derive refresh info from secret seed
This commit is contained in:
parent
80a0fab126
commit
12234083ec
@ -389,3 +389,19 @@ export function setupRefreshPlanchet(
|
||||
coinPub: eddsaGetPublic(coinPriv),
|
||||
};
|
||||
}
|
||||
|
||||
export function setupRefreshTransferPub(
|
||||
secretSeed: Uint8Array,
|
||||
transferPubIndex: number,
|
||||
): EcdheKeyPair {
|
||||
const info = stringToBytes("taler-transfer-pub-derivation");
|
||||
const saltArrBuf = new ArrayBuffer(4);
|
||||
const salt = new Uint8Array(saltArrBuf);
|
||||
const saltDataView = new DataView(saltArrBuf);
|
||||
saltDataView.setUint32(0, transferPubIndex);
|
||||
const out = kdf(32, secretSeed, salt, info);
|
||||
return {
|
||||
ecdhePriv: out,
|
||||
ecdhePub: ecdheGetPublic(out),
|
||||
};
|
||||
}
|
||||
|
@ -47,6 +47,10 @@ import {
|
||||
|
||||
import * as timer from "../../util/timer";
|
||||
import { Logger } from "../../util/logging";
|
||||
import {
|
||||
DerivedRefreshSession,
|
||||
DeriveRefreshSessionRequest,
|
||||
} from "../../types/cryptoTypes";
|
||||
|
||||
const logger = new Logger("cryptoApi.ts");
|
||||
|
||||
@ -417,22 +421,10 @@ export class CryptoApi {
|
||||
return this.doRpc<RecoupRequest>("createRecoupRequest", 1, coin);
|
||||
}
|
||||
|
||||
createRefreshSession(
|
||||
exchangeBaseUrl: string,
|
||||
kappa: number,
|
||||
meltCoin: CoinRecord,
|
||||
newCoinDenoms: DenominationSelectionInfo,
|
||||
meltFee: AmountJson,
|
||||
): Promise<RefreshSessionRecord> {
|
||||
return this.doRpc<RefreshSessionRecord>(
|
||||
"createRefreshSession",
|
||||
4,
|
||||
exchangeBaseUrl,
|
||||
kappa,
|
||||
meltCoin,
|
||||
newCoinDenoms,
|
||||
meltFee,
|
||||
);
|
||||
deriveRefreshSession(
|
||||
req: DeriveRefreshSessionRequest,
|
||||
): Promise<DerivedRefreshSession> {
|
||||
return this.doRpc<DerivedRefreshSession>("deriveRefreshSession", 4, req);
|
||||
}
|
||||
|
||||
signCoinLink(
|
||||
|
@ -63,6 +63,8 @@ import {
|
||||
keyExchangeEcdheEddsa,
|
||||
setupRefreshPlanchet,
|
||||
rsaVerify,
|
||||
getRandomBytes,
|
||||
setupRefreshTransferPub,
|
||||
} from "../talerCrypto";
|
||||
import { randomBytes } from "../primitives/nacl-fast";
|
||||
import { kdf } from "../primitives/kdf";
|
||||
@ -73,6 +75,10 @@ import {
|
||||
} from "../../util/time";
|
||||
|
||||
import { Logger } from "../../util/logging";
|
||||
import {
|
||||
DerivedRefreshSession,
|
||||
DeriveRefreshSessionRequest,
|
||||
} from "../../types/cryptoTypes";
|
||||
|
||||
const logger = new Logger("cryptoImplementation.ts");
|
||||
|
||||
@ -375,21 +381,24 @@ export class CryptoImplementation {
|
||||
return s;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new refresh session.
