fix: backup spend

base_layer/wallet/src/output_manager_service/service.rs

@@ -19,7 +19,6 @@
 // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 // USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
 use std::{collections::HashMap, convert::TryInto, fmt, sync::Arc};
 
 use diesel::result::{DatabaseErrorKind, Error as DieselError};
@@ -81,7 +80,10 @@ use tari_script::{
 };
 use tari_service_framework::reply_channel;
 use tari_shutdown::ShutdownSignal;
-use tari_utilities::{hex::Hex, ByteArray};
+use tari_utilities::{
+    hex::{from_hex, Hex},
+    ByteArray,
+};
 use tokio::{sync::Mutex, time::Instant};
 
 use crate::{
@@ -133,6 +135,8 @@ where
     TWalletConnectivity: WalletConnectivityInterface,
     TKeyManagerInterface: TransactionKeyManagerInterface,
 {
+    pub const PUSH_PUBKEY_IDENTIFIER: &str = "217e";
+
     pub async fn new(
         config: OutputManagerServiceConfig,
         request_stream: reply_channel::Receiver<
@@ -1627,14 +1631,17 @@ where
         {
             if output.verify_mask(&self.resources.factories.range_proof, &spending_key, amount.as_u64())? {
                 let spending_key_id = self.resources.key_manager.import_key(spending_key).await?;
+                let script_key = self
+                    .pre_mine_script_key_from_payment_id(payment_id.clone(), tx_id)
+                    .await?;
                 WalletOutput::new_with_rangeproof(
                     output.version,
                     amount,
                     spending_key_id,
                     output.features,
                     output.script,
                     ExecutionStack::default(),
-                    self.resources.key_manager.get_spend_key().await?.key_id, // Only of the master wallet
+                    script_key.key_id,
                     output.sender_offset_public_key,
                     output.metadata_signature,
                     0,
@@ -1663,14 +1670,14 @@ where
             range_proof_type,
             ..Default::default()
         };
-        let script = script!(PushPubKey(Box::new(recipient_address.public_spend_key().clone())));
+        let temp_script = script!(PushPubKey(Box::default()));
         let metadata_byte_size = self
             .resources
             .consensus_constants
             .transaction_weight_params()
             .round_up_features_and_scripts_size(
                 output_features.get_serialized_size()? +
-                    script.get_serialized_size()? +
+                    temp_script.get_serialized_size()? +
                     Covenant::default().get_serialized_size()?,
             );
         let fee = self.get_fee_calc();
@@ -1691,7 +1698,7 @@ where
             .await?
             .with_sender_address(self.resources.one_sided_tari_address.clone())
             .with_recipient_data(
-                push_pubkey_script(recipient_address.public_spend_key()),
+                script!(PushPubKey(Box::default())),
                 output_features,
                 Covenant::default(),
                 minimum_value_promise,
@@ -1749,8 +1756,8 @@ where
             )
             .await?;
 
-        let spending_key = shared_secret_to_output_spending_key(&shared_secret)?;
-        let spending_key_id = self.resources.key_manager.import_key(spending_key).await?;
+        let commitment_mask_key = shared_secret_to_output_spending_key(&shared_secret)?;
+        let commitment_mask_key_id = self.resources.key_manager.import_key(commitment_mask_key).await?;
 
         let encryption_private_key = shared_secret_to_output_encryption_key(&shared_secret)?;
         let encryption_key_id = self.resources.key_manager.import_key(encryption_private_key).await?;
@@ -1767,13 +1774,19 @@ where
                 .map_err(|e| service_error_with_id(tx_id, e.to_string(), true))?,
         );
 
-        // Create the output with a partially signed metadata signature
+        let script_spending_key = self
+            .resources
+            .key_manager
+            .stealth_address_script_spending_key(&commitment_mask_key_id, recipient_address.public_spend_key())
+            .await?;
+        let script = push_pubkey_script(&script_spending_key);
         let payment_id = match payment_id {
             PaymentId::Open(v) => PaymentId::AddressAndData(self.resources.interactive_tari_address.clone(), v),
             PaymentId::Empty => PaymentId::Address(self.resources.one_sided_tari_address.clone()),
             _ => payment_id,
         };
-        let output = WalletOutputBuilder::new(amount, spending_key_id)
+
+        let output = WalletOutputBuilder::new(amount, commitment_mask_key_id)
             .with_features(
                 sender_message
                     .single()
@@ -1791,7 +1804,7 @@ where
             .await?
             .with_input_data(ExecutionStack::default()) // Just a placeholder in the wallet
             .with_sender_offset_public_key(sender_offset_public_key)
-            .with_script_key(self.resources.key_manager.get_spend_key().await?.key_id)
+            .with_script_key(KeyId::Zero)
             .with_minimum_value_promise(minimum_value_promise)
             .sign_as_sender_and_receiver_verified(
                 &self.resources.key_manager,
@@ -1827,6 +1840,19 @@ where
         Ok((tx, amount, fee))
     }
 
+    /// Convert a hex string to serialized bytes made up as an identifier concatenated with data
+    pub fn hex_to_bytes_serialized(identifier: &str, data: &str) -> Result<Vec<u8>, String> {
+        if identifier.len() % 2 != 0 {
+            return Err("Invalid identifier".to_string());
+        }
+        if data.len() % 2 != 0 {
+            return Err("Invalid payload".to_string());
+        }
+
+        let hex = identifier.to_owned() + data;
+        from_hex(hex.as_str()).map_err(|e| e.to_string())
+    }
+
     async fn create_pay_to_self_transaction(
         &mut self,
         tx_id: TxId,