From d5e92a3f444eece8dd1653526a35d5fa247f5e0d Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:08:11 +0200 Subject: [PATCH 1/9] keyset with version --- cashu/core/base.py | 4 ++++ cashu/mint/crud.py | 6 +++--- cashu/mint/ledger.py | 9 ++++++--- cashu/mint/migrations.py | 7 +++++++ 4 files changed, 20 insertions(+), 6 deletions(-) diff --git a/cashu/core/base.py b/cashu/core/base.py index 189335b..2c7a31d 100644 --- a/cashu/core/base.py +++ b/cashu/core/base.py @@ -238,6 +238,7 @@ class MintKeyset: valid_to: Union[str, None] = None first_seen: Union[str, None] = None active: bool = True + version: Union[str, None] = None def __init__( self, @@ -248,6 +249,7 @@ class MintKeyset: active=None, seed: Union[None, str] = None, derivation_path: str = None, + version: str = None, ): self.derivation_path = derivation_path self.id = id @@ -255,6 +257,7 @@ class MintKeyset: self.valid_to = valid_to self.first_seen = first_seen self.active = active + self.version = version # generate keys from seed if seed: self.generate_keys(seed) @@ -275,6 +278,7 @@ class MintKeyset: valid_to=row[3], first_seen=row[4], active=row[5], + version=row[6], ) def get_keybase(self): diff --git a/cashu/mint/crud.py b/cashu/mint/crud.py index 19d0f0c..fbb3bf3 100644 --- a/cashu/mint/crud.py +++ b/cashu/mint/crud.py @@ -114,7 +114,6 @@ async def update_lightning_invoice( async def store_keyset( keyset: MintKeyset, - mint_url: str = None, db: Database = None, conn: Optional[Connection] = None, ): @@ -122,8 +121,8 @@ async def store_keyset( await (conn or db).execute( """ INSERT INTO keysets - (id, derivation_path, valid_from, valid_to, first_seen, active) - VALUES (?, ?, ?, ?, ?, ?) + (id, derivation_path, valid_from, valid_to, first_seen, active, version) + VALUES (?, ?, ?, ?, ?, ?, ?) """, ( keyset.id, @@ -132,6 +131,7 @@ async def store_keyset( keyset.valid_to, keyset.first_seen, True, + keyset.version, ), ) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index 2e2f0bb..a17cff6 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -24,7 +24,7 @@ from cashu.core.db import Database from cashu.core.helpers import fee_reserve, sum_proofs from cashu.core.script import verify_script from cashu.core.secp import PublicKey -from cashu.core.settings import LIGHTNING, MAX_ORDER +from cashu.core.settings import LIGHTNING, MAX_ORDER, VERSION from cashu.core.split import amount_split from cashu.lightning import WALLET from cashu.mint.crud import ( @@ -54,7 +54,7 @@ class Ledger: """Loads all past keysets and stores the active one if not already in db""" # generate current keyset from seed and current derivation path self.keyset = MintKeyset( - seed=self.master_key, derivation_path=self.derivation_path + seed=self.master_key, derivation_path=self.derivation_path, version=VERSION ) # check if current keyset is stored in db and store if not logger.debug(f"Loading keyset {self.keyset.id} from db.") @@ -118,7 +118,10 @@ class Ledger: # backwards compatibility with old hash_to_curve # old clients do not send a version - if not context.get("client-version"): + if ( + not context.get("client-version") + or not self.keysets.keysets[proof.id].version + ): return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) return b_dhke.verify(secret_key, C, proof.secret) diff --git a/cashu/mint/migrations.py b/cashu/mint/migrations.py index 15c8233..c58b3a0 100644 --- a/cashu/mint/migrations.py +++ b/cashu/mint/migrations.py @@ -118,3 +118,10 @@ async def m003_mint_keysets(db: Database): ); """ ) + + +async def m004_keysets_add_version(db: Database): + """ + Column that remembers with which version + """ + await db.execute("ALTER TABLE keysets ADD COLUMN version TEXT") From e3ab0ea961e9bf9a956f1bfe61146abbea8588d0 Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:10:59 +0200 Subject: [PATCH 2/9] keyset versions --- cashu/mint/ledger.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index a17cff6..87326a2 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -117,7 +117,8 @@ class Ledger: C = PublicKey(bytes.fromhex(proof.C), raw=True) # backwards compatibility with old hash_to_curve - # old clients do not send a version + # old clients do not send a version or + # new clients will send tokens which have a keyset id without a version if ( not context.get("client-version") or not self.keysets.keysets[proof.id].version From 777e4193881932ec6ee7468a91879b84e8db568a Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:16:20 +0200 Subject: [PATCH 3/9] debug --- cashu/mint/ledger.py | 3 +++ requirements.txt | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index 87326a2..ed96231 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -123,6 +123,9 @@ class Ledger: not context.get("client-version") or not self.keysets.keysets[proof.id].version ): + logger.debug( + f"Using legacy hash_to_curve for proof from keyset {proof.id} or client with version {context.get('client-version')}" + ) return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) return b_dhke.verify(secret_key, C, proof.secret) diff --git a/requirements.txt b/requirements.txt index 8fc17f6..0065b77 100644 --- a/requirements.txt +++ b/requirements.txt @@ -12,7 +12,7 @@ environs==9.5.0 ; python_version >= "3.7" and python_version < "4.0" fastapi==0.83.0 ; python_version >= "3.7" and python_version < "4.0" h11==0.14.0 ; python_version >= "3.7" and python_version < "4.0" idna==3.4 ; python_version >= "3.7" and python_version < "4.0" -importlib-metadata==4.12.0 ; python_version >= "3.7" and python_version < "3.8" +importlib-metadata==5.0.0 ; python_version >= "3.7" and python_version < "3.8" iniconfig==1.1.1 ; python_version >= "3.7" and python_version < "4.0" loguru==0.6.0 ; python_version >= "3.7" and python_version < "4.0" marshmallow==3.18.0 ; python_version >= "3.7" and python_version < "4.0" @@ -34,6 +34,7 @@ six==1.16.0 ; python_version >= "3.7" and python_version < "4.0" sniffio==1.3.0 ; python_version >= "3.7" and python_version < "4.0" sqlalchemy-aio==0.17.0 ; python_version >= "3.7" and python_version < "4.0" sqlalchemy==1.3.24 ; python_version >= "3.7" and python_version < "4.0" +starlette-context==0.3.4 ; python_version >= "3.7" and python_version < "4.0" starlette==0.19.1 ; python_version >= "3.7" and python_version < "4.0" tomli==2.0.1 ; python_version >= "3.7" and python_version < "4.0" typing-extensions==4.3.0 ; python_version >= "3.7" and python_version < "4.0" From e9888440e3aa8c67380aec280b10e52017c25dd6 Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:17:40 +0200 Subject: [PATCH 4/9] debug --- cashu/mint/ledger.