What is the status of the stealth addresses?

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

Quote from: ViewSonic on May 11, 2014, 08:39:16 AM

I will be really interesting to exchange some test coins with another wallets' stealth addresses. If someone will do this - leave a feedback!

be my guest

Code:

waPV5rHToBq3NoR7y5J9UdE7aUbuqJybNpE88Dve7WgWhEfvMrcuaSvF6tSQ3Fbe8dErL6ks8byJPcp3QCK2HHviGCSjg42VgMAPJb

ViewSonic

member

Activity: 116

Merit: 10

I will be really interesting to exchange some test coins with another wallets' stealth addresses. If someone will do this - leave a feedback!

genjix

legendary

Activity: 1232

Merit: 1076

Quote from: piotr_n on May 10, 2014, 08:39:24 AM

Quote from: genjix on May 10, 2014, 08:27:41 AM

In the install-sx.sh script, in the function called install_libbitcoin, change ./configure with --enable-testnet

I think I did that.
Also added "--enable-testnet" for libwallet

I'm looking at config.log in libbitcoin-git and libwallet-git - they both show "ENABLE_TESTNET 1"
But the "sx stealth-show-addr" still says "Invalid stealth address" for any testnet stealth.

At the other hand it has no problems to decode a non-testnet stealth addresses.

EDIT:
I think I know where is the problem.
In libwallet-git/src/stealth.cpp, there should be:

Code:

#ifdef ENABLE_TESTNET
constexpr uint8_t stealth_version_byte = 0x2b;
#else
constexpr uint8_t stealth_version_byte = 0x2a;
#endif

I added that in git.

Also now there is a --develop switch: bash install-sx.sh PREFIX --develop

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

Quote from: genjix on May 10, 2014, 08:27:41 AM

In the install-sx.sh script, in the function called install_libbitcoin, change ./configure with --enable-testnet

I think I did that.
Also added "--enable-testnet" for libwallet

I'm looking at config.log in libbitcoin-git and libwallet-git - they both show "ENABLE_TESTNET 1"
But the "sx stealth-show-addr" still says "Invalid stealth address" for any testnet stealth.

At the other hand it has no problems to decode a non-testnet stealth addresses.

EDIT:
I think I know where is the problem.
In libwallet-git/src/stealth.cpp, there should be:

Code:

#ifdef ENABLE_TESTNET
constexpr uint8_t stealth_version_byte = 0x2b;
#else
constexpr uint8_t stealth_version_byte = 0x2a;
#endif

genjix

legendary

Activity: 1232

Merit: 1076

Quote from: piotr_n on May 10, 2014, 05:29:57 AM

btw, can I have the sx tools for testnet?

the ones I finally managed to build cannot even do

Code:

$ sx stealth-show-addr waPV5rHToBq3NoR7y5J9UdE7aUbuqJybNpE88Dve7WgWhEfvMrcuaSvF6tSQ3Fbe8dErL6ks8byJPcp3QCK2HHviGCSjg42VgMAPJb
sx: Invalid stealth address.

In the install-sx.sh script, in the function called install_libbitcoin, change ./configure with --enable-testnet

this line:

https://github.com/spesmilo/sx/blob/master/install-sx.sh#L313

Code:

install_libbitcoin(){
...
./configure --enable-leveldb --prefix $INSTALL_PREFIX --with-libsecp256k1=$INSTALL_PREFIX --enable-testnet
...
}

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

btw, can I have the sx tools for testnet?

the ones I finally managed to build cannot even do

Code:

$ sx stealth-show-addr waPV5rHToBq3NoR7y5J9UdE7aUbuqJybNpE88Dve7WgWhEfvMrcuaSvF6tSQ3Fbe8dErL6ks8byJPcp3QCK2HHviGCSjg42VgMAPJb
sx: Invalid stealth address.

genjix

legendary

Activity: 1232

Merit: 1076

Quote from: piotr_n on May 10, 2014, 03:45:28 AM

Yep, I saw it already - thx.

But it seems to be already working well in my s/w (sending and receiving).
I can exchanging coins via stealth addresses with DW - don't need sx for it anymore.

Unfortunately sx nor DW support stealth addresses with non-zero length prefixes ATM, so I cannot test that part of mine.
But zero length prefixes seem to work just fine.

correct. glad to hear that.

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

Yep, I saw it already - thx.

But it seems to be already working well in my s/w (sending and receiving).
I can exchanging coins via stealth addresses with DW - don't need sx for it anymore.

