wowario
/
wow-btc-swap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2c8200621d'
${ noResults }
wow-btc-swap/swap/src/protocol/bob/state.rs

589 lines
18 KiB
Raw Normal View History Unescape

Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
use crate::{
Only wait for xmr-lock until t1 expired
3 years ago
bitcoin::{
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
self, current_epoch, wait_for_cancel_timelock_to_expire, CancelTimelock, ExpiredTimelocks,
PunishTimelock, Transaction, TxCancel, Txid,
Only wait for xmr-lock until t1 expired
3 years ago
},
Rename config to execution_params
3 years ago
execution_params::ExecutionParams,
Merge xmr_btc crate Created network, storage and protocol modules. Organised files into the modules where the belong. xmr_btc crate moved into isolated modulein swap crate. Remove the xmr_btc module and integrate into swap crate. Consolidate message related code Reorganise imports Remove unused parent Message enum Remove unused parent State enum Remove unused dependencies from Cargo.toml
3 years ago
monero,
Wait for refund if insufficient Monero is locked up
3 years ago
monero::{monero_private_key, InsufficientFunds, TransferProof},
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
monero_ext::ScalarExt,
Rename bob::Message2 to Message4 As per sequence diagram.
3 years ago
protocol::{
rename alice::Message0 to Message1
3 years ago
alice::{Message1, Message3},
Rename alice::Message0 to Message0 There is now only one message0
3 years ago
bob::{EncryptedSignature, Message0, Message2, Message4},
Only construct proof system once The proof system is a static element and can be reused several times.
3 years ago
CROSS_CURVE_PROOF_SYSTEM,
Rename bob::Message2 to Message4 As per sequence diagram.
3 years ago
},
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
};
Reduce logging when signing transactions 1. We can generalize the signing interface by passing a PSBT in instead of the `TxLock` transaction. 2. Knowing the transaction ID of a transaction that we are about to sign is not very useful. Instead, it is much more useful to know what failed. Hence we add a `.context` to the call of `sign_and_finalize`. 3. In case the signing succeeds, we will immediately broadcast it afterwards. The new broadcasting interface will tell us that we broadcasted the "lock" transaction.
3 years ago
use anyhow::{anyhow, bail, Context, Result};
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
use ecdsa_fun::{
adaptor::{Adaptor, HashTranscript},
nonce::Deterministic,
Signature,
};
Split monero-harness into harness and rpc This allows us to move `monero-harness` and `bitcoin-harness` into `[dev-dependencies]` of `swap`.
3 years ago
use monero_rpc::wallet::BlockHeight;
Remove newlines from import statements to avoid problems Rust fmt automatically groups the imports (from top to bottom) as `pub use` `use crate` and `use`. There is no need to introduce sections which cause annoyance when auto importing using the IDE.
3 years ago
use rand::{CryptoRng, RngCore};
use serde::{Deserialize, Serialize};
use sha2::Sha256;
Only construct proof system once The proof system is a static element and can be reused several times.
3 years ago
use sigma_fun::ext::dl_secp256k1_ed25519_eq::CrossCurveDLEQProof;
Remove newlines from import statements to avoid problems Rust fmt automatically groups the imports (from top to bottom) as `pub use` `use crate` and `use`. There is no need to introduce sections which cause annoyance when auto importing using the IDE.
3 years ago
use std::fmt;
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
Move protocol parent states into appropriate module
3 years ago
#[derive(Debug, Clone)]
pub enum BobState {
Started {
Only pass btc amount to CLI The CLI requests a quote to nectar to know how much xmr it can get. Also align terminology with the sequence diagram.
3 years ago
btc_amount: bitcoin::Amount,
Move protocol parent states into appropriate module
3 years ago
},
Only pass btc amount to CLI The CLI requests a quote to nectar to know how much xmr it can get. Also align terminology with the sequence diagram.
3 years ago
ExecutionSetupDone(State2),
Move protocol parent states into appropriate module
3 years ago
BtcLocked(State3),
Bob saves lock proof after received so he can resume swap
3 years ago
XmrLockProofReceived {
state: State3,
lock_transfer_proof: TransferProof,
monero_wallet_restore_blockheight: BlockHeight,
},
Move protocol parent states into appropriate module
3 years ago
XmrLocked(State4),
EncSigSent(State4),
BtcRedeemed(State5),
CancelTimelockExpired(State4),
BtcCancelled(State4),
BtcRefunded(State4),
Do not introduced State6
3 years ago
XmrRedeemed {
tx_lock_id: bitcoin::Txid,
},
BtcPunished {
tx_lock_id: bitcoin::Txid,
},
Move protocol parent states into appropriate module
3 years ago
SafelyAborted,
}
impl fmt::Display for BobState {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
Only pass btc amount to CLI The CLI requests a quote to nectar to know how much xmr it can get. Also align terminology with the sequence diagram.
