Skip to content

Commit

Permalink
refactor: remove metadata sig and use difference key branch for offset (
Browse files Browse the repository at this point in the history 
tari-project#6400)

Description
---
Removes the metadata signature generation from the ledger for partial
senders. In favour of the future refactor of generating the full
metadata signature for one-sided only.

Motivation and Context
---
Better support for one-sided tx's

How Has This Been Tested?
---
Manually. Ledger will currently fail to build proper tx's with these
changes.

What process can a PR reviewer use to test or verify this change?
---

<!-- Checklist -->
<!-- 1. Is the title of your PR in the form that would make nice release
notes? The title, excluding the conventional commit
tag, will be included exactly as is in the CHANGELOG, so please think
about it carefully. -->


Breaking Changes
---

- [x] None
- [ ] Requires data directory on base node to be deleted
- [ ] Requires hard fork
- [ ] Other - Please specify

<!-- Does this include a breaking change? If so, include this line as a
footer -->
<!-- BREAKING CHANGE: Description what the user should do, e.g. delete a
database, resync the chain -->
  • Loading branch information
@brianp
brianp authored Jul 16, 2024
1 parent cc74845 commit 446a118
Show file tree
Hide file tree
Showing 6 changed files with 59 additions and 226 deletions.
119 changes: 0 additions & 119 deletions applications/minotari_ledger_wallet/wallet/src/handlers/get_metadata_signature.rs
View file

This file was deleted.

10 changes: 4 additions & 6 deletions applications/minotari_ledger_wallet/wallet/src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ mod app_ui {
}
mod handlers {
pub mod get_dh_shared_secret;
pub mod get_metadata_signature;
pub mod get_public_alpha;
pub mod get_public_key;
pub mod get_script_offset;
Expand All @@ -30,7 +29,6 @@ use app_ui::menu::ui_menu_main;
use critical_section::RawRestoreState;
use handlers::{
get_dh_shared_secret::handler_get_dh_shared_secret,
get_metadata_signature::handler_get_metadata_signature,
get_public_alpha::handler_get_public_alpha,
get_public_key::handler_get_public_key,
get_script_offset::{handler_get_script_offset, ScriptOffsetCtx},
Expand Down Expand Up @@ -117,7 +115,7 @@ pub enum Instruction {
GetPublicAlpha,
GetScriptSignature,
GetScriptOffset { chunk: u8, more: bool },
GetMetadataSignature,
GetScriptSignatureFromChallenge,
GetViewKey,
GetDHSharedSecret,
}
Expand All @@ -144,7 +142,7 @@ impl KeyType {
fn from_branch_key(n: u64) -> Self {
match n {
1 => Self::Alpha,
6 => Self::SenderOffset,
7 => Self::SenderOffset,
5 | 2 | _ => Self::Nonce,
}
}
Expand Down Expand Up @@ -175,7 +173,7 @@ impl TryFrom<ApduHeader> for Instruction {
chunk: value.p1,
more: value.p2 == P2_MORE,
}),
(0x07, 0, 0) => Ok(Instruction::GetMetadataSignature),
(0x08, 0, 0) => Ok(Instruction::GetScriptSignatureFromChallenge),
(0x09, 0, 0) => Ok(Instruction::GetViewKey),
(0x10, 0, 0) => Ok(Instruction::GetDHSharedSecret),
(0x06, _, _) => Err(AppSW::WrongP1P2),
Expand Down Expand Up @@ -223,7 +221,7 @@ fn handle_apdu(comm: &mut Comm, ins: Instruction, offset_ctx: &mut ScriptOffsetC
Instruction::GetPublicAlpha => handler_get_public_alpha(comm),
Instruction::GetScriptSignature => handler_get_script_signature(comm),
Instruction::GetScriptOffset { chunk, more } => handler_get_script_offset(comm, chunk, more, offset_ctx),
Instruction::GetMetadataSignature => handler_get_metadata_signature(comm),
Instruction::GetScriptSignatureFromChallenge => handler_get_script_signature_from_challenge(comm),
Instruction::GetViewKey => handler_get_view_key(comm),
Instruction::GetDHSharedSecret => handler_get_dh_shared_secret(comm),
}
Expand Down
128 changes: 28 additions & 100 deletions base_layer/core/src/transactions/key_manager/inner.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,6 @@ use tari_crypto::{
},
};
use tari_hashing::KeyManagerTransactionsHashDomain;
#[cfg(feature = "ledger")]
use tari_key_manager::error::KeyManagerError;
use tari_key_manager::{
cipher_seed::CipherSeed,
key_manager::KeyManager,
Expand Down Expand Up @@ -212,9 +210,7 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
// SenderOffset than we fetch from the ledger, all other keys are fetched below.
#[allow(unused_variables)]
if let WalletType::Ledger(ledger) = &self.wallet_type {
if branch == &TransactionKeyManagerBranch::MetadataEphemeralNonce.get_branch_key() ||
branch == &TransactionKeyManagerBranch::SenderOffset.get_branch_key()
{
if branch == &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() {
#[cfg(not(feature = "ledger"))]
{
return Err(KeyManagerServiceError::LedgerError(
Expand Down Expand Up @@ -472,9 +468,9 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static