Unfortunately sx nor DW support stealth addresses with non-zero length prefixes ATM, so I cannot test that part of mine.
But zero length prefixes seem to work just fine.

genjix

legendary

Activity: 1232

Merit: 1076

piotr, http://sx.dyne.org/stealth.html

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

If I may, I'd like to say that despite of my initial complaints the idea of the stealth addresses, as it has been implemented in DW, is actually pretty cool and works really nice.

Checking an output on whether it belongs to a specific stealth address is not so much time consuming, especially considering the fact that a node usually needs to do a several ECDSA_Verify operations on each transaction anyway.
And the idea with the prefix - very good one.
You can just start with prefix length 0, to protect your anonymity when there are just a few stealth addresses out there..
But when the volume of stealth outputs rises, you can increase the length of your prefix, saving the node's computing power though still staying anonymous.

Whoever designed it, great job!
And thanks - finally somebody not only invented/described, but also delivered an actually useful feature to the bitcoin ecosystem.

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

Yep, and clean up the house.
But since it's after midnight here already, I decided to just have another beer now and postpone any such work till at least tomorrow.

I will like to exchange some test coins with another wallets' stealth addresses, so I'll try to catch you later.
Cheers

genjix

legendary

Activity: 1232

Merit: 1076

piotr you will need to eventually upgrade anyway Grin

we're on freenode irc #darkwallet too if you have any questions https://webchat.freenode.net/ or use XChat

I'm currently improving the stealth commands in SX then will merge to master after.

dabura667

sr. member

Activity: 475

Merit: 252

Quote from: piotr_n on May 06, 2014, 03:30:36 AM

@dabura667
cheers.
so the prefix length cannot be bigger than 32 bits?
and if it was all 32 bits, but I could not find a matching nonce - what then? pick up a different "ephemkey"?

Yes, this is how the current implementation of Dark Wallet does it.

If you run through all the nonces and no match is made, it breaks one do loop and returns to the ephemkey generation in the outer do loop.

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

Quote from: genjix on May 06, 2014, 05:22:49 AM

cmon man upgrade your ubuntu. that is super old! ubuntu 14 is a new LTS

It's because I usually don't upgrade something that works, especially an entire OS.
The only reason I upgraded WinXP to Win7 was that I needed a support for two graphic cards at the same time.

But I did listen to your advise and have upgraded it to 14.04.
The result is that I lost all my user accounts and all the apps, and now... I cannot build the tools again.
Not that I would not had expected it

Code:

CXXLD obworker
/usr/bin/ld: warning: libicuuc.so.48, needed by /usr/local/lib/libboost_regex.so, not found (try using -rpath or -rpath-link)
/usr/bin/ld: warning: libicui18n.so.48, needed by /usr/local/lib/libboost_regex.so, not found (try using -rpath or -rpath-link)
/usr/local/lib/libboost_regex.so: undefined reference to `u_charType_48'
/usr/local/lib/libboost_regex.so: undefined reference to `icu_48::Locale::~Locale()'
/usr/local/lib/libboost_regex.so: undefined reference to `icu_48::Collator::createInstance(icu_48::Locale const&, UErrorCode&)'
/usr/local/lib/libboost_regex.so: undefined reference to `u_digit_48'
/usr/local/lib/libboost_regex.so: undefined reference to `icu_48::Locale::Locale(icu_48::Locale const&)'
/usr/local/lib/libboost_regex.so: undefined reference to `u_tolower_48'
/usr/local/lib/libboost_regex.so: undefined reference to `icu_48::Locale::Locale()'
/usr/local/lib/libboost_regex.so: undefined reference to `u_isblank_48'
/usr/local/lib/libboost_regex.so: undefined reference to `u_charFromName_48'
/usr/local/lib/libboost_regex.so: undefined reference to `u_isspace_48'
collect2: error: ld returned 1 exit status

Anyway, its just my Linux test machine - I don't care about it.
But I did have a working sx, before upgrading - no more, though.

From the good news.
I think the stealth addresses are already working in Gocoin.
It's a bit of a hassle to spend money from such. You need to arm the online part with the scankey's secret and then use TextUI to fetch its balance data.
But using the wallet for spending to a stealth address - this is as easy as it can be; just use a stealth address in place of a regular one and voila.
Although... I cannot quite test it because currently whatever I send to any of my DW testnet addresses (stealth, or not) ends up in a limbo.
So I can only test it against my own client - this one can receive coins via a stealth address and spend it further, using own wallet.

Also I learned that a prefix of 32 bits would kill any wallet, unless you'd hook it to some kind of a mining board.
So my wallet does not support prefixes longer than 24 bits. And no multisig yet.

