From 9788f189b195cf649d417ab119002c166b4e675a Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Tue, 4 Nov 2025 16:09:04 +0200 Subject: [PATCH 01/14] feat: stat of deterministic passwords --- key_protocol/src/key_management/mod.rs | 19 +++++++++ .../src/key_management/secret_holders.rs | 12 ++++++ key_protocol/src/key_protocol_core/mod.rs | 42 +++++++++++++++++++ 3 files changed, 73 insertions(+) diff --git a/key_protocol/src/key_management/mod.rs b/key_protocol/src/key_management/mod.rs index f22a99f..b642e13 100644 --- a/key_protocol/src/key_management/mod.rs +++ b/key_protocol/src/key_management/mod.rs @@ -39,6 +39,25 @@ impl KeyChain { } } + pub fn new_mnemonic(passphrase: String) -> Self { + //Currently dropping SeedHolder at the end of initialization. + //Now entirely sure if we need it in the future. + let seed_holder = SeedHolder::new_mnemonic(passphrase); + let secret_spending_key = seed_holder.produce_top_secret_key_holder(); + + let private_key_holder = secret_spending_key.produce_private_key_holder(); + + let nullifer_public_key = private_key_holder.generate_nullifier_public_key(); + let incoming_viewing_public_key = private_key_holder.generate_incoming_viewing_public_key(); + + Self { + secret_spending_key, + private_key_holder, + nullifer_public_key, + incoming_viewing_public_key, + } + } + pub fn calculate_shared_secret_receiver( &self, ephemeral_public_key_sender: EphemeralPublicKey, diff --git a/key_protocol/src/key_management/secret_holders.rs b/key_protocol/src/key_management/secret_holders.rs index 57dea90..f05a641 100644 --- a/key_protocol/src/key_management/secret_holders.rs +++ b/key_protocol/src/key_management/secret_holders.rs @@ -44,6 +44,18 @@ impl SeedHolder { } } + pub fn new_mnemonic(passphrase: String) -> Self { + let mut enthopy_bytes: [u8; 32] = [0; 32]; + OsRng.fill_bytes(&mut enthopy_bytes); + + let mnemonic = Mnemonic::from_entropy(&enthopy_bytes).unwrap(); + let seed_wide = mnemonic.to_seed(passphrase); + + Self { + seed: seed_wide.to_vec(), + } + } + pub fn generate_secret_spending_key_hash(&self) -> HashType { let mut hash = hmac_sha512::HMAC::mac(&self.seed, "NSSA_seed"); diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index b1ebe71..33a007a 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -14,6 +14,8 @@ pub struct NSSAUserData { pub pub_account_signing_keys: HashMap, ///Map for all user private accounts pub user_private_accounts: HashMap, + ///Mnemonic passphrase + pub password: String, } impl NSSAUserData { @@ -64,6 +66,31 @@ impl NSSAUserData { Ok(Self { pub_account_signing_keys: accounts_keys, user_private_accounts: accounts_key_chains, + password: "mnemonic".to_string(), + }) + } + + pub fn new_with_accounts_and_password( + accounts_keys: HashMap, + accounts_key_chains: HashMap, + password: String, + ) -> Result { + if !Self::valid_public_key_transaction_pairing_check(&accounts_keys) { + anyhow::bail!( + "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" + ); + } + + if !Self::valid_private_key_transaction_pairing_check(&accounts_key_chains) { + anyhow::bail!( + "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" + ); + } + + Ok(Self { + pub_account_signing_keys: accounts_keys, + user_private_accounts: accounts_key_chains, + password, }) } @@ -100,6 +127,21 @@ impl NSSAUserData { address } + /// Generated new private key for privacy preserving transactions + /// + /// Returns the address of new account + pub fn generate_new_privacy_preserving_transaction_key_chain_mnemonic( + &mut self, + ) -> nssa::Address { + let key_chain = KeyChain::new_mnemonic(self.password.clone()); + let address = nssa::Address::from(&key_chain.nullifer_public_key); + + self.user_private_accounts + .insert(address, (key_chain, nssa_core::account::Account::default())); + + address + } + /// Returns the signing key for public transaction signatures pub fn get_private_account( &self, From af1e129b6baa70f7c25ecc8b4efa66e4f8de80f0 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Wed, 5 Nov 2025 15:15:29 +0200 Subject: [PATCH 02/14] feat: public keys tree --- key_protocol/src/key_management/key_tree.rs | 205 ++++++++++++++++++++ key_protocol/src/key_management/mod.rs | 1 + 2 files changed, 206 insertions(+) create mode 100644 key_protocol/src/key_management/key_tree.rs diff --git a/key_protocol/src/key_management/key_tree.rs b/key_protocol/src/key_management/key_tree.rs new file mode 100644 index 0000000..8f3772f --- /dev/null +++ b/key_protocol/src/key_management/key_tree.rs @@ -0,0 +1,205 @@ +use std::{ + collections::{BTreeMap, HashMap}, + str::FromStr, + u32, +}; + +use crate::key_management::secret_holders::SeedHolder; + +#[derive(Debug)] +pub struct ChildKeysPublic { + pub csk: nssa::PrivateKey, + pub cpk: nssa::PublicKey, + pub ccc: [u8; 32], + ///Can be None if root + pub cci: Option, +} + +#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone)] +pub struct ChainIndex(Vec); + +impl FromStr for ChainIndex { + type Err = hex::FromHexError; + + fn from_str(s: &str) -> Result { + if s == "" { + return Ok(Self(vec![])); + } + + let hex_decoded = hex::decode(s)?; + + if !hex_decoded.len().is_multiple_of(4) { + Err(hex::FromHexError::InvalidStringLength) + } else { + let mut res_vec = vec![]; + + for i in 0..(hex_decoded.len() / 4) { + res_vec.push(u32::from_le_bytes([ + hex_decoded[4 * i], + hex_decoded[4 * i + 1], + hex_decoded[4 * i + 2], + hex_decoded[4 * i + 3], + ])); + } + + Ok(Self(res_vec)) + } + } +} + +impl ToString for ChainIndex { + fn to_string(&self) -> String { + if self.0.is_empty() { + return "".to_string(); + } + + let mut res_vec = vec![]; + + for index in &self.0 { + res_vec.extend_from_slice(&index.to_le_bytes()); + } + + hex::encode(res_vec) + } +} + +impl ChainIndex { + pub fn next_in_line(&self) -> ChainIndex { + let mut chain = self.0.clone(); + //ToDo: Add overflow check + chain.last_mut().map(|last_p| *last_p += 1); + + ChainIndex(chain) + } + + pub fn n_th_son(&self, son_id: u32) -> ChainIndex { + let mut chain = self.0.clone(); + chain.push(son_id); + + ChainIndex(chain) + } +} + +#[derive(Debug)] +pub struct KeyTreePublic { + pub key_map: BTreeMap, + pub addr_map: HashMap, +} + +impl KeyTreePublic { + pub fn new(seed: &SeedHolder) -> Self { + let seed_fit: [u8; 64] = seed.seed.clone().try_into().unwrap(); + let hash_value = hmac_sha512::HMAC::mac(&seed_fit, "NSSA_master_pub"); + + let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + let cpk = nssa::PublicKey::new_from_private_key(&csk); + let address = nssa::Address::from(&cpk); + + let root_keys = ChildKeysPublic { + csk, + cpk, + ccc, + cci: None, + }; + + let mut key_map = BTreeMap::new(); + let mut addr_map = HashMap::new(); + + key_map.insert(ChainIndex::from_str("").unwrap(), root_keys); + addr_map.insert(address, ChainIndex::from_str("").unwrap()); + + Self { key_map, addr_map } + } + + pub fn find_last_son_of_id(&self, father_id: &ChainIndex) -> Option { + if !self.key_map.contains_key(father_id) { + return None; + } + + let leftmost_son = father_id.n_th_son(u32::MIN); + + if !self.key_map.contains_key(&leftmost_son) { + Some(0) + } else { + let mut right = u32::MAX - 1; + let mut left_border = u32::MIN; + let mut right_border = u32::MAX; + + loop { + let rightmost_son = father_id.n_th_son(right); + + let rightmost_ref = self.key_map.get(&rightmost_son); + let rightmost_ref_next = self.key_map.get(&rightmost_son.next_in_line()); + + match (&rightmost_ref, &rightmost_ref_next) { + (Some(_), Some(_)) => { + left_border = right; + right = (right + right_border) / 2; + } + (Some(_), None) => { + break Some(right); + } + (None, None) => { + right_border = right; + right = (left_border + right) / 2; + } + (None, Some(_)) => { + unreachable!(); + } + } + } + } + } + + pub fn generate_new_pub_keys(&mut self, father_cci: ChainIndex) -> Option { + if !self.key_map.contains_key(&father_cci) { + return None; + } + + let father_keys = self.key_map.get(&father_cci).unwrap(); + let next_son_id = self.find_last_son_of_id(&father_cci).unwrap(); + let next_son_cci = father_cci.n_th_son(next_son_id); + + let mut hash_input = vec![]; + hash_input.extend_from_slice(father_keys.csk.value()); + hash_input.extend_from_slice(&next_son_id.to_le_bytes()); + + let hash_value = hmac_sha512::HMAC::mac(&hash_input, father_keys.ccc); + + let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + let cpk = nssa::PublicKey::new_from_private_key(&csk); + let address = nssa::Address::from(&cpk); + + let child_keys = ChildKeysPublic { + csk, + cpk, + ccc, + cci: None, + }; + + self.key_map.insert(next_son_cci.clone(), child_keys); + self.addr_map.insert(address, next_son_cci); + + Some(address) + } + + pub fn get_pub_keys(&self, addr: nssa::Address) -> Option<&ChildKeysPublic> { + self.addr_map + .get(&addr) + .map(|chain_id| self.key_map.get(chain_id)) + .flatten() + } + + pub fn topology_hexdump(&self) -> String { + let mut hex_dump = String::new(); + + //Very inefficient + for chain_id in self.key_map.keys() { + hex_dump = format!("{hex_dump}{}", chain_id.to_string()); + } + + hex_dump + } +} diff --git a/key_protocol/src/key_management/mod.rs b/key_protocol/src/key_management/mod.rs index b642e13..4c3d5e0 100644 --- a/key_protocol/src/key_management/mod.rs +++ b/key_protocol/src/key_management/mod.rs @@ -8,6 +8,7 @@ use serde::{Deserialize, Serialize}; pub type PublicAccountSigningKey = [u8; 32]; pub mod ephemeral_key_holder; +pub mod key_tree; pub mod secret_holders; #[derive(Serialize, Deserialize, Clone, Debug)] From 4a430622f42ca202bfe9eaa410fd26c7086d5b60 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Thu, 6 Nov 2025 16:50:32 +0200 Subject: [PATCH 03/14] fix: testing and debugging --- key_protocol/src/key_management/key_tree.rs | 429 ++++++++++++++++---- 1 file changed, 357 insertions(+), 72 deletions(-) diff --git a/key_protocol/src/key_management/key_tree.rs b/key_protocol/src/key_management/key_tree.rs index 8f3772f..dd59363 100644 --- a/key_protocol/src/key_management/key_tree.rs +++ b/key_protocol/src/key_management/key_tree.rs @@ -1,20 +1,10 @@ use std::{ collections::{BTreeMap, HashMap}, str::FromStr, - u32, }; use crate::key_management::secret_holders::SeedHolder; -#[derive(Debug)] -pub struct ChildKeysPublic { - pub csk: nssa::PrivateKey, - pub cpk: nssa::PublicKey, - pub ccc: [u8; 32], - ///Can be None if root - pub cci: Option, -} - #[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone)] pub struct ChainIndex(Vec); @@ -22,7 +12,7 @@ impl FromStr for ChainIndex { type Err = hex::FromHexError; fn from_str(s: &str) -> Result { - if s == "" { + if s.is_empty() { return Ok(Self(vec![])); } @@ -47,6 +37,7 @@ impl FromStr for ChainIndex { } } +#[allow(clippy::to_string_trait_impl)] impl ToString for ChainIndex { fn to_string(&self) -> String { if self.0.is_empty() { @@ -64,22 +55,77 @@ impl ToString for ChainIndex { } impl ChainIndex { + pub fn root() -> Self { + ChainIndex::from_str("").unwrap() + } + + pub fn chain(&self) -> &[u32] { + &self.0 + } + pub fn next_in_line(&self) -> ChainIndex { let mut chain = self.0.clone(); //ToDo: Add overflow check - chain.last_mut().map(|last_p| *last_p += 1); + if let Some(last_p) = chain.last_mut() { + *last_p += 1 + } ChainIndex(chain) } - pub fn n_th_son(&self, son_id: u32) -> ChainIndex { + pub fn n_th_child(&self, child_id: u32) -> ChainIndex { let mut chain = self.0.clone(); - chain.push(son_id); + chain.push(child_id); ChainIndex(chain) } } +#[derive(Debug)] +pub struct ChildKeysPublic { + pub csk: nssa::PrivateKey, + pub cpk: nssa::PublicKey, + pub ccc: [u8; 32], + ///Can be None if root + pub cci: Option, +} + +impl ChildKeysPublic { + pub fn root(seed: [u8; 64]) -> Self { + let hash_value = hmac_sha512::HMAC::mac(seed, "NSSA_master_pub"); + + let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + let cpk = nssa::PublicKey::new_from_private_key(&csk); + + Self { + csk, + cpk, + ccc, + cci: None, + } + } + + pub fn n_th_child(&self, cci: u32) -> Self { + let mut hash_input = vec![]; + hash_input.extend_from_slice(self.csk.value()); + hash_input.extend_from_slice(&cci.to_le_bytes()); + + let hash_value = hmac_sha512::HMAC::mac(&hash_input, self.ccc); + + let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + let cpk = nssa::PublicKey::new_from_private_key(&csk); + + Self { + csk, + cpk, + ccc, + cci: Some(cci), + } + } +} + #[derive(Debug)] pub struct KeyTreePublic { pub key_map: BTreeMap, @@ -89,37 +135,27 @@ pub struct KeyTreePublic { impl KeyTreePublic { pub fn new(seed: &SeedHolder) -> Self { let seed_fit: [u8; 64] = seed.seed.clone().try_into().unwrap(); - let hash_value = hmac_sha512::HMAC::mac(&seed_fit, "NSSA_master_pub"); - let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); - let ccc = *hash_value.last_chunk::<32>().unwrap(); - let cpk = nssa::PublicKey::new_from_private_key(&csk); - let address = nssa::Address::from(&cpk); - - let root_keys = ChildKeysPublic { - csk, - cpk, - ccc, - cci: None, - }; + let root_keys = ChildKeysPublic::root(seed_fit); + let address = nssa::Address::from(&root_keys.cpk); let mut key_map = BTreeMap::new(); let mut addr_map = HashMap::new(); - key_map.insert(ChainIndex::from_str("").unwrap(), root_keys); - addr_map.insert(address, ChainIndex::from_str("").unwrap()); + key_map.insert(ChainIndex::root(), root_keys); + addr_map.insert(address, ChainIndex::root()); Self { key_map, addr_map } } - pub fn find_last_son_of_id(&self, father_id: &ChainIndex) -> Option { - if !self.key_map.contains_key(father_id) { + pub fn find_next_last_child_of_id(&self, parent_id: &ChainIndex) -> Option { + if !self.key_map.contains_key(parent_id) { return None; } - let leftmost_son = father_id.n_th_son(u32::MIN); + let leftmost_child = parent_id.n_th_child(u32::MIN); - if !self.key_map.contains_key(&leftmost_son) { + if !self.key_map.contains_key(&leftmost_child) { Some(0) } else { let mut right = u32::MAX - 1; @@ -127,10 +163,10 @@ impl KeyTreePublic { let mut right_border = u32::MAX; loop { - let rightmost_son = father_id.n_th_son(right); + let rightmost_child = parent_id.n_th_child(right); - let rightmost_ref = self.key_map.get(&rightmost_son); - let rightmost_ref_next = self.key_map.get(&rightmost_son.next_in_line()); + let rightmost_ref = self.key_map.get(&rightmost_child); + let rightmost_ref_next = self.key_map.get(&rightmost_child.next_in_line()); match (&rightmost_ref, &rightmost_ref_next) { (Some(_), Some(_)) => { @@ -138,7 +174,7 @@ impl KeyTreePublic { right = (right + right_border) / 2; } (Some(_), None) => { - break Some(right); + break Some(right + 1); } (None, None) => { right_border = right; @@ -152,35 +188,21 @@ impl KeyTreePublic { } } - pub fn generate_new_pub_keys(&mut self, father_cci: ChainIndex) -> Option { - if !self.key_map.contains_key(&father_cci) { + pub fn generate_new_pub_keys(&mut self, parent_cci: ChainIndex) -> Option { + if !self.key_map.contains_key(&parent_cci) { return None; } - let father_keys = self.key_map.get(&father_cci).unwrap(); - let next_son_id = self.find_last_son_of_id(&father_cci).unwrap(); - let next_son_cci = father_cci.n_th_son(next_son_id); + let father_keys = self.key_map.get(&parent_cci).unwrap(); + let next_child_id = self.find_next_last_child_of_id(&parent_cci).unwrap(); + let next_cci = parent_cci.n_th_child(next_child_id); - let mut hash_input = vec![]; - hash_input.extend_from_slice(father_keys.csk.value()); - hash_input.extend_from_slice(&next_son_id.to_le_bytes()); + let child_keys = father_keys.n_th_child(next_child_id); - let hash_value = hmac_sha512::HMAC::mac(&hash_input, father_keys.ccc); + let address = nssa::Address::from(&child_keys.cpk); - let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); - let ccc = *hash_value.last_chunk::<32>().unwrap(); - let cpk = nssa::PublicKey::new_from_private_key(&csk); - let address = nssa::Address::from(&cpk); - - let child_keys = ChildKeysPublic { - csk, - cpk, - ccc, - cci: None, - }; - - self.key_map.insert(next_son_cci.clone(), child_keys); - self.addr_map.insert(address, next_son_cci); + self.key_map.insert(next_cci.clone(), child_keys); + self.addr_map.insert(address, next_cci); Some(address) } @@ -188,18 +210,281 @@ impl KeyTreePublic { pub fn get_pub_keys(&self, addr: nssa::Address) -> Option<&ChildKeysPublic> { self.addr_map .get(&addr) - .map(|chain_id| self.key_map.get(chain_id)) - .flatten() - } - - pub fn topology_hexdump(&self) -> String { - let mut hex_dump = String::new(); - - //Very inefficient - for chain_id in self.key_map.keys() { - hex_dump = format!("{hex_dump}{}", chain_id.to_string()); - } - - hex_dump + .and_then(|chain_id| self.key_map.get(chain_id)) + } +} + +#[cfg(test)] +mod tests { + use nssa::Address; + + use super::*; + + #[test] + fn test_chain_id_root_correct() { + let chain_id = ChainIndex::root(); + let chain_id_2 = ChainIndex::from_str("").unwrap(); + + assert_eq!(chain_id, chain_id_2); + } + + #[test] + fn test_chain_id_deser_correct() { + let chain_id = ChainIndex::from_str("01010000").unwrap(); + + assert_eq!(chain_id.chain(), &[257]); + } + + #[test] + fn test_chain_id_next_in_line_correct() { + let chain_id = ChainIndex::from_str("01010000").unwrap(); + let next_in_line = chain_id.next_in_line(); + + assert_eq!(next_in_line, ChainIndex::from_str("02010000").unwrap()); + } + + #[test] + fn test_chain_id_child_correct() { + let chain_id = ChainIndex::from_str("01010000").unwrap(); + let child = chain_id.n_th_child(3); + + assert_eq!