), false, [password_prompter](bool verify) { if (!password_prompter) { log::error(logcat, "Password needed without prompt function"); return std::optional(); } return password_prompter("Daemon client password", verify); }); if (!login) return nullptr; } // if no daemon settings are given and we have a previous one, reuse that one if (command_line::is_arg_defaulted(vm, opts.daemon_host) && command_line::is_arg_defaulted(vm, opts.daemon_port) && command_line::is_arg_defaulted(vm, opts.daemon_address)) daemon_address = tools::wallet2::get_default_daemon_address(); if (daemon_address.empty()) { daemon_address = (daemon_host.empty() ? "localhost" : daemon_host) + ':' + std::to_string( daemon_port > 0 ? daemon_port : get_config(nettype).RPC_DEFAULT_PORT); } // Deprecated --daemon-ssl option: prepend https:// if there is no protocol on the daemon // address if (command_line::get_arg(vm, opts.daemon_ssl) == "enabled") { THROW_WALLET_EXCEPTION_IF( tools::starts_with(daemon_address, "http://"), tools::error::wallet_internal_error, "Deprecated --daemon-ssl=enabled option conflicts with http://... daemon URL"); if (!std::regex_search(daemon_address, protocol_re)) daemon_address.insert(0, "https://"sv); } std::string proxy; if (use_proxy) { proxy = command_line::get_arg(vm, opts.proxy); try { rpc::http_client::parse_url(proxy); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, "Failed to parse proxy address: "s + e.what()); } } bool trusted_daemon = false; try { auto [proto, host, port, url] = rpc::http_client::parse_url(daemon_address); trusted_daemon = tools::is_local_address(host); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("Invalid daemon address ") + "'"s + daemon_address + "': " + e.what()); } THROW_WALLET_EXCEPTION_IF( !command_line::is_arg_defaulted(vm, opts.trusted_daemon) && !command_line::is_arg_defaulted(vm, opts.untrusted_daemon), tools::error::wallet_internal_error, tools::wallet2::tr("--trusted-daemon and --untrusted-daemon cannot both be " "specified")); if (!command_line::is_arg_defaulted(vm, opts.trusted_daemon) || !command_line::is_arg_defaulted(vm, opts.untrusted_daemon)) trusted_daemon = command_line::get_arg(vm, opts.trusted_daemon) && !command_line::get_arg(vm, opts.untrusted_daemon); else if (trusted_daemon) log::info(logcat, tools::wallet2::tr("Daemon is local, assuming trusted")); auto wallet = std::make_unique(nettype, kdf_rounds, unattended); wallet->init( std::move(daemon_address), std::move(login), std::move(proxy), 0, trusted_daemon); auto ringdb_path = fs::u8path(command_line::get_arg(vm, opts.shared_ringdb_dir)); wallet->set_ring_database(ringdb_path); #ifdef WALLET_ENABLE_MMS wallet->get_message_store().set_options(vm); #endif wallet->device_name(device_name); wallet->device_address(device_addr); wallet->device_derivation_path(device_derivation_path); wallet->m_long_poll_disabled = command_line::get_arg(vm, opts.disable_rpc_long_poll); wallet->m_http_client.set_https_client_cert( command_line::get_arg(vm, opts.daemon_ssl_certificate), command_line::get_arg(vm, opts.daemon_ssl_private_key)); wallet->m_http_client.set_insecure_https( command_line::get_arg(vm, opts.daemon_ssl_allow_any_cert)); wallet->m_http_client.set_https_cainfo( command_line::get_arg(vm, opts.daemon_ssl_ca_certificates)); if (command_line::get_arg(vm, opts.offline)) wallet->set_offline(); const std::string extra_entropy = command_line::get_arg(vm, opts.extra_entropy); if (!extra_entropy.empty()) { std::string data; THROW_WALLET_EXCEPTION_IF( !tools::slurp_file(fs::u8path(extra_entropy), data), tools::error::wallet_internal_error, "Failed to load extra entropy from " + extra_entropy); add_extra_entropy_thread_safe(data.data(), data.size()); } try { if (!command_line::is_arg_defaulted(vm, opts.tx_notify)) wallet->set_tx_notify( std::make_shared(command_line::get_arg(vm, opts.tx_notify))); } catch (const std::exception& e) { log::error(logcat, "Failed to parse tx notify spec"); } return wallet; } std::optional get_password( const boost::program_options::variables_map& vm, const options& opts, const std::function(const char*, bool)>& password_prompter, const bool verify) { if (command_line::has_arg(vm, opts.password) && command_line::has_arg(vm, opts.password_file)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("can't specify more than one of --password and " "--password-file")); } if (command_line::has_arg(vm, opts.password)) { return tools::password_container{command_line::get_arg(vm, opts.password)}; } if (command_line::has_arg(vm, opts.password_file)) { std::string password; bool r = tools::slurp_file( fs::u8path(command_line::get_arg(vm, opts.password_file)), password); THROW_WALLET_EXCEPTION_IF( !r, tools::error::wallet_internal_error, tools::wallet2::tr("the password file specified could not be read")); // Remove line breaks the user might have inserted while (!password.empty() && (password.back() == '\r' || password.back() == '\n')) password.pop_back(); return {tools::password_container{std::move(password)}}; } THROW_WALLET_EXCEPTION_IF( !password_prompter, tools::error::wallet_internal_error, tools::wallet2::tr("no password specified; use --prompt-for-password to prompt for " "a password")); return password_prompter( verify ? tools::wallet2::tr("Enter a new password for the wallet") : tools::wallet2::tr("Wallet password"), verify); } #define GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, name, type, jtype, mandatory, def) \ type field_##name = static_cast(def); \ bool field_##name##_found = false; \ (void)field_##name##_found; \ do \ if (json.HasMember(#name)) { \ if (json[#name].Is##jtype()) { \ field_##name = static_cast(json[#name].Get##jtype()); \ field_##name##_found = true; \ } else { \ oxen::log::error(logcat, "Field {} found in JSON, but not {}", #name, #jtype); \ return false; \ } \ } else if (mandatory) { \ oxen::log::error(logcat, "Field {} not found in JSON", #name); \ return false; \ } \ while (0) std::pair, tools::password_container> generate_from_json( const fs::path& json_file, const boost::program_options::variables_map& vm, bool unattended, const options& opts, const std::function(const char*, bool)>& password_prompter) { const bool testnet = command_line::get_arg(vm, opts.testnet); const bool devnet = command_line::get_arg(vm, opts.devnet); const network_type nettype = testnet ? network_type::TESTNET : devnet ? network_type::DEVNET : network_type::MAINNET; /* GET_FIELD_FROM_JSON_RETURN_ON_ERROR Is a generic macro that can return false. Gcc will coerce this into unique_ptr(nullptr), but clang correctly fails. This large wrapper is for the use of that macro */ std::unique_ptr wallet; epee::wipeable_string password; const auto do_generate = [&]() -> bool { std::string buf; if (!tools::slurp_file(json_file, buf)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, std::string(tools::wallet2::tr("Failed to load file ")) + json_file.u8string()); return false; } rapidjson::Document json; if (json.Parse(buf.c_str()).HasParseError()) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("Failed to parse JSON")); return false; } GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, version, unsigned, Uint, true, 0); const int current_version = 1; THROW_WALLET_EXCEPTION_IF( field_version > current_version, tools::error::wallet_internal_error, fmt::format( tools::wallet2::tr("Version {:d} too new; this wallet only supports up " "to {:d}"), field_version, current_version)); GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, filename, std::string, String, true, std::string()); GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, scan_from_height, uint64_t, Uint64, false, 0); const bool recover = true; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, password, std::string, String, false, std::string()); GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, viewkey, std::string, String, false, std::string()); crypto::secret_key viewkey; if (field_viewkey_found) { if (!tools::hex_to_type(field_viewkey, viewkey)) THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to parse view key secret key")); crypto::public_key pkey; if (!viewkey) THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("view secret key may not be all zeroes")); if (!crypto::secret_key_to_public_key(viewkey, pkey)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify view key secret key")); } } GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, spendkey, std::string, String, false, std::string()); crypto::secret_key spendkey; if (field_spendkey_found) { if (!tools::hex_to_type(field_spendkey, spendkey)) THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to parse spend key secret key")); crypto::public_key pkey; if (!spendkey) THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("spend secret key may not be all zeroes")); if (!crypto::secret_key_to_public_key(spendkey, pkey)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify spend key secret key")); } } GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, seed, std::string, String, false, std::string()); std::string old_language; crypto::secret_key recovery_key; bool restore_deterministic_wallet = false; if (field_seed_found) { if (!crypto::ElectrumWords::words_to_bytes( field_seed, recovery_key, old_language)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("Electrum-style word list failed verification")); } restore_deterministic_wallet = true; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, seed_passphrase, std::string, String, false, std::string()); if (field_seed_passphrase_found) { if (!field_seed_passphrase.empty()) recovery_key = cryptonote::decrypt_key(recovery_key, field_seed_passphrase); } } GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, address, std::string, String, false, std::string()); GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, create_address_file, int, Int, false, false); bool create_address_file = field_create_address_file; // compatibility checks if (!field_seed_found && !field_viewkey_found && !field_spendkey_found) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("At least one of either an Electrum-style word list, " "private view key, or private spend key must be " "specified")); } if (field_seed_found && (field_viewkey_found || field_spendkey_found)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("Both Electrum-style word list and private key(s) " "specified")); } // if an address was given, we check keys against it, and deduce the spend // public key if it was not given if (field_address_found) { cryptonote::address_parse_info info; if (!get_account_address_from_str(info, nettype, field_address)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("invalid address")); } if (field_viewkey_found) { crypto::public_key pkey; if (!crypto::secret_key_to_public_key(viewkey, pkey)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify view key secret key")); } if (info.address.m_view_public_key != pkey) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("view key does not match standard address")); } } if (field_spendkey_found) { crypto::public_key pkey; if (!crypto::secret_key_to_public_key(spendkey, pkey)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify spend key secret key")); } if (info.address.m_spend_public_key != pkey) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("spend key does not match standard address")); } } } const bool deprecated_wallet = restore_deterministic_wallet && ((old_language == crypto::ElectrumWords::old_language_name) || crypto::ElectrumWords::get_is_old_style_seed(field_seed)); THROW_WALLET_EXCEPTION_IF( deprecated_wallet, tools::error::wallet_internal_error, tools::wallet2::tr("Cannot generate deprecated wallets from JSON")); wallet.reset(make_basic(vm, unattended, opts, password_prompter).release()); wallet->set_refresh_from_block_height(field_scan_from_height); wallet->explicit_refresh_from_block_height(field_scan_from_height_found); if (!old_language.empty()) wallet->set_seed_language(old_language); try { if (!field_seed.empty()) { wallet->generate( field_filename, field_password, recovery_key, recover, false, create_address_file); password = field_password; } else if (field_viewkey.empty() && !field_spendkey.empty()) { wallet->generate( field_filename, field_password, spendkey, recover, false, create_address_file); password = field_password; } else { cryptonote::account_public_address address; if (!crypto::secret_key_to_public_key(viewkey, address.m_view_public_key)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify view key secret key")); } if (field_spendkey.empty()) { // if we have an address but no spend key, we can deduce the spend public // key from the address if (field_address_found) { cryptonote::address_parse_info info; if (!get_account_address_from_str(info, nettype, field_address)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, std::string(tools::wallet2::tr("failed to parse " "address: ")) + field_address); } address.m_spend_public_key = info.address.m_spend_public_key; } else { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("Address must be specified in order to " "create watch-only wallet")); } wallet->generate( field_filename, field_password, address, viewkey, create_address_file); password = field_password; } else { if (!crypto::secret_key_to_public_key( spendkey, address.m_spend_public_key)) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify spend key secret key")); } wallet->generate( field_filename, field_password, address, spendkey, viewkey, create_address_file); password = field_password; } } } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( tools::error::wallet_internal_error, std::string(tools::wallet2::tr("failed to generate new wallet: ")) + e.what()); } return true; }; if (do_generate()) { return {std::move(wallet), tools::password_container(password)}; } return {nullptr, tools::password_container{}}; } bool emplace_or_replace( std::unordered_multimap& container, const crypto::hash& key, const tools::wallet2::pool_payment_details& pd) { for (auto [i, end] = container.equal_range(key); i != end; ++i) { if (i->second.m_pd.m_tx_hash == pd.m_pd.m_tx_hash && i->second.m_pd.m_subaddr_index == pd.m_pd.m_subaddr_index) { i->second = pd; return false; } } container.emplace(key, pd); return true; } void drop_from_short_history(std::list& short_chain_history, size_t N) { // drop early N off, skipping the genesis block if (short_chain_history.size() > N) { auto right = short_chain_history.end(); std::advance(right, -1); auto left = right; std::advance(left, -N); short_chain_history.erase(left, right); } } size_t estimate_rct_tx_size( int n_inputs, int mixin, int n_outputs, size_t extra_size, bool clsag) { size_t size = 0; // tx prefix // first few bytes size += 1 + 6; // vin size += n_inputs * (1 + 6 + (mixin + 1) * 2 + 32); // vout size += n_outputs * (6 + 32); // extra size += extra_size; // rct signatures // type size += 1; // rangeSigs size_t log_padded_outputs = 0; while ((1 << log_padded_outputs) < n_outputs) ++log_padded_outputs; size += (2 * (6 + log_padded_outputs) + 4 + 5) * 32 + 3; // MGs/CLSAGs if (clsag) size += n_inputs * (32 * (mixin + 1) + 64); else size += n_inputs * (64 * (mixin + 1) + 32); // mixRing - not serialized, can be reconstructed /* size += 2 * 32 * (mixin+1) * n_inputs; */ // pseudoOuts size += 32 * n_inputs; // ecdhInfo size += 8 * n_outputs; // outPk - only commitment is saved size += 32 * n_outputs; // txnFee size += 4; log::debug( logcat, "estimated bulletproof rct tx size for {} inputs with ring size {} and {} outputs: " "{} ({} saved)", n_inputs, (mixin + 1), n_outputs, size, ((32 * n_inputs /*+1*/) + 2 * 32 * (mixin + 1) * n_inputs + 32 * n_outputs)); return size; } uint64_t estimate_tx_weight( int n_inputs, int mixin, int n_outputs, size_t extra_size, bool clsag) { size_t size = estimate_rct_tx_size(n_inputs, mixin, n_outputs, extra_size, clsag); if (n_outputs > 2) { const uint64_t bp_base = 368; size_t log_padded_outputs = 2; while ((1 << log_padded_outputs) < n_outputs) ++log_padded_outputs; uint64_t nlr = 2 * (6 + log_padded_outputs); const uint64_t bp_size = 32 * (9 + nlr); const uint64_t bp_clawback = (bp_base * (1 << log_padded_outputs) - bp_size) * 4 / 5; log::debug(logcat, "clawback on size {}: {}", size, bp_clawback); size += bp_clawback; } return size; } uint64_t estimate_fee( int n_inputs, int mixin, int n_outputs, size_t extra_size, bool clsag, byte_and_output_fees base_fees, uint64_t fee_percent, uint64_t fee_fixed, uint64_t fee_quantization_mask) { const size_t estimated_tx_weight = estimate_tx_weight(n_inputs, mixin, n_outputs, extra_size, clsag); return calculate_fee_from_weight( base_fees, estimated_tx_weight, n_outputs, fee_percent, fee_fixed, fee_quantization_mask); } uint64_t calculate_fee( const cryptonote::transaction& tx, size_t blob_size, byte_and_output_fees base_fees, uint64_t fee_percent, uint64_t fee_fixed, uint64_t fee_quantization_mask) { return calculate_fee_from_weight( base_fees, cryptonote::get_transaction_weight(tx, blob_size), tx.vout.size(), fee_percent, fee_fixed, fee_quantization_mask); } bool get_short_payment_id( crypto::hash8& payment_id8, const tools::wallet2::pending_tx& ptx, hw::device& hwdev) { std::vector tx_extra_fields; parse_tx_extra(ptx.tx.extra, tx_extra_fields); // ok if partially parsed cryptonote::tx_extra_nonce extra_nonce; if (find_tx_extra_field_by_type(tx_extra_fields, extra_nonce)) { if (get_encrypted_payment_id_from_tx_extra_nonce(extra_nonce.nonce, payment_id8)) { if (ptx.dests.empty()) { log::warning( logcat, "Encrypted payment id found, but no destinations public key, cannot " "decrypt"); return false; } return hwdev.decrypt_payment_id( payment_id8, ptx.dests[0].addr.m_view_public_key, ptx.tx_key); } } return false; } wallet::tx_construction_data get_construction_data_with_decrypted_short_payment_id( const tools::wallet2::pending_tx& ptx, hw::device& hwdev) { wallet::tx_construction_data construction_data = ptx.construction_data; crypto::hash8 payment_id{}; if (get_short_payment_id(payment_id, ptx, hwdev)) { // Remove encrypted remove_field_from_tx_extra(construction_data.extra); // Add decrypted std::string extra_nonce; set_encrypted_payment_id_to_tx_extra_nonce(extra_nonce, payment_id); THROW_WALLET_EXCEPTION_IF( !add_extra_nonce_to_tx_extra(construction_data.extra, extra_nonce), tools::error::wallet_internal_error, "Failed to add decrypted payment id to tx extra"); log::info(logcat, "Decrypted payment ID: {}", payment_id); } return construction_data; } uint32_t get_subaddress_clamped_sum(uint32_t idx, uint32_t extra) { constexpr uint32_t uint32_max = std::numeric_limits::max(); if (idx > uint32_max - extra) return uint32_max; return idx + extra; } void setup_shim(hw::wallet_shim* shim, tools::wallet2* wallet) { shim->get_tx_pub_key_from_received_outs = [wallet](const auto& td) { return wallet->get_tx_pub_key_from_received_outs(td); }; } bool get_pruned_tx( const nlohmann::json& entry, cryptonote::transaction& tx, crypto::hash& tx_hash) { std::string bd; // easy case if we have the whole tx if (entry["as_hex"] || (entry["prunable"] && entry["pruned"])) { std::string hex_blob; if (entry["as_hex"]) hex_blob = entry["as_hex"].get(); else hex_blob = entry["pruned"].get() + entry["prunable"].get(); CHECK_AND_ASSERT_MES(oxenc::is_hex(hex_blob), false, "Invalid tx data"); bd = oxenc::from_hex(hex_blob); CHECK_AND_ASSERT_MES( cryptonote::parse_and_validate_tx_from_blob(bd, tx), false, "Invalid tx data"); tx_hash = cryptonote::get_transaction_hash(tx); // if the hash was given, check it matches CHECK_AND_ASSERT_MES( entry["tx_hash"].empty() || tools::type_to_hex(tx_hash) == entry["tx_hash"], false, "Response claims a different hash than the data yields"); return true; } // case of a pruned tx with its prunable data hash if (entry["pruned"] && entry["prunable_hash"]) { crypto::hash ph; CHECK_AND_ASSERT_MES( tools::hex_to_type(entry["prunable_hash"].get(), ph), false, "Failed to parse prunable hash"); CHECK_AND_ASSERT_MES( oxenc::is_hex(entry["pruned"].get()), false, "Invalid pruned tx entry"); bd = oxenc::from_hex(entry["pruned"].get()); CHECK_AND_ASSERT_MES( parse_and_validate_tx_base_from_blob(bd, tx), false, "Invalid base tx data"); // only v2 txes can calculate their txid after pruned if (bd[0] > 1) { tx_hash = cryptonote::get_pruned_transaction_hash(tx, ph); } else { // for v1, we trust the dameon CHECK_AND_ASSERT_MES( tools::hex_to_type(entry["tx_hash"].get(), tx_hash), false, "Failed to parse tx hash"); } return true; } return false; } //----------------------------------------------------------------- } // namespace const char* wallet2::ERR_MSG_NETWORK_VERSION_QUERY_FAILED = tr("Could not query the current network version, try later"); const char* wallet2::ERR_MSG_NETWORK_HEIGHT_QUERY_FAILED = tr("Could not query the current network block height, try later: "); const char* wallet2::ERR_MSG_SERVICE_NODE_LIST_QUERY_FAILED = tr("Failed to query daemon for service node list"); const char* wallet2::ERR_MSG_TOO_MANY_TXS_CONSTRUCTED = tr("Constructed too many transations, please sweep_all first"); const char* wallet2::ERR_MSG_EXCEPTION_THROWN = tr("Exception thrown, staking process could not be completed: "); const char* wallet2::tr(const char* str) { return i18n_translate(str, "tools::wallet2"); } gamma_picker::gamma_picker(const std::vector& rct_offsets, double shape, double scale) : rct_offsets(rct_offsets) { gamma = std::gamma_distribution(shape, scale); THROW_WALLET_EXCEPTION_IF( rct_offsets.size() <= DEFAULT_TX_SPENDABLE_AGE, error::wallet_internal_error, "Bad offset calculation"); const size_t blocks_in_a_year = BLOCKS_PER_DAY * 365; const size_t blocks_to_consider = std::min(rct_offsets.size(), blocks_in_a_year); const double outputs_to_consider = rct_offsets.back() - (blocks_to_consider < rct_offsets.size() ? rct_offsets[rct_offsets.size() - blocks_to_consider - 1] : 0); begin = rct_offsets.data(); end = rct_offsets.data() + rct_offsets.size() - DEFAULT_TX_SPENDABLE_AGE; num_rct_outputs = *(end - 1); THROW_WALLET_EXCEPTION_IF(num_rct_outputs == 0, error::wallet_internal_error, "No rct outputs"); average_output_time = tools::to_seconds(TARGET_BLOCK_TIME) * blocks_to_consider / outputs_to_consider; // this assumes constant target over the whole rct range }; gamma_picker::gamma_picker(const std::vector& rct_offsets) : gamma_picker(rct_offsets, GAMMA_SHAPE, GAMMA_SCALE) {} uint64_t gamma_picker::pick() { double x = gamma(engine); x = exp(x); uint64_t output_index = x / average_output_time; if (output_index >= num_rct_outputs) return std::numeric_limits::max(); // bad pick output_index = num_rct_outputs - 1 - output_index; const uint64_t* it = std::lower_bound(begin, end, output_index); THROW_WALLET_EXCEPTION_IF(it == end, error::wallet_internal_error, "output_index not found"); uint64_t index = std::distance(begin, it); const uint64_t first_rct = index == 0 ? 0 : rct_offsets[index - 1]; const uint64_t n_rct = rct_offsets[index] - first_rct; if (n_rct == 0) return std::numeric_limits::max(); // bad pick log::trace(logcat, "Picking 1/{} in block {}", n_rct, index); return first_rct + crypto::rand_idx(n_rct); }; std::mutex wallet_keys_unlocker::lockers_mutex; unsigned int wallet_keys_unlocker::lockers = 0; wallet_keys_unlocker::wallet_keys_unlocker( wallet2& w, const std::optional& password) : w(w), locked((bool)password) { std::lock_guard lock{lockers_mutex}; if (lockers++ > 0) locked = false; if (!locked || w.is_unattended() || w.ask_password() != tools::wallet2::AskPasswordToDecrypt || w.watch_only()) { locked = false; return; } const epee::wipeable_string pass = password->password(); w.generate_chacha_key_from_password(pass, key); w.decrypt_keys(key); } wallet_keys_unlocker::wallet_keys_unlocker( wallet2& w, bool locked, const epee::wipeable_string& password) : w(w), locked(locked) { std::lock_guard lock{lockers_mutex}; if (lockers++ > 0) locked = false; if (!locked) return; w.generate_chacha_key_from_password(password, key); w.decrypt_keys(key); } wallet_keys_unlocker::~wallet_keys_unlocker() { try { std::lock_guard lock{lockers_mutex}; if (lockers == 0) { log::error(logcat, "There are no lockers in wallet_keys_unlocker dtor"); return; } --lockers; if (!locked) return; w.encrypt_keys(key); } catch (...) { log::error(logcat, "Failed to re-encrypt wallet keys"); // do not propagate through dtor, we'd crash } } void wallet_device_callback::on_button_request(uint64_t code) { if (wallet) wallet->on_device_button_request(code); } void wallet_device_callback::on_button_pressed() { if (wallet) wallet->on_device_button_pressed(); } std::optional wallet_device_callback::on_pin_request() { if (wallet) return wallet->on_device_pin_request(); return std::nullopt; } std::optional wallet_device_callback::on_passphrase_request( bool& on_device) { if (wallet) return wallet->on_device_passphrase_request(on_device); else on_device = true; return std::nullopt; } void wallet_device_callback::on_progress(const hw::device_progress& event) { if (wallet) wallet->on_device_progress(event); } wallet2::wallet2(network_type nettype, uint64_t kdf_rounds, bool unattended) : m_multisig_rescan_info(nullptr), m_multisig_rescan_k(nullptr), m_upper_transaction_weight_limit(0), m_run(true), m_callback(nullptr), m_trusted_daemon(false), m_nettype(nettype), m_multisig_rounds_passed(0), m_always_confirm_transfers(true), m_print_ring_members(false), m_store_tx_info(true), m_default_priority(0), m_refresh_type(RefreshOptimizeCoinbase), m_auto_refresh(true), m_first_refresh_done(false), m_refresh_from_block_height(0), m_explicit_refresh_from_block_height(true), m_confirm_non_default_ring_size(true), m_ask_password(AskPasswordToDecrypt), m_min_output_count(0), m_min_output_value(0), m_merge_destinations(false), m_confirm_backlog(true), m_confirm_backlog_threshold(0), m_confirm_export_overwrite(true), m_segregate_pre_fork_outputs(true), m_key_reuse_mitigation2(true), m_segregation_height(0), m_ignore_outputs_above(oxen::MONEY_SUPPLY), m_ignore_outputs_below(0), m_track_uses(false), m_inactivity_lock_timeout( m_nettype == network_type::MAINNET ? DEFAULT_INACTIVITY_LOCK_TIMEOUT : 0s), m_is_initialized(false), m_kdf_rounds(kdf_rounds), is_old_file_format(false), m_watch_only(false), m_multisig(false), m_multisig_threshold(0), m_node_rpc_proxy(m_http_client), m_account_public_address{ crypto::null, crypto::null}, m_subaddress_lookahead_major(SUBADDRESS_LOOKAHEAD_MAJOR), m_subaddress_lookahead_minor(SUBADDRESS_LOOKAHEAD_MINOR), m_original_keys_available(false), m_key_device_type(hw::device::type::SOFTWARE), m_ring_history_saved(false), m_ringdb(), m_last_block_reward(0), m_encrypt_keys_after_refresh(std::nullopt), m_decrypt_keys_lockers(0), m_unattended(unattended), m_devices_registered(false), m_device_last_key_image_sync(0), m_offline(false), m_rpc_version(0) {} wallet2::~wallet2() {} bool wallet2::has_testnet_option(const boost::program_options::variables_map& vm) { return command_line::get_arg(vm, options().testnet); } bool wallet2::has_disable_rpc_long_poll(const boost::program_options::variables_map& vm) { return command_line::get_arg(vm, options().disable_rpc_long_poll); } bool wallet2::has_devnet_option(const boost::program_options::variables_map& vm) { return command_line::get_arg(vm, options().devnet); } std::vector wallet2::has_deprecated_options( const boost::program_options::variables_map& vm) { std::vector warnings; // These are deprecated as of oxen 8.x: if (!command_line::is_arg_defaulted(vm, options().daemon_host)) warnings.emplace_back("--daemon-host. Use '--daemon-address http://HOSTNAME' instead"); if (!command_line::is_arg_defaulted(vm, options().daemon_port)) warnings.emplace_back("--daemon-port. Use '--daemon-address http://HOSTNAME:PORT' instead"); if (!command_line::is_arg_defaulted(vm, options().daemon_ssl)) warnings.emplace_back( "--daemon-ssl has no effect. Use '--daemon-address https://...' instead"); return warnings; } std::string wallet2::device_name_option(const boost::program_options::variables_map& vm) { return command_line::get_arg(vm, options().hw_device); } std::string wallet2::device_derivation_path_option( const boost::program_options::variables_map& vm) { return command_line::get_arg(vm, options().hw_device_derivation_path); } void wallet2::init_options( boost::program_options::options_description& desc_params, boost::program_options::options_description& hidden_params) { const options opts{}; command_line::add_arg(desc_params, opts.daemon_address); // deprecated: command_line::add_arg(hidden_params, opts.daemon_host); command_line::add_arg(hidden_params, opts.daemon_port); command_line::add_arg(hidden_params, opts.daemon_ssl); command_line::add_arg(desc_params, opts.daemon_login); command_line::add_arg(desc_params, opts.proxy); command_line::add_arg(desc_params, opts.trusted_daemon); command_line::add_arg(desc_params, opts.untrusted_daemon); command_line::add_arg(desc_params, opts.daemon_ssl_private_key); command_line::add_arg(desc_params, opts.daemon_ssl_certificate); command_line::add_arg(desc_params, opts.daemon_ssl_ca_certificates); command_line::add_arg(desc_params, opts.daemon_ssl_allow_any_cert); command_line::add_arg(desc_params, opts.password); command_line::add_arg(desc_params, opts.password_file); command_line::add_arg(desc_params, opts.testnet); command_line::add_arg(desc_params, opts.devnet); command_line::add_arg(desc_params, opts.regtest); command_line::add_arg(desc_params, opts.shared_ringdb_dir); command_line::add_arg(desc_params, opts.kdf_rounds); #ifdef WALLET_ENABLE_MMS mms::message_store::init_options(desc_params); #endif command_line::add_arg(desc_params, opts.hw_device); command_line::add_arg(desc_params, opts.hw_device_address); command_line::add_arg(desc_params, opts.hw_device_derivation_path); command_line::add_arg(desc_params, opts.tx_notify); command_line::add_arg(desc_params, opts.offline); command_line::add_arg(desc_params, opts.disable_rpc_long_poll); command_line::add_arg(desc_params, opts.extra_entropy); } std::pair, tools::password_container> wallet2::make_from_json( const boost::program_options::variables_map& vm, bool unattended, const fs::path& json_file, const std::function(const char*, bool)>& password_prompter) { const options opts{}; return generate_from_json(json_file, vm, unattended, opts, password_prompter); } std::pair, password_container> wallet2::make_from_file( const boost::program_options::variables_map& vm, bool unattended, const fs::path& wallet_file, const std::function(const char*, bool)>& password_prompter) { const options opts{}; auto pwd = get_password(vm, opts, password_prompter, false); if (!pwd) { return {nullptr, password_container{}}; } auto wallet = make_basic(vm, unattended, opts, password_prompter); if (wallet && !wallet_file.empty()) { wallet->load(wallet_file, pwd->password()); } return {std::move(wallet), std::move(*pwd)}; } std::pair, password_container> wallet2::make_new( const boost::program_options::variables_map& vm, bool unattended, const std::function(const char*, bool)>& password_prompter) { const options opts{}; auto pwd = get_password(vm, opts, password_prompter, true); if (!pwd) { return {nullptr, password_container{}}; } return {make_basic(vm, unattended, opts, password_prompter), std::move(*pwd)}; } std::unique_ptr wallet2::make_dummy( const boost::program_options::variables_map& vm, bool unattended, const std::function(const char*, bool)>& password_prompter) { const options opts{}; return make_basic(vm, unattended, opts, password_prompter); } std::string wallet2::get_default_daemon_address() { std::lock_guard lock{default_daemon_address_mutex}; return default_daemon_address; } //---------------------------------------------------------------------------------------------------- bool wallet2::set_daemon( std::string daemon_address, std::optional daemon_login, std::string proxy, bool trusted_daemon) { // If we're given a raw address, prepend http, and (possibly) append the default port if (!tools::starts_with(daemon_address, "http://") && !tools::starts_with(daemon_address, "https://")) { if (auto pos = daemon_address.find(':'); pos == std::string::npos) daemon_address += ":" + std::to_string(cryptonote::get_config(m_nettype).RPC_DEFAULT_PORT); daemon_address.insert(0, "http://"sv); } bool localhost = false; try { auto [proto, host, port, uri] = rpc::http_client::parse_url(daemon_address); localhost = tools::is_local_address(host); } catch (const rpc::http_client_error& e) { log::warning(logcat, "Invalid daemon URL: "s + e.what()); return false; } m_http_client.set_base_url(daemon_address); m_http_client.set_timeout(rpc_timeout); if (daemon_login) m_http_client.set_auth(daemon_login->username, daemon_login->password.password().view()); else m_http_client.set_auth(); // If the proxy is given but starts with an address/hostname then prepend `socks4a://`. // Use a regex here rather than parsing the URL (as above) because you might want to specify // authentication info (e.g. with an HTTP or SOCKS5 proxy), which parse_url doesn't handle. if (!proxy.empty() && !std::regex_search(proxy, protocol_re)) proxy.insert(0, "socks4a://"sv); m_http_client.set_proxy(std::move(proxy)); m_trusted_daemon = trusted_daemon; // Copy everything to the long poll client as well: m_long_poll_client.copy_params_from(m_http_client); m_long_poll_local = localhost; m_node_rpc_proxy.invalidate(); std::string url = m_http_client.get_base_url(); log::info(logcat, "set daemon to {}", (url.empty() ? "(none, offline)" : url)); { std::lock_guard lock{default_daemon_address_mutex}; default_daemon_address = std::move(url); } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::init( std::string daemon_address, std::optional daemon_login, std::string proxy, uint64_t upper_transaction_weight_limit, bool trusted_daemon) { if (!set_daemon( std::move(daemon_address), std::move(daemon_login), std::move(proxy), trusted_daemon)) return false; m_is_initialized = true; m_upper_transaction_weight_limit = upper_transaction_weight_limit; return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::is_deterministic() const { crypto::secret_key second; keccak((uint8_t*)&get_account().get_keys().m_spend_secret_key, sizeof(crypto::secret_key), (uint8_t*)&second, sizeof(crypto::secret_key)); sc_reduce32((uint8_t*)&second); return second == get_account().get_keys().m_view_secret_key; } //---------------------------------------------------------------------------------------------------- bool wallet2::get_seed( epee::wipeable_string& electrum_words, const epee::wipeable_string& passphrase) const { bool keys_deterministic = is_deterministic(); if (!keys_deterministic) { std::cout << "This is not a deterministic wallet" << std::endl; return false; } if (seed_language.empty()) { std::cout << "seed_language not set" << std::endl; return false; } crypto::secret_key key = get_account().get_keys().m_spend_secret_key; if (!passphrase.empty()) key = cryptonote::encrypt_key(key, passphrase); if (!crypto::ElectrumWords::bytes_to_words(key, electrum_words, seed_language)) { std::cout << "Failed to create seed from key for language: " << seed_language << std::endl; return false; } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::get_multisig_seed( epee::wipeable_string& seed, const epee::wipeable_string& passphrase, bool raw) const { bool ready; uint32_t threshold, total; if (!multisig(&ready, &threshold, &total)) { std::cout << "This is not a multisig wallet" << std::endl; return false; } if (!ready) { std::cout << "This multisig wallet is not yet finalized" << std::endl; return false; } if (!raw && seed_language.empty()) { std::cout << "seed_language not set" << std::endl; return false; } crypto::secret_key skey; crypto::public_key pkey; const account_keys& keys = get_account().get_keys(); epee::wipeable_string data; data.append((const char*)&threshold, sizeof(uint32_t)); data.append((const char*)&total, sizeof(uint32_t)); skey = keys.m_spend_secret_key; data.append((const char*)&skey, sizeof(skey)); pkey = keys.m_account_address.m_spend_public_key; data.append((const char*)&pkey, sizeof(pkey)); skey = keys.m_view_secret_key; data.append((const char*)&skey, sizeof(skey)); pkey = keys.m_account_address.m_view_public_key; data.append((const char*)&pkey, sizeof(pkey)); for (const auto& skey : keys.m_multisig_keys) data.append((const char*)&skey, sizeof(skey)); for (const auto& signer : m_multisig_signers) data.append((const char*)&signer, sizeof(signer)); if (!passphrase.empty()) { crypto::secret_key key; crypto::cn_slow_hash( passphrase.data(), passphrase.size(), (crypto::hash&)key, crypto::cn_slow_hash_type::heavy_v1); sc_reduce32(key.data()); data = encrypt(data.view(), key, true); } if (raw) { epee::wipeable_string seed; seed.reserve(oxenc::to_hex_size(data.size())); oxenc::to_hex(data.data(), data.data() + data.size(), std::back_inserter(seed)); } else { if (!crypto::ElectrumWords::bytes_to_words( reinterpret_cast(data.data()), data.size(), seed, seed_language)) { std::cout << "Failed to encode seed"; return false; } } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::reconnect_device() { bool r = true; hw::device& hwdev = lookup_device(m_device_name); hwdev.set_name(m_device_name); hwdev.set_address(m_device_address); hwdev.set_network_type(m_nettype); hwdev.set_derivation_path(m_device_derivation_path); hwdev.set_callback(get_device_callback()); r = hwdev.init(); if (!r) { log::error(logcat, "Could not init device"); return false; } r = hwdev.connect(); if (!r) { log::error(logcat, "Could not connect to the device"); return false; } m_account.set_device(hwdev); return true; } //---------------------------------------------------------------------------------------------------- /*! * \brief Gets the seed language */ const std::string& wallet2::get_seed_language() const { return seed_language; } /*! * \brief Sets the seed language * \param language Seed language to set to */ void wallet2::set_seed_language(const std::string& language) { seed_language = language; } //---------------------------------------------------------------------------------------------------- cryptonote::account_public_address wallet2::get_subaddress( const cryptonote::subaddress_index& index) const { hw::device& hwdev = m_account.get_device(); return hwdev.get_subaddress(m_account.get_keys(), index); } //---------------------------------------------------------------------------------------------------- std::optional wallet2::get_subaddress_index( const cryptonote::account_public_address& address) const { auto index = m_subaddresses.find(address.m_spend_public_key); if (index == m_subaddresses.end()) return std::nullopt; return index->second; } //---------------------------------------------------------------------------------------------------- crypto::public_key wallet2::get_subaddress_spend_public_key( const cryptonote::subaddress_index& index) const { hw::device& hwdev = m_account.get_device(); return hwdev.get_subaddress_spend_public_key(m_account.get_keys(), index); } //---------------------------------------------------------------------------------------------------- std::string wallet2::get_subaddress_as_str(const cryptonote::subaddress_index& index) const { cryptonote::account_public_address address = get_subaddress(index); return cryptonote::get_account_address_as_str(m_nettype, !index.is_zero(), address); } //---------------------------------------------------------------------------------------------------- std::string wallet2::get_integrated_address_as_str(const crypto::hash8& payment_id) const { return cryptonote::get_account_integrated_address_as_str(m_nettype, get_address(), payment_id); } //---------------------------------------------------------------------------------------------------- void wallet2::add_subaddress_account(const std::string& label) { uint32_t index_major = (uint32_t)get_num_subaddress_accounts(); expand_subaddresses({index_major, 0}); m_subaddress_labels[index_major][0] = label; } //---------------------------------------------------------------------------------------------------- void wallet2::add_subaddress(uint32_t index_major, const std::string& label) { THROW_WALLET_EXCEPTION_IF( index_major >= m_subaddress_labels.size(), error::account_index_outofbound); uint32_t index_minor = (uint32_t)get_num_subaddresses(index_major); expand_subaddresses({index_major, index_minor}); m_subaddress_labels[index_major][index_minor] = label; } //---------------------------------------------------------------------------------------------------- bool wallet2::should_expand(const cryptonote::subaddress_index& index) const { const uint32_t last_major = m_subaddress_labels.size() - 1 > (std::numeric_limits::max() - m_subaddress_lookahead_major) ? std::numeric_limits::max() : (m_subaddress_labels.size() + m_subaddress_lookahead_major - 1); if (index.major > last_major) return false; const size_t nsub = index.major < m_subaddress_labels.size() ? m_subaddress_labels[index.major].size() : 0; const uint32_t last_minor = nsub - 1 > (std::numeric_limits::max() - m_subaddress_lookahead_minor) ? std::numeric_limits::max() : (nsub + m_subaddress_lookahead_minor - 1); if (index.minor > last_minor) return false; return true; } //---------------------------------------------------------------------------------------------------- void wallet2::expand_subaddresses(const cryptonote::subaddress_index& index) { hw::device& hwdev = m_account.get_device(); if (m_subaddress_labels.size() <= index.major) { // add new accounts cryptonote::subaddress_index index2; const uint32_t major_end = get_subaddress_clamped_sum(index.major, m_subaddress_lookahead_major); for (index2.major = m_subaddress_labels.size(); index2.major < major_end; ++index2.major) { const uint32_t end = get_subaddress_clamped_sum( (index2.major == index.major ? index.minor : 0), m_subaddress_lookahead_minor); const std::vector pkeys = hwdev.get_subaddress_spend_public_keys( m_account.get_keys(), index2.major, 0, end); for (index2.minor = 0; index2.minor < end; ++index2.minor) { const crypto::public_key& D = pkeys[index2.minor]; m_subaddresses[D] = index2; } } m_subaddress_labels.resize(index.major + 1, {"Untitled account"}); m_subaddress_labels[index.major].resize(index.minor + 1); get_account_tags(); } else if (m_subaddress_labels[index.major].size() <= index.minor) { // add new subaddresses const uint32_t end = get_subaddress_clamped_sum(index.minor, m_subaddress_lookahead_minor); const uint32_t begin = m_subaddress_labels[index.major].size(); cryptonote::subaddress_index index2 = {index.major, begin}; const std::vector pkeys = hwdev.get_subaddress_spend_public_keys( m_account.get_keys(), index2.major, index2.minor, end); for (; index2.minor < end; ++index2.minor) { const crypto::public_key& D = pkeys[index2.minor - begin]; m_subaddresses[D] = index2; } m_subaddress_labels[index.major].resize(index.minor + 1); } } //---------------------------------------------------------------------------------------------------- std::string wallet2::get_subaddress_label(const cryptonote::subaddress_index& index) const { if (index.major >= m_subaddress_labels.size() || index.minor >= m_subaddress_labels[index.major].size()) { log::error(logcat, "Subaddress label doesn't exist"); return ""; } return m_subaddress_labels[index.major][index.minor]; } //---------------------------------------------------------------------------------------------------- void wallet2::set_subaddress_label( const cryptonote::subaddress_index& index, const std::string& label) { THROW_WALLET_EXCEPTION_IF( index.major >= m_subaddress_labels.size(), error::account_index_outofbound); THROW_WALLET_EXCEPTION_IF( index.minor >= m_subaddress_labels[index.major].size(), error::address_index_outofbound); m_subaddress_labels[index.major][index.minor] = label; } //---------------------------------------------------------------------------------------------------- void wallet2::set_subaddress_lookahead(size_t major, size_t minor) { THROW_WALLET_EXCEPTION_IF( major == 0, error::wallet_internal_error, "Subaddress major lookahead may not be zero"); THROW_WALLET_EXCEPTION_IF( major > 0xffffffff, error::wallet_internal_error, "Subaddress major lookahead is too large"); THROW_WALLET_EXCEPTION_IF( minor == 0, error::wallet_internal_error, "Subaddress minor lookahead may not be zero"); THROW_WALLET_EXCEPTION_IF( minor > 0xffffffff, error::wallet_internal_error, "Subaddress minor lookahead is too large"); m_subaddress_lookahead_major = major; m_subaddress_lookahead_minor = minor; } //---------------------------------------------------------------------------------------------------- /*! * \brief Tells if the wallet file is deprecated. */ bool wallet2::is_deprecated() const { return is_old_file_format; } //---------------------------------------------------------------------------------------------------- void wallet2::set_spent(size_t idx, uint64_t height) { CHECK_AND_ASSERT_THROW_MES(idx < m_transfers.size(), "Invalid index"); transfer_details& td = m_transfers[idx]; log::debug( logcat, "Setting SPENT at {}: ki {}, amount {}", height, td.m_key_image, print_money(td.m_amount)); td.m_spent = true; td.m_spent_height = height; } //---------------------------------------------------------------------------------------------------- void wallet2::set_unspent(size_t idx) { CHECK_AND_ASSERT_THROW_MES(idx < m_transfers.size(), "Invalid index"); transfer_details& td = m_transfers[idx]; log::debug( logcat, "Setting UNSPENT: ki {}, amount {}", td.m_key_image, print_money(td.m_amount)); td.m_spent = false; td.m_spent_height = 0; } //---------------------------------------------------------------------------------------------------- bool wallet2::is_spent(const transfer_details& td, bool strict) const { if (strict) { return td.m_spent && td.m_spent_height > 0; } else { return td.m_spent; } } //---------------------------------------------------------------------------------------------------- bool wallet2::is_spent(size_t idx, bool strict) const { CHECK_AND_ASSERT_THROW_MES(idx < m_transfers.size(), "Invalid index"); const transfer_details& td = m_transfers[idx]; return is_spent(td, strict); } //---------------------------------------------------------------------------------------------------- void wallet2::freeze(size_t idx) { CHECK_AND_ASSERT_THROW_MES(idx < m_transfers.size(), "Invalid transfer_details index"); transfer_details& td = m_transfers[idx]; td.m_frozen = true; } //---------------------------------------------------------------------------------------------------- void wallet2::thaw(size_t idx) { CHECK_AND_ASSERT_THROW_MES(idx < m_transfers.size(), "Invalid transfer_details index"); transfer_details& td = m_transfers[idx]; td.m_frozen = false; } //---------------------------------------------------------------------------------------------------- bool wallet2::frozen(size_t idx) const { CHECK_AND_ASSERT_THROW_MES(idx < m_transfers.size(), "Invalid transfer_details index"); const transfer_details& td = m_transfers[idx]; return td.m_frozen; } //---------------------------------------------------------------------------------------------------- void wallet2::freeze(const crypto::key_image& ki) { freeze(get_transfer_details(ki)); } //---------------------------------------------------------------------------------------------------- void wallet2::thaw(const crypto::key_image& ki) { thaw(get_transfer_details(ki)); } //---------------------------------------------------------------------------------------------------- bool wallet2::frozen(const crypto::key_image& ki) const { return frozen(get_transfer_details(ki)); } //---------------------------------------------------------------------------------------------------- size_t wallet2::get_transfer_details(const crypto::key_image& ki) const { for (size_t idx = 0; idx < m_transfers.size(); ++idx) { const transfer_details& td = m_transfers[idx]; if (td.m_key_image_known && td.m_key_image == ki) return idx; } CHECK_AND_ASSERT_THROW_MES(false, "Key image not found"); } //---------------------------------------------------------------------------------------------------- bool wallet2::frozen(const transfer_details& td) const { return td.m_frozen; } //---------------------------------------------------------------------------------------------------- void wallet2::check_acc_out_precomp( const tx_out& o, const crypto::key_derivation& derivation, const std::vector& additional_derivations, size_t i, tx_scan_info_t& tx_scan_info) const { hw::device& hwdev = m_account.get_device(); std::unique_lock hwdev_lock{hwdev}; hwdev.set_mode(hw::device::mode::TRANSACTION_PARSE); if (!std::holds_alternative(o.target)) { tx_scan_info.error = true; log::error(logcat, "wrong type id in transaction out"); return; } tx_scan_info.received = is_out_to_acc_precomp( m_subaddresses, var::get(o.target).key, derivation, additional_derivations, i, hwdev); if (tx_scan_info.received) { tx_scan_info.money_transfered = o.amount; // may be 0 for ringct outputs } else { tx_scan_info.money_transfered = 0; } tx_scan_info.error = false; } //---------------------------------------------------------------------------------------------------- void wallet2::check_acc_out_precomp( const tx_out& o, const crypto::key_derivation& derivation, const std::vector& additional_derivations, size_t i, const is_out_data* is_out_data, tx_scan_info_t& tx_scan_info) const { if (!is_out_data || i >= is_out_data->received.size()) return check_acc_out_precomp(o, derivation, additional_derivations, i, tx_scan_info); tx_scan_info.received = is_out_data->received[i]; if (tx_scan_info.received) { tx_scan_info.money_transfered = o.amount; // may be 0 for ringct outputs } else { tx_scan_info.money_transfered = 0; } tx_scan_info.error = false; } //---------------------------------------------------------------------------------------------------- void wallet2::check_acc_out_precomp_once( const tx_out& o, const crypto::key_derivation& derivation, const std::vector& additional_derivations, size_t i, const is_out_data* is_out_data, tx_scan_info_t& tx_scan_info, bool& already_seen) const { tx_scan_info.received = std::nullopt; if (already_seen) return; check_acc_out_precomp(o, derivation, additional_derivations, i, is_out_data, tx_scan_info); if (tx_scan_info.received) already_seen = true; } //---------------------------------------------------------------------------------------------------- static uint64_t decodeRct( const rct::rctSig& rv, const crypto::key_derivation& derivation, unsigned int i, rct::key& mask, hw::device& hwdev) { crypto::secret_key scalar1; hwdev.derivation_to_scalar(derivation, i, scalar1); try { switch (rv.type) { case rct::RCTType::Simple: case rct::RCTType::Bulletproof: case rct::RCTType::Bulletproof2: case rct::RCTType::CLSAG: return rct::decodeRctSimple(rv, rct::sk2rct(scalar1), i, mask, hwdev); case rct::RCTType::Full: return rct::decodeRct(rv, rct::sk2rct(scalar1), i, mask, hwdev); default: log::error(logcat, "{}: Unsupported rct type: {}", __func__, (int)rv.type); return 0; } } catch (const std::exception& e) { log::error(logcat, "Failed to decode input {}", i); return 0; } } //---------------------------------------------------------------------------------------------------- void wallet2::scan_output( const cryptonote::transaction& tx, bool miner_tx, const crypto::public_key& tx_pub_key, size_t vout_index, tx_scan_info_t& tx_scan_info, std::vector& tx_money_got_in_outs, std::vector& outs, bool pool, bool blink) { THROW_WALLET_EXCEPTION_IF( vout_index >= tx.vout.size(), error::wallet_internal_error, "Invalid vout index"); // if keys are encrypted, ask for password if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only && !m_multisig_rescan_k) { static std::recursive_mutex password_mutex; std::lock_guard lock{password_mutex}; if (!m_encrypt_keys_after_refresh) { char const blink_reason[] = "(blink output received in pool) - use the refresh command"; char const pool_reason[] = "(output received in pool) - use the refresh, then show_transfers command"; char const block_reason[] = "(output received) - use the refresh command"; char const* reason = block_reason; if (pool) reason = (blink) ? blink_reason : pool_reason; std::optional pwd = m_callback->on_get_password(reason); THROW_WALLET_EXCEPTION_IF( !pwd, error::password_needed, tr("Password is needed to compute key image for incoming OXEN")); THROW_WALLET_EXCEPTION_IF( !verify_password(*pwd), error::password_needed, tr("Invalid password: password is needed to compute key image for incoming " "OXEN")); decrypt_keys(*pwd); m_encrypt_keys_after_refresh = *pwd; } } if (m_multisig) { tx_scan_info.in_ephemeral.pub = var::get(tx.vout[vout_index].target).key; tx_scan_info.in_ephemeral.sec.zero(); tx_scan_info.ki = rct::rct2ki(rct::zero()); } else { bool r = cryptonote::generate_key_image_helper_precomp( m_account.get_keys(), var::get(tx.vout[vout_index].target).key, tx_scan_info.received->derivation, vout_index, tx_scan_info.received->index, tx_scan_info.in_ephemeral, tx_scan_info.ki, m_account.get_device()); THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "Failed to generate key image"); THROW_WALLET_EXCEPTION_IF( tx_scan_info.in_ephemeral.pub != var::get(tx.vout[vout_index].target).key, error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key"); } THROW_WALLET_EXCEPTION_IF( std::find(outs.begin(), outs.end(), vout_index) != outs.end(), error::wallet_internal_error, "Same output cannot be added twice"); if (tx_scan_info.money_transfered == 0 && !miner_tx) { tx_scan_info.money_transfered = tools::decodeRct( tx.rct_signatures, tx_scan_info.received->derivation, vout_index, tx_scan_info.mask, m_account.get_device()); } if (tx_scan_info.money_transfered == 0) { log::error(logcat, "Invalid output amount, skipping"); tx_scan_info.error = true; return; } outs.push_back(vout_index); uint64_t unlock_time = tx.get_unlock_time(vout_index); tx_money_got_in_out entry = {}; entry.type = wallet::pay_type::in; entry.index = tx_scan_info.received->index; entry.amount = tx_scan_info.money_transfered; entry.unlock_time = unlock_time; if (cryptonote::is_coinbase(tx)) { // TODO(doyle): When batched governance comes in, this needs to check that the TX has a // governance output, can't assume last one is governance if (vout_index == 0) entry.type = wallet::pay_type::miner; // else if (vout_index == tx.vout.size() - 1) entry.type = wallet::pay_type::governance; else entry.type = wallet::pay_type::service_node; } tx_money_got_in_outs.push_back(entry); tx_scan_info.amount = tx_scan_info.money_transfered; tx_scan_info.unlock_time = unlock_time; } //---------------------------------------------------------------------------------------------------- void wallet2::cache_tx_data( const cryptonote::transaction& tx, const crypto::hash& txid, tx_cache_data& tx_cache_data) const { if (!parse_tx_extra(tx.extra, tx_cache_data.tx_extra_fields)) { // Extra may only be partially parsed, it's OK if tx_extra_fields contains public key log::warning(logcat, "Transaction extra has unsupported format: {}", txid); if (tx_cache_data.tx_extra_fields.empty()) return; } // Don't try to extract tx public key if tx has no ouputs const bool is_miner = tx.vin.size() == 1 && std::holds_alternative(tx.vin[0]); if (!is_miner || m_refresh_type != RefreshType::RefreshNoCoinbase) { const size_t rec_size = is_miner && m_refresh_type == RefreshType::RefreshOptimizeCoinbase ? 1 : tx.vout.size(); if (!tx.vout.empty()) { // if tx.vout is not empty, we loop through all tx pubkeys const std::vector> rec( rec_size, std::nullopt); tx_extra_pub_key pub_key_field; size_t pk_index = 0; while (find_tx_extra_field_by_type( tx_cache_data.tx_extra_fields, pub_key_field, pk_index++)) tx_cache_data.primary.push_back({pub_key_field.pub_key, {}, rec}); // additional tx pubkeys and derivations for multi-destination transfers involving one // or more subaddresses tx_extra_additional_pub_keys additional_tx_pub_keys; if (find_tx_extra_field_by_type( tx_cache_data.tx_extra_fields, additional_tx_pub_keys)) { for (size_t i = 0; i < additional_tx_pub_keys.data.size(); ++i) tx_cache_data.additional.push_back({additional_tx_pub_keys.data[i], {}, {}}); } } } } //---------------------------------------------------------------------------------------------------- void wallet2::process_new_transaction( const crypto::hash& txid, const cryptonote::transaction& tx, const std::vector& o_indices, uint64_t height, hf block_version, uint64_t ts, bool miner_tx, bool pool, bool blink, bool double_spend_seen, const tx_cache_data& tx_cache_data, std::map, size_t>* output_tracker_cache) { if (!tx.is_transfer() || tx.version <= txversion::v1) return; log::trace(logcat, "PROC NEW TX {}", txid); // In this function, tx (probably) only contains the base information // (that is, the prunable stuff may or may not be included) confirmed_transfer_details* just_confirmed = nullptr; if (!miner_tx && !pool) just_confirmed = process_unconfirmed(txid, tx, height); // NOTE: tx_scan_info contains the decoded amounts from the transaction destined for us // tx_money_got_in_outs contains decoded amounts from the transaction, // that removes amounts from our scanned outputs that got invalidated // i.e. duplicated key images std::vector tx_money_got_in_outs; tx_money_got_in_outs.reserve(tx.vout.size()); crypto::public_key tx_pub_key = crypto::null; bool notify = false; std::vector local_tx_extra_fields; if (tx_cache_data.tx_extra_fields.empty()) { if (!parse_tx_extra(tx.extra, local_tx_extra_fields)) { // Extra may only be partially parsed, it's OK if tx_extra_fields contains public key log::warning(logcat, "Transaction extra has unsupported format: {}", txid); } } const auto& tx_extra_fields = tx_cache_data.tx_extra_fields.empty() ? local_tx_extra_fields : tx_cache_data.tx_extra_fields; // Don't try to extract tx public key if tx has no ouputs size_t pk_index = 0; std::vector tx_scan_info(tx.vout.size()); std::deque output_found(tx.vout.size(), false); uint64_t total_received_1 = 0; // NOTE: This handles the case where you have multiple outputs in the same // transaction with duplicated output keys. Unlock times is lost when it's // stored into m_transfers so we cannot determine if the entry in m_transfers // came from this transaction or a previous transaction. // TODO(oxen): This case might be feasible at all where a key image is // duplicated in the _same_ tx in different output indexes, because the // algorithm for making a key image uses the output index. Investigate, and if // it's not feasible to construct a malicious one without absolutely breaking // everything in the system then we can delete the code for it. using unlock_time_t = uint64_t; std::unordered_map pk_to_unlock_times; std::vector outs; // NOTE: The earliest index that we detected a TX, where we previously had // it as a blink sitting in the mempool was confirmed in this block. auto constexpr NO_BLINK_MINED_INDEX = std::numeric_limits::max(); auto earliest_blink_got_mined_transfers_index = NO_BLINK_MINED_INDEX; while (!tx.vout.empty()) { // if tx.vout is not empty, we loop through all tx pubkeys outs.clear(); tx_extra_pub_key pub_key_field; if (!find_tx_extra_field_by_type(tx_extra_fields, pub_key_field, pk_index++)) { if (pk_index > 1) break; log::warning( logcat, "Public key wasn't found in the transaction extra. Skipping transaction {}", txid); if (m_callback) m_callback->on_skip_transaction(height, txid, tx); break; } if (!tx_cache_data.primary.empty()) { THROW_WALLET_EXCEPTION_IF( tx_cache_data.primary.size() < pk_index || pub_key_field.pub_key != tx_cache_data.primary[pk_index - 1].pkey, error::wallet_internal_error, "tx_cache_data is out of sync"); } tx_pub_key = pub_key_field.pub_key; tools::threadpool& tpool = tools::threadpool::getInstance(); tools::threadpool::waiter waiter; const cryptonote::account_keys& keys = m_account.get_keys(); crypto::key_derivation derivation; std::vector additional_derivations; tx_extra_additional_pub_keys additional_tx_pub_keys; const wallet2::is_out_data* is_out_data_ptr = nullptr; if (tx_cache_data.primary.empty()) { hw::device& hwdev = m_account.get_device(); std::unique_lock hwdev_lock{hwdev}; hw::mode_resetter rst{hwdev}; hwdev.set_mode(hw::device::mode::TRANSACTION_PARSE); if (!hwdev.generate_key_derivation(tx_pub_key, keys.m_view_secret_key, derivation)) { log::warning( logcat, "Failed to generate key derivation from tx pubkey in {}, skipping", txid); static_assert( sizeof(derivation) == sizeof(rct::key), "Mismatched sizes of key_derivation and rct::key"); memcpy(&derivation, rct::identity().bytes, sizeof(derivation)); } if (pk_index == 1) { // additional tx pubkeys and derivations for multi-destination transfers involving // one or more subaddresses if (find_tx_extra_field_by_type(tx_extra_fields, additional_tx_pub_keys)) { for (size_t i = 0; i < additional_tx_pub_keys.data.size(); ++i) { additional_derivations.push_back({}); if (!hwdev.generate_key_derivation( additional_tx_pub_keys.data[i], keys.m_view_secret_key, additional_derivations.back())) { log::warning( logcat, "Failed to generate key derivation from additional tx pubkey " "in {}, skipping", txid); memcpy(&additional_derivations.back(), rct::identity().bytes, sizeof(crypto::key_derivation)); } } } } } else { THROW_WALLET_EXCEPTION_IF( pk_index - 1 >= tx_cache_data.primary.size(), error::wallet_internal_error, "pk_index out of range of tx_cache_data"); is_out_data_ptr = &tx_cache_data.primary[pk_index - 1]; derivation = tx_cache_data.primary[pk_index - 1].derivation; if (pk_index == 1) { for (size_t n = 0; n < tx_cache_data.additional.size(); ++n) { additional_tx_pub_keys.data.push_back(tx_cache_data.additional[n].pkey); additional_derivations.push_back(tx_cache_data.additional[n].derivation); } } } if (miner_tx && m_refresh_type == RefreshNoCoinbase) { // assume coinbase isn't for us continue; } // NOTE(oxen): (miner_tx && m_refresh_type == RefreshOptimiseCoinbase) used // to be an optimisation step that checks if the first output was destined // for us otherwise skip. This is not possible for us because our // block-reward now always has more than 1 output, mining, service node // and governance rewards which can all have different dest addresses, so we // always need to check all outputs. if ((tx.vout.size() > 1 && tools::threadpool::getInstance().get_max_concurrency() > 1 && !is_out_data_ptr) || (miner_tx && m_refresh_type == RefreshOptimizeCoinbase)) { for (size_t i = 0; i < tx.vout.size(); ++i) tpool.submit( &waiter, [&, i] { return check_acc_out_precomp_once( tx.vout[i], derivation, additional_derivations, i, is_out_data_ptr, tx_scan_info[i], output_found[i]); }, true); waiter.wait(&tpool); hw::device& hwdev = m_account.get_device(); std::unique_lock hwdev_lock{hwdev}; hwdev.set_mode(hw::device::mode::NONE); for (size_t i = 0; i < tx.vout.size(); ++i) { THROW_WALLET_EXCEPTION_IF( tx_scan_info[i].error, error::acc_outs_lookup_error, tx, tx_pub_key, m_account.get_keys()); if (tx_scan_info[i].received) { hwdev.conceal_derivation( tx_scan_info[i].received->derivation, tx_pub_key, additional_tx_pub_keys.data, derivation, additional_derivations); scan_output( tx, miner_tx, tx_pub_key, i, tx_scan_info[i], tx_money_got_in_outs, outs, pool, blink); } } } else { for (size_t i = 0; i < tx.vout.size(); ++i) { check_acc_out_precomp_once( tx.vout[i], derivation, additional_derivations, i, is_out_data_ptr, tx_scan_info[i], output_found[i]); THROW_WALLET_EXCEPTION_IF( tx_scan_info[i].error, error::acc_outs_lookup_error, tx, tx_pub_key, m_account.get_keys()); if (tx_scan_info[i].received) { hw::device& hwdev = m_account.get_device(); std::unique_lock hwdev_lock{hwdev}; hwdev.set_mode(hw::device::mode::NONE); hwdev.conceal_derivation( tx_scan_info[i].received->derivation, tx_pub_key, additional_tx_pub_keys.data, derivation, additional_derivations); scan_output( tx, miner_tx, tx_pub_key, i, tx_scan_info[i], tx_money_got_in_outs, outs, pool, blink); } } } if (!outs.empty()) { // good news - got money! take care about it // usually we have only one transfer for user in transaction if (!pool) { THROW_WALLET_EXCEPTION_IF( tx.vout.size() != o_indices.size(), error::wallet_internal_error, "transactions outputs size=" + std::to_string(tx.vout.size()) + " not match with daemon response size=" + std::to_string(o_indices.size())); } for (size_t o : outs) { THROW_WALLET_EXCEPTION_IF( tx.vout.size() <= o, error::wallet_internal_error, "wrong out in transaction: internal index=" + std::to_string(o) + ", total_outs=" + std::to_string(tx.vout.size())); auto kit = m_pub_keys.find(tx_scan_info[o].in_ephemeral.pub); THROW_WALLET_EXCEPTION_IF( kit != m_pub_keys.end() && kit->second >= m_transfers.size(), error::wallet_internal_error, std::string("Unexpected transfer index from public key: ") + "got " + (kit == m_pub_keys.end() ? "" : std::to_string(kit->second)) + ", m_transfers.size() is " + std::to_string(m_transfers.size())); bool process_transaction = !pool || blink; bool unmined_blink = pool && blink; if (kit == m_pub_keys.end()) { uint64_t amount = tx.vout[o].amount ? tx.vout[o].amount : tx_scan_info[o].amount; if (process_transaction) { pk_to_unlock_times[tx_scan_info[o].in_ephemeral.pub] = tx_scan_info[o].unlock_time; m_transfers.emplace_back(); transfer_details& td = m_transfers.back(); td.m_block_height = height; // NB: will be zero for a blink; we update when // the blink tx gets mined td.m_internal_output_index = o; td.m_global_output_index = unmined_blink ? 0 : o_indices[o]; // blink tx doesn't have this; will get // updated when it gets into a block td.m_unmined_blink = unmined_blink; td.m_was_blink = blink; td.m_tx = (const cryptonote::transaction_prefix&)tx; td.m_txid = txid; td.m_key_image = tx_scan_info[o].ki; td.m_key_image_known = !m_watch_only && !m_multisig; if (!td.m_key_image_known) { // we might have cold signed, and have a mapping to key images if (auto i = m_cold_key_images.find(tx_scan_info[o].in_ephemeral.pub); i != m_cold_key_images.end()) { td.m_key_image = i->second; td.m_key_image_known = true; } } if (m_watch_only) { // for view wallets, that flag means "we want to request it" td.m_key_image_request = true; } else { td.m_key_image_request = false; } td.m_key_image_partial = m_multisig; td.m_amount = amount; td.m_pk_index = pk_index - 1; td.m_subaddr_index = tx_scan_info[o].received->index; if (should_expand(tx_scan_info[o].received->index)) expand_subaddresses(tx_scan_info[o].received->index); if (tx.vout[o].amount == 0) { td.m_mask = tx_scan_info[o].mask; td.m_rct = true; } else if (miner_tx && tx.version >= txversion::v2_ringct) { td.m_mask = rct::identity(); td.m_rct = true; } else { td.m_mask = rct::identity(); td.m_rct = false; } td.m_frozen = false; set_unspent(m_transfers.size() - 1); if (td.m_key_image_known) m_key_images[td.m_key_image] = m_transfers.size() - 1; m_pub_keys[tx_scan_info[o].in_ephemeral.pub] = m_transfers.size() - 1; if (output_tracker_cache) (*output_tracker_cache)[std::make_pair( tx.vout[o].amount, td.m_global_output_index)] = m_transfers.size() - 1; if (m_multisig) { THROW_WALLET_EXCEPTION_IF( !m_multisig_rescan_k && m_multisig_rescan_info, error::wallet_internal_error, "NULL m_multisig_rescan_k"); if (m_multisig_rescan_info && m_multisig_rescan_info->front().size() >= m_transfers.size()) update_multisig_rescan_info( *m_multisig_rescan_k, *m_multisig_rescan_info, m_transfers.size() - 1); } log::warning( logcat, "Received money: {}, with tx: {}", print_money(td.amount()), txid); if (m_callback) m_callback->on_money_received( height, txid, tx, td.m_amount, td.m_subaddr_index, td.m_tx.unlock_time, blink); } total_received_1 += amount; notify = true; continue; } // NOTE: Pre-existing transfer already exists for the output auto& transfer = m_transfers[kit->second]; THROW_WALLET_EXCEPTION_IF( blink && transfer.m_unmined_blink, error::wallet_internal_error, "Sanity check failed: A blink tx replacing an pre-existing wallet tx " "should not be possible; when a " "transaction is mined blink metadata is dropped and the TX should just be " "a normal TX"); THROW_WALLET_EXCEPTION_IF( pool && transfer.m_unmined_blink, error::wallet_internal_error, "Sanity check failed: An output replacing a unmined blink output must not " "be from the pool."); if (transfer.m_spent || transfer.amount() >= tx_scan_info[o].amount) { if (transfer.amount() > tx_scan_info[o].amount) { log::error( logcat, "Public key {} from received {} output already exists with {} in " "tx {}, received output ignored", tools::type_to_hex(kit->first), print_money(tx_scan_info[o].amount), (transfer.m_spent ? "spent" : "unspend"), print_money(transfer.amount()), transfer.m_txid); } if (transfer.m_unmined_blink) { earliest_blink_got_mined_transfers_index = std::min( earliest_blink_got_mined_transfers_index, static_cast(kit->second) /*index in m_transfers*/); THROW_WALLET_EXCEPTION_IF( transfer.amount() != tx_scan_info[o].amount, error::wallet_internal_error, "A blink should credit the amount exactly as we recorded it when " "it arrived in the mempool"); THROW_WALLET_EXCEPTION_IF( transfer.m_spent, error::wallet_internal_error, "Blink can not be spent before it is mined, this should never " "happen"); log::info( logcat, "Public key {} of blink tx {} (for {}) status updated: now mined " "in block {}", tools::type_to_hex(kit->first), transfer.m_txid, print_money(tx_scan_info[o].amount), height); // We previous had this as a blink, but now it's been mined so update the tx // status with the height and output index transfer.m_block_height = height; transfer.m_global_output_index = o_indices[o]; transfer.m_unmined_blink = false; } auto iter = std::find_if( tx_money_got_in_outs.begin(), tx_money_got_in_outs.end(), [&tx_scan_info, &o](const tx_money_got_in_out& value) { return value.index == tx_scan_info[o].received->index && value.amount == tx_scan_info[o].amount && value.unlock_time == tx_scan_info[o].unlock_time; }); THROW_WALLET_EXCEPTION_IF( iter == tx_money_got_in_outs.end(), error::wallet_internal_error, "Could not find the output we just added, this should never happen"); tx_money_got_in_outs.erase(iter); } else if (transfer.m_spent || transfer.amount() >= tx_scan_info[o].amount) { log::error( logcat, "Public key {} from received {} output already exists with {} {} in tx " "{}, received output ignored", tools::type_to_hex(kit->first), print_money(tx_scan_info[o].amount), (transfer.m_spent ? "spent" : "unspent"), print_money(transfer.amount()), transfer.m_txid); auto iter = std::find_if( tx_money_got_in_outs.begin(), tx_money_got_in_outs.end(), [&tx_scan_info, &o](const tx_money_got_in_out& value) { return value.index == tx_scan_info[o].received->index && value.amount == tx_scan_info[o].amount && value.unlock_time == tx_scan_info[o].unlock_time; }); THROW_WALLET_EXCEPTION_IF( iter == tx_money_got_in_outs.end(), error::wallet_internal_error, "Could not find the output we just added, this should never happen"); tx_money_got_in_outs.erase(iter); } else { log::error( logcat, "Public key {} from received {} output already exists with {}, " "replacing with new output", tools::type_to_hex(kit->first), print_money(tx_scan_info[o].amount), print_money(transfer.amount())); // The new larger output replaced a previous smaller one auto unlock_time_it = pk_to_unlock_times.find(kit->first); if (unlock_time_it == pk_to_unlock_times.end()) { // NOTE: This output previously existed in m_transfers before any // outputs in this transaction was processed, so we couldn't find. // That's fine, we don't need to modify tx_money_got_in_outs. // - 27/09/2018 Doyle } else { tx_money_got_in_out smaller_output = {}; smaller_output.unlock_time = unlock_time_it->second; smaller_output.amount = transfer.amount(); smaller_output.index = transfer.m_subaddr_index; auto iter = std::find_if( tx_money_got_in_outs.begin(), tx_money_got_in_outs.end(), [&smaller_output](const tx_money_got_in_out& value) { return value.index == smaller_output.index && value.amount == smaller_output.amount && value.unlock_time == smaller_output.unlock_time; }); // Monero fix - 25/9/2018 rtharp, doyle, maxim THROW_WALLET_EXCEPTION_IF( iter == tx_money_got_in_outs.end(), error::wallet_internal_error, "Could not find the output we just added, this should never " "happen"); THROW_WALLET_EXCEPTION_IF( transfer.amount() > iter->amount, error::wallet_internal_error, "Unexpected values of new and old outputs, new output is meant to " "be larger"); tx_money_got_in_outs.erase(iter); } auto iter = std::find_if( tx_money_got_in_outs.begin(), tx_money_got_in_outs.end(), [&tx_scan_info, &o](const tx_money_got_in_out& value) { return value.index == tx_scan_info[o].received->index && value.amount == tx_scan_info[o].amount && value.unlock_time == tx_scan_info[o].unlock_time; }); THROW_WALLET_EXCEPTION_IF( iter == tx_money_got_in_outs.end(), error::wallet_internal_error, "Could not find the output we just added, this should never happen"); THROW_WALLET_EXCEPTION_IF( transfer.amount() > iter->amount, error::wallet_internal_error, "Unexpected values of new and old outputs, new output is meant to be " "larger"); iter->amount -= transfer.amount(); if (iter->amount == 0) tx_money_got_in_outs.erase(iter); uint64_t amount = tx.vout[o].amount ? tx.vout[o].amount : tx_scan_info[o].amount; uint64_t extra_amount = amount - transfer.amount(); if (process_transaction) { transfer.m_block_height = height; transfer.m_internal_output_index = o; transfer.m_global_output_index = unmined_blink ? 0 : o_indices[o]; // blink tx doesn't have this; will get // updated when it gets into a block transfer.m_unmined_blink = unmined_blink; transfer.m_tx = (const cryptonote::transaction_prefix&)tx; transfer.m_txid = txid; transfer.m_amount = amount; transfer.m_pk_index = pk_index - 1; transfer.m_subaddr_index = tx_scan_info[o].received->index; if (should_expand(tx_scan_info[o].received->index)) expand_subaddresses(tx_scan_info[o].received->index); if (tx.vout[o].amount == 0) { transfer.m_mask = tx_scan_info[o].mask; transfer.m_rct = true; } else if (miner_tx && tx.version >= txversion::v2_ringct) { transfer.m_mask = rct::identity(); transfer.m_rct = true; } else { transfer.m_mask = rct::identity(); transfer.m_rct = false; } if (output_tracker_cache) (*output_tracker_cache)[std::make_pair( tx.vout[o].amount, transfer.m_global_output_index)] = kit->second; if (m_multisig) { THROW_WALLET_EXCEPTION_IF( !m_multisig_rescan_k && m_multisig_rescan_info, error::wallet_internal_error, "NULL m_multisig_rescan_k"); if (m_multisig_rescan_info && m_multisig_rescan_info->front().size() >= m_transfers.size()) update_multisig_rescan_info( *m_multisig_rescan_k, *m_multisig_rescan_info, m_transfers.size() - 1); } THROW_WALLET_EXCEPTION_IF( transfer.get_public_key() != tx_scan_info[o].in_ephemeral.pub, error::wallet_internal_error, "Inconsistent public keys"); THROW_WALLET_EXCEPTION_IF( transfer.m_spent, error::wallet_internal_error, "Inconsistent spent status"); log::warning( logcat, "Received money: {}, with tx: {}", print_money(transfer.amount()), txid); if (m_callback) m_callback->on_money_received( height, txid, tx, transfer.m_amount, transfer.m_subaddr_index, transfer.m_tx.unlock_time, blink); } total_received_1 += extra_amount; notify = true; } } } } uint64_t tx_money_spent_in_ins = 0; std::optional subaddr_account; std::set subaddr_indices; // check all outputs for spending (compare key images) for (auto& in : tx.vin) { if (!std::holds_alternative(in)) continue; const cryptonote::txin_to_key& in_to_key = var::get(in); auto it = m_key_images.find(in_to_key.k_image); if (it != m_key_images.end()) { transfer_details& td = m_transfers[it->second]; uint64_t amount = in_to_key.amount; if (amount > 0) { if (amount != td.amount()) { log::error( logcat, "Inconsistent amount in tx input: got {}, expected {}", print_money(amount), print_money(td.amount())); // this means: // 1) the same output pub key was used as destination multiple times, // 2) the wallet set the highest amount among them to // transfer_details::m_amount, and 3) the wallet somehow spent that output // with an amount smaller than the above amount, causing inconsistency td.m_amount = amount; } } else { amount = td.amount(); } tx_money_spent_in_ins += amount; if (subaddr_account && *subaddr_account != td.m_subaddr_index.major) log::error( logcat, "spent funds are from different subaddress accounts; count of " "incoming/outgoing payments will be incorrect"); subaddr_account = td.m_subaddr_index.major; subaddr_indices.insert(td.m_subaddr_index.minor); if (!pool) { log::warning(logcat, "Spent money: {}, with tx: {}", print_money(amount), txid); set_spent(it->second, height); if (m_callback) m_callback->on_money_spent(height, txid, tx, amount, tx, td.m_subaddr_index); } } if (!pool && m_track_uses) { const uint64_t amount = in_to_key.amount; std::vector offsets = cryptonote::relative_output_offsets_to_absolute(in_to_key.key_offsets); if (output_tracker_cache) { for (uint64_t offset : offsets) { auto i = output_tracker_cache->find(std::make_pair(amount, offset)); if (i != output_tracker_cache->end()) { size_t idx = i->second; THROW_WALLET_EXCEPTION_IF( idx >= m_transfers.size(), error::wallet_internal_error, "Output tracker cache index out of range"); m_transfers[idx].m_uses.push_back(std::make_pair(height, txid)); } } } else for (transfer_details& td : m_transfers) { if (amount != in_to_key.amount) continue; for (uint64_t offset : offsets) if (offset == td.m_global_output_index) td.m_uses.push_back(std::make_pair(height, txid)); } } } uint64_t fee = miner_tx ? 