arnaucube
/
derosuite
mirror of https://github.com/arnaucube/derosuite.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commits
1 Branch
0 Tags
68 MiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
derosuite/blockchain/transaction_verify.go

300 lines
11 KiB
Raw Permalink Normal View History

Derosuite Status Update Release 2
6 years ago
updated paths of the derosuite package
6 years ago
Derosuite Status Update Release 2
6 years ago
updated paths of the derosuite package
6 years ago
Derosuite Status Update Release 2
6 years ago
updated paths of the derosuite package
6 years ago
Derosuite Status Update Release 2
6 years ago
  1. // Copyright 2017-2018 DERO Project. All rights reserved.
  2. // Use of this source code in any form is governed by RESEARCH license.
  3. // license can be found in the LICENSE file.
  4. // GPG: 0F39 E425 8C65 3947 702A 8234 08B2 0360 A03A 9DE8
  5. //
  6. //
  7. // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
  8. // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  9. // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
  10. // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  11. // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  12. // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  13. // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  14. // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
  15. // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  17. package blockchain
  19. //import "fmt"
  20. //import "time"
  21. /*import "bytes"
  22. import "encoding/binary"
  24. import "github.com/romana/rlog"
  26. */
  27. //import "github.com/romana/rlog"
  29. import "runtime/debug"
  31. import log "github.com/sirupsen/logrus"
  33. import "github.com/arnaucode/derosuite/block"
  34. import "github.com/arnaucode/derosuite/crypto"
  35. import "github.com/arnaucode/derosuite/globals"
  36. import "github.com/arnaucode/derosuite/crypto/ringct"
  37. import "github.com/arnaucode/derosuite/transaction"
  38. import "github.com/arnaucode/derosuite/emission"
  40. /* This function verifies tx fully, means all checks,
  41. * if the transaction has passed the check it can be added to mempool, relayed or added to blockchain
  42. * the transaction has already been deserialized thats it
  43. * */
  44. func (chain *Blockchain) Verify_Transaction(tx *transaction.Transaction) (result bool) {
  46. return false
  47. }
  49. /* Coinbase transactions need to verify the amount of coins
  50. * */
  51. func (chain *Blockchain) Verify_Transaction_Coinbase(cbl *block.Complete_Block, minertx *transaction.Transaction) (result bool) {
  53. if !minertx.IsCoinbase() { // transaction is not coinbase, return failed
  54. return false
  55. }
  57. // coinbase transactions only have 1 vin, 1 vout
  58. if len(minertx.Vin) != 1 {
  59. return false
  60. }
  62. if len(minertx.Vout) != 1 {
  63. return false
  64. }
  66. // check whether the height mentioned in tx.Vin is equal to block height
  67. // this does NOT hold for genesis block so test it differently
  69. expected_height := chain.Load_Height_for_BL_ID(cbl.Bl.Prev_Hash)
  70. expected_height++
  71. if cbl.Bl.GetHash() == globals.Config.Genesis_Block_Hash {
  72. expected_height = 0
  73. }
  74. if minertx.Vin[0].(transaction.Txin_gen).Height != expected_height {
  75. logger.Warnf(" Rejected Height %d should be %d", minertx.Vin[0].(transaction.Txin_gen).Height, chain.Load_Height_for_BL_ID(cbl.Bl.Prev_Hash))
  76. return false
  78. }
  80. // verify coins amount ( minied amount ) + the fees colllected which is sum of all tx included in this block
  81. // and whether it has been calculated correctly
  82. total_fees := uint64(0)
  83. for i := 0; i < len(cbl.Txs); i++ {
  84. total_fees += cbl.Txs[i].RctSignature.Get_TX_Fee()
  85. }
  87. total_reward := minertx.Vout[0].Amount
  88. base_reward := total_reward - total_fees
  90. // size of block = size of miner_tx + size of all non coinbase tx
  91. sizeofblock := uint64(0)
  92. sizeofblock += uint64(len(cbl.Bl.Miner_tx.Serialize()))
  93. // logger.Infof("size of block %d sizeof miner tx %d", sizeofblock, len(cbl.Bl.Miner_tx.Serialize()))