(child, ChainIndex::from_str("0101000003000000").unwrap()); + } + + #[test] + fn test_keys_deterministic_generation() { + let root_keys = ChildKeysPublic::root([42; 64]); + let child_keys = root_keys.n_th_child(5); + + assert_eq!(root_keys.cci, None); + assert_eq!(child_keys.cci, Some(5)); + + assert_eq!( + root_keys.ccc, + [ + 61, 30, 91, 26, 133, 91, 236, 192, 231, 53, 186, 139, 11, 221, 202, 11, 178, 215, + 254, 103, 191, 60, 117, 112, 1, 226, 31, 156, 83, 104, 150, 224 + ] + ); + assert_eq!( + child_keys.ccc, + [ + 67, 26, 102, 68, 189, 155, 102, 80, 199, 188, 112, 142, 207, 157, 36, 210, 48, 224, + 35, 6, 112, 180, 11, 190, 135, 218, 9, 14, 84, 231, 58, 98 + ] + ); + + assert_eq!( + root_keys.csk.value(), + &[ + 241, 82, 246, 237, 62, 130, 116, 47, 189, 112, 99, 67, 178, 40, 115, 245, 141, 193, + 77, 164, 243, 76, 222, 64, 50, 146, 23, 145, 91, 164, 92, 116 + ] + ); + assert_eq!( + child_keys.csk.value(), + &[ + 11, 151, 27, 212, 167, 26, 77, 234, 103, 145, 53, 191, 184, 25, 240, 191, 156, 25, + 60, 144, 65, 22, 193, 163, 246, 227, 212, 81, 49, 170, 33, 158 + ] + ); + + assert_eq!( + root_keys.cpk.value(), + &[ + 220, 170, 95, 177, 121, 37, 86, 166, 56, 238, 232, 72, 21, 106, 107, 217, 158, 74, + 133, 91, 143, 244, 155, 15, 2, 230, 223, 169, 13, 20, 163, 138 + ] + ); + assert_eq!( + child_keys.cpk.value(), + &[ + 152, 249, 236, 111, 132, 96, 184, 122, 21, 179, 240, 15, 234, 155, 164, 144, 108, + 110, 120, 74, 176, 147, 196, 168, 243, 186, 203, 79, 97, 17, 194, 52 + ] + ); + } + + fn seed_holder_for_tests() -> SeedHolder { + SeedHolder { + seed: [42; 64].to_vec(), + } + } + + #[test] + fn test_simple_key_tree() { + let seed_holder = seed_holder_for_tests(); + + let tree = KeyTreePublic::new(&seed_holder); + + assert!(tree.key_map.contains_key(&ChainIndex::root())); + assert!(tree.addr_map.contains_key(&Address::new([ + 46, 223, 229, 177, 59, 18, 189, 219, 153, 31, 249, 90, 112, 230, 180, 164, 80, 25, 106, + 159, 14, 238, 1, 192, 91, 8, 210, 165, 199, 41, 60, 104, + ]))); + } + + #[test] + fn test_small_key_tree() { + let seed_holder = seed_holder_for_tests(); + + let mut tree = KeyTreePublic::new(&seed_holder); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 0); + + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("00000000").unwrap()) + ); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 1); + + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 7); + } + + #[test] + fn test_key_tree_can_not_make_child_keys() { + let seed_holder = seed_holder_for_tests(); + + let mut tree = KeyTreePublic::new(&seed_holder); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 0); + + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("00000000").unwrap()) + ); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 1); + + let key_opt = tree.generate_new_pub_keys(ChainIndex::from_str("03000000").unwrap()); + + assert_eq!(key_opt, None); + } + + #[test] + fn test_key_tree_complex_structure() { + let seed_holder = seed_holder_for_tests(); + + let mut tree = KeyTreePublic::new(&seed_holder); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 0); + + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("00000000").unwrap()) + ); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 1); + + tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("01000000").unwrap()) + ); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::root()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 2); + + tree.generate_new_pub_keys(ChainIndex::from_str("00000000").unwrap()) + .unwrap(); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::from_str("00000000").unwrap()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 1); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("0000000000000000").unwrap()) + ); + + tree.generate_new_pub_keys(ChainIndex::from_str("00000000").unwrap()) + .unwrap(); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::from_str("00000000").unwrap()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 2); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("0000000001000000").unwrap()) + ); + + tree.generate_new_pub_keys(ChainIndex::from_str("00000000").unwrap()) + .unwrap(); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::from_str("00000000").unwrap()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 3); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("0000000002000000").unwrap()) + ); + + tree.generate_new_pub_keys(ChainIndex::from_str("0000000001000000").unwrap()) + .unwrap(); + + assert!( + tree.key_map + .contains_key(&ChainIndex::from_str("000000000100000000000000").unwrap()) + ); + + let next_last_child_for_parent_id = tree + .find_next_last_child_of_id(&ChainIndex::from_str("0000000001000000").unwrap()) + .unwrap(); + + assert_eq!(next_last_child_for_parent_id, 1); } } From d9a130cc55eb9fe154ba434bb35c1c60fbb6b2ea Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Fri, 7 Nov 2025 16:21:14 +0200 Subject: [PATCH 04/14] feat: private tree --- .../key_management/key_tree/chain_index.rs | 115 ++++++++ .../key_management/key_tree/keys_private.rs | 201 ++++++++++++++ .../key_management/key_tree/keys_public.rs | 119 +++++++++ .../{key_tree.rs => key_tree/mod.rs} | 245 ++---------------- .../src/key_management/key_tree/traits.rs | 11 + .../src/key_management/secret_holders.rs | 4 +- key_protocol/src/key_protocol_core/mod.rs | 34 ++- nssa/src/signature/public_key.rs | 3 +- 8 files changed, 498 insertions(+), 234 deletions(-) create mode 100644 key_protocol/src/key_management/key_tree/chain_index.rs create mode 100644 key_protocol/src/key_management/key_tree/keys_private.rs create mode 100644 key_protocol/src/key_management/key_tree/keys_public.rs rename key_protocol/src/key_management/{key_tree.rs => key_tree/mod.rs} (56%) create mode 100644 key_protocol/src/key_management/key_tree/traits.rs diff --git a/key_protocol/src/key_management/key_tree/chain_index.rs b/key_protocol/src/key_management/key_tree/chain_index.rs new file mode 100644 index 0000000..dad9b2a --- /dev/null +++ b/key_protocol/src/key_management/key_tree/chain_index.rs @@ -0,0 +1,115 @@ +use std::str::FromStr; + +use serde::{Deserialize, Serialize}; + +#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone, Serialize, Deserialize)] +pub struct ChainIndex(Vec); + +impl FromStr for ChainIndex { + type Err = hex::FromHexError; + + fn from_str(s: &str) -> Result { + if s.is_empty() { + return Ok(Self(vec![])); + } + + let hex_decoded = hex::decode(s)?; + + if !hex_decoded.len().is_multiple_of(4) { + Err(hex::FromHexError::InvalidStringLength) + } else { + let mut res_vec = vec![]; + + for i in 0..(hex_decoded.len() / 4) { + res_vec.push(u32::from_le_bytes([ + hex_decoded[4 * i], + hex_decoded[4 * i + 1], + hex_decoded[4 * i + 2], + hex_decoded[4 * i + 3], + ])); + } + + Ok(Self(res_vec)) + } + } +} + +#[allow(clippy::to_string_trait_impl)] +impl ToString for ChainIndex { + fn to_string(&self) -> String { + if self.0.is_empty() { + return "".to_string(); + } + + let mut res_vec = vec![]; + + for index in &self.0 { + res_vec.extend_from_slice(&index.to_le_bytes()); + } + + hex::encode(res_vec) + } +} + +impl ChainIndex { + pub fn root() -> Self { + ChainIndex::from_str("").unwrap() + } + + pub fn chain(&self) -> &[u32] { + &self.0 + } + + pub fn next_in_line(&self) -> ChainIndex { + let mut chain = self.0.clone(); + //ToDo: Add overflow check + if let Some(last_p) = chain.last_mut() { + *last_p += 1 + } + + ChainIndex(chain) + } + + pub fn n_th_child(&self, child_id: u32) -> ChainIndex { + let mut chain = self.0.clone(); + chain.push(child_id); + + ChainIndex(chain) + } +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_chain_id_root_correct() { + let chain_id = ChainIndex::root(); + let chain_id_2 = ChainIndex::from_str("").unwrap(); + + assert_eq!(chain_id, chain_id_2); + } + + #[test] + fn test_chain_id_deser_correct() { + let chain_id = ChainIndex::from_str("01010000").unwrap(); + + assert_eq!(chain_id.chain(), &[257]); + } + + #[test] + fn test_chain_id_next_in_line_correct() { + let chain_id = ChainIndex::from_str("01010000").unwrap(); + let next_in_line = chain_id.next_in_line(); + + assert_eq!(next_in_line, ChainIndex::from_str("02010000").unwrap()); + } + + #[test] + fn test_chain_id_child_correct() { + let chain_id = ChainIndex::from_str("01010000").unwrap(); + let child = chain_id.n_th_child(3); + + assert_eq!(child, ChainIndex::from_str("0101000003000000").unwrap()); + } +} diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs new file mode 100644 index 0000000..46ade9f --- /dev/null +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -0,0 +1,201 @@ +use k256::{Scalar, elliptic_curve::PrimeField}; +use nssa_core::{NullifierPublicKey, NullifierSecretKey, encryption::IncomingViewingPublicKey}; +use serde::{Deserialize, Serialize}; + +use crate::key_management::{ + key_tree::traits::KeyNode, + secret_holders::{IncomingViewingSecretKey, OutgoingViewingSecretKey, SecretSpendingKey}, +}; + +#[derive(Debug, Serialize, Deserialize, Clone)] +pub struct ChildKeysPrivate { + pub ssk: SecretSpendingKey, + pub nsk: NullifierSecretKey, + pub isk: IncomingViewingSecretKey, + pub ovk: OutgoingViewingSecretKey, + pub npk: NullifierPublicKey, + pub ipk: IncomingViewingPublicKey, + pub ccc: [u8; 32], + ///Can be None if root + pub cci: Option, + pub account: nssa::Account, +} + +impl KeyNode for ChildKeysPrivate { + fn root(seed: [u8; 64]) -> Self { + let hash_value = hmac_sha512::HMAC::mac(seed, "NSSA_master_priv"); + + let ssk = SecretSpendingKey(*hash_value.first_chunk::<32>().unwrap()); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + + let nsk = ssk.generate_nullifier_secret_key(); + let isk = ssk.generate_incoming_viewing_secret_key(); + let ovk = ssk.generate_outgoing_viewing_secret_key(); + + let npk = (&nsk).into(); + let ipk = IncomingViewingPublicKey::from_scalar(isk); + + Self { + ssk, + nsk, + isk, + ovk, + npk, + ipk, + ccc, + cci: None, + account: nssa::Account::default(), + } + } + + fn n_th_child(&self, cci: u32) -> Self { + let parent_pt = Scalar::from_repr(self.ovk.into()).unwrap() + + Scalar::from_repr(self.nsk.into()).unwrap() + * Scalar::from_repr(self.isk.into()).unwrap(); + let mut input = vec![]; + + input.extend_from_slice(b"NSSA_seed_priv"); + input.extend_from_slice(&parent_pt.to_bytes()); + input.extend_from_slice(&cci.to_le_bytes()); + + let hash_value = hmac_sha512::HMAC::mac(input, self.ccc); + + let ssk = SecretSpendingKey(*hash_value.first_chunk::<32>().unwrap()); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + + let nsk = ssk.generate_nullifier_secret_key(); + let isk = ssk.generate_incoming_viewing_secret_key(); + let ovk = ssk.generate_outgoing_viewing_secret_key(); + + let npk = (&nsk).into(); + let ipk = IncomingViewingPublicKey::from_scalar(isk); + + Self { + ssk, + nsk, + isk, + ovk, + npk, + ipk, + ccc, + cci: Some(cci), + account: nssa::Account::default(), + } + } + + fn chain_code(&self) -> &[u8; 32] { + &self.ccc + } + + fn child_index(&self) -> &Option { + &self.cci + } + + fn address(&self) -> nssa::Address { + nssa::Address::from(&self.npk) + } +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_keys_deterministic_generation() { + let root_keys = ChildKeysPrivate::root([42; 64]); + let child_keys = root_keys.n_th_child(5); + + assert_eq!(root_keys.cci, None); + assert_eq!(child_keys.cci, Some(5)); + + assert_eq!( + root_keys.ssk.0, + [ + 249, 83, 253, 32, 174, 204, 185, 44, 253, 167, 61, 92, 128, 5, 152, 4, 220, 21, 88, + 84, 167, 180, 154, 249, 44, 77, 33, 136, 59, 131, 203, 152 + ] + ); + assert_eq!( + child_keys.ssk.0, + [ + 16, 242, 229, 242, 252, 158, 153, 210, 234, 120, 70, 85, 83, 196, 5, 53, 28, 26, + 187, 230, 22, 193, 146, 232, 237, 3, 166, 184, 122, 1, 233, 93 + ] + ); + + assert_eq!( + root_keys.nsk, + [ + 38, 195, 52, 182, 16, 66, 167, 156, 9, 14, 65, 100, 17, 93, 166, 71, 27, 148, 93, + 85, 116, 109, 130, 8, 195, 222, 159, 214, 141, 41, 124, 57 + ] + ); + assert_eq!( + child_keys.nsk, + [ + 215, 46, 2, 151, 174, 60, 86, 154, 5, 3, 175, 245, 12, 176, 220, 58, 250, 118, 236, + 49, 254, 221, 229, 58, 40, 1, 170, 145, 175, 108, 23, 170 + ] + ); + + assert_eq!( + root_keys.isk, + [ + 153, 161, 15, 34, 96, 184, 165, 165, 27, 244, 155, 40, 70, 5, 241, 133, 78, 40, 61, + 118, 48, 148, 226, 5, 97, 18, 201, 128, 82, 248, 163, 72 + ] + ); + assert_eq!( + child_keys.isk, + [ + 192, 155, 55, 43, 164, 115, 71, 145, 227, 225, 21, 57, 55, 12, 226, 44, 10, 103, + 39, 73, 230, 173, 60, 69, 69, 122, 110, 241, 164, 3, 192, 57 + ] + ); + + assert_eq!( + root_keys.ovk, + [ + 205, 87, 71, 129, 90, 242, 217, 200, 140, 252, 124, 46, 207, 7, 33, 156, 83, 166, + 150, 81, 98, 131, 182, 156, 110, 92, 78, 140, 125, 218, 152, 154 + ] + ); + assert_eq!( + child_keys.ovk, + [ + 131, 202, 219, 172, 219, 29, 48, 120, 226, 209, 209, 10, 216, 173, 48, 167, 233, + 17, 35, 155, 30, 217, 176, 120, 72, 146, 250, 226, 165, 178, 255, 90 + ] + ); + + assert_eq!( + root_keys.npk.0, + [ + 65, 176, 149, 243, 192, 45, 216, 177, 169, 56, 229, 7, 28, 66, 204, 87, 109, 83, + 152, 64, 14, 188, 179, 210, 147, 60, 22, 251, 203, 70, 89, 215 + ] + ); + assert_eq!( + child_keys.npk.0, + [ + 69, 104, 130, 115, 48, 134, 19, 188, 67, 148, 163, 54, 155, 237, 57, 27, 136, 228, + 111, 233, 205, 158, 149, 31, 84, 11, 241, 176, 243, 12, 138, 249 + ] + ); + + assert_eq!( + root_keys.ipk.0, + &[ + 3, 174, 56, 136, 244, 179, 18, 122, 38, 220, 36, 50, 200, 41, 104, 167, 70, 18, 60, + 202, 93, 193, 29, 16, 125, 252, 96, 51, 199, 152, 47, 233, 178 + ] + ); + assert_eq!( + child_keys.ipk.0, + &[ + 3, 18, 202, 246, 79, 141, 169, 51, 55, 202, 120, 169, 244, 201, 156, 162, 216, 115, + 126, 53, 46, 94, 235, 125, 114, 178, 215, 81, 171, 93, 93, 88, 117 + ] + ); + } +} diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs new file mode 100644 index 0000000..4e1bf1e --- /dev/null +++ b/key_protocol/src/key_management/key_tree/keys_public.rs @@ -0,0 +1,119 @@ +use serde::{Deserialize, Serialize}; + +use crate::key_management::key_tree::traits::KeyNode; + +#[derive(Debug, Serialize, Deserialize, Clone)] +pub struct ChildKeysPublic { + pub csk: nssa::PrivateKey, + pub cpk: nssa::PublicKey, + pub ccc: [u8; 32], + ///Can be None if root + pub cci: Option, +} + +impl KeyNode for ChildKeysPublic { + fn root(seed: [u8; 64]) -> Self { + let hash_value = hmac_sha512::HMAC::mac(seed, "NSSA_master_pub"); + + let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + let cpk = nssa::PublicKey::new_from_private_key(&csk); + + Self { + csk, + cpk, + ccc, + cci: None, + } + } + + fn n_th_child(&self, cci: u32) -> Self { + let mut hash_input = vec![]; + hash_input.extend_from_slice(self.csk.value()); + hash_input.extend_from_slice(&cci.to_le_bytes()); + + let hash_value = hmac_sha512::HMAC::mac(&hash_input, self.ccc); + + let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); + let ccc = *hash_value.last_chunk::<32>().unwrap(); + let cpk = nssa::PublicKey::new_from_private_key(&csk); + + Self { + csk, + cpk, + ccc, + cci: Some(cci), + } + } + + fn chain_code(&self) -> &[u8; 32] { + &self.ccc + } + + fn child_index(&self) -> &Option { + &self.cci + } + + fn address(&self) -> nssa::Address { + nssa::Address::from(&self.cpk) + } +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_keys_deterministic_generation() { + let root_keys = ChildKeysPublic::root([42; 64]); + let child_keys = root_keys.n_th_child(5); + + assert_eq!(root_keys.cci, None); + assert_eq!(child_keys.cci, Some(5)); + + assert_eq!( + root_keys.ccc, + [ + 61, 30, 91, 26, 133, 91, 236, 192, 231, 53, 186, 139, 11, 221, 202, 11, 178, 215, + 254, 103, 191, 60, 117, 112, 1, 226, 31, 156, 83, 104, 150, 224 + ] + ); + assert_eq!( + child_keys.ccc, + [ + 67, 26, 102, 68, 189, 155, 102, 80, 199, 188, 112, 142, 207, 157, 36, 210, 48, 224, + 35, 6, 112, 180, 11, 190, 135, 218, 9, 14, 84, 231, 58, 98 + ] + ); + + assert_eq!( + root_keys.csk.value(), + &[ + 241, 82, 246, 237, 62, 130, 116, 47, 189, 112, 99, 67, 178, 40, 115, 245, 141, 193, + 77, 164, 243, 76, 222, 64, 50, 146, 23, 145, 91, 164, 92, 116 + ] + ); + assert_eq!( + child_keys.csk.value(), + &[ + 11, 151, 27, 212, 167, 26, 77, 234, 103, 145, 53, 191, 184, 25, 240, 191, 156, 25, + 60, 144, 65, 22, 193, 163, 246, 227, 212, 81, 49, 170, 33, 158 + ] + ); + + assert_eq!( + root_keys.cpk.value(), + &[ + 220, 170, 95, 177, 121, 37, 86, 166, 56, 238, 232, 72, 21, 106, 107, 217, 158, 74, + 133, 91, 143, 244, 155, 15, 2, 230, 223, 169, 13, 20, 163, 138 + ] + ); + assert_eq!( + child_keys.cpk.value(), + &[ + 152, 249, 236, 111, 132, 96, 184, 122, 21, 179, 240, 15, 234, 155, 164, 144, 108, + 110, 120, 74, 176, 147, 196, 168, 243, 186, 203, 79, 97, 17, 194, 52 + ] + ); + } +} diff --git a/key_protocol/src/key_management/key_tree.rs b/key_protocol/src/key_management/key_tree/mod.rs similarity index 56% rename from key_protocol/src/key_management/key_tree.rs rename to key_protocol/src/key_management/key_tree/mod.rs index dd59363..c21cc6e 100644 --- a/key_protocol/src/key_management/key_tree.rs +++ b/key_protocol/src/key_management/key_tree/mod.rs @@ -1,143 +1,35 @@ -use std::{ - collections::{BTreeMap, HashMap}, - str::FromStr, +use std::collections::{BTreeMap, HashMap}; + +use serde::{Deserialize, Serialize}; + +use crate::key_management::{ + key_tree::{ + chain_index::ChainIndex, keys_private::ChildKeysPrivate, keys_public::ChildKeysPublic, + traits::KeyNode, + }, + secret_holders::SeedHolder, }; -use crate::key_management::secret_holders::SeedHolder; +pub mod chain_index; +pub mod keys_private; +pub mod keys_public; +pub mod traits; -#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone)] -pub struct ChainIndex(Vec); - -impl FromStr for ChainIndex { - type Err = hex::FromHexError; - - fn from_str(s: &str) -> Result { - if s.is_empty() { - return Ok(Self(vec![])); - } - - let hex_decoded = hex::decode(s)?; - - if !hex_decoded.len().is_multiple_of(4) { - Err(hex::FromHexError::InvalidStringLength) - } else { - let mut res_vec = vec![]; - - for i in 0..