-
Notifications
You must be signed in to change notification settings - Fork 966
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add BIP352 silentpayments
module
#1519
base: master
Are you sure you want to change the base?
Add BIP352 silentpayments
module
#1519
Commits on May 8, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 957eb03 - Browse repository at this point
Copy the full SHA 957eb03View commit details -
Configuration menu - View commit details
-
Copy full SHA for 31187da - Browse repository at this point
Copy the full SHA 31187daView commit details -
Configuration menu - View commit details
-
Copy full SHA for ac97828 - Browse repository at this point
Copy the full SHA ac97828View commit details -
silentpayments: implement shared secret creation
Add function for calculating either a*B or A*b. This function is used by both the sender and the recipient (i.e. a*B == A*b). Add functions for generating the tagged input hash, as this is used when creating the shared secret. In a later commit, `create_shared_secret` will be exposed in the API for the receiver to use when scanning as a light client.
Configuration menu - View commit details
-
Copy full SHA for f35ab7d - Browse repository at this point
Copy the full SHA f35ab7dView commit details -
silentpayments: implement output pubkey creation
Add methods for creating an xonly output from a shared secret. This involves adding a tagged hash for creating the output. This function will be exposed in the API in a later commit for the receiver to use when scanning as a light client.
Configuration menu - View commit details
-
Copy full SHA for a4f3583 - Browse repository at this point
Copy the full SHA a4f3583View commit details -
silentpayments: add sender routine
Given a set of private keys, the smallest outpoint, and list of recipients this function handles the entire sender flow: 1. Sum up the private keys 2. Calculate the input_hash 3. For each recipient: 3a. Calculate a shared secret 3b. Create the requested number of outputs This function assumes a single sender context in that it requires the sender to have access to all of the private keys. In the future, this API may be expanded to allow for a multiple senders or for a single sender who does not have access to all private keys at any given time, but for now these modes are considered out of scope / unsafe.
Configuration menu - View commit details
-
Copy full SHA for 2aec662 - Browse repository at this point
Copy the full SHA 2aec662View commit details -
silentpayments: add recipient label support
Add function for creating a label tweak. This requires a tagged hash function for labels. This function is used by the receiver for creating labels to be used for a) creating labelled addresses and b) to populate a labels cache when scanning. Add function for creating a labelled spend pubkey. This involves taking a label tweak, turning it into a public key and adding it to the spend public key. This function is used by the receiver to create a labelled silent payment address.
Configuration menu - View commit details
-
Copy full SHA for 8d5fe46 - Browse repository at this point
Copy the full SHA 8d5fe46View commit details -
silentpayments: add opaque data type
public_data
Add data type for passing around the summed input public key (A_sum) and the input hash tweak (input_hash). This data is passed to the scanner before the ECDH step as two separate elements so that the scanner can multiply b_scan * input_hash before doing ECDH. Add functions for deserializing / serializing a public_data object to and from a public key. When serializing a public_data object, the input_hash is multplied into A_sum. This is so the object can be stored as public key for wallet rescanning later, or to vend to light clients. For the light client, a `_parse` function is added which parses the compressed public key serialization into a `public_data` object.
Configuration menu - View commit details
-
Copy full SHA for d43636b - Browse repository at this point
Copy the full SHA d43636bView commit details -
silentpayments: add recipient scanning routine
Add routine for scanning a transaction and returning the necessary spending data for any found outputs. This function works with labels via a lookup callback and requires access to the transaction outputs. Requiring access to the transaction outputs is not suitable for light clients, but light client support is enabled in followup commits.
Configuration menu - View commit details
-
Copy full SHA for ab908c6 - Browse repository at this point
Copy the full SHA ab908c6View commit details -
silentpayments: add recipient light client support
Expose a shared secret routine in the public API and a output_pubkey creation routine. These are simple wrappers around the same functions the module is using under the hood. They are exposed for the light client as the minimal set of operations they need to do scanning without access to the transaction outputs. This means the light client will need to manage their own scanning state, so wherever possible it is preferrable to use the `_recipient_scan_ouputs` function.
Configuration menu - View commit details
-
Copy full SHA for b58f891 - Browse repository at this point
Copy the full SHA b58f891View commit details -
silentpayments: add examples/silentpayments.c
Demonstrate sending, scanning, and light client scanning.
Configuration menu - View commit details
-
Copy full SHA for dfe9243 - Browse repository at this point
Copy the full SHA dfe9243View commit details -
silentpayments: add benchmark for
scan_outputs
Add a benchmark for `scan_outputs` as this is the most performance critical part of silent payments.
Configuration menu - View commit details
-
Copy full SHA for baafed0 - Browse repository at this point
Copy the full SHA baafed0View commit details -
tests: add BIP-352 test vectors
The vectors are generated with a Python script that converts the .json file from the BIP to C code: $ ./tools/tests_silentpayments_generate.py test_vectors.json > ./src/modules/silentpayments/vectors.h
Configuration menu - View commit details
-
Copy full SHA for 932fe57 - Browse repository at this point
Copy the full SHA 932fe57View commit details -
Configuration menu - View commit details
-
Copy full SHA for 56ed901 - Browse repository at this point
Copy the full SHA 56ed901View commit details