-
lagoon93
hello
-
lagoon93
any help on creating manually view_tag from spend key
-
kayabaNerve
lagoon93: They're dependent on who you're sending to.
-
lagoon93
creating manually i said before sending
-
kayabaNerve
... view tags are linked to a specific output though.
-
kayabaNerve
They can only be created when you are sending to someone.
-
kayabaNerve
If you have their address, you need to generate a transaction key, `r`. The shared key is Hs(8rA || o), where A is their public view key. The view tag is keccak256(shared_key)[0], unless I'm mistaken.
-
kayabaNerve
So you need the public view key of who you're sending to AND the transaction's `r`, if you're generating a view tag for your recipient.
-
sech1
I already gave him all the required links several times, don't waste your time
-
kayabaNerve
Thanks for the warning :p I just saw the hello and wanted to help
-
kayabaNerve
There also were historical proposals with static view tags IIRC, so I wanted to try to clarify that.
-
sech1
view tag is keccak256("view_tag" || derivation || output_index as varint)[0]
-
lagoon93
here
paste.debian.net/1245252 there is no view_tag calculation function
-
lagoon93
so i must create a new one
-
kayabaNerve
lagoon93: keccak256(f)[0]
-
lagoon93
ah
-
kayabaNerve
Sorry. One second.
-
kayabaNerve
Apparently we all have different opinions on what the shared key is. I always considered it Hs, yet rA alone is the ECDH shared secret.
-
kayabaNerve
View tags may have been implemented solely using rA... that'd make sense for a few reasons. Double checking now.
-
kayabaNerve
Wow, no, I was very wrong. sech1 is correct, and I just missed their second message.
-
kayabaNerve
It's not keccak256(Hs(..)). `var D = generate_key_derivation(A, r); "7b0a76d852af2beffda86cc575622a0c4f89382cc878d8f19b71b730aa>` Then it'd be keccak256("view_tag" || D || varint(o))[0]
-
kayabaNerve
(which is what sech1 said, and I completely butchered. Basically derivation_to_scalar with "view_tag" in front.
-
kayabaNerve
*front)
-
lagoon93
so is keccak256(D)[0]
-
kayabaNerve
No. keccak256("view_tag" || D || varint(o))[0]
-
kayabaNerve
derivation_to_scalar does keccak256(D || varint(o)).
-
kayabaNerve
You need to prepend "view_tag" and only grab the first byte.
-
lagoon93
got it but is javascript so i need little different syntax like keccak256"("view_tag" || D || varint(o))[0]"
-
kayabaNerve
My recommendation would be to copy derivation_to_scalar to derivation_to_view_tag.
-
kayabaNerve
Same function, except "view_tag" and [0]
-
lagoon93
var x = derivation_to_scalar(D, 0);
-
lagoon93
i dont understand
-
kayabaNerve
lagoon93: This isn't going anywhere, despite me thinking we had progress. derivation_to_scalar implements keccak256(D || varint(o)). You need to implement keccak256("view_tag" || D || varint(o))[0] to calculate a view tag. I'll bow out like sech recommended
-
lagoon93
i understand that just the implementation on javascript is the issue
-
lagoon93
i have function keccak256
-
lagoon93
on javascript
-
lagoon93
but how to turn your c++ function in javascript
-
lagoon93
keccak256"("view_tag" || D || varint(o))[0]" gives error syntax
-
rbrunner
laggon93, please don't take that as an insult, but I think it's time for you to go back to whomever gave you this job, and ask to find an alternative way to a solution
-
lagoon93
no one gives me "this job"
-
rbrunner
Ok, sorry then, misunderstanding.
-
rbrunner
I thought you work for somebody
-
lagoon93
if was like this i would search to pay someone and not to bother!
-
lagoon93
but i want to learn all the procedure
-
moneromooo
Did you read that discussion on github on the PR that added view tags ?
-
lagoon93
yes
-
rbrunner
Hmmm, noble goal, but then maybe you should prepare the ground first, so to say, before you attach this view tag problem again.