(hex_decoded.len() / 4) { - res_vec.push(u32::from_le_bytes([ - hex_decoded[4 * i], - hex_decoded[4 * i + 1], - hex_decoded[4 * i + 2], - hex_decoded[4 * i + 3], - ])); - } - - Ok(Self(res_vec)) - } - } -} - -#[allow(clippy::to_string_trait_impl)] -impl ToString for ChainIndex { - fn to_string(&self) -> String { - if self.0.is_empty() { - return "".to_string(); - } - - let mut res_vec = vec![]; - - for index in &self.0 { - res_vec.extend_from_slice(&index.to_le_bytes()); - } - - hex::encode(res_vec) - } -} - -impl ChainIndex { - pub fn root() -> Self { - ChainIndex::from_str("").unwrap() - } - - pub fn chain(&self) -> &[u32] { - &self.0 - } - - pub fn next_in_line(&self) -> ChainIndex { - let mut chain = self.0.clone(); - //ToDo: Add overflow check - if let Some(last_p) = chain.last_mut() { - *last_p += 1 - } - - ChainIndex(chain) - } - - pub fn n_th_child(&self, child_id: u32) -> ChainIndex { - let mut chain = self.0.clone(); - chain.push(child_id); - - ChainIndex(chain) - } -} - -#[derive(Debug)] -pub struct ChildKeysPublic { - pub csk: nssa::PrivateKey, - pub cpk: nssa::PublicKey, - pub ccc: [u8; 32], - ///Can be None if root - pub cci: Option, -} - -impl ChildKeysPublic { - pub fn root(seed: [u8; 64]) -> Self { - let hash_value = hmac_sha512::HMAC::mac(seed, "NSSA_master_pub"); - - let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); - let ccc = *hash_value.last_chunk::<32>().unwrap(); - let cpk = nssa::PublicKey::new_from_private_key(&csk); - - Self { - csk, - cpk, - ccc, - cci: None, - } - } - - pub fn n_th_child(&self, cci: u32) -> Self { - let mut hash_input = vec![]; - hash_input.extend_from_slice(self.csk.value()); - hash_input.extend_from_slice(&cci.to_le_bytes()); - - let hash_value = hmac_sha512::HMAC::mac(&hash_input, self.ccc); - - let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); - let ccc = *hash_value.last_chunk::<32>().unwrap(); - let cpk = nssa::PublicKey::new_from_private_key(&csk); - - Self { - csk, - cpk, - ccc, - cci: Some(cci), - } - } -} - -#[derive(Debug)] -pub struct KeyTreePublic { - pub key_map: BTreeMap, +#[derive(Debug, Serialize, Deserialize, Clone)] +pub struct KeyTree { + pub key_map: BTreeMap, pub addr_map: HashMap, } -impl KeyTreePublic { +pub type KeyTreePublic = KeyTree; +pub type KeyTreePrivate = KeyTree; + +impl KeyTree { pub fn new(seed: &SeedHolder) -> Self { let seed_fit: [u8; 64] = seed.seed.clone().try_into().unwrap(); - let root_keys = ChildKeysPublic::root(seed_fit); - let address = nssa::Address::from(&root_keys.cpk); + let root_keys = Node::root(seed_fit); + let address = root_keys.address(); let mut key_map = BTreeMap::new(); let mut addr_map = HashMap::new(); @@ -199,7 +91,7 @@ impl KeyTreePublic { let child_keys = father_keys.n_th_child(next_child_id); - let address = nssa::Address::from(&child_keys.cpk); + let address = child_keys.address(); self.key_map.insert(next_cci.clone(), child_keys); self.addr_map.insert(address, next_cci); @@ -207,7 +99,7 @@ impl KeyTreePublic { Some(address) } - pub fn get_pub_keys(&self, addr: nssa::Address) -> Option<&ChildKeysPublic> { + pub fn get_pub_keys(&self, addr: nssa::Address) -> Option<&Node> { self.addr_map .get(&addr) .and_then(|chain_id| self.key_map.get(chain_id)) @@ -216,95 +108,12 @@ impl KeyTreePublic { #[cfg(test)] mod tests { + use std::str::FromStr; + use nssa::Address; use super::*; - #[test] - fn test_chain_id_root_correct() { - let chain_id = ChainIndex::root(); - let chain_id_2 = ChainIndex::from_str("").unwrap(); - - assert_eq!(chain_id, chain_id_2); - } - - #[test] - fn test_chain_id_deser_correct() { - let chain_id = ChainIndex::from_str("01010000").unwrap(); - - assert_eq!(chain_id.chain(), &[257]); - } - - #[test] - fn test_chain_id_next_in_line_correct() { - let chain_id = ChainIndex::from_str("01010000").unwrap(); - let next_in_line = chain_id.next_in_line(); - - assert_eq!(next_in_line, ChainIndex::from_str("02010000").unwrap()); - } - - #[test] - fn test_chain_id_child_correct() { - let chain_id = ChainIndex::from_str("01010000").unwrap(); - let child = chain_id.n_th_child(3); - - assert_eq!(child, ChainIndex::from_str("0101000003000000").unwrap()); - } - - #[test] - fn test_keys_deterministic_generation() { - let root_keys = ChildKeysPublic::root([42; 64]); - let child_keys = root_keys.n_th_child(5); - - assert_eq!(root_keys.cci, None); - assert_eq!(child_keys.cci, Some(5)); - - assert_eq!( - root_keys.ccc, - [ - 61, 30, 91, 26, 133, 91, 236, 192, 231, 53, 186, 139, 11, 221, 202, 11, 178, 215, - 254, 103, 191, 60, 117, 112, 1, 226, 31, 156, 83, 104, 150, 224 - ] - ); - assert_eq!( - child_keys.ccc, - [ - 67, 26, 102, 68, 189, 155, 102, 80, 199, 188, 112, 142, 207, 157, 36, 210, 48, 224, - 35, 6, 112, 180, 11, 190, 135, 218, 9, 14, 84, 231, 58, 98 - ] - ); - - assert_eq!( - root_keys.csk.value(), - &[ - 241, 82, 246, 237, 62, 130, 116, 47, 189, 112, 99, 67, 178, 40, 115, 245, 141, 193, - 77, 164, 243, 76, 222, 64, 50, 146, 23, 145, 91, 164, 92, 116 - ] - ); - assert_eq!( - child_keys.csk.value(), - &[ - 11, 151, 27, 212, 167, 26, 77, 234, 103, 145, 53, 191, 184, 25, 240, 191, 156, 25, - 60, 144, 65, 22, 193, 163, 246, 227, 212, 81, 49, 170, 33, 158 - ] - ); - - assert_eq!( - root_keys.cpk.value(), - &[ - 220, 170, 95, 177, 121, 37, 86, 166, 56, 238, 232, 72, 21, 106, 107, 217, 158, 74, - 133, 91, 143, 244, 155, 15, 2, 230, 223, 169, 13, 20, 163, 138 - ] - ); - assert_eq!( - child_keys.cpk.value(), - &[ - 152, 249, 236, 111, 132, 96, 184, 122, 21, 179, 240, 15, 234, 155, 164, 144, 108, - 110, 120, 74, 176, 147, 196, 168, 243, 186, 203, 79, 97, 17, 194, 52 - ] - ); - } - fn seed_holder_for_tests() -> SeedHolder { SeedHolder { seed: [42; 64].to_vec(), diff --git a/key_protocol/src/key_management/key_tree/traits.rs b/key_protocol/src/key_management/key_tree/traits.rs new file mode 100644 index 0000000..662481a --- /dev/null +++ b/key_protocol/src/key_management/key_tree/traits.rs @@ -0,0 +1,11 @@ +pub trait KeyNode { + fn root(seed: [u8; 64]) -> Self; + + fn n_th_child(&self, cci: u32) -> Self; + + fn chain_code(&self) -> &[u8; 32]; + + fn child_index(&self) -> &Option; + + fn address(&self) -> nssa::Address; +} diff --git a/key_protocol/src/key_management/secret_holders.rs b/key_protocol/src/key_management/secret_holders.rs index f05a641..ee7aced 100644 --- a/key_protocol/src/key_management/secret_holders.rs +++ b/key_protocol/src/key_management/secret_holders.rs @@ -45,8 +45,8 @@ impl SeedHolder { } pub fn new_mnemonic(passphrase: String) -> Self { - let mut enthopy_bytes: [u8; 32] = [0; 32]; - OsRng.fill_bytes(&mut enthopy_bytes); + //Enthropy bytes must be deterministic as well + let enthopy_bytes: [u8; 32] = [0; 32]; let mnemonic = Mnemonic::from_entropy(&enthopy_bytes).unwrap(); let seed_wide = mnemonic.to_seed(passphrase); diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index 33a007a..6731da8 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -4,18 +4,26 @@ use anyhow::Result; use k256::AffinePoint; use serde::{Deserialize, Serialize}; -use crate::key_management::KeyChain; +use crate::key_management::{ + KeyChain, + key_tree::{KeyTreePrivate, KeyTreePublic, chain_index::ChainIndex}, +}; pub type PublicKey = AffinePoint; #[derive(Clone, Debug, Serialize, Deserialize)] pub struct NSSAUserData { - ///Map for all user public accounts - pub pub_account_signing_keys: HashMap, - ///Map for all user private accounts - pub user_private_accounts: HashMap, + ///Default public accounts + pub default_pub_account_signing_keys: HashMap, + ///Default private accounts + pub default_user_private_accounts: + HashMap, ///Mnemonic passphrase pub password: String, + /// Tree of public keys + pub public_key_tree: KeyTreePublic, + /// Tree of private keys + pub private_key_tree: KeyTreePrivate, } impl NSSAUserData { @@ -97,13 +105,13 @@ impl NSSAUserData { /// Generated new private key for public transaction signatures /// /// Returns the address of new account - pub fn generate_new_public_transaction_private_key(&mut self) -> nssa::Address { - let private_key = nssa::PrivateKey::new_os_random(); - let address = nssa::Address::from(&nssa::PublicKey::new_from_private_key(&private_key)); - - self.pub_account_signing_keys.insert(address, private_key); - - address + pub fn generate_new_public_transaction_private_key( + &mut self, + parent_cci: ChainIndex, + ) -> nssa::Address { + self.public_key_tree + .generate_new_pub_keys(parent_cci) + .unwrap() } /// Returns the signing key for public transaction signatures @@ -111,7 +119,7 @@ impl NSSAUserData { &self, address: &nssa::Address, ) -> Option<&nssa::PrivateKey> { - self.pub_account_signing_keys.get(address) + self.public_key_tree.get_pub_keys(address) } /// Generated new private key for privacy preserving transactions diff --git a/nssa/src/signature/public_key.rs b/nssa/src/signature/public_key.rs index dbd7d64..095025d 100644 --- a/nssa/src/signature/public_key.rs +++ b/nssa/src/signature/public_key.rs @@ -1,10 +1,11 @@ use nssa_core::address::Address; +use serde::{Deserialize, Serialize}; use crate::{PrivateKey, error::NssaError}; use sha2::{Digest, Sha256}; -#[derive(Debug, Clone, PartialEq, Eq)] +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] pub struct PublicKey([u8; 32]); impl PublicKey { From 20c276e63eb0c75a553bf5b3454fa6e67732d981 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Mon, 10 Nov 2025 16:29:33 +0200 Subject: [PATCH 05/14] fix: continuation of integration --- .../key_management/key_tree/keys_private.rs | 128 ++++++++++++------ .../key_management/key_tree/keys_public.rs | 6 + .../src/key_management/key_tree/mod.rs | 45 +++--- key_protocol/src/key_management/mod.rs | 2 +- key_protocol/src/key_protocol_core/mod.rs | 111 +++++++++------ wallet/src/chain_storage/mod.rs | 69 ++++++---- wallet/src/cli/account.rs | 22 ++- wallet/src/config.rs | 15 +- wallet/src/helperfunctions.rs | 31 +++-- wallet/src/lib.rs | 22 ++- 10 files changed, 290 insertions(+), 161 deletions(-) diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs index 46ade9f..84b44fa 100644 --- a/key_protocol/src/key_management/key_tree/keys_private.rs +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -1,24 +1,19 @@ use k256::{Scalar, elliptic_curve::PrimeField}; -use nssa_core::{NullifierPublicKey, NullifierSecretKey, encryption::IncomingViewingPublicKey}; +use nssa_core::encryption::IncomingViewingPublicKey; use serde::{Deserialize, Serialize}; use crate::key_management::{ + KeyChain, key_tree::traits::KeyNode, - secret_holders::{IncomingViewingSecretKey, OutgoingViewingSecretKey, SecretSpendingKey}, + secret_holders::{PrivateKeyHolder, SecretSpendingKey}, }; #[derive(Debug, Serialize, Deserialize, Clone)] pub struct ChildKeysPrivate { - pub ssk: SecretSpendingKey, - pub nsk: NullifierSecretKey, - pub isk: IncomingViewingSecretKey, - pub ovk: OutgoingViewingSecretKey, - pub npk: NullifierPublicKey, - pub ipk: IncomingViewingPublicKey, + pub value: (KeyChain, nssa::Account), pub ccc: [u8; 32], ///Can be None if root pub cci: Option, - pub account: nssa::Account, } impl KeyNode for ChildKeysPrivate { @@ -36,22 +31,43 @@ impl KeyNode for ChildKeysPrivate { let ipk = IncomingViewingPublicKey::from_scalar(isk); Self { - ssk, - nsk, - isk, - ovk, - npk, - ipk, + value: ( + KeyChain { + secret_spending_key: ssk, + nullifer_public_key: npk, + incoming_viewing_public_key: ipk, + private_key_holder: PrivateKeyHolder { + nullifier_secret_key: nsk, + incoming_viewing_secret_key: isk, + outgoing_viewing_secret_key: ovk, + }, + }, + nssa::Account::default(), + ), ccc, cci: None, - account: nssa::Account::default(), } } fn n_th_child(&self, cci: u32) -> Self { - let parent_pt = Scalar::from_repr(self.ovk.into()).unwrap() - + Scalar::from_repr(self.nsk.into()).unwrap() - * Scalar::from_repr(self.isk.into()).unwrap(); + let parent_pt = Scalar::from_repr( + self.value + .0 + .private_key_holder + .outgoing_viewing_secret_key + .into(), + ) + .unwrap() + + Scalar::from_repr(self.value.0.private_key_holder.nullifier_secret_key.into()) + .unwrap() + * Scalar::from_repr( + self.value + .0 + .private_key_holder + .incoming_viewing_secret_key + .into(), + ) + .unwrap(); let mut input = vec![]; input.extend_from_slice(b"NSSA_seed_priv"); @@ -71,15 +87,21 @@ impl KeyNode for ChildKeysPrivate { let ipk = IncomingViewingPublicKey::from_scalar(isk); Self { - ssk, - nsk, - isk, - ovk, - npk, - ipk, + value: ( + KeyChain { + secret_spending_key: ssk, + nullifer_public_key: npk, + incoming_viewing_public_key: ipk, + private_key_holder: PrivateKeyHolder { + nullifier_secret_key: nsk, + incoming_viewing_secret_key: isk, + outgoing_viewing_secret_key: ovk, + }, + }, + nssa::Account::default(), + ), ccc, cci: Some(cci), - account: nssa::Account::default(), } } @@ -92,7 +114,19 @@ impl KeyNode for ChildKeysPrivate { } fn address(&self) -> nssa::Address { - nssa::Address::from(&self.npk) + nssa::Address::from(&self.value.0.nullifer_public_key) + } +} + +impl<'a> From<&'a ChildKeysPrivate> for &'a (KeyChain, nssa::Account) { + fn from(value: &'a ChildKeysPrivate) -> Self { + &value.value + } +} + +impl<'a> From<&'a mut ChildKeysPrivate> for &'a mut (KeyChain, nssa::Account) { + fn from(value: &'a mut ChildKeysPrivate) -> Self { + &mut value.value } } @@ -109,14 +143,14 @@ mod tests { assert_eq!(child_keys.cci, Some(5)); assert_eq!( - root_keys.ssk.0, + root_keys.value.0.secret_spending_key.0, [ 249, 83, 253, 32, 174, 204, 185, 44, 253, 167, 61, 92, 128, 5, 152, 4, 220, 21, 88, 84, 167, 180, 154, 249, 44, 77, 33, 136, 59, 131, 203, 152 ] ); assert_eq!( - child_keys.ssk.0, + child_keys.value.0.secret_spending_key.0, [ 16, 242, 229, 242, 252, 158, 153, 210, 234, 120, 70, 85, 83, 196, 5, 53, 28, 26, 187, 230, 22, 193, 146, 232, 237, 3, 166, 184, 122, 1, 233, 93 @@ -124,14 +158,14 @@ mod tests { ); assert_eq!( - root_keys.nsk, + root_keys.value.0.private_key_holder.nullifier_secret_key, [ 38, 195, 52, 182, 16, 66, 167, 156, 9, 14, 65, 100, 17, 93, 166, 71, 27, 148, 93, 85, 116, 109, 130, 8, 195, 222, 159, 214, 141, 41, 124, 57 ] ); assert_eq!( - child_keys.nsk, + child_keys.value.0.private_key_holder.nullifier_secret_key, [ 215, 46, 2, 151, 174, 60, 86, 154, 5, 3, 175, 245, 12, 176, 220, 58, 250, 118, 236, 49, 254, 221, 229, 58, 40, 1, 170, 145, 175, 108, 23, 170 @@ -139,14 +173,22 @@ mod tests { ); assert_eq!( - root_keys.isk, + root_keys + .value + .0 + .private_key_holder + .incoming_viewing_secret_key, [ 153, 161, 15, 34, 96, 184, 165, 165, 27, 244, 155, 40, 70, 5, 241, 133, 78, 40, 61, 118, 48, 148, 226, 5, 97, 18, 201, 128, 82, 248, 163, 72 ] ); assert_eq!( - child_keys.isk, + child_keys + .value + .0 + .private_key_holder + .incoming_viewing_secret_key, [ 192, 155, 55, 43, 164, 115, 71, 145, 227, 225, 21, 57, 55, 12, 226, 44, 10, 103, 39, 73, 230, 173, 60, 69, 69, 122, 110, 241, 164, 3, 192, 57 @@ -154,14 +196,22 @@ mod tests { ); assert_eq!( - root_keys.ovk, + root_keys + .value + .0 + .private_key_holder + .outgoing_viewing_secret_key, [ 205, 87, 71, 129, 90, 242, 217, 200, 140, 252, 124, 46, 207, 7, 33, 156, 83, 166, 150, 81, 98, 131, 182, 156, 110, 92, 78, 140, 125, 218, 152, 154 ] ); assert_eq!( - child_keys.ovk, + child_keys + .value + .0 + .private_key_holder + .outgoing_viewing_secret_key, [ 131, 202, 219, 172, 219, 29, 48, 120, 226, 209, 209, 10, 216, 173, 48, 167, 233, 17, 35, 155, 30, 217, 176, 120, 72, 146, 250, 226, 165, 178, 255, 90 @@ -169,14 +219,14 @@ mod tests { ); assert_eq!( - root_keys.npk.0, + root_keys.value.0.nullifer_public_key.0, [ 65, 176, 149, 243, 192, 45, 216, 177, 169, 56, 229, 7, 28, 66, 204, 87, 109, 83, 152, 64, 14, 188, 179, 210, 147, 60, 22, 251, 203, 70, 89, 215 ] ); assert_eq!( - child_keys.npk.0, + child_keys.value.0.nullifer_public_key.0, [ 69, 104, 130, 115, 48, 134, 19, 188, 67, 148, 163, 54, 155, 237, 57, 27, 136, 228, 111, 233, 205, 158, 149, 31, 84, 11, 241, 176, 243, 12, 138, 249 @@ -184,14 +234,14 @@ mod tests { ); assert_eq!( - root_keys.ipk.0, + root_keys.value.0.incoming_viewing_public_key.0, &[ 3, 174, 56, 136, 244, 179, 18, 122, 38, 220, 36, 50, 200, 41, 104, 167, 70, 18, 60, 202, 93, 193, 29, 16, 125, 252, 96, 51, 199, 152, 47, 233, 178 ] ); assert_eq!