// If we're trying to access any of the private keys, just say no bueno
if &TransactionKeyManagerBranch::Alpha.get_branch_key() == branch ||
&TransactionKeyManagerBranch::SenderOffset.get_branch_key() == branch ||
&TransactionKeyManagerBranch::MetadataEphemeralNonce.get_branch_key() == branch
&TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() == branch
{
debug!(target: LOG_TARGET, "Attempted to access private key for branch {branch:?}");
return Err(KeyManagerServiceError::LedgerPrivateKeyInaccessible);
}
};
Expand Down Expand Up @@ -559,7 +555,7 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
#[allow(unused_variables)]
if let WalletType::Ledger(ledger) = &self.wallet_type {
if let KeyId::Managed { branch, index } = secret_key_id {
if branch == &TransactionKeyManagerBranch::SenderOffset.get_branch_key() {
if branch == &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() {
#[cfg(not(feature = "ledger"))]
{
return Err(TransactionError::LedgerNotSupported);
Expand All @@ -586,7 +582,7 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
#[allow(unused_variables)]
if let WalletType::Ledger(ledger) = &self.wallet_type {
if let KeyId::Managed { branch, index } = secret_key_id {
if branch == &TransactionKeyManagerBranch::SenderOffset.get_branch_key() {
if branch == &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() {
#[cfg(not(feature = "ledger"))]
{
return Err(TransactionError::LedgerNotSupported);
Expand Down Expand Up @@ -1176,99 +1172,31 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
txo_version: &TransactionOutputVersion,
metadata_signature_message: &[u8; 32],
) -> Result<ComAndPubSignature, TransactionError> {
match &self.wallet_type {
WalletType::Software => {
let ephemeral_private_key = self.get_private_key(ephemeral_private_nonce_id).await?;
let ephemeral_pubkey = PublicKey::from_secret_key(&ephemeral_private_key);
PublicKey::from_secret_key(&ephemeral_private_key);
let sender_offset_private_key = self.get_private_key(sender_offset_key_id).await?; // Take the index and use it to find the key from ledger
let sender_offset_public_key = PublicKey::from_secret_key(&sender_offset_private_key);

let challenge = TransactionOutput::finalize_metadata_signature_challenge(
txo_version,
&sender_offset_public_key,
ephemeral_commitment,
&ephemeral_pubkey,
commitment,
metadata_signature_message,
);

let metadata_signature = ComAndPubSignature::sign(
&PrivateKey::default(),
&PrivateKey::default(),
&sender_offset_private_key,
&PrivateKey::default(),
&PrivateKey::default(),
&ephemeral_private_key,
&challenge,
&*self.crypto_factories.commitment,
)?;
Ok(metadata_signature)
},
#[allow(unused_variables)]
WalletType::Ledger(ledger) => {
#[cfg(not(feature = "ledger"))]
{
Err(TransactionError::LedgerNotSupported)
}

#[cfg(feature = "ledger")]
{
let ephemeral_private_nonce_index =
ephemeral_private_nonce_id
.managed_index()
.ok_or(TransactionError::KeyManagerError(
KeyManagerError::InvalidKeyID.to_string(),
))?;
let sender_offset_key_index =
sender_offset_key_id
.managed_index()
.ok_or(TransactionError::KeyManagerError(
KeyManagerError::InvalidKeyID.to_string(),
))?;
let ephemeral_private_key = self.get_private_key(ephemeral_private_nonce_id).await?;
let ephemeral_pubkey = PublicKey::from_secret_key(&ephemeral_private_key);
let sender_offset_private_key = self.get_private_key(sender_offset_key_id).await?; // Take the index and use it to find the key from ledger
let sender_offset_public_key = PublicKey::from_secret_key(&sender_offset_private_key);