0 : tx.version == txversion::v1 ? tx_money_spent_in_ins - get_outs_money_amount(tx) : tx.rct_signatures.txnFee; if (tx_money_spent_in_ins > 0 && !pool) { uint64_t self_received = std::accumulate( tx_money_got_in_outs.begin(), tx_money_got_in_outs.end(), uint64_t{0}, [&subaddr_account](uint64_t acc, const tx_money_got_in_out& p) { return acc + (p.index.major == *subaddr_account ? p.amount : 0); }); process_outgoing( txid, tx, height, ts, tx_money_spent_in_ins, self_received, *subaddr_account, subaddr_indices); // if sending to yourself at the same subaddress account, set the outgoing payment amount to // 0 so that it's less confusing if (tx_money_spent_in_ins == self_received + fee) { auto i = m_confirmed_txs.find(txid); THROW_WALLET_EXCEPTION_IF( i == m_confirmed_txs.end(), error::wallet_internal_error, "confirmed tx wasn't found: " + tools::type_to_hex(txid)); i->second.m_change = self_received; } } // remove change sent to the spending subaddress account from the list of received funds uint64_t sub_change = 0; for (auto i = tx_money_got_in_outs.begin(); i != tx_money_got_in_outs.end();) { if (subaddr_account && i->index.major == *subaddr_account) { sub_change += i->amount; i = tx_money_got_in_outs.erase(i); } else ++i; } // Update the "change" value in the confirmed details to include everything we sent to ourselves // as changed so that we properly reflect net output amounts when reporting transfer details. if (just_confirmed && sub_change > 0) just_confirmed->m_change = sub_change; // create payment_details for each incoming transfer to a subaddress index crypto::hash payment_id{}; if (tx_money_got_in_outs.size() > 0 || earliest_blink_got_mined_transfers_index != NO_BLINK_MINED_INDEX) { tx_extra_nonce extra_nonce; if (find_tx_extra_field_by_type(tx_extra_fields, extra_nonce)) { crypto::hash8 payment_id8{}; if (get_encrypted_payment_id_from_tx_extra_nonce(extra_nonce.nonce, payment_id8)) { // We got a payment ID to go with this tx log::debug(logcat, "Found encrypted payment ID: {}", payment_id8); log::info(logcat, "Consider using subaddresses instead of encrypted payment IDs"); if (tx_pub_key) { if (!m_account.get_device().decrypt_payment_id( payment_id8, tx_pub_key, m_account.get_keys().m_view_secret_key)) { log::warning(logcat, "Failed to decrypt payment ID: {}", payment_id8); } else { log::debug(logcat, "Decrypted payment ID: {}", payment_id8); payment_id = payment_id8; } } else { log::info(logcat, "No public key found in tx, unable to decrypt payment id"); } } else if (get_payment_id_from_tx_extra_nonce(extra_nonce.nonce, payment_id)) { bool ignore = block_version >= IGNORE_LONG_PAYMENT_ID_FROM_BLOCK_VERSION; if (ignore) { log::debug(logcat, "Found unencrypted payment ID in tx {} (ignored)", txid); log::warning( logcat, "Found OBSOLETE AND IGNORED unencrypted payment ID: these are bad for " "privacy, use subaddresses instead"); payment_id = null; } else { log::debug(logcat, "Found unencrypted payment ID: {}", payment_id); log::warning( logcat, "Found unencrypted payment ID: these are bad for privacy, consider " "using subaddresses instead"); } } } } if (tx_money_got_in_outs.size() > 0) { uint64_t total_received_2 = sub_change; for (const auto& i : tx_money_got_in_outs) total_received_2 += i.amount; if (total_received_1 != total_received_2) { log::warning( logcat, fg(fmt::terminal_color::red), "**********************************************************************"); log::warning( logcat, fg(fmt::terminal_color::red), "Consistency failure in amounts received"); log::warning(logcat, fg(fmt::terminal_color::red), "Check transaction {}", txid); log::warning( logcat, fg(fmt::terminal_color::red), "**********************************************************************"); exit(1); return; } bool all_same = true; for (const auto& i : tx_money_got_in_outs) { payment_details payment; payment.m_tx_hash = txid; payment.m_fee = fee; payment.m_amount = i.amount; payment.m_block_height = height; payment.m_unlock_time = i.unlock_time; payment.m_timestamp = ts; payment.m_subaddr_index = i.index; payment.m_type = i.type; payment.m_unmined_blink = pool && blink; payment.m_was_blink = blink; if (pool && !blink) { if (emplace_or_replace( m_unconfirmed_payments, payment_id, pool_payment_details{payment, double_spend_seen})) all_same = false; if (m_callback) m_callback->on_unconfirmed_money_received( height, txid, tx, payment.m_amount, payment.m_subaddr_index); } else m_payments.emplace(payment_id, payment); log::debug( logcat, "Payment found in {}: {} / {} / {}", (pool ? blink ? "blink pool" : "pool" : "block"), payment_id, payment.m_tx_hash, payment.m_amount); } // if it's a pool tx and we already had it, don't notify again if (pool && all_same) notify = false; } if (earliest_blink_got_mined_transfers_index != NO_BLINK_MINED_INDEX) { // If a blink tx that we already knew about moved from the mempool into a block then we have // to go back and fix up the heights in the payment_details because they'll have been set to // 0 from the initial blink. auto range = m_payments.equal_range(payment_id); for (auto it = range.first; it != range.second; ++it) { auto& pd = it->second; if (pd.m_tx_hash == txid && pd.m_unmined_blink) { pd.m_block_height = height; pd.m_unmined_blink = false; } } // All transfers from the earliest confirmed blink iterator needs to be // re-sorted since the blink was confirmed in the mempool and inserted // into our transfers container, but, it now has a output index assigned to // it, so it should be sorted via its real index. (Code that // uses m_transfers expects this) std::sort( m_transfers.begin() + earliest_blink_got_mined_transfers_index, m_transfers.end(), [](transfer_details const& a, transfer_details const& b) { return a.m_global_output_index < b.m_global_output_index; }); // Update the weak indices the wallet holds into the transfers container size_t real_transfers_index = earliest_blink_got_mined_transfers_index; for (auto it = m_transfers.begin() + earliest_blink_got_mined_transfers_index; it != m_transfers.end(); it++, real_transfers_index++) { m_key_images[it->m_key_image] = real_transfers_index; m_pub_keys[it->get_public_key()] = real_transfers_index; } } if (notify) { if (auto tx_notify = m_tx_notify) tx_notify->notify("%s", tools::type_to_hex(txid)); } } //---------------------------------------------------------------------------------------------------- // Called when processing incoming txes; if we find the given txid in the unconfirmed txes set then // we move it into confirmed txs, and return a pointer to the new confirmed details struct; the // amounts in it may need to be updated needs to have any tx outputs that come back to ourself // removed (because the unconfirmed_tx does not know whether the values are to itself or not, and so // will currently contain an amount set to the sum of all outputs other than the implicit change // output). // // If it wasn't found, couldn't be copied from unconfirmed -> confirmed, of storing extra tx info is // diabled then this returns nullptr. wallet2::confirmed_transfer_details* wallet2::process_unconfirmed( const crypto::hash& txid, const cryptonote::transaction& tx, uint64_t height) { confirmed_transfer_details* ctd = nullptr; if (auto unconf_it = m_unconfirmed_txs.find(txid); unconf_it != m_unconfirmed_txs.end()) { if (store_tx_info()) { try { auto [it, ins] = m_confirmed_txs.emplace( txid, confirmed_transfer_details{unconf_it->second, height}); if (ins) ctd = &it->second; } catch (...) { // can fail if the tx has unexpected input types log::warning( logcat, "Failed to add outgoing transaction to confirmed transaction map"); } } m_unconfirmed_txs.erase(unconf_it); } return ctd; } //---------------------------------------------------------------------------------------------------- void wallet2::process_outgoing( const crypto::hash& txid, const cryptonote::transaction& tx, uint64_t height, uint64_t ts, uint64_t spent, uint64_t received, uint32_t subaddr_account, const std::set& subaddr_indices) { auto [it, ins] = m_confirmed_txs.insert(std::make_pair(txid, confirmed_transfer_details{})); auto& details = it->second; // fill with the info we know, some info might already be there if (ins) { // this case will happen if the tx is from our outputs, but was sent by another // wallet (eg, we're a cold wallet and the hot wallet sent it). For RCT transactions, // we only see 0 input amounts, so have to deduce amount out from other parameters. details.m_amount_in = spent; if (tx.version == txversion::v1) details.m_amount_out = get_outs_money_amount(tx); else details.m_amount_out = spent - tx.rct_signatures.txnFee; details.m_change = received; std::vector tx_extra_fields; parse_tx_extra(tx.extra, tx_extra_fields); // ok if partially parsed tx_extra_nonce extra_nonce; if (find_tx_extra_field_by_type(tx_extra_fields, extra_nonce)) { // we do not care about failure here get_payment_id_from_tx_extra_nonce(extra_nonce.nonce, details.m_payment_id); } details.m_subaddr_account = subaddr_account; details.m_subaddr_indices = subaddr_indices; details.m_pay_type = wallet::pay_type_from_tx(tx); } details.m_rings.clear(); for (const auto& in : tx.vin) if (auto* txin = std::get_if(&in)) details.m_rings.push_back(std::make_pair(txin->k_image, txin->key_offsets)); details.m_block_height = height; details.m_timestamp = ts; details.m_unlock_time = tx.unlock_time; details.m_unlock_times = tx.output_unlock_times; add_rings(tx); } //---------------------------------------------------------------------------------------------------- bool wallet2::should_skip_block(const cryptonote::block& b, uint64_t height) const { #ifdef SCAN_GENESIS_BLOCK return false; #else // seeking only for blocks that are not older then the wallet creation time plus 1 day. 1 day is // for possible user incorrect time setup return !( b.timestamp + 60 * 60 * 24 > m_account.get_createtime() && height >= m_refresh_from_block_height); #endif } //---------------------------------------------------------------------------------------------------- void wallet2::process_new_blockchain_entry( const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const parsed_block& parsed_block, const crypto::hash& bl_id, uint64_t height, const std::vector& tx_cache_data, size_t tx_cache_data_offset, std::map, size_t>* output_tracker_cache) { THROW_WALLET_EXCEPTION_IF( bche.txs.size() + 1 != parsed_block.o_indices["indices"].size(), error::wallet_internal_error, "block transactions=" + std::to_string(bche.txs.size()) + " not match with daemon response size=" + std::to_string(parsed_block.o_indices["indices"].size())); // handle transactions from new block // optimization: seeking only for blocks that are not older then the wallet creation time plus 1 // day. 1 day is for possible user incorrect time setup if (!should_skip_block(b, height)) { auto miner_tx_handle_time_start = std::chrono::steady_clock::now(); if (m_refresh_type != RefreshNoCoinbase) process_new_transaction( get_transaction_hash(b.miner_tx), b.miner_tx, parsed_block.o_indices["indices"][0]["indices"], height, b.major_version, b.timestamp, true, false, false, false, tx_cache_data[tx_cache_data_offset], output_tracker_cache); ++tx_cache_data_offset; auto miner_tx_handle_time_duration = std::chrono::steady_clock::now() - miner_tx_handle_time_start; auto txs_handle_time_start = std::chrono::steady_clock::now(); THROW_WALLET_EXCEPTION_IF( bche.txs.size() != b.tx_hashes.size(), error::wallet_internal_error, "Wrong amount of transactions for block"); THROW_WALLET_EXCEPTION_IF( bche.txs.size() != parsed_block.txes.size(), error::wallet_internal_error, "Wrong amount of transactions for block"); for (size_t idx = 0; idx < b.tx_hashes.size(); ++idx) { process_new_transaction( b.tx_hashes[idx], parsed_block.txes[idx], parsed_block.o_indices["indices"][idx + 1]["indices"], height, b.major_version, b.timestamp, false, false, false, false, tx_cache_data[tx_cache_data_offset++], output_tracker_cache); } auto txs_handle_time_duration = std::chrono::steady_clock::now() - txs_handle_time_start; m_last_block_reward = cryptonote::get_outs_money_amount(b.miner_tx); if (height > 0 && ((height % 2000) == 0)) log::warning(logcat, "Blockchain sync progress: {}, height {}", bl_id, height); log::debug( logcat, "Processed block: {}, height {}, {}({}/{})", bl_id, height, tools::friendly_duration(miner_tx_handle_time_duration + txs_handle_time_duration), tools::friendly_duration(miner_tx_handle_time_duration), tools::friendly_duration(txs_handle_time_duration)); } else { if (!(height % 128)) log::debug( logcat, "Skipped block by timestamp, height: {}, block time {}, account time {}", height, b.timestamp, m_account.get_createtime()); } m_blockchain.push_back(bl_id); m_cached_height++; if (m_callback) m_callback->on_new_block(height, b); } //---------------------------------------------------------------------------------------------------- void wallet2::get_short_chain_history(std::list& ids, uint64_t granularity) const { size_t i = 0; size_t current_multiplier = 1; size_t blockchain_size = std::max( (size_t)(m_blockchain.size() / granularity * granularity), m_blockchain.offset()); size_t sz = blockchain_size - m_blockchain.offset(); if (!sz) { ids.push_back(m_blockchain.genesis()); return; } size_t current_back_offset = 1; bool base_included = false; while (current_back_offset < sz) { ids.push_back(m_blockchain[m_blockchain.offset() + sz - current_back_offset]); if (sz - current_back_offset == 0) base_included = true; if (i < 10) { ++current_back_offset; } else { current_back_offset += current_multiplier *= 2; } ++i; } if (!base_included) ids.push_back(m_blockchain[m_blockchain.offset()]); if (m_blockchain.offset()) ids.push_back(m_blockchain.genesis()); } //---------------------------------------------------------------------------------------------------- void wallet2::parse_block_round( const std::string& blob, cryptonote::block& bl, crypto::hash& bl_id, bool& error) const { error = !cryptonote::parse_and_validate_block_from_blob(blob, bl, bl_id); } //---------------------------------------------------------------------------------------------------- void wallet2::pull_blocks( uint64_t start_height, uint64_t& blocks_start_height, const std::list& short_chain_history, std::vector& blocks, std::vector& o_indices, uint64_t& current_height) { cryptonote::rpc::GET_BLOCKS_BIN::request req{}; cryptonote::rpc::GET_BLOCKS_BIN::response res{}; req.block_ids = short_chain_history; log::debug(logcat, "Pulling blocks: start_height {}", start_height); req.prune = true; req.start_height = start_height; req.no_miner_tx = m_refresh_type == RefreshNoCoinbase; bool r = invoke_http(req, res); THROW_WALLET_EXCEPTION_IF(!r, error::no_connection_to_daemon, "getblocks.bin"); THROW_WALLET_EXCEPTION_IF(res.status == rpc::STATUS_BUSY, error::daemon_busy, "getblocks.bin"); THROW_WALLET_EXCEPTION_IF( res.status != rpc::STATUS_OK, error::get_blocks_error, get_rpc_status(res.status)); THROW_WALLET_EXCEPTION_IF( res.blocks.size() != res.output_indices.size(), error::wallet_internal_error, "mismatched blocks (" + std::to_string(res.blocks.size()) + ") and output_indices (" + std::to_string(res.output_indices.size()) + ") sizes from daemon"); blocks_start_height = res.start_height; blocks = std::move(res.blocks); o_indices = std::move(res.output_indices); current_height = res.current_height; log::debug( logcat, "Pulled blocks: blocks_start_height {}, count {}, height {}, node height {}", blocks_start_height, blocks.size(), blocks_start_height + blocks.size(), res.current_height); } //---------------------------------------------------------------------------------------------------- void wallet2::pull_hashes( uint64_t start_height, uint64_t& blocks_start_height, const std::list& short_chain_history, std::vector& hashes) { cryptonote::rpc::GET_HASHES_BIN::request req{}; cryptonote::rpc::GET_HASHES_BIN::response res{}; req.block_ids = short_chain_history; req.start_height = start_height; bool r = invoke_http(req, res); THROW_WALLET_EXCEPTION_IF(!r, error::no_connection_to_daemon, "gethashes.bin"); THROW_WALLET_EXCEPTION_IF(res.status == rpc::STATUS_BUSY, error::daemon_busy, "gethashes.bin"); THROW_WALLET_EXCEPTION_IF( res.status != rpc::STATUS_OK, error::get_hashes_error, get_rpc_status(res.status)); blocks_start_height = res.start_height; hashes = std::move(res.m_block_ids); } //---------------------------------------------------------------------------------------------------- void wallet2::process_parsed_blocks( uint64_t start_height, const std::vector& blocks, const std::vector& parsed_blocks, uint64_t& blocks_added, std::map, size_t>* output_tracker_cache) { size_t current_index = start_height; blocks_added = 0; THROW_WALLET_EXCEPTION_IF( blocks.size() != parsed_blocks.size(), error::wallet_internal_error, "size mismatch"); THROW_WALLET_EXCEPTION_IF( !m_blockchain.is_in_bounds(current_index), error::out_of_hashchain_bounds_error); tools::threadpool& tpool = tools::threadpool::getInstance(); tools::threadpool::waiter waiter; size_t num_txes = 0; std::vector tx_cache_data; for (size_t i = 0; i < blocks.size(); ++i) num_txes += 1 + parsed_blocks[i].txes.size(); tx_cache_data.resize(num_txes); size_t txidx = 0; for (size_t i = 0; i < blocks.size(); ++i) { THROW_WALLET_EXCEPTION_IF( parsed_blocks[i].txes.size() != parsed_blocks[i].block.tx_hashes.size(), error::wallet_internal_error, "Mismatched parsed_blocks[i].txes.size() and " "parsed_blocks[i].block.tx_hashes.size()"); if (should_skip_block(parsed_blocks[i].block, start_height + i)) { txidx += 1 + parsed_blocks[i].block.tx_hashes.size(); continue; } if (m_refresh_type != RefreshNoCoinbase) tpool.submit(&waiter, [&, i, txidx]() { cache_tx_data( parsed_blocks[i].block.miner_tx, get_transaction_hash(parsed_blocks[i].block.miner_tx), tx_cache_data[txidx]); }); ++txidx; for (size_t idx = 0; idx < parsed_blocks[i].txes.size(); ++idx) { tpool.submit(&waiter, [&, i, idx, txidx]() { cache_tx_data( parsed_blocks[i].txes[idx], parsed_blocks[i].block.tx_hashes[idx], tx_cache_data[txidx]); }); ++txidx; } } THROW_WALLET_EXCEPTION_IF( txidx != num_txes, error::wallet_internal_error, "txidx does not match tx_cache_data size"); waiter.wait(&tpool); hw::device& hwdev = m_account.get_device(); hw::mode_resetter rst{hwdev}; hwdev.set_mode(hw::device::mode::TRANSACTION_PARSE); const cryptonote::account_keys& keys = m_account.get_keys(); auto gender = [&](wallet2::is_out_data& iod) { if (!hwdev.generate_key_derivation(iod.pkey, keys.m_view_secret_key, iod.derivation)) { log::warning(logcat, "Failed to generate key derivation from tx pubkey, skipping"); static_assert( sizeof(iod.derivation) == sizeof(rct::key), "Mismatched sizes of key_derivation and rct::key"); memcpy(&iod.derivation, rct::identity().bytes, sizeof(iod.derivation)); } }; for (size_t i = 0; i < tx_cache_data.size(); ++i) { if (tx_cache_data[i].empty()) continue; tpool.submit( &waiter, [&hwdev, &gender, &tx_cache_data, i]() { auto& slot = tx_cache_data[i]; std::unique_lock hwdev_lock{hwdev}; for (auto& iod : slot.primary) gender(iod); for (auto& iod : slot.additional) gender(iod); }, true); } waiter.wait(&tpool); auto geniod = [&](const cryptonote::transaction& tx, size_t n_vouts, size_t txidx) { for (size_t k = 0; k < n_vouts; ++k) { const auto& o = tx.vout[k]; if (std::holds_alternative(o.target)) { std::vector additional_derivations; additional_derivations.reserve(tx_cache_data[txidx].additional.size()); for (const auto& iod : tx_cache_data[txidx].additional) additional_derivations.push_back(iod.derivation); const auto& key = var::get(o.target).key; for (size_t l = 0; l < tx_cache_data[txidx].primary.size(); ++l) { THROW_WALLET_EXCEPTION_IF( tx_cache_data[txidx].primary[l].received.size() != n_vouts, error::wallet_internal_error, "Unexpected received array size"); tx_cache_data[txidx].primary[l].received[k] = is_out_to_acc_precomp( m_subaddresses, key, tx_cache_data[txidx].primary[l].derivation, additional_derivations, k, hwdev); additional_derivations.clear(); } } } }; txidx = 0; for (size_t i = 0; i < parsed_blocks.size(); ++i) { cryptonote::block blk = parsed_blocks[i].block; if (should_skip_block(parsed_blocks[i].block, start_height + i)) { txidx += 1 + parsed_blocks[i].block.tx_hashes.size(); continue; } if (m_refresh_type != RefreshType::RefreshNoCoinbase && parsed_blocks[i].block.miner_tx.vout.size() > 0) { THROW_WALLET_EXCEPTION_IF( txidx >= tx_cache_data.size(), error::wallet_internal_error, "txidx out of range"); const size_t n_vouts = m_refresh_type == RefreshType::RefreshOptimizeCoinbase ? 1 : parsed_blocks[i].block.miner_tx.vout.size(); tpool.submit( &waiter, [&, i, n_vouts, txidx]() { geniod(parsed_blocks[i].block.miner_tx, n_vouts, txidx); }, true); } ++txidx; for (size_t j = 0; j < parsed_blocks[i].txes.size(); ++j) { THROW_WALLET_EXCEPTION_IF( txidx >= tx_cache_data.size(), error::wallet_internal_error, "txidx out of range"); tpool.submit( &waiter, [&, i, j, txidx]() { geniod(parsed_blocks[i].txes[j], parsed_blocks[i].txes[j].vout.size(), txidx); }, true); ++txidx; } } THROW_WALLET_EXCEPTION_IF( txidx != tx_cache_data.size(), error::wallet_internal_error, "txidx did not reach expected value"); waiter.wait(&tpool); hwdev.set_mode(hw::device::mode::NONE); size_t tx_cache_data_offset = 0; for (size_t i = 0; i < blocks.size(); ++i) { const crypto::hash& bl_id = parsed_blocks[i].hash; const cryptonote::block& bl = parsed_blocks[i].block; if (current_index >= m_blockchain.size() #ifdef SCAN_GENESIS_BLOCK || current_index == 0 #endif ) { process_new_blockchain_entry( bl, blocks[i], parsed_blocks[i], bl_id, current_index, tx_cache_data, tx_cache_data_offset, output_tracker_cache); ++blocks_added; } else if (bl_id != m_blockchain[current_index]) { // split detected here !!! THROW_WALLET_EXCEPTION_IF( current_index == start_height, error::wallet_internal_error, "wrong daemon response: split starts from the first block in response " + tools::type_to_hex(bl_id) + " (height " + std::to_string(start_height) + "), local block id at this height: " + tools::type_to_hex(m_blockchain[current_index])); detach_blockchain(current_index, output_tracker_cache); process_new_blockchain_entry( bl, blocks[i], parsed_blocks[i], bl_id, current_index, tx_cache_data, tx_cache_data_offset, output_tracker_cache); } else { log::debug(logcat, "Block is already in blockchain: {}", tools::type_to_hex(bl_id)); } ++current_index; tx_cache_data_offset += 1 + parsed_blocks[i].txes.size(); } } //---------------------------------------------------------------------------------------------------- void wallet2::refresh(bool trusted_daemon) { uint64_t blocks_fetched = 0; refresh(trusted_daemon, 0, blocks_fetched); } //---------------------------------------------------------------------------------------------------- void wallet2::refresh(bool trusted_daemon, uint64_t start_height, uint64_t& blocks_fetched) { bool received_money = false; refresh(trusted_daemon, start_height, blocks_fetched, received_money); } //---------------------------------------------------------------------------------------------------- void wallet2::pull_and_parse_next_blocks( uint64_t start_height, uint64_t& blocks_start_height, std::list& short_chain_history, const std::vector& prev_blocks, const std::vector& prev_parsed_blocks, std::vector& blocks, std::vector& parsed_blocks, bool& last, bool& error, std::exception_ptr& exception) { error = false; last = false; exception = nullptr; try { drop_from_short_history(short_chain_history, 3); THROW_WALLET_EXCEPTION_IF( prev_blocks.size() != prev_parsed_blocks.size(), error::wallet_internal_error, "size mismatch"); // prepend the last 3 blocks, should be enough to guard against a block or two's reorg auto s = std::next( prev_parsed_blocks.rbegin(), std::min((size_t)3, prev_parsed_blocks.size())) .base(); for (; s != prev_parsed_blocks.end(); ++s) { short_chain_history.push_front(s->hash); } // pull the new blocks std::vector o_indices; uint64_t current_height; pull_blocks( start_height, blocks_start_height, short_chain_history, blocks, o_indices, current_height); THROW_WALLET_EXCEPTION_IF( blocks.size() != o_indices.size(), error::wallet_internal_error, "Mismatched sizes of blocks and o_indices"); tools::threadpool& tpool = tools::threadpool::getInstance(); tools::threadpool::waiter waiter; parsed_blocks.resize(blocks.size()); for (size_t i = 0; i < blocks.size(); ++i) tpool.submit( &waiter, [&, i] { return parse_block_round( blocks[i].block, parsed_blocks[i].block, parsed_blocks[i].hash, parsed_blocks[i].error); }, true); waiter.wait(&tpool); for (size_t i = 0; i < blocks.size(); ++i) { if (parsed_blocks[i].error) { error = true; break; } // TODO sean -> parsed_blocks o_indices is now a nlohmann::json and o_indices is the // struct from the binary bleh parsed_blocks[i].o_indices = std::move(o_indices[i]); } std::mutex error_lock; for (size_t i = 0; i < blocks.size(); ++i) { parsed_blocks[i].txes.resize(blocks[i].txs.size()); for (size_t j = 0; j < blocks[i].txs.size(); ++j) { tpool.submit( &waiter, [&, i, j]() { if (!parse_and_validate_tx_base_from_blob( blocks[i].txs[j], parsed_blocks[i].txes[j])) { std::lock_guard lock{error_lock}; error = true; } }, true); } } waiter.wait(&tpool); last = !blocks.empty() && cryptonote::get_block_height(parsed_blocks.back().block) + 1 == current_height; } catch (...) { error = true; } } void wallet2::remove_obsolete_pool_txs(const std::vector& tx_hashes) { // remove pool txes to us that aren't in the pool anymore auto uit = m_unconfirmed_payments.begin(); while (uit != m_unconfirmed_payments.end()) { const crypto::hash& txid = uit->second.m_pd.m_tx_hash; bool found = false; for (const auto& it2 : tx_hashes) { if (it2 == txid) { found = true; break; } } auto pit = uit++; if (!found) { log::debug(logcat, "Removing {} from unconfirmed payments, not found in pool", txid); m_unconfirmed_payments.erase(pit); if (m_callback) m_callback->on_pool_tx_removed(txid); } } } //---------------------------------------------------------------------------------------------------- bool wallet2::long_poll_pool_state() { // How long we sleep (and thus prevent retrying the connection) if we get an error const auto error_sleep = m_long_poll_local ? 500ms : 3s; // How long we wait for a long poll response before timing out; we add a 5s buffer to the usual // timeout to allow for network latency and oxend response time. m_long_poll_client.set_timeout( cryptonote::rpc::GET_TRANSACTION_POOL_HASHES_BIN::long_poll_timeout + 5s); using namespace cryptonote::rpc; GET_TRANSACTION_POOL_HASHES_BIN::request req = {}; req.long_poll = true; req.tx_pool_checksum = get_long_poll_tx_pool_checksum(); GET_TRANSACTION_POOL_HASHES_BIN::response res; try { res = m_long_poll_client.binary( GET_TRANSACTION_POOL_HASHES_BIN::names()[0], req); } catch (const std::exception& e) { if (m_long_poll_disabled) log::debug(logcat, "Long poll request cancelled"); else { log::warning(logcat, "Long poll request failed: {}", e.what()); std::this_thread::sleep_for(error_sleep); } throw; } if (res.status == rpc::STATUS_TX_LONG_POLL_TIMED_OUT) { log::debug(logcat, "Long poll replied with no pool change"); return false; } THROW_WALLET_EXCEPTION_IF( res.status == rpc::STATUS_BUSY, error::daemon_busy, "get_transaction_pool_hashes.bin"); THROW_WALLET_EXCEPTION_IF(res.status != rpc::STATUS_OK, error::get_tx_pool_error, res.status); crypto::hash checksum{}; for (crypto::hash const& hash : res.tx_hashes) checksum ^= hash; { std::lock_guard lock{m_long_poll_tx_pool_checksum_mutex}; m_long_poll_tx_pool_checksum = checksum; } return (bool)checksum; } void wallet2::cancel_long_poll() { m_long_poll_disabled = true; m_long_poll_client.cancel(); } template < typename It, std::enable_if_t< std::is_same_v>, int> = 0> static std::vector hashes_to_hex(It begin, It end) { std::vector hexes; if constexpr (std::is_base_of_v< std::random_access_iterator_tag, typename std::iterator_traits::iterator_category>) hexes.reserve(std::distance(begin, end)); while (begin != end) hexes.push_back(tools::type_to_hex(*begin++)); return hexes; } //---------------------------------------------------------------------------------------------------- std::vector wallet2::get_pool_state(bool refreshed) { std::vector process_txs; log::trace(logcat, "get_pool_state: take hashes from cache"); std::vector blink_hashes, pool_hashes; { // We make two requests here: one for all pool txes, and then (assuming there are any) a // second one for blink txes. cryptonote::rpc::GET_TRANSACTION_POOL_HASHES_BIN::request req{}; cryptonote::rpc::GET_TRANSACTION_POOL_HASHES_BIN::response res{}; bool r = invoke_http(req, res); THROW_WALLET_EXCEPTION_IF( !r, error::no_connection_to_daemon, "get_transaction_pool_hashes.bin"); THROW_WALLET_EXCEPTION_IF( res.status == rpc::STATUS_BUSY, error::daemon_busy, "get_transaction_pool_hashes.bin"); THROW_WALLET_EXCEPTION_IF(res.status != rpc::STATUS_OK, error::get_tx_pool_error); log::trace(logcat, "get_pool_state got full pool"); pool_hashes = std::move(res.tx_hashes); // NOTE: Only request blinked transactions, normal transactions will appear // in the wallet when it arrives in a block. This is to prevent pulling down // TX's that are awaiting blink approval being cached in the wallet as // non-blink and external applications failing to respect this. req.blinked_txs_only = true; res = {}; r = invoke_http(req, res); THROW_WALLET_EXCEPTION_IF( !r, error::no_connection_to_daemon, "get_transaction_pool_hashes.bin"); THROW_WALLET_EXCEPTION_IF( res.status == rpc::STATUS_BUSY, error::daemon_busy, "get_transaction_pool_hashes.bin"); THROW_WALLET_EXCEPTION_IF(res.status != rpc::STATUS_OK, error::get_tx_pool_error); log::trace(logcat, "get_pool_state got blinks"); blink_hashes = std::move(res.tx_hashes); } OXEN_DEFER { if (m_encrypt_keys_after_refresh) { encrypt_keys(*m_encrypt_keys_after_refresh); m_encrypt_keys_after_refresh = std::nullopt; } }; // remove any pending tx that's not in the pool auto it = m_unconfirmed_txs.begin(); while (it != m_unconfirmed_txs.end()) { const crypto::hash& txid = it->first; bool found = std::find(pool_hashes.begin(), pool_hashes.end(), txid) != pool_hashes.end(); auto pit = it++; if (!found) { // we want to avoid a false positive when we ask for the pool just after // a tx is removed from the pool due to being found in a new block, but // just before the block is visible by refresh. So we keep a boolean, so // that the first time we don't see the tx, we set that boolean, and only // delete it the second time it is checked (but only when refreshed, so // we're sure we've seen the blockchain state first) if (pit->second.m_state == wallet2::unconfirmed_transfer_details::pending) { log::info(logcat, "Pending txid {} not in pool, marking as not in pool", txid); pit->second.m_state = wallet2::unconfirmed_transfer_details::pending_not_in_pool; } else if ( pit->second.m_state == wallet2::unconfirmed_transfer_details::pending_not_in_pool && refreshed) { log::info(logcat, "Pending txid {} not in pool, marking as failed", txid); pit->second.m_state = wallet2::unconfirmed_transfer_details::failed; // the inputs aren't spent anymore, since the tx failed for (size_t vini = 0; vini < pit->second.m_tx.vin.size(); ++vini) { if (auto* tx_in_to_key = std::get_if(&pit->second.m_tx.vin[vini])) { for (size_t i = 0; i < m_transfers.size(); ++i) { const transfer_details& td = m_transfers[i]; if (td.m_key_image == tx_in_to_key->k_image) { log::info( logcat, "Resetting spent status for output {}: {}", vini, td.m_key_image); set_unspent(i); break; } } } } } } } log::trace(logcat, "get_pool_state done first loop"); // remove pool txes to us that aren't in the pool anymore // but only if we just refreshed, so that the tx can go in // the in transfers list instead (or nowhere if it just // disappeared without being mined) if (refreshed) remove_obsolete_pool_txs(pool_hashes); log::trace(logcat, "get_pool_state done second loop"); // gather txids of new blink txes to us. We just ignore non-blinks here (we pick them up when // they get mined into a block). std::vector> txids; for (const auto& txid : blink_hashes) { bool txid_found_in_up = false; for (const auto& up : m_unconfirmed_payments) { if (up.second.m_pd.m_tx_hash == txid) { txid_found_in_up = true; break; } } if (m_scanned_pool_txs[0].find(txid) != m_scanned_pool_txs[0].end() || m_scanned_pool_txs[1].find(txid) != m_scanned_pool_txs[1].end()) { // if it's for us, we want to keep track of whether we saw a double spend, so don't bail // out if (!txid_found_in_up) { log::debug(logcat, "Already seen {}, and not for us, skipped", txid); continue; } } if (!txid_found_in_up) { log::info(logcat, "Found new pool tx: {}", txid); bool found = false; for (const auto& i : m_unconfirmed_txs) { if (i.first == txid) { found = true; // if this is a payment to yourself at a different subaddress account, don't // skip it so that you can see the incoming pool tx with 'show_transfers' on // that receiving subaddress account const unconfirmed_transfer_details& utd = i.second; for (const auto& dst : utd.m_dests) { auto subaddr_index = m_subaddresses.find(dst.addr.m_spend_public_key); if (subaddr_index != m_subaddresses.end() && subaddr_index->second.major != utd.m_subaddr_account) { found = false; break; } } break; } } if (!found) { // not one of those we sent ourselves txids.push_back({txid, false}); } else { log::info(logcat, "We sent that one"); } } } // get those txes if (!txids.empty()) { nlohmann::json res; std::vector hex_hashes; hex_hashes.reserve(txids.size()); for (const auto& p : txids) hex_hashes.push_back(tools::type_to_hex(p.first)); try { nlohmann::json get_transactions_params{{"tx_hashes", hex_hashes}}; auto res = m_http_client.json_rpc("get_transactions", get_transactions_params); } catch (const std::exception& e) { log::warning(logcat, "Failed to retrieve transactions: {}", e.what()); return process_txs; } for (const auto& tx_entry : res["txs"]) { if (tx_entry["in_pool"]) { cryptonote::transaction tx; std::string bd; crypto::hash tx_hash; if (get_pruned_tx(tx_entry, tx, tx_hash)) { auto i = std::find_if( txids.begin(), txids.end(), [tx_hash](const std::pair& e) { return e.first == tx_hash; }); if (i != txids.end()) { process_txs.push_back( {std::move(tx), tx_hash, tx_entry["double_spend_seen"], tx_entry["blink"]}); } else { log::error(logcat, "Got txid {} which we did not ask for", tx_hash); } } else { log::warning(logcat, "Failed to parse transaction from daemon"); } } else { log::info(logcat, "Transaction from daemon was in pool, but is no more"); } } } log::trace(logcat, "get_pool_state end"); return process_txs; } //---------------------------------------------------------------------------------------------------- void wallet2::process_pool_state(const std::vector& txs) { const time_t now = time(nullptr); for (const auto& e : txs) { process_new_transaction( e.tx_hash, e.tx, std::vector(), 0, hf::none, now, false, true, e.blink, e.double_spend_seen, {}); m_scanned_pool_txs[0].insert(e.tx_hash); if (m_scanned_pool_txs[0].size() > 5000) { std::swap(m_scanned_pool_txs[0], m_scanned_pool_txs[1]); m_scanned_pool_txs[0].clear(); } } } //---------------------------------------------------------------------------------------------------- void wallet2::fast_refresh( uint64_t stop_height, uint64_t& blocks_start_height, std::list& short_chain_history, bool force) { std::vector hashes; uint64_t checkpoint_height = 0; crypto::hash checkpoint_hash = cryptonote::get_newest_hardcoded_checkpoint(nettype(), &checkpoint_height); if ((stop_height > checkpoint_height && m_blockchain.size() - 1 < checkpoint_height) && !force) { // we will drop all these, so don't bother getting them uint64_t missing_blocks = checkpoint_height - m_blockchain.size(); while (missing_blocks-- > 0) m_blockchain.push_back(null); // maybe a bit suboptimal, but deque won't do huge // reallocs like vector m_blockchain.push_back(checkpoint_hash); m_blockchain.trim(checkpoint_height); m_cached_height = m_blockchain.size(); short_chain_history.clear(); get_short_chain_history(short_chain_history); } size_t current_index = m_blockchain.size(); while (m_run.load(std::memory_order_relaxed) && current_index < stop_height) { pull_hashes(0, blocks_start_height, short_chain_history, hashes); if (hashes.size() <= 3) return; if (blocks_start_height < m_blockchain.offset()) { log::error( logcat, "Blocks start before blockchain offset: {} {}", blocks_start_height, m_blockchain.offset()); return; } current_index = blocks_start_height; if (hashes.size() + current_index < stop_height) { drop_from_short_history(short_chain_history, 3); auto right = hashes.end(); // prepend 3 more for (int i = 0; i < 3; i++) { right--; short_chain_history.push_front(*right); } } for (auto& bl_id : hashes) { if (current_index >= m_blockchain.size()) { if (!