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index ed96231..c9eb0ed 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -127,6 +127,9 @@ class Ledger: f"Using legacy hash_to_curve for proof from keyset {proof.id} or client with version {context.get('client-version')}" ) return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) + logger.debug( + f"Using new hash_to_curve for proof from keyset {proof.id} or client with version {context.get('client-version')}" + ) return b_dhke.verify(secret_key, C, proof.secret) def _verify_script(self, idx: int, proof: Proof): From 9c3e856d4fc2b0d986fda96d7a191d1770ccc9a8 Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:19:47 +0200 Subject: [PATCH 5/9] try both --- cashu/mint/ledger.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index c9eb0ed..938e58e 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -123,13 +123,13 @@ class Ledger: not context.get("client-version") or not self.keysets.keysets[proof.id].version ): - logger.debug( - f"Using legacy hash_to_curve for proof from keyset {proof.id} or client with version {context.get('client-version')}" - ) return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) - logger.debug( - f"Using new hash_to_curve for proof from keyset {proof.id} or client with version {context.get('client-version')}" - ) + try: + ret = legacy.verify_pre_0_3_3(secret_key, C, proof.secret) + if ret: + return ret + except: + pass return b_dhke.verify(secret_key, C, proof.secret) def _verify_script(self, idx: int, proof: Proof): From d9918def5051bcbaf9da810c57cd1fa98ee496e5 Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:26:21 +0200 Subject: [PATCH 6/9] check if keyset exists --- cashu/mint/ledger.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index 938e58e..9bc8b20 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -119,9 +119,9 @@ class Ledger: # backwards compatibility with old hash_to_curve # old clients do not send a version or # new clients will send tokens which have a keyset id without a version - if ( - not context.get("client-version") - or not self.keysets.keysets[proof.id].version + if not context.get("client-version") or ( + self.keysets.keysets.get(proof.id) + and not self.keysets.keysets[proof.id].version ): return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) try: From c85bb5e2b1293cd8aca3a178bd9ab1f99f175a37 Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:38:08 +0200 Subject: [PATCH 7/9] debug logs --- cashu/mint/ledger.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index 9bc8b20..5dabd30 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -119,6 +119,11 @@ class Ledger: # backwards compatibility with old hash_to_curve # old clients do not send a version or # new clients will send tokens which have a keyset id without a version + logger.debug(f"Client version {context.get('client-version')}") + if self.keysets.keysets.get(proof.id): + logger.debug( + f"Token keyset: {self.keysets.keysets.get(proof.id)}, token version: {self.keysets.keysets[proof.id].version}" + ) if not context.get("client-version") or ( self.keysets.keysets.get(proof.id) and not self.keysets.keysets[proof.id].version From 7d59fb48afc5b0963415091f450c384dd289514e Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:41:41 +0200 Subject: [PATCH 8/9] try except in all cases --- cashu/mint/ledger.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index 5dabd30..eda27b7 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -124,11 +124,11 @@ class Ledger: logger.debug( f"Token keyset: {self.keysets.keysets.get(proof.id)}, token version: {self.keysets.keysets[proof.id].version}" ) - if not context.get("client-version") or ( - self.keysets.keysets.get(proof.id) - and not self.keysets.keysets[proof.id].version - ): - return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) + # if not context.get("client-version") or ( + # self.keysets.keysets.get(proof.id) + # and not self.keysets.keysets[proof.id].version + # ): + # return legacy.verify_pre_0_3_3(secret_key, C, proof.secret) try: ret = legacy.verify_pre_0_3_3(secret_key, C, proof.secret) if ret: From 35a822d3adca09a705835c159c21703bb84d4e17 Mon Sep 17 00:00:00 2001 From: callebtc <93376500+callebtc@users.noreply.github.com> Date: Mon, 10 Oct 2022 22:44:07 +0200 Subject: [PATCH 9/9] try except both functions --- cashu/mint/ledger.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py index eda27b7..8f6a885 100644 --- a/cashu/mint/ledger.py +++ b/cashu/mint/ledger.py @@ -117,8 +117,6 @@ class Ledger: C = PublicKey(bytes.fromhex(proof.C), raw=True) # backwards compatibility with old hash_to_curve - # old clients do not send a version or - # new clients will send tokens which have a keyset id without a version logger.debug(f"Client version {context.get('client-version')}") if self.keysets.keysets.get(proof.id): logger.debug( @@ -135,6 +133,7 @@ class Ledger: return ret except: pass + return b_dhke.verify(secret_key, C, proof.secret) def _verify_script(self, idx: int, proof: Proof):