store outPk/8 in the tx for speed
It avoids dividing by 8 when deserializing a tx, which is a slow operation, and multiplies by 8 when verifying and extracing the amount, which is much faster as well as less frequent
This commit is contained in:
parent
a345060ace
commit
4c94cfecfc
|
@ -241,8 +241,15 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const std::pair
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
rct::key commitment;
|
||||||
|
if (tx.version > 1)
|
||||||
|
{
|
||||||
|
commitment = tx.rct_signatures.outPk[i].mask;
|
||||||
|
if (rct::is_rct_bulletproof_plus(tx.rct_signatures.type))
|
||||||
|
commitment = rct::scalarmult8(commitment);
|
||||||
|
}
|
||||||
amount_output_indices[i] = add_output(tx_hash, tx.vout[i], i, tx.unlock_time,
|
amount_output_indices[i] = add_output(tx_hash, tx.vout[i], i, tx.unlock_time,
|
||||||
tx.version > 1 ? &tx.rct_signatures.outPk[i].mask : NULL);
|
tx.version > 1 ? &commitment : NULL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
add_tx_amount_output_indices(tx_id, amount_output_indices);
|
add_tx_amount_output_indices(tx_id, amount_output_indices);
|
||||||
|
|
|
@ -189,7 +189,7 @@ namespace cryptonote
|
||||||
CHECK_AND_ASSERT_MES(n_amounts == rv.outPk.size(), false, "Internal error filling out V");
|
CHECK_AND_ASSERT_MES(n_amounts == rv.outPk.size(), false, "Internal error filling out V");
|
||||||
rv.p.bulletproofs_plus[0].V.resize(n_amounts);
|
rv.p.bulletproofs_plus[0].V.resize(n_amounts);
|
||||||
for (size_t i = 0; i < n_amounts; ++i)
|
for (size_t i = 0; i < n_amounts; ++i)
|
||||||
rv.p.bulletproofs_plus[0].V[i] = rct::scalarmultKey(rv.outPk[i].mask, rct::INV_EIGHT);
|
rv.p.bulletproofs_plus[0].V[i] = rv.outPk[i].mask;
|
||||||
}
|
}
|
||||||
else if (bulletproof)
|
else if (bulletproof)
|
||||||
{
|
{
|
||||||
|
|
|
@ -1205,7 +1205,7 @@ namespace rct {
|
||||||
rv.p.bulletproofs_plus.clear();
|
rv.p.bulletproofs_plus.clear();
|
||||||
if (bulletproof_or_plus)
|
if (bulletproof_or_plus)
|
||||||
{
|
{
|
||||||
const bool plus = rv.type == RCTTypeBulletproofPlus;
|
const bool plus = is_rct_bulletproof_plus(rv.type);
|
||||||
size_t n_amounts = outamounts.size();
|
size_t n_amounts = outamounts.size();
|
||||||
size_t amounts_proved = 0;
|
size_t amounts_proved = 0;
|
||||||
if (rct_config.range_proof_type == RangeProofPaddedBulletproof)
|
if (rct_config.range_proof_type == RangeProofPaddedBulletproof)
|
||||||
|
@ -1235,6 +1235,9 @@ namespace rct {
|
||||||
}
|
}
|
||||||
for (i = 0; i < outamounts.size(); ++i)
|
for (i = 0; i < outamounts.size(); ++i)
|
||||||
{
|
{
|
||||||
|
if (plus)
|
||||||
|
rv.outPk[i].mask = C[i];
|
||||||
|
else
|
||||||
rv.outPk[i].mask = rct::scalarmult8(C[i]);
|
rv.outPk[i].mask = rct::scalarmult8(C[i]);
|
||||||
outSk[i].mask = masks[i];
|
outSk[i].mask = masks[i];
|
||||||
}
|
}
|
||||||
|
@ -1273,6 +1276,9 @@ namespace rct {
|
||||||
}
|
}
|
||||||
for (i = 0; i < batch_size; ++i)
|
for (i = 0; i < batch_size; ++i)
|
||||||
{
|
{
|
||||||
|
if (plus)
|
||||||
|
rv.outPk[i + amounts_proved].mask = C[i];
|
||||||
|
else
|
||||||
rv.outPk[i + amounts_proved].mask = rct::scalarmult8(C[i]);
|
rv.outPk[i + amounts_proved].mask = rct::scalarmult8(C[i]);
|
||||||
outSk[i + amounts_proved].mask = masks[i];
|
outSk[i + amounts_proved].mask = masks[i];
|
||||||
}
|
}
|
||||||
|
@ -1480,6 +1486,9 @@ namespace rct {
|
||||||
|
|
||||||
rct::keyV masks(rv.outPk.size());
|
rct::keyV masks(rv.outPk.size());
|
||||||
for (size_t i = 0; i < rv.outPk.size(); i++) {
|