( - child_keys.ipk.0, + child_keys.value.0.incoming_viewing_public_key.0, &[ 3, 18, 202, 246, 79, 141, 169, 51, 55, 202, 120, 169, 244, 201, 156, 162, 216, 115, 126, 53, 46, 94, 235, 125, 114, 178, 215, 81, 171, 93, 93, 88, 117 diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs index 4e1bf1e..7ca6247 100644 --- a/key_protocol/src/key_management/key_tree/keys_public.rs +++ b/key_protocol/src/key_management/key_tree/keys_public.rs @@ -59,6 +59,12 @@ impl KeyNode for ChildKeysPublic { } } +impl<'a> From<&'a ChildKeysPublic> for &'a nssa::PrivateKey { + fn from(value: &'a ChildKeysPublic) -> Self { + &value.csk + } +} + #[cfg(test)] mod tests { use super::*; diff --git a/key_protocol/src/key_management/key_tree/mod.rs b/key_protocol/src/key_management/key_tree/mod.rs index c21cc6e..7ea2a2a 100644 --- a/key_protocol/src/key_management/key_tree/mod.rs +++ b/key_protocol/src/key_management/key_tree/mod.rs @@ -80,7 +80,7 @@ impl KeyTree { } } - pub fn generate_new_pub_keys(&mut self, parent_cci: ChainIndex) -> Option { + pub fn generate_new_node(&mut self, parent_cci: ChainIndex) -> Option { if !self.key_map.contains_key(&parent_cci) { return None; } @@ -99,11 +99,22 @@ impl KeyTree { Some(address) } - pub fn get_pub_keys(&self, addr: nssa::Address) -> Option<&Node> { + pub fn get_node(&self, addr: nssa::Address) -> Option<&Node> { self.addr_map .get(&addr) .and_then(|chain_id| self.key_map.get(chain_id)) } + + pub fn get_node_mut(&mut self, addr: nssa::Address) -> Option<&mut Node> { + self.addr_map + .get(&addr) + .and_then(|chain_id| self.key_map.get_mut(chain_id)) + } + + pub fn insert(&mut self, addr: nssa::Address, chain_index: ChainIndex, node: Node) { + self.addr_map.insert(addr, chain_index.clone()); + self.key_map.insert(chain_index, node); + } } #[cfg(test)] @@ -145,7 +156,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 0); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); assert!( tree.key_map @@ -158,12 +169,12 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 1); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); let next_last_child_for_parent_id = tree .find_next_last_child_of_id(&ChainIndex::root()) @@ -184,7 +195,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 0); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); assert!( tree.key_map @@ -197,7 +208,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 1); - let key_opt = tree.generate_new_pub_keys(ChainIndex::from_str("03000000").unwrap()); + let key_opt = tree.generate_new_node(ChainIndex::from_str("03000000").unwrap()); assert_eq!(key_opt, None); } @@ -214,7 +225,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 0); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); assert!( tree.key_map @@ -227,7 +238,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 1); - tree.generate_new_pub_keys(ChainIndex::root()).unwrap(); + tree.generate_new_node(ChainIndex::root()).unwrap(); assert!( tree.key_map @@ -240,7 +251,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 2); - tree.generate_new_pub_keys(ChainIndex::from_str("00000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("00000000").unwrap()) .unwrap(); let next_last_child_for_parent_id = tree @@ -254,7 +265,7 @@ mod tests { .contains_key(&ChainIndex::from_str("0000000000000000").unwrap()) ); - tree.generate_new_pub_keys(ChainIndex::from_str("00000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("00000000").unwrap()) .unwrap(); let next_last_child_for_parent_id = tree @@ -268,7 +279,7 @@ mod tests { .contains_key(&ChainIndex::from_str("0000000001000000").unwrap()) ); - tree.generate_new_pub_keys(ChainIndex::from_str("00000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("00000000").unwrap()) .unwrap(); let next_last_child_for_parent_id = tree @@ -282,7 +293,7 @@ mod tests { .contains_key(&ChainIndex::from_str("0000000002000000").unwrap()) ); - tree.generate_new_pub_keys(ChainIndex::from_str("0000000001000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("0000000001000000").unwrap()) .unwrap(); assert!( diff --git a/key_protocol/src/key_management/mod.rs b/key_protocol/src/key_management/mod.rs index 4c3d5e0..8a58d4a 100644 --- a/key_protocol/src/key_management/mod.rs +++ b/key_protocol/src/key_management/mod.rs @@ -14,7 +14,7 @@ pub mod secret_holders; #[derive(Serialize, Deserialize, Clone, Debug)] ///Entrypoint to key management pub struct KeyChain { - secret_spending_key: SecretSpendingKey, + pub secret_spending_key: SecretSpendingKey, pub private_key_holder: PrivateKeyHolder, pub nullifer_public_key: NullifierPublicKey, pub incoming_viewing_public_key: IncomingViewingPublicKey, diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index 6731da8..f50088a 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -7,6 +7,7 @@ use serde::{Deserialize, Serialize}; use crate::key_management::{ KeyChain, key_tree::{KeyTreePrivate, KeyTreePublic, chain_index::ChainIndex}, + secret_holders::SeedHolder, }; pub type PublicKey = AffinePoint; @@ -56,48 +57,62 @@ impl NSSAUserData { } pub fn new_with_accounts( - accounts_keys: HashMap, - accounts_key_chains: HashMap, + default_accounts_keys: HashMap, + default_accounts_key_chains: HashMap< + nssa::Address, + (KeyChain, nssa_core::account::Account), + >, + public_key_tree: KeyTreePublic, + private_key_tree: KeyTreePrivate, ) -> Result { - if !Self::valid_public_key_transaction_pairing_check(&accounts_keys) { + if !Self::valid_public_key_transaction_pairing_check(&default_accounts_keys) { anyhow::bail!( "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" ); } - if !Self::valid_private_key_transaction_pairing_check(&accounts_key_chains) { + if !Self::valid_private_key_transaction_pairing_check(&default_accounts_key_chains) { anyhow::bail!( "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" ); } Ok(Self { - pub_account_signing_keys: accounts_keys, - user_private_accounts: accounts_key_chains, + default_pub_account_signing_keys: default_accounts_keys, + default_user_private_accounts: default_accounts_key_chains, + public_key_tree, + private_key_tree, password: "mnemonic".to_string(), }) } pub fn new_with_accounts_and_password( - accounts_keys: HashMap, - accounts_key_chains: HashMap, + default_accounts_keys: HashMap, + default_accounts_key_chains: HashMap< + nssa::Address, + (KeyChain, nssa_core::account::Account), + >, + public_key_tree: KeyTreePublic, + private_key_tree: KeyTreePrivate, password: String, ) -> Result { - if !Self::valid_public_key_transaction_pairing_check(&accounts_keys) { + if !Self::valid_public_key_transaction_pairing_check(&default_accounts_keys) { anyhow::bail!( "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" ); } - if !Self::valid_private_key_transaction_pairing_check(&accounts_key_chains) { + if !Self::valid_private_key_transaction_pairing_check(&default_accounts_key_chains) { anyhow::bail!( "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" ); } Ok(Self { - pub_account_signing_keys: accounts_keys, - user_private_accounts: accounts_key_chains, + default_pub_account_signing_keys: default_accounts_keys, + default_user_private_accounts: default_accounts_key_chains, + public_key_tree, + private_key_tree, password, }) } @@ -109,9 +124,7 @@ impl NSSAUserData { &mut self, parent_cci: ChainIndex, ) -> nssa::Address { - self.public_key_tree - .generate_new_pub_keys(parent_cci) - .unwrap() + self.public_key_tree.generate_new_node(parent_cci).unwrap() } /// Returns the signing key for public transaction signatures @@ -119,35 +132,25 @@ impl NSSAUserData { &self, address: &nssa::Address, ) -> Option<&nssa::PrivateKey> { - self.public_key_tree.get_pub_keys(address) + //First seek in defaults + if let Some(key) = self.default_pub_account_signing_keys.get(address) { + Some(key) + //Then seek in tree + } else { + self.public_key_tree + .get_node(*address) + .and_then(|chain_keys| Some(chain_keys.into())) + } } /// Generated new private key for privacy preserving transactions /// /// Returns the address of new account - pub fn generate_new_privacy_preserving_transaction_key_chain(&mut self) -> nssa::Address { - let key_chain = KeyChain::new_os_random(); - let address = nssa::Address::from(&key_chain.nullifer_public_key); - - self.user_private_accounts - .insert(address, (key_chain, nssa_core::account::Account::default())); - - address - } - - /// Generated new private key for privacy preserving transactions - /// - /// Returns the address of new account - pub fn generate_new_privacy_preserving_transaction_key_chain_mnemonic( + pub fn generate_new_privacy_preserving_transaction_key_chain( &mut self, + parent_cci: ChainIndex, ) -> nssa::Address { - let key_chain = KeyChain::new_mnemonic(self.password.clone()); - let address = nssa::Address::from(&key_chain.nullifer_public_key); - - self.user_private_accounts - .insert(address, (key_chain, nssa_core::account::Account::default())); - - address + self.private_key_tree.generate_new_node(parent_cci).unwrap() } /// Returns the signing key for public transaction signatures @@ -155,7 +158,15 @@ impl NSSAUserData { &self, address: &nssa::Address, ) -> Option<&(KeyChain, nssa_core::account::Account)> { - self.user_private_accounts.get(address) + //First seek in defaults + if let Some(key) = self.default_user_private_accounts.get(address) { + Some(key) + //Then seek in tree + } else { + self.private_key_tree + .get_node(*address) + .and_then(|chain_keys| Some(chain_keys.into())) + } } /// Returns the signing key for public transaction signatures @@ -163,14 +174,27 @@ impl NSSAUserData { &mut self, address: &nssa::Address, ) -> Option<&mut (KeyChain, nssa_core::account::Account)> { - self.user_private_accounts.get_mut(address) + //First seek in defaults + if let Some(key) = self.default_user_private_accounts.get_mut(address) { + Some(key) + //Then seek in tree + } else { + self.private_key_tree + .get_node_mut(*address) + .and_then(|chain_keys| Some(chain_keys.into())) + } } } impl Default for NSSAUserData { fn default() -> Self { - //Safe unwrap as maps are empty - Self::new_with_accounts(HashMap::default(), HashMap::default()).unwrap() + Self::new_with_accounts( + HashMap::new(), + HashMap::new(), + KeyTreePublic::new(&SeedHolder::new_mnemonic("default".to_string())), + KeyTreePrivate::new(&SeedHolder::new_mnemonic("default".to_string())), + ) + .unwrap() } } @@ -182,8 +206,9 @@ mod tests { fn test_new_account() { let mut user_data = NSSAUserData::default(); - let addr_pub = user_data.generate_new_public_transaction_private_key(); - let addr_private = user_data.generate_new_privacy_preserving_transaction_key_chain(); + let addr_pub = user_data.generate_new_public_transaction_private_key(ChainIndex::root()); + let addr_private = + user_data.generate_new_privacy_preserving_transaction_key_chain(ChainIndex::root()); let is_private_key_generated = user_data.get_pub_account_signing_key(&addr_pub).is_some(); diff --git a/wallet/src/chain_storage/mod.rs b/wallet/src/chain_storage/mod.rs index 4a845af..a1a8517 100644 --- a/wallet/src/chain_storage/mod.rs +++ b/wallet/src/chain_storage/mod.rs @@ -1,7 +1,13 @@ use std::collections::HashMap; use anyhow::Result; -use key_protocol::key_protocol_core::NSSAUserData; +use key_protocol::{ + key_management::{ + key_tree::{KeyTreePrivate, KeyTreePublic}, + secret_holders::SeedHolder, + }, + key_protocol_core::NSSAUserData, +}; use nssa::program::Program; use crate::config::{InitialAccountData, PersistentAccountData, WalletConfig}; @@ -12,7 +18,11 @@ pub struct WalletChainStore { } impl WalletChainStore { - pub fn new(config: WalletConfig) -> Result { + pub fn new( + config: WalletConfig, + persistent_accounts: Vec, + password: String, + ) -> Result { let mut public_init_acc_map = HashMap::new(); let mut private_init_acc_map = HashMap::new(); @@ -32,8 +42,27 @@ impl WalletChainStore { } } + let mut public_tree = KeyTreePublic::new(&SeedHolder::new_mnemonic(password.clone())); + let mut private_tree = KeyTreePrivate::new(&SeedHolder::new_mnemonic(password)); + + for pers_acc_data in persistent_accounts { + match pers_acc_data { + PersistentAccountData::Public(data) => { + public_tree.insert(data.address, data.chain_index, data.data); + } + PersistentAccountData::Private(data) => { + private_tree.insert(data.address, data.chain_index, data.data); + } + } + } + Ok(Self { - user_data: NSSAUserData::new_with_accounts(public_init_acc_map, private_init_acc_map)?, + user_data: NSSAUserData::new_with_accounts( + public_init_acc_map, + private_init_acc_map, + public_tree, + private_tree, + )?, wallet_config: config, }) } @@ -43,26 +72,20 @@ impl WalletChainStore { addr: nssa::Address, account: nssa_core::account::Account, ) { - println!("inserting at addres {}, this account {:?}", addr, account); + println!("inserting at address {}, this account {:?}", addr, account); self.user_data - .user_private_accounts - .entry(addr) - .and_modify(|(_, acc)| *acc = account); - } - - pub(crate) fn insert_account_data(&mut self, acc_data: PersistentAccountData) { - match acc_data { - PersistentAccountData::Public(acc_data) => { - self.user_data - .pub_account_signing_keys - .insert(acc_data.address, acc_data.pub_sign_key); - } - PersistentAccountData::Private(acc_data) => { - self.user_data - .user_private_accounts - .insert(acc_data.address, (acc_data.key_chain, acc_data.account)); - } - } + .private_key_tree + .addr_map + .get(&addr) + .and_then(|chain_index| { + Some( + self.user_data + .private_key_tree + .key_map + .entry(chain_index.clone()) + .and_modify(|data| data.value.1 = account), + ) + }); } } @@ -180,6 +203,6 @@ mod tests { fn test_new_initializes_correctly() { let config = create_sample_wallet_config(); - let _ = WalletChainStore::new(config.clone()).unwrap(); + let _ = WalletChainStore::new(config.clone(), vec![], "test_pass".to_string()).unwrap(); } } diff --git a/wallet/src/cli/account.rs b/wallet/src/cli/account.rs index 3ff4470..7574a80 100644 --- a/wallet/src/cli/account.rs +++ b/wallet/src/cli/account.rs @@ -1,6 +1,7 @@ use anyhow::Result; use base58::ToBase58; use clap::Subcommand; +use key_protocol::key_management::key_tree::chain_index::ChainIndex; use nssa::{Account, Address, program::Program}; use serde::Serialize; @@ -89,9 +90,15 @@ pub enum AccountSubcommand { #[derive(Subcommand, Debug, Clone)] pub enum NewSubcommand { ///Register new public account - Public {}, + Public { + #[arg(long)] + cci: ChainIndex + }, ///Register new private account - Private {}, + Private { + #[arg(long)] + cci: ChainIndex + }, } impl WalletSubcommand for NewSubcommand { @@ -100,8 +107,8 @@ impl WalletSubcommand for NewSubcommand { wallet_core: &mut WalletCore, ) -> Result { match self { - NewSubcommand::Public {} => { - let addr = wallet_core.create_new_account_public(); + NewSubcommand::Public { cci } => { + let addr = wallet_core.create_new_account_public(cci); println!("Generated new account with addr Public/{addr}"); @@ -111,8 +118,8 @@ impl WalletSubcommand for NewSubcommand { Ok(SubcommandReturnValue::RegisterAccount { addr }) } - NewSubcommand::Private {} => { - let addr = wallet_core.create_new_account_private(); + NewSubcommand::Private { cci } => { + let addr = wallet_core.create_new_account_private(cci); let (key, _) = wallet_core .storage @@ -270,7 +277,8 @@ impl WalletSubcommand for AccountSubcommand { if !wallet_core .storage .user_data - .user_private_accounts + .private_key_tree + .addr_map .is_empty() { parse_block_range( diff --git a/wallet/src/config.rs b/wallet/src/config.rs index bf7f5d2..8fdc450 100644 --- a/wallet/src/config.rs +++ b/wallet/src/config.rs @@ -1,4 +1,9 @@ -use key_protocol::key_management::KeyChain; +use key_protocol::key_management::{ + KeyChain, + key_tree::{ + chain_index::ChainIndex, keys_private::ChildKeysPrivate, keys_public::ChildKeysPublic, + }, +}; use serde::{Deserialize, Serialize}; #[derive(Debug, Clone, Serialize, Deserialize)] @@ -10,7 +15,8 @@ pub struct InitialAccountDataPublic { #[derive(Debug, Clone, Serialize, Deserialize)] pub struct PersistentAccountDataPublic { pub address: nssa::Address, - pub pub_sign_key: nssa::PrivateKey, + pub chain_index: ChainIndex, + pub data: ChildKeysPublic, } #[derive(Debug, Clone, Serialize, Deserialize)] @@ -23,8 +29,8 @@ pub struct InitialAccountDataPrivate { #[derive(Debug, Clone, Serialize, Deserialize)] pub struct PersistentAccountDataPrivate { pub address: nssa::Address, - pub account: nssa_core::account::Account, - pub key_chain: KeyChain, + pub chain_index: ChainIndex, + pub data: ChildKeysPrivate, } //Big difference in enum variants sizes @@ -48,6 +54,7 @@ pub enum PersistentAccountData { #[derive(Debug, Clone, Serialize, Deserialize)] pub struct PersistentStorage { pub accounts: Vec, + pub password: String, pub last_synced_block: u64, } diff --git a/wallet/src/helperfunctions.rs b/wallet/src/helperfunctions.rs index f959d17..b3e225d 100644 --- a/wallet/src/helperfunctions.rs +++ b/wallet/src/helperfunctions.rs @@ -104,6 +104,7 @@ pub async fn fetch_persistent_storage() -> Result { Err(err) => match err.kind() { std::io::ErrorKind::NotFound => Ok(PersistentStorage { accounts: vec![], + password: "default".to_string(), last_synced_block: 0, }), _ => { @@ -120,29 +121,29 @@ pub fn produce_data_for_storage( ) -> PersistentStorage { let mut vec_for_storage = vec![]; - for (addr, key) in &user_data.pub_account_signing_keys { - vec_for_storage.push( - PersistentAccountDataPublic { + for (addr, key) in &user_data.public_key_tree.addr_map { + if let Some(data) = user_data.public_key_tree.key_map.get(key) { + vec_for_storage.push(PersistentAccountDataPublic { address: *addr, - pub_sign_key: key.clone(), - } - .into(), - ); + chain_index: key.clone(), + data: data.clone(), + }.into()); + } } - for (addr, (key, acc)) in &user_data.user_private_accounts { - vec_for_storage.push( - PersistentAccountDataPrivate { + for (addr, key) in &user_data.private_key_tree.addr_map { + if let Some(data) = user_data.private_key_tree.key_map.get(key) { + vec_for_storage.push(PersistentAccountDataPrivate { address: *addr, - account: acc.clone(), - key_chain: key.clone(), - } - .into(), - ); + chain_index: key.clone(), + data: data.clone(), + }.into()); + } } PersistentStorage { accounts: vec_for_storage, + password: user_data.password.clone(), last_synced_block, } } diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index dd6dd32..ba2570a 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -10,6 +10,7 @@ use common::{ use anyhow::Result; use chain_storage::WalletChainStore; use config::WalletConfig; +use key_protocol::key_management::key_tree::chain_index::ChainIndex; use log::info; use nssa::{ Account, Address, privacy_preserving_transaction::message::EncryptedAccountData, @@ -59,15 +60,13 @@ impl WalletCore { let client = Arc::new(SequencerClient::new(config.sequencer_addr.clone())?); let tx_poller = TxPoller::new(config.clone(), client.clone()); - let mut storage = WalletChainStore::new(config)?; - let PersistentStorage { accounts: persistent_accounts, + password, last_synced_block, } = fetch_persistent_storage().await?; - for pers_acc_data in persistent_accounts { - storage.insert_account_data(pers_acc_data); - } + + let storage = WalletChainStore::new(config, persistent_accounts, password)?; Ok(Self { storage, @@ -107,16 +106,16 @@ impl WalletCore { Ok(config_path) } - pub fn create_new_account_public(&mut self) -> Address { + pub fn create_new_account_public(&mut self, chain_index: ChainIndex) -> Address { self.storage .user_data - .generate_new_public_transaction_private_key() + .generate_new_public_transaction_private_key(chain_index) } - pub fn create_new_account_private(&mut self) -> Address { + pub fn create_new_account_private(&mut self, chain_index: ChainIndex) -> Address { self.storage .user_data - .generate_new_privacy_preserving_transaction_key_chain() + .generate_new_privacy_preserving_transaction_key_chain(chain_index) } ///Get account balance @@ -146,13 +145,12 @@ impl WalletCore { pub fn get_account_private(&self, addr: &Address) -> Option { self.storage .user_data - .user_private_accounts - .get(addr) + .get_private_account(addr) .map(|value| value.1.clone()) } pub fn get_private_account_commitment(&self, addr: &Address) -> Option { - let (keys, account) = self.storage.user_data.user_private_accounts.get(addr)?; + let (keys, account) = self.storage.user_data.get_private_account(addr)?; Some(Commitment::new(&keys.nullifer_public_key, account)) } From ec149d3227c718c0db80da17a0b8b9adf8e0ac06 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Tue, 11 Nov 2025 12:15:20 +0200 Subject: [PATCH 06/14] feat: deterministic keys --- integration_tests/Cargo.toml | 3 + integration_tests/src/lib.rs | 2 + integration_tests/src/test_suite_map.rs | 143 ++++++++++------- key_protocol/Cargo.toml | 1 + .../key_management/key_tree/chain_index.rs | 89 ++++++----- .../src/key_management/key_tree/mod.rs | 46 ++++-- .../src/key_management/secret_holders.rs | 10 ++ key_protocol/src/key_protocol_core/mod.rs | 46 +----- wallet/src/chain_storage/mod.rs | 147 ++++++++++++++---- wallet/src/cli/account.rs | 6 +- wallet/src/config.rs | 9 +- wallet/src/helperfunctions.rs | 57 +++++-- wallet/src/lib.rs | 97 +++++++++++- wallet/src/main.rs | 13 +- 14 files changed, 456 insertions(+), 213 deletions(-) diff --git a/integration_tests/Cargo.toml b/integration_tests/Cargo.toml index c10869a..58be5a5 100644 --- a/integration_tests/Cargo.toml +++ b/integration_tests/Cargo.toml @@ -36,6 +36,9 @@ path = "../wallet" [dependencies.common] path = "../common" +[dependencies.key_protocol] +path = "../key_protocol" + [dependencies.nssa] path = "../nssa" features = ["no_docker"] diff --git a/integration_tests/src/lib.rs b/integration_tests/src/lib.rs index f718f9d..ae32f79 100644 --- a/integration_tests/src/lib.rs +++ b/integration_tests/src/lib.rs @@ -54,6 +54,8 @@ fn make_private_account_input_from_str(addr: &str) -> String { pub async fn pre_test( home_dir: PathBuf, ) -> Result<(ServerHandle, JoinHandle>, TempDir)> { + wallet::execute_setup("test_pass".to_string()).await?; + let home_dir_sequencer = home_dir.join("sequencer"); let mut sequencer_config = diff --git a/integration_tests/src/test_suite_map.rs b/integration_tests/src/test_suite_map.rs index afcac7d..e4510ad 100644 --- a/integration_tests/src/test_suite_map.rs +++ b/integration_tests/src/test_suite_map.rs @@ -1,6 +1,7 @@ use std::{collections::HashMap, path::PathBuf, pin::Pin, time::Duration}; use common::{PINATA_BASE58, sequencer_client::SequencerClient}; +use key_protocol::key_management::key_tree::chain_index::ChainIndex; use log::info; use nssa::{Address, ProgramDeploymentTransaction, program::Program}; use nssa_core::{NullifierPublicKey, encryption::shared_key_derivation::Secp256k1Point}; @@ -13,7 +14,7 @@ use wallet::{ pinata_program::PinataProgramAgnosticSubcommand, token_program::TokenProgramAgnosticSubcommand, }, - config::{PersistentAccountData, PersistentStorage}, + config::PersistentStorage, helperfunctions::{fetch_config, fetch_persistent_storage}, }; @@ -72,7 +73,9 @@ pub fn prepare_function_map() -> HashMap { #[nssa_integration_test] pub async fn test_success_move_to_another_account() { info!("########## test_success_move_to_another_account ##########"); - let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public {})); + let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public { + cci: ChainIndex::root(), + })); let wallet_config = fetch_config().await.unwrap(); @@ -273,47 +276,43 @@ pub fn prepare_function_map() -> HashMap { let wallet_config = fetch_config().await.unwrap(); // Create new account for the token definition - wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + let SubcommandReturnValue::RegisterAccount { + addr: definition_addr, + } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await - .unwrap(); + .unwrap() + else { + panic!("invalid subcommand return value"); + }; // Create new account for the token supply holder - wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, - ))) - .await - .unwrap(); + let SubcommandReturnValue::RegisterAccount { addr: supply_addr } = + wallet::execute_subcommand(Command::Account(AccountSubcommand::New( + NewSubcommand::Public { + cci: ChainIndex::root(), + }, + ))) + .await + .unwrap() + else { + panic!("invalid subcommand return value"); + }; // Create new account for receiving a token transaction - wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + let SubcommandReturnValue::RegisterAccount { + addr: recipient_addr, + } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await - .unwrap(); - - let PersistentStorage { - accounts: persistent_accounts, - last_synced_block: _, - } = fetch_persistent_storage().await.unwrap(); - - let mut new_persistent_accounts_addr = Vec::new(); - - for per_acc in persistent_accounts { - match per_acc { - PersistentAccountData::Public(per_acc) => { - if (per_acc.address.to_string() != ACC_RECEIVER) - && (per_acc.address.to_string() != ACC_SENDER) - { - new_persistent_accounts_addr.push(per_acc.address); - } - } - _ => continue, - } - } - - let [definition_addr, supply_addr, recipient_addr] = new_persistent_accounts_addr - .try_into() - .expect("Failed to produce new account, not present in persistent accounts"); + .unwrap() + else { + panic!("invalid subcommand return value"); + }; // Create new token let subcommand = TokenProgramAgnosticSubcommand::New { @@ -433,7 +432,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: definition_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -443,7 +444,9 @@ pub fn prepare_function_map() -> HashMap { // Create new account for the token supply holder (private) let SubcommandReturnValue::RegisterAccount { addr: supply_addr } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -454,7 +457,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: recipient_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -584,7 +589,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: definition_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -594,7 +601,9 @@ pub fn prepare_function_map() -> HashMap { // Create new account for the token supply holder (private) let SubcommandReturnValue::RegisterAccount { addr: supply_addr } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -605,7 +614,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: recipient_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -716,7 +727,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: definition_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -726,7 +739,9 @@ pub fn prepare_function_map() -> HashMap { // Create new account for the token supply holder (public) let SubcommandReturnValue::RegisterAccount { addr: supply_addr } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -737,7 +752,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: recipient_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -847,7 +864,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: definition_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -857,7 +876,9 @@ pub fn prepare_function_map() -> HashMap { // Create new account for the token supply holder (private) let SubcommandReturnValue::RegisterAccount { addr: supply_addr } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -868,7 +889,9 @@ pub fn prepare_function_map() -> HashMap { let SubcommandReturnValue::RegisterAccount { addr: recipient_addr, } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Public {}, + NewSubcommand::Public { + cci: ChainIndex::root(), + }, ))) .await .unwrap() @@ -1066,7 +1089,9 @@ pub fn prepare_function_map() -> HashMap { ); let from: Address = ACC_SENDER_PRIVATE.parse().unwrap(); - let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private {})); + let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private { + cci: ChainIndex::root(), + })); let sub_ret = wallet::execute_subcommand(command).await.unwrap(); let SubcommandReturnValue::RegisterAccount { addr: to_addr } = sub_ret else { @@ -1082,8 +1107,7 @@ pub fn prepare_function_map() -> HashMap { let (to_keys, _) = wallet_storage .storage .user_data - .user_private_accounts - .get(&to_addr) + .get_private_account(&to_addr) .cloned() .unwrap(); @@ -1134,7 +1158,9 @@ pub fn prepare_function_map() -> HashMap { let from: Address = ACC_SENDER_PRIVATE.parse().unwrap(); - let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private {})); + let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private { + cci: ChainIndex::root(), + })); let sub_ret = wallet::execute_subcommand(command).await.unwrap(); let SubcommandReturnValue::RegisterAccount { addr: to_addr } = sub_ret else { @@ -1150,8 +1176,7 @@ pub fn prepare_function_map() -> HashMap { let (to_keys, _) = wallet_storage .storage .user_data - .user_private_accounts - .get(&to_addr) + .get_private_account(&to_addr) .cloned() .unwrap(); @@ -1428,7 +1453,9 @@ pub fn prepare_function_map() -> HashMap { #[nssa_integration_test] pub async fn test_authenticated_transfer_initialize_function() { info!("########## test initialize account for authenticated transfer ##########"); - let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public {})); + let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public { + cci: ChainIndex::root(), + })); let SubcommandReturnValue::RegisterAccount { addr } = wallet::execute_subcommand(command).await.unwrap() else { @@ -1528,7 +1555,9 @@ pub fn prepare_function_map() -> HashMap { // Create new account for the token supply holder (private) let SubcommandReturnValue::RegisterAccount { addr: winner_addr } = wallet::execute_subcommand(Command::Account(AccountSubcommand::New( - NewSubcommand::Private {}, + NewSubcommand::Private { + cci: ChainIndex::root(), + }, ))) .await .unwrap() diff --git a/key_protocol/Cargo.toml b/key_protocol/Cargo.toml index b0708b4..a562515 100644 --- a/key_protocol/Cargo.toml +++ b/key_protocol/Cargo.toml @@ -14,6 +14,7 @@ hex = "0.4.3" aes-gcm.workspace = true bip39.workspace = true hmac-sha512.workspace = true +thiserror.workspace = true nssa-core = { path = "../nssa/core", features = ["host"] } [dependencies.common] diff --git a/key_protocol/src/key_management/key_tree/chain_index.rs b/key_protocol/src/key_management/key_tree/chain_index.rs index dad9b2a..e22abf0 100644 --- a/key_protocol/src/key_management/key_tree/chain_index.rs +++ b/key_protocol/src/key_management/key_tree/chain_index.rs @@ -1,59 +1,57 @@ -use std::str::FromStr; +use std::{fmt::Display, str::FromStr}; use serde::{Deserialize, Serialize}; #[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone, Serialize, Deserialize)] pub struct ChainIndex(Vec); +#[derive(thiserror::Error, Debug)] +pub enum ChainIndexError { + #[error("No root found")] + NoRootFound, + #[error("Failed to parse segment into a number")] + ParseIntError(#[from] std::num::ParseIntError), +} + impl FromStr for ChainIndex { - type Err = hex::FromHexError; + type Err = ChainIndexError; fn from_str(s: &str) -> Result { - if s.is_empty() { - return Ok(Self(vec![])); + if !s.starts_with("/") { + return Err(ChainIndexError::NoRootFound); } - let hex_decoded = hex::decode(s)?; - - if !hex_decoded.len().is_multiple_of(4) { - Err(hex::FromHexError::InvalidStringLength) - } else { - let mut res_vec = vec![]; - - for i in 0..(hex_decoded.len() / 4) { - res_vec.push(u32::from_le_bytes([ - hex_decoded[4 * i], - hex_decoded[4 * i + 1], - hex_decoded[4 * i + 2], - hex_decoded[4 * i + 3], - ])); - } - - Ok(Self(res_vec)) + if s == "/" { + return Ok(ChainIndex(vec![])); } + + let uprooted_substring = s.strip_prefix("/").unwrap(); + + let splitted_chain: Vec<&str> = uprooted_substring.split("/").collect(); + let mut res = vec![]; + + for split_ch in splitted_chain { + let cci = split_ch.parse()?; + res.push(cci); + } + + Ok(Self(res)) } } -#[allow(clippy::to_string_trait_impl)] -impl ToString for ChainIndex { - fn to_string(&self) -> String { - if self.0.is_empty() { - return "".to_string(); +impl Display for ChainIndex { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + write!(f, "/")?; + for cci in &self.0[..(self.0.len() - 1)] { + write!(f, "{cci}/")?; } - - let mut res_vec = vec![]; - - for index in &self.0 { - res_vec.extend_from_slice(&index.to_le_bytes()); - } - - hex::encode(res_vec) + write!(f, "{}", self.0.last().unwrap()) } } impl ChainIndex { pub fn root() -> Self { - ChainIndex::from_str("").unwrap() + ChainIndex::from_str("/").unwrap() } pub fn chain(&self) -> &[u32] { @@ -85,31 +83,40 @@ mod tests { #[test] fn test_chain_id_root_correct() { let chain_id = ChainIndex::root(); - let chain_id_2 = ChainIndex::from_str("").unwrap(); + let chain_id_2 = ChainIndex::from_str("/").unwrap(); assert_eq!(chain_id, chain_id_2); } #[test] fn test_chain_id_deser_correct() { - let chain_id = ChainIndex::from_str("01010000").unwrap(); + let chain_id = ChainIndex::from_str("/257").unwrap(); assert_eq!(chain_id.chain(), &[257]); } #[test] fn test_chain_id_next_in_line_correct() { - let chain_id = ChainIndex::from_str("01010000").unwrap(); + let chain_id = ChainIndex::from_str("/257").unwrap(); let next_in_line = chain_id.next_in_line(); - assert_eq!(next_in_line, ChainIndex::from_str("02010000").unwrap()); + assert_eq!(next_in_line, ChainIndex::from_str("/258").unwrap()); } #[test] fn test_chain_id_child_correct() { - let chain_id = ChainIndex::from_str("01010000").unwrap(); + let chain_id = ChainIndex::from_str("/257").unwrap(); let child = chain_id.n_th_child(3); - assert_eq!(child, ChainIndex::from_str("0101000003000000").unwrap()); + assert_eq!(child, ChainIndex::from_str("/257/3").unwrap()); + } + + #[test] + fn test_correct_display() { + let chainid = ChainIndex(vec![5, 7, 8]); + + let string_index = format!("{chainid}"); + + assert_eq!(string_index, "/5/7/8".to_string()); } } diff --git a/key_protocol/src/key_management/key_tree/mod.rs b/key_protocol/src/key_management/key_tree/mod.rs index 7ea2a2a..dcc027b 100644 --- a/key_protocol/src/key_management/key_tree/mod.rs +++ b/key_protocol/src/key_management/key_tree/mod.rs @@ -40,6 +40,18 @@ impl KeyTree { Self { key_map, addr_map } } + pub fn new_from_root(root: Node) -> Self { + let mut key_map = BTreeMap::new(); + let mut addr_map = HashMap::new(); + + addr_map.insert(root.address(), ChainIndex::root()); + key_map.insert(ChainIndex::root(), root); + + Self { key_map, addr_map } + } + + //ToDo: Add function to create a tree from list of nodes with consistency check. + pub fn find_next_last_child_of_id(&self, parent_id: &ChainIndex) -> Option { if !self.key_map.contains_key(parent_id) { return None; @@ -160,7 +172,7 @@ mod tests { assert!( tree.key_map - .contains_key(&ChainIndex::from_str("00000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0").unwrap()) ); let next_last_child_for_parent_id = tree @@ -199,7 +211,7 @@ mod tests { assert!( tree.key_map - .contains_key(&ChainIndex::from_str("00000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0").unwrap()) ); let next_last_child_for_parent_id = tree @@ -208,7 +220,7 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 1); - let key_opt = tree.generate_new_node(ChainIndex::from_str("03000000").unwrap()); + let key_opt = tree.generate_new_node(ChainIndex::from_str("/3").unwrap()); assert_eq!(key_opt, None); } @@ -229,7 +241,7 @@ mod tests { assert!( tree.key_map - .contains_key(&ChainIndex::from_str("00000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0").unwrap()) ); let next_last_child_for_parent_id = tree @@ -242,7 +254,7 @@ mod tests { assert!