3 years ago
BobState::Started { .. } => write!(f, "quote has been requested"),
BobState::ExecutionSetupDone(..) => write!(f, "execution setup done"),
Move protocol parent states into appropriate module
3 years ago
BobState::BtcLocked(..) => write!(f, "btc is locked"),
Bob saves lock proof after received so he can resume swap
3 years ago
BobState::XmrLockProofReceived { .. } => {
write!(f, "XMR lock transaction transfer proof received")
}
Move protocol parent states into appropriate module
3 years ago
BobState::XmrLocked(..) => write!(f, "xmr is locked"),
BobState::EncSigSent(..) => write!(f, "encrypted signature is sent"),
BobState::BtcRedeemed(..) => write!(f, "btc is redeemed"),
BobState::CancelTimelockExpired(..) => write!(f, "cancel timelock is expired"),
BobState::BtcCancelled(..) => write!(f, "btc is cancelled"),
BobState::BtcRefunded(..) => write!(f, "btc is refunded"),
Do not introduced State6
3 years ago
BobState::XmrRedeemed { .. } => write!(f, "xmr is redeemed"),
BobState::BtcPunished { .. } => write!(f, "btc is punished"),
Move protocol parent states into appropriate module
3 years ago
BobState::SafelyAborted => write!(f, "safely aborted"),
}
}
}
Save Bob state during swap
3 years ago
#[derive(Clone, Debug, Deserialize, Serialize, PartialEq)]
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
pub struct State0 {
b: bitcoin::SecretKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
s_b: monero::Scalar,
S_b_monero: monero::PublicKey,
S_b_bitcoin: bitcoin::PublicKey,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
v_b: monero::PrivateViewKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
dleq_proof_s_b: CrossCurveDLEQProof,
Remove custom implementation of bitcoin amount serde This is unnecessary as rust-bitcoin provides it.
4 years ago
#[serde(with = "::bitcoin::util::amount::serde::as_sat")]
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
btc: bitcoin::Amount,
xmr: monero::Amount,
Avoid possible mix up between timelocks Introduce new type to ensure no mix up happens when ordering the fields in function calls.
3 years ago
cancel_timelock: CancelTimelock,
punish_timelock: PunishTimelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
refund_address: bitcoin::Address,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations: u32,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
impl State0 {
pub fn new<R: RngCore + CryptoRng>(
rng: &mut R,
btc: bitcoin::Amount,
xmr: monero::Amount,
Avoid possible mix up between timelocks Introduce new type to ensure no mix up happens when ordering the fields in function calls.
3 years ago
cancel_timelock: CancelTimelock,
punish_timelock: PunishTimelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
refund_address: bitcoin::Address,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations: u32,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
) -> Self {
let b = bitcoin::SecretKey::new_random(rng);
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
let s_b = monero::Scalar::random(rng);
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let v_b = monero::PrivateViewKey::new_random(rng);
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
Only construct proof system once The proof system is a static element and can be reused several times.
3 years ago
let (dleq_proof_s_b, (S_b_bitcoin, S_b_monero)) = CROSS_CURVE_PROOF_SYSTEM.prove(&s_b, rng);
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Self {
b,
s_b,
v_b,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
S_b_bitcoin: bitcoin::PublicKey::from(S_b_bitcoin),
S_b_monero: monero::PublicKey {
point: S_b_monero.compress(),
},
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
btc,
xmr,
Avoid carrying rng
3 years ago
dleq_proof_s_b,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
cancel_timelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
punish_timelock,
refund_address,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
}
Rename alice::Message0 to Message0 There is now only one message0
3 years ago
pub fn next_message(&self) -> Message0 {
Message0 {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
B: self.b.public(),
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
S_b_monero: self.S_b_monero,
S_b_bitcoin: self.S_b_bitcoin,
Avoid carrying rng
3 years ago
dleq_proof_s_b: self.dleq_proof_s_b.clone(),
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
v_b: self.v_b,
refund_address: self.refund_address.clone(),
}
}
Remove `BuildTxLockPsbt` and `GetNetwork` traits These traits were only used once within the `TxLock` constructor. Looking at the rest of the codebase, we don't really seem to follow any abstractions here where the protocol shouldn't know about the exact types that is being passed in. As such, these types are just noise and might as well be removed in favor of simplicity.
3 years ago
pub async fn receive(self, wallet: &bitcoin::Wallet, msg: Message1) -> Result<State1> {
Only construct proof system once The proof system is a static element and can be reused several times.