-
lagoon93
many times
-
rbrunner
Learn some basics about Monero first. Did you read already
getmonero.org/library/Zero-to-Monero-2-0-0.pdf?
-
lagoon93
yes
-
» moneromooo goes double check they talk about the crypto steps
-
lagoon93
i have some basics....
-
rbrunner
And good knowledge about all the involved languages? I mean, frankly, a statement like this one is pretty surprising: "keccak256"("view_tag" || D || varint(o))[0]" gives error syntax"
-
lagoon93
no i have no good knowdlege of languages
-
moneromooo
monero-project/research-lab #73 (linked from that discussion) gives the crypto ops.
-
rbrunner
Do I remember correctly, you said once your C++ is not very good? So maybe acquire solid C++ programming knowledge first, say, over the next 2 weeks?
-
lagoon93
yes but i'm some """" from the view_Tag code now
-
rbrunner
I now that feeling :)
-
lagoon93
has anyone the good will to find the right syntax for keccak256"("view_tag" || D || varint(o))[0]"
-
moneromooo
FWIW, || in this context means concatenation, not the usual or.
-
sech1
it's better that you learn javascript than ask here every time you get a compilation error
-
lagoon93
output of "keccak_256("view_tag" || D || varint(o))" is dde69f78c8a9f4ab5a2b8061b4a92a2ad3febb9996e6cbab99d3b99fccac4f98
-
lagoon93
but view_tag is not dd
-
moneromooo
Check whether "view_tag" should have terminating NUL or not. Check D and o are really the right values. Check whether your varint encoder is correct.
-
lagoon93
i dont know really what o represent
-
lagoon93
i had this function from kayabaNerve but i dont know what (o) represent
-
lagoon93
D is real value
-
kayabaNerve
lagoon93: Output index.
-
kayabaNerve
> My recommendation would be to copy derivation_to_scalar to derivation_to_view_tag.
-
lagoon93
how to do that on javascript
-
lagoon93
"keccak_256("derivation_to_scalar " || D || varint(o))"
-
lagoon93
didnt work
-
kayabaNerve
...
-
kayabaNerve
We cannot help you learn C++ aand JS from scratch.
-
kayabaNerve
I'm suggesting you take the existing d_t_s function, copy it, and edit it as needed into a new function, d_t_v_t.
-
lagoon93
var f = derivation_to_scalar(D, 0); so keccak_256(f);
-
lagoon93
i'll give a try
-
lagoon93
or im wrong again
-
lagoon93
again wrong
-
lagoon93
any help please
-
lagoon93
im some ''' away
-
lagoon93
keccak_256(((f) || D || varint(o))); output is "bba95343e59e78ba4e46678dfc057f1914ec2c7f3abb5db057de02a2f64624d4" but again is not view_tag
-
lagoon93
anyone with good will to help on puttig '''' in the right direction
-
moneromooo
You can start bu checking the varint encoder is good. At least for a 0-3 value, it should give one one byte with that value.
-
moneromooo
Then checking you concat properly (eg, no padding) and that you use the correct length for the varint.
-
sech1
varint(o)
-
sech1
I hope you didn't literally put "o" there
-
sech1
it must be output index
-
moneromooo
One thing you could do actually: in the monero code, log ALL inputs and intermediate values and results for the view tag calc, make a monero tx with that code. Then read the log, save all those new log lines, and feed the same inputs to your code. Check the first step where the intermediate values diverge. Loop.
-
lagoon93
varint(0)
-
lagoon93
keccak_256("view_tag" || D || varint(0));
-
lagoon93
output dd but is not view_tag
-
lagoon93
dde69f78c8a9f4ab5a2b8061b4a92a2ad3febb9996e6cbab99d3b99fccac4f98 all output but i must take 1byte right
-
lagoon93
"dd"
-
lagoon93
-
lagoon93
moneromoo to log monerod or wallet-cli
-
moneromooo
The wallet. derive_view_tag IIRC.
-
lagoon93
but really is strange that anyone cant propose smth more straightforth