Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 837. (Read 4670673 times)

Good to know, are the code portions that have been fixed been commented as well? As soon as there is a flowchart the task of absorbing this project may be to the level where I can manage it. Getting old and forgetful is a real bitch. :|

pull request

Yes that is clearly the intent. If you find some missing you can open issues or better yet a pull request with a fix.

This has been done. The new code has extensive comments, including block comments that describe design and implementation issues and decisions. Several other areas of the code have had comments added (by various project contributors). The original code apparently had nearly all the comments programmatically stripped out. (I have no idea how well commented it was before they were stripped, of course.) We have to do the best we can with that.

According to this comment that should be the entire list, if my English comprehension is not failing me.

This is a list of the daemon and wallet RPC calls, along with their inputs and outputs.

BTW, I am not knocking the contributions made as just by my cursory looks at the code it is a daunting task to be able to contribute anything code wise. I am just pointing out the Documentation HAS to be added as the work progresses and kept up to date for proper project management. this really doesn't need to be said though. Every programmer knows this.

I haven't, is it a full list? From the posts it seemed it was not, maybe I misread the conversation?

This is what I was referring to.

...

Hueristic, did you see the commit MoneroMooo posted which adds RPC definitions to the Developer Guide on the web site? That's work-in-progress, so not there yet, but on the way.

...
There is not completely RPC documentation that is up to date, unfortunately. The best place to look is the code, which in that respect is quite readable.

https://github.com/monero-project/bitmonero/blob/master/src/wallet/wallet_rpc_server_commands_defs.h
https://github.com/monero-project/bitmonero/blob/master/src/rpc/core_rpc_server_commands_defs.h

i assume you're referring to Dr. Moo, aka Moneromoo, and technically he's a funded part-time developer.

https://www.youtube.com/watch?v=Ll6LLGePYwM

hey i think you mix two differen things up:

he was asking for RPC documentation. This means he just want to see a place where he can see what parameters he has to give to a function and what he will be getting back. the best solution to do this IS looking inside the code, since even people that can not code could read it if they know what they are looking for.

how to deal with it? the funding page needs more content anyway and people at monero forum are trying to define a work package for the "monero about" page (https://forum.getmonero.org/7/open-tasks/346/about-monero-page-content). this would be the right way to go if your intention to change this should bear fruits one day . maybe we could inculde it there ?

I actually was just pointing out that even something as simple as the rpc list should be easily accessible and updated as a matter of course and good programming practices.

Since there is a full time developer now wouldn't it be a good idea to create a flow chart?

https://github.com/monero-project/monero-site/issues/49

As much fun as the cryptonote whitepaper is to read a programmer has no need for the theory behind but rather the implementation of such. That is what is sorely lacking ATM.

hey i think you mix two differen things up:

he was asking for RPC documentation. This means he just want to see a place where he can see what parameters he has to give to a function and what he will be getting back. the best solution to do this IS looking inside the code, since even people that can not code could read it if they know what they are looking for.

the thing you are talking about is documentation about cryptonode internal functionallity like ring signatures, stealth addresses etc. i agree documentation on this things are not good enough for the common public, but this was not the right way to bring this issue up since smooths answer was the best one to give.

how to deal with it? the funding page needs more content anyway and people at monero forum are trying to define a work package for the "monero about" page (https://forum.getmonero.org/7/open-tasks/346/about-monero-page-content). this would be the right way to go if your intention to change this should bear fruits one day . maybe we could inculde it there ?

the problem is, there are not a lot people who really know how all this works. only the devs can make such graphs

thx, will reread it more carefully

edit2: the transaction private key is never used, am I right? It's only used to calculate the transaction public key?

See the whitepaper section 4.4, step VER.

My question isn't really answered yet:

how can a spectator know that the image key is associated with at least on of the inputs in the transaction?

what is the different between monerowallet.com and mymonero.com?

I figured as much, but that was my point - the diagram is not very helpful for those of us that are all like "my compooter gone did done some mafs"

Thank you though! - the above is short and sweet, but dnaelor's actually matched up with the diagram numbers. And yes, one of those "floating hand draws and some guy talks" animation things would be cool

let me give it a try

Bob wants to spend XMR he received in his account and send it to Carol.
How does he compose the transaction?

A: Bob gets acces to his "real input" that was send to his "stealth address"
1. Bob needs the public key from the transaction that contains the output he received and wants to send - Bob needs to ECDH this key with his private view key
2. Bob also selects the exact number of the output from the transaction that contains the output he wants to send. The other output(s) in this transaction is/are change (Bob doesn't have the private key for those other outputs) Note: typically, due to auto-denomination, Bob will have more than one output per transaction that belongs to him.
3. Bob needs the "master" private key of his account - private spend key, to be precise
4. 1,2 and 3 are used to calculate the private key for the specific output he wants to send. (the public key for the transaction can be calculated from this private key - This is correct, but the public key is also stored on the blockchain.)

B: to protects Carol's identity, Bob will do the folowing to generate a "one time" public key for this transaction, making it impossible for others to link all transactions send to Carol to the same "stealth address"
5. Bob generates a random number scalar, this one isn't clear from the graphic at all
6. this random number is hashed into the transaction public key the transaction private key, and is scalar mult'd into the transaction public key
7. he selects the number associated with the outputs (due to auto-denom) that Carol will receive, the other output(s) is/are change that goes back to Bob.
8. he needs the "master" public key from Carol to be able to send it to her stealth address - Carol's public view key
9. 6,7 and 8 are used to calulate the public key for the specific outputs he wants to send

C: to "mix" the inputs, Bob creates a ring signature
10.  He selects the actual public key (+ that output's private key) from the output he wants to send, but he also adds other public keys into the mix.
11. to prevent double spending, Bob needs to send a valid "key image" together with the public keys of the outputs (or inputs if you prefer).
12. he signs the combination of inputs and the key image with his private key, prooving the key image is valid (Bob owns the private key associated with the key image) and that (somehow? I don't know how this works) one of the public keys is used to generate this key image, but as a spectator of the blockchain, we can't know which of the used outputs is "the real one that is being transferred". His private key and the other chosen public key(s) are used to create a ring signature; they'll be one signature for each input, collectively making a ring signature. The key image is an additional public key computed from the output private key (not public key) that's actually being spent.
13. This is the collection of outputs that is signed. He grabbed the "fake ones" from the blockchain. He doesn't need permission from the owners for that. This isn't quite right: those are the outputs that are doing the signing. A hash of the TX prefix is "what" is actually being signed.
14. This is the key image he signed. If Bob ever tries to send the same output again, the exact same key image will be generated and thus the double spend will be detected.
15. this "ring signature" is added to the transaction containing the publi keys that are used in the transaction and proving Bob's ownership of one of those inputs.



tell me if I was terribly wrong


edit: damn it, luigiiii is faster than me

Well, no, that's not really how it works.

1. For the sender, a random transaction private key is chosen.
2. The sender does a ECDH with this private key and the receiver's public view key.
3. From that derivation and an output index, he is able to use the receiver's public spend key to create a one-time output public key for which only the receiver will be able to generate a private key.

To generate this private key:

1. The receiver does an ECDH with his private view key and the public transaction key (from tx extra)
2. From this derivation (which matches exactly that from step 2 above), the receiver does the same as step 3 above.
3. If his result matches, he knows he owns the output. He can then use his private spend key to generate the corresponding output private key (to actually spend the output).