( tree.key_map - .contains_key(&ChainIndex::from_str("01000000").unwrap()) + .contains_key(&ChainIndex::from_str("/1").unwrap()) ); let next_last_child_for_parent_id = tree @@ -251,58 +263,58 @@ mod tests { assert_eq!(next_last_child_for_parent_id, 2); - tree.generate_new_node(ChainIndex::from_str("00000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("/0").unwrap()) .unwrap(); let next_last_child_for_parent_id = tree - .find_next_last_child_of_id(&ChainIndex::from_str("00000000").unwrap()) + .find_next_last_child_of_id(&ChainIndex::from_str("/0").unwrap()) .unwrap(); assert_eq!(next_last_child_for_parent_id, 1); assert!( tree.key_map - .contains_key(&ChainIndex::from_str("0000000000000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0/0").unwrap()) ); - tree.generate_new_node(ChainIndex::from_str("00000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("/0").unwrap()) .unwrap(); let next_last_child_for_parent_id = tree - .find_next_last_child_of_id(&ChainIndex::from_str("00000000").unwrap()) + .find_next_last_child_of_id(&ChainIndex::from_str("/0").unwrap()) .unwrap(); assert_eq!(next_last_child_for_parent_id, 2); assert!( tree.key_map - .contains_key(&ChainIndex::from_str("0000000001000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0/1").unwrap()) ); - tree.generate_new_node(ChainIndex::from_str("00000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("/0").unwrap()) .unwrap(); let next_last_child_for_parent_id = tree - .find_next_last_child_of_id(&ChainIndex::from_str("00000000").unwrap()) + .find_next_last_child_of_id(&ChainIndex::from_str("/0").unwrap()) .unwrap(); assert_eq!(next_last_child_for_parent_id, 3); assert!( tree.key_map - .contains_key(&ChainIndex::from_str("0000000002000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0/2").unwrap()) ); - tree.generate_new_node(ChainIndex::from_str("0000000001000000").unwrap()) + tree.generate_new_node(ChainIndex::from_str("/0/1").unwrap()) .unwrap(); assert!( tree.key_map - .contains_key(&ChainIndex::from_str("000000000100000000000000").unwrap()) + .contains_key(&ChainIndex::from_str("/0/1/0").unwrap()) ); let next_last_child_for_parent_id = tree - .find_next_last_child_of_id(&ChainIndex::from_str("0000000001000000").unwrap()) + .find_next_last_child_of_id(&ChainIndex::from_str("/0/1").unwrap()) .unwrap(); assert_eq!(next_last_child_for_parent_id, 1); diff --git a/key_protocol/src/key_management/secret_holders.rs b/key_protocol/src/key_management/secret_holders.rs index ee7aced..e60a9f5 100644 --- a/key_protocol/src/key_management/secret_holders.rs +++ b/key_protocol/src/key_management/secret_holders.rs @@ -166,4 +166,14 @@ mod tests { let _ = top_secret_key_holder.generate_outgoing_viewing_secret_key(); } + + #[test] + fn two_seeds_generated_same_from_same_mnemonic() { + let mnemonic = "test_pass"; + + let seed_holder1 = SeedHolder::new_mnemonic(mnemonic.to_string()); + let seed_holder2 = SeedHolder::new_mnemonic(mnemonic.to_string()); + + assert_eq!(seed_holder1.seed, seed_holder2.seed); + } } diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index f50088a..6ea75db 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -19,8 +19,6 @@ pub struct NSSAUserData { ///Default private accounts pub default_user_private_accounts: HashMap, - ///Mnemonic passphrase - pub password: String, /// Tree of public keys pub public_key_tree: KeyTreePublic, /// Tree of private keys @@ -82,38 +80,6 @@ impl NSSAUserData { default_user_private_accounts: default_accounts_key_chains, public_key_tree, private_key_tree, - password: "mnemonic".to_string(), - }) - } - - pub fn new_with_accounts_and_password( - default_accounts_keys: HashMap, - default_accounts_key_chains: HashMap< - nssa::Address, - (KeyChain, nssa_core::account::Account), - >, - public_key_tree: KeyTreePublic, - private_key_tree: KeyTreePrivate, - password: String, - ) -> Result { - if !Self::valid_public_key_transaction_pairing_check(&default_accounts_keys) { - anyhow::bail!( - "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" - ); - } - - if !Self::valid_private_key_transaction_pairing_check(&default_accounts_key_chains) { - anyhow::bail!( - "Key transaction pairing check not satisfied, there is addresses, which is not derived from keys" - ); - } - - Ok(Self { - default_pub_account_signing_keys: default_accounts_keys, - default_user_private_accounts: default_accounts_key_chains, - public_key_tree, - private_key_tree, - password, }) } @@ -137,9 +103,7 @@ impl NSSAUserData { Some(key) //Then seek in tree } else { - self.public_key_tree - .get_node(*address) - .and_then(|chain_keys| Some(chain_keys.into())) + self.public_key_tree.get_node(*address).map(Into::into) } } @@ -163,9 +127,7 @@ impl NSSAUserData { Some(key) //Then seek in tree } else { - self.private_key_tree - .get_node(*address) - .and_then(|chain_keys| Some(chain_keys.into())) + self.private_key_tree.get_node(*address).map(Into::into) } } @@ -179,9 +141,7 @@ impl NSSAUserData { Some(key) //Then seek in tree } else { - self.private_key_tree - .get_node_mut(*address) - .and_then(|chain_keys| Some(chain_keys.into())) + self.private_key_tree.get_node_mut(*address).map(Into::into) } } } diff --git a/wallet/src/chain_storage/mod.rs b/wallet/src/chain_storage/mod.rs index a1a8517..5215d99 100644 --- a/wallet/src/chain_storage/mod.rs +++ b/wallet/src/chain_storage/mod.rs @@ -3,7 +3,7 @@ use std::collections::HashMap; use anyhow::Result; use key_protocol::{ key_management::{ - key_tree::{KeyTreePrivate, KeyTreePublic}, + key_tree::{KeyTreePrivate, KeyTreePublic, chain_index::ChainIndex}, secret_holders::SeedHolder, }, key_protocol_core::NSSAUserData, @@ -21,8 +21,73 @@ impl WalletChainStore { pub fn new( config: WalletConfig, persistent_accounts: Vec, - password: String, ) -> Result { + if persistent_accounts.is_empty() { + anyhow::bail!("Roots not found; please run setup beforehand"); + } + + let mut public_init_acc_map = HashMap::new(); + let mut private_init_acc_map = HashMap::new(); + + let public_root = persistent_accounts + .iter() + .find(|data| match data { + &PersistentAccountData::Public(data) => data.chain_index == ChainIndex::root(), + _ => false, + }) + .cloned() + .unwrap(); + + let private_root = persistent_accounts + .iter() + .find(|data| match data { + &PersistentAccountData::Private(data) => data.chain_index == ChainIndex::root(), + _ => false, + }) + .cloned() + .unwrap(); + + let mut public_tree = KeyTreePublic::new_from_root(match public_root { + PersistentAccountData::Public(data) => data.data, + _ => unreachable!(), + }); + let mut private_tree = KeyTreePrivate::new_from_root(match private_root { + PersistentAccountData::Private(data) => data.data, + _ => unreachable!(), + }); + + for pers_acc_data in persistent_accounts { + match pers_acc_data { + PersistentAccountData::Public(data) => { + public_tree.insert(data.address, data.chain_index, data.data); + } + PersistentAccountData::Private(data) => { + private_tree.insert(data.address, data.chain_index, data.data); + } + PersistentAccountData::Preconfigured(acc_data) => match acc_data { + InitialAccountData::Public(data) => { + public_init_acc_map.insert(data.address.parse()?, data.pub_sign_key); + } + InitialAccountData::Private(data) => { + private_init_acc_map + .insert(data.address.parse()?, (data.key_chain, data.account)); + } + }, + } + } + + Ok(Self { + user_data: NSSAUserData::new_with_accounts( + public_init_acc_map, + private_init_acc_map, + public_tree, + private_tree, + )?, + wallet_config: config, + }) + } + + pub fn new_storage(config: WalletConfig, password: String) -> Result { let mut public_init_acc_map = HashMap::new(); let mut private_init_acc_map = HashMap::new(); @@ -42,19 +107,8 @@ impl WalletChainStore { } } - let mut public_tree = KeyTreePublic::new(&SeedHolder::new_mnemonic(password.clone())); - let mut private_tree = KeyTreePrivate::new(&SeedHolder::new_mnemonic(password)); - - for pers_acc_data in persistent_accounts { - match pers_acc_data { - PersistentAccountData::Public(data) => { - public_tree.insert(data.address, data.chain_index, data.data); - } - PersistentAccountData::Private(data) => { - private_tree.insert(data.address, data.chain_index, data.data); - } - } - } + let public_tree = KeyTreePublic::new(&SeedHolder::new_mnemonic(password.clone())); + let private_tree = KeyTreePrivate::new(&SeedHolder::new_mnemonic(password)); Ok(Self { user_data: NSSAUserData::new_with_accounts( @@ -73,25 +127,41 @@ impl WalletChainStore { account: nssa_core::account::Account, ) { println!("inserting at address {}, this account {:?}", addr, account); - self.user_data - .private_key_tree - .addr_map - .get(&addr) - .and_then(|chain_index| { - Some( + + if self + .user_data + .default_user_private_accounts + .contains_key(&addr) + { + self.user_data + .default_user_private_accounts + .entry(addr) + .and_modify(|data| data.1 = account); + } else { + self.user_data + .private_key_tree + .addr_map + .get(&addr) + .map(|chain_index| { self.user_data .private_key_tree .key_map .entry(chain_index.clone()) - .and_modify(|data| data.value.1 = account), - ) - }); + .and_modify(|data| data.value.1 = account) + }); + } } } #[cfg(test)] mod tests { - use crate::config::InitialAccountData; + use key_protocol::key_management::key_tree::{ + keys_private::ChildKeysPrivate, keys_public::ChildKeysPublic, traits::KeyNode, + }; + + use crate::config::{ + InitialAccountData, PersistentAccountDataPrivate, PersistentAccountDataPublic, + }; use super::*; @@ -199,10 +269,35 @@ mod tests { } } + fn create_sample_persistent_accounts() -> Vec { + let mut accs = vec![]; + + let public_data = ChildKeysPublic::root([42; 64]); + + accs.push(PersistentAccountData::Public(PersistentAccountDataPublic { + address: public_data.address(), + chain_index: ChainIndex::root(), + data: public_data, + })); + + let private_data = ChildKeysPrivate::root([47; 64]); + + accs.push(PersistentAccountData::Private( + PersistentAccountDataPrivate { + address: private_data.address(), + chain_index: ChainIndex::root(), + data: private_data, + }, + )); + + accs + } + #[test] fn test_new_initializes_correctly() { let config = create_sample_wallet_config(); + let accs = create_sample_persistent_accounts(); - let _ = WalletChainStore::new(config.clone(), vec![], "test_pass".to_string()).unwrap(); + let _ = WalletChainStore::new(config.clone(), accs).unwrap(); } } diff --git a/wallet/src/cli/account.rs b/wallet/src/cli/account.rs index 7574a80..b9a7699 100644 --- a/wallet/src/cli/account.rs +++ b/wallet/src/cli/account.rs @@ -90,14 +90,14 @@ pub enum AccountSubcommand { #[derive(Subcommand, Debug, Clone)] pub enum NewSubcommand { ///Register new public account - Public { + Public { #[arg(long)] - cci: ChainIndex + cci: ChainIndex, }, ///Register new private account Private { #[arg(long)] - cci: ChainIndex + cci: ChainIndex, }, } diff --git a/wallet/src/config.rs b/wallet/src/config.rs index 8fdc450..f5bd3ea 100644 --- a/wallet/src/config.rs +++ b/wallet/src/config.rs @@ -49,12 +49,12 @@ pub enum InitialAccountData { pub enum PersistentAccountData { Public(PersistentAccountDataPublic), Private(PersistentAccountDataPrivate), + Preconfigured(InitialAccountData), } #[derive(Debug, Clone, Serialize, Deserialize)] pub struct PersistentStorage { pub accounts: Vec, - pub password: String, pub last_synced_block: u64, } @@ -72,6 +72,7 @@ impl PersistentAccountData { match &self { Self::Public(acc) => acc.address, Self::Private(acc) => acc.address, + Self::Preconfigured(acc) => acc.address(), } } } @@ -100,6 +101,12 @@ impl From for PersistentAccountData { } } +impl From for PersistentAccountData { + fn from(value: InitialAccountData) -> Self { + Self::Preconfigured(value) + } +} + #[derive(Debug, Clone, Serialize, Deserialize)] pub struct GasConfig { /// Gas spent per deploying one byte of data diff --git a/wallet/src/helperfunctions.rs b/wallet/src/helperfunctions.rs index b3e225d..0d08348 100644 --- a/wallet/src/helperfunctions.rs +++ b/wallet/src/helperfunctions.rs @@ -12,6 +12,7 @@ use serde::Serialize; use crate::{ HOME_DIR_ENV_VAR, config::{ + InitialAccountData, InitialAccountDataPrivate, InitialAccountDataPublic, PersistentAccountDataPrivate, PersistentAccountDataPublic, PersistentStorage, WalletConfig, }, }; @@ -102,11 +103,9 @@ pub async fn fetch_persistent_storage() -> Result { Ok(serde_json::from_slice(&storage_content)?) } Err(err) => match err.kind() { - std::io::ErrorKind::NotFound => Ok(PersistentStorage { - accounts: vec![], - password: "default".to_string(), - last_synced_block: 0, - }), + std::io::ErrorKind::NotFound => { + anyhow::bail!("Not found, please setup roots from config command beforehand"); + } _ => { anyhow::bail!("IO error {err:#?}"); } @@ -123,27 +122,53 @@ pub fn produce_data_for_storage( for (addr, key) in &user_data.public_key_tree.addr_map { if let Some(data) = user_data.public_key_tree.key_map.get(key) { - vec_for_storage.push(PersistentAccountDataPublic { - address: *addr, - chain_index: key.clone(), - data: data.clone(), - }.into()); + vec_for_storage.push( + PersistentAccountDataPublic { + address: *addr, + chain_index: key.clone(), + data: data.clone(), + } + .into(), + ); } } for (addr, key) in &user_data.private_key_tree.addr_map { if let Some(data) = user_data.private_key_tree.key_map.get(key) { - vec_for_storage.push(PersistentAccountDataPrivate { - address: *addr, - chain_index: key.clone(), - data: data.clone(), - }.into()); + vec_for_storage.push( + PersistentAccountDataPrivate { + address: *addr, + chain_index: key.clone(), + data: data.clone(), + } + .into(), + ); } } + for (addr, key) in &user_data.default_pub_account_signing_keys { + vec_for_storage.push( + InitialAccountData::Public(InitialAccountDataPublic { + address: addr.to_string(), + pub_sign_key: key.clone(), + }) + .into(), + ) + } + + for (addr, (key_chain, account)) in &user_data.default_user_private_accounts { + vec_for_storage.push( + InitialAccountData::Private(InitialAccountDataPrivate { + address: addr.to_string(), + account: account.clone(), + key_chain: key_chain.clone(), + }) + .into(), + ) + } + PersistentStorage { accounts: vec_for_storage, - password: user_data.password.clone(), last_synced_block, } } diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index ba2570a..3b494a9 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -10,7 +10,7 @@ use common::{ use anyhow::Result; use chain_storage::WalletChainStore; use config::WalletConfig; -use key_protocol::key_management::key_tree::chain_index::ChainIndex; +use key_protocol::key_management::key_tree::{chain_index::ChainIndex, traits::KeyNode}; use log::info; use nssa::{ Account, Address, privacy_preserving_transaction::message::EncryptedAccountData, @@ -62,11 +62,10 @@ impl WalletCore { let PersistentStorage { accounts: persistent_accounts, - password, last_synced_block, } = fetch_persistent_storage().await?; - let storage = WalletChainStore::new(config, persistent_accounts, password)?; + let storage = WalletChainStore::new(config, persistent_accounts)?; Ok(Self { storage, @@ -76,6 +75,23 @@ impl WalletCore { }) } + pub async fn start_from_config_new_storage( + config: WalletConfig, + password: String, + ) -> Result { + let client = Arc::new(SequencerClient::new(config.sequencer_addr.clone())?); + let tx_poller = TxPoller::new(config.clone(), client.clone()); + + let storage = WalletChainStore::new_storage(config, password)?; + + Ok(Self { + storage, + poller: tx_poller, + sequencer_client: client.clone(), + last_synced_block: 0, + }) + } + ///Store persistent data at home pub async fn store_persistent_data(&self) -> Result { let home = get_home()?; @@ -233,6 +249,18 @@ pub enum Command { Config(ConfigSubcommand), } +///Represents CLI command for a wallet with setup included +#[derive(Debug, Subcommand, Clone)] +#[clap(about)] +pub enum OverCommand { + #[command(subcommand)] + Command(Command), + Setup { + #[arg(short, long)] + password: String, + }, +} + ///To execute commands, env var NSSA_WALLET_HOME_DIR must be set into directory with config /// /// All account adresses must be valid 32 byte base58 strings. @@ -247,7 +275,7 @@ pub struct Args { pub continious_run: bool, /// Wallet command #[command(subcommand)] - pub command: Option, + pub command: Option, } #[derive(Debug, Clone)] @@ -341,8 +369,11 @@ pub async fn parse_block_range( if let NSSATransaction::PrivacyPreserving(tx) = nssa_tx { let mut affected_accounts = vec![]; - for (acc_addr, (key_chain, _)) in - &wallet_core.storage.user_data.user_private_accounts + for (acc_addr, (key_chain, _)) in wallet_core + .storage + .user_data + .default_user_private_accounts + .iter() { let view_tag = EncryptedAccountData::compute_view_tag( key_chain.nullifer_public_key.clone(), @@ -379,6 +410,51 @@ pub async fn parse_block_range( } } + for (_, keys_node) in wallet_core + .storage + .user_data + .private_key_tree + .key_map + .iter() + { + let acc_addr = keys_node.address(); + let key_chain = &keys_node.value.0; + + let view_tag = EncryptedAccountData::compute_view_tag( + key_chain.nullifer_public_key.clone(), + key_chain.incoming_viewing_public_key.clone(), + ); + + for (ciph_id, encrypted_data) in tx + .message() + .encrypted_private_post_states + .iter() + .enumerate() + { + if encrypted_data.view_tag == view_tag { + let ciphertext = &encrypted_data.ciphertext; + let commitment = &tx.message.new_commitments[ciph_id]; + let shared_secret = key_chain + .calculate_shared_secret_receiver(encrypted_data.epk.clone()); + + let res_acc = nssa_core::EncryptionScheme::decrypt( + ciphertext, + &shared_secret, + commitment, + ciph_id as u32, + ); + + if let Some(res_acc) = res_acc { + println!