(current_index % 1024)) log::debug(logcat, "Skipped block by height: {}", current_index); m_blockchain.push_back(bl_id); m_cached_height++; if (m_callback) { // FIXME: this isn't right, but simplewallet just logs that we // got a block. cryptonote::block dummy; m_callback->on_new_block(current_index, dummy); } } else if (bl_id != m_blockchain[current_index]) { // split detected here !!! return; } ++current_index; if (current_index >= stop_height) return; } } } bool wallet2::add_address_book_row( const cryptonote::account_public_address& address, const crypto::hash8* payment_id, const std::string& description, bool is_subaddress) { wallet2::address_book_row a; a.m_address = address; a.m_has_payment_id = !!payment_id; a.m_payment_id = payment_id ? *payment_id : null; a.m_description = description; a.m_is_subaddress = is_subaddress; auto old_size = m_address_book.size(); m_address_book.push_back(a); if (m_address_book.size() == old_size + 1) return true; return false; } bool wallet2::set_address_book_row( size_t row_id, const cryptonote::account_public_address& address, const crypto::hash8* payment_id, const std::string& description, bool is_subaddress) { wallet2::address_book_row a; a.m_address = address; a.m_has_payment_id = !!payment_id; a.m_payment_id = payment_id ? *payment_id : null; a.m_description = description; a.m_is_subaddress = is_subaddress; const auto size = m_address_book.size(); if (row_id >= size) return false; m_address_book[row_id] = a; return true; } bool wallet2::delete_address_book_row(std::size_t row_id) { if (m_address_book.size() <= row_id) return false; m_address_book.erase(m_address_book.begin() + row_id); return true; } //---------------------------------------------------------------------------------------------------- std::shared_ptr, size_t>> wallet2::create_output_tracker_cache() const { std::shared_ptr, size_t>> cache{ new std::map, size_t>()}; for (size_t i = 0; i < m_transfers.size(); ++i) { const transfer_details& td = m_transfers[i]; (*cache)[std::make_pair(td.is_rct() ? 0 : td.amount(), td.m_global_output_index)] = i; } return cache; } //---------------------------------------------------------------------------------------------------- void wallet2::refresh( bool trusted_daemon, uint64_t start_height, uint64_t& blocks_fetched, bool& received_money, bool check_pool) { if (m_offline) { blocks_fetched = 0; received_money = 0; return; } received_money = false; blocks_fetched = 0; uint64_t added_blocks = 0; size_t try_count = 0; crypto::hash last_tx_hash_id = m_transfers.size() ? m_transfers.back().m_txid : null; std::list short_chain_history; tools::threadpool& tpool = tools::threadpool::getInstance(); tools::threadpool::waiter waiter; uint64_t blocks_start_height; std::vector blocks; std::vector parsed_blocks; std::shared_ptr, size_t>> output_tracker_cache; hw::device& hwdev = m_account.get_device(); // pull the first set of blocks get_short_chain_history( short_chain_history, (m_first_refresh_done || trusted_daemon) ? 1 : FIRST_REFRESH_GRANULARITY); m_run.store(true, std::memory_order_relaxed); if (start_height > m_blockchain.size() || m_refresh_from_block_height > m_blockchain.size()) { if (!start_height) start_height = m_refresh_from_block_height; // we can shortcut by only pulling hashes up to the start_height fast_refresh(start_height, blocks_start_height, short_chain_history); // regenerate the history now that we've got a full set of hashes short_chain_history.clear(); get_short_chain_history( short_chain_history, (m_first_refresh_done || trusted_daemon) ? 1 : FIRST_REFRESH_GRANULARITY); start_height = 0; // and then fall through to regular refresh processing } // If stop() is called during fast refresh we don't need to continue if (!m_run.load(std::memory_order_relaxed)) return; // always reset start_height to 0 to force short_chain_ history to be used on // subsequent pulls in this refresh. start_height = 0; OXEN_DEFER { if (m_encrypt_keys_after_refresh) { encrypt_keys(*m_encrypt_keys_after_refresh); m_encrypt_keys_after_refresh = std::nullopt; } hwdev.computing_key_images(false); }; // get updated pool state first, but do not process those txes just yet, // since that might cause a password prompt, which would introduce a data // leak allowing a passive adversary with traffic analysis capability to // infer when we get an incoming output std::vector process_pool_txs; if (check_pool) process_pool_txs = get_pool_state(true /*refreshed*/); bool first = true, last = false; while (m_run.load(std::memory_order_relaxed)) { uint64_t next_blocks_start_height; std::vector next_blocks; std::vector next_parsed_blocks; bool error; std::exception_ptr exception; try { // pull the next set of blocks while we're processing the current one error = false; next_blocks.clear(); next_parsed_blocks.clear(); added_blocks = 0; if (!first && blocks.empty()) break; if (!last) tpool.submit(&waiter, [&] { pull_and_parse_next_blocks( start_height, next_blocks_start_height, short_chain_history, blocks, parsed_blocks, next_blocks, next_parsed_blocks, last, error, exception); }); if (!first) { try { process_parsed_blocks( blocks_start_height, blocks, parsed_blocks, added_blocks, output_tracker_cache.get()); } catch (const tools::error::out_of_hashchain_bounds_error&) { log::info( logcat, "Daemon claims next refresh block is out of hash chain bounds, " "resetting hash chain"); uint64_t stop_height = m_blockchain.offset(); std::vector tip(m_blockchain.size() - m_blockchain.offset()); for (size_t i = m_blockchain.offset(); i < m_blockchain.size(); ++i) tip[i - m_blockchain.offset()] = m_blockchain[i]; cryptonote::block b; generate_genesis(b); m_blockchain.clear(); m_blockchain.push_back(get_block_hash(b)); m_cached_height++; short_chain_history.clear(); get_short_chain_history(short_chain_history); fast_refresh(stop_height, blocks_start_height, short_chain_history, true); THROW_WALLET_EXCEPTION_IF( (m_blockchain.size() == stop_height || (m_blockchain.size() == 1 && stop_height == 0) ? false : true), error::wallet_internal_error, "Unexpected hashchain size"); THROW_WALLET_EXCEPTION_IF( m_blockchain.offset() != 0, error::wallet_internal_error, "Unexpected hashchain offset"); for (const auto& h : tip) m_blockchain.push_back(h); m_cached_height = m_blockchain.size(); short_chain_history.clear(); get_short_chain_history(short_chain_history); start_height = stop_height; throw std::runtime_error(""); // loop again } catch (const std::exception& e) { log::error(logcat, "Error parsing blocks: {}", e.what()); error = true; } blocks_fetched += added_blocks; } waiter.wait(&tpool); if (!first && blocks_start_height == next_blocks_start_height) { m_node_rpc_proxy.set_height(m_blockchain.size()); break; } first = false; // handle error from async fetching thread if (error) { throw std::runtime_error("proxy exception in refresh thread"); } // if we've got at least 10 blocks to refresh, assume we're starting // a long refresh, and setup a tracking output cache if we need to if (m_track_uses && (!output_tracker_cache || output_tracker_cache->empty()) && next_blocks.size() >= 10) output_tracker_cache = create_output_tracker_cache(); // switch to the new blocks from the daemon blocks_start_height = next_blocks_start_height; blocks = std::move(next_blocks); parsed_blocks = std::move(next_parsed_blocks); } catch (const tools::error::password_needed&) { blocks_fetched += added_blocks; waiter.wait(&tpool); throw; } catch (const std::exception&) { blocks_fetched += added_blocks; waiter.wait(&tpool); if (try_count < 3) { log::info(logcat, "Another try pull_blocks (try_count={})...", try_count); first = true; start_height = 0; blocks.clear(); parsed_blocks.clear(); short_chain_history.clear(); get_short_chain_history(short_chain_history, 1); ++try_count; } else { log::error(logcat, "pull_blocks failed, try_count={}", try_count); throw; } } } if (last_tx_hash_id != (m_transfers.size() ? m_transfers.back().m_txid : null)) received_money = true; uint64_t immutable_height = 0; if (m_node_rpc_proxy.get_immutable_height(immutable_height)) m_immutable_height = immutable_height; try { // If stop() is called we don't need to check pending transactions if (check_pool && m_run.load(std::memory_order_relaxed) && !process_pool_txs.empty()) process_pool_state(process_pool_txs); } catch (...) { log::info(logcat, "Failed to check pending transactions"); } refresh_batching_cache(); m_first_refresh_done = true; log::info( logcat, "Refresh done, blocks received: {}, balance (all accounts): {}, unlocked: {}", blocks_fetched, print_money(balance_all(false)), print_money(unlocked_balance_all(false))); } //---------------------------------------------------------------------------------------------------- bool wallet2::refresh( bool trusted_daemon, uint64_t& blocks_fetched, bool& received_money, bool& ok) { try { refresh(trusted_daemon, 0, blocks_fetched, received_money); ok = true; } catch (...) { ok = false; } return ok; } //---------------------------------------------------------------------------------------------------- bool wallet2::get_rct_distribution(uint64_t& start_height, std::vector& distribution) { rpc::version_t rpc_version; if (!m_node_rpc_proxy.get_rpc_version(rpc_version)) THROW_WALLET_EXCEPTION(tools::error::no_connection_to_daemon, "getversion"); if (rpc_version < rpc::version_t{1, 19}) { log::warning(logcat, "Daemon is too old, not requesting rct distribution"); return false; } log::debug(logcat, "Daemon is recent enough, requesting rct distribution"); cryptonote::rpc::GET_OUTPUT_DISTRIBUTION_BIN::request req{}; cryptonote::rpc::GET_OUTPUT_DISTRIBUTION_BIN::response res{}; req.amounts.push_back(0); req.from_height = 0; req.cumulative = false; req.binary = true; req.compress = true; bool r = invoke_http(req, res); if (!r) { log::warning(logcat, "Failed to request output distribution: no connection to daemon"); return false; } if (res.status == rpc::STATUS_BUSY) { log::warning(logcat, "Failed to request output distribution: daemon is busy"); return false; } if (res.status != rpc::STATUS_OK) { log::warning(logcat, "Failed to request output distribution: {}", res.status); return false; } if (res.distributions.size() != 1) { log::warning( logcat, "Failed to request output distribution: not the expected single result"); return false; } if (res.distributions[0].amount != 0) { log::warning(logcat, "Failed to request output distribution: results are not for amount 0"); return false; } for (size_t i = 1; i < res.distributions[0].data.distribution.size(); ++i) res.distributions[0].data.distribution[i] += res.distributions[0].data.distribution[i - 1]; start_height = res.distributions[0].data.start_height; distribution = std::move(res.distributions[0].data.distribution); return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::get_output_blacklist(std::vector& blacklist) { cryptonote::rpc::GET_OUTPUT_BLACKLIST_BIN::response res{}; bool r = invoke_http({}, res); if (!r) { log::warning(logcat, "Failed to request output blacklist: no connection to daemon"); return false; } blacklist = std::move(res.blacklist); return true; } //---------------------------------------------------------------------------------------------------- void wallet2::detach_blockchain( uint64_t height, std::map, size_t>* output_tracker_cache) { log::warning(logcat, "Detaching blockchain on height {}", height); // size 1 2 3 4 5 6 7 8 9 // block 0 1 2 3 4 5 6 7 8 // C THROW_WALLET_EXCEPTION_IF( height < m_blockchain.offset() && m_blockchain.size() > m_blockchain.offset(), error::wallet_internal_error, "Daemon claims reorg below last checkpoint"); size_t transfers_detached = 0; for (size_t i = 0; i < m_transfers.size(); ++i) { wallet2::transfer_details& td = m_transfers[i]; if (td.m_spent && td.m_spent_height >= height) { log::info(logcat, "Resetting spent/frozen status for output {}: {}", i, td.m_key_image); set_unspent(i); thaw(i); } } for (transfer_details& td : m_transfers) { while (!td.m_uses.empty() && td.m_uses.back().first >= height) td.m_uses.pop_back(); } if (output_tracker_cache) output_tracker_cache->clear(); auto it = std::find_if(m_transfers.begin(), m_transfers.end(), [&](const transfer_details& td) { return td.m_block_height >= height; }); size_t i_start = it - m_transfers.begin(); for (size_t i = i_start; i != m_transfers.size(); i++) { if (!m_transfers[i].m_key_image_known || m_transfers[i].m_key_image_partial) continue; auto it_ki = m_key_images.find(m_transfers[i].m_key_image); THROW_WALLET_EXCEPTION_IF( it_ki == m_key_images.end(), error::wallet_internal_error, "key image not found: index " + std::to_string(i) + ", ki " + tools::type_to_hex(m_transfers[i].m_key_image) + ", " + std::to_string(m_key_images.size()) + " key images known"); m_key_images.erase(it_ki); } for (size_t i = i_start; i != m_transfers.size(); i++) { auto it_pk = m_pub_keys.find(m_transfers[i].get_public_key()); THROW_WALLET_EXCEPTION_IF( it_pk == m_pub_keys.end(), error::wallet_internal_error, "public key not found"); m_pub_keys.erase(it_pk); } transfers_detached = std::distance(it, m_transfers.end()); m_transfers.erase(it, m_transfers.end()); size_t blocks_detached = m_blockchain.size() - height; m_blockchain.crop(height); m_cached_height = m_blockchain.size(); for (auto it = m_payments.begin(); it != m_payments.end();) { if (height <= it->second.m_block_height) it = m_payments.erase(it); else ++it; } for (auto it = m_confirmed_txs.begin(); it != m_confirmed_txs.end();) { if (height <= it->second.m_block_height) it = m_confirmed_txs.erase(it); else ++it; } log::warning( logcat, "Detached blockchain on height {}, transfers detached {}, blocks detached {}", height, transfers_detached, blocks_detached); } //---------------------------------------------------------------------------------------------------- bool wallet2::deinit() { m_is_initialized = false; unlock_keys_file(); m_account.deinit(); return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::clear() { m_blockchain.clear(); m_cached_height = m_blockchain.size(); m_transfers.clear(); m_key_images.clear(); m_pub_keys.clear(); m_unconfirmed_txs.clear(); m_payments.clear(); m_tx_keys.clear(); m_additional_tx_keys.clear(); m_confirmed_txs.clear(); m_unconfirmed_payments.clear(); m_scanned_pool_txs[0].clear(); m_scanned_pool_txs[1].clear(); m_address_book.clear(); m_subaddresses.clear(); m_subaddress_labels.clear(); m_multisig_rounds_passed = 0; m_device_last_key_image_sync = 0; return true; } //---------------------------------------------------------------------------------------------------- void wallet2::clear_soft(bool keep_key_images) { m_blockchain.clear(); m_transfers.clear(); if (!keep_key_images) m_key_images.clear(); m_pub_keys.clear(); m_unconfirmed_txs.clear(); m_payments.clear(); m_confirmed_txs.clear(); m_unconfirmed_payments.clear(); m_scanned_pool_txs[0].clear(); m_scanned_pool_txs[1].clear(); cryptonote::block b; generate_genesis(b); m_blockchain.push_back(get_block_hash(b)); m_cached_height = m_blockchain.size(); m_last_block_reward = cryptonote::get_outs_money_amount(b.miner_tx); } /*! * \brief Stores wallet information to wallet file. * \param keys_file_name Name of wallet file * \param password Password of wallet file * \param watch_only true to save only view key, false to save both spend and view keys * \return Whether it was successful. */ bool wallet2::store_keys( const fs::path& keys_file_name, const epee::wipeable_string& password, bool watch_only) { std::optional keys_file_data = get_keys_file_data(password, watch_only); CHECK_AND_ASSERT_MES(keys_file_data, false, "failed to generate wallet keys data"); fs::path tmp_file_name = keys_file_name; tmp_file_name += ".new"; std::string buf; bool r = false; try { buf = serialization::dump_binary(*keys_file_data); r = tools::dump_file(tmp_file_name, buf); } catch (...) { } CHECK_AND_ASSERT_MES(r, false, "failed to generate wallet keys file " << tmp_file_name); unlock_keys_file(); std::error_code e; #ifdef WIN32 // std::filesystem::rename is broken on Windows and fails if the file already exists fs::remove(keys_file_name, e); #endif fs::rename(tmp_file_name, keys_file_name, e); lock_keys_file(); if (e) { fs::remove(tmp_file_name); log::error(logcat, "failed to update wallet keys file {}", keys_file_name); return false; } return true; } //---------------------------------------------------------------------------------------------------- std::optional wallet2::get_keys_file_data( const epee::wipeable_string& password, bool watch_only) { std::string account_data; std::string multisig_signers; std::string multisig_derivations; cryptonote::account_base account = m_account; crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, m_kdf_rounds); if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) { account.encrypt_viewkey(key); account.decrypt_keys(key); } if (watch_only) account.forget_spend_key(); account.encrypt_keys(key); bool r = epee::serialization::store_t_to_binary(account, account_data); CHECK_AND_ASSERT_MES(r, std::nullopt, "failed to serialize wallet keys"); std::optional keys_file_data = (wallet2::keys_file_data){}; // Create a JSON object with "key_data" and "seed_language" as keys. rapidjson::Document json; json.SetObject(); rapidjson::Value value(rapidjson::kStringType); value.SetString(account_data.c_str(), account_data.length()); json.AddMember("key_data", value, json.GetAllocator()); if (!seed_language.empty()) { value.SetString(seed_language.c_str(), seed_language.length()); json.AddMember("seed_language", value, json.GetAllocator()); } rapidjson::Value value2(rapidjson::kNumberType); value2.SetInt(static_cast(m_key_device_type)); json.AddMember("key_on_device", value2, json.GetAllocator()); value2.SetInt( watch_only ? 1 : 0); // WTF ? JSON has different true and false types, and not boolean ?? json.AddMember("watch_only", value2, json.GetAllocator()); value2.SetInt(m_multisig ? 1 : 0); json.AddMember("multisig", value2, json.GetAllocator()); value2.SetUint(m_multisig_threshold); json.AddMember("multisig_threshold", value2, json.GetAllocator()); if (m_multisig) { try { multisig_signers = serialization::dump_binary(m_multisig_signers); } catch (const std::exception& e) { log::error(logcat, "failed to serialize wallet multisig signers: {}", e.what()); return std::nullopt; } value.SetString(multisig_signers.c_str(), multisig_signers.length()); json.AddMember("multisig_signers", value, json.GetAllocator()); try { multisig_derivations = serialization::dump_binary(m_multisig_derivations); } catch (const std::exception& e) { log::error(logcat, "failed to serialize wallet multisig derivations"); return std::nullopt; } value.SetString(multisig_derivations.c_str(), multisig_derivations.length()); json.AddMember("multisig_derivations", value, json.GetAllocator()); value2.SetUint(m_multisig_rounds_passed); json.AddMember("multisig_rounds_passed", value2, json.GetAllocator()); } value2.SetInt(m_always_confirm_transfers ? 1 : 0); json.AddMember("always_confirm_transfers", value2, json.GetAllocator()); value2.SetInt(m_print_ring_members ? 1 : 0); json.AddMember("print_ring_members", value2, json.GetAllocator()); value2.SetInt(m_store_tx_info ? 1 : 0); json.AddMember("store_tx_info", value2, json.GetAllocator()); value2.SetUint(m_default_priority); json.AddMember("default_priority", value2, json.GetAllocator()); value2.SetInt(m_auto_refresh ? 1 : 0); json.AddMember("auto_refresh", value2, json.GetAllocator()); value2.SetInt(m_refresh_type); json.AddMember("refresh_type", value2, json.GetAllocator()); value2.SetUint64(m_refresh_from_block_height); json.AddMember("refresh_height", value2, json.GetAllocator()); value2.SetInt(m_confirm_non_default_ring_size ? 1 : 0); json.AddMember("confirm_non_default_ring_size", value2, json.GetAllocator()); value2.SetInt(m_ask_password); json.AddMember("ask_password", value2, json.GetAllocator()); value2.SetUint(m_min_output_count); json.AddMember("min_output_count", value2, json.GetAllocator()); value2.SetUint64(m_min_output_value); json.AddMember("min_output_value", value2, json.GetAllocator()); value2.SetInt(oxen::DISPLAY_DECIMAL_POINT); json.AddMember("default_decimal_point", value2, json.GetAllocator()); value2.SetInt(m_merge_destinations ? 1 : 0); json.AddMember("merge_destinations", value2, json.GetAllocator()); value2.SetInt(m_confirm_backlog ? 1 : 0); json.AddMember("confirm_backlog", value2, json.GetAllocator()); value2.SetUint(m_confirm_backlog_threshold); json.AddMember("confirm_backlog_threshold", value2, json.GetAllocator()); value2.SetInt(m_confirm_export_overwrite ? 1 : 0); json.AddMember("confirm_export_overwrite", value2, json.GetAllocator()); value2.SetUint(static_cast>(m_nettype)); json.AddMember("nettype", value2, json.GetAllocator()); value2.SetInt(m_segregate_pre_fork_outputs ? 1 : 0); json.AddMember("segregate_pre_fork_outputs", value2, json.GetAllocator()); value2.SetInt(m_key_reuse_mitigation2 ? 1 : 0); json.AddMember("key_reuse_mitigation2", value2, json.GetAllocator()); value2.SetUint(m_segregation_height); json.AddMember("segregation_height", value2, json.GetAllocator()); value2.SetUint64(m_ignore_outputs_above); json.AddMember("ignore_outputs_above", value2, json.GetAllocator()); value2.SetUint64(m_ignore_outputs_below); json.AddMember("ignore_outputs_below", value2, json.GetAllocator()); value2.SetInt(m_track_uses ? 1 : 0); json.AddMember("track_uses", value2, json.GetAllocator()); value2.SetInt(m_inactivity_lock_timeout.count()); json.AddMember("inactivity_lock_timeout", value2, json.GetAllocator()); value2.SetUint(m_subaddress_lookahead_major); json.AddMember("subaddress_lookahead_major", value2, json.GetAllocator()); value2.SetUint(m_subaddress_lookahead_minor); json.AddMember("subaddress_lookahead_minor", value2, json.GetAllocator()); value2.SetInt(m_original_keys_available ? 1 : 0); json.AddMember("original_keys_available", value2, json.GetAllocator()); value2.SetUint(1); json.AddMember("encrypted_secret_keys", value2, json.GetAllocator()); value.SetString(m_device_name.c_str(), m_device_name.size()); json.AddMember("device_name", value, json.GetAllocator()); value.SetString(m_device_derivation_path.c_str(), m_device_derivation_path.size()); json.AddMember("device_derivation_path", value, json.GetAllocator()); std::string original_address; std::string original_view_secret_key; if (m_original_keys_available) { original_address = get_account_address_as_str(m_nettype, false, m_original_address); value.SetString(original_address.c_str(), original_address.length()); json.AddMember("original_address", value, json.GetAllocator()); original_view_secret_key = tools::type_to_hex(m_original_view_secret_key); value.SetString(original_view_secret_key.c_str(), original_view_secret_key.length()); json.AddMember("original_view_secret_key", value, json.GetAllocator()); } // Serialize the JSON object rapidjson::StringBuffer buffer; rapidjson::Writer writer(buffer); json.Accept(writer); account_data = buffer.GetString(); // Encrypt the entire JSON object. std::string cipher; cipher.resize(account_data.size()); keys_file_data->iv = crypto::rand(); crypto::chacha20(account_data.data(), account_data.size(), key, keys_file_data->iv, &cipher[0]); keys_file_data->account_data = cipher; return keys_file_data; } //---------------------------------------------------------------------------------------------------- void wallet2::setup_keys(const epee::wipeable_string& password) { crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, m_kdf_rounds); // re-encrypt, but keep viewkey unencrypted if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) { m_account.encrypt_keys(key); m_account.decrypt_viewkey(key); } static_assert( HASH_SIZE == sizeof(crypto::chacha_key), "Mismatched sizes of hash and chacha key"); epee::mlocked> cache_key_data; memcpy(cache_key_data.data(), &key, HASH_SIZE); cache_key_data[HASH_SIZE] = hashkey::WALLET_CACHE; cn_fast_hash(cache_key_data.data(), HASH_SIZE + 1, (crypto::hash&)m_cache_key); get_ringdb_key(); } //---------------------------------------------------------------------------------------------------- void wallet2::change_password( const fs::path& filename, const epee::wipeable_string& original_password, const epee::wipeable_string& new_password) { if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) decrypt_keys(original_password); setup_keys(new_password); rewrite(filename, new_password); if (!filename.empty()) store(); } //---------------------------------------------------------------------------------------------------- /*! * \brief Load wallet information from wallet file. * \param keys_file_name Name of wallet file * \param password Password of wallet file */ bool wallet2::load_keys(const fs::path& keys_file_name, const epee::wipeable_string& password) { std::string keys_file_buf; bool r = tools::slurp_file(keys_file_name, keys_file_buf); THROW_WALLET_EXCEPTION_IF(!r, error::file_read_error, keys_file_name); // Load keys from buffer std::optional keys_to_encrypt; r = wallet2::load_keys_buf(keys_file_buf, password, keys_to_encrypt); // Rewrite with encrypted keys if unencrypted, ignore errors if (r && keys_to_encrypt) { if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) encrypt_keys(*keys_to_encrypt); bool saved_ret = store_keys(keys_file_name, password, m_watch_only); if (!saved_ret) { // just moan a bit, but not fatal log::error(logcat, "Error saving keys file with encrypted keys, not fatal"); } if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) decrypt_keys(*keys_to_encrypt); m_keys_file_locker.reset(); } return r; } //---------------------------------------------------------------------------------------------------- bool wallet2::load_keys_buf(const std::string& keys_buf, const epee::wipeable_string& password) { std::optional keys_to_encrypt; return wallet2::load_keys_buf(keys_buf, password, keys_to_encrypt); } //---------------------------------------------------------------------------------------------------- bool wallet2::load_keys_buf( const std::string& keys_buf, const epee::wipeable_string& password, std::optional& keys_to_encrypt) { // Decrypt the contents rapidjson::Document json; wallet2::keys_file_data keys_file_data; bool encrypted_secret_keys = false; try { serialization::parse_binary(keys_buf, keys_file_data); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( error::wallet_internal_error, "internal error: failed to deserialize keys buffer: "s + e.what()); } crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, m_kdf_rounds); std::string account_data; account_data.resize(keys_file_data.account_data.size()); crypto::chacha20( keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); if (json.Parse(account_data.c_str()).HasParseError() || !json.IsObject()) crypto::chacha8( keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); // The contents should be JSON if the wallet follows the new format. if (json.Parse(account_data.c_str()).HasParseError()) { is_old_file_format = true; m_watch_only = false; m_multisig = false; m_multisig_threshold = 0; m_multisig_signers.clear(); m_multisig_rounds_passed = 0; m_multisig_derivations.clear(); m_always_confirm_transfers = false; m_print_ring_members = false; m_store_tx_info = true; m_default_priority = 0; m_auto_refresh = true; m_refresh_type = RefreshType::RefreshDefault; m_refresh_from_block_height = 0; m_confirm_non_default_ring_size = true; m_ask_password = AskPasswordToDecrypt; m_min_output_count = 0; m_min_output_value = 0; m_merge_destinations = false; m_confirm_backlog = true; m_confirm_backlog_threshold = 0; m_confirm_export_overwrite = true; m_segregate_pre_fork_outputs = true; m_key_reuse_mitigation2 = true; m_segregation_height = 0; m_ignore_outputs_above = oxen::MONEY_SUPPLY; m_ignore_outputs_below = 0; m_track_uses = false; m_inactivity_lock_timeout = DEFAULT_INACTIVITY_LOCK_TIMEOUT; m_subaddress_lookahead_major = SUBADDRESS_LOOKAHEAD_MAJOR; m_subaddress_lookahead_minor = SUBADDRESS_LOOKAHEAD_MINOR; m_original_keys_available = false; m_device_name = ""; m_device_derivation_path = ""; m_key_device_type = hw::device::type::SOFTWARE; encrypted_secret_keys = false; } else if (json.IsObject()) { if (!json.HasMember("key_data")) { log::error(logcat, "Field key_data not found in JSON"); return false; } if (!json["key_data"].IsString()) { log::error(logcat, "Field key_data found in JSON, but not String"); return false; } const char* field_key_data = json["key_data"].GetString(); account_data = std::string(field_key_data, field_key_data + json["key_data"].GetStringLength()); if (json.HasMember("key_on_device")) { GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, key_on_device, int, Int, false, hw::device::type::SOFTWARE); m_key_device_type = static_cast(field_key_on_device); } GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, seed_language, std::string, String, false, std::string()); if (field_seed_language_found) { set_seed_language(field_seed_language); } GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, watch_only, int, Int, false, false); m_watch_only = field_watch_only; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, multisig, int, Int, false, false); m_multisig = field_multisig; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, multisig_threshold, unsigned int, Uint, m_multisig, 0); m_multisig_threshold = field_multisig_threshold; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, multisig_rounds_passed, unsigned int, Uint, false, 0); m_multisig_rounds_passed = field_multisig_rounds_passed; if (m_multisig) { if (!json.HasMember("multisig_signers")) { log::error(logcat, "Field multisig_signers not found in JSON"); return false; } if (!json["multisig_signers"].IsString()) { log::error(logcat, "Field multisig_signers found in JSON, but not String"); return false; } const char* field_multisig_signers = json["multisig_signers"].GetString(); std::string multisig_signers = std::string( field_multisig_signers, field_multisig_signers + json["multisig_signers"].GetStringLength()); try { serialization::parse_binary(multisig_signers, m_multisig_signers); } catch (const std::exception& e) { log::error( logcat, "Field multisig_signers found in JSON, but failed to parse: {}", e.what()); return false; } // previous version of multisig does not have this field if (json.HasMember("multisig_derivations")) { if (!json["multisig_derivations"].IsString()) { log::error(logcat, "Field multisig_derivations found in JSON, but not String"); return false; } const char* field_multisig_derivations = json["multisig_derivations"].GetString(); std::string multisig_derivations = std::string( field_multisig_derivations, field_multisig_derivations + json["multisig_derivations"].GetStringLength()); try { serialization::parse_binary(multisig_derivations, m_multisig_derivations); } catch (const std::exception& e) { log::error( logcat, "Field multisig_derivations found in JSON, but failed to parse: {}", e.what()); return false; } } } GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, always_confirm_transfers, int, Int, false, true); m_always_confirm_transfers = field_always_confirm_transfers; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, print_ring_members, int, Int, false, true); m_print_ring_members = field_print_ring_members; if (json.HasMember("store_tx_info")) { GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, store_tx_info, int, Int, true, true); m_store_tx_info = field_store_tx_info; } else if (json.HasMember("store_tx_keys")) // backward compatibility { GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, store_tx_keys, int, Int, true, true); m_store_tx_info = field_store_tx_keys; } else m_store_tx_info = true; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, default_priority, unsigned int, Uint, false, 0); if (field_default_priority_found) { m_default_priority = field_default_priority; } else { GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, default_fee_multiplier, unsigned int, Uint, false, 0); if (field_default_fee_multiplier_found) m_default_priority = field_default_fee_multiplier; else m_default_priority = 0; } GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, auto_refresh, int, Int, false, true); m_auto_refresh = field_auto_refresh; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, refresh_type, int, Int, false, RefreshType::RefreshDefault); m_refresh_type = RefreshType::RefreshDefault; if (field_refresh_type_found) { if (field_refresh_type == RefreshFull || field_refresh_type == RefreshOptimizeCoinbase || field_refresh_type == RefreshNoCoinbase) m_refresh_type = (RefreshType)field_refresh_type; else log::warning( logcat, "Unknown refresh-type value ({}), using default", field_refresh_type); } GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, refresh_height, uint64_t, Uint64, false, 0); m_refresh_from_block_height = field_refresh_height; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, confirm_non_default_ring_size, int, Int, false, true); m_confirm_non_default_ring_size = field_confirm_non_default_ring_size; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, ask_password, AskPasswordType, Int, false, AskPasswordToDecrypt); m_ask_password = field_ask_password; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, min_output_count, uint32_t, Uint, false, 0); m_min_output_count = field_min_output_count; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, min_output_value, uint64_t, Uint64, false, 0); m_min_output_value = field_min_output_value; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, merge_destinations, int, Int, false, false); m_merge_destinations = field_merge_destinations; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, confirm_backlog, int, Int, false, true); m_confirm_backlog = field_confirm_backlog; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, confirm_backlog_threshold, uint32_t, Uint, false, 0); m_confirm_backlog_threshold = field_confirm_backlog_threshold; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, confirm_export_overwrite, int, Int, false, true); m_confirm_export_overwrite = field_confirm_export_overwrite; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, nettype, uint8_t, Uint, false, static_cast(m_nettype)); // The network type given in the program argument is inconsistent with the network type // saved in the wallet THROW_WALLET_EXCEPTION_IF( static_cast(m_nettype) != field_nettype, error::wallet_internal_error, "{:s} wallet cannot be opened as {:s} wallet"_format( field_nettype == 0 ? "Mainnet" : field_nettype == 1 ? "Testnet" : "Devnet", m_nettype == network_type::MAINNET ? "mainnet" : m_nettype == network_type::TESTNET ? "testnet" : "devnet")); GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, segregate_pre_fork_outputs, int, Int, false, true); m_segregate_pre_fork_outputs = field_segregate_pre_fork_outputs; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, key_reuse_mitigation2, int, Int, false, true); m_key_reuse_mitigation2 = field_key_reuse_mitigation2; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, segregation_height, int, Uint, false, 0); m_segregation_height = field_segregation_height; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, ignore_outputs_above, uint64_t, Uint64, false, oxen::MONEY_SUPPLY); m_ignore_outputs_above = field_ignore_outputs_above; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, ignore_outputs_below, uint64_t, Uint64, false, 0); m_ignore_outputs_below = field_ignore_outputs_below; GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, track_uses, int, Int, false, false); m_track_uses = field_track_uses; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, inactivity_lock_timeout, uint32_t, Uint, false, m_nettype == network_type::MAINNET ? std::chrono::seconds{DEFAULT_INACTIVITY_LOCK_TIMEOUT}.count() : 0); m_inactivity_lock_timeout = std::chrono::seconds{field_inactivity_lock_timeout}; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, subaddress_lookahead_major, uint32_t, Uint, false, SUBADDRESS_LOOKAHEAD_MAJOR); m_subaddress_lookahead_major = field_subaddress_lookahead_major; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, subaddress_lookahead_minor, uint32_t, Uint, false, SUBADDRESS_LOOKAHEAD_MINOR); m_subaddress_lookahead_minor = field_subaddress_lookahead_minor; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, encrypted_secret_keys, uint32_t, Uint, false, false); encrypted_secret_keys = field_encrypted_secret_keys; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, device_name, std::string, String, false, std::string()); if (m_device_name.empty()) { if (field_device_name_found) { m_device_name = field_device_name; } else { m_device_name = m_key_device_type == hw::device::type::LEDGER ? "Ledger" : "default"; } } GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, device_derivation_path, std::string, String, false, std::string()); m_device_derivation_path = field_device_derivation_path; if (json.HasMember("original_keys_available")) { GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, original_keys_available, int, Int, false, false); m_original_keys_available = field_original_keys_available; if (m_original_keys_available) { GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, original_address, std::string, String, true, std::string()); address_parse_info info; bool ok = get_account_address_from_str(info, m_nettype, field_original_address); if (!ok) { log::error(logcat, "Failed to parse original_address from JSON"); return false; } m_original_address = info.address; GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, original_view_secret_key, std::string, String, true, std::string()); ok = tools::hex_to_type(field_original_view_secret_key, m_original_view_secret_key); if (!ok) { log::error(logcat, "Failed to parse original_view_secret_key from JSON"); return false; } } } else { m_original_keys_available = false; } } else { THROW_WALLET_EXCEPTION(error::wallet_internal_error, "invalid password"); return false; } bool r = epee::serialization::load_t_from_binary(m_account, account_data); THROW_WALLET_EXCEPTION_IF(!r, error::invalid_password); if (m_key_device_type == hw::device::type::LEDGER || m_key_device_type == hw::device::type::TREZOR) { log::warning(logcat, "Account on device. Initing device..."); hw::device& hwdev = lookup_device(m_device_name); THROW_WALLET_EXCEPTION_IF( !hwdev.set_name(m_device_name), error::wallet_internal_error, "Could not set device name " + m_device_name); hwdev.set_network_type(m_nettype); hwdev.set_derivation_path(m_device_derivation_path); hwdev.set_callback(get_device_callback()); THROW_WALLET_EXCEPTION_IF( !hwdev.init(), error::wallet_internal_error, "Could not initialize the device " + m_device_name); THROW_WALLET_EXCEPTION_IF( !hwdev.connect(), error::wallet_internal_error, "Could not connect to the device " + m_device_name); m_account.set_device(hwdev); account_public_address device_account_public_address; THROW_WALLET_EXCEPTION_IF( !hwdev.get_public_address(device_account_public_address), error::wallet_internal_error, "Cannot get a device address"); THROW_WALLET_EXCEPTION_IF( device_account_public_address != m_account.get_keys().m_account_address, error::wallet_internal_error, "Device wallet does not match wallet address. " "Device address: " + cryptonote::get_account_address_as_str( m_nettype, false, device_account_public_address) + ", wallet address: " + m_account.get_public_address_str(m_nettype)); log::warning(logcat, "Device initialized..."); } else if (key_on_device()) { THROW_WALLET_EXCEPTION(error::wallet_internal_error, "hardware device not supported"); } if (r) { if (encrypted_secret_keys) { m_account.decrypt_keys(key); } else { keys_to_encrypt = key; } } const cryptonote::account_keys& keys = m_account.get_keys(); hw::device& hwdev = m_account.get_device(); r = r && hwdev.verify_keys(keys.m_view_secret_key, keys.m_account_address.m_view_public_key); if (!m_watch_only && !m_multisig && hwdev.device_protocol() != hw::device::protocol::COLD) r = r && hwdev.verify_keys(keys.m_spend_secret_key, keys.m_account_address.m_spend_public_key); THROW_WALLET_EXCEPTION_IF( !r, error::wallet_files_doesnt_correspond, m_keys_file, m_wallet_file); if (r) setup_keys(password); return true; } /*! * \brief verify password for default wallet keys file. * \param password Password to verify * \return true if password is correct * * for verification only * should not mutate state, unlike load_keys() * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password * */ bool wallet2::verify_password(const epee::wipeable_string& password) { // this temporary unlocking is necessary for Windows (otherwise the file couldn't be loaded). unlock_keys_file(); bool r = verify_password( m_keys_file, password, m_account.get_device().device_protocol() == hw::device::protocol::COLD || m_watch_only || m_multisig, m_account.get_device(), m_kdf_rounds); lock_keys_file(); return r; } /*! * \brief verify password for specified wallet keys file. * \param keys_file_name Keys file to verify password for * \param password Password to verify * \param no_spend_key If set = only verify view keys, otherwise also spend keys * \param hwdev The hardware device to use * \return true if password is correct * * for verification only * should not mutate state, unlike load_keys() * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password * */ bool wallet2::verify_password( const fs::path& keys_file_name, const epee::wipeable_string& password, bool no_spend_key, hw::device& hwdev, uint64_t kdf_rounds) { rapidjson::Document json; wallet2::keys_file_data keys_file_data; std::string buf; bool encrypted_secret_keys = false; bool r = tools::slurp_file(keys_file_name, buf); THROW_WALLET_EXCEPTION_IF(!r, error::file_read_error, keys_file_name); // Decrypt the contents try { serialization::parse_binary(buf, keys_file_data); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name.u8string() + "\": " + e.what()); } crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, kdf_rounds); std::string account_data; account_data.resize(keys_file_data.account_data.size()); crypto::chacha20( keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); if (json.Parse(account_data.c_str()).HasParseError() || !json.IsObject()) crypto::chacha8( keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); // The contents should be JSON if the wallet follows the new format. if (json.Parse(account_data.c_str()).HasParseError()) { // old format before JSON wallet key file format } else { account_data = std::string( json["key_data"].GetString(), json["key_data"].GetString() + json["key_data"].GetStringLength()); GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, encrypted_secret_keys, uint32_t, Uint, false, false); encrypted_secret_keys = field_encrypted_secret_keys; } cryptonote::account_base account_data_check; r = epee::serialization::load_t_from_binary(account_data_check, account_data); if (encrypted_secret_keys) account_data_check.decrypt_keys(key); const cryptonote::account_keys& keys = account_data_check.get_keys(); r = r && hwdev.verify_keys(keys.m_view_secret_key, keys.m_account_address.m_view_public_key); if (!no_spend_key) r = r && hwdev.verify_keys(keys.m_spend_secret_key, keys.m_account_address.m_spend_public_key); return r; } void wallet2::encrypt_keys(const crypto::chacha_key& key) { std::lock_guard lock{m_decrypt_keys_mutex}; if (--m_decrypt_keys_lockers) // another lock left ? return; m_account.encrypt_keys(key); m_account.decrypt_viewkey(key); } void wallet2::decrypt_keys(const crypto::chacha_key& key) { std::lock_guard lock{m_decrypt_keys_mutex}; if (m_decrypt_keys_lockers++) // already unlocked ? return; m_account.encrypt_viewkey(key); m_account.decrypt_keys(key); } void wallet2::encrypt_keys(const epee::wipeable_string& password) { crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, m_kdf_rounds); encrypt_keys(key); } void wallet2::decrypt_keys(const epee::wipeable_string& password) { crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, m_kdf_rounds); decrypt_keys(key); } void wallet2::setup_new_blockchain() { cryptonote::block b; generate_genesis(b); m_blockchain.push_back(get_block_hash(b)); m_cached_height = m_blockchain.size(); m_last_block_reward = cryptonote::get_outs_money_amount(b.miner_tx); add_subaddress_account(tr("Primary account")); } void wallet2::create_keys_file( const fs::path& wallet_, bool watch_only, const epee::wipeable_string& password, bool create_address_file) { if (!wallet_.empty()) { bool r = store_keys(m_keys_file, password, watch_only); THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file); if (create_address_file) { auto addrfile = m_wallet_file; addrfile += ".address.txt"; r = tools::dump_file(addrfile, m_account.get_public_address_str(m_nettype)); if (!r) log::error(logcat, "String with address text not saved"); } } } /*! * \brief determine the key storage for the specified wallet file * \param device_type (OUT) wallet backend as enumerated in hw::device::type * \param keys_file_name Keys file to verify password for * \param password Password to verify * \return true if password correct, else false * * for verification only - determines key storage hardware * */ bool wallet2::query_device( hw::device::type& device_type, const fs::path& keys_file_name, const epee::wipeable_string& password, uint64_t kdf_rounds) { rapidjson::Document json; wallet2::keys_file_data keys_file_data; std::string buf; bool r = tools::slurp_file(keys_file_name, buf); THROW_WALLET_EXCEPTION_IF(!r, error::file_read_error, keys_file_name); // Decrypt the contents try { serialization::parse_binary(buf, keys_file_data); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name.u8string() + "\": " + e.what()); } crypto::chacha_key key; crypto::generate_chacha_key(password.data(), password.size(), key, kdf_rounds); std::string account_data; account_data.resize(keys_file_data.account_data.size()); crypto::chacha20( keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); if (json.Parse(account_data.c_str()).HasParseError() || !json.IsObject()) crypto::chacha8( keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); device_type = hw::device::type::SOFTWARE; // The contents should be JSON if the wallet follows the new format. if (json.Parse(account_data.c_str()).HasParseError()) { // old format before JSON wallet key file format } else { account_data = std::string( json["key_data"].GetString(), json["key_data"].GetString() + json["key_data"].GetStringLength()); if (json.HasMember("key_on_device")) { GET_FIELD_FROM_JSON_RETURN_ON_ERROR( json, key_on_device, int, Int, false, hw::device::type::SOFTWARE); device_type = static_cast(field_key_on_device); } } cryptonote::account_base account_data_check; r = epee::serialization::load_t_from_binary(account_data_check, account_data); if (!r) return false; return true; } void wallet2::init_type(hw::device::type device_type) { m_account_public_address = m_account.get_keys().m_account_address; m_watch_only = false; m_multisig = false; m_multisig_threshold = 0; m_multisig_signers.clear(); m_original_keys_available = false; m_key_device_type = device_type; } /*! * \brief Generates a wallet or restores one. * \param wallet_ Name of wallet file * \param password Password of wallet file * \param multisig_data The multisig restore info and keys * \param create_address_file Whether to create an address file */ void wallet2::generate( const fs::path& wallet_, const epee::wipeable_string& password, const epee::wipeable_string& multisig_data, bool create_address_file) { clear(); prepare_file_names(wallet_); if (!wallet_.empty()) { std::error_code ignored_ec; THROW_WALLET_EXCEPTION_IF( fs::exists(m_wallet_file, ignored_ec), error::file_exists, m_wallet_file); THROW_WALLET_EXCEPTION_IF( fs::exists(m_keys_file, ignored_ec), error::file_exists, m_keys_file); } m_account.generate(rct::rct2sk(rct::zero()), true, false); THROW_WALLET_EXCEPTION_IF(multisig_data.size() < 32, error::invalid_multisig_seed); size_t offset = 0; uint32_t threshold = *(uint32_t*)(multisig_data.data() + offset); offset += sizeof(uint32_t); uint32_t total = *(uint32_t*)(multisig_data.data() + offset); offset += sizeof(uint32_t); THROW_WALLET_EXCEPTION_IF(threshold < 2, error::invalid_multisig_seed); THROW_WALLET_EXCEPTION_IF( total != threshold && total != threshold + 1, error::invalid_multisig_seed); const size_t n_multisig_keys = total == threshold ? 1 : threshold; THROW_WALLET_EXCEPTION_IF( multisig_data.size() != 8 + 32 * (4 + n_multisig_keys + total), error::invalid_multisig_seed); std::vector multisig_keys; std::vector multisig_signers; crypto::secret_key spend_secret_key = *(crypto::secret_key*)(multisig_data.data() + offset); offset += sizeof(crypto::secret_key); crypto::public_key spend_public_key = *(crypto::public_key*)(multisig_data.data() + offset); offset += sizeof(crypto::public_key); crypto::secret_key view_secret_key = *(crypto::secret_key*)(multisig_data.data() + offset); offset += sizeof(crypto::secret_key); crypto::public_key view_public_key = *(crypto::public_key*)(multisig_data.data() + offset); offset += sizeof(crypto::public_key); for (size_t n = 0; n < n_multisig_keys; ++n) { multisig_keys.push_back(*(crypto::secret_key*)(multisig_data.data() + offset)); offset += sizeof(crypto::secret_key); } for (size_t n = 0; n < total; ++n) { multisig_signers.push_back(*(crypto::public_key*)(multisig_data.data() + offset)); offset += sizeof(crypto::public_key); } crypto::public_key calculated_view_public_key; THROW_WALLET_EXCEPTION_IF( !crypto::secret_key_to_public_key(view_secret_key, calculated_view_public_key), error::invalid_multisig_seed); THROW_WALLET_EXCEPTION_IF( view_public_key != calculated_view_public_key, error::invalid_multisig_seed); crypto::public_key local_signer; THROW_WALLET_EXCEPTION_IF( !crypto::secret_key_to_public_key(spend_secret_key, local_signer), error::invalid_multisig_seed); THROW_WALLET_EXCEPTION_IF( std::find(multisig_signers.begin(), multisig_signers.end(), local_signer) == multisig_signers.end(), error::invalid_multisig_seed); rct::key skey = rct::zero(); for (const auto& msk : multisig_keys) sc_add(skey.bytes, skey.bytes, rct::sk2rct(msk).bytes); THROW_WALLET_EXCEPTION_IF( !(rct::rct2sk(skey) == spend_secret_key), error::invalid_multisig_seed); memwipe(&skey, sizeof(rct::key)); m_account.make_multisig(view_secret_key, spend_secret_key, spend_public_key, multisig_keys); m_account.finalize_multisig(spend_public_key); // Not possible to restore a multisig wallet that is able to activate the MMS // (because the original keys are not (yet) part of the restore info), so // keep m_original_keys_available to false init_type(hw::device::type::SOFTWARE); m_multisig = true; m_multisig_threshold = threshold; m_multisig_signers = multisig_signers; setup_keys(password); create_keys_file( wallet_, false, password, m_nettype != network_type::MAINNET || create_address_file); setup_new_blockchain(); if (!wallet_.empty()) store(); } /*! * \brief Generates a wallet or restores one. * \param wallet_ Name of wallet file * \param password Password of wallet file * \param recovery_param If it is a restore, the recovery key * \param recover Whether it is a restore * \param two_random Whether it is a non-deterministic wallet * \param create_address_file Whether to create an address file * \return The secret key of the generated wallet */ crypto::secret_key wallet2::generate( const fs::path& wallet_, const epee::wipeable_string& password, const crypto::secret_key& recovery_param, bool recover, bool two_random, bool create_address_file) { clear(); prepare_file_names(wallet_); if (!wallet_.empty()) { std::error_code ignored_ec; THROW_WALLET_EXCEPTION_IF( fs::exists(m_wallet_file, ignored_ec), error::file_exists, m_wallet_file); THROW_WALLET_EXCEPTION_IF( fs::exists(m_keys_file, ignored_ec), error::file_exists, m_keys_file); } crypto::secret_key retval = m_account.generate(recovery_param, recover, two_random); init_type(hw::device::type::SOFTWARE); setup_keys(password); // calculate a starting refresh height if (m_refresh_from_block_height == 0 && !recover) { m_refresh_from_block_height = estimate_blockchain_height(); } create_keys_file( wallet_, false, password, m_nettype != network_type::MAINNET || create_address_file); setup_new_blockchain(); if (!wallet_.empty()) store(); return retval; } uint64_t wallet2::estimate_blockchain_height() { const uint64_t blocks_per_month = BLOCKS_PER_DAY * 30; // try asking the daemon first std::string err; uint64_t height = 0; // we get the max of approximated height and local height. // approximated height is the least of daemon target height // (the max of what the other daemons are claiming is their // height) and the theoretical height based on the local // clock. This will be wrong only if both the local clock // is bad *and* a peer daemon claims a highest height than // the real chain. // local height is the height the local daemon is currently // synced to, it will be lower than the real chain height if // the daemon is currently syncing. // If we use the approximate height we subtract one month as // a safety margin. height = get_approximate_blockchain_height(); uint64_t target_height = get_daemon_blockchain_target_height(err); if (err.empty()) { if (target_height < height) height = target_height; } else { // if we couldn't talk to the daemon, check safety margin. if (height > blocks_per_month) height -= blocks_per_month; else height = 0; } uint64_t local_height = get_daemon_blockchain_height(err); if (err.empty() && local_height > height) height = local_height; return height; } /*! * \brief Creates a watch only wallet from a public address and a view secret key. * \param wallet_ Name of wallet file * \param password Password of wallet file * \param account_public_address The account's public address * \param viewkey view secret key * \param create_address_file Whether to create an address file */ void wallet2::generate( const fs::path& wallet_, const epee::wipeable_string& password, const cryptonote::account_public_address& account_public_address, const crypto::secret_key& viewkey, bool create_address_file) { clear(); prepare_file_names(wallet_); if (!wallet_.empty()) { std::error_code ignored_ec; THROW_WALLET_EXCEPTION_IF( fs::exists(m_wallet_file, ignored_ec), error::file_exists, m_wallet_file); THROW_WALLET_EXCEPTION_IF( fs::exists(m_keys_file, ignored_ec), error::file_exists, m_keys_file); } m_account.create_from_viewkey(account_public_address, viewkey); init_type(hw::device::type::SOFTWARE); m_watch_only = true; m_account_public_address = account_public_address; setup_keys(password); create_keys_file( wallet_, true, password, m_nettype != network_type::MAINNET || create_address_file); setup_new_blockchain(); if (!wallet_.empty()) store(); } /*! * \brief Creates a wallet from a public address and a spend/view secret key pair. * \param wallet_ Name of wallet file * \param password Password of wallet file * \param account_public_address The account's public address * \param spendkey spend secret key * \param viewkey view secret key * \param create_address_file Whether to create an address file */ void wallet2::generate( const fs::path& wallet_, const epee::wipeable_string& password, const cryptonote::account_public_address& account_public_address, const crypto::secret_key& spendkey, const crypto::secret_key& viewkey, bool create_address_file) { clear(); prepare_file_names(wallet_); if (!wallet_.empty()) { std::error_code ignored_ec; THROW_WALLET_EXCEPTION_IF( fs::exists(m_wallet_file, ignored_ec), error::file_exists, m_wallet_file); THROW_WALLET_EXCEPTION_IF( fs::exists(m_keys_file, ignored_ec), error::file_exists, m_keys_file); } m_account.create_from_keys(account_public_address, spendkey, viewkey); init_type(hw::device::type::SOFTWARE); m_account_public_address = account_public_address; setup_keys(password); create_keys_file(wallet_, false, password, create_address_file); setup_new_blockchain(); if (!wallet_.empty()) store(); } void wallet2::restore_from_device( const fs::path& wallet_, const epee::wipeable_string& password, const std::string& device_name, bool create_address_file, std::optional hwdev_label, std::function progress_callback) { clear(); prepare_file_names(wallet_); std::error_code ignored_ec; if (!wallet_.empty()) { THROW_WALLET_EXCEPTION_IF( fs::exists(m_wallet_file, ignored_ec), error::file_exists, m_wallet_file); THROW_WALLET_EXCEPTION_IF( fs::exists(m_keys_file, ignored_ec), error::file_exists, m_keys_file); } auto& hwdev = lookup_device(device_name); hwdev.set_name(device_name); hwdev.set_network_type(m_nettype); hwdev.set_derivation_path(m_device_derivation_path); hwdev.set_callback(get_device_callback()); m_account.create_from_device(hwdev); init_type(m_account.get_device().get_type()); setup_keys(password); if (progress_callback) progress_callback( tr("Retrieved wallet address from device: ") + m_account.get_public_address_str(m_nettype)); m_device_name = device_name; create_keys_file( wallet_, false, password, m_nettype != network_type::MAINNET || create_address_file); if (m_subaddress_lookahead_major == SUBADDRESS_LOOKAHEAD_MAJOR && m_subaddress_lookahead_minor == SUBADDRESS_LOOKAHEAD_MINOR) { // the default lookahead setting (50:200) is clearly too much for hardware wallet m_subaddress_lookahead_major = 5; m_subaddress_lookahead_minor = 20; } fs::path hwdev_filename = m_wallet_file; hwdev_filename += ".hwdev.txt"; std::string hwdev_text = hwdev_label.value_or(""); if (!tools::dump_file(hwdev_filename, hwdev_text)) log::error(logcat, "failed to write .hwdev.txt comment file"); if (progress_callback) progress_callback(tr("Setting up account and subaddresses")); setup_new_blockchain(); if (!wallet_.empty()) { store(); } } std::string wallet2::make_multisig( const epee::wipeable_string& password, const std::vector& view_keys, const std::vector& spend_keys, uint32_t threshold) { CHECK_AND_ASSERT_THROW_MES(!view_keys.empty(), "empty view keys"); CHECK_AND_ASSERT_THROW_MES( view_keys.size() == spend_keys.size(), "Mismatched view/spend key sizes"); CHECK_AND_ASSERT_THROW_MES( threshold > 1 && threshold <= spend_keys.size() + 1, "Invalid threshold"); std::string extra_multisig_info; std::vector multisig_keys; rct::key spend_pkey = rct::identity(); rct::key spend_skey; OXEN_DEFER { memwipe(&spend_skey, sizeof(spend_skey)); }; std::vector multisig_signers; // decrypt keys bool reencrypt = false; crypto::chacha_key chacha_key; auto keys_reencryptor = oxen::defer([&] { if (reencrypt) { m_account.encrypt_keys(chacha_key); m_account.decrypt_viewkey(chacha_key); } }); if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) { crypto::generate_chacha_key(password.data(), password.size(), chacha_key, m_kdf_rounds); m_account.encrypt_viewkey(chacha_key); m_account.decrypt_keys(chacha_key); reencrypt = true; } // In common multisig scheme there are 4 types of key exchange rounds: // 1. First round is exchange of view secret keys and public spend keys. // 2. Middle round is exchange of derivations: Ki = b * Mj, where b - spend secret key, // M - public multisig key (in first round it equals to public spend key), K - new public // multisig key. // 3. Secret spend establishment round sets your secret multisig keys as follows: kl = H(Ml), // where M - is *your* public multisig key, // k - secret multisig key used to sign transactions. k and M are sets of keys, of course. // And secret spend key as the sum of all participant's secret multisig keys // 4. Last round establishes multisig wallet's public spend key. Participants exchange their // public multisig keys // and calculate common spend public key as sum of all unique participants' public multisig // keys. // Note that N/N scheme has only first round. N-1/N has 2 rounds: first and last. Common M/N has // all 4 rounds. // IMPORTANT: wallet's public spend key is not equal to secret_spend_key * G! // Wallet's public spend key is the sum of unique public multisig keys of all participants. // secret_spend_key * G = public signer key if (threshold == spend_keys.size() + 1) { // In N / N case we only need to do one round and calculate secret multisig keys and new // secret spend key log::info(logcat, "Creating spend key..."); // Calculates all multisig keys and spend key cryptonote::generate_multisig_N_N( get_account().get_keys(), spend_keys, multisig_keys, spend_skey, spend_pkey); // Our signer key is b * G, where b is secret spend key. multisig_signers = spend_keys; multisig_signers.push_back( get_multisig_signer_public_key(get_account().get_keys().m_spend_secret_key)); } else { // We just got public spend keys of all participants and deriving multisig keys (set of Mi = // b * Bi). note that derivations are public keys as DH exchange suppose it to be auto derivations = cryptonote::generate_multisig_derivations(get_account().get_keys(), spend_keys); spend_pkey = rct::identity(); multisig_signers = std::vector( spend_keys.size() + 1, crypto::null); if (threshold == spend_keys.size()) { // N - 1 / N case // We need an extra step, so we package all the composite public keys // we know about, and make a signed string out of them log::info(logcat, "Creating spend key..."); // Calculating set of our secret multisig keys as follows: mi = H(Mi), // where mi - secret multisig key, Mi - others' participants public multisig key multisig_keys = cryptonote::calculate_multisig_keys(derivations); // calculating current participant's spend secret key as sum of all secret multisig keys // for current participant. IMPORTANT: participant's secret spend key is not an entire // wallet's secret spend! // Entire wallet's secret spend is sum of all unique secret multisig keys // among all of participants and is not held by anyone! spend_skey = rct::sk2rct(cryptonote::calculate_multisig_signer_key(multisig_keys)); // Preparing data for the last round to calculate common public spend key. The data // contains public multisig keys. extra_multisig_info = pack_multisignature_keys( secret_keys_to_public_keys(multisig_keys), rct::rct2sk(spend_skey)); } else { // M / N case log::info(logcat, "Preparing keys for next exchange round..."); // Preparing data for middle round - packing new public multisig keys to exchage with // others. extra_multisig_info = pack_multisignature_keys(derivations, m_account.get_keys().m_spend_secret_key); spend_skey = rct::sk2rct(m_account.get_keys().m_spend_secret_key); // Need to store middle keys to be able to proceed in case of wallet shutdown. m_multisig_derivations = derivations; } } if (!m_original_keys_available) { // Save the original i.e. non-multisig keys so the MMS can continue to use them to encrypt // and decrypt messages (making a wallet multisig overwrites those keys, see // account_base::make_multisig) m_original_address = m_account.get_keys().m_account_address; m_original_view_secret_key = m_account.get_keys().m_view_secret_key; m_original_keys_available = true; } clear(); log::info(logcat, "Creating view key..."); crypto::secret_key view_skey = cryptonote::generate_multisig_view_secret_key( get_account().get_keys().m_view_secret_key, view_keys); log::info(logcat, "Creating multisig address..."); CHECK_AND_ASSERT_THROW_MES( m_account.make_multisig( view_skey, rct::rct2sk(spend_skey), rct::rct2pk(spend_pkey), multisig_keys), "Failed to create multisig wallet due to bad keys"); memwipe(&spend_skey, sizeof(rct::key)); init_type(hw::device::type::SOFTWARE); m_original_keys_available = true; m_multisig = true; m_multisig_threshold = threshold; m_multisig_signers = multisig_signers; ++m_multisig_rounds_passed; // re-encrypt keys keys_reencryptor.invoke(); if (!m_wallet_file.empty()) { fs::path addrfile = m_wallet_file; addrfile += ".address.txt"; create_keys_file(m_wallet_file, false, password, fs::exists(addrfile)); } setup_new_blockchain(); if (!m_wallet_file.empty()) store(); return extra_multisig_info; } std::string wallet2::exchange_multisig_keys( const epee::wipeable_string& password, const std::vector& info) { THROW_WALLET_EXCEPTION_IF(info.empty(), error::wallet_internal_error, "Empty multisig info"); if (!tools::starts_with(info[0], MULTISIG_EXTRA_INFO_MAGIC)) { THROW_WALLET_EXCEPTION(error::wallet_internal_error, "Unsupported info string"); } std::vector signers; std::unordered_set pkeys; THROW_WALLET_EXCEPTION_IF( !unpack_extra_multisig_info(info, signers, pkeys), error::wallet_internal_error, "Bad extra multisig info"); return exchange_multisig_keys(password, pkeys, signers); } std::string wallet2::exchange_multisig_keys( const epee::wipeable_string& password, std::unordered_set derivations, std::vector signers) { CHECK_AND_ASSERT_THROW_MES(!derivations.empty(), "empty pkeys"); CHECK_AND_ASSERT_THROW_MES(!signers.empty(), "empty signers"); bool ready = false; CHECK_AND_ASSERT_THROW_MES(multisig(&ready), "The wallet is not multisig"); CHECK_AND_ASSERT_THROW_MES( !ready, "Multisig wallet creation process has already been finished"); // keys are decrypted bool reencrypt = false; crypto::chacha_key chacha_key; OXEN_DEFER { if (reencrypt) { m_account.encrypt_keys(chacha_key); m_account.decrypt_viewkey(chacha_key); } }; if (m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only) { crypto::generate_chacha_key(password.data(), password.size(), chacha_key, m_kdf_rounds); m_account.encrypt_viewkey(chacha_key); m_account.decrypt_keys(chacha_key); reencrypt = true; } if (m_multisig_rounds_passed == multisig_rounds_required(m_multisig_signers.size(), m_multisig_threshold) - 1) { // the last round is passed and we have to calculate spend public key // add ours if not included crypto::public_key local_signer = get_multisig_signer_public_key(); if (std::find(signers.begin(), signers.end(), local_signer) == signers.end()) { signers.push_back(local_signer); for (const auto& msk : get_account().get_multisig_keys()) { derivations.insert(rct::rct2pk(rct::scalarmultBase(rct::sk2rct(msk)))); } } CHECK_AND_ASSERT_THROW_MES(signers.size() == m_multisig_signers.size(), "Bad signers size"); // Summing all of unique public multisig keys to calculate common public spend key crypto::public_key spend_public_key = cryptonote::generate_multisig_M_N_spend_public_key( std::vector(derivations.begin(), derivations.end())); m_account_public_address.m_spend_public_key = spend_public_key; m_account.finalize_multisig(spend_public_key); m_multisig_signers = signers; std::sort(m_multisig_signers.begin(), m_multisig_signers.end()); ++m_multisig_rounds_passed; m_multisig_derivations.clear(); if (!m_wallet_file.empty()) { bool r = store_keys(m_keys_file, password, false); THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file); fs::path addrfile = m_wallet_file; addrfile += ".address.txt"; if (fs::exists(addrfile)) { r = tools::dump_file(addrfile, m_account.get_public_address_str(m_nettype)); if (!r) log::error(logcat, "String with address text not saved"); } } m_subaddresses.clear(); m_subaddress_labels.clear(); add_subaddress_account(tr("Primary account")); if (!m_wallet_file.empty()) store(); return {}; } // Below are either middle or secret spend key establishment rounds for (const auto& key : m_multisig_derivations) derivations.erase(key); // Deriving multisig keys (set of Mi = b * Bi) according to DH from other participants' multisig // keys. auto new_derivations = cryptonote::generate_multisig_derivations( get_account().get_keys(), std::vector(derivations.begin(), derivations.end())); std::string extra_multisig_info; if (m_multisig_rounds_passed == multisig_rounds_required(m_multisig_signers.size(), m_multisig_threshold) - 2) // next round is last { // Next round is last therefore we are performing secret spend establishment round as // described above. log::info(logcat, "Creating spend key..."); // Calculating our secret multisig keys by hashing our public multisig keys. auto multisig_keys = cryptonote::calculate_multisig_keys( std::vector(new_derivations.begin(), new_derivations.end())); // And summing it to get personal secret spend key crypto::secret_key spend_skey = cryptonote::calculate_multisig_signer_key(multisig_keys); m_account.make_multisig( m_account.get_keys().m_view_secret_key, spend_skey, rct::rct2pk(rct::identity()), multisig_keys); // Packing public multisig keys to exchange with others and calculate common public spend // key in the last round extra_multisig_info = pack_multisignature_keys(secret_keys_to_public_keys(multisig_keys), spend_skey); } else { // This is just middle round log::info(logcat, "Preparing keys for next exchange round..."); extra_multisig_info = pack_multisignature_keys(new_derivations, m_account.get_keys().m_spend_secret_key); m_multisig_derivations = new_derivations; } ++m_multisig_rounds_passed; if (!m_wallet_file.empty()) { fs::path addrfile = m_wallet_file; addrfile += ".address.txt"; create_keys_file(m_wallet_file, false, password, fs::exists(addrfile)); } return extra_multisig_info; } void wallet2::unpack_multisig_info( const std::vector& info, std::vector& public_keys, std::vector& secret_keys) const { // parse all multisig info public_keys.resize(info.size()); secret_keys.resize(info.size()); for (size_t i = 0; i < info.size(); ++i) { THROW_WALLET_EXCEPTION_IF( !verify_multisig_info(info[i], secret_keys[i], public_keys[i]), error::wallet_internal_error, "Bad multisig info: " + info[i]); } // remove duplicates for (size_t i = 0; i < secret_keys.size(); ++i) { for (size_t j = i + 1; j < secret_keys.size(); ++j) { if (rct::sk2rct(secret_keys[i]) == rct::sk2rct(secret_keys[j])) { log::debug(logcat, "Duplicate key found, ignoring"); secret_keys[j] = secret_keys.back(); public_keys[j] = public_keys.back(); secret_keys.pop_back(); public_keys.pop_back(); --j; } } } // people may include their own, weed it out const crypto::secret_key local_skey = cryptonote::get_multisig_blinded_secret_key(get_account().get_keys().m_view_secret_key); const crypto::public_key local_pkey = get_multisig_signer_public_key(get_account().get_keys().m_spend_secret_key); for (size_t i = 0; i < secret_keys.size(); ++i) { if (secret_keys[i] == local_skey) { log::debug(logcat, "Local key is present, ignoring"); secret_keys[i] = secret_keys.back(); public_keys[i] = public_keys.back(); secret_keys.pop_back(); public_keys.pop_back(); --i; } else { THROW_WALLET_EXCEPTION_IF( public_keys[i] == local_pkey, error::wallet_internal_error, "Found local spend public key, but not local view secret key - something very " "weird"); } } } std::string wallet2::make_multisig( const epee::wipeable_string& password, const std::vector& info, uint32_t threshold) { std::vector secret_keys(info.size()); std::vector public_keys(info.size()); unpack_multisig_info(info, public_keys, secret_keys); return make_multisig(password, secret_keys, public_keys, threshold); } bool wallet2::finalize_multisig( const epee::wipeable_string& password, const std::unordered_set& pkeys, std::vector signers) { bool ready; uint32_t threshold, total; if (!multisig(&ready, &threshold, &total)) { log::error(logcat, "This is not a multisig wallet"); return false; } if (ready) { log::error(logcat, "This multisig wallet is already finalized"); return false; } if (threshold + 1 != total) { log::error( logcat, "finalize_multisig should only be used for N-1/N wallets, use " "exchange_multisig_keys instead"); return false; } exchange_multisig_keys(password, pkeys, signers); return true; } bool wallet2::unpack_extra_multisig_info( const std::vector& info, std::vector& signers, std::unordered_set& pkeys) const { // parse all multisig info signers.resize(info.size(), crypto::null); for (size_t i = 0; i < info.size(); ++i) { if (!verify_extra_multisig_info(info[i], pkeys, signers[i])) { return false; } } return true; } bool wallet2::finalize_multisig( const epee::wipeable_string& password, const std::vector& info) { std::unordered_set public_keys; std::vector signers; if (!unpack_extra_multisig_info(info, signers, public_keys)) { log::error(logcat, "Bad multisig info"); return false; } return finalize_multisig(password, public_keys, signers); } std::string wallet2::get_multisig_info() const { // It's a signed package of private view key and public spend key const crypto::secret_key skey = cryptonote::get_multisig_blinded_secret_key(get_account().get_keys().m_view_secret_key); const crypto::public_key pkey = get_multisig_signer_public_key(get_account().get_keys().m_spend_secret_key); crypto::hash hash; std::string data; data += std::string((const char*)&skey, sizeof(crypto::secret_key)); data += std::string((const char*)&pkey, sizeof(crypto::public_key)); data.resize(data.size() + sizeof(crypto::signature)); crypto::cn_fast_hash(data.data(), data.size() - sizeof(signature), hash); crypto::signature& signature = *(crypto::signature*)&data[data.size() - sizeof(crypto::signature)]; crypto::generate_signature( hash, pkey, get_multisig_blinded_secret_key(get_account().get_keys().m_spend_secret_key), signature); return std::string{MULTISIG_MAGIC} + tools::base58::encode(data); } bool wallet2::verify_multisig_info( const std::string& data, crypto::secret_key& skey, crypto::public_key& pkey) { if (!tools::starts_with(data, MULTISIG_MAGIC)) { log::error(logcat, "Multisig info header check error"); return false; } std::string decoded; if (!tools::base58::decode(data.substr(MULTISIG_MAGIC.size()), decoded)) { log::error(logcat, "Multisig info decoding error"); return false; } if (decoded.size() != sizeof(crypto::secret_key) + sizeof(crypto::public_key) + sizeof(crypto::signature)) { log::error(logcat, "Multisig info is corrupt"); return false; } size_t offset = 0; skey = *(const crypto::secret_key*)(decoded.data() + offset); offset += sizeof(skey); pkey = *(const crypto::public_key*)(decoded.data() + offset); offset += sizeof(pkey); const crypto::signature& signature = *(const crypto::signature*)(decoded.data() + offset); crypto::hash hash; crypto::cn_fast_hash(decoded.data(), decoded.size() - sizeof(signature), hash); if (!crypto::check_signature(hash, pkey, signature)) { log::error(logcat, "Multisig info signature is invalid"); return false; } return true; } bool wallet2::verify_extra_multisig_info( const std::string& data, std::unordered_set& pkeys, crypto::public_key& signer) { if (!tools::starts_with(data, MULTISIG_EXTRA_INFO_MAGIC)) { log::error(logcat, "Multisig info header check error"); return false; } std::string decoded; if (!tools::base58::decode(data.substr(MULTISIG_EXTRA_INFO_MAGIC.size()), decoded)) { log::error(logcat, "Multisig info decoding error"); return false; } if (decoded.size() < sizeof(crypto::public_key) + sizeof(crypto::signature)) { log::error(logcat, "Multisig info is corrupt"); return false; } if ((decoded.size() - (sizeof(crypto::public_key) + sizeof(crypto::signature))) % sizeof(crypto::public_key)) { log::error(logcat, "Multisig info is corrupt"); return false; } const size_t n_keys = (decoded.size() - (sizeof(crypto::public_key) + sizeof(crypto::signature))) / sizeof(crypto::public_key); size_t offset = 0; signer = *(const crypto::public_key*)(decoded.data() + offset); offset += sizeof(signer); const crypto::signature& signature = *(const crypto:: signature*)(decoded.data() + offset + n_keys * sizeof(crypto::public_key)); crypto::hash hash; crypto::cn_fast_hash(decoded.data(), decoded.size() - sizeof(signature), hash); if (!crypto::check_signature(hash, signer, signature)) { log::error(logcat, "Multisig info signature is invalid"); return false; } for (size_t n = 0; n < n_keys; ++n) { crypto::public_key mspk = *(const crypto::public_key*)(decoded.data() + offset); pkeys.insert(mspk); offset += sizeof(mspk); } return true; } bool wallet2::multisig(bool* ready, uint32_t* threshold, uint32_t* total) const { if (!m_multisig) return false; if (threshold) *threshold = m_multisig_threshold; if (total) *total = m_multisig_signers.size(); if (ready) *ready = !