|
||||
*/
|
||||
createRefreshSession(
|
||||
exchangeBaseUrl: string,
|
||||
kappa: number,
|
||||
meltCoin: CoinRecord,
|
||||
newCoinDenoms: DenominationSelectionInfo,
|
||||
meltFee: AmountJson,
|
||||
): RefreshSessionRecord {
|
||||
const currency = newCoinDenoms.selectedDenoms[0].denom.value.currency;
|
||||
deriveRefreshSession(
|
||||
req: DeriveRefreshSessionRequest,
|
||||
): DerivedRefreshSession {
|
||||
const {
|
||||
newCoinDenoms,
|
||||
feeRefresh: meltFee,
|
||||
kappa,
|
||||
meltCoinDenomPubHash,
|
||||
meltCoinPriv,
|
||||
meltCoinPub,
|
||||
sessionSecretSeed: refreshSessionSecretSeed,
|
||||
} = req;
|
||||
|
||||
const currency = newCoinDenoms[0].value.currency;
|
||||
let valueWithFee = Amounts.getZero(currency);
|
||||
|
||||
for (const ncd of newCoinDenoms.selectedDenoms) {
|
||||
const t = Amounts.add(ncd.denom.value, ncd.denom.feeWithdraw).amount;
|
||||
for (const ncd of newCoinDenoms) {
|
||||
const t = Amounts.add(ncd.value, ncd.feeWithdraw).amount;
|
||||
valueWithFee = Amounts.add(
|
||||
valueWithFee,
|
||||
Amounts.mult(t, ncd.count).amount,
|
||||
@ -409,7 +418,10 @@ export class CryptoImplementation {
|
||||
logger.trace("starting RC computation");
|
||||
|
||||
for (let i = 0; i < kappa; i++) {
|
||||
const transferKeyPair = createEcdheKeyPair();
|
||||
const transferKeyPair = setupRefreshTransferPub(
|
||||
decodeCrock(refreshSessionSecretSeed),
|
||||
i,
|
||||
);
|
||||
sessionHc.update(transferKeyPair.ecdhePub);
|
||||
logger.trace(
|
||||
`HASH transfer_pub ${encodeCrock(transferKeyPair.ecdhePub)}`,
|
||||
@ -418,16 +430,16 @@ export class CryptoImplementation {
|
||||
transferPubs.push(encodeCrock(transferKeyPair.ecdhePub));
|
||||
}
|
||||
|
||||
for (const denomSel of newCoinDenoms.selectedDenoms) {
|
||||
for (const denomSel of newCoinDenoms) {
|
||||
for (let i = 0; i < denomSel.count; i++) {
|
||||
const r = decodeCrock(denomSel.denom.denomPub);
|
||||
const r = decodeCrock(denomSel.denomPub);
|
||||
sessionHc.update(r);
|
||||
logger.trace(`HASH new_coins ${encodeCrock(r)}`);
|
||||
}
|
||||
}
|
||||
|
||||
sessionHc.update(decodeCrock(meltCoin.coinPub));
|
||||
logger.trace(`HASH coin_pub ${meltCoin.coinPub}`);
|
||||
sessionHc.update(decodeCrock(meltCoinPub));
|
||||
logger.trace(`HASH coin_pub ${meltCoinPub}`);
|
||||
sessionHc.update(amountToBuffer(valueWithFee));
|
||||
logger.trace(
|
||||
`HASH melt_amount ${encodeCrock(amountToBuffer(valueWithFee))}`,
|
||||
@ -435,12 +447,12 @@ export class CryptoImplementation {
|
||||
|
||||
for (let i = 0; i < kappa; i++) {
|
||||
const planchets: RefreshPlanchet[] = [];
|
||||
for (let j = 0; j < newCoinDenoms.selectedDenoms.length; j++) {
|
||||
const denomSel = newCoinDenoms.selectedDenoms[j];
|
||||
for (let j = 0; j < newCoinDenoms.length; j++) {
|
||||
const denomSel = newCoinDenoms[j];
|
||||
for (let k = 0; k < denomSel.count; k++) {
|
||||
const coinNumber = planchets.length;
|
||||
const transferPriv = decodeCrock(transferPrivs[i]);
|
||||
const oldCoinPub = decodeCrock(meltCoin.coinPub);
|
||||
const oldCoinPub = decodeCrock(meltCoinPub);
|
||||
const transferSecret = keyExchangeEcdheEddsa(
|
||||
transferPriv,
|
||||
oldCoinPub,
|
||||
@ -450,7 +462,7 @@ export class CryptoImplementation {
