Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trustless mining #98

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Trustless mining #98

wants to merge 15 commits into from

Conversation

dzwdz
Copy link

@dzwdz dzwdz commented May 31, 2023

Solves #60.
It's not really mergeable yet. The current issues are:

  • I only tested this on Alpine Linux, and didn't exhaustively check all configurations for possible regressions etc.
  • I had to disable ref10 support, because it lacked some essential functions iirc. Hopefully this won't be too big of an issue, as ed25519-donna should be a complete replacement? Maybe? Are there systems where it doesn't run?
  • I had to pull in ed25519_impl_{pre,post}.h in main.c, which is pretty horrible.
  • Nobody else looked at the crypto yet but me - I think the math checks out, but you shouldn't rely just on me.

I tried to make it somewhat idiotproof by ensuring you won't get a private key that'll work with Tor unless you did everything right. I did not protect against someone using the same base key for multiple .onions - maybe I could add a disclaimer when using --combine if you think that's necessary.

Thanks in advance for any feedback ^^

dzwdz and others added 15 commits November 5, 2022 17:37
@dzwdz
prototype of trustless mining
bd3b8d5
@dzwdz
partial support for supercop amd64
13166c0
@dzwdz
full supercop amd64 support
656502b
@dzwdz
--combine: regenerate the second half of the key
e0244d4 
i think that before this commit the miner could recover your private
key after you set the hidden service up. whoops
@dzwdz
--combine: rewrite the comment explaining the hash prefix generation
168249e
@dzwdz
add trustless mining support to the batch/fast workers
7d00808
@dzwdz
delete the thing about only supporting -Z
8d9b6d1
@dzwdz
trustless mining with multiple basekeys
90666cd 
A really cool feature suggested by adapt-L. I'm still not certain the
math checks out, not to mention the lack of any automated tests.
fix typo in printhelp
476d135 
that's what i get for coding on my phone
@dzwdz
Allow mining without --basekey again.
532b61e
@dzwdz
Reenable deterministic mining.
a1f7e9d
@dzwdz
Change the basekey format, ensure the correct file is used.
7fd0b14
@dzwdz
Use a different format for trustlessly mined "halfkeys".
98fb24d 
makes it a bit more foolproof, as I can check if they used the right keys etc.
also requires you to actually combine it with your base key before slamming it
into tor and wondering why it doesn't work
@dzwdz
restore normal README / disable ref10
e17e267
@dzwdz
Merge remote-tracking branch 'cathug/master' into trustless
e9518e9
@dzwdz dzwdz changed the title Trustless mining (#60) Trustless mining May 31, 2023
@cathugger
Copy link
Owner

regarding ref10 not having proper functionality, "correct" solution would be enabling trustless code only when configure flag is set to true, which could be true by default & conflict with ref10.
or removing ref10 as I'm honestly not sure what it's ever good for.
it was first method supported and is still possibly more portable than donna as the code at least looks less ifdef-y and cleaner to me, but whether that is worth much in reality is different question.

whatever you've done here right now is probably fine for now, I can make decision later.

@cathugger
Copy link
Owner

I'll dig into this deeper when i have more time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dzwdz @cathugger