( + "Received new account for addr {acc_addr:#?} with account object {res_acc:#?}" + ); + + affected_accounts.push((acc_addr, res_acc)); + } + } + } + } + for (affected_addr, new_acc) in affected_accounts { wallet_core .storage @@ -426,3 +502,12 @@ pub async fn execute_continious_run() -> Result<()> { latest_block_num = seq_client.get_last_block().await?.last_block; } } + +pub async fn execute_setup(password: String) -> Result<()> { + let config = fetch_config().await?; + let wallet_core = WalletCore::start_from_config_new_storage(config.clone(), password).await?; + + wallet_core.store_persistent_data().await?; + + Ok(()) +} diff --git a/wallet/src/main.rs b/wallet/src/main.rs index ecc50d2..1fe52b3 100644 --- a/wallet/src/main.rs +++ b/wallet/src/main.rs @@ -1,7 +1,7 @@ use anyhow::Result; use clap::{CommandFactory, Parser}; use tokio::runtime::Builder; -use wallet::{Args, execute_continious_run, execute_subcommand}; +use wallet::{Args, OverCommand, execute_continious_run, execute_setup, execute_subcommand}; pub const NUM_THREADS: usize = 2; @@ -17,8 +17,15 @@ fn main() -> Result<()> { env_logger::init(); runtime.block_on(async move { - if let Some(command) = args.command { - execute_subcommand(command).await.unwrap(); + if let Some(overcommand) = args.command { + match overcommand { + OverCommand::Command(command) => { + execute_subcommand(command).await.unwrap(); + } + OverCommand::Setup { password } => { + execute_setup(password).await.unwrap(); + } + } } else if args.continious_run { execute_continious_run().await.unwrap(); } else { From fcb3993a4780458a455615448b551cad58efb3f4 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Tue, 11 Nov 2025 15:41:32 +0200 Subject: [PATCH 07/14] fix: merge fix --- integration_tests/Cargo.toml | 3 --- 1 file changed, 3 deletions(-) diff --git a/integration_tests/Cargo.toml b/integration_tests/Cargo.toml index 11d7d07..58be5a5 100644 --- a/integration_tests/Cargo.toml +++ b/integration_tests/Cargo.toml @@ -42,6 +42,3 @@ path = "../key_protocol" [dependencies.nssa] path = "../nssa" features = ["no_docker"] - -[dependencies.key_protocol] -path = "../key_protocol" From 463942df8034072f475aa0a5b8208e00644fd0e4 Mon Sep 17 00:00:00 2001 From: Pravdyvy <46261001+Pravdyvy@users.noreply.github.com> Date: Wed, 26 Nov 2025 07:07:58 +0200 Subject: [PATCH 08/14] Apply suggestions from code review 1 Co-authored-by: Daniil Polyakov --- integration_tests/src/lib.rs | 2 +- .../key_management/key_tree/chain_index.rs | 28 +++++---------- .../key_management/key_tree/keys_private.rs | 8 ++--- .../key_management/key_tree/keys_public.rs | 8 ++--- .../src/key_management/key_tree/mod.rs | 16 +++------ .../src/key_management/key_tree/traits.rs | 2 +- key_protocol/src/key_management/mod.rs | 4 +-- .../src/key_management/secret_holders.rs | 2 +- key_protocol/src/key_protocol_core/mod.rs | 4 +-- wallet/src/chain_storage/mod.rs | 36 +++++++------------ wallet/src/lib.rs | 6 ++-- 11 files changed, 45 insertions(+), 71 deletions(-) diff --git a/integration_tests/src/lib.rs b/integration_tests/src/lib.rs index 75e39b8..df39ccd 100644 --- a/integration_tests/src/lib.rs +++ b/integration_tests/src/lib.rs @@ -56,7 +56,7 @@ fn make_private_account_input_from_str(addr: &str) -> String { pub async fn pre_test( home_dir: PathBuf, ) -> Result<(ServerHandle, JoinHandle>, TempDir)> { - wallet::execute_setup("test_pass".to_string()).await?; + wallet::execute_setup("test_pass".to_owned()).await?; let home_dir_sequencer = home_dir.join("sequencer"); diff --git a/key_protocol/src/key_management/key_tree/chain_index.rs b/key_protocol/src/key_management/key_tree/chain_index.rs index e22abf0..8da2fd6 100644 --- a/key_protocol/src/key_management/key_tree/chain_index.rs +++ b/key_protocol/src/key_management/key_tree/chain_index.rs @@ -17,25 +17,15 @@ impl FromStr for ChainIndex { type Err = ChainIndexError; fn from_str(s: &str) -> Result { - if !s.starts_with("/") { - return Err(ChainIndexError::NoRootFound); + if !s.starts_with('/') { + return Err(ChainIndexError:NoRootFound); } - - if s == "/" { - return Ok(ChainIndex(vec![])); - } - - let uprooted_substring = s.strip_prefix("/").unwrap(); - - let splitted_chain: Vec<&str> = uprooted_substring.split("/").collect(); - let mut res = vec![]; - - for split_ch in splitted_chain { - let cci = split_ch.parse()?; - res.push(cci); - } - - Ok(Self(res)) + + s + .split("/") + .map(u32::from_str) + .collect() + .map_err(Into::into) } } @@ -68,7 +58,7 @@ impl ChainIndex { ChainIndex(chain) } - pub fn n_th_child(&self, child_id: u32) -> ChainIndex { + pub fn nth_child(&self, child_id: u32) -> ChainIndex { let mut chain = self.0.clone(); chain.push(child_id); diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs index 84b44fa..2addd12 100644 --- a/key_protocol/src/key_management/key_tree/keys_private.rs +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -12,7 +12,7 @@ use crate::key_management::{ pub struct ChildKeysPrivate { pub value: (KeyChain, nssa::Account), pub ccc: [u8; 32], - ///Can be None if root + /// Can be [`None`] if root pub cci: Option, } @@ -49,7 +49,7 @@ impl KeyNode for ChildKeysPrivate { } } - fn n_th_child(&self, cci: u32) -> Self { + fn nth_child(&self, cci: u32) -> Self { let parent_pt = Scalar::from_repr( self.value .0 @@ -109,8 +109,8 @@ impl KeyNode for ChildKeysPrivate { &self.ccc } - fn child_index(&self) -> &Option { - &self.cci + fn child_index(&self) -> Option { + self.cci } fn address(&self) -> nssa::Address { diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs index 7ca6247..2f694af 100644 --- a/key_protocol/src/key_management/key_tree/keys_public.rs +++ b/key_protocol/src/key_management/key_tree/keys_public.rs @@ -7,7 +7,7 @@ pub struct ChildKeysPublic { pub csk: nssa::PrivateKey, pub cpk: nssa::PublicKey, pub ccc: [u8; 32], - ///Can be None if root + /// Can be [`None`] if root pub cci: Option, } @@ -27,7 +27,7 @@ impl KeyNode for ChildKeysPublic { } } - fn n_th_child(&self, cci: u32) -> Self { + fn nth_child(&self, cci: u32) -> Self { let mut hash_input = vec![]; hash_input.extend_from_slice(self.csk.value()); hash_input.extend_from_slice(&cci.to_le_bytes()); @@ -50,8 +50,8 @@ impl KeyNode for ChildKeysPublic { &self.ccc } - fn child_index(&self) -> &Option { - &self.cci + fn child_index(&self) -> Option { + self.cci } fn address(&self) -> nssa::Address { diff --git a/key_protocol/src/key_management/key_tree/mod.rs b/key_protocol/src/key_management/key_tree/mod.rs index dcc027b..73f3491 100644 --- a/key_protocol/src/key_management/key_tree/mod.rs +++ b/key_protocol/src/key_management/key_tree/mod.rs @@ -31,11 +31,8 @@ impl KeyTree { let root_keys = Node::root(seed_fit); let address = root_keys.address(); - let mut key_map = BTreeMap::new(); - let mut addr_map = HashMap::new(); - - key_map.insert(ChainIndex::root(), root_keys); - addr_map.insert(address, ChainIndex::root()); + let key_map = BTreeMap::from_iter([(ChainIndex::root(), root_keys)]); + let addr_map = HashMap::from_iter([(address, ChainIndex::root())]); Self { key_map, addr_map } } @@ -60,7 +57,8 @@ impl KeyTree { let leftmost_child = parent_id.n_th_child(u32::MIN); if !self.key_map.contains_key(&leftmost_child) { - Some(0) + return Some(0) + } } else { let mut right = u32::MAX - 1; let mut left_border = u32::MIN; @@ -93,11 +91,7 @@ impl KeyTree { } pub fn generate_new_node(&mut self, parent_cci: ChainIndex) -> Option { - if !self.key_map.contains_key(&parent_cci) { - return None; - } - - let father_keys = self.key_map.get(&parent_cci).unwrap(); + let father_keys = self.key_map.get(&parent_cci)?; let next_child_id = self.find_next_last_child_of_id(&parent_cci).unwrap(); let next_cci = parent_cci.n_th_child(next_child_id); diff --git a/key_protocol/src/key_management/key_tree/traits.rs b/key_protocol/src/key_management/key_tree/traits.rs index 662481a..0eb619d 100644 --- a/key_protocol/src/key_management/key_tree/traits.rs +++ b/key_protocol/src/key_management/key_tree/traits.rs @@ -1,7 +1,7 @@ pub trait KeyNode { fn root(seed: [u8; 64]) -> Self; - fn n_th_child(&self, cci: u32) -> Self; + fn nth_child(&self, cci: u32) -> Self; fn chain_code(&self) -> &[u8; 32]; diff --git a/key_protocol/src/key_management/mod.rs b/key_protocol/src/key_management/mod.rs index 8a58d4a..bbccd12 100644 --- a/key_protocol/src/key_management/mod.rs +++ b/key_protocol/src/key_management/mod.rs @@ -41,8 +41,8 @@ impl KeyChain { } pub fn new_mnemonic(passphrase: String) -> Self { - //Currently dropping SeedHolder at the end of initialization. - //Now entirely sure if we need it in the future. + // Currently dropping SeedHolder at the end of initialization. + // Not entirely sure if we need it in the future. let seed_holder = SeedHolder::new_mnemonic(passphrase); let secret_spending_key = seed_holder.produce_top_secret_key_holder(); diff --git a/key_protocol/src/key_management/secret_holders.rs b/key_protocol/src/key_management/secret_holders.rs index e60a9f5..89808b6 100644 --- a/key_protocol/src/key_management/secret_holders.rs +++ b/key_protocol/src/key_management/secret_holders.rs @@ -45,7 +45,7 @@ impl SeedHolder { } pub fn new_mnemonic(passphrase: String) -> Self { - //Enthropy bytes must be deterministic as well + // Enthropy bytes must be deterministic as well let enthopy_bytes: [u8; 32] = [0; 32]; let mnemonic = Mnemonic::from_entropy(&enthopy_bytes).unwrap(); diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index 6ea75db..81ae156 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -14,9 +14,9 @@ pub type PublicKey = AffinePoint; #[derive(Clone, Debug, Serialize, Deserialize)] pub struct NSSAUserData { - ///Default public accounts + /// Default public accounts pub default_pub_account_signing_keys: HashMap, - ///Default private accounts + /// Default private accounts pub default_user_private_accounts: HashMap, /// Tree of public keys diff --git a/wallet/src/chain_storage/mod.rs b/wallet/src/chain_storage/mod.rs index 5215d99..cfc0ff0 100644 --- a/wallet/src/chain_storage/mod.rs +++ b/wallet/src/chain_storage/mod.rs @@ -126,17 +126,13 @@ impl WalletChainStore { addr: nssa::Address, account: nssa_core::account::Account, ) { - println!("inserting at address {}, this account {:?}", addr, account); + println!("inserting at address {addr}, this account {account:?}"); - if self - .user_data - .default_user_private_accounts - .contains_key(&addr) - { - self.user_data + let entry = self.user_data .default_user_private_accounts .entry(addr) .and_modify(|data| data.1 = account); + if matches!(entry, Entry::Vacant(_)) { } else { self.user_data .private_key_tree @@ -270,27 +266,21 @@ mod tests { } fn create_sample_persistent_accounts() -> Vec { - let mut accs = vec![]; - let public_data = ChildKeysPublic::root([42; 64]); - - accs.push(PersistentAccountData::Public(PersistentAccountDataPublic { - address: public_data.address(), - chain_index: ChainIndex::root(), - data: public_data, - })); - let private_data = ChildKeysPrivate::root([47; 64]); - - accs.push(PersistentAccountData::Private( - PersistentAccountDataPrivate { + + vec![ + PersistentAccountData::Public(PersistentAccountDataPublic { + address: public_data.address(), + chain_index: ChainIndex::root(), + data: public_data, + }), + PersistentAccountData::Private(PersistentAccountDataPrivate { address: private_data.address(), chain_index: ChainIndex::root(), data: private_data, - }, - )); - - accs + }) + ] } #[test] diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index 3b494a9..75d06df 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -249,7 +249,7 @@ pub enum Command { Config(ConfigSubcommand), } -///Represents CLI command for a wallet with setup included +/// Represents CLI command for a wallet with setup included #[derive(Debug, Subcommand, Clone)] #[clap(about)] pub enum OverCommand { @@ -410,12 +410,12 @@ pub async fn parse_block_range( } } - for (_, keys_node) in wallet_core + for keys_node in wallet_core .storage .user_data .private_key_tree .key_map - .iter() + .values() { let acc_addr = keys_node.address(); let key_chain = &keys_node.value.0; From 0d11c3688e58d64ba527a8ab5421064eec481b8f Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Wed, 26 Nov 2025 07:18:25 +0200 Subject: [PATCH 09/14] fix: suggestions hotfix --- .../key_management/key_tree/chain_index.rs | 26 ++++++--- .../key_management/key_tree/keys_private.rs | 2 +- .../key_management/key_tree/keys_public.rs | 2 +- .../src/key_management/key_tree/mod.rs | 53 +++++++++---------- .../src/key_management/key_tree/traits.rs | 2 +- wallet/src/chain_storage/mod.rs | 16 +++--- 6 files changed, 56 insertions(+), 45 deletions(-) diff --git a/key_protocol/src/key_management/key_tree/chain_index.rs b/key_protocol/src/key_management/key_tree/chain_index.rs index 8da2fd6..1ab431a 100644 --- a/key_protocol/src/key_management/key_tree/chain_index.rs +++ b/key_protocol/src/key_management/key_tree/chain_index.rs @@ -18,14 +18,24 @@ impl FromStr for ChainIndex { fn from_str(s: &str) -> Result { if !s.starts_with('/') { - return Err(ChainIndexError:NoRootFound); + return Err(ChainIndexError::NoRootFound); } - - s - .split("/") - .map(u32::from_str) - .collect() - .map_err(Into::into) + + if s == "/" { + return Ok(ChainIndex(vec![])); + } + + let uprooted_substring = s.strip_prefix("/").unwrap(); + + let splitted_chain: Vec<&str> = uprooted_substring.split("/").collect(); + let mut res = vec![]; + + for split_ch in splitted_chain { + let cci = split_ch.parse()?; + res.push(cci); + } + + Ok(Self(res)) } } @@ -96,7 +106,7 @@ mod tests { #[test] fn test_chain_id_child_correct() { let chain_id = ChainIndex::from_str("/257").unwrap(); - let child = chain_id.n_th_child(3); + let child = chain_id.nth_child(3); assert_eq!(child, ChainIndex::from_str("/257/3").unwrap()); } diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs index 2addd12..c29f7d6 100644 --- a/key_protocol/src/key_management/key_tree/keys_private.rs +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -137,7 +137,7 @@ mod tests { #[test] fn test_keys_deterministic_generation() { let root_keys = ChildKeysPrivate::root([42; 64]); - let child_keys = root_keys.n_th_child(5); + let child_keys = root_keys.nth_child(5); assert_eq!(root_keys.cci, None); assert_eq!(child_keys.cci, Some(5)); diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs index 2f694af..8d31720 100644 --- a/key_protocol/src/key_management/key_tree/keys_public.rs +++ b/key_protocol/src/key_management/key_tree/keys_public.rs @@ -72,7 +72,7 @@ mod tests { #[test] fn test_keys_deterministic_generation() { let root_keys = ChildKeysPublic::root([42; 64]); - let child_keys = root_keys.n_th_child(5); + let child_keys = root_keys.nth_child(5); assert_eq!(root_keys.cci, None); assert_eq!(child_keys.cci, Some(5)); diff --git a/key_protocol/src/key_management/key_tree/mod.rs b/key_protocol/src/key_management/key_tree/mod.rs index 73f3491..e478ce5 100644 --- a/key_protocol/src/key_management/key_tree/mod.rs +++ b/key_protocol/src/key_management/key_tree/mod.rs @@ -54,37 +54,36 @@ impl KeyTree { return None; } - let leftmost_child = parent_id.n_th_child(u32::MIN); + let leftmost_child = parent_id.nth_child(u32::MIN); if !self.key_map.contains_key(&leftmost_child) { - return Some(0) + return Some(0); } - } else { - let mut right = u32::MAX - 1; - let mut left_border = u32::MIN; - let mut right_border = u32::MAX; - loop { - let rightmost_child = parent_id.n_th_child(right); + let mut right = u32::MAX - 1; + let mut left_border = u32::MIN; + let mut right_border = u32::MAX; - let rightmost_ref = self.key_map.get(&rightmost_child); - let rightmost_ref_next = self.key_map.get(&rightmost_child.next_in_line()); + loop { + let rightmost_child = parent_id.nth_child(right); - match (&rightmost_ref, &rightmost_ref_next) { - (Some(_), Some(_)) => { - left_border = right; - right = (right + right_border) / 2; - } - (Some(_), None) => { - break Some(right + 1); - } - (None, None) => { - right_border = right; - right = (left_border + right) / 2; - } - (None, Some(_)) => { - unreachable!(); - } + let rightmost_ref = self.key_map.get(&rightmost_child); + let rightmost_ref_next = self.key_map.get(&rightmost_child.next_in_line()); + + match (&rightmost_ref, &rightmost_ref_next) { + (Some(_), Some(_)) => { + left_border = right; + right = (right + right_border) / 2; + } + (Some(_), None) => { + break Some(right + 1); + } + (None, None) => { + right_border = right; + right = (left_border + right) / 2; + } + (None, Some(_)) => { + unreachable!(); } } } @@ -93,9 +92,9 @@ impl KeyTree { pub fn generate_new_node(&mut self, parent_cci: ChainIndex) -> Option { let father_keys = self.key_map.get(&parent_cci)?; let next_child_id = self.find_next_last_child_of_id(&parent_cci).unwrap(); - let next_cci = parent_cci.n_th_child(next_child_id); + let next_cci = parent_cci.nth_child(next_child_id); - let child_keys = father_keys.n_th_child(next_child_id); + let child_keys = father_keys.nth_child(next_child_id); let address = child_keys.address(); diff --git a/key_protocol/src/key_management/key_tree/traits.rs b/key_protocol/src/key_management/key_tree/traits.rs index 0eb619d..d8b2de9 100644 --- a/key_protocol/src/key_management/key_tree/traits.rs +++ b/key_protocol/src/key_management/key_tree/traits.rs @@ -5,7 +5,7 @@ pub trait KeyNode { fn chain_code(&self) -> &[u8; 32]; - fn child_index(&self) -> &Option; + fn child_index(&self) -> Option; fn address(&self) -> nssa::Address; } diff --git a/wallet/src/chain_storage/mod.rs b/wallet/src/chain_storage/mod.rs index cfc0ff0..c7d1700 100644 --- a/wallet/src/chain_storage/mod.rs +++ b/wallet/src/chain_storage/mod.rs @@ -1,4 +1,4 @@ -use std::collections::HashMap; +use std::collections::{HashMap, hash_map::Entry}; use anyhow::Result; use key_protocol::{ @@ -128,10 +128,12 @@ impl WalletChainStore { ) { println!