|
||||
const coinPub = fresh.coinPub;
|
||||
const blindingFactor = fresh.bks;
|
||||
const pubHash = hash(coinPub);
|
||||
const denomPub = decodeCrock(denomSel.denom.denomPub);
|
||||
const denomPub = decodeCrock(denomSel.denomPub);
|
||||
const ev = rsaBlind(pubHash, blindingFactor, denomPub);
|
||||
const planchet: RefreshPlanchet = {
|
||||
blindingKey: encodeCrock(blindingFactor),
|
||||
@ -481,49 +493,22 @@ export class CryptoImplementation {
|
||||
|
||||
const confirmData = buildSigPS(SignaturePurpose.WALLET_COIN_MELT)
|
||||
.put(sessionHash)
|
||||
.put(decodeCrock(meltCoin.denomPubHash))
|
||||
.put(decodeCrock(meltCoinDenomPubHash))
|
||||
.put(amountToBuffer(valueWithFee))
|
||||
.put(amountToBuffer(meltFee))
|
||||
.put(decodeCrock(meltCoin.coinPub))
|
||||
.put(decodeCrock(meltCoinPub))
|
||||
.build();
|
||||
|
||||
const confirmSig = eddsaSign(confirmData, decodeCrock(meltCoin.coinPriv));
|
||||
const confirmSig = eddsaSign(confirmData, decodeCrock(meltCoinPriv));
|
||||
|
||||
let valueOutput = Amounts.getZero(currency);
|
||||
for (const denomSel of newCoinDenoms.selectedDenoms) {
|
||||
const denom = denomSel.denom;
|
||||
for (let i = 0; i < denomSel.count; i++) {
|
||||
valueOutput = Amounts.add(valueOutput, denom.value).amount;
|
||||
}
|
||||
}
|
||||
|
||||
const newDenoms: string[] = [];
|
||||
const newDenomHashes: string[] = [];
|
||||
|
||||
for (const denomSel of newCoinDenoms.selectedDenoms) {
|
||||
const denom = denomSel.denom;
|
||||
for (let i = 0; i < denomSel.count; i++) {
|
||||
newDenoms.push(denom.denomPub);
|
||||
newDenomHashes.push(denom.denomPubHash);
|
||||
}
|
||||
}
|
||||
|
||||
const refreshSession: RefreshSessionRecord = {
|
||||
const refreshSession: DerivedRefreshSession = {
|
||||
confirmSig: encodeCrock(confirmSig),
|
||||
exchangeBaseUrl,
|
||||
hash: encodeCrock(sessionHash),
|
||||
meltCoinPub: meltCoin.coinPub,
|
||||
newDenomHashes,
|
||||
newDenoms,
|
||||
norevealIndex: undefined,
|
||||
meltCoinPub: meltCoinPub,
|
||||
planchetsForGammas: planchetsForGammas,
|
||||
transferPrivs,
|
||||
transferPubs,
|
||||
amountRefreshOutput: valueOutput,
|
||||
amountRefreshInput: valueWithFee,
|
||||
timestampCreated: getTimestampNow(),
|
||||
finishedTimestamp: undefined,
|
||||
lastError: undefined,
|
||||
meltValueWithFee: valueWithFee,
|
||||
};
|
||||
|
||||
return refreshSession;
|
||||
|
@ -60,6 +60,8 @@ import {
|
||||
import { URL } from "../util/url";
|
||||
import { checkDbInvariant } from "../util/invariants";
|
||||
import { initRetryInfo, updateRetryInfoTimeout } from "../util/retries";
|
||||
import { WALLET_EXCHANGE_PROTOCOL_VERSION } from "./versions";
|
||||
import { RefreshNewDenomInfo } from "../types/cryptoTypes";
|
||||
|
||||
const logger = new Logger("refresh.ts");
|
||||
|
||||
@ -182,13 +184,7 @@ async function refreshCreateSession(
|
||||
return;
|
||||
}
|
||||
|
||||
const refreshSession: RefreshSessionRecord = await ws.cryptoApi.createRefreshSession(
|
||||
exchange.baseUrl,
|
||||
3,
|
||||
coin,
|
||||
newCoinDenoms,
|
||||
oldDenom.feeRefresh,
|
||||
);
|
||||
const sessionSecretSeed = encodeCrock(getRandomBytes(64));
|
||||
|
||||
// Store refresh session for this coin in the database.