3 years ago
let valid = CROSS_CURVE_PROOF_SYSTEM.verify(
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
&msg.dleq_proof_s_a,
(
msg.S_a_bitcoin.clone().into(),
msg.S_a_monero
.point
.decompress()
.ok_or_else(|| anyhow!("S_a is not a monero curve point"))?,
),
);
if !valid {
bail!("Alice's dleq proof doesn't verify")
}
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Upgrade rust-bitcoin to 0.25
4 years ago
let tx_lock = bitcoin::TxLock::new(wallet, self.btc, msg.A, self.b.public()).await?;
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let v = msg.v_a + self.v_b;
Ok(State1 {
A: msg.A,
b: self.b,
s_b: self.s_b,
S_a_monero: msg.S_a_monero,
S_a_bitcoin: msg.S_a_bitcoin,
v,
xmr: self.xmr,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
cancel_timelock: self.cancel_timelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
punish_timelock: self.punish_timelock,
refund_address: self.refund_address,
redeem_address: msg.redeem_address,
punish_address: msg.punish_address,
tx_lock,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations: self.min_monero_confirmations,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
})
}
}
Save and recover protocol state from disk NOTE: This implementation saves secrets to disk! It is not secure. The storage API allows the caller to atomically record the state of the protocol. The user can retrieve this recorded state and re-commence the protocol from that point. The state is recorded using a hard coded key, causing it to overwrite the previously recorded state. This limitation means that this recovery mechanism should not be used in a program that simultaneously manages the execution of multiple swaps. An e2e test was added to show how to save, recover and resume protocol execution. This logic could also be integrated into the run_until functions to automate saving but was not included at this stage as protocol execution is currently under development. Serialisation and deserialisation was implemented on the states to allow the to be stored using the database. Currently the secret's are also being stored to disk but should be recovered from a seed or wallets.
4 years ago
#[derive(Debug, Deserialize, Serialize)]
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
pub struct State1 {
A: bitcoin::PublicKey,
b: bitcoin::SecretKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
s_b: monero::Scalar,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
S_a_monero: monero::PublicKey,
S_a_bitcoin: bitcoin::PublicKey,
v: monero::PrivateViewKey,
xmr: monero::Amount,
Avoid possible mix up between timelocks Introduce new type to ensure no mix up happens when ordering the fields in function calls.
3 years ago
cancel_timelock: CancelTimelock,
punish_timelock: PunishTimelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
refund_address: bitcoin::Address,
redeem_address: bitcoin::Address,
punish_address: bitcoin::Address,
tx_lock: bitcoin::TxLock,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations: u32,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
impl State1 {
Rename bob::Message1 to Message2 As per sequence diagram.
3 years ago
pub fn next_message(&self) -> Message2 {
Message2 {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
tx_lock: self.tx_lock.clone(),
}
}
Rename alice::Message1 to Message3 As per sequence diagram.
3 years ago
pub fn receive(self, msg: Message3) -> Result<State2> {
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
let tx_cancel = TxCancel::new(&self.tx_lock, self.cancel_timelock, self.A, self.b.public());
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let tx_refund = bitcoin::TxRefund::new(&tx_cancel, &self.refund_address);
bitcoin::verify_sig(&self.A, &tx_cancel.digest(), &msg.tx_cancel_sig)?;
bitcoin::verify_encsig(
Upgrade rust-bitcoin to 0.25
4 years ago
self.A,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
bitcoin::PublicKey::from(self.s_b.to_secpfun_scalar()),
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
&tx_refund.digest(),
&msg.tx_refund_encsig,
)?;
Ok(State2 {
A: self.A,
b: self.b,
s_b: self.s_b,
S_a_monero: self.S_a_monero,
S_a_bitcoin: self.S_a_bitcoin,
v: self.v,
xmr: self.xmr,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
cancel_timelock: self.cancel_timelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
punish_timelock: self.punish_timelock,
refund_address: self.refund_address,
redeem_address: self.redeem_address,
punish_address: self.punish_address,
tx_lock: self.tx_lock,
tx_cancel_sig_a: msg.tx_cancel_sig,
tx_refund_encsig: msg.tx_refund_encsig,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations: self.min_monero_confirmations,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
})
}
}
Remove generics from Database
4 years ago
#[derive(Debug, Clone, Deserialize, Serialize, PartialEq)]
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
pub struct State2 {
Remove unnecessary pub qualifiers
3 years ago
A: bitcoin::PublicKey,
b: bitcoin::SecretKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
s_b: monero::Scalar,
Remove unnecessary pub qualifiers
3 years ago
S_a_monero: monero::PublicKey,
S_a_bitcoin: bitcoin::PublicKey,
v: monero::PrivateViewKey,
xmr: monero::Amount,
cancel_timelock: CancelTimelock,
punish_timelock: PunishTimelock,
refund_address: bitcoin::Address,
redeem_address: bitcoin::Address,
punish_address: bitcoin::Address,
tx_lock: bitcoin::TxLock,
tx_cancel_sig_a: Signature,
tx_refund_encsig: bitcoin::EncryptedSignature,
min_monero_confirmations: u32,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
impl State2 {
Rename bob::Message2 to Message4 As per sequence diagram.