Thanks anyone for your help. That was fun. Now time to clean up the house a bit

genjix

legendary

Activity: 1232

Merit: 1076

Quote from: piotr_n on May 06, 2014, 03:30:36 AM

@dabura667
cheers.
so the prefix length cannot be bigger than 32 bits?
and if it was all 32 bits, but I could not find a matching nonce - what then? pick up a different "ephemkey"?

@genjix
yeah, I had gone through these specs.
none of them was even close to be as useful as one post from dabura667

btw, building the tools on my old ubuntu 12.04 was a real fight.
first I needed gcc 4.7 (I had 4.6)
then leveldb version was apparently too old
and libbboost - I also had to upgrade this one to 1.49.
the biggest problem was that the errors I saw did not help much to diagnose the problems.
the second biggest: this version of ubuntu would not just upgrade any of these packages in a simple way.

cmon man upgrade your ubuntu. that is super old! ubuntu 14 is a new LTS

ShadowOfHarbringer

legendary

Activity: 1470

Merit: 1006

Bringing Legendary Har® to you since 1952

Quote from: piotr_n on April 30, 2014, 08:11:13 AM

I'm kind of bored recently and even though I was never very enthusiastic about the stealth addresses, it still seems to be the most exciting feature to add to my wallet software.
I know that there are all kind of mailing lists with less and more outdated specs flying around, but since I don't monitor them, could anyone please update me on the most recent status?

Today I have been playing with DarkWallet a bit and from what I see each wallet there has by default one stealth address assigned to it.
I also figured out what this address represents.
For all I know, there are two public keys - one is to encrypt the message (nonce or whatever it is called), while the other one is there to calculate the actual destination for the coins that are being spent.

So, for instance, I got an address vJmyoyfHgvkW2fRbqpANQircWiWDFMHtzyUxbcGsnUCX6z1jEjfArypDBNMeQdmsczkLVoSwYRZ5pS8 YAxxQY7Q2m8SUXB2sZWjB6q - it decodes to:

Code:

2a - version
00 - options
03b5ca63d7bda5b8f70a68864fafa0587e446c52be23150da2b95ad9d6f3e6f71f - scan_pubkey
01 - number of spend keys
0351bec154c01c4f26794da8b0a3019b163b633ea933387f48288ed35cbc833f53 - spend pubkey 1
01 - number sigs
00 - prefix_length
b3fe7b1a - standard checksum of the address

Now, I want to extend my wallet so it would be able to send coins to such an address.
How do I build the transaction?

Is there any spec that I can read?
Any actually working code that makes a transaction which sends money to such an address?

Offtopic: It is nice to finally see you taking matter in your own hands instead of walking around and complaining.

Respect.

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

@dabura667
cheers.
so the prefix length cannot be bigger than 32 bits?
and if it was all 32 bits, but I could not find a matching nonce - what then? pick up a different "ephemkey"?

@genjix
yeah, I had gone through these specs.
none of them was even close to be as useful as one post from dabura667

btw, building the tools on my old ubuntu 12.04 was a real fight.
first I needed gcc 4.7 (I had 4.6)
then leveldb version was apparently too old
and libbboost - I also had to upgrade this one to 1.49.
the biggest problem was that the errors I saw did not help much to diagnose the problems.
the second biggest: this version of ubuntu would not just upgrade any of these packages in a simple way.

genjix

legendary

Activity: 1232

Merit: 1076

https://wiki.unsystem.net/index.php/Install_entire_toolchain

https://wiki.unsystem.net/index.php/Sx/Stealth

https://wiki.unsystem.net/index.php/DarkWallet/Stealth

dabura667

sr. member

Activity: 475

Merit: 252

Quote from: piotr_n on May 05, 2014, 07:17:45 PM

I think it works.

Just one more question.

When you say "brute force a nonce such that SHA256(nonce.concate(ephemkey)) first 4 bytes are equal to the prefix" - what if the prefix is not 4 bytes long?

If it is not than 4. The only difference is the first x bytes must match the prefix of a length x / 8 rounded up.

Also remember that prefix_length is in bits, so to get the number of bytes to compare you must take x / 8 rounded up.

Edit: sorry for all the edits, i just woke up...

Sorry last edit I swear.

Here's the function for comparing the hash with the prefix.

https://github.com/darkwallet/darkwallet/blob/42bb91761555c078f386be2ff6f61f7c033c60f0/js/util/stealth.js
Stealth.checkPrefix is the function.

The function at the very bottom is the loop to brute force the prefix.

piotr_n

legendary

Activity: 2053

Merit: 1356

aka tonikt

I think it works.

Just one more question.

When you say "brute force a nonce such that SHA256(nonce.concate(ephemkey)) first 4 bytes are equal to the prefix" - what if the prefix is not 4 bytes long?

Topic: What is the status of the stealth addresses? (Read 2834 times)