|
||||
await ws.db.runWithWriteTransaction(
|
||||
@ -201,7 +197,15 @@ async function refreshCreateSession(
|
||||
if (rg.refreshSessionPerCoin[coinIndex]) {
|
||||
return;
|
||||
}
|
||||
rg.refreshSessionPerCoin[coinIndex] = refreshSession;
|
||||
rg.refreshSessionPerCoin[coinIndex] = {
|
||||
norevealIndex: undefined,
|
||||
sessionSecretSeed: sessionSecretSeed,
|
||||
newDenoms: newCoinDenoms.selectedDenoms.map((x) => ({
|
||||
count: x.count,
|
||||
denomPubHash: x.denom.denomPubHash,
|
||||
})),
|
||||
amountRefreshOutput: newCoinDenoms.totalCoinValue,
|
||||
};
|
||||
await tx.put(Stores.refreshGroups, rg);
|
||||
},
|
||||
);
|
||||
@ -232,24 +236,57 @@ async function refreshMelt(
|
||||
return;
|
||||
}
|
||||
|
||||
const coin = await ws.db.get(Stores.coins, refreshSession.meltCoinPub);
|
||||
const oldCoin = await ws.db.get(
|
||||
Stores.coins,
|
||||
refreshGroup.oldCoinPubs[coinIndex],
|
||||
);
|
||||
checkDbInvariant(!!oldCoin, "melt coin doesn't exist");
|
||||
const oldDenom = await ws.db.get(Stores.denominations, [
|
||||
oldCoin.exchangeBaseUrl,
|
||||
oldCoin.denomPubHash,
|
||||
]);
|
||||
checkDbInvariant(!!oldDenom, "denomination for melted coin doesn't exist");
|
||||
|
||||
if (!coin) {
|
||||
console.error("can't melt coin, it does not exist");
|
||||
return;
|
||||
const newCoinDenoms: RefreshNewDenomInfo[] = [];
|
||||
|
||||
for (const dh of refreshSession.newDenoms) {
|
||||
const newDenom = await ws.db.get(Stores.denominations, [
|
||||
oldCoin.exchangeBaseUrl,
|
||||
dh.denomPubHash,
|
||||
]);
|
||||
checkDbInvariant(
|
||||
!!newDenom,
|
||||
"new denomination for refresh not in database",
|
||||
);
|
||||
newCoinDenoms.push({
|
||||
count: dh.count,
|
||||
denomPub: newDenom.denomPub,
|
||||
feeWithdraw: newDenom.feeWithdraw,
|
||||
value: newDenom.value,
|
||||
});
|
||||
}
|
||||
|
||||
const derived = await ws.cryptoApi.deriveRefreshSession({
|
||||
kappa: 3,
|
||||
meltCoinDenomPubHash: oldCoin.denomPubHash,
|
||||
meltCoinPriv: oldCoin.coinPriv,
|
||||
meltCoinPub: oldCoin.coinPub,
|
||||
feeRefresh: oldDenom.feeRefresh,
|
||||
newCoinDenoms,
|
||||
sessionSecretSeed: refreshSession.sessionSecretSeed,
|
||||
});
|
||||
|
||||
const reqUrl = new URL(
|
||||
`coins/${coin.coinPub}/melt`,
|
||||
refreshSession.exchangeBaseUrl,
|
||||
`coins/${oldCoin.coinPub}/melt`,
|
||||
oldCoin.exchangeBaseUrl,
|
||||
);
|
||||
const meltReq = {
|
||||
coin_pub: coin.coinPub,
|
||||
confirm_sig: refreshSession.confirmSig,
|
||||
denom_pub_hash: coin.denomPubHash,
|
||||
denom_sig: coin.denomSig,
|
||||
rc: refreshSession.hash,
|
||||
value_with_fee: Amounts.stringify(refreshSession.amountRefreshInput),
|
||||
coin_pub: oldCoin.coinPub,
|
||||
confirm_sig: derived.confirmSig,
|
||||
denom_pub_hash: oldCoin.denomPubHash,
|
||||
denom_sig: oldCoin.denomSig,
|
||||
rc: derived.hash,
|
||||
value_with_fee: Amounts.stringify(derived.meltValueWithFee),
