Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use HMAC derivation for blinding keys #74

Merged
merged 1 commit into from
Feb 15, 2016
Merged

Use HMAC derivation for blinding keys #74

merged 1 commit into from
Feb 15, 2016

Conversation

sipa
Copy link
Contributor

@sipa sipa commented Feb 2, 2016

Use a per-wallet secret to HMAC-SHA256 deriving blinding keys, rather than using a single static one.

No support for importing keys with alternate derivation keys yet.

Needs testing.

@sipa sipa mentioned this pull request Feb 2, 2016
Merged
@sipa sipa force-pushed the deriveblind branch 6 times, most recently from 75f59f1 to 9610daf Compare February 3, 2016 16:03
@sipa
Copy link
Contributor Author

sipa commented Feb 4, 2016

Also included now:

  • Bugfix where unblinded addresses were reported in transaction RPCs.
  • Add RPCs dumpblindingkey and importblindingkey that operate on per-address blinding keys (not the wallet master blinding key)

@sipa sipa force-pushed the deriveblind branch 3 times, most recently from 0e683da to ef5696b Compare February 5, 2016 16:26
@jonasnick jonasnick mentioned this pull request Feb 5, 2016
Closed
@jonasnick
Copy link
Contributor

ACK when getaddressesbyaccount is fixed such that it includes blinding keys.
Tested with wallet.py and walletbackup.py (#77).

@sipa
Copy link
Contributor Author

sipa commented Feb 5, 2016

Updated.

instagibbs
instagibbs reviewed Feb 6, 2016
View reviewed changes
src/wallet.h
vBlindingKeys[nOut] = blinding_key.GetPubKey();
}
}
if (!res && (blinding_key = pwallet->GetBlindingKey(NULL)).IsValid()) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're having issues with none of these three cases firing with either unblinded or static blinded outputs. We get:

alphad: base58.cpp:240: CBitcoinAddress& CBitcoinAddress::AddBlindingKey(const CPubKey&): Assertion `pubkey.size() == 33' failed.

Copy link
Contributor Author

@sipa sipa Feb 6, 2016 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

http://pastebin.com/V8fjAUky

It doesn't happen when the list is going to be empty.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I pushed a fix for the non-blinded case.

@instagibbs
Copy link
Collaborator

instagibbs@ede5023

My attempt at fixing sending, etc.

@wtogami
Copy link
Contributor

wtogami commented Feb 15, 2016

@sipa Please review @instagibbs patch and add to your PR branch if you like it?

@sipa
Copy link
Contributor Author

sipa commented Feb 15, 2016

@warren Cherry picked.

@sipa sipa merged commit c5904a9 into ElementsProject:alpha Feb 15, 2016
sipa added a commit that referenced this pull request Feb 15, 2016
@sipa
Merge pull request #74
df4c512 
c5904a9 Use HMAC derivation for blinding keys (Pieter Wuille)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sipa @jonasnick @instagibbs @wtogami