Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable supply auditing via cryptographic commitments and proofs #102

Draft
wants to merge 40 commits into
base: trunk
Choose a base branch
from
Draft

Enable supply auditing via cryptographic commitments and proofs #102

wants to merge 40 commits into from

Commits on Jun 9, 2023

  1. Retarget secp256k1 submodule 

    Switching to a fork allows us to leverage bulletproofs

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    2c04c7b View commit details
    Browse the repository at this point in the history

  2. Add helpers for creating Pedersen Commitments 

    Includes creating commitments directly as well as a facility for
automatically creating an “xonly” Pedersen Commitment.

xonly Pedersen Commitments are a work-around to avoid a larger code-
delta for this solution. In particular, it will allow us to avoid
changing the size of a UHS ID.

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    404e1b2 View commit details
    Browse the repository at this point in the history

  3. Add new supporting data structures for proof 

    These data structures will be integrated into transactions and
leveraged to implement confidential transactions.

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    1b43a35 View commit details
    Browse the repository at this point in the history

  4. Add serialization support for std::map 

    This implementation is mostly cribbed from what we already have
for std::unordered_map and is added only because it will be easier
for us to leverage in some places.

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    39a125f View commit details
    Browse the repository at this point in the history

  5. Add some small clean-ups 

    This is separated only so it doesn't muddy review of the other, more
substantial commits.

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    c9d7d48 View commit details
    Browse the repository at this point in the history

  6. Give wallets/clients support for bulletproofs 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    04b1457 View commit details
    Browse the repository at this point in the history

  7. Add auxiliary-commitment creation helper 

    This method allows for the easy creation of valid blinding factors
(and the associated auxiliary Pedersen Commitments) for new outputs
to be created in a transaction.

Using this helper ensures that the auxiliary commitments in a
non-minting transaction will sum to 0, and those in a minting-
transaction will equal G^{minted_value}.

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    cefb9bd View commit details
    Browse the repository at this point in the history

  8. Add helpers for calculating new UHS IDs 

    Only one is exposed as its easiest to use in most circumstances,
but the others can be exposed in the future if-needed (exposing
them for use shouldn't have any negative side-effects).

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    7a2fee7 View commit details
    Browse the repository at this point in the history

  9. Leverage Cryptographic Proofs 

    This is the largest commit in the series by-far; however, it's not
immediately clear to me how it could be broken down further and
leave the code functional (passing all tests) at each commit.

Included in this commit:

* Redefine `input`s and `output`s to contain all the proofs
* Modify `full_tx` and `compact_tx` to include the necessary proofs
* Add routines for creating and verifying all proof criteria
* Store the proofs in the UHS (both architectures)
* Modify clients and sentinels to actually prove and verify
* Update all tests for the new structures
* Remove a few tests which are now not possible cases
* Add tests for basic round-tripping of storage through the UHS

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    a69a9b6 View commit details
    Browse the repository at this point in the history

  10. Update shard seeder tool 

    Co-authored-by: Sam Stuewe <[email protected]>
Signed-off-by: davidmag854 <[email protected]>
Signed-off-by: Sam Stuewe <[email protected]>
    @david8544 @HalosGhost
    david8544 and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    7d618ae View commit details
    Browse the repository at this point in the history

  11. Fix some Lint/CI-related things 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    787dcc2 View commit details
    Browse the repository at this point in the history

  12. Reconciliation with sentinel attestations 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    2aa4d1f View commit details
    Browse the repository at this point in the history

  13. Simplify UHS ID 

    Rather than try to use a pedersen commitment as a UHS ID, prefer
a nested hash (almost identical to the values-in-UHS solution).

This simplifies a lot of the prove/verify procedures, reduces the
amount of code we need overall and makes the security argument
much simpler (because the transaction format is now largely
unchanged).