("inserting at address {addr}, this account {account:?}"); - let entry = self.user_data - .default_user_private_accounts - .entry(addr) - .and_modify(|data| data.1 = account); + let entry = self + .user_data + .default_user_private_accounts + .entry(addr) + .and_modify(|data| data.1 = account.clone()); + if matches!(entry, Entry::Vacant(_)) { } else { self.user_data @@ -268,7 +270,7 @@ mod tests { fn create_sample_persistent_accounts() -> Vec { let public_data = ChildKeysPublic::root([42; 64]); let private_data = ChildKeysPrivate::root([47; 64]); - + vec![ PersistentAccountData::Public(PersistentAccountDataPublic { address: public_data.address(), @@ -279,7 +281,7 @@ mod tests { address: private_data.address(), chain_index: ChainIndex::root(), data: private_data, - }) + }), ] } From fc531021fb4f5f34b0d5abc3b091775095516499 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Wed, 26 Nov 2025 07:32:35 +0200 Subject: [PATCH 10/14] fix: comments fix 1 --- wallet/src/chain_storage/mod.rs | 4 ++-- wallet/src/cli/account.rs | 16 +++++++++------- wallet/src/helperfunctions.rs | 2 +- wallet/src/lib.rs | 11 +++++------ 4 files changed, 17 insertions(+), 16 deletions(-) diff --git a/wallet/src/chain_storage/mod.rs b/wallet/src/chain_storage/mod.rs index c7d1700..b5b1c9f 100644 --- a/wallet/src/chain_storage/mod.rs +++ b/wallet/src/chain_storage/mod.rs @@ -36,7 +36,7 @@ impl WalletChainStore { _ => false, }) .cloned() - .unwrap(); + .expect("Malformed persistent account data, must have public root"); let private_root = persistent_accounts .iter() @@ -45,7 +45,7 @@ impl WalletChainStore { _ => false, }) .cloned() - .unwrap(); + .expect("Malformed persistent account data, must have private root"); let mut public_tree = KeyTreePublic::new_from_root(match public_root { PersistentAccountData::Public(data) => data.data, diff --git a/wallet/src/cli/account.rs b/wallet/src/cli/account.rs index b9a7699..abd7a4f 100644 --- a/wallet/src/cli/account.rs +++ b/wallet/src/cli/account.rs @@ -92,11 +92,13 @@ pub enum NewSubcommand { ///Register new public account Public { #[arg(long)] + /// Chain index of a parent node cci: ChainIndex, }, ///Register new private account Private { #[arg(long)] + /// Chain index of a parent node cci: ChainIndex, }, } @@ -274,13 +276,19 @@ impl WalletSubcommand for AccountSubcommand { .await? .last_block; - if !wallet_core + if wallet_core .storage .user_data .private_key_tree .addr_map .is_empty() { + wallet_core.last_synced_block = curr_last_block; + + let path = wallet_core.store_persistent_data().await?; + + println!("Stored persistent data at {path:#?}"); + } else { parse_block_range( last_synced_block + 1, curr_last_block, @@ -288,12 +296,6 @@ impl WalletSubcommand for AccountSubcommand { wallet_core, ) .await?; - } else { - wallet_core.last_synced_block = curr_last_block; - - let path = wallet_core.store_persistent_data().await?; - - println!("Stored persistent data at {path:#?}"); } Ok(SubcommandReturnValue::SyncedToBlock(curr_last_block)) diff --git a/wallet/src/helperfunctions.rs b/wallet/src/helperfunctions.rs index 0d08348..f876777 100644 --- a/wallet/src/helperfunctions.rs +++ b/wallet/src/helperfunctions.rs @@ -91,7 +91,7 @@ pub async fn fetch_config() -> Result { /// Fetch data stored at home /// -/// If file not present, it is considered as empty list of persistent accounts +/// File must be created through setup beforehand. pub async fn fetch_persistent_storage() -> Result { let home = get_home()?; let accs_path = home.join("storage.json"); diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index 75d06df..8b6b71b 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -249,12 +249,14 @@ pub enum Command { Config(ConfigSubcommand), } -/// Represents CLI command for a wallet with setup included +/// Represents overarching CLI command for a wallet with setup included #[derive(Debug, Subcommand, Clone)] #[clap(about)] pub enum OverCommand { + /// Represents CLI command for a wallet #[command(subcommand)] Command(Command), + /// Setup of a storage. Initializes rots for public and private trees from `password`. Setup { #[arg(short, long)] password: String, @@ -369,11 +371,8 @@ pub async fn parse_block_range( if let NSSATransaction::PrivacyPreserving(tx) = nssa_tx { let mut affected_accounts = vec![]; - for (acc_addr, (key_chain, _)) in wallet_core - .storage - .user_data - .default_user_private_accounts - .iter() + for (acc_addr, (key_chain, _)) in + &wallet_core.storage.user_data.default_user_private_accounts { let view_tag = EncryptedAccountData::compute_view_tag( key_chain.nullifer_public_key.clone(), From 77570c48e9962d93d903fbbf881c869ef31e12c7 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Wed, 26 Nov 2025 14:27:09 +0200 Subject: [PATCH 11/14] fix: suggestions 2 --- .../key_management/key_tree/chain_index.rs | 25 +++++++++++++++++- .../key_management/key_tree/keys_private.rs | 26 ++++++++++++++----- 2 files changed, 43 insertions(+), 8 deletions(-) diff --git a/key_protocol/src/key_management/key_tree/chain_index.rs b/key_protocol/src/key_management/key_tree/chain_index.rs index 1ab431a..9d641b3 100644 --- a/key_protocol/src/key_management/key_tree/chain_index.rs +++ b/key_protocol/src/key_management/key_tree/chain_index.rs @@ -49,9 +49,15 @@ impl Display for ChainIndex { } } +impl Default for ChainIndex { + fn default() -> Self { + ChainIndex::from_str("/").expect("Root parsing failure") + } +} + impl ChainIndex { pub fn root() -> Self { - ChainIndex::from_str("/").unwrap() + ChainIndex::default() } pub fn chain(&self) -> &[u32] { @@ -95,6 +101,23 @@ mod tests { assert_eq!(chain_id.chain(), &[257]); } + #[test] + fn test_chain_id_deser_failure_no_root() { + let chain_index_error = ChainIndex::from_str("257").err().unwrap(); + + assert!(matches!(chain_index_error, ChainIndexError::NoRootFound)); + } + + #[test] + fn test_chain_id_deser_failure_int_parsing_failure() { + let chain_index_error = ChainIndex::from_str("/hello").err().unwrap(); + + assert!(matches!( + chain_index_error, + ChainIndexError::ParseIntError(_) + )); + } + #[test] fn test_chain_id_next_in_line_correct() { let chain_id = ChainIndex::from_str("/257").unwrap(); diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs index c29f7d6..c13a6b3 100644 --- a/key_protocol/src/key_management/key_tree/keys_private.rs +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -20,8 +20,14 @@ impl KeyNode for ChildKeysPrivate { fn root(seed: [u8; 64]) -> Self { let hash_value = hmac_sha512::HMAC::mac(seed, "NSSA_master_priv"); - let ssk = SecretSpendingKey(*hash_value.first_chunk::<32>().unwrap()); - let ccc = *hash_value.last_chunk::<32>().unwrap(); + let ssk = SecretSpendingKey( + *hash_value + .first_chunk::<32>() + .expect("hash_value is 64 bytes, must be safe to get first 32"), + ); + let ccc = *hash_value + .last_chunk::<32>() + .expect("hash_value is 64 bytes, must be safe to get last 32"); let nsk = ssk.generate_nullifier_secret_key(); let isk = ssk.generate_incoming_viewing_secret_key(); @@ -57,9 +63,9 @@ impl KeyNode for ChildKeysPrivate { .outgoing_viewing_secret_key .into(), ) - .unwrap() + .expect("Key generated as scalar, must be valid representation") + Scalar::from_repr(self.value.0.private_key_holder.nullifier_secret_key.into()) - .unwrap() + .expect("Key generated as scalar, must be valid representation") * Scalar::from_repr( self.value .0 @@ -67,7 +73,7 @@ impl KeyNode for ChildKeysPrivate { .incoming_viewing_secret_key .into(), ) - .unwrap(); + .expect("Key generated as scalar, must be valid representation"); let mut input = vec![]; input.extend_from_slice(b"NSSA_seed_priv"); @@ -76,8 +82,14 @@ impl KeyNode for ChildKeysPrivate { let hash_value = hmac_sha512::HMAC::mac(input, self.ccc); - let ssk = SecretSpendingKey(*hash_value.first_chunk::<32>().unwrap()); - let ccc = *hash_value.last_chunk::<32>().unwrap(); + let ssk = SecretSpendingKey( + *hash_value + .first_chunk::<32>() + .expect("hash_value is 64 bytes, must be safe to get first 32"), + ); + let ccc = *hash_value + .last_chunk::<32>() + .expect("hash_value is 64 bytes, must be safe to get last 32"); let nsk = ssk.generate_nullifier_secret_key(); let isk = ssk.generate_incoming_viewing_secret_key(); From 30f19b245d0c8cf3de93b41aed83aec2dfdb981f Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Wed, 26 Nov 2025 14:53:26 +0200 Subject: [PATCH 12/14] fix: suggestions fix 3 --- .../key_management/key_tree/keys_public.rs | 11 +++++-- .../src/key_management/key_tree/mod.rs | 33 ++++++++++--------- .../src/key_management/key_tree/traits.rs | 3 ++ .../src/key_management/secret_holders.rs | 11 ++++--- 4 files changed, 36 insertions(+), 22 deletions(-) diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs index 8d31720..a7bfc4f 100644 --- a/key_protocol/src/key_management/key_tree/keys_public.rs +++ b/key_protocol/src/key_management/key_tree/keys_public.rs @@ -34,8 +34,15 @@ impl KeyNode for ChildKeysPublic { let hash_value = hmac_sha512::HMAC::mac(&hash_input, self.ccc); - let csk = nssa::PrivateKey::try_new(*hash_value.first_chunk::<32>().unwrap()).unwrap(); - let ccc = *hash_value.last_chunk::<32>().unwrap(); + let csk = nssa::PrivateKey::try_new( + *hash_value + .first_chunk::<32>() + .expect("hash_value is 64 bytes, must be safe to get first 32"), + ) + .unwrap(); + let ccc = *hash_value + .last_chunk::<32>() + .expect("hash_value is 64 bytes, must be safe to get last 32"); let cpk = nssa::PublicKey::new_from_private_key(&csk); Self { diff --git a/key_protocol/src/key_management/key_tree/mod.rs b/key_protocol/src/key_management/key_tree/mod.rs index e478ce5..5a32a65 100644 --- a/key_protocol/src/key_management/key_tree/mod.rs +++ b/key_protocol/src/key_management/key_tree/mod.rs @@ -16,19 +16,23 @@ pub mod keys_public; pub mod traits; #[derive(Debug, Serialize, Deserialize, Clone)] -pub struct KeyTree { - pub key_map: BTreeMap, +pub struct KeyTree { + pub key_map: BTreeMap, pub addr_map: HashMap, } pub type KeyTreePublic = KeyTree; pub type KeyTreePrivate = KeyTree; -impl KeyTree { +impl KeyTree { pub fn new(seed: &SeedHolder) -> Self { - let seed_fit: [u8; 64] = seed.seed.clone().try_into().unwrap(); + let seed_fit: [u8; 64] = seed + .seed + .clone() + .try_into() + .expect("SeedHolder seed is 64 bytes long"); - let root_keys = Node::root(seed_fit); + let root_keys = N::root(seed_fit); let address = root_keys.address(); let key_map = BTreeMap::from_iter([(ChainIndex::root(), root_keys)]); @@ -37,12 +41,9 @@ impl KeyTree { Self { key_map, addr_map } } - pub fn new_from_root(root: Node) -> Self { - let mut key_map = BTreeMap::new(); - let mut addr_map = HashMap::new(); - - addr_map.insert(root.address(), ChainIndex::root()); - key_map.insert(ChainIndex::root(), root); + pub fn new_from_root(root: N) -> Self { + let addr_map = HashMap::from_iter([(root.address(), ChainIndex::root())]); + let key_map = BTreeMap::from_iter([(ChainIndex::root(), root)]); Self { key_map, addr_map } } @@ -91,7 +92,9 @@ impl KeyTree { pub fn generate_new_node(&mut self, parent_cci: ChainIndex) -> Option { let father_keys = self.key_map.get(&parent_cci)?; - let next_child_id = self.find_next_last_child_of_id(&parent_cci).unwrap(); + let next_child_id = self + .find_next_last_child_of_id(&parent_cci) + .expect("Can be None only if parent is not present"); let next_cci = parent_cci.nth_child(next_child_id); let child_keys = father_keys.nth_child(next_child_id); @@ -104,19 +107,19 @@ impl KeyTree { Some(address) } - pub fn get_node(&self, addr: nssa::Address) -> Option<&Node> { + pub fn get_node(&self, addr: nssa::Address) -> Option<&N> { self.addr_map .get(&addr) .and_then(|chain_id| self.key_map.get(chain_id)) } - pub fn get_node_mut(&mut self, addr: nssa::Address) -> Option<&mut Node> { + pub fn get_node_mut(&mut self, addr: nssa::Address) -> Option<&mut N> { self.addr_map .get(&addr) .and_then(|chain_id| self.key_map.get_mut(chain_id)) } - pub fn insert(&mut self, addr: nssa::Address, chain_index: ChainIndex, node: Node) { + pub fn insert(&mut self, addr: nssa::Address, chain_index: ChainIndex, node: N) { self.addr_map.insert(addr, chain_index.clone()); self.key_map.insert(chain_index, node); } diff --git a/key_protocol/src/key_management/key_tree/traits.rs b/key_protocol/src/key_management/key_tree/traits.rs index d8b2de9..47b3a12 100644 --- a/key_protocol/src/key_management/key_tree/traits.rs +++ b/key_protocol/src/key_management/key_tree/traits.rs @@ -1,6 +1,9 @@ +/// Trait, that reperesents a Node in hierarchical key tree pub trait KeyNode { + /// Tree root node fn root(seed: [u8; 64]) -> Self; + /// `cci`'s child of node fn nth_child(&self, cci: u32) -> Self; fn chain_code(&self) -> &[u8; 32]; diff --git a/key_protocol/src/key_management/secret_holders.rs b/key_protocol/src/key_management/secret_holders.rs index 89808b6..d9dd9fa 100644 --- a/key_protocol/src/key_management/secret_holders.rs +++ b/key_protocol/src/key_management/secret_holders.rs @@ -8,6 +8,8 @@ use rand::{RngCore, rngs::OsRng}; use serde::{Deserialize, Serialize}; use sha2::{Digest, digest::FixedOutput}; +const NSSA_ENTROPY_BYTES: [u8; 32] = [0; 32]; + #[derive(Debug)] ///Seed holder. Non-clonable to ensure that different holders use different seeds. /// Produces `TopSecretKeyHolder` objects. @@ -36,7 +38,8 @@ impl SeedHolder { let mut enthopy_bytes: [u8; 32] = [0; 32]; OsRng.fill_bytes(&mut enthopy_bytes); - let mnemonic = Mnemonic::from_entropy(&enthopy_bytes).unwrap(); + let mnemonic = Mnemonic::from_entropy(&enthopy_bytes) + .expect("Enthropy must be a multiple of 32 bytes"); let seed_wide = mnemonic.to_seed("mnemonic"); Self { @@ -45,10 +48,8 @@ impl SeedHolder { } pub fn new_mnemonic(passphrase: String) -> Self { - // Enthropy bytes must be deterministic as well - let enthopy_bytes: [u8; 32] = [0; 32]; - - let mnemonic = Mnemonic::from_entropy(&enthopy_bytes).unwrap(); + let mnemonic = Mnemonic::from_entropy(&NSSA_ENTROPY_BYTES) + .expect("Enthropy must be a multiple of 32 bytes"); let seed_wide = mnemonic.to_seed(passphrase); Self { From 64e2fb73a89b482b9e61231300cf28b2cda88de0 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Fri, 28 Nov 2025 08:48:11 +0200 Subject: [PATCH 13/14] fix: merge update --- integration_tests/src/test_suite_map.rs | 2 +- key_protocol/src/key_management/key_tree/chain_index.rs | 7 +++++-- wallet/src/chain_storage/mod.rs | 1 - 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/integration_tests/src/test_suite_map.rs b/integration_tests/src/test_suite_map.rs index 7706b1b..1cf71ad 100644 --- a/integration_tests/src/test_suite_map.rs +++ b/integration_tests/src/test_suite_map.rs @@ -1583,7 +1583,7 @@ pub fn prepare_function_map() -> HashMap { #[nssa_integration_test] pub async fn test_pinata_private_receiver_new_account() { - info!("########## test_pinata_private_receiver ##########"); + info!("########## test_pinata_private_receiver_new_account ##########"); let pinata_account_id = PINATA_BASE58; let pinata_prize = 150; let solution = 989106; diff --git a/key_protocol/src/key_management/key_tree/chain_index.rs b/key_protocol/src/key_management/key_tree/chain_index.rs index 9ba9986..e46fc0f 100644 --- a/key_protocol/src/key_management/key_tree/chain_index.rs +++ b/key_protocol/src/key_management/key_tree/chain_index.rs @@ -42,10 +42,13 @@ impl FromStr for ChainIndex { impl Display for ChainIndex { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { write!(f, "/")?; - for cci in &self.0[..(self.0.len() - 1)] { + for cci in &self.0[..(self.0.len().saturating_sub(1))] { write!(f, "{cci}/")?; } - write!(f, "{}", self.0.last().unwrap()) + if let Some(last) = self.0.last() { + write!(f, "{}", last)?; + } + Ok(()) } } diff --git a/wallet/src/chain_storage/mod.rs b/wallet/src/chain_storage/mod.rs index 00378f1..14e931a 100644 --- a/wallet/src/chain_storage/mod.rs +++ b/wallet/src/chain_storage/mod.rs @@ -136,7 +136,6 @@ impl WalletChainStore { .and_modify(|data| data.1 = account.clone()); if matches!(entry, Entry::Vacant(_)) { - } else { self.user_data .private_key_tree .account_id_map From c7ce31d00c4785ed68d6732adc36ba4a13c680d0 Mon Sep 17 00:00:00 2001 From: Pravdyvy Date: Fri, 28 Nov 2025 09:49:05 +0200 Subject: [PATCH 14/14] fix: fmt --- wallet/src/cli/account.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wallet/src/cli/account.rs b/wallet/src/cli/account.rs index ee71f82..6e831d1 100644 --- a/wallet/src/cli/account.rs +++ b/wallet/src/cli/account.rs @@ -1,8 +1,8 @@ use anyhow::Result; use base58::ToBase58; use clap::Subcommand; -use key_protocol::key_management::key_tree::chain_index::ChainIndex; use itertools::Itertools as _; +use key_protocol::key_management::key_tree::chain_index::ChainIndex; use nssa::{Account, AccountId, program::Program}; use serde::Serialize;