for (size_t i = 0; i < rv.outPk.size(); i++) {
|
||||||
|
if (bulletproof_plus)
|
||||||
|
masks[i] = rct::scalarmult8(rv.outPk[i].mask);
|
||||||
|
else
|
||||||
masks[i] = rv.outPk[i].mask;
|
masks[i] = rv.outPk[i].mask;
|
||||||
}
|
}
|
||||||
key sumOutpks = addKeys(masks);
|
key sumOutpks = addKeys(masks);
|
||||||
|
@ -1640,6 +1649,8 @@ namespace rct {
|
||||||
mask = ecdh_info.mask;
|
mask = ecdh_info.mask;
|
||||||
key amount = ecdh_info.amount;
|
key amount = ecdh_info.amount;
|
||||||
key C = rv.outPk[i].mask;
|
key C = rv.outPk[i].mask;
|
||||||
|
if (is_rct_bulletproof_plus(rv.type))
|
||||||
|
C = scalarmult8(C);
|
||||||
DP("C");
|
DP("C");
|
||||||
DP(C);
|
DP(C);
|
||||||
key Ctmp;
|
key Ctmp;
|
||||||
|
@ -1671,6 +1682,8 @@ namespace rct {
|
||||||
mask = ecdh_info.mask;
|
mask = ecdh_info.mask;
|
||||||
key amount = ecdh_info.amount;
|
key amount = ecdh_info.amount;
|
||||||
key C = rv.outPk[i].mask;
|
key C = rv.outPk[i].mask;
|
||||||
|
if (is_rct_bulletproof_plus(rv.type))
|
||||||
|
C = scalarmult8(C);
|
||||||
DP("C");
|
DP("C");
|
||||||
DP(C);
|
DP(C);
|
||||||
key Ctmp;
|
key Ctmp;
|
||||||
|
|
|
@ -11290,7 +11290,9 @@ void wallet2::check_tx_key_helper(const cryptonote::transaction &tx, const crypt
|
||||||
crypto::derivation_to_scalar(found_derivation, n, scalar1);
|
crypto::derivation_to_scalar(found_derivation, n, scalar1);
|
||||||
rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
|
rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
|
||||||
rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
|
rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
|
||||||
const rct::key C = tx.rct_signatures.outPk[n].mask;
|
rct::key C = tx.rct_signatures.outPk[n].mask;
|
||||||
|
if (rct::is_rct_bulletproof_plus(tx.rct_signatures.type))
|
||||||
|
C = rct::scalarmult8(C);
|
||||||
rct::key Ctmp;
|
rct::key Ctmp;
|
||||||
THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.mask.bytes) != 0, error::wallet_internal_error, "Bad ECDH input mask");
|
THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.mask.bytes) != 0, error::wallet_internal_error, "Bad ECDH input mask");
|
||||||
THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.amount.bytes) != 0, error::wallet_internal_error, "Bad ECDH input amount");
|
THROW_WALLET_EXCEPTION_IF(sc_check(ecdh_info.amount.bytes) != 0, error::wallet_internal_error, "Bad ECDH input amount");
|
||||||
|
|
|
@ -450,6 +450,8 @@ bool gen_multisig_tx_validation_base::generate_with(std::vector<test_event_entry
|
||||||
rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
|
rct::ecdhTuple ecdh_info = tx.rct_signatures.ecdhInfo[n];
|
||||||
rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
|
rct::ecdhDecode(ecdh_info, rct::sk2rct(scalar1), tx.rct_signatures.type == rct::RCTTypeBulletproof2 || tx.rct_signatures.type == rct::RCTTypeCLSAG || tx.rct_signatures.type == rct::RCTTypeBulletproofPlus);
|
||||||
rct::key C = tx.rct_signatures.outPk[n].mask;
|
rct::key C = tx.rct_signatures.outPk[n].mask;
|
||||||
|
if (rct::is_rct_bulletproof_plus(tx.rct_signatures.type))
|
||||||
|
C = rct::scalarmult8(C);
|
||||||
rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H);
|
rct::addKeys2(Ctmp, ecdh_info.mask, ecdh_info.amount, rct::H);
|
||||||
CHECK_AND_ASSERT_MES(rct::equalKeys(C, Ctmp), false, "Failed to decode amount");
|
CHECK_AND_ASSERT_MES(rct::equalKeys(C, Ctmp), false, "Failed to decode amount");
|
||||||
amount += rct::h2d(ecdh_info.amount);
|
amount += rct::h2d(ecdh_info.amount);
|
||||||
|
|
Loading…
Reference in New Issue