  94. for i := 0; i < len(cbl.Txs); i++ {
  95. sizeofblock += uint64(len(cbl.Txs[i].Serialize()))
  96. // logger.Infof("size of tx i %d tx size %d total size %d", i, uint64(len(cbl.Txs[i].Serialize())) ,sizeofblock)
  97. }
  99. median_block_size := chain.Get_Median_BlockSize_At_Block(cbl.Bl.Prev_Hash)
  101. already_generated_coins := chain.Load_Already_Generated_Coins_for_BL_ID(cbl.Bl.Prev_Hash)
  103. base_reward_calculated := emission.GetBlockReward(median_block_size, sizeofblock, already_generated_coins, 6, 0)
  104. if base_reward != base_reward_calculated {
  105. logger.Warnf("Base reward %d should be %d", base_reward, base_reward_calculated)
  106. logger.Warnf("median_block_size %d block_size %d already already_generated_coins %d", median_block_size, sizeofblock,
  107. already_generated_coins)
  108. return false
  109. }
  111. /*
  112. for i := sizeofblock-4000; i < (sizeofblock+4000);i++{
  113. // now we need to verify whether base reward is okay
  114. //base_reward_calculated := emission.GetBlockReward(median_block_size,sizeofblock,already_generated_coins,6,0)
  116. base_reward_calculated := emission.GetBlockReward(median_block_size,i,already_generated_coins,6,0)
  118. if base_reward == base_reward_calculated {
  119. logger.Warnf("Base reward %d should be %d size %d", base_reward, base_reward_calculated,i)
  121. }
  123. }
  124. */
  126. return true
  127. }
  129. // all non miner tx must be non-coinbase tx
  130. // each check is placed in a separate block of code, to avoid ambigous code or faulty checks
  131. // all check are placed and not within individual functions ( so as we cannot skip a check )
  132. func (chain *Blockchain) Verify_Transaction_NonCoinbase(tx *transaction.Transaction) (result bool) {
  133. result = false
  135. var tx_hash crypto.Hash
  136. defer func() { // safety so if anything wrong happens, verification fails
  137. if r := recover(); r != nil {
  138. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("Recovered while Verifying transaction, failed verification, Stack trace below")
  139. logger.Warnf("Stack trace \n%s", debug.Stack())
  140. result = false
  141. }
  142. }()
  144. tx_hash = tx.GetHash()
  146. if tx.Version != 2 {
  147. return false
  148. }
  150. // make sure atleast 1 vin and 1 vout are there
  151. if len(tx.Vin) < 1 || len(tx.Vout) < 1 {
  152. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("Incoming TX does NOT have atleast 1 vin and 1 vout")
  153. return false
  154. }
  156. // this means some other checks have failed somewhere else
  157. if tx.IsCoinbase() { // transaction coinbase must never come here
  158. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("Coinbase tx in non coinbase path, Please investigate")
  159. return false
  160. }
  162. // Vin can be only specific type rest all make the fail case
  163. for i := 0; i < len(tx.Vin); i++ {
  164. switch tx.Vin[i].(type) {
  165. case transaction.Txin_gen:
  166. return false // this is for coinbase so fail it
  167. case transaction.Txin_to_key: // pass
  168. default:
  169. return false
  170. }
  171. }
  173. // Vout can be only specific type rest all make th fail case
  174. for i := 0; i < len(tx.Vout); i++ {
  175. switch tx.Vout[i].Target.(type) {
  176. case transaction.Txout_to_key: // pass
  177. default:
  178. return false
  179. }
  180. }
  182. // Vout should have amount 0
  183. for i := 0; i < len(tx.Vout); i++ {
  184. if tx.Vout[i].Amount != 0 {
  185. logger.WithFields(log.Fields{"txid": tx_hash, "Amount": tx.Vout[i].Amount}).Warnf("Amount must be zero in ringCT world")
  186. return false
  187. }
  188. }
  190. // just some extra logs for testing purposes
  191. if len(tx.Vin) >= 3 {
  192. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("tx has more than 3 inputs")
  193. }
  195. if len(tx.Vout) >= 3 {
  196. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("tx has more than 3 outputs")
  197. }
  199. // check the mixin , it should be atleast 4 and should be same through out the tx ( all other inputs)
  200. // someone did send a mixin of 3 in 12006 block height