3 years ago
pub fn next_message(&self) -> Message4 {
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
let tx_cancel = TxCancel::new(&self.tx_lock, self.cancel_timelock, self.A, self.b.public());
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let tx_cancel_sig = self.b.sign(tx_cancel.digest());
let tx_punish =
bitcoin::TxPunish::new(&tx_cancel, &self.punish_address, self.punish_timelock);
let tx_punish_sig = self.b.sign(tx_punish.digest());
Rename bob::Message2 to Message4 As per sequence diagram.
3 years ago
Message4 {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
tx_punish_sig,
tx_cancel_sig,
}
}
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn lock_btc(self, bitcoin_wallet: &bitcoin::Wallet) -> Result<State3> {
Reduce logging when signing transactions 1. We can generalize the signing interface by passing a PSBT in instead of the `TxLock` transaction. 2. Knowing the transaction ID of a transaction that we are about to sign is not very useful. Instead, it is much more useful to know what failed. Hence we add a `.context` to the call of `sign_and_finalize`. 3. In case the signing succeeds, we will immediately broadcast it afterwards. The new broadcasting interface will tell us that we broadcasted the "lock" transaction.
3 years ago
let signed_tx = bitcoin_wallet
.sign_and_finalize(self.tx_lock.clone().into())
.await
.context("failed to sign Bitcoin lock transaction")?;
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Reduce logging when signing transactions 1. We can generalize the signing interface by passing a PSBT in instead of the `TxLock` transaction. 2. Knowing the transaction ID of a transaction that we are about to sign is not very useful. Instead, it is much more useful to know what failed. Hence we add a `.context` to the call of `sign_and_finalize`. 3. In case the signing succeeds, we will immediately broadcast it afterwards. The new broadcasting interface will tell us that we broadcasted the "lock" transaction.
3 years ago
let _ = bitcoin_wallet.broadcast(signed_tx, "lock").await?;
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
Ok(State3 {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
A: self.A,
b: self.b,
s_b: self.s_b,
S_a_monero: self.S_a_monero,
S_a_bitcoin: self.S_a_bitcoin,
v: self.v,
xmr: self.xmr,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
cancel_timelock: self.cancel_timelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
punish_timelock: self.punish_timelock,
refund_address: self.refund_address,
redeem_address: self.redeem_address,
tx_lock: self.tx_lock,
tx_cancel_sig_a: self.tx_cancel_sig_a,
tx_refund_encsig: self.tx_refund_encsig,
Add minimum monero confirmations to config use it for Bob
3 years ago
min_monero_confirmations: self.min_monero_confirmations,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
})
}
}
Save Bob state during swap
3 years ago
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)]
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
pub struct State3 {
Remove unnecessary pub qualifiers
3 years ago
A: bitcoin::PublicKey,
b: bitcoin::SecretKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
s_b: monero::Scalar,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
S_a_monero: monero::PublicKey,
S_a_bitcoin: bitcoin::PublicKey,
v: monero::PrivateViewKey,
xmr: monero::Amount,
Remove unnecessary pub qualifiers
3 years ago
cancel_timelock: CancelTimelock,
Avoid possible mix up between timelocks Introduce new type to ensure no mix up happens when ordering the fields in function calls.
3 years ago
punish_timelock: PunishTimelock,
Remove unnecessary pub qualifiers
3 years ago
refund_address: bitcoin::Address,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
redeem_address: bitcoin::Address,
Remove unnecessary pub qualifiers
3 years ago
tx_lock: bitcoin::TxLock,
tx_cancel_sig_a: Signature,
tx_refund_encsig: bitcoin::EncryptedSignature,
min_monero_confirmations: u32,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
impl State3 {
Remove unnecessary monero wallet trait abstractions
3 years ago
pub async fn watch_for_lock_xmr(
Remember the block-height before XMR lock for generated monero wallet restore height Speeds up wallet creation, because only the blocks after the recorded height will be scanned.
3 years ago
self,
Remove unnecessary monero wallet trait abstractions
3 years ago
xmr_wallet: &monero::Wallet,
Bob saves lock proof after received so he can resume swap
3 years ago
transfer_proof: TransferProof,
Remember monero wallet-height for Alice's refund scenario
3 years ago
monero_wallet_restore_blockheight: BlockHeight,
Remove unnecessary monero wallet trait abstractions
3 years ago
) -> Result<Result<State4, InsufficientFunds>> {
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
let S_b_monero =
monero::PublicKey::from_private_key(&monero::PrivateKey::from_scalar(self.s_b));
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let S = self.S_a_monero + S_b_monero;
Wait for refund if insufficient Monero is locked up
3 years ago
if let Err(e) = xmr_wallet
Replace monero::CheckTransfer with monero::WatchForTransfer Instead of checking once to see if Monero's `TxLock` has been published, the new trait should keep looking until the transaction has been found. The new trait also allows the caller to set an expected number of confirmations on the transaction. The implementation of the trait is currently part of test code, but it should be similar to what we will eventually do for an application.
