-
m-relay
<jeffro256:monero.social> You're going to have to be more specific as to what you want, as well as give us a link to this function since it doesn't appear to be in the core repo
-
m-relay
<jeffro256:monero.social> The key image for a onetime address K = kG is K~ = k Hash_to_point(K), regardless of whether you use subaddresses, main addresses, or your own custom addressing scheme. So once you use your spend key to determine the private key for an owned enote, you compute the key image, then filter all the on-chain key images from the LWS and see if you encounter a key image that you previously computed
-
m-relay
<monerobull:monero.social> hey, anyone here? i have someone with a very weird claim. probably nothing but potentially serious
-
sech1
What claim
-
m-relay
<monerobull:monero.social> their gui wallet shows an outgoing transaction worth 18446743 XMR
-
sech1
That's suspiciously close to 2^64 atomic units
-
sech1
must be a bug somewhere
-
m-relay
<monerobull:monero.social> 18446743,66343055293
-
m-relay
-
m-relay
<monerobull:monero.social> they gave me a confirmed transaction ID as well
-
sech1
That's 0.410278998686 XMR less than 2^64
-
sech1
which is a more reasonable number
-
sech1
Somehow somewhere somethig wrapped around 2^64
-
m-relay
<monerobull:monero.social> lol, and that's how you de-anon a xmr tx /s
-
m-relay
<monerobull:monero.social> ive asked them to restore in featherwallet
-
sech1
Maybe a display bug, maybe corrupt wallet file. Restoring wallet from seed will show the real amount in that transaction
-
m-relay
<monerobull:monero.social> with them writing about weird node stuff, that is the most likely case, yes
-
m-relay
<monerobull:monero.social> thanks for taking the time :)
-
m-relay
-
m-relay
<everoddandeven:monero.social> I want to give another parameter (crypto::subadress_index) to that function and make something like this bool wallet2::light_wallet_key_image_is_ours(const crypto::key_image& key_image, const crypto::public_key& tx_public_key, uint64_t out_index, crypto::subadress_index subaddress_idx)
-
m-relay
<everoddandeven:monero.social> Now it is working only with primary address
-
m-relay
<everoddandeven:monero.social> I'm still not skilled with monero cryptography functions, and I do not know the right parameters to cryptonote::generate_key_image in order to generate an output key image using subaddress keys
-
m-relay
<everoddandeven:monero.social> I'm still not skilled with monero cryptography functions, and I do not know the right parameters to crypto::generate\_key\_image in order to generate an output key image using subaddress keys
-
m-relay
<everoddandeven:monero.social> // Subaddresses aren't supported in mymonero/openmonero yet. Roll out the original scheme:
-
m-relay
<everoddandeven:monero.social> // compute D = a*R
-
m-relay
<everoddandeven:monero.social> // compute P = Hs(D || i)*G + B
-
m-relay
<everoddandeven:monero.social> // compute x = Hs(D || i) + b (and check if P==x*G)
-
m-relay
<everoddandeven:monero.social> // compute I = x*Hp(P)
-
m-relay
<everoddandeven:monero.social> This is a comment in wallet2::light_wallet_generate_key_image function
-
m-relay
<rucknium:monero.social> jeffro256: wallet.cpp is so long that GitHub doesn't fully index it for searching :)
-
m-relay
<syntheticbird:monero.social> The side view in vscode just crashed sometimes
-
m-relay
<syntheticbird:monero.social> this file is just so beefy that's hilarious
-
m-relay
<jeffro256:monero.social> Also IIRC that code was removed by tobtoht from the master branch anyways
-
m-relay
<jeffro256:monero.social> everoddandeven: if you plan on using this code for production, I wouldn't recommend passing an explicit subaddress index since that would mean that you would be rederive for every single subaddress generated
-
m-relay
<jeffro256:monero.social> Instead use a map of subaddress spend pubkeys -> subaddress indices with `cryptonote::is_out_to_acc_precomp`
-
m-relay
<jeffro256:monero.social> Well that's if you have the pubkey available on you, which you might not
-
m-relay
<jeffro256:monero.social> Are you using this function in the context assuming you already know your owned enotes up to that point?
-
m-relay
<jeffro256:monero.social> When you scan with subaddresses, you basically have to know which key images you own beforehand, otherwise you would have to rederive the pubkey N times for each on-chain key image, where N is the number of subaddresses. This is because to tell which subaddress to use to find the private key of the onetime enote, you need to subtract the derivation from the onetime address. The on<clipped message>
-
m-relay
<jeffro256:monero.social> etime address is not associated with the key image on-chain (otherwise Monero would be traceable), so if you don't already have the onetime address with you, then you have to try against every single subaddress you've generated
-
m-relay
<jeffro256:monero.social> When you subtract the derivation from the onetime address, you get a subadress spendkey, which is looked up in a map normally which means we only have to derive the key once per owned enote. The scanning code then assumes we already calculated the key images in advance
-
m-relay
<jeffro256:monero.social> However, if you wanted to check just against the one subaddress for learning sake, I could write a gist that would do that