  201. mixin := len(tx.Vin[0].(transaction.Txin_to_key).Key_offsets)
  202. if mixin < 3 {
  203. logger.WithFields(log.Fields{"txid": tx_hash, "Mixin": mixin}).Warnf("Mixin must be atleast 3 in ringCT world")
  204. return false
  205. }
  206. for i := 0; i < len(tx.Vin); i++ {
  207. if mixin != len(tx.Vin[i].(transaction.Txin_to_key).Key_offsets) {
  208. logger.WithFields(log.Fields{"txid": tx_hash, "Mixin": mixin}).Warnf("Mixin must be same for entire TX in ringCT world")
  209. return false
  210. }
  211. }
  213. // duplicate ringmembers are not allowed, check them here
  214. // just in case protect ourselves as much as we can
  215. for i := 0; i < len(tx.Vin); i++ {
  216. ring_members := map[uint64]bool{} // create a separate map for each input
  217. ring_member := uint64(0)
  218. for j := 0; j < len(tx.Vin[i].(transaction.Txin_to_key).Key_offsets); j++ {
  219. ring_member += tx.Vin[i].(transaction.Txin_to_key).Key_offsets[j]
  220. if _, ok := ring_members[ring_member]; ok {
  221. logger.WithFields(log.Fields{"txid": tx_hash, "input_index": i}).Warnf("Duplicate ring member within the TX")
  222. return false
  223. }
  224. ring_members[ring_member] = true // add member to ring member
  225. }
  226. }
  228. // check whether the key image is duplicate within the inputs
  229. // NOTE: a block wide key_image duplication is done during block testing but we are still keeping it
  230. {
  231. kimages := map[crypto.Hash]bool{}
  232. for i := 0; i < len(tx.Vin); i++ {
  233. if _, ok := kimages[tx.Vin[i].(transaction.Txin_to_key).K_image]; ok {
  234. logger.WithFields(log.Fields{
  235. "txid": tx_hash,
  236. "kimage": tx.Vin[i].(transaction.Txin_to_key).K_image,
  237. }).Warnf("TX using duplicate inputs within the TX")
  238. return false
  239. }
  240. kimages[tx.Vin[i].(transaction.Txin_to_key).K_image] = true // add element to map for next check
  241. }
  242. }
  244. // check whether the key image is low order attack, if yes reject it right now
  245. for i := 0; i < len(tx.Vin); i++ {
  246. k_image := ringct.Key(tx.Vin[i].(transaction.Txin_to_key).K_image)
  247. curve_order := ringct.CurveOrder()
  248. mult_result := ringct.ScalarMultKey(&k_image, &curve_order)
  249. if *mult_result != ringct.Identity {
  250. logger.WithFields(log.Fields{
  251. "txid": tx_hash,
  252. "kimage": tx.Vin[i].(transaction.Txin_to_key).K_image,
  253. "curve_order": curve_order,
  254. "mult_result": *mult_result,
  255. "identity": ringct.Identity,
  256. }).Warnf("TX contains a low order key image attack, but we are already safeguarded")
  257. return false
  258. }
  259. }
  261. // a similiar block level check is done for double spending attacks within the block itself
  262. // check whether the key image is already used or spent earlier ( in blockchain )
  263. /*
  264. for i := 0; i < len(tx.Vin); i++ {
  265. k_image := ringct.Key(tx.Vin[i].(transaction.Txin_to_key).K_image)
  266. if chain.Read_KeyImage_Status(crypto.Hash(k_image)) {
  267. logger.WithFields(log.Fields{
  268. "txid": tx_hash,
  269. "kimage": k_image,
  270. }).Warnf("Key image is already spent, attempt to double spend ")
  271. return false
  272. }
  273. }
  274. */
  275. // check whether the TX contains a signature or NOT
  276. switch tx.RctSignature.Get_Sig_Type() {
  277. case ringct.RCTTypeSimple, ringct.RCTTypeFull: // default case, pass through
  278. default:
  279. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("TX does NOT contain a ringct signature. It is NOT possible")
  280. return false
  281. }
  283. // expand the signature first
  284. // whether the inputs are mature and can be used at time is verified while expanding the inputs
  285. if !chain.Expand_Transaction_v2(tx) {
  286. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("TX inputs could not be expanded or inputs are NOT mature")
  287. return false
  288. }
  290. // check the ring signature
  291. if !tx.RctSignature.Verify() {
  292. logger.WithFields(log.Fields{"txid": tx_hash}).Warnf("TX RCT Signature failed")
  293. return false
  295. }
  297. logger.WithFields(log.Fields{"txid": tx_hash}).Debugf("TX successfully verified")
  299. return true
  300. }