4 years ago
.watch_for_transfer(
S,
self.v.public(),
Bob saves lock proof after received so he can resume swap
3 years ago
transfer_proof,
Replace monero::CheckTransfer with monero::WatchForTransfer Instead of checking once to see if Monero's `TxLock` has been published, the new trait should keep looking until the transaction has been found. The new trait also allows the caller to set an expected number of confirmations on the transaction. The implementation of the trait is currently part of test code, but it should be similar to what we will eventually do for an application.
4 years ago
self.xmr,
Add minimum monero confirmations to config use it for Bob
3 years ago
self.min_monero_confirmations,
Replace monero::CheckTransfer with monero::WatchForTransfer Instead of checking once to see if Monero's `TxLock` has been published, the new trait should keep looking until the transaction has been found. The new trait also allows the caller to set an expected number of confirmations on the transaction. The implementation of the trait is currently part of test code, but it should be similar to what we will eventually do for an application.
4 years ago
)
Wait for refund if insufficient Monero is locked up
3 years ago
.await
{
return Ok(Err(e));
}
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Wait for refund if insufficient Monero is locked up
3 years ago
Ok(Ok(State4 {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
A: self.A,
b: self.b,
s_b: self.s_b,
S_a_bitcoin: self.S_a_bitcoin,
v: self.v,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
cancel_timelock: self.cancel_timelock,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
punish_timelock: self.punish_timelock,
refund_address: self.refund_address,
redeem_address: self.redeem_address,
tx_lock: self.tx_lock,
tx_cancel_sig_a: self.tx_cancel_sig_a,
tx_refund_encsig: self.tx_refund_encsig,
Remember the block-height before XMR lock for generated monero wallet restore height Speeds up wallet creation, because only the blocks after the recorded height will be scanned.
3 years ago
monero_wallet_restore_blockheight,
Wait for refund if insufficient Monero is locked up
3 years ago
}))
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn wait_for_cancel_timelock_to_expire(
&self,
bitcoin_wallet: &bitcoin::Wallet,
) -> Result<()> {
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
wait_for_cancel_timelock_to_expire(
bitcoin_wallet,
self.cancel_timelock,
self.tx_lock.txid(),
)
.await
Only wait for xmr-lock until t1 expired
3 years ago
}
Rename function explicit to cancellation to cancel For transitioning to state4 we either go into a redeem or a cancellation scenario. The function name state4 is misleading, because it is only used for cancellation scenarios.
3 years ago
pub fn cancel(&self) -> State4 {
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
State4 {
A: self.A,
b: self.b.clone(),
s_b: self.s_b,
S_a_bitcoin: self.S_a_bitcoin,
v: self.v,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
cancel_timelock: self.cancel_timelock,
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
punish_timelock: self.punish_timelock,
refund_address: self.refund_address.clone(),
redeem_address: self.redeem_address.clone(),
tx_lock: self.tx_lock.clone(),
tx_cancel_sig_a: self.tx_cancel_sig_a.clone(),
tx_refund_encsig: self.tx_refund_encsig.clone(),
Remember monero wallet-height for Alice's refund scenario
3 years ago
// For cancel scenarios the monero wallet rescan blockchain height is irrelevant for
// Bob, because Bob's cancel can only lead to refunding on Bitcoin
monero_wallet_restore_blockheight: BlockHeight { height: 0 },
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
}
}
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
pub fn tx_lock_id(&self) -> bitcoin::Txid {
self.tx_lock.txid()
}
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn current_epoch(
&self,
bitcoin_wallet: &bitcoin::Wallet,
) -> Result<ExpiredTimelocks> {
Move current_epoch from lib to bitcoin.rs
3 years ago
current_epoch(
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
bitcoin_wallet,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
self.cancel_timelock,
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
self.punish_timelock,
self.tx_lock.txid(),
)
.await
}
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Save Bob state during swap
3 years ago
#[derive(Debug, Clone, Deserialize, Serialize, PartialEq)]
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
pub struct State4 {
Remove unnecessary pub qualifiers
3 years ago
A: bitcoin::PublicKey,
b: bitcoin::SecretKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
s_b: monero::Scalar,
Remove unnecessary pub qualifiers
3 years ago
S_a_bitcoin: bitcoin::PublicKey,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
v: monero::PrivateViewKey,
Remove unnecessary pub qualifiers
3 years ago
cancel_timelock: CancelTimelock,
Avoid possible mix up between timelocks Introduce new type to ensure no mix up happens when ordering the fields in function calls.