(get_account().get_keys().m_account_address.m_spend_public_key == rct::rct2pk(rct::identity())); return true; } bool wallet2::has_multisig_partial_key_images() const { if (!m_multisig) return false; for (const auto& td : m_transfers) if (td.m_key_image_partial) return true; return false; } bool wallet2::has_unknown_key_images() const { for (const auto& td : m_transfers) if (!td.m_key_image_known) return true; return false; } /*! * \brief Rewrites to the wallet file for wallet upgrade (doesn't generate key, assumes it's already * there) \param wallet_name Name of wallet file (should exist) \param password Password for * wallet file */ void wallet2::rewrite(const fs::path& wallet_name, const epee::wipeable_string& password) { if (wallet_name.empty()) return; prepare_file_names(wallet_name); std::error_code ignored_ec; THROW_WALLET_EXCEPTION_IF( !fs::exists(m_keys_file, ignored_ec), error::file_not_found, m_keys_file); bool r = store_keys(m_keys_file, password, m_watch_only); THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file); } /*! * \brief Writes to a file named based on the normal wallet (doesn't generate key, assumes it's * already there) \param wallet_name Base name of wallet file \param password Password for * wallet file \param new_keys_filename [OUT] Name of new keys file */ void wallet2::write_watch_only_wallet( const fs::path& wallet_name, const epee::wipeable_string& password, fs::path& new_keys_filename) { prepare_file_names(wallet_name); std::error_code ec; new_keys_filename = m_wallet_file; new_keys_filename += "-watchonly.keys"; THROW_WALLET_EXCEPTION_IF( fs::exists(new_keys_filename, ec), error::file_save_error, new_keys_filename); bool r = store_keys(new_keys_filename, password, true); THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, new_keys_filename); } //---------------------------------------------------------------------------------------------------- void wallet2::wallet_exists( const fs::path& file_path, bool& keys_file_exists, bool& wallet_file_exists) { fs::path keys_file, wallet_file; [[maybe_unused]] fs::path mms_file; do_prepare_file_names( file_path, keys_file, wallet_file #ifdef WALLET_ENABLE_MMS , mms_file #endif ); std::error_code ignore; keys_file_exists = fs::exists(keys_file, ignore); wallet_file_exists = fs::exists(wallet_file, ignore); } //---------------------------------------------------------------------------------------------------- bool wallet2::parse_payment_id(std::string_view payment_id_str, crypto::hash& payment_id) { if (tools::hex_to_type(payment_id_str, payment_id)) return true; crypto::hash8 payment_id8; if (tools::hex_to_type(payment_id_str, payment_id8)) { payment_id = payment_id8; return true; } return false; } //---------------------------------------------------------------------------------------------------- bool wallet2::prepare_file_names(const fs::path& file_path) { do_prepare_file_names( file_path, m_keys_file, m_wallet_file #ifdef WALLET_ENABLE_MMS , m_mms_file #endif ); return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::check_connection(rpc::version_t* version, bool* ssl, bool throw_on_http_error) { THROW_WALLET_EXCEPTION_IF(!m_is_initialized, error::wallet_not_initialized); if (version) *version = {}; if (m_offline) { m_rpc_version = 0; if (version) *version = {}; if (ssl) *ssl = false; return false; } if (ssl) *ssl = tools::starts_with(m_http_client.get_base_url(), "https://"); if (!m_rpc_version) { try { auto res = m_http_client.json_rpc("get_version", {}); if (res["status"] != rpc::STATUS_OK) return false; m_rpc_version = res["version"]; } catch (...) { return false; } } if (version) *version = rpc::make_version(m_rpc_version); return true; } //---------------------------------------------------------------------------------------------------- void wallet2::set_offline(bool offline) { m_offline = offline; m_node_rpc_proxy.set_offline(offline); } //---------------------------------------------------------------------------------------------------- bool wallet2::generate_chacha_key_from_secret_keys(crypto::chacha_key& key) const { hw::device& hwdev = m_account.get_device(); return hwdev.generate_chacha_key(m_account.get_keys(), key, m_kdf_rounds); } //---------------------------------------------------------------------------------------------------- void wallet2::generate_chacha_key_from_password( const epee::wipeable_string& pass, crypto::chacha_key& key) const { crypto::generate_chacha_key(pass.data(), pass.size(), key, m_kdf_rounds); } //---------------------------------------------------------------------------------------------------- void wallet2::load( const fs::path& wallet_, const epee::wipeable_string& password, const std::string& keys_buf, const std::string& cache_buf) { clear(); prepare_file_names(wallet_); // determine if loading from file system or string buffer bool use_fs = !wallet_.empty(); THROW_WALLET_EXCEPTION_IF( (use_fs && !keys_buf.empty()) || (!use_fs && keys_buf.empty()), error::file_read_error, "must load keys either from file system or from buffer"); std::error_code e; if (use_fs) { bool exists = fs::exists(m_keys_file, e); THROW_WALLET_EXCEPTION_IF(e || !exists, error::file_not_found, m_keys_file); lock_keys_file(); THROW_WALLET_EXCEPTION_IF( !is_keys_file_locked(), error::wallet_internal_error, "internal error: \"" + m_keys_file.u8string() + "\" is opened by another wallet program"); // this temporary unlocking is necessary for Windows (otherwise the file couldn't be // loaded). unlock_keys_file(); if (!load_keys(m_keys_file, password)) { THROW_WALLET_EXCEPTION_IF(true, error::file_read_error, m_keys_file); } log::warning( logcat, "Loaded wallet keys file, with public address: {}", m_account.get_public_address_str(m_nettype)); lock_keys_file(); } else if (!load_keys_buf(keys_buf, password)) { THROW_WALLET_EXCEPTION_IF(true, error::file_read_error, "failed to load keys from buffer"); } wallet_keys_unlocker unlocker( *this, m_ask_password == AskPasswordToDecrypt && !m_unattended && !m_watch_only, password); // keys loaded ok! // try to load wallet file. but even if we failed, it is not big problem if (use_fs && (!fs::exists(m_wallet_file, e) || e)) { log::warning(logcat, "file not found: {}, starting with empty blockchain", m_wallet_file); m_account_public_address = m_account.get_keys().m_account_address; } else if (use_fs || !cache_buf.empty()) { wallet2::cache_file_data cache_file_data; std::string cache_file_buf; bool r = true; if (use_fs) { r = tools::slurp_file(m_wallet_file, cache_file_buf); THROW_WALLET_EXCEPTION_IF(!r, error::file_read_error, m_wallet_file); } // try to read it as an encrypted cache try { log::info(logcat, "Trying to decrypt cache data"); try { serialization::parse_binary(use_fs ? cache_file_buf : cache_buf, cache_file_data); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION( error::wallet_internal_error, "internal error: failed to deserialize \"" + m_wallet_file.u8string() + "\": " + e.what()); } std::string cache_data; cache_data.resize(cache_file_data.cache_data.size()); crypto::chacha20( cache_file_data.cache_data.data(), cache_file_data.cache_data.size(), m_cache_key, cache_file_data.iv, &cache_data[0]); try { std::stringstream iss; iss << cache_data; boost::archive::portable_binary_iarchive ar(iss); ar >> *this; } catch (...) { // try with previous scheme: direct from keys crypto::chacha_key key; generate_chacha_key_from_secret_keys(key); crypto::chacha20( cache_file_data.cache_data.data(), cache_file_data.cache_data.size(), key, cache_file_data.iv, &cache_data[0]); try { std::stringstream iss; iss << cache_data; boost::archive::portable_binary_iarchive ar(iss); ar >> *this; } catch (...) { crypto::chacha8( cache_file_data.cache_data.data(), cache_file_data.cache_data.size(), key, cache_file_data.iv, &cache_data[0]); try { std::stringstream iss; iss << cache_data; boost::archive::portable_binary_iarchive ar(iss); ar >> *this; } catch (...) { log::warning(logcat, "Failed to open portable binary, trying unportable"); auto unportable = m_wallet_file; unportable += ".unportable"; if (use_fs) fs::copy_file( m_wallet_file, unportable, fs::copy_options::overwrite_existing); std::stringstream iss; iss << cache_data; boost::archive::binary_iarchive ar(iss); ar >> *this; } } } } catch (...) { log::info(logcat, "Failed to load encrypted cache, trying unencrypted"); try { std::stringstream iss; iss << cache_file_buf; boost::archive::portable_binary_iarchive ar(iss); ar >> *this; } catch (...) { log::warning(logcat, "Failed to open portable binary, trying unportable"); auto unportable = m_wallet_file; unportable += ".unportable"; if (use_fs) fs::copy_file(m_wallet_file, unportable, fs::copy_options::overwrite_existing); std::stringstream iss; iss << cache_file_buf; boost::archive::binary_iarchive ar(iss); ar >> *this; } } THROW_WALLET_EXCEPTION_IF( m_account_public_address.m_spend_public_key != m_account.get_keys().m_account_address.m_spend_public_key || m_account_public_address.m_view_public_key != m_account.get_keys().m_account_address.m_view_public_key, error::wallet_files_doesnt_correspond, m_keys_file, m_wallet_file); } cryptonote::block genesis; generate_genesis(genesis); crypto::hash genesis_hash = get_block_hash(genesis); if (m_blockchain.empty()) { m_blockchain.push_back(genesis_hash); m_last_block_reward = cryptonote::get_outs_money_amount(genesis.miner_tx); m_cached_height = m_blockchain.size(); #ifdef SCAN_GENESIS_BLOCK std::vector o_indices(genesis.miner_tx.vout.size()); std::iota(o_indices.begin(), o_indices.end(), 0); process_new_transaction( get_transaction_hash(genesis.miner_tx), genesis.miner_tx, o_indices, 0, genesis.major_version, genesis.timestamp, true, false, false, false, {}, nullptr); #endif } else { check_genesis(genesis_hash); } trim_hashchain(); if (get_num_subaddress_accounts() == 0) add_subaddress_account(tr("Primary account")); try { find_and_save_rings(false); } catch (const std::exception& e) { log::error(logcat, "Failed to save rings, will try again next time"); } #ifdef WALLET_ENABLE_MMS try { if (use_fs) m_message_store.read_from_file(get_multisig_wallet_state(), m_mms_file); } catch (const std::exception& e) { log::error(logcat, "Failed to initialize MMS, it will be unusable"); } #endif } //---------------------------------------------------------------------------------------------------- void wallet2::trim_hashchain() { uint64_t height = 0; cryptonote::get_newest_hardcoded_checkpoint(nettype(), &height); for (const transfer_details& td : m_transfers) if (td.m_block_height < height) height = td.m_block_height; if (!m_blockchain.empty() && m_blockchain.size() == m_blockchain.offset()) { log::info(logcat, "Fixing empty hashchain"); nlohmann::json req_params{{"height", m_blockchain.size() - 1}}; try { auto res = m_http_client.json_rpc("get_block_header_by_height", req_params); if (res["status"] == rpc::STATUS_OK) { crypto::hash hash; tools::hex_to_type(res["block_header"]["hash"].get(), hash); m_blockchain.refill(hash); } else { log::error( logcat, "Failed to request block header from daemon, hash chain may be unable to " "sync till the wallet is loaded with a usable daemon"); } } catch (const std::exception& e) { log::error( logcat, "Failed to request block header from daemon when requesting " "get_block_header_by_height, hash chain may be unable to sync till the wallet " "is loaded with a usable daemon"); } } if (height > 0 && m_blockchain.size() > height) { --height; log::debug(logcat, "trimming to {}, offset {}", height, m_blockchain.offset()); m_blockchain.trim(height); } m_cached_height = m_blockchain.size(); } //---------------------------------------------------------------------------------------------------- void wallet2::check_genesis(const crypto::hash& genesis_hash) const { std::string what( "Genesis block mismatch. (Perhaps you forgot to use --testnet or --stagenet for a " "testnet/stagenet wallet?)"); THROW_WALLET_EXCEPTION_IF( genesis_hash != m_blockchain.genesis(), error::wallet_internal_error, what); } //---------------------------------------------------------------------------------------------------- const fs::path& wallet2::path() const { return m_wallet_file; } //---------------------------------------------------------------------------------------------------- void wallet2::store() { if (!m_wallet_file.empty()) store_to("", epee::wipeable_string()); } //---------------------------------------------------------------------------------------------------- void wallet2::store_to(const fs::path& path, const epee::wipeable_string& password) { trim_hashchain(); // if file is the same, we do: // 1. save wallet to the *.new file // 2. remove old wallet file // 3. rename *.new to wallet_name // handle if we want just store wallet state to current files (ex store() replacement); std::error_code ec; bool same_file = path.empty() || (fs::exists(path, ec) && fs::equivalent(m_wallet_file, path, ec)); if (!same_file) { // check if we want to store to directory which doesn't exists yet auto parent_path = path.parent_path(); // if path is not exists, try to create it if (!parent_path.empty() && !fs::exists(parent_path)) fs::create_directories(parent_path); } // get wallet cache data std::optional cache_file_data = get_cache_file_data(password); THROW_WALLET_EXCEPTION_IF( !cache_file_data, error::wallet_internal_error, "failed to generate wallet cache data"); const auto& old_file = m_wallet_file; const auto& old_keys_file = m_keys_file; fs::path old_address_file = m_wallet_file; old_address_file += ".address.txt"; // save keys to the new file // if we here, main wallet file is saved and we only need to save keys and address files if (!same_file) { prepare_file_names(path); bool r = store_keys(m_keys_file, password, false); THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file); if (fs::exists(old_address_file)) { // save address to the new file fs::path address_file = path; address_file += ".address.txt"; r = tools::dump_file(address_file, m_account.get_public_address_str(m_nettype)); THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_wallet_file); // remove old address file if (!fs::remove(old_address_file, ec)) log::error(logcat, "error removing file: {}: {}", old_address_file, ec.message()); } // remove old wallet file if (!fs::remove(old_file, ec)) log::error(logcat, "error removing file: {}: {}", old_file, ec.message()); // remove old keys file if (!fs::remove(old_keys_file, ec)) log::error(logcat, "error removing file: {}: {}", old_keys_file, ec.message()); #ifdef WALLET_ENABLE_MMS // remove old message store file if (fs::exists(m_mms_file, ec) && !fs::remove(m_mms_file, ec)) log::error(logcat, "error removing file: {}: {}", m_mms_file, ec.message()); #endif } else { // save to new file fs::path new_file = m_wallet_file; new_file += ".new"; try { fs::ofstream ostr{new_file, std::ios_base::binary | std::ios_base::trunc}; serialization::binary_archiver oar{ostr}; serialization::serialize(oar, *cache_file_data); } catch (const std::exception& e) { THROW_WALLET_EXCEPTION(error::file_save_error, new_file); } // here we have "*.new" file, we need to rename it to be without ".new" std::error_code e; #ifdef WIN32 // std::filesystem on Windows seems buggy: the standard requires that it overwrites // (atomically), but it doesn't and instead fails when the file already exists, so manually // remove it first. If it fails then just ignore it and let the rename try anyway. fs::remove(m_wallet_file, e); #endif fs::rename(new_file, m_wallet_file, e); THROW_WALLET_EXCEPTION_IF(e, error::file_save_error, m_wallet_file, e); } #ifdef WALLET_ENABLE_MMS if (m_message_store.get_active()) { // While the "m_message_store" object of course always exist, a file for the message // store should only exist if the MMS is really active m_message_store.write_to_file(get_multisig_wallet_state(), m_mms_file); } #endif } //---------------------------------------------------------------------------------------------------- std::optional wallet2::get_cache_file_data( const epee::wipeable_string& passwords) { trim_hashchain(); try { std::stringstream oss; boost::archive::portable_binary_oarchive ar(oss); ar << *this; std::optional cache_file_data = (wallet2::cache_file_data){}; cache_file_data->cache_data = oss.str(); std::string cipher; cipher.resize(cache_file_data->cache_data.size()); cache_file_data->iv = crypto::rand(); crypto::chacha20( cache_file_data->cache_data.data(), cache_file_data->cache_data.size(), m_cache_key, cache_file_data->iv, &cipher[0]); cache_file_data->cache_data = cipher; return cache_file_data; } catch (...) { return std::nullopt; } } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::balance(uint32_t index_major, bool strict) const { uint64_t amount = 0; #ifdef ENABLE_LIGHT_WALLET if (m_light_wallet) return m_light_wallet_unlocked_balance; #endif for (const auto& i : balance_per_subaddress(index_major, strict)) amount += i.second; return amount; } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::unlocked_balance( uint32_t index_major, bool strict, uint64_t* blocks_to_unlock, uint64_t* time_to_unlock) const { uint64_t amount = 0; if (blocks_to_unlock) *blocks_to_unlock = 0; if (time_to_unlock) *time_to_unlock = 0; #ifdef ENABLE_LIGHT_WALLET if (m_light_wallet) return m_light_wallet_balance; #endif for (const auto& i : unlocked_balance_per_subaddress(index_major, strict)) { amount += i.second.first; if (blocks_to_unlock && i.second.second.first > *blocks_to_unlock) *blocks_to_unlock = i.second.second.first; if (time_to_unlock && i.second.second.second > *time_to_unlock) *time_to_unlock = i.second.second.second; } return amount; } //---------------------------------------------------------------------------------------------------- std::map wallet2::balance_per_subaddress( uint32_t index_major, bool strict) const { std::map amount_per_subaddr; for (const auto& td : m_transfers) { if (td.m_subaddr_index.major == index_major && !is_spent(td, strict) && !td.m_frozen) { auto found = amount_per_subaddr.find(td.m_subaddr_index.minor); if (found == amount_per_subaddr.end()) amount_per_subaddr[td.m_subaddr_index.minor] = td.amount(); else found->second += td.amount(); } } if (!strict) { for (const auto& utx : m_unconfirmed_txs) { if (utx.second.m_subaddr_account == index_major && utx.second.m_state != wallet2::unconfirmed_transfer_details::failed) { // all changes go to 0-th subaddress (in the current subaddress account) auto found = amount_per_subaddr.find(0); if (found == amount_per_subaddr.end()) amount_per_subaddr[0] = utx.second.m_change; else found->second += utx.second.m_change; } } } return amount_per_subaddr; } //---------------------------------------------------------------------------------------------------- std::map>> wallet2::unlocked_balance_per_subaddress(uint32_t index_major, bool strict) const { std::map>> amount_per_subaddr; const uint64_t blockchain_height = get_blockchain_current_height(); const uint64_t now = time(nullptr); for (const transfer_details& td : m_transfers) { if (td.m_subaddr_index.major == index_major && !is_spent(td, strict) && !td.m_frozen) { uint64_t amount = 0, blocks_to_unlock = 0, time_to_unlock = 0; if (is_transfer_unlocked(td)) { amount = td.amount(); blocks_to_unlock = 0; time_to_unlock = 0; } else { uint64_t unlock_height = td.m_unmined_blink && td.m_block_height == 0 ? blockchain_height : td.m_block_height; unlock_height += std::max( DEFAULT_TX_SPENDABLE_AGE, LOCKED_TX_ALLOWED_DELTA_BLOCKS); if (td.m_tx.unlock_time < MAX_BLOCK_NUMBER && td.m_tx.unlock_time > unlock_height) unlock_height = td.m_tx.unlock_time; uint64_t unlock_time = td.m_tx.unlock_time >= MAX_BLOCK_NUMBER ? td.m_tx.unlock_time : 0; blocks_to_unlock = unlock_height > blockchain_height ? unlock_height - blockchain_height : 0; time_to_unlock = unlock_time > now ? unlock_time - now : 0; amount = 0; } auto found = amount_per_subaddr.find(td.m_subaddr_index.minor); if (found == amount_per_subaddr.end()) amount_per_subaddr[td.m_subaddr_index.minor] = std::make_pair(amount, std::make_pair(blocks_to_unlock, time_to_unlock)); else { found->second.first += amount; found->second.second.first = std::max(found->second.second.first, blocks_to_unlock); found->second.second.second = std::max(found->second.second.second, time_to_unlock); } } } return amount_per_subaddr; } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::balance_all(bool strict) const { uint64_t r = 0; for (uint32_t index_major = 0; index_major < get_num_subaddress_accounts(); ++index_major) r += balance(index_major, strict); return r; } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::unlocked_balance_all( bool strict, uint64_t* blocks_to_unlock, uint64_t* time_to_unlock) const { uint64_t r = 0; if (blocks_to_unlock) *blocks_to_unlock = 0; if (time_to_unlock) *time_to_unlock = 0; for (uint32_t index_major = 0; index_major < get_num_subaddress_accounts(); ++index_major) { uint64_t local_blocks_to_unlock, local_time_to_unlock; r += unlocked_balance( index_major, strict, blocks_to_unlock ? &local_blocks_to_unlock : nullptr, time_to_unlock ? &local_time_to_unlock : nullptr); if (blocks_to_unlock) *blocks_to_unlock = std::max(*blocks_to_unlock, local_blocks_to_unlock); if (time_to_unlock) *time_to_unlock = std::max(*time_to_unlock, local_time_to_unlock); } return r; } //---------------------------------------------------------------------------------------------------- void wallet2::get_transfers(wallet2::transfer_container& incoming_transfers) const { incoming_transfers = m_transfers; } //------------------------------------------------------------------------------------------------------------------------------ static void set_confirmations( wallet::transfer_view& entry, uint64_t blockchain_height, uint64_t block_reward) { if (entry.height >= blockchain_height || (entry.height == 0 && (entry.blink_mempool || entry.type == "pending" || entry.type == "pool"))) entry.confirmations = 0; else entry.confirmations = blockchain_height - entry.height; if (block_reward == 0 || entry.blink_mempool || entry.was_blink) entry.suggested_confirmations_threshold = 0; else entry.suggested_confirmations_threshold = (entry.amount + block_reward - 1) / block_reward; } static std::string hex_payment_id(const crypto::hash& p) { std::string_view pid = tools::view_guts(p); if (pid.find_first_not_of('\0', 8) == std::string::npos) pid = pid.substr(0, 8); return oxenc::to_hex(pid); } //---------------------------------------------------------------------------------------------------- wallet::transfer_view wallet2::make_transfer_view( const crypto::hash& txid, const crypto::hash& payment_id, const tools::wallet2::payment_details& pd) const { wallet::transfer_view result = {}; result.txid = tools::type_to_hex(pd.m_tx_hash); result.hash = txid; result.payment_id = hex_payment_id(payment_id); result.height = pd.m_block_height; result.timestamp = pd.m_timestamp; result.amount = pd.m_amount; result.unlock_time = pd.m_unlock_time; result.fee = pd.m_fee; result.note = get_tx_note(pd.m_tx_hash); result.pay_type = pd.m_type; result.subaddr_index = pd.m_subaddr_index; result.subaddr_indices.push_back(pd.m_subaddr_index); result.address = get_subaddress_as_str(pd.m_subaddr_index); result.confirmed = true; result.blink_mempool = pd.m_unmined_blink; result.was_blink = pd.m_was_blink; // TODO(sacha): is this just for in or also coinbase? const bool unlocked = is_transfer_unlocked(result.unlock_time, result.height, result.blink_mempool); result.locked = !unlocked; result.lock_msg = unlocked ? "unlocked" : "locked"; set_confirmations(result, get_blockchain_current_height(), get_last_block_reward()); result.checkpointed = (result.height == 0 && pd.m_unmined_blink ? false : result.height <= m_immutable_height); return result; } //------------------------------------------------------------------------------------------------------------------------------ wallet::transfer_view wallet2::wallet2::make_transfer_view( const crypto::hash& txid, const tools::wallet2::confirmed_transfer_details& pd) const { wallet::transfer_view result = {}; result.txid = tools::type_to_hex(txid); result.hash = txid; result.payment_id = hex_payment_id(pd.m_payment_id); result.height = pd.m_block_height; result.timestamp = pd.m_timestamp; result.unlock_time = pd.m_unlock_time; result.locked = !is_transfer_unlocked(pd.m_unlock_time, pd.m_block_height, false); result.fee = pd.m_amount_in - pd.m_amount_out; uint64_t change = pd.m_change == (uint64_t)-1 ? 0 : pd.m_change; // change may not be known result.amount = pd.m_amount_in - change - result.fee; result.note = get_tx_note(txid); for (const auto& d : pd.m_dests) { result.destinations.push_back({}); auto& td = result.destinations.back(); td.amount = d.amount; td.address = d.address(nettype(), pd.m_payment_id); } result.pay_type = pd.m_pay_type; result.subaddr_index = {pd.m_subaddr_account, 0}; for (uint32_t i : pd.m_subaddr_indices) result.subaddr_indices.push_back({pd.m_subaddr_account, i}); result.address = get_subaddress_as_str({pd.m_subaddr_account, 0}); result.confirmed = true; result.checkpointed = result.height <= m_immutable_height; set_confirmations(result, get_blockchain_current_height(), get_last_block_reward()); return result; } //------------------------------------------------------------------------------------------------------------------------------ wallet::transfer_view wallet2::make_transfer_view( const crypto::hash& txid, const tools::wallet2::unconfirmed_transfer_details& pd) const { wallet::transfer_view result = {}; bool is_failed = pd.m_state == tools::wallet2::unconfirmed_transfer_details::failed; result.txid = tools::type_to_hex(txid); result.hash = txid; result.payment_id = hex_payment_id(pd.m_payment_id); result.height = 0; result.timestamp = pd.m_timestamp; result.fee = pd.m_amount_in - pd.m_amount_out; result.amount = pd.m_amount_in - pd.m_change - result.fee; result.unlock_time = pd.m_tx.unlock_time; result.locked = true; result.note = get_tx_note(txid); for (const auto& d : pd.m_dests) { result.destinations.push_back({}); auto& td = result.destinations.back(); td.amount = d.amount; td.address = d.address(nettype(), pd.m_payment_id); } result.pay_type = pd.m_pay_type; result.type = is_failed ? "failed" : "pending"; result.subaddr_index = {pd.m_subaddr_account, 0}; for (uint32_t i : pd.m_subaddr_indices) result.subaddr_indices.push_back({pd.m_subaddr_account, i}); result.address = get_subaddress_as_str({pd.m_subaddr_account, 0}); set_confirmations(result, get_blockchain_current_height(), get_last_block_reward()); return result; } //------------------------------------------------------------------------------------------------------------------------------ wallet::transfer_view wallet2::make_transfer_view( const crypto::hash& payment_id, const tools::wallet2::pool_payment_details& ppd) const { wallet::transfer_view result = {}; const tools::wallet2::payment_details& pd = ppd.m_pd; result.txid = tools::type_to_hex(pd.m_tx_hash); result.hash = pd.m_tx_hash; result.payment_id = hex_payment_id(payment_id); result.height = 0; result.timestamp = pd.m_timestamp; result.amount = pd.m_amount; result.unlock_time = pd.m_unlock_time; result.locked = true; result.fee = pd.m_fee; result.note = get_tx_note(pd.m_tx_hash); result.double_spend_seen = ppd.m_double_spend_seen; result.pay_type = wallet::pay_type::unspecified; result.type = "pool"; result.subaddr_index = pd.m_subaddr_index; result.subaddr_indices.push_back(pd.m_subaddr_index); result.address = get_subaddress_as_str(pd.m_subaddr_index); set_confirmations(result, get_blockchain_current_height(), get_last_block_reward()); return result; } //---------------------------------------------------------------------------------------------------- void wallet2::get_transfers( get_transfers_args_t args, std::vector& transfers) { std::optional account_index = args.account_index; if (args.all_accounts) { account_index = std::nullopt; args.subaddr_indices.clear(); } if (args.filter_by_height) args.max_height = std::clamp(args.max_height, args.min_height, MAX_BLOCK_NUMBER); int args_count = args.in + args.out + args.stake + args.pending + args.failed + args.pool + args.coinbase; if (args_count == 0) args.in = args.out = args.stake = args.pending = args.failed = args.pool = args.coinbase = true; std::list> in; std::list> out; std::list> pending_or_failed; std::list> pool; log::debug( logcat, "Getting transfers of type(s) {}{}{}{}{} for heights in[{},{}]", (args.in ? "in " : ""), (args.out ? "out " : ""), (args.pending ? "pending " : ""), (args.failed ? "failed " : ""), (args.pool ? "pool " : ""), args.min_height, args.max_height); size_t size = 0; if (args.in) { get_payments(in, args.min_height, args.max_height, account_index, args.subaddr_indices); size += in.size(); } if (args.out || args.stake) { get_payments_out( out, args.min_height, args.max_height, account_index, args.subaddr_indices); size += out.size(); } if (args.pending || args.failed) { get_unconfirmed_payments_out(pending_or_failed, account_index, args.subaddr_indices); size += pending_or_failed.size(); } if (args.pool) { get_unconfirmed_payments(pool, account_index, args.subaddr_indices); size += pool.size(); } // Fill transfers transfers.reserve(size); for (const auto& i : in) transfers.push_back(make_transfer_view(i.second.m_tx_hash, i.first, i.second)); for (const auto& o : out) { bool add_entry = true; if (args.stake && args_count == 1) add_entry = o.second.m_pay_type == wallet::pay_type::stake; if (args.ons && args_count == 1) add_entry = o.second.m_pay_type == wallet::pay_type::ons; if (add_entry) transfers.push_back(make_transfer_view(o.first, o.second)); } for (const auto& pof : pending_or_failed) { bool is_failed = pof.second.m_state == tools::wallet2::unconfirmed_transfer_details::failed; if (is_failed ? args.failed : args.pending) transfers.push_back(make_transfer_view(pof.first, pof.second)); } for (const auto& p : pool) transfers.push_back(make_transfer_view(p.first, p.second)); std::sort(transfers.begin(), transfers.end(), [](const auto& a, const auto& b) -> bool { if (a.confirmed != b.confirmed) return a.confirmed; if (a.blink_mempool != b.blink_mempool) return b.blink_mempool; if (a.height != b.height) return a.height < b.height; if (a.timestamp != b.timestamp) return a.timestamp < b.timestamp; return a.hash < b.hash; }); } std::string wallet2::transfers_to_csv( const std::vector& transfers, bool formatting) const { uint64_t running_balance = 0; auto title_format = "{},{},{},{},{},{},{},{},{},{},{},{},{},{}\n"sv; auto data_format = "{},{},{},{},{},{},{},{},{},{},{},{},{},{}\n"sv; auto coin_format = "{:d}.{:09d}"sv; if (formatting) { title_format = "{:>8s}, {:>9s}, {:>9s}, {:>12s}, {:^23s}, {:>21s}, {:>21s}, {:^64s}, {:^16s}, {:>21s}, {:^97s}, {:>21s}, {:>5s}, {:s}\n"sv; data_format = "{:>8s}, {:>9s}, {:>9s}, {:>12s}, {:>23s}, {:>21s}, {:>21s}, {:>64s}, {:^16s}, {:>21s}, {:>97s}, {:>21s}, {:>5s}, {:s}\n"sv; coin_format = "{:11d}.{:09d}"sv; } std::stringstream output; output << fmt::format( title_format, tr("block"), tr("type"), tr("lock"), tr("checkpointed"), tr("timestamp"), tr("amount"), tr("running balance"), tr("hash"), tr("payment ID"), tr("fee"), tr("destination"), tr("sent_amount"), tr("index"), tr("note")); for (const auto& transfer : transfers) { switch (transfer.pay_type) { case wallet::pay_type::in: case wallet::pay_type::miner: case wallet::pay_type::service_node: case wallet::pay_type::governance: running_balance += transfer.amount; break; case wallet::pay_type::stake: case wallet::pay_type::ons: running_balance -= transfer.fee; break; case wallet::pay_type::out: running_balance -= transfer.amount + transfer.fee; break; default: log::error( logcat, "Warning: Unhandled pay type, this is most likely a developer error, " "please report it to the Oxen developers."); break; } std::string indices; for (auto& index : transfer.subaddr_indices) { if (!indices.empty()) indices += ","; indices += std::to_string(index.minor); } if (transfer.subaddr_indices.size() > 1) indices = '"' + indices + '"'; output << fmt::format( data_format, transfer.type.size() ? transfer.type : std::to_string(transfer.height), pay_type_string(transfer.pay_type), transfer.lock_msg, (transfer.checkpointed ? "yes" : "no"), tools::get_human_readable_timestamp(transfer.timestamp), fmt::format( coin_format, transfer.amount / oxen::COIN, transfer.amount % oxen::COIN), fmt::format( coin_format, running_balance / oxen::COIN, running_balance % oxen::COIN), transfer.txid, transfer.payment_id, cryptonote::print_money(transfer.fee), (transfer.destinations.size() ? transfer.destinations.front().address : "-"), (transfer.destinations.size() ? fmt::format( coin_format, transfer.destinations.front().amount / oxen::COIN, transfer.destinations.front().amount % oxen::COIN) : ""), indices, transfer.note); if (transfer.destinations.size() <= 1) continue; // print subsequent destination addresses and amounts for (auto it = std::next(transfer.destinations.cbegin()); it != transfer.destinations.cend(); ++it) output << fmt::format( data_format, "", "", "", "", "", "", "", "", "", "", it->address, fmt::format(coin_format, it->amount / oxen::COIN, it->amount % oxen::COIN), "", ""); } return output.str(); } //---------------------------------------------------------------------------------------------------- void wallet2::get_payments( const crypto::hash& payment_id, std::list& payments, uint64_t min_height, const std::optional& subaddr_account, const std::set& subaddr_indices) const { auto range = m_payments.equal_range(payment_id); std::for_each( range.first, range.second, [&payments, &min_height, &subaddr_account, &subaddr_indices]( const payment_container::value_type& x) { if (min_height <= x.second.m_block_height && (!subaddr_account || *subaddr_account == x.second.m_subaddr_index.major) && (subaddr_indices.empty() || subaddr_indices.count(x.second.m_subaddr_index.minor) == 1)) { payments.push_back(x.second); } }); } //---------------------------------------------------------------------------------------------------- void wallet2::get_payments( std::list>& payments, uint64_t min_height, uint64_t max_height, const std::optional& subaddr_account, const std::set& subaddr_indices) const { auto range = std::make_pair(m_payments.begin(), m_payments.end()); for (auto it = range.first; it != range.second; it++) { const auto& [hash, details] = *it; if (min_height <= details.m_block_height && max_height >= details.m_block_height && (!subaddr_account || *subaddr_account == details.m_subaddr_index.major) && (subaddr_indices.empty() || subaddr_indices.count(details.m_subaddr_index.minor) == 1)) { payments.emplace_back(hash, details); } } } //---------------------------------------------------------------------------------------------------- void wallet2::get_payments_out( std::list>& confirmed_payments, uint64_t min_height, uint64_t max_height, const std::optional& subaddr_account, const std::set& subaddr_indices) const { for (const auto& [hash, details] : m_confirmed_txs) { if (details.m_block_height < min_height || details.m_block_height > max_height) continue; if (subaddr_account && *subaddr_account != details.m_subaddr_account) continue; if (!subaddr_indices.empty() && std::none_of( details.m_subaddr_indices.begin(), details.m_subaddr_indices.end(), [&subaddr_indices](uint32_t index) { return subaddr_indices.count(index) > 0; })) continue; confirmed_payments.emplace_back(hash, details); } } //---------------------------------------------------------------------------------------------------- void wallet2::get_unconfirmed_payments_out( std::list>& unconfirmed_payments, const std::optional& subaddr_account, const std::set& subaddr_indices) const { for (const auto& [hash, details] : m_unconfirmed_txs) { if (subaddr_account && *subaddr_account != details.m_subaddr_account) continue; if (!subaddr_indices.empty() && std::none_of( details.m_subaddr_indices.begin(), details.m_subaddr_indices.end(), [&subaddr_indices](uint32_t index) { return subaddr_indices.count(index) > 0; })) continue; unconfirmed_payments.emplace_back(hash, details); } } //---------------------------------------------------------------------------------------------------- std::optional wallet2::resolve_address(std::string address, uint64_t height) { // addr_response will have an encrypted value cryptonote::address_parse_info info; bool result = false; if (cryptonote::get_account_address_from_str(info, m_nettype, address)) { result = true; } else { std::string name = tools::lowercase_ascii_string(std::move(address)); std::string reason; if (ons::validate_ons_name(ons::mapping_type::wallet, name, &reason)) { std::string b64_hashed_name = ons::name_to_base64_hash(name); nlohmann::json req_params{{"type", 1}, {"name_hash", b64_hashed_name}}; auto [success, addr_response] = resolve(req_params); if (success && addr_response["encrypted_value"]) { std::optional addr_info = ons::encrypted_wallet_value_to_info( name, addr_response["encrypted_value"], addr_response["nonce"]); if (addr_info) { info = std::move(*addr_info); result = true; log::debug( logcat, "Resolved ONS name: {} to address: {}", address, get_account_address_as_str( m_nettype, info.is_subaddress, info.address)); } } } else { log::debug(logcat, "Invalid address format, could not resolve {}", address); } } if (result) return get_account_address_as_str(m_nettype, info.is_subaddress, info.address); else return std::nullopt; } //---------------------------------------------------------------------------------------------------- void wallet2::get_unconfirmed_payments( std::list>& unconfirmed_payments, const std::optional& subaddr_account, const std::set& subaddr_indices) const { for (auto i = m_unconfirmed_payments.begin(); i != m_unconfirmed_payments.end(); ++i) { if ((!subaddr_account || *subaddr_account == i->second.m_pd.m_subaddr_index.major) && (subaddr_indices.empty() || subaddr_indices.count(i->second.m_pd.m_subaddr_index.minor) == 1)) unconfirmed_payments.push_back(*i); } } //---------------------------------------------------------------------------------------------------- void wallet2::rescan_spent() { // This is RPC call that can take a long time if there are many outputs, // so we call it several times, in stripes, so we don't time out spuriously std::vector spent_status; spent_status.reserve(m_transfers.size()); const size_t chunk_size = 1000; for (size_t start_offset = 0; start_offset < m_transfers.size(); start_offset += chunk_size) { const size_t n_outputs = std::min(chunk_size, m_transfers.size() - start_offset); log::debug( logcat, "Calling is_key_image_spent on {} - {}, out of {}", start_offset, (start_offset + n_outputs - 1), m_transfers.size()); std::vector key_images; key_images.reserve(n_outputs); for (size_t n = start_offset; n < start_offset + n_outputs; ++n) key_images.push_back(tools::type_to_hex(m_transfers[n].m_key_image)); nlohmann::json req_params{{"key_images", key_images}}; auto kispent_res = m_http_client.json_rpc("is_key_image_spent", req_params); THROW_WALLET_EXCEPTION_IF( kispent_res["status"] == rpc::STATUS_BUSY, error::daemon_busy, "is_key_image_spent"); THROW_WALLET_EXCEPTION_IF( kispent_res["status"] != rpc::STATUS_OK, error::is_key_image_spent_error, get_rpc_status(kispent_res["status"])); THROW_WALLET_EXCEPTION_IF( kispent_res["spent_status"].size() != n_outputs, error::wallet_internal_error, "daemon returned wrong response for is_key_image_spent, wrong amounts count = " + std::to_string(kispent_res["spent_status"].size()) + ", expected " + std::to_string(n_outputs)); std::copy( kispent_res["spent_status"].begin(), kispent_res["spent_status"].end(), std::back_inserter(spent_status)); } // update spent status for (size_t i = 0; i < m_transfers.size(); ++i) { transfer_details& td = m_transfers[i]; // a view wallet may not know about key images if (!td.m_key_image_known || td.m_key_image_partial) continue; if (td.m_spent != (static_cast(spent_status[i]) != rpc::IS_KEY_IMAGE_SPENT::SPENT::UNSPENT)) { if (td.m_spent) { log::warning( logcat, "Marking output {}({}) as unspent, it was marked as spent", i, td.m_key_image); set_unspent(i); td.m_spent_height = 0; } else { log::warning( logcat, "Marking output {}({}) as spent, it was marked as unspent", i, td.m_key_image); set_spent(i, td.m_spent_height); // unknown height, if this gets reorged, it might still be missed } } } } //---------------------------------------------------------------------------------------------------- void wallet2::rescan_blockchain(bool hard, bool refresh, bool keep_key_images) { CHECK_AND_ASSERT_THROW_MES( !hard || !keep_key_images, "Cannot preserve key images on hard rescan"); const size_t transfers_cnt = m_transfers.size(); crypto::hash transfers_hash{}; if (hard) { clear(); setup_new_blockchain(); } else { if (keep_key_images && refresh) hash_m_transfers((int64_t)transfers_cnt, transfers_hash); clear_soft(keep_key_images); } if (refresh) this->refresh(false); if (refresh && keep_key_images) finish_rescan_bc_keep_key_images(transfers_cnt, transfers_hash); } //---------------------------------------------------------------------------------------------------- bool wallet2::is_transfer_unlocked(const transfer_details& td) const { return is_transfer_unlocked( td.m_tx.get_unlock_time(td.m_internal_output_index), td.m_block_height, td.m_unmined_blink, &td.m_key_image); } //---------------------------------------------------------------------------------------------------- bool wallet2::is_transfer_unlocked( uint64_t unlock_time, uint64_t block_height, bool unmined_blink, crypto::key_image const* key_image) const { auto blockchain_height = get_blockchain_current_height(); if (block_height == 0 && unmined_blink) { // TODO(oxen): this restriction will go away when we add Reblink support, but for now // received blinks still have to be mined and confirmed like regular transactions before // they can be spent (blink without reblink just gives you a guarantee that they will be // mined). // // Guess that the blink will go into the next block (if we're wrong then the displayed // blocks-to-unlock count will be wrong, but that's not a huge deal). block_height = blockchain_height; } if (!is_tx_spendtime_unlocked(unlock_time, block_height)) return false; if (block_height + DEFAULT_TX_SPENDABLE_AGE > blockchain_height) return false; if (m_offline) return true; if (!key_image) // TODO(oxen): Try make all callees always pass in a key image for accuracy return true; { // FIXME: can just check one here by adding a is_key_image_blacklisted auto [success, blacklist] = m_node_rpc_proxy.get_service_node_blacklisted_key_images(); if (!success) { // We'll already have a log message printed containing the request failure reason log::info( logcat, "Failed to query service node for blacklisted transfers, assuming transfer not " "blacklisted"); return true; } for (auto const& entry : blacklist) { crypto::key_image check_image; if (!tools::hex_to_type(entry["key_image"].get(), check_image)) { log::error( logcat, "Failed to parse hex representation of key image: {}", entry["key_image"]); break; } if (*key_image == check_image) return false; } } { const std::string primary_address = get_address_as_str(); auto [success, service_nodes_states] = m_node_rpc_proxy.get_contributed_service_nodes(primary_address); if (!success) { log::info( logcat, "Failed to query service node for locked transfers, assuming transfer not " "locked"); return true; } for (auto const& entry : service_nodes_states) { for (auto const& contributor : entry.at("contributors")) { if (primary_address != contributor.at("address")) continue; for (auto const& contribution : contributor.at("locked_contributions")) { auto input_ki = contribution.at("key_image").get(); crypto::key_image check_image; if (!tools::hex_to_type(input_ki, check_image)) { log::error( logcat, "Failed to parse hex representation of key image: {}", input_ki); break; } if (*key_image == check_image) return false; } } } } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::is_tx_spendtime_unlocked(uint64_t unlock_time, uint64_t block_height) const { return cryptonote::rules::is_output_unlocked(unlock_time, get_blockchain_current_height()); } //---------------------------------------------------------------------------------------------------- namespace { template T pop_index(std::vector& vec, size_t idx) { CHECK_AND_ASSERT_MES(!vec.empty(), T(), "Vector must be non-empty"); CHECK_AND_ASSERT_MES(idx < vec.size(), T(), "idx out of bounds"); T res = vec[idx]; if (idx + 1 != vec.size()) { vec[idx] = vec.back(); } vec.resize(vec.size() - 1); return res; } template T pop_random_value(std::vector& vec) { CHECK_AND_ASSERT_MES(!vec.empty(), T(), "Vector must be non-empty"); size_t idx = crypto::rand_idx(vec.size()); return pop_index(vec, idx); } template T pop_back(std::vector& vec) { CHECK_AND_ASSERT_MES(!vec.empty(), T(), "Vector must be non-empty"); T res = vec.back(); vec.pop_back(); return res; } template void pop_if_present(std::vector& vec, T e) { for (size_t i = 0; i < vec.size(); ++i) { if (e == vec[i]) { pop_index(vec, i); return; } } } } // namespace //---------------------------------------------------------------------------------------------------- // This returns a handwavy estimation of how much two outputs are related // If they're from the same tx, then they're fully related. From close block // heights, they're kinda related. The actual values don't matter, just // their ordering, but it could become more murky if we add scores later. float wallet2::get_output_relatedness( const transfer_details& td0, const transfer_details& td1) const { int dh; // expensive test, and same tx will fall onto the same block height below if (td0.m_txid == td1.m_txid) return 1.0f; // same block height -> possibly tx burst, or same tx (since above is disabled) dh = td0.m_block_height > td1.m_block_height ? td0.m_block_height - td1.m_block_height : td1.m_block_height - td0.m_block_height; if (dh == 0) return 0.9f; // adjacent blocks -> possibly tx burst if (dh == 1) return 0.8f; // could extract the payment id, and compare them, but this is a bit expensive too // similar block heights if (dh < 10) return 0.2f; // don't think these are particularly related return 0.0f; } //---------------------------------------------------------------------------------------------------- size_t wallet2::pop_best_value_from( const transfer_container& transfers, std::vector& unused_indices, const std::vector& selected_transfers, bool smallest) const { std::vector candidates; float best_relatedness = 1.0f; for (size_t n = 0; n < unused_indices.size(); ++n) { const transfer_details& candidate = transfers[unused_indices[n]]; float relatedness = 0.0f; for (size_t i : selected_transfers) { float r = get_output_relatedness(candidate, transfers[i]); if (r > relatedness) { relatedness = r; if (relatedness == 1.0f) break; } } if (relatedness < best_relatedness) { best_relatedness = relatedness; candidates.clear(); } if (relatedness == best_relatedness) candidates.push_back(n); } // we have all the least related outputs in candidates, so we can pick either // the smallest, or a random one, depending on request size_t idx; if (smallest) { idx = 0; for (size_t n = 0; n < candidates.size(); ++n) { const transfer_details& td = transfers[unused_indices[candidates[n]]]; if (td.amount() < transfers[unused_indices[candidates[idx]]].amount()) idx = n; } } else { idx = crypto::rand_idx(candidates.size()); } return pop_index(unused_indices, candidates[idx]); } //---------------------------------------------------------------------------------------------------- size_t wallet2::pop_best_value( std::vector& unused_indices, const std::vector& selected_transfers, bool smallest) const { return pop_best_value_from(m_transfers, unused_indices, selected_transfers, smallest); } //---------------------------------------------------------------------------------------------------- // Select random input sources for transaction. // returns: // direct return: amount of money found // modified reference: selected_transfers, a list of iterators/indices of input sources uint64_t wallet2::select_transfers( uint64_t needed_money, std::vector unused_transfers_indices, std::vector& selected_transfers) const { uint64_t found_money = 0; selected_transfers.reserve(unused_transfers_indices.size()); while (found_money < needed_money && !unused_transfers_indices.empty()) { size_t idx = pop_best_value(unused_transfers_indices, selected_transfers); selected_transfers.push_back(idx); found_money += m_transfers[idx].amount(); } return found_money; } //---------------------------------------------------------------------------------------------------- void wallet2::add_unconfirmed_tx( const cryptonote::transaction& tx, uint64_t amount_in, const std::vector& dests, const crypto::hash& payment_id, uint64_t change_amount, uint32_t subaddr_account, const std::set& subaddr_indices) { unconfirmed_transfer_details& utd = m_unconfirmed_txs[cryptonote::get_transaction_hash(tx)]; utd.m_amount_in = amount_in; utd.m_amount_out = 0; for (const auto& d : dests) utd.m_amount_out += d.amount; utd.m_amount_out += change_amount; // dests does not contain change utd.m_change = change_amount; utd.m_sent_time = time(nullptr); utd.m_tx = (const cryptonote::transaction_prefix&)tx; utd.m_dests = dests; utd.m_payment_id = payment_id; utd.m_state = wallet2::unconfirmed_transfer_details::pending; utd.m_timestamp = time(nullptr); utd.m_subaddr_account = subaddr_account; utd.m_subaddr_indices = subaddr_indices; utd.m_pay_type = wallet::pay_type_from_tx(tx); for (const auto& in : tx.vin) { if (const auto* txin = std::get_if(&in)) utd.m_rings.emplace_back(txin->k_image, txin->key_offsets); } } //---------------------------------------------------------------------------------------------------- crypto::hash wallet2::get_payment_id(const pending_tx& ptx) const { std::vector tx_extra_fields; parse_tx_extra(ptx.tx.extra, tx_extra_fields); // ok if partially parsed tx_extra_nonce extra_nonce; crypto::hash payment_id{}; if (find_tx_extra_field_by_type(tx_extra_fields, extra_nonce)) { crypto::hash8 payment_id8{}; if (get_encrypted_payment_id_from_tx_extra_nonce(extra_nonce.nonce, payment_id8)) { if (ptx.dests.empty()) { log::warning( logcat, "Encrypted payment id found, but no destinations public key, cannot " "decrypt"); return null; } if (m_account.get_device().decrypt_payment_id( payment_id8, ptx.dests[0].addr.m_view_public_key, ptx.tx_key)) { payment_id = payment_id8; } } else if (!get_payment_id_from_tx_extra_nonce(extra_nonce.nonce, payment_id)) { payment_id = null; } } return payment_id; } //---------------------------------------------------------------------------------------------------- // take a pending tx and actually send it to the daemon void wallet2::commit_tx(pending_tx& ptx, bool blink) { #ifdef ENABLE_LIGHT_WALLET if (m_light_wallet) { light_rpc::SUBMIT_RAW_TX::request oreq{}; light_rpc::SUBMIT_RAW_TX::response ores{}; oreq.address = get_account().get_public_address_str(m_nettype); oreq.view_key = tools::type_to_hex(get_account().get_keys().m_view_secret_key); oreq.tx = oxenc::to_hex(tx_to_blob(ptx.tx)); oreq.blink = blink; bool r = invoke_http(oreq, ores); THROW_WALLET_EXCEPTION_IF(!r, error::no_connection_to_daemon, "submit_raw_tx"); // MyMonero and OpenMonero use different status strings THROW_WALLET_EXCEPTION_IF( ores.status != "OK" && ores.status != "success", error::tx_rejected, ptx.tx, get_rpc_status(ores.status), ores.error); } #else if (false) { } #endif else { // Normal submit nlohmann::json send_transaction_params{ {"tx_as_hex", oxenc::to_hex(tx_to_blob(ptx.tx))}, {"do_not_relay", false}, {"do_sanity_checks", true}, {"blink", blink}, }; auto daemon_send_resp = m_http_client.json_rpc("send_raw_transaction", send_transaction_params); THROW_WALLET_EXCEPTION_IF( daemon_send_resp["status"] == rpc::STATUS_BUSY, error::daemon_busy, "sendrawtransaction"); if (blink) THROW_WALLET_EXCEPTION_IF( daemon_send_resp["status"] != rpc::STATUS_OK, error::tx_blink_rejected, ptx.tx, get_rpc_status(daemon_send_resp["status"]), get_text_reason(daemon_send_resp, &ptx.tx, blink)); else THROW_WALLET_EXCEPTION_IF( daemon_send_resp["status"] != rpc::STATUS_OK, error::tx_rejected, ptx.tx, get_rpc_status(daemon_send_resp["status"]), get_text_reason(daemon_send_resp, &ptx.tx, blink)); // sanity checks for (size_t idx : ptx.selected_transfers) { THROW_WALLET_EXCEPTION_IF( idx >= m_transfers.size(), error::wallet_internal_error, "Bad output index in selected transfers: " + std::to_string(idx)); } } crypto::hash txid; txid = get_transaction_hash(ptx.tx); crypto::hash payment_id{}; std::vector dests; uint64_t amount_in = 0; if (store_tx_info()) { payment_id = get_payment_id(ptx); dests = ptx.dests; for (size_t idx : ptx.selected_transfers) amount_in += m_transfers[idx].amount(); } add_unconfirmed_tx( ptx.tx, amount_in, dests, payment_id, ptx.change_dts.amount, ptx.construction_data.subaddr_account, ptx.construction_data.subaddr_indices); if (store_tx_info() && ptx.tx_key) { m_tx_keys.insert(std::make_pair(txid, ptx.tx_key)); m_additional_tx_keys.insert(std::make_pair(txid, ptx.additional_tx_keys)); } log::debug( logcat, "transaction {} generated ok and sent to daemon, key_images: [{}]", txid, ptx.key_images); for (size_t idx : ptx.selected_transfers) { set_spent(idx, 0); } // tx generated, get rid of used k values for (size_t idx : ptx.selected_transfers) memwipe(m_transfers[idx].m_multisig_k.data(), m_transfers[idx].m_multisig_k.size() * sizeof(m_transfers[idx].m_multisig_k[0])); // fee includes dust if dust policy specified it. log::info( logcat, "Transaction successfully {}{} \ \nCommission: {} (dust sent to dust addr: {})\ \nBalance: {} \ \nUnlocked: {} \ \nPlease, wait for confirmation for your balance to be unlocked.", (blink ? "blinked. " : "sent. "), txid, print_money(ptx.fee), print_money((ptx.dust_added_to_fee ? 0 : ptx.dust)), print_money(balance(ptx.construction_data.subaddr_account, false)), print_money(unlocked_balance(ptx.construction_data.subaddr_account, false))); } void wallet2::commit_tx(std::vector& ptx_vector, bool blink) { for (auto& ptx : ptx_vector) { commit_tx(ptx, blink); } } //---------------------------------------------------------------------------------------------------- bool wallet2::save_tx(const std::vector& ptx_vector, const fs::path& filename) const { log::warning(logcat, "saving {} transactions", ptx_vector.size()); std::string ciphertext = dump_tx_to_str(ptx_vector); if (ciphertext.empty()) return false; return tools::dump_file(filename, ciphertext); } //---------------------------------------------------------------------------------------------------- std::string wallet2::dump_tx_to_str(const std::vector& ptx_vector) const { log::warning(logcat, "saving {} transactions", ptx_vector.size()); unsigned_tx_set txs; for (auto& tx : ptx_vector) { // Short payment id is encrypted with tx_key. // Since sign_tx() generates new tx_keys and encrypts the payment id, we need to save the // decrypted payment ID Save tx construction_data to unsigned_tx_set txs.txes.push_back( get_construction_data_with_decrypted_short_payment_id(tx, m_account.get_device())); } txs.transfers = export_outputs(); // save as binary std::ostringstream oss; boost::archive::portable_binary_oarchive ar(oss); try { ar << txs; } catch (...) { return std::string(); } log::debug(logcat, "Saving unsigned tx data: {}", oss.str()); std::string ciphertext = encrypt_with_view_secret_key(oss.str()); return std::string(UNSIGNED_TX_PREFIX) + ciphertext; } //---------------------------------------------------------------------------------------------------- bool wallet2::load_unsigned_tx( const fs::path& unsigned_filename, unsigned_tx_set& exported_txs) const { if (std::error_code ec; !fs::exists(unsigned_filename, ec)) { log::warning(logcat, "File {} does not exist: {}", unsigned_filename, ec.message()); return false; } std::string s; if (!tools::slurp_file(unsigned_filename, s)) { log::warning(logcat, "Failed to load from {}", unsigned_filename); return false; } return parse_unsigned_tx_from_str(s, exported_txs); } //---------------------------------------------------------------------------------------------------- bool wallet2::parse_unsigned_tx_from_str(std::string_view s, unsigned_tx_set& exported_txs) const { if (!tools::starts_with(s, UNSIGNED_TX_PREFIX_NOVER)) { log::warning(logcat, "Bad magic from unsigned tx"); return false; } s.remove_prefix(UNSIGNED_TX_PREFIX_NOVER.size()); const char version = s[0]; s = s.substr(1); if (version == '\003') { try { std::stringstream iss; iss << s; boost::archive::portable_binary_iarchive ar(iss); ar >> exported_txs; } catch (...) { log::warning(logcat, "Failed to parse data from unsigned tx"); return false; } } else if (version == '\004') { try { std::stringstream iss; iss << decrypt_with_view_secret_key(s).view(); try { boost::archive::portable_binary_iarchive ar(iss); ar >> exported_txs; } catch (...) { log::warning(logcat, "Failed to parse data from unsigned tx"); return false; } } catch (const std::exception& e) { log::warning(logcat, "Failed to decrypt unsigned tx: {}", e.what()); return false; } } else { log::warning(logcat, "Unsupported version in unsigned tx"); return false; } log::info( logcat, "Loaded tx unsigned data from binary: {} transactions", exported_txs.txes.size()); return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::sign_tx( const fs::path& unsigned_filename, const fs::path& signed_filename, std::vector& txs, std::function accept_func, bool export_raw) { unsigned_tx_set exported_txs; if (!load_unsigned_tx(unsigned_filename, exported_txs)) return false; if (accept_func && !accept_func(exported_txs)) { log::info(logcat, "Transactions rejected by callback"); return false; } return sign_tx(exported_txs, signed_filename, txs, export_raw); } //---------------------------------------------------------------------------------------------------- bool wallet2::sign_tx( unsigned_tx_set& exported_txs, std::vector& txs, signed_tx_set& signed_txes) { import_outputs(exported_txs.transfers); // sign the transactions for (size_t n = 0; n < exported_txs.txes.size(); ++n) { auto& sd = exported_txs.txes[n]; THROW_WALLET_EXCEPTION_IF( sd.sources.empty(), error::wallet_internal_error, "Empty sources"); log::info( logcat, " {}: {} inputs, ring size {}", (n + 1), sd.sources.size(), sd.sources[0].outputs.size()); signed_txes.ptx.push_back(pending_tx()); tools::wallet2::pending_tx& ptx = signed_txes.ptx.back(); rct::RCTConfig rct_config = sd.rct_config; crypto::secret_key tx_key; std::vector additional_tx_keys; rct::multisig_out msout; oxen_construct_tx_params tx_params; tx_params.hf_version = sd.hf_version; tx_params.tx_type = sd.tx_type; bool r = cryptonote::construct_tx_and_get_tx_key( m_account.get_keys(), m_subaddresses, sd.sources, sd.splitted_dsts, sd.change_dts, sd.extra, ptx.tx, sd.unlock_time, tx_key, additional_tx_keys, rct_config, m_multisig ? &msout : nullptr, tx_params); THROW_WALLET_EXCEPTION_IF( !r, error::tx_not_constructed, sd.sources, sd.splitted_dsts, sd.unlock_time, m_nettype); // we don't test tx size, because we don't know the current limit, due to not having a // blockchain, and it's a bit pointless to fail there anyway, since it'd be a (good) guess // only. We sign anyway, and if we really go over limit, the daemon will reject when it gets // submitted. Chances are it's OK anyway since it was generated in the first place, and // rerolling should be within a few bytes. // normally, the tx keys are saved in commit_tx, when the tx is actually sent to the daemon. // we can't do that here since the tx will be sent from the compromised wallet, which we // don't want to see that info, so we save it here if (store_tx_info() && tx_key) { const crypto::hash txid = get_transaction_hash(ptx.tx); m_tx_keys.insert(std::make_pair(txid, tx_key)); m_additional_tx_keys.insert(std::make_pair(txid, additional_tx_keys)); } std::ostringstream key_images; bool all_are_txin_to_key = std::all_of(ptx.tx.vin.begin(), ptx.tx.vin.end(), [&](const txin_v& s_e) -> bool { CHECKED_GET_SPECIFIC_VARIANT(s_e, txin_to_key, in, false); key_images << "{} "_format(in.k_image); return true; }); THROW_WALLET_EXCEPTION_IF(!all_are_txin_to_key, error::unexpected_txin_type, ptx.tx); ptx.key_images = key_images.str(); ptx.fee = 0; for (const auto& i : sd.sources) ptx.fee += i.amount; for (const auto& i : sd.splitted_dsts) ptx.fee -= i.amount; ptx.dust = 0; ptx.dust_added_to_fee = false; ptx.change_dts = sd.change_dts; ptx.selected_transfers = sd.selected_transfers; ptx.tx_key = rct::rct2sk(rct::identity()); // don't send it back to the untrusted view wallet ptx.dests = sd.dests; ptx.construction_data = sd; txs.push_back(ptx); // add tx keys only to ptx txs.back().tx_key = tx_key; txs.back().additional_tx_keys = additional_tx_keys; } // add key image mapping for these txes const account_keys& keys = get_account().get_keys(); hw::device& hwdev = m_account.get_device(); for (size_t n = 0; n < exported_txs.txes.size(); ++n) { const cryptonote::transaction& tx = signed_txes.ptx[n].tx; crypto::key_derivation derivation; std::vector additional_derivations; // compute public keys from out secret keys crypto::public_key tx_pub_key; crypto::secret_key_to_public_key(txs[n].tx_key, tx_pub_key); std::vector additional_tx_pub_keys; for (const crypto::secret_key& skey : txs[n].additional_tx_keys) { additional_tx_pub_keys.resize(additional_tx_pub_keys.size() + 1); crypto::secret_key_to_public_key(skey, additional_tx_pub_keys.back()); } // compute derivations hwdev.set_mode(hw::device::mode::TRANSACTION_PARSE); if (!hwdev.generate_key_derivation(tx_pub_key, keys.m_view_secret_key, derivation)) { log::warning( logcat, "Failed to generate key derivation from tx pubkey in {}, skipping", cryptonote::get_transaction_hash(tx)); static_assert( sizeof(derivation) == sizeof(rct::key), "Mismatched sizes of key_derivation and rct::key"); memcpy(&derivation, rct::identity().bytes, sizeof(derivation)); } for (size_t i = 0; i < additional_tx_pub_keys.size(); ++i) { additional_derivations.push_back({}); if (!hwdev.generate_key_derivation( additional_tx_pub_keys[i], keys.m_view_secret_key, additional_derivations.back())) { log::warning( logcat, "Failed to generate key derivation from additional tx pubkey in {}, " "skipping", cryptonote::get_transaction_hash(tx)); memcpy(&additional_derivations.back(), rct::identity().bytes, sizeof(crypto::key_derivation)); } } for (size_t i = 0; i < tx.vout.size(); ++i) { if (!std::holds_alternative(tx.vout[i].target)) continue; const cryptonote::txout_to_key& out = var::get(tx.vout[i].target); // if this output is back to this wallet, we can calculate its key image already if (!is_out_to_acc_precomp( m_subaddresses, out.key, derivation, additional_derivations, i, hwdev)) continue; crypto::key_image ki; cryptonote::keypair in_ephemeral; if (generate_key_image_helper( keys, m_subaddresses, out.key, tx_pub_key, additional_tx_pub_keys, i, in_ephemeral, ki, hwdev)) signed_txes.tx_key_images[out.key] = ki; else log::error(logcat, "Failed to calculate key image"); } } // add key images signed_txes.key_images.resize(m_transfers.size()); for (size_t i = 0; i < m_transfers.size(); ++i) { if (!m_transfers[i].m_key_image_known || m_transfers[i].m_key_image_partial) log::warning(logcat, "WARNING: key image not known in signing wallet at index {}", i); signed_txes.key_images[i] = m_transfers[i].m_key_image; } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::sign_tx( unsigned_tx_set& exported_txs, const fs::path& signed_filename, std::vector& txs, bool export_raw) { // sign the transactions signed_tx_set signed_txes; std::string ciphertext = sign_tx_dump_to_str(exported_txs, txs, signed_txes); if (ciphertext.empty()) { log::warning(logcat, "Failed to sign unsigned_tx_set"); return false; } if (!tools::dump_file(signed_filename, ciphertext)) { log::warning(logcat, "Failed to save file to {}", signed_filename); return false; } // export signed raw tx without encryption if (export_raw) { for (size_t i = 0; i < signed_txes.ptx.size(); ++i) { std::string tx_as_hex = oxenc::to_hex(tx_to_blob(signed_txes.ptx[i].tx)); fs::path raw_filename = signed_filename; raw_filename += "_raw"; if (signed_txes.ptx.size() > 1) raw_filename += "_" + std::to_string(i); if (!tools::dump_file(raw_filename, tx_as_hex)) { log::warning(logcat, "Failed to save file to {}", raw_filename); return false; } } } return true; } //---------------------------------------------------------------------------------------------------- std::string wallet2::sign_tx_dump_to_str( unsigned_tx_set& exported_txs, std::vector& ptx, signed_tx_set& signed_txes) { // sign the transactions bool r = sign_tx(exported_txs, ptx, signed_txes); if (!r) { log::warning(logcat, "Failed to sign unsigned_tx_set"); return std::string(); } // save as binary std::ostringstream oss; boost::archive::portable_binary_oarchive ar(oss); try { ar << signed_txes; } catch (...) { return std::string(); } log::trace(logcat, "Saving signed tx data (with encryption): {}", oss.str()); std::string ciphertext = encrypt_with_view_secret_key(oss.str()); return std::string(SIGNED_TX_PREFIX) + ciphertext; } //---------------------------------------------------------------------------------------------------- bool wallet2::load_tx( const fs::path& signed_filename, std::vector& ptx, std::function accept_func) { if (std::error_code ec; !fs::exists(signed_filename, ec)) { log::warning(logcat, "File {} does not exist: {}", signed_filename, ec.message()); return false; } std::string s; if (!tools::slurp_file(signed_filename, s)) { log::warning(logcat, "Failed to load from {}", signed_filename); return false; } return parse_tx_from_str(s, ptx, accept_func); } //---------------------------------------------------------------------------------------------------- bool wallet2::parse_tx_from_str( std::string_view s, std::vector& ptx, std::function accept_func) { if (!tools::starts_with(s, SIGNED_TX_PREFIX_NOVER)) { log::warning(logcat, "Bad magic from signed transaction"); return false; } s.remove_prefix(SIGNED_TX_PREFIX_NOVER.size()); const char version = s[0]; s.remove_prefix(1); signed_tx_set signed_txs; if (version == '\003') { try { std::stringstream iss; iss << s; boost::archive::portable_binary_iarchive ar(iss); ar >> signed_txs; } catch (...) { log::warning(logcat, "Failed to parse data from signed transaction"); return false; } } else if (version == '\004') { try { std::stringstream iss; iss << decrypt_with_view_secret_key(s).view(); try { boost::archive::portable_binary_iarchive ar(iss); ar >> signed_txs; } catch (...) { log::warning(logcat, "Failed to parse decrypted data from signed transaction"); return false; } } catch (const std::exception& e) { log::warning(logcat, "Failed to decrypt signed transaction: {}", e.what()); return false; } } else { log::warning(logcat, "Unsupported version in signed transaction"); return false; } log::warning( logcat, "Loaded signed tx data from binary: {} transactions", signed_txs.ptx.size()); for (auto& c_ptx : signed_txs.ptx) log::warning(logcat, cryptonote::obj_to_json_str(c_ptx.tx)); if (accept_func && !accept_func(signed_txs)) { log::info(logcat, "Transactions rejected by callback"); return false; } // import key images bool r = import_key_images(signed_txs.key_images); if (!r) return false; // remember key images for this tx, for when we get those txes from the blockchain for (const auto& e : signed_txs.tx_key_images) m_cold_key_images.insert(e); ptx = signed_txs.ptx; return true; } //---------------------------------------------------------------------------------------------------- std::string wallet2::save_multisig_tx(multisig_tx_set txs) { log::warning(logcat, "saving {} multisig transactions", txs.m_ptx.size()); // txes generated, get rid of used k values for (size_t n = 0; n < txs.m_ptx.size(); ++n) for (size_t idx : txs.m_ptx[n].construction_data.selected_transfers) memwipe(m_transfers[idx].m_multisig_k.data(), m_transfers[idx].m_multisig_k.size() * sizeof(m_transfers[idx].m_multisig_k[0])); // zero out some data we don't want to share for (auto& ptx : txs.m_ptx) { for (auto& e : ptx.construction_data.sources) memwipe(&e.multisig_kLRki.k, sizeof(e.multisig_kLRki.k)); } for (auto& ptx : txs.m_ptx) { // Get decrypted payment id from pending_tx ptx.construction_data = get_construction_data_with_decrypted_short_payment_id(ptx, m_account.get_device()); } // save as binary std::ostringstream oss; boost::archive::portable_binary_oarchive ar(oss); try { ar << txs; } catch (...) { return std::string(); } log::debug(logcat, "Saving multisig unsigned tx data: {}", oss.str()); std::string ciphertext = encrypt_with_view_secret_key(oss.str()); return std::string(MULTISIG_UNSIGNED_TX_PREFIX) + ciphertext; } //---------------------------------------------------------------------------------------------------- bool wallet2::save_multisig_tx(const multisig_tx_set& txs, const fs::path& filename) { std::string ciphertext = save_multisig_tx(txs); if (ciphertext.empty()) return false; return tools::dump_file(filename, ciphertext); } //---------------------------------------------------------------------------------------------------- wallet2::multisig_tx_set wallet2::make_multisig_tx_set( const std::vector& ptx_vector) const { multisig_tx_set txs; txs.m_ptx = ptx_vector; for (const auto& msk : get_account().get_multisig_keys()) { crypto::public_key pkey = get_multisig_signing_public_key(msk); for (auto& ptx : txs.m_ptx) for (auto& sig : ptx.multisig_sigs) sig.signing_keys.insert(pkey); } txs.m_signers.insert(get_multisig_signer_public_key()); return txs; } std::string wallet2::save_multisig_tx(const std::vector& ptx_vector) { return save_multisig_tx(make_multisig_tx_set(ptx_vector)); } //---------------------------------------------------------------------------------------------------- bool wallet2::save_multisig_tx( const std::vector& ptx_vector, const fs::path& filename) { std::string ciphertext = save_multisig_tx(ptx_vector); if (ciphertext.empty()) return false; return tools::dump_file(filename, ciphertext); } //---------------------------------------------------------------------------------------------------- bool wallet2::parse_multisig_tx_from_str( std::string_view multisig_tx_st, multisig_tx_set& exported_txs) const { if (!tools::starts_with(multisig_tx_st, MULTISIG_UNSIGNED_TX_PREFIX)) { log::warning(logcat, "Bad magic from multisig tx data"); return false; } std::stringstream iss; try { iss << decrypt_with_view_secret_key( multisig_tx_st.substr(MULTISIG_UNSIGNED_TX_PREFIX.size())) .view(); } catch (const std::exception& e) { log::warning(logcat, "Failed to decrypt multisig tx data: {}", e.what()); return false; } try { boost::archive::portable_binary_iarchive ar(iss); ar >> exported_txs; } catch (...) { log::warning(logcat, "Failed to parse multisig tx data"); return false; } // sanity checks for (const auto& ptx : exported_txs.m_ptx) { CHECK_AND_ASSERT_MES( ptx.selected_transfers.size() == ptx.tx.vin.size(), false, "Mismatched selected_transfers/vin sizes"); for (size_t idx : ptx.selected_transfers) CHECK_AND_ASSERT_MES(idx < m_transfers.size(), false, "Transfer index out of range"); CHECK_AND_ASSERT_MES( ptx.construction_data.selected_transfers.size() == ptx.tx.vin.size(), false, "Mismatched cd selected_transfers/vin sizes"); for (size_t idx : ptx.construction_data.selected_transfers) CHECK_AND_ASSERT_MES(idx < m_transfers.size(), false, "Transfer index out of range"); CHECK_AND_ASSERT_MES( ptx.construction_data.sources.size() == ptx.tx.vin.size(), false, "Mismatched sources/vin sizes"); } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::load_multisig_tx( std::string s, multisig_tx_set& exported_txs, std::function accept_func) { if (!parse_multisig_tx_from_str(s, exported_txs)) { log::warning(logcat, "Failed to parse multisig transaction from string"); return false; } log::info( logcat, "Loaded multisig tx unsigned data from binary: {} transactions", exported_txs.m_ptx.size()); for (auto& ptx : exported_txs.m_ptx) log::warning(logcat, cryptonote::obj_to_json_str(ptx.tx)); if (accept_func && !accept_func(exported_txs)) { log::info(logcat, "Transactions rejected by callback"); return false; } const bool is_signed = exported_txs.m_signers.size() >= m_multisig_threshold; if (is_signed) { for (const auto& ptx : exported_txs.m_ptx) { const crypto::hash txid = get_transaction_hash(ptx.tx); if (store_tx_info()) { m_tx_keys.emplace(txid, ptx.tx_key); m_additional_tx_keys.emplace(txid, ptx.additional_tx_keys); } } } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::load_multisig_tx_from_file( const fs::path& filename, multisig_tx_set& exported_txs, std::function accept_func) { if (std::error_code ec; !fs::exists(filename, ec)) { log::warning(logcat, "File {} does not exist: {}", filename, ec.message()); return false; } std::string s; if (!tools::slurp_file(filename, s)) { log::warning(logcat, "Failed to load from {}", filename); return false; } if (!load_multisig_tx(s, exported_txs, accept_func)) { log::warning(logcat, "Failed to parse multisig tx data from {}", filename); return false; } return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::sign_multisig_tx(multisig_tx_set& exported_txs, std::vector& txids) { THROW_WALLET_EXCEPTION_IF( exported_txs.m_ptx.empty(), error::wallet_internal_error, "No tx found"); const crypto::public_key local_signer = get_multisig_signer_public_key(); THROW_WALLET_EXCEPTION_IF( exported_txs.m_signers.find(local_signer) != exported_txs.m_signers.end(), error::wallet_internal_error, "Transaction already signed by this private key"); THROW_WALLET_EXCEPTION_IF( exported_txs.m_signers.size() > m_multisig_threshold, error::wallet_internal_error, "Transaction was signed by too many signers"); THROW_WALLET_EXCEPTION_IF( exported_txs.m_signers.size() == m_multisig_threshold, error::wallet_internal_error, "Transaction is already fully signed"); txids.clear(); // sign the transactions for (size_t n = 0; n < exported_txs.m_ptx.size(); ++n) { tools::wallet2::pending_tx& ptx = exported_txs.m_ptx[n]; THROW_WALLET_EXCEPTION_IF( ptx.multisig_sigs.empty(), error::wallet_internal_error, "No signatures found in multisig tx"); auto& sd = ptx.construction_data; log::info( logcat, " {}: {} inputs, mixin {}, signed by {}/{}", (n + 1), sd.sources.size(), (sd.sources[0].outputs.size() - 1), exported_txs.m_signers.size(), m_multisig_threshold); cryptonote::transaction tx; rct::multisig_out msout = ptx.multisig_sigs.front().msout; auto sources = sd.sources; oxen_construct_tx_params tx_params; tx_params.hf_version = sd.hf_version; tx_params.tx_type = sd.tx_type; rct::RCTConfig rct_config = sd.rct_config; bool r = cryptonote::construct_tx_with_tx_key( m_account.get_keys(), m_subaddresses, sources, sd.splitted_dsts, ptx.change_dts, sd.extra, tx, sd.unlock_time, ptx.tx_key, ptx.additional_tx_keys, rct_config, &msout, false /*shuffle_outs*/, tx_params); THROW_WALLET_EXCEPTION_IF( !r, error::tx_not_constructed, sd.sources, sd.splitted_dsts, sd.unlock_time, m_nettype); THROW_WALLET_EXCEPTION_IF( get_transaction_prefix_hash(tx) != get_transaction_prefix_hash(ptx.tx), error::wallet_internal_error, "Transaction prefix does not match data"); // Tests passed, sign std::vector indices; for (const auto& source : sources) indices.push_back(source.real_output); for (auto& sig : ptx.multisig_sigs) { if (sig.ignore.find(local_signer) == sig.ignore.end()) { ptx.tx.rct_signatures = sig.sigs; rct::keyV k; rct::key skey = rct::zero(); OXEN_DEFER { memwipe(k.data(), k.size() * sizeof(rct::key)); memwipe(&skey, sizeof(skey)); }; k.reserve(sd.selected_transfers.size()); for (size_t idx : sd.selected_transfers) k.push_back(get_multisig_k(idx, sig.used_L)); for (const auto& msk : get_account().get_multisig_keys()) { crypto::public_key pmsk = get_multisig_signing_public_key(msk); if (sig.signing_keys.find(pmsk) == sig.signing_keys.end()) { sc_add(skey.bytes, skey.bytes, rct::sk2rct(msk).bytes); sig.signing_keys.insert(pmsk); } } THROW_WALLET_EXCEPTION_IF( !rct::signMultisig(ptx.tx.rct_signatures, indices, k, sig.msout, skey), error::wallet_internal_error, "Failed signing, transaction likely malformed"); sig.sigs = ptx.tx.rct_signatures; } } const bool is_last = exported_txs.m_signers.size() + 1 >= m_multisig_threshold; if (is_last) { // when the last signature on a multisig tx is made, we select the right // signature to plug into the final tx bool found = false; for (const auto& sig : ptx.multisig_sigs) { if (sig.ignore.find(local_signer) == sig.ignore.end() && !keys_intersect(sig.ignore, exported_txs.m_signers)) { THROW_WALLET_EXCEPTION_IF( found, error::wallet_internal_error, "More than one transaction is final"); ptx.tx.rct_signatures = sig.sigs; found = true; } } THROW_WALLET_EXCEPTION_IF( !found, error::wallet_internal_error, "Final signed transaction not found: this transaction was likely made without " "our export data, so we cannot sign it"); const crypto::hash txid = get_transaction_hash(ptx.tx); if (store_tx_info()) { m_tx_keys.emplace(txid, ptx.tx_key); m_additional_tx_keys.emplace(txid, ptx.additional_tx_keys); } txids.push_back(txid); } } // txes generated, get rid of used k values for (size_t n = 0; n < exported_txs.m_ptx.size(); ++n) for (size_t idx : exported_txs.m_ptx[n].construction_data.selected_transfers) memwipe(m_transfers[idx].m_multisig_k.data(), m_transfers[idx].m_multisig_k.size() * sizeof(m_transfers[idx].m_multisig_k[0])); exported_txs.m_signers.insert(get_multisig_signer_public_key()); return true; } //---------------------------------------------------------------------------------------------------- bool wallet2::sign_multisig_tx_to_file( multisig_tx_set& exported_txs, const fs::path& filename, std::vector& txids) { bool r = sign_multisig_tx(exported_txs, txids); if (!r) return false; return save_multisig_tx(exported_txs, filename); } //---------------------------------------------------------------------------------------------------- bool wallet2::sign_multisig_tx_from_file( const fs::path& filename, std::vector& txids, std::function accept_func) { multisig_tx_set exported_txs; if (!load_multisig_tx_from_file(filename, exported_txs)) return false; if (accept_func && !accept_func(exported_txs)) { log::info(logcat, "Transactions rejected by callback"); return false; } return sign_multisig_tx_to_file(exported_txs, filename, txids); } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::get_fee_percent(uint32_t priority, txtype type) const { static constexpr std::array percents{{100, 500, 2500, 12500}}; const bool blinkable = type == txtype::standard; if (priority == 0) // 0 means no explicit priority was given, so use the wallet default { priority = m_default_priority > 0 ? m_default_priority : (uint32_t)tx_priority_blink; if (priority == tx_priority_blink && !blinkable) priority = tx_priority_unimportant; // The blink default is unusable for this tx, so // fall back to unimportant } // If it's a blinkable tx then we blink it for everything priority other than unimportant. if (blinkable && priority != tx_priority_unimportant) priority = tx_priority_blink; if (priority == tx_priority_blink) { if (!blinkable) THROW_WALLET_EXCEPTION(error::invalid_priority); uint64_t burn_pct = 0; // v9.2.0 introduced minor versions to forks, this use_fork_rules(18,0) will return the // height for HF18.1 when we want 18.0. Workaround this by allowing the use of 18 fork rules // 4000 blocks before 18.1 if (use_fork_rules(hf::hf18, 4000)) burn_pct = oxen::BLINK_BURN_TX_FEE_PERCENT_V18; else THROW_WALLET_EXCEPTION(error::invalid_priority); return oxen::BLINK_MINER_TX_FEE_PERCENT + burn_pct; } if (priority > percents.size()) THROW_WALLET_EXCEPTION(error::invalid_priority); return percents[priority - 1]; } //---------------------------------------------------------------------------------------------------- byte_and_output_fees wallet2::get_dynamic_base_fee_estimate() const { byte_and_output_fees fees; if (m_node_rpc_proxy.get_dynamic_base_fee_estimate(FEE_ESTIMATE_GRACE_BLOCKS, fees)) return fees; if (use_fork_rules(hf::hf18)) fees = {FEE_PER_BYTE_V13, FEE_PER_OUTPUT_V18}; // v18 reduces fee if (use_fork_rules(feature::PER_OUTPUT_FEE)) fees = {FEE_PER_BYTE_V13, old::FEE_PER_OUTPUT_V13}; // v13 switches back from v12 per-byte // fees, add per-output else fees = {old::FEE_PER_BYTE_V12, 0}; log::info( logcat, "Failed to query base fee, using {}/byte + {}/output", print_money(fees.first), print_money(fees.second)); return fees; } //---------------------------------------------------------------------------------------------------- byte_and_output_fees wallet2::get_base_fees() const { return get_dynamic_base_fee_estimate(); } //---------------------------------------------------------------------------------------------------- uint64_t wallet2::get_fee_quantization_mask() const { #ifdef ENABLE_LIGHT_WALLET if (m_light_wallet) { return 1; // TODO } #endif uint64_t fee_quantization_mask; if (m_node_rpc_proxy.get_fee_quantization_mask(fee_quantization_mask)) return fee_quantization_mask; return 1; } oxen_construct_tx_params wallet2::construct_params( hf hf_version, txtype tx_type, uint32_t priority, uint64_t extra_burn, ons::mapping_type type) { oxen_construct_tx_params tx_params; tx_params.hf_version = hf_version; tx_params.tx_type = tx_type; if (tx_type == txtype::oxen_name_system) { assert(priority != tools::tx_priority_blink); tx_params.burn_fixed = ons::burn_needed(hf_version, type); } else if (priority == tools::tx_priority_blink) { tx_params.burn_fixed = oxen::BLINK_BURN_FIXED; tx_params.burn_percent = oxen::BLINK_BURN_TX_FEE_PERCENT_V18; } if (extra_burn) tx_params.burn_fixed += extra_burn; return tx_params; } //---------------------------------------------------------------------------------------------------- bool wallet2::set_ring_database(fs::path filename) { m_ring_database = std::move(filename); log::info(logcat, "ringdb path set to {}", m_ring_database.u8string()); m_ringdb.reset(); if (!m_ring_database.empty()) { try { cryptonote::block b; generate_genesis(b); m_ringdb = std::make_unique( m_ring_database, tools::type_to_hex(get_block_hash(b))); } catch (const std::exception& e) { log::error(logcat, "Failed to initialize ringdb: {}", e.what()); m_ring_database.clear(); return false; } } return true; } crypto::chacha_key wallet2::get_ringdb_key() { if (!m_ringdb_key) { log::debug(logcat, "caching ringdb key"); crypto::chacha_key key; generate_chacha_key_from_secret_keys(key); m_ringdb_key = key; } return *m_ringdb_key; } void wallet2::register_devices() { #ifdef DEVICE_TREZOR_READY hw::trezor::register_all(); #endif } hw::device& wallet2::lookup_device(const std::string& device_descriptor) { if (!m_devices_registered) { m_devices_registered = true; register_devices(); } return hw::get_device(device_descriptor); } bool wallet2::add_rings(const crypto::chacha_key& key, const cryptonote::transaction_prefix& tx) { if (!m_ringdb) return false; try { return m_ringdb->add_rings(key, tx); } catch (const std::exception& e) { return false; } } bool wallet2::add_rings(const cryptonote::transaction_prefix& tx) { try { return add_rings(get_ringdb_key(), tx); } catch (const std::exception& e) { return false; } } bool wallet2::remove_rings(const cryptonote::transaction_prefix& tx) { if (!m_ringdb) return false; try { return m_ringdb->remove_rings(get_ringdb_key(), tx); } catch (const std::exception& e) { return false; } } bool wallet2::get_ring( const crypto::chacha_key& key, const crypto::key_image& key_image, std::vector& outs) { if (!m_ringdb) return false; try { return m_ringdb->get_ring(key, key_image, outs); } catch (const std::exception& e) { return false; } } bool wallet2::get_rings( const crypto::hash& txid, std::vector>>& outs) { for (auto i : m_confirmed_txs) { if (txid == i.first) { for (const auto& x : i.second.m_rings) outs.push_back( {x.first, cryptonote::relative_output_offsets_to_absolute(x.second)}); return true; } } for (auto i : m_unconfirmed_txs) { if (txid == i.first) { for (const auto& x : i.second.m_rings) outs.push_back( {x.first, cryptonote::relative_output_offsets_to_absolute(x.second)}); return true; } } return false; } bool wallet2::get_ring(const crypto::key_image& key_image, std::vector& outs) { try { return get_ring(get_ringdb_key(), key_image, outs); } catch (const std::exception& e) { return false; } } bool wallet2::set_ring( const crypto::key_image& key_image, const std::vector& outs, bool relative) { if (!m_ringdb) return false; try { return m_ringdb->set_ring(get_ringdb_key(), key_image, outs, relative); } catch (const std::exception& e) { return false; } } bool wallet2::unset_ring(const std::vector& key_images) { if (!m_ringdb) return false; try { return m_ringdb->remove_rings(get_ringdb_key(), key_images); } catch (const std::exception& e) { return false; } } bool wallet2::unset_ring(const crypto::hash& txid) { if (!m_ringdb) return false; nlohmann::json get_transactions_params{{"tx_hashes", tools::type_to_hex(txid)}}; cryptonote::transaction tx; try { auto res = m_http_client.json_rpc("get_transactions", get_transactions_params); crypto::hash tx_hash; if (!get_pruned_tx(res["txs"].front(), tx, tx_hash)) return false; THROW_WALLET_EXCEPTION_IF( tx_hash != txid, error::wallet_internal_error, "Failed to get the right transaction from daemon"); } catch (const std::exception& e) { return false; } try { return m_ringdb->remove_rings(get_ringdb_key(), tx); } catch (const std::exception& e) { return false; } } bool wallet2::find_and_save_rings(bool force) { if (!force && m_ring_history_saved) return true; if (!m_ringdb) return false; log::debug(logcat, "Finding and saving rings..."); // get payments we made std::vector txs_hashes; std::list> payments; get_payments_out( payments, 0, std::numeric_limits::max(), std::nullopt, std::set()); for (const auto& [txid, details] : payments) txs_hashes.push_back(txid); log::debug(logcat, "Found {} transactions", std::to_string(txs_hashes.size())); // get those transactions from the daemon auto it = txs_hashes.begin(); constexpr size_t SLICE_SIZE = 200; for (size_t slice = 0; slice < txs_hashes.size(); slice += SLICE_SIZE) { size_t ntxes = slice + SLICE_SIZE > txs_hashes.size() ? txs_hashes.size() - slice : SLICE_SIZE; nlohmann::json get_transactions_params{ {"tx_hashes", hashes_to_hex(txs_hashes.begin() + slice, txs_hashes.begin() + ntxes)}}; auto res = m_http_client.json_rpc("get_transactions", get_transactions_params); log::debug(logcat, "Scanning {} transactions", res["txs"].size()); for (size_t i = 0; i < res["txs"].size(); ++i, ++it) { const auto& tx_info = res["txs"][i]; cryptonote::transaction tx; crypto::hash tx_hash; THROW_WALLET_EXCEPTION_IF( !get_pruned_tx(tx_info, tx, tx_hash), error::wallet_internal_error, "Failed to get transaction from daemon"); THROW_WALLET_EXCEPTION_IF( !(tx_hash == *it), error::wallet_internal_error, "Wrong txid received"); THROW_WALLET_EXCEPTION_IF( !add_rings(get_ringdb_key(), tx), error::wallet_internal_error, "Failed to save ring"); } } log::info(logcat, "Found and saved rings for {} transactions", txs_hashes.size()); m_ring_history_saved = true; return true; } bool wallet2::blackball_output(const std::pair& output) { if (!m_ringdb) return false; try { return m_ringdb->blackball(output); } catch (const std::exception& e) { return false; } } bool wallet2::set_blackballed_outputs( const std::vector>& outputs, bool add) { if (!m_ringdb) return false; try { bool ret = true; if (!add) ret &= m_ringdb->clear_blackballs(); ret &= m_ringdb->blackball(outputs); return ret; } catch (const std::exception& e) { return false; } } bool wallet2::unblackball_output(const std::pair& output) { if (!m_ringdb) return false; try { return m_ringdb->unblackball(output); } catch (const std::exception& e) { return false; } } bool wallet2::is_output_blackballed(const std::pair& output) const { if (!m_ringdb) return false; try { return m_ringdb->blackballed(output); } catch (const std::exception& e) { return false; } } wallet2::stake_result wallet2::check_stake_allowed( const crypto::public_key& sn_key, const cryptonote::address_parse_info& addr_info, uint64_t& amount, double fraction) { wallet2::stake_result result = {}; result.status = wallet2::stake_result_status::invalid; result.msg.reserve(128); if (addr_info.has_payment_id) { result.status = stake_result_status::payment_id_disallowed; result.msg = tr("Payment IDs cannot be used in a staking transaction"); return result; } if (addr_info.is_subaddress) { result.status = stake_result_status::subaddress_disallowed; result.msg = tr("Subaddresses cannot be used in a staking transaction"); return result; } cryptonote::account_public_address const primary_address = get_address(); if (primary_address != addr_info.address) { result.status = stake_result_status::address_must_be_primary; result.msg = tr("The specified address must be owned by this wallet and be the primary address " "of the wallet"); return result; } /// check that the service node is registered const auto [success, response] = get_service_nodes({tools::type_to_hex(sn_key)}); if (!success) { result.status = stake_result_status::service_node_list_query_failed; result.msg = ERR_MSG_SERVICE_NODE_LIST_QUERY_FAILED; return result; } if (response.size() != 1) { result.status = stake_result_status::service_node_not_registered; result.msg = tr("Could not find service node in service node list, please make sure it is " "registered first."); return result; } const auto hf_version = m_node_rpc_proxy.get_hardfork_version(); if (!hf_version) { result.status = stake_result_status::network_version_query_failed; result.msg = ERR_MSG_NETWORK_VERSION_QUERY_FAILED; return result; } const auto& snode_info = response.front(); const auto staking_req = snode_info.at("staking_requirement").get(); const auto total_res = snode_info.value( "total_reserved", snode_info.at("total_contributed").get()); if (amount == 0) amount = staking_req * fraction; size_t total_existing_contributions = 0; // Count both contributions and reserved spots const auto& contributors = snode_info.at("contributors"); for (auto const& contributor : contributors) { total_existing_contributions += contributor.at("locked_contributions").size(); // contribution if (auto it = contributor.find("reserved"); it != contributor.end() && it->get() > contributor.at("amount").get()) total_existing_contributions++; // reserved contributor spot } uint64_t max_contrib_total = staking_req - total_res; uint64_t min_contrib_total = service_nodes::get_min_node_contribution( *hf_version, staking_req, total_res, total_existing_contributions); bool is_preexisting_contributor = false; for (const auto& contributor : contributors) { address_parse_info info; if (!cryptonote::get_account_address_from_str( info, m_nettype, contributor.at("address").get())) continue; if (info.address == addr_info.address) { const auto amount = contributor.at("amount").get(); uint64_t reserved_amount_not_contributed_yet = 0; if (auto it = contributor.find("reserved"); it != contributor.end()) reserved_amount_not_contributed_yet = it->get() - contributor.at("amount").get(); max_contrib_total += reserved_amount_not_contributed_yet; is_preexisting_contributor = true; if (min_contrib_total == UINT64_MAX || reserved_amount_not_contributed_yet > min_contrib_total) min_contrib_total = reserved_amount_not_contributed_yet; break; } } if (max_contrib_total == 0) { result.status = stake_result_status::service_node_contribution_maxed; result.msg = tr("The service node cannot receive any more Oxen from this wallet"); return result; } const bool full = contributors.size() >= (*hf_version >= hf::hf19_reward_batching ? oxen::MAX_CONTRIBUTORS_HF19 : oxen::MAX_CONTRIBUTORS_V1); if (full && !is_preexisting_contributor) { result.status = stake_result_status::service_node_contributors_maxed; result.msg = tr("The service node already has the maximum number of participants and this " "wallet is not one of them"); return result; } if (amount < min_contrib_total) { const uint64_t DUST = oxen::MAX_CONTRIBUTORS_HF19; if (min_contrib_total - amount <= DUST) { amount = min_contrib_total; result.msg += tr("Seeing as this is insufficient by dust amounts, amount was increased " "automatically to "); result.msg += print_money(min_contrib_total); result.msg += "\n"; } else { result.status = stake_result_status::service_node_insufficient_contribution; result.msg.reserve(128); result.msg = tr("You must contribute at least "); result.msg += print_money(min_contrib_total); result.msg += tr(" oxen to become a contributor for this service node."); return result; } } if (amount > max_contrib_total) { result.msg += tr("You may only contribute up to "); result.msg += print_money(max_contrib_total); result.msg += tr(" more oxen to this service node. "); result.msg += tr("Reducing your stake from "); result.msg += print_money(amount); result.msg += tr(" to "); result.msg += print_money(max_contrib_total); result.msg += tr("\n"); amount = max_contrib_total; } result.status = stake_result_status::success; return result; } wallet2::stake_result wallet2::create_stake_tx( const crypto::public_key& service_node_key, uint64_t amount, double amount_fraction, uint32_t priority, std::set subaddr_indices) { wallet2::stake_result result = {}; result.status = wallet2::stake_result_status::invalid; cryptonote::address_parse_info addr_info = {}; addr_info.address = this->get_address(); // addr_info.address = this->get_account().get_keys().m_account_address; // addr_info.is_subaddress = false; try { result = check_stake_allowed(service_node_key, addr_info, amount, amount_fraction); if (result.status != stake_result_status::success) { return result; } } catch (const std::exception& e) { result.status = stake_result_status::exception_thrown; result.msg = ERR_MSG_EXCEPTION_THROWN; result.msg += e.what(); return result; } const cryptonote::account_public_address& address = addr_info.address; std::vector extra; add_service_node_pubkey_to_tx_extra(extra, service_node_key); add_service_node_contributor_to_tx_extra(extra, address); std::vector dsts; cryptonote::tx_destination_entry de = {}; de.addr = address; de.is_subaddress = false; de.amount = amount; dsts.push_back(de); std::string err, err2; const uint64_t bc_height = std::max(get_daemon_blockchain_height(err), get_daemon_blockchain_target_height(err2)); if (!err.empty() || !err2.empty()) { result.msg = ERR_MSG_NETWORK_HEIGHT_QUERY_FAILED; result.msg += (err.empty() ? err2 : err); result.status = stake_result_status::network_height_query_failed; return result; } constexpr uint64_t unlock_at_block = 0; // Infinite staking, no time lock try { if (priority == tx_priority_blink) { result.status = stake_result_status::no_blink; result.msg += tr("Service node stakes cannot use blink priority"); return result; } auto hf_version = get_hard_fork_version(); if (!hf_version) { result.status = stake_result_status::network_version_query_failed; result.msg = ERR_MSG_NETWORK_VERSION_QUERY_FAILED; return result; } oxen_construct_tx_params tx_params = tools::wallet2::construct_params(*hf_version, txtype::stake, priority); auto ptx_vector = create_transactions_2( dsts, cryptonote::TX_OUTPUT_DECOYS, unlock_at_block, priority, extra, 0, subaddr_indices, tx_params); if (ptx_vector.size() == 1) { result.status = stake_result_status::success; result.ptx = ptx_vector[0]; } else { result.status = stake_result_status::too_many_transactions_constructed; result.msg = ERR_MSG_TOO_MANY_TXS_CONSTRUCTED; } } catch (const std::exception& e) { result.status = stake_result_status::exception_thrown; result.msg = ERR_MSG_EXCEPTION_THROWN; result.msg += e.what(); return result; } assert(result.status != stake_result_status::invalid); return result; } wallet2::register_service_node_result wallet2::create_register_service_node_tx( const std::vector& args_, uint32_t subaddr_account) { std::vector local_args = args_; register_service_node_result result = {}; result.status = register_service_node_result_status::invalid; // // Parse Tx Args // std::set subaddr_indices; uint32_t priority = 0; { if (local_args.size() > 0 && local_args[0].substr(0, 6) == "index=") { if (!tools::parse_subaddress_indices(local_args[0], subaddr_indices)) return {register_service_node_result_status::subaddr_indices_parse_fail, tr("Could not parse subaddress indices argument: ") + local_args[0]}; local_args.erase(local_args.begin()); } if (local_args.size() > 0 && parse_priority(local_args[0], priority)) local_args.erase(local_args.begin()); if (priority == tx_priority_blink) return {register_service_node_result_status::no_blink, tr("Service node registrations cannot use blink priority")}; if (local_args.size() < 6) return {register_service_node_result_status::insufficient_num_args, std::string{tr("\nPrepare this command in the daemon with the " "prepare_registration command")} + tr("\nThis command must be run from the daemon that will be acting as " "a service node")}; } // // Parse Registration Contributor Args // auto hf_version = get_hard_fork_version(); if (!hf_version) return {register_service_node_result_status::network_version_query_failed, ERR_MSG_NETWORK_VERSION_QUERY_FAILED}; uint64_t bc_height; { std::string err, err2; bc_height = std::max( get_daemon_blockchain_height(err), get_daemon_blockchain_target_height(err2)); if (!err.empty() || !err2.empty()) return {register_service_node_result_status::network_height_query_failed, ERR_MSG_NETWORK_HEIGHT_QUERY_FAILED + (err.empty() ? err2 : err)}; } if (!is_synced(1)) return {register_service_node_result_status::wallet_not_synced, tr("Wallet is not synced. Please synchronise your wallet to the blockchain")}; auto staking_requirement = service_nodes::get_staking_requirement(nettype(), bc_height); service_nodes::registration_details registration; try { registration = service_nodes::convert_registration_args( nettype(), *hf_version, std::vector{local_args.begin(), std::prev(local_args.end(), 3)}, staking_requirement); } catch (const std::exception& e) { return {register_service_node_result_status::convert_registration_args_failed, tr("Could not convert registration args: ") + std::string{e.what()}}; } auto address = registration.reserved[0].first; if (!contains_address(address)) return {register_service_node_result_status::first_address_must_be_primary_address, tr("The first reserved address for this registration does not belong to this " "wallet.\n" "Service node operator must specify an address owned by this wallet for service " "node registration.")}; // // Parse Registration Metadata Args // size_t const hf_index = local_args.size() - 3; size_t const pubkey_index = local_args.size() - 2; size_t const signature_index = local_args.size() - 1; const std::string& service_node_key_as_str = local_args[pubkey_index]; uint64_t hf_or_expiration; if (!tools::parse_int(local_args[hf_index], hf_or_expiration)) return {register_service_node_result_status::registration_timestamp_parse_fail, tr("Failed to parse registration hf and/or timestamp") + " '"s + local_args[hf_index] + "'"}; auto now = std::chrono::system_clock::now(); if (registration.uses_portions) { if (static_cast(hf_or_expiration) <= std::chrono::system_clock::to_time_t(now + 10min)) return {register_service_node_result_status::registration_timestamp_expired, tr("The registration timestamp has expired.")}; registration.hf = hf_or_expiration; } else { if (registration.hf != hf_or_expiration) return {register_service_node_result_status::registration_timestamp_expired, tr("The registration has the wrong hard fork: ") + std::to_string(hf_or_expiration) + " != " + std::to_string(registration.hf)}; } if (!tools::hex_to_type(local_args[pubkey_index], registration.service_node_pubkey)) return {register_service_node_result_status::service_node_key_parse_fail, tr("Failed to parse service node pubkey")}; if (!tools::hex_to_type(local_args[signature_index], registration.signature)) return {register_service_node_result_status::service_node_signature_parse_fail, tr("Failed to parse service node signature")}; try { service_nodes::validate_registration( *hf_version, nettype(), staking_requirement, std::chrono::system_clock::to_time_t(now), registration); service_nodes::validate_registration_signature(registration); } catch (const service_nodes::invalid_registration& e) { return {register_service_node_result_status::validate_registration_args_fail, e.what()}; } std::vector extra; add_service_node_contributor_to_tx_extra(extra, address); add_service_node_pubkey_to_tx_extra(extra, registration.service_node_pubkey); if (!add_service_node_registration_to_tx_extra(extra, registration)) return {register_service_node_result_status:: service_node_register_serialize_to_tx_extra_fail, tr("Failed to serialize service node registration tx extra")}; // // Check service is able to be registered // refresh(false); if (const auto [success, response] = get_service_nodes({service_node_key_as_str}); !success) return {register_service_node_result_status::service_node_list_query_failed, ERR_MSG_SERVICE_NODE_LIST_QUERY_FAILED}; else if (response.size() >= 1) return {register_service_node_result_status::service_node_cannot_reregister, tr("This service node is already registered")}; // // Create Register Transaction // uint64_t amount_payable_by_operator = 0; if (!registration.uses_portions) { amount_payable_by_operator = registration.reserved.at(0).second; } else { // TODO: all of this can be deleted after HF19 because it won't be used anymore const uint64_t DUST = oxen::MAX_CONTRIBUTORS_V1; uint64_t amount_left = staking_requirement; for (size_t i = 0; i < registration.reserved.size(); i++) { uint64_t amount = service_nodes::portions_to_amount( staking_requirement, registration.reserved[i].second); if (i == 0) amount_payable_by_operator += amount; amount_left -= amount; } if (amount_left <= DUST) amount_payable_by_operator += amount_left; } std::vector dsts; cryptonote::tx_destination_entry de; de.addr = address; de.is_subaddress = false; de.amount = amount_payable_by_operator; dsts.push_back(de); try { // NOTE(oxen): We know the address should always be a primary address and has no payment id, // so we can ignore the subaddress/payment id field here cryptonote::address_parse_info dest = {}; dest.address = address; oxen_construct_tx_params tx_params = tools::wallet2::construct_params(*hf_version, txtype::stake, priority); auto ptx_vector = create_transactions_2( dsts, cryptonote::TX_OUTPUT_DECOYS, 0 /* unlock_time */, priority, extra, subaddr_account, subaddr_indices, tx_params); if (ptx_vector.size() == 1) { result.status = register_service_node_result_status::success; result.ptx = ptx_vector[0]; } else { result.status = register_service_node_result_status::too_many_transactions_constructed; result.msg = ERR_MSG_TOO_MANY_TXS_CONSTRUCTED; } } catch (const std::exception& e) { result.status = register_service_node_result_status::exception_thrown; result.msg = ERR_MSG_EXCEPTION_THROWN; result.msg += e.what(); return result; } assert(result.status != register_service_node_result_status::invalid); return result; } wallet2::request_stake_unlock_result wallet2::can_request_stake_unlock( const crypto::public_key& sn_key) { request_stake_unlock_result result = {}; result.ptx.tx.version = cryptonote::txversion::v4_tx_types; result.ptx.tx.type = cryptonote::txtype::key_image_unlock; std::string const sn_key_as_str = tools::type_to_hex(sn_key); { const auto [success, response] = get_service_nodes({{sn_key_as_str}}); if (!success) { result.msg = tr("Failed to retrieve service node data from daemon"); return result; } if (response.empty()) { result.msg = tr("No service node is known for: ") + sn_key_as_str; return result; } cryptonote::account_public_address const primary_address = get_address(); nlohmann::json contributions{}; bool found = false; auto const& node_info = response[0]; for (auto const& contributor : node_info["contributors"]) { address_parse_info address_info = {}; cryptonote::get_account_address_from_str( address_info, nettype(), contributor["address"].get()); if (address_info.address != primary_address) continue; found = true; contributions = contributor["locked_contributions"]; break; } if (!found) { result.msg = tr("No contributions recognised by this wallet in service node: ") + sn_key_as_str; return result; } if (contributions.empty()) { result.msg = tr("Unexpected 0 contributions in service node for this wallet ") + sn_key_as_str; return result; } cryptonote::tx_extra_tx_key_image_unlock unlock = {}; { uint64_t curr_height = 0; { std::string err_msg; curr_height = get_daemon_blockchain_height(err_msg); if (!err_msg.empty()) { result.msg = tr("unable to get network blockchain height from daemon: ") + err_msg; return result; } } result.msg.reserve(1024); auto const& contribution = contributions[0]; if (node_info["requested_unlock_height"].get() != 0) { result.msg.append("Key image: "); result.msg.append(contribution["key_image"]); result.msg.append( " has already been requested to be unlocked, unlocking at height: "); result.msg.append(node_info["requested_unlock_height"].get()); result.msg.append(" (about "); result.msg.append(tools::get_human_readable_timespan(std::chrono::seconds( (node_info["requested_unlock_height"].get() - curr_height) * TARGET_BLOCK_TIME))); result.msg.append(")"); return result; } uint64_t small_contributor_amount_threshold = mul128_div64( service_nodes::get_staking_requirement(nettype(), curr_height), service_nodes::SMALL_CONTRIBUTOR_THRESHOLD::num, service_nodes::SMALL_CONTRIBUTOR_THRESHOLD::den); if (contribution["amount"] < small_contributor_amount_threshold && (curr_height - node_info["registration_height"].get()) < service_nodes::SMALL_CONTRIBUTOR_UNLOCK_TIMER) { result.msg.append("You are requesting to unlock a stake of: "); result.msg.append(cryptonote::print_money(contribution["amount"])); result.msg.append( " Oxen which is a small contributor stake.\nSmall contributors need to " "wait "); result.msg.append(std::to_string(service_nodes::SMALL_CONTRIBUTOR_UNLOCK_TIMER)); result.msg.append(" blocks before being allowed to unlock."); result.msg.append("You will need to wait: "); result.msg.append(std::to_string( service_nodes::SMALL_CONTRIBUTOR_UNLOCK_TIMER - (curr_height - node_info["registration_height"].get()))); result.msg.append(" more blocks."); return result; } result.msg.append("You are requesting to unlock a stake of: "); result.msg.append(cryptonote::print_money(contribution["amount"])); result.msg.append( " Oxen from the service node network.\nThis will schedule the service node: "); result.msg.append(node_info["service_node_pubkey"]); result.msg.append(" for deactivation."); if (node_info["contributors"].size() > 1) { result.msg.append(" The stakes of the service node's "); result.msg.append(std::to_string(node_info["contributors"].size() - 1)); result.msg.append(" other contributors will unlock at the same time."); } result.msg.append("\n\n"); uint64_t unlock_height = service_nodes::get_locked_key_image_unlock_height( nettype(), node_info["registration_height"], curr_height); result.msg.append( "You will continue receiving rewards until the service node expires at the " "estimated height: "); result.msg.append(std::to_string(unlock_height)); result.msg.append(" (about "); result.msg.append(tools::get_human_readable_timespan( std::chrono::seconds((unlock_height - curr_height) * TARGET_BLOCK_TIME))); result.msg.append(")"); if (!tools::hex_to_type( contribution["key_image"].get(), unlock.key_image)) { result.msg = tr("Failed to parse hex representation of key image: ") + contribution["key_image"].get(); return result; } // We used to use a 32-byte time value concatenated to itself 8 times as a message hash, // but that accomplishes nothing (there is no point in using a nonce in the message // itself: a signature already has its own nonce), so now we just sign with a null hash // and always send out a nonce value of 0. The nonce value, unfortunately, can't be // easily removed from the key image unlock tx_extra data without versioning/replacing // it, so we still send this 0, but this will hopefully make it easier in the future to // eliminate from the tx extra. unlock.nonce = tx_extra_tx_key_image_unlock::FAKE_NONCE; try { if (!generate_signature_for_request_stake_unlock( unlock.key_image, unlock.signature)) { result.msg = tr("Failed to generate signature to sign request. The key " "image: ") + contribution["key_image"].get() + tr(" doesn't belong to this wallet"); return result; } } catch (const std::exception& e) { result.msg = tr("Failed to generate unlock signature: ") + std::string(e.what()); return result; } } add_service_node_pubkey_to_tx_extra(result.ptx.tx.extra, sn_key); add_tx_key_image_unlock_to_tx_extra(result.ptx.tx.extra, unlock); } result.success = true; return result; } struct ons_prepared_args { bool prepared; operator bool() const { return prepared; } ons::mapping_value encrypted_value; crypto::hash name_hash; ons::generic_owner owner; ons::generic_owner backup_owner; ons::generic_signature signature; crypto::hash prev_txid; }; static bool try_generate_ons_signature( wallet2 const& wallet, std::string const& curr_owner, std::string const* new_owner, std::string const* new_backup_owner, ons_prepared_args& result) { cryptonote::address_parse_info curr_owner_parsed = {}; if (!cryptonote::get_account_address_from_str(curr_owner_parsed, wallet.nettype(), curr_owner)) return false; std::optional index = wallet.get_subaddress_index(curr_owner_parsed.address); if (!index) return false; auto sig_data = ons::tx_extra_signature( result.encrypted_value.to_view(), new_owner ? &result.owner : nullptr, new_backup_owner ? &result.backup_owner : nullptr, result.prev_txid); if (sig_data.empty()) return false; auto& account = wallet.get_account(); auto& hwdev = account.get_device(); hw::mode_resetter rst{hwdev}; hwdev.generate_ons_signature(sig_data, account.get_keys(), *index, result.signature.monero); result.signature.type = ons::generic_owner_sig_type::monero; return true; } static ons_prepared_args prepare_tx_extra_oxen_name_system_values( wallet2 const& wallet, ons::mapping_type type, uint32_t priority, std::string name, std::string const* value, std::string const* owner, std::string const* backup_owner, bool make_signature, ons::ons_tx_type txtype, uint32_t account_index, std::string* reason, nlohmann::json* response) { ons_prepared_args result = {}; if (priority == tools::tx_priority_blink) { if (reason) *reason = "Can not request a blink TX for Oxen Name Service transactions"; return {}; } name = tools::lowercase_ascii_string(name); if (!ons::validate_ons_name(type, name, reason)) return {}; result.name_hash = ons::name_to_hash(name); if (value) { if (!ons::mapping_value::validate( wallet.nettype(), type, *value, &result.encrypted_value, reason)) return {}; if (!result.encrypted_value.encrypt(name, &result.name_hash)) { if (reason) *reason = "Fail to encrypt mapping value=" + *value; return {}; } } if (owner && !ons::parse_owner_to_generic_owner(wallet.nettype(), *owner, result.owner, reason)) return {}; if (backup_owner && !ons::parse_owner_to_generic_owner( wallet.nettype(), *backup_owner, result.backup_owner, reason)) return {}; { nlohmann::json req_params{ {"entries", {{"name_hash", oxenc::to_base64(tools::view_guts(result.name_hash))}, {"types", std::vector{ons::db_mapping_type(type)}}}}, }; auto [success, response_] = wallet.ons_names_to_owners(req_params); if (!response) response = &response_; else *response = std::move(response_); if (!success) { if (reason) *reason = "Failed to query previous owner for ONS entry: communication with daemon " "failed"; return result; } if ((*response)["entries"].size()) { if (!tools::hex_to_type( (*response)["entries"][0]["txid"].get(), result.prev_txid)) { if (reason) *reason = "Failed to convert response txid=" + (*response)["entries"][0]["txid"].get() + " from the daemon into a 32 byte hash, it must be a 64 char hex " "string"; return result; } } if (txtype == ons::ons_tx_type::update && make_signature) { if (response->empty()) { if (reason) *reason = "Signature requested when preparing ONS TX but record to update does " "not exist"; return result; } cryptonote::address_parse_info curr_owner_parsed = {}; cryptonote::address_parse_info curr_backup_owner_parsed = {}; auto& rowner = (*response)["entries"].front()["owner"]; std::string* rbackup_owner = (*response)["entries"].front().value("backup_owner", nullptr); ; bool curr_owner = cryptonote::get_account_address_from_str( curr_owner_parsed, wallet.nettype(), rowner.get()); bool curr_backup_owner = rbackup_owner && cryptonote::get_account_address_from_str( curr_backup_owner_parsed, wallet.nettype(), *rbackup_owner); if (!try_generate_ons_signature(wallet, rowner, owner, backup_owner, result)) { if (!rbackup_owner || !try_generate_ons_signature( wallet, *rbackup_owner, owner, backup_owner, result)) { if (reason) { *reason = "Signature requested when preparing ONS TX, but this wallet is not " "the owner of the record owner=" + rowner.get(); if (rbackup_owner) *reason += ", backup_owner=" + *rbackup_owner; } return result; } } } else if (txtype == ons::ons_tx_type::renew) { if ((*response)["entries"].empty()) { if (reason) *reason = "Renewal requested but record to renew does not exist or has expired"; return result; } } } result.prepared = true; return result; } std::vector wallet2::ons_create_buy_mapping_tx( ons::mapping_type type, std::string const* owner, std::string const* backup_owner, std::string name, std::string const& value, std::string* reason, uint32_t priority, uint32_t account_index, std::set