let mut data = u64::from(ledger.network.as_byte()).to_le_bytes().to_vec();
data.extend_from_slice(&u64::from(txo_version.as_u8()).to_le_bytes());
data.extend_from_slice(&ephemeral_private_nonce_index.to_le_bytes());
data.extend_from_slice(&sender_offset_key_index.to_le_bytes());
data.extend_from_slice(&commitment.to_vec());
data.extend_from_slice(&ephemeral_commitment.to_vec());
data.extend_from_slice(&metadata_signature_message.to_vec());

let command = ledger.build_command(Instruction::GetMetadataSignature, data);
let transport = get_transport()?;
let challenge = TransactionOutput::finalize_metadata_signature_challenge(
txo_version,
&sender_offset_public_key,
ephemeral_commitment,
&ephemeral_pubkey,
commitment,
metadata_signature_message,
);

match command.execute_with_transport(&transport) {
Ok(result) => {
if result.data().len() < 161 {
debug!(target: LOG_TARGET, "result less than 161");
return Err(LedgerDeviceError::Processing(format!(
"'get_metadata_signature' insufficient data - expected 161 got {} bytes ({:?})",
result.data().len(),
result
))
.into());
}
let data = result.data();
debug!(target: LOG_TARGET, "result length: {}, data: {:?}", result.data().len(), result.data());
Ok(ComAndPubSignature::new(
Commitment::from_canonical_bytes(&data[1..33])
.map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
PublicKey::from_canonical_bytes(&data[33..65])
.map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
PrivateKey::from_canonical_bytes(&data[65..97])
.map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
PrivateKey::from_canonical_bytes(&data[97..129])
.map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
PrivateKey::from_canonical_bytes(&data[129..161])
.map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
))
},
Err(e) => Err(LedgerDeviceError::Instruction(format!("GetMetadataSignature: {}", e)).into()),
}
}
},
}
let metadata_signature = ComAndPubSignature::sign(
&PrivateKey::default(),
&PrivateKey::default(),
&sender_offset_private_key,
&PrivateKey::default(),
&PrivateKey::default(),
&ephemeral_private_key,
&challenge,
&*self.crypto_factories.commitment,
)?;
Ok(metadata_signature)
}

// -----------------------------------------------------------------------------------------------------------------
Expand Down
3 changes: 3 additions & 0 deletions base_layer/core/src/transactions/key_manager/interface.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@ pub enum TransactionKeyManagerBranch {
Nonce = 0x04,
KernelNonce = 0x05,
SenderOffset = 0x06,
SenderOffsetLedger = 0x07,
}

impl TransactionKeyManagerBranch {
Expand All @@ -78,6 +79,7 @@ impl TransactionKeyManagerBranch {
TransactionKeyManagerBranch::MetadataEphemeralNonce => "metadata ephemeral nonce".to_string(),
TransactionKeyManagerBranch::KernelNonce => "kernel nonce".to_string(),
TransactionKeyManagerBranch::SenderOffset => "sender offset".to_string(),
TransactionKeyManagerBranch::SenderOffsetLedger => "sender offset ledger".to_string(),
}
}

Expand All @@ -89,6 +91,7 @@ impl TransactionKeyManagerBranch {
"metadata ephemeral nonce" => TransactionKeyManagerBranch::MetadataEphemeralNonce,
"kernel nonce" => TransactionKeyManagerBranch::KernelNonce,
"sender offset" => TransactionKeyManagerBranch::SenderOffset,
"sender offset ledger" => TransactionKeyManagerBranch::SenderOffsetLedger,
"nonce" => TransactionKeyManagerBranch::Nonce,
_ => TransactionKeyManagerBranch::Nonce,
}
Expand Down
16 changes: 16 additions & 0 deletions base_layer/core/src/transactions/transaction_protocol/sender.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -342,6 +342,22 @@ impl SenderTransactionProtocol {
}
}

pub fn change_recipient_sender_offset_private_key(&mut self, key_id: TariKeyId) -> Result<(), TPE> {
match &mut self.state {
SenderState::Initializing(ref mut info) |
SenderState::Finalizing(ref mut info) |
SenderState::SingleRoundMessageReady(ref mut info) |
SenderState::CollectingSingleSignature(ref mut info) => {
if let Some(ref mut v) = info.recipient_data {
v.recipient_sender_offset_key_id = key_id;
}
},
SenderState::FinalizedTransaction(_) | SenderState::Failed(_) => return Err(TPE::InvalidStateError),
}

Ok(())
}

/// This function will return the value of the fee of this transaction
pub fn get_fee_amount(&self) -> Result<MicroMinotari, TPE> {
match &self.state {
Expand Down
Loading

0 comments on commit 446a118

Please sign in to comment.