3 years ago
punish_timelock: PunishTimelock,
Remove unnecessary pub qualifiers
3 years ago
refund_address: bitcoin::Address,
redeem_address: bitcoin::Address,
tx_lock: bitcoin::TxLock,
tx_cancel_sig_a: Signature,
tx_refund_encsig: bitcoin::EncryptedSignature,
Remember monero wallet-height for Alice's refund scenario
3 years ago
monero_wallet_restore_blockheight: BlockHeight,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
impl State4 {
Improve names for messages 4 and 5
3 years ago
pub fn next_message(&self) -> EncryptedSignature {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let tx_redeem = bitcoin::TxRedeem::new(&self.tx_lock, &self.redeem_address);
Upgrade rust-bitcoin to 0.25
4 years ago
let tx_redeem_encsig = self.b.encsign(self.S_a_bitcoin, tx_redeem.digest());
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Improve names for messages 4 and 5
3 years ago
EncryptedSignature { tx_redeem_encsig }
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Improve names for messages 4 and 5
3 years ago
pub fn tx_redeem_encsig(&self) -> bitcoin::EncryptedSignature {
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
let tx_redeem = bitcoin::TxRedeem::new(&self.tx_lock, &self.redeem_address);
Upgrade rust-bitcoin to 0.25
4 years ago
self.b.encsign(self.S_a_bitcoin, tx_redeem.digest())
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
}
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn check_for_tx_cancel(
&self,
bitcoin_wallet: &bitcoin::Wallet,
) -> Result<Transaction> {
Upgrade rust-bitcoin to 0.25
4 years ago
let tx_cancel =
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
bitcoin::TxCancel::new(&self.tx_lock, self.cancel_timelock, self.A, self.b.public());
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
let sig_a = self.tx_cancel_sig_a.clone();
let sig_b = self.b.sign(tx_cancel.digest());
let tx_cancel = tx_cancel
.clone()
Remove `Tx` arguments from `add_signatures` functions The only reason we need this argument is because we need to access the output descriptor. We can save that one ahead of time at when we construct the type.
3 years ago
.add_signatures((self.A, sig_a), (self.b.public(), sig_b))
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
.expect(
"sig_{a,b} to be valid signatures for
tx_cancel",
);
let tx = bitcoin_wallet.get_raw_transaction(tx_cancel.txid()).await?;
Ok(tx)
}
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn submit_tx_cancel(&self, bitcoin_wallet: &bitcoin::Wallet) -> Result<Txid> {
Upgrade rust-bitcoin to 0.25
4 years ago
let tx_cancel =
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
bitcoin::TxCancel::new(&self.tx_lock, self.cancel_timelock, self.A, self.b.public());
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
let sig_a = self.tx_cancel_sig_a.clone();
let sig_b = self.b.sign(tx_cancel.digest());
let tx_cancel = tx_cancel
.clone()
Remove `Tx` arguments from `add_signatures` functions The only reason we need this argument is because we need to access the output descriptor. We can save that one ahead of time at when we construct the type.
3 years ago
.add_signatures((self.A, sig_a), (self.b.public(), sig_b))
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
.expect(
"sig_{a,b} to be valid signatures for
tx_cancel",
);
Unify logging of broadcasted transactions We eliminate unnecessary layers of indirection for broadcasting logic and force our callers to provide us with the `kind` of transaction that we are publishing. Eventually, we can replace this string with some type-system magic we can derive the name from the actual transaction. For now, we just require the caller to duplicate this information because it is faster and good enough TM.
3 years ago
let tx_id = bitcoin_wallet.broadcast(tx_cancel, "cancel").await?;
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
Ok(tx_id)
}
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn watch_for_redeem_btc(&self, bitcoin_wallet: &bitcoin::Wallet) -> Result<State5> {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let tx_redeem = bitcoin::TxRedeem::new(&self.tx_lock, &self.redeem_address);
Upgrade rust-bitcoin to 0.25
4 years ago
let tx_redeem_encsig = self.b.encsign(self.S_a_bitcoin, tx_redeem.digest());
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Loop on blockchain call instead of delaying Previously there was a delay making a get raw transaction call to give some time for a transaction to be confirmed on the blockchain. This has been replaced with a loop that waits until the call is succesful.
4 years ago
let tx_redeem_candidate = bitcoin_wallet
.watch_for_raw_transaction(tx_redeem.txid())
Allow blockchain calls to fail Prior to this change, functions could not fail early on permanent errors eg. parsing a url. Merged error enums.
