Kezdőlap Felfedezés Súgó
Bejelentkezés
cesar
/
cdk
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: a72a1e654d
Branch-ok Tag-ek
cdk
/
crates
/
cashu-sdk
/
src
/
mint.rs

mint.rs 8.5 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271 
  1. use std::collections::{HashMap, HashSet};
    2. 

  2. 

  3. use cashu::dhke::sign_message;
    4. 

  4. use cashu::dhke::verify_message;
    5. 

  5. pub use cashu::error::mint::Error;
    6. 

  6. use cashu::nuts::nut00::BlindedMessage;
    7. 

  7. use cashu::nuts::nut00::BlindedSignature;
    8. 

  8. use cashu::nuts::nut00::Proof;
    9. 

  9. use cashu::nuts::nut02::mint::KeySet;
    10. 

  10. use cashu::nuts::nut06::SplitRequest;
    11. 

  11. use cashu::nuts::nut06::SplitResponse;
    12. 

  12. use cashu::nuts::nut07::CheckSpendableRequest;
    13. 

  13. use cashu::nuts::nut07::CheckSpendableResponse;
    14. 

  14. use cashu::nuts::nut08::MeltRequest;
    15. 

  15. use cashu::nuts::nut08::MeltResponse;
    16. 

  16. use cashu::nuts::*;
    17. 

  17. use cashu::secret::Secret;
    18. 

  18. use cashu::Amount;
    19. 

  19. 

  20. pub struct Mint {
    21. 

  21.     //    pub pubkey: PublicKey,
    22. 

  22.     pub active_keyset: nut02::mint::KeySet,
    23. 

  23.     pub inactive_keysets: HashMap<String, nut02::mint::KeySet>,
    24. 

  24.     pub spent_secrets: HashSet<Secret>,
    25. 

  25.     pub pending_secrets: HashSet<Secret>,
    26. 

  26. }
    27. 

  27. 

  28. impl Mint {
    29. 

  29.     pub fn new(
    30. 

  30.         secret: &str,
    31. 

  31.         derivation_path: &str,
    32. 

  32.         inactive_keysets: HashMap<String, nut02::mint::KeySet>,
    33. 

  33.         spent_secrets: HashSet<Secret>,
    34. 

  34.         max_order: u8,
    35. 

  35.     ) -> Self {
    36. 

  36.         Self {
    37. 

  37.             active_keyset: nut02::mint::KeySet::generate(secret, derivation_path, max_order),
    38. 

  38.             inactive_keysets,
    39. 

  39.             spent_secrets,
    40. 

  40.             pending_secrets: HashSet::new(),
    41. 

  41.         }
    42. 

  42.     }
    43. 

  43. 

  44.     /// Retrieve the public keys of the active keyset for distribution to
    45. 

  45.     /// wallet clients
    46. 

  46.     pub fn active_keyset_pubkeys(&self) -> nut02::KeySet {
    47. 

  47.         nut02::KeySet::from(self.active_keyset.clone())
    48. 

  48.     }
    49. 

  49. 

  50.     /// Return a list of all supported keysets
    51. 

  51.     pub fn keysets(&self) -> nut02::Response {
    52. 

  52.         let mut keysets: HashSet<_> = self.inactive_keysets.keys().cloned().collect();
    53. 

  53.         keysets.insert(self.active_keyset.id.clone());
    54. 

  54.         nut02::Response { keysets }
    55. 

  55.     }
    56. 

  56. 

  57.     pub fn active_keyset(&self) -> nut02::mint::KeySet {
    58. 

  58.         self.active_keyset.clone()
    59. 

  59.     }
    60. 

  60. 

  61.     pub fn keyset(&self, id: &str) -> Option<nut02::KeySet> {
    62. 

  62.         if self.active_keyset.id == id {
    63. 

  63.             return Some(self.active_keyset.clone().into());
    64. 

  64.         }
    65. 

  65. 

  66.         self.inactive_keysets.get(id).map(|k| k.clone().into())
    67. 

  67.     }
    68. 

  68. 

  69.     /// Add current keyset to inactive keysets
    70. 

  70.     /// Generate new keyset
    71. 

  71.     pub fn rotate_keyset(
    72. 