|
||||
};
|
||||
logger.trace(`melt request for coin:`, meltReq);
|
||||
|
||||
@ -270,15 +307,15 @@ async function refreshMelt(
|
||||
|
||||
await ws.db.mutate(Stores.refreshGroups, refreshGroupId, (rg) => {
|
||||
const rs = rg.refreshSessionPerCoin[coinIndex];
|
||||
if (rg.timestampFinished) {
|
||||
return;
|
||||
}
|
||||
if (!rs) {
|
||||
return;
|
||||
}
|
||||
if (rs.norevealIndex !== undefined) {
|
||||
return;
|
||||
}
|
||||
if (rs.finishedTimestamp) {
|
||||
return;
|
||||
}
|
||||
rs.norevealIndex = norevealIndex;
|
||||
return rg;
|
||||
});
|
||||
@ -305,48 +342,95 @@ async function refreshReveal(
|
||||
if (norevealIndex === undefined) {
|
||||
throw Error("can't reveal without melting first");
|
||||
}
|
||||
const privs = Array.from(refreshSession.transferPrivs);
|
||||
|
||||
const oldCoin = await ws.db.get(
|
||||
Stores.coins,
|
||||
refreshGroup.oldCoinPubs[coinIndex],
|
||||
);
|
||||
checkDbInvariant(!!oldCoin, "melt coin doesn't exist");
|
||||
const oldDenom = await ws.db.get(Stores.denominations, [
|
||||
oldCoin.exchangeBaseUrl,
|
||||
oldCoin.denomPubHash,
|
||||
]);
|
||||
checkDbInvariant(!!oldDenom, "denomination for melted coin doesn't exist");
|
||||
|
||||
const newCoinDenoms: RefreshNewDenomInfo[] = [];
|
||||
|
||||
for (const dh of refreshSession.newDenoms) {
|
||||
const newDenom = await ws.db.get(Stores.denominations, [
|
||||
oldCoin.exchangeBaseUrl,
|
||||
dh.denomPubHash,
|
||||
]);
|
||||
checkDbInvariant(
|
||||
!!newDenom,
|
||||
"new denomination for refresh not in database",
|
||||
);
|
||||
newCoinDenoms.push({
|
||||
count: dh.count,
|
||||
denomPub: newDenom.denomPub,
|
||||
feeWithdraw: newDenom.feeWithdraw,
|
||||
value: newDenom.value,
|
||||
});
|
||||
}
|
||||
|
||||
const derived = await ws.cryptoApi.deriveRefreshSession({
|
||||
kappa: 3,
|
||||
meltCoinDenomPubHash: oldCoin.denomPubHash,
|
||||
meltCoinPriv: oldCoin.coinPriv,
|
||||
meltCoinPub: oldCoin.coinPub,
|
||||
feeRefresh: oldDenom.feeRefresh,
|
||||
newCoinDenoms,
|
||||
sessionSecretSeed: refreshSession.sessionSecretSeed,
|
||||
});
|
||||
|
||||
const privs = Array.from(derived.transferPrivs);
|
||||
privs.splice(norevealIndex, 1);
|
||||
|
||||
const planchets = refreshSession.planchetsForGammas[norevealIndex];
|
||||
const planchets = derived.planchetsForGammas[norevealIndex];
|
||||
if (!planchets) {
|
||||
throw Error("refresh index error");
|
||||
}
|
||||
|
||||
const meltCoinRecord = await ws.db.get(
|
||||
Stores.coins,
|
||||
refreshSession.meltCoinPub,
|
||||
refreshGroup.oldCoinPubs[coinIndex],
|
||||
);
|
||||
if (!meltCoinRecord) {
|
||||
throw Error("inconsistent database");
|
||||
}
|
||||
|
||||
const evs = planchets.map((x: RefreshPlanchet) => x.coinEv);
|
||||
|
||||
const newDenomsFlat: string[] = [];
|
||||
const linkSigs: string[] = [];
|
||||
|
||||
for (let i = 0; i < refreshSession.newDenoms.length; i++) {
|
||||