3 years ago
.await?;
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let tx_redeem_sig =
tx_redeem.extract_signature_by_key(tx_redeem_candidate, self.b.public())?;
Upgrade rust-bitcoin to 0.25
4 years ago
let s_a = bitcoin::recover(self.S_a_bitcoin, tx_redeem_sig, tx_redeem_encsig)?;
Update cross-curve-dleq dependency Making build times considerably faster. On my machine, after running `cargo clean`, `cargo build -p swap` takes 2min 19s. The updated dependency also comes with a critical fix to the `Scalar` type, which originally wrongly assumed that secp256k1 and ed25519 scalars had the same endianness. For this reason, we now have to reverse the bytes of recovered scalars if we are to use them on a different chain. Finally, there is no need to append `RUST_MIN_STACK=100000000` to avoid stack overflows in tests and when running the binary.
4 years ago
let s_a = monero::private_key_from_secp256k1_scalar(s_a.into());
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
Ok(State5 {
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
s_a,
s_b: self.s_b,
v: self.v,
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
tx_lock: self.tx_lock.clone(),
Remember the block-height before XMR lock for generated monero wallet restore height Speeds up wallet creation, because only the blocks after the recorded height will be scanned.
3 years ago
monero_wallet_restore_blockheight: self.monero_wallet_restore_blockheight,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
})
}
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn wait_for_cancel_timelock_to_expire(
&self,
bitcoin_wallet: &bitcoin::Wallet,
) -> Result<()> {
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
wait_for_cancel_timelock_to_expire(
bitcoin_wallet,
self.cancel_timelock,
self.tx_lock.txid(),
)
.await
Add Alice execution path Consolidate and simplify swap execution. Generators are no longer needed. Consolidate recovery and swap data structures. The recursive calls can be replaced with a loop if returning prior to completion is desired for testing purposes. Fill out alice abort path Move state machine executors into seperate files Not compiling due to recursion/async issues Fix async recursion compilation errors Fix Bob swap execution Remove check for ack message from Alice. Seems like a bad idea to rely on an acknowledgement message instead of looking at the blockchain. Fix Bob abort Fix warnings Xmr lock complete Add TxCancel submit to XmrLocked Bob swap completed Remove alice
4 years ago
}
Add Bob refund execution
3 years ago
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn expired_timelock(
&self,
bitcoin_wallet: &bitcoin::Wallet,
) -> Result<ExpiredTimelocks> {
Move current_epoch from lib to bitcoin.rs
3 years ago
current_epoch(
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
bitcoin_wallet,
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
self.cancel_timelock,
Ensure that Bob can cancel correctly if T1 expired and Alice did not move Bob has to check for the possibility to cancel in every state after he locked the BTC. Otherwise Bob will try to perform actions that don't have any point.
3 years ago
self.punish_timelock,
self.tx_lock.txid(),
)
.await
Add Bob refund execution
3 years ago
}
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
pub async fn refund_btc(
Configuration for RPC urls and Bitcoin wallet name
3 years ago
&self,
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
bitcoin_wallet: &bitcoin::Wallet,
Configuration for RPC urls and Bitcoin wallet name
3 years ago
execution_params: ExecutionParams,
Remove traits in favor of using the wallet struct directly Abstracting over the individual bits of functionality of the wallet does have its place, especially if one wants to keep a separation of an abstract protocol library that other people can use with their own wallets. However, at the moment, the traits only cause unnecessary friction. We can always add such abstraction layers again once we need them.
3 years ago
) -> Result<()> {
Add Bob refund execution
3 years ago
let tx_cancel =
Remove Refund timelock and T0/T1/T2 There are no refund timelock, only a cancellation timelock and punish timelock. Refund can be done as soon as the cancellation transaction is published.
3 years ago
bitcoin::TxCancel::new(&self.tx_lock, self.cancel_timelock, self.A, self.b.public());
Add Bob refund execution
3 years ago
let tx_refund = bitcoin::TxRefund::new(&tx_cancel, &self.refund_address);
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
let adaptor = Adaptor::<HashTranscript<Sha256>, Deterministic<Sha256>>::default();
Add Bob refund execution
3 years ago
Wait for Bob's refund finality For Alice we ensure to wait for redeem/punish finality, so it should be the same for Bob.
3 years ago
let sig_b = self.b.sign(tx_refund.digest());
let sig_a =
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
adaptor.decrypt_signature(&self.s_b.to_secpfun_scalar(), self.tx_refund_encsig.clone());
Add Bob refund execution
3 years ago
Remove `Tx` arguments from `add_signatures` functions The only reason we need this argument is because we need to access the output descriptor. We can save that one ahead of time at when we construct the type.
3 years ago
let signed_tx_refund =
tx_refund.add_signatures((self.A, sig_a), (self.b.public(), sig_b))?;
Add Bob refund execution
3 years ago
Unify logging of broadcasted transactions We eliminate unnecessary layers of indirection for broadcasting logic and force our callers to provide us with the `kind` of transaction that we are publishing. Eventually, we can replace this string with some type-system magic we can derive the name from the actual transaction. For now, we just require the caller to duplicate this information because it is faster and good enough TM.
3 years ago
let txid = bitcoin_wallet.broadcast(signed_tx_refund, "refund").await?;
Add Bob refund execution
3 years ago
Wait for Bob's refund finality For Alice we ensure to wait for redeem/punish finality, so it should be the same for Bob.
3 years ago
bitcoin_wallet
Configuration for RPC urls and Bitcoin wallet name
3 years ago
.wait_for_transaction_finality(txid, execution_params)
Wait for Bob's refund finality For Alice we ensure to wait for redeem/punish finality, so it should be the same for Bob.
3 years ago
.await?;
Add Bob refund execution
3 years ago
Ok(())
}
Add alice punish test Use reusable test init functions for happy path test Extract tracing setup to reusable function Move test initialization to seperate functions Increase stack size in CI Fix monero max finality time Force Bob swarm polling to send message 2 Run Bob state to xmr_locked in punish test to force the sending of message2. Previously Bob state was run until btc_locked. Although this was the right thing to do, message2 was not being sent as the swarm was not polled in btc_locked. Alice punish test passes. Add info logging to executor
4 years ago
pub fn tx_lock_id(&self) -> bitcoin::Txid {
self.tx_lock.txid()
}
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Save Bob state during swap
3 years ago
#[derive(Debug, Clone, Deserialize, Serialize, PartialEq)]
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
pub struct State5 {
Save and recover protocol state from disk NOTE: This implementation saves secrets to disk! It is not secure. The storage API allows the caller to atomically record the state of the protocol. The user can retrieve this recorded state and re-commence the protocol from that point. The state is recorded using a hard coded key, causing it to overwrite the previously recorded state. This limitation means that this recovery mechanism should not be used in a program that simultaneously manages the execution of multiple swaps. An e2e test was added to show how to save, recover and resume protocol execution. This logic could also be integrated into the run_until functions to automate saving but was not included at this stage as protocol execution is currently under development. Serialisation and deserialisation was implemented on the states to allow the to be stored using the database. Currently the secret's are also being stored to disk but should be recovered from a seed or wallets.
4 years ago
#[serde(with = "monero_private_key")]
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
s_a: monero::PrivateKey,
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
s_b: monero::Scalar,
Remove unnecessary pub qualifiers
3 years ago
v: monero::PrivateViewKey,
tx_lock: bitcoin::TxLock,
Remember monero wallet-height for Alice's refund scenario
3 years ago
monero_wallet_restore_blockheight: BlockHeight,
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
impl State5 {
Remove unnecessary monero wallet trait abstractions
3 years ago
pub async fn claim_xmr(&self, monero_wallet: &monero::Wallet) -> Result<()> {
Upgrade to bdk 4.0 To achieve this we also: - upgrade rust-bitcoin to 0.26 - upgrade bitcoin-harness to latest version (which also depends bitcoin 0.26) - upgrade to latest edcsa-fun - replace cross_curve_dleq proof with sigma_fun (to avoid an upgrade dance over there)
3 years ago
let s_b = monero::PrivateKey { scalar: self.s_b };
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
let s = self.s_a + s_b;
// NOTE: This actually generates and opens a new wallet, closing the currently
// open one.
Rename ImportOutput to reflect purpose
4 years ago
monero_wallet
Work in review comments
3 years ago
.create_from_and_load(s, self.v, self.monero_wallet_restore_blockheight)
Rename ImportOutput to reflect purpose
4 years ago
.await?;
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
Ok(())
}
Execute Alice and Bob state machines concurrently Previously we were testing the protocol by manually driving Alice and Bob's state machines. This logic has now be moved to an async state transition function that can take any possible state as input. The state transition function is called in a loop until it returns the desired state. This allows use to interrupt midway through the protocol and perform refund and punish tests. This design was chosen over a generator based implementation because the the generator based implementation results in a impure state transition function that is difficult to reason about and prone to bugs. Test related code was extracted into the tests folder. The 2b and 4b states were renamed to be consistent with the rest. Macros were used to reduce code duplication when converting child states to their parent states and vice versa. Todos were added were neccessary.
4 years ago
pub fn tx_lock_id(&self) -> bitcoin::Txid {
self.tx_lock.txid()
}
Swap Monero for Bitcoin Co-authored-by: rishflab <rishflab@hotmail.com> Co-authored-by: Philipp Hoenisch <philipp@hoenisch.at> Co-authored-by: Tobin C. Harding <tobin@coblox.tech>
4 years ago
}