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    c0c7541 View commit details
    Browse the repository at this point in the history

  14. Add audit tool for combining audit logs 

    Signed-off-by: James Lovejoy <[email protected]>
    @metalicjames @HalosGhost
    metalicjames authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    bce49af View commit details
    Browse the repository at this point in the history

  15. Implement supply auditing for atomizer shard and add audit checks to … 

    …atomizer integration tests

Signed-off-by: James Lovejoy <[email protected]>
Signed-off-by: Sam Stuewe <[email protected]>
    @metalicjames @HalosGhost
    metalicjames authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    87f6fb6 View commit details
    Browse the repository at this point in the history

  16. WIP: Preliminary update of the audit-tool for cryptographic commitments 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    3f9f6df View commit details
    Browse the repository at this point in the history

  17. Fix linting and build issues 

    Includes:
* Pull in newest secp-zkp changes
* Fix a doxygen doc-comment problem
* remove a potentially-problematic header include

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    036adb6 View commit details
    Browse the repository at this point in the history

  18. Log error details of rejected TXs

    @wadagso-gertjaap @HalosGhost
    wadagso-gertjaap authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    27974af View commit details
    Browse the repository at this point in the history

  19. Additional TX logging on failed TXs

    @wadagso-gertjaap @HalosGhost
    wadagso-gertjaap authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    2e3914a View commit details
    Browse the repository at this point in the history

  20. Add logging to the wallet

    @wadagso-gertjaap @HalosGhost
    wadagso-gertjaap authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    c091530 View commit details
    Browse the repository at this point in the history

  21. Change wallet-logging to info 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    71b2481 View commit details
    Browse the repository at this point in the history

  22. Correct seeded_input creation 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    3f371f4 View commit details
    Browse the repository at this point in the history

  23. Correct pre-seeded transaction creation 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    4e9de3d View commit details
    Browse the repository at this point in the history

  24. Remove UHS ID from compact_output 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    7d12d79 View commit details
    Browse the repository at this point in the history

  25. Correctly initialize timestamps 

    In the atomizer load-generator, several timestamps were not
initialized; their first use was with `operator+=`.

This simply initializes them to 0 making that first use valid.

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    f807040 View commit details
    Browse the repository at this point in the history

  26. Omnibus update to fix quite a few issues 

    Includes
* fixing all tests (locally, at least)
* correctly checking transaction balancing

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    8024286 View commit details
    Browse the repository at this point in the history

  27. [WIP]: improve shard-seeder performance for crypto TD 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    b9c7889 View commit details
    Browse the repository at this point in the history

  28. Remove rangeproof from transaction input. 

    Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    aa6b269 View commit details
    Browse the repository at this point in the history

  29. Check for existence of rangeproofs in outputs during validation. 

    Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    d51ddc6 View commit details
    Browse the repository at this point in the history

  30. Do not compute rangeproof for inputs in transaction::wallet::create_s… 

    …eeded_transaction

Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    d7bd576 View commit details
    Browse the repository at this point in the history

  31. Initialize output w explicit rangeproof arg 

    Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    367e2c2 View commit details
    Browse the repository at this point in the history

  32. Add unsigned long suffix(UL) where needed 

    Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    5d82195 View commit details
    Browse the repository at this point in the history

  33. Remove setting of rangeproof for transaction input 

    Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    482d884 View commit details
    Browse the repository at this point in the history

  34. Set a dummy rangeproof object for unit tests - accommodate tamper det… 

    … changes

Signed-off-by: Alexander Jung <[email protected]>

Set dummy rangeproof for outputs for unit tests where needed

Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    2582ef3 View commit details
    Browse the repository at this point in the history

  35. Invoke transaction::calculate_uhs_id() without creating compact_output 

    Signed-off-by: Alexander Jung <[email protected]>
    @AlexRamRam @HalosGhost
    AlexRamRam authored and HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    af5d1e3 View commit details
    Browse the repository at this point in the history

  36. Clean-up linting 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    eef47c8 View commit details
    Browse the repository at this point in the history

  37. Lift create_seeded_transaction outside hot loop 

    Also includes modifying twophase mode's transaction-creation
to reuse pedersen-commitments/range-proofs

Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    eff5692 View commit details
    Browse the repository at this point in the history

Commits on Jul 6, 2023

  1. [DO NOT MERGE] workaround: let the TC see this PR 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    c3ea8e1 View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2023

  1. fix: add missing include 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    6287bf2 View commit details
    Browse the repository at this point in the history

  2. fix: reconcile microbenchmarks for auditing 

    Signed-off-by: Sam Stuewe <[email protected]>
    @HalosGhost
    HalosGhost committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    95abaf1 View commit details
    Browse the repository at this point in the history