const dsel = refreshSession.newDenoms[i];
|
||||
for (let j = 0; j < dsel.count; j++) {
|
||||
const newCoinIndex = linkSigs.length;
|
||||
const linkSig = await ws.cryptoApi.signCoinLink(
|
||||
meltCoinRecord.coinPriv,
|
||||
refreshSession.newDenomHashes[i],
|
||||
refreshSession.meltCoinPub,
|
||||
refreshSession.transferPubs[norevealIndex],
|
||||
planchets[i].coinEv,
|
||||
dsel.denomPubHash,
|
||||
meltCoinRecord.coinPub,
|
||||
derived.transferPubs[norevealIndex],
|
||||
planchets[newCoinIndex].coinEv,
|
||||
);
|
||||
linkSigs.push(linkSig);
|
||||
newDenomsFlat.push(dsel.denomPubHash);
|
||||
}
|
||||
}
|
||||
|
||||
const req = {
|
||||
coin_evs: evs,
|
||||
new_denoms_h: refreshSession.newDenomHashes,
|
||||
rc: refreshSession.hash,
|
||||
new_denoms_h: newDenomsFlat,
|
||||
rc: derived.hash,
|
||||
transfer_privs: privs,
|
||||
transfer_pub: refreshSession.transferPubs[norevealIndex],
|
||||
transfer_pub: derived.transferPubs[norevealIndex],
|
||||
link_sigs: linkSigs,
|
||||
};
|
||||
|
||||
const reqUrl = new URL(
|
||||
`refreshes/${refreshSession.hash}/reveal`,
|
||||
refreshSession.exchangeBaseUrl,
|
||||
`refreshes/${derived.hash}/reveal`,
|
||||
oldCoin.exchangeBaseUrl,
|
||||
);
|
||||
|
||||
const resp = await ws.runSequentialized([EXCHANGE_COINS_LOCK], async () => {
|
||||
@ -362,18 +446,20 @@ async function refreshReveal(
|
||||
|
||||
const coins: CoinRecord[] = [];
|
||||
|
||||
for (let i = 0; i < reveal.ev_sigs.length; i++) {
|
||||
for (let i = 0; i < refreshSession.newDenoms.length; i++) {
|
||||
for (let j = 0; j < refreshSession.newDenoms[i].count; j++) {
|
||||
const newCoinIndex = coins.length;
|
||||
const denom = await ws.db.get(Stores.denominations, [
|
||||
refreshSession.exchangeBaseUrl,
|
||||
refreshSession.newDenomHashes[i],
|
||||
oldCoin.exchangeBaseUrl,
|
||||
refreshSession.newDenoms[i].denomPubHash,
|
||||
]);
|
||||
if (!denom) {
|
||||
console.error("denom not found");
|
||||
continue;
|
||||
}
|
||||
const pc = refreshSession.planchetsForGammas[norevealIndex][i];
|
||||
const pc = derived.planchetsForGammas[norevealIndex][newCoinIndex];
|
||||
const denomSig = await ws.cryptoApi.rsaUnblind(
|
||||
reveal.ev_sigs[i].ev_sig,
|
||||
reveal.ev_sigs[newCoinIndex].ev_sig,
|
||||
pc.blindingKey,
|
||||
denom.denomPub,
|
||||
);
|
||||
@ -385,17 +471,18 @@ async function refreshReveal(
|
||||
denomPub: denom.denomPub,
|
||||
denomPubHash: denom.denomPubHash,
|
||||
denomSig,
|
||||
exchangeBaseUrl: refreshSession.exchangeBaseUrl,
|
||||
exchangeBaseUrl: oldCoin.exchangeBaseUrl,
|
||||
status: CoinStatus.Fresh,
|
||||
coinSource: {
|
||||
type: CoinSourceType.Refresh,
|
||||
oldCoinPub: refreshSession.meltCoinPub,
|
||||
oldCoinPub: refreshGroup.oldCoinPubs[coinIndex],
|
||||
},
|
||||
suspended: false,
|
||||
};
|
||||
|
||||
coins.push(coin);
|
||||
}
|
||||
}
|
||||
|
||||
await ws.db.runWithWriteTransaction(
|
||||
[Stores.coins, Stores.refreshGroups],
|
||||
@ -409,11 +496,6 @@ async function refreshReveal(
|
||||
if (!rs) {
|
||||
return;
|
||||
}
|
||||
if (rs.finishedTimestamp) {
|
||||
logger.warn("refresh session already finished");
|
||||
return;
|
||||
}
|
||||
rs.finishedTimestamp = getTimestampNow();
|
||||
rg.finishedPerCoin[coinIndex] = true;
|
||||
let allDone = true;
|
||||
for (const f of rg.finishedPerCoin) {
|
||||
|
111
packages/taler-wallet-core/src/types/cryptoTypes.ts
Normal file
111
packages/taler-wallet-core/src/types/cryptoTypes.ts
Normal file
@ -0,0 +1,111 @@
|
||||
/*
|
||||
This file is part of GNU Taler
|
||||
(C) 2020 Taler Systems SA
|
||||
|
||||
TALER is free software; you can redistribute it and/or modify it under the
|
||||
terms of the GNU General Public License as published by the Free Software
|
||||
Foundation; either version 3, or (at your option) any later version.
|
||||
|
||||
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
||||
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along with
|
||||
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
|
||||
*/
|
||||
|
||||
/**
|
||||
* Types used by the wallet crypto worker.
|
||||
*
|
||||
* These types are defined in a separate file make tree shaking easier, since
|
||||
* some components use these types (via RPC) but do not depend on the wallet
|
||||
* code directly.
|
||||
*
|
||||
* @author Florian Dold <dold@taler.net>
|
||||
*/
|
||||
|
||||
/**
|
||||
* Imports.
|
||||
*/
|
||||
import { AmountJson } from "../util/amounts";
|
||||
|
||||
export interface RefreshNewDenomInfo {
|
||||
count: number;
|
||||
value: AmountJson;
|
||||
feeWithdraw: AmountJson;
|
||||
denomPub: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Request to derive a refresh session from the refresh session
|
||||
* secret seed.
|
||||
*/
|
||||
export interface DeriveRefreshSessionRequest {
|
||||
sessionSecretSeed: string;
|
||||
kappa: number;
|
||||
meltCoinPub: string;
|
||||
meltCoinPriv: string;
|
||||
meltCoinDenomPubHash: string;
|
||||
newCoinDenoms: RefreshNewDenomInfo[];
|
||||
feeRefresh: AmountJson;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
export interface DerivedRefreshSession {
|
||||
/**
|
||||
* Public key that's being melted in this session.
|
||||
*/
|
||||
meltCoinPub: string;
|
||||
|
||||
/**
|
||||
* Signature to confirm the melting.
|
||||
*/
|
||||
confirmSig: string;
|
||||
|
||||
/**
|
||||
* Planchets for each cut-and-choose instance.
|
||||
*/
|
||||
planchetsForGammas: {
|
||||
/**
|
||||
* Public key for the coin.
|
||||
*/
|
||||
publicKey: string;
|
||||
|
||||
/**
|
||||
* Private key for the coin.
|
||||
*/
|
||||
privateKey: string;
|
||||
|
||||
/**
|
||||
* Blinded public key.
|
||||
*/
|
||||
coinEv: string;
|
||||
|
||||
/**
|
||||
* Blinding key used.
|
||||
*/
|
||||
blindingKey: string;
|
||||
}[][];
|
||||
|
||||
/**
|
||||
* The transfer keys, kappa of them.
|
||||
*/
|
||||
transferPubs: string[];
|
||||
|
||||
/**
|
||||
* Private keys for the transfer public keys.
|
||||
*/
|
||||
transferPrivs: string[];
|
||||
|
||||
/**
|
||||
* Hash of the session.
|
||||
*/
|
||||
hash: string;
|
||||
|
||||
/**
|
||||
* Exact value that is being melted.
|
||||
*/
|
||||
meltValueWithFee: AmountJson;
|
||||
}
|
@ -664,14 +664,17 @@ export interface RefreshPlanchet {
|
||||
* Public key for the coin.
|
||||
*/
|
||||
publicKey: string;
|
||||
|
||||
/**
|
||||
* Private key for the coin.
|
||||
*/
|
||||
privateKey: string;
|
||||
|
||||
/**
|
||||
* Blinded public key.
|
||||
*/
|
||||
coinEv: string;
|
||||
|
||||
/**
|
||||
* Blinding key used.
|
||||
*/
|
||||
@ -991,18 +994,14 @@ export interface RefreshGroupRecord {
|
||||
* Ongoing refresh
|
||||
*/
|
||||
export interface RefreshSessionRecord {
|
||||
lastError: TalerErrorDetails | undefined;
|
||||
|
||||
/**
|
||||
* Public key that's being melted in this session.
|
||||
* 512-bit secret that can be used to derive
|
||||
* the other cryptographic material for the refresh session.
|
||||
*
|
||||
* FIXME: We currently store the derived material, but
|
||||
* should always derive it.
|
||||
*/
|
||||
meltCoinPub: string;
|
||||
|
||||
/**
|
||||
* How much of the coin's value is melted away
|
||||
* with this refresh session?
|
||||
*/
|
||||
amountRefreshInput: AmountJson;
|
||||
sessionSecretSeed: string;
|
||||
|
||||
/**
|
||||
* Sum of the value of denominations we want
|
||||
@ -1011,59 +1010,17 @@ export interface RefreshSessionRecord {
|
||||
amountRefreshOutput: AmountJson;
|
||||
|
||||
/**
|
||||
* Signature to confirm the melting.
|
||||
* Hashed denominations of the newly requested coins.
|
||||
*/
|
||||
confirmSig: string;
|
||||
|
||||
/**
|
||||
* Hased denominations of the newly requested coins.
|
||||
*/
|
||||
newDenomHashes: string[];
|
||||
|
||||
/**
|
||||
* Denominations of the newly requested coins.
|
||||
*/
|
||||
newDenoms: string[];
|
||||
|
||||
/**
|
||||
* Planchets for each cut-and-choose instance.
|
||||
*/
|
||||
planchetsForGammas: RefreshPlanchet[][];
|
||||
|
||||
/**
|
||||
* The transfer keys, kappa of them.
|
||||
*/
|
||||
transferPubs: string[];
|
||||
|
||||
/**
|
||||
* Private keys for the transfer public keys.
|
||||
*/
|
||||
transferPrivs: string[];
|
||||
newDenoms: {
|
||||
denomPubHash: string;
|
||||
count: number;
|
||||
}[];
|
||||
|
||||
/**
|
||||
* The no-reveal-index after we've done the melting.
|
||||
*/
|
||||
norevealIndex?: number;
|
||||
|
||||
/**
|
||||
* Hash of the session.
|
||||
*/
|
||||
hash: string;
|
||||
|
||||
/**
|
||||
* Timestamp when the refresh session finished.
|
||||
*/
|
||||
finishedTimestamp: Timestamp | undefined;
|
||||
|
||||
/**
|
||||
* When has this refresh session been created?
|
||||
*/
|
||||
timestampCreated: Timestamp;
|
||||
|
||||
/**
|
||||
* Base URL for the exchange we're doing the refresh with.
|
||||
*/
|
||||
exchangeBaseUrl: string;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1712,7 +1669,6 @@ class BankWithdrawUrisStore extends Store<
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*/
|
||||
class BackupProvidersStore extends Store<
|
||||
|
Loading…
Reference in New Issue
Block a user