  72.         &mut self,
    73. 

  73.         secret: impl Into<String>,
    74. 

  74.         derivation_path: impl Into<String>,
    75. 

  75.         max_order: u8,
    76. 

  76.     ) {
    77. 

  77.         // Add current set to inactive keysets
    78. 

  78.         self.inactive_keysets
    79. 

  79.             .insert(self.active_keyset.id.clone(), self.active_keyset.clone());
    80. 

  80. 

  81.         self.active_keyset = KeySet::generate(secret, derivation_path, max_order);
    82. 

  82.     }
    83. 

  83. 

  84.     pub fn process_mint_request(
    85. 

  85.         &mut self,
    86. 

  86.         mint_request: nut04::MintRequest,
    87. 

  87.     ) -> Result<nut04::PostMintResponse, Error> {
    88. 

  88.         let mut blind_signatures = Vec::with_capacity(mint_request.outputs.len());
    89. 

  89. 

  90.         for blinded_message in mint_request.outputs {
    91. 

  91.             blind_signatures.push(self.blind_sign(&blinded_message)?);
    92. 

  92.         }
    93. 

  93. 

  94.         Ok(nut04::PostMintResponse {
    95. 

  95.             promises: blind_signatures,
    96. 

  96.         })
    97. 

  97.     }
    98. 

  98. 

  99.     fn blind_sign(&self, blinded_message: &BlindedMessage) -> Result<BlindedSignature, Error> {
    100. 

  100.         let BlindedMessage { amount, b } = blinded_message;
    101. 

  101. 

  102.         let Some(key_pair) = self.active_keyset.keys.0.get(&amount.to_sat()) else {
    103. 

  103.             // No key for amount
    104. 

  104.             return Err(Error::AmountKey);
    105. 

  105.         };
    106. 

  106. 

  107.         let c = sign_message(key_pair.secret_key.clone().into(), b.clone().into())?;
    108. 

  108. 

  109.         Ok(BlindedSignature {
    110. 

  110.             amount: *amount,
    111. 

  111.             c: c.into(),
    112. 

  112.             id: self.active_keyset.id.clone(),
    113. 

  113.         })
    114. 

  114.     }
    115. 

  115. 

  116.     pub fn process_split_request(
    117. 

  117.         &mut self,
    118. 

  118.         split_request: SplitRequest,
    119. 

  119.     ) -> Result<SplitResponse, Error> {
    120. 

  120.         let proofs_total = split_request.proofs_amount();
    121. 

  121. 

  122.         let output_total = split_request.output_amount();
    123. 

  123. 

  124.         if proofs_total != output_total {
    125. 

  125.             return Err(Error::Amount);
    126. 

  126.         }
    127. 

  127. 

  128.         let proof_count = split_request.proofs.len();
    129. 

  129. 

  130.         let secrets: HashSet<Secret> = split_request.proofs.into_iter().map(|p| p.secret).collect();
    131. 

  131. 

  132.         // Check that there are no duplicate proofs in request
    133. 

  133.         if secrets.len().ne(&proof_count) {
    134. 

  134.             return Err(Error::DuplicateProofs);
    135. 

  135.         }
    136. 

  136. 

  137.         for secret in secrets {
    138. 

  138.             self.spent_secrets.insert(secret);
    139. 

  139.         }
    140. 

  140. 

  141.         match &split_request.amount {
    142. 

  142.             None => {
    143. 

  143.                 let promises: Vec<BlindedSignature> = split_request
    144. 

  144.                     .outputs
    145. 

  145.                     .iter()
    146. 

  146.                     .map(|b| self.blind_sign(b).unwrap())
    147. 

  147.                     .collect();
    148. 

  148. 

  149.                 Ok(SplitResponse::new(promises))
    150. 

  150.             }
    151. 

  151.             Some(amount) => {
    152. 

  152.                 let outs_fst = (proofs_total.to_owned() - amount.to_owned()).split();
    153. 

  153. 

  154.                 // Blinded change messages
    155. 

  155.                 let b_fst = split_request.outputs[0..outs_fst.len()].to_vec();
    156. 

  156.                 let b_snd = split_request.outputs[outs_fst.len()..].to_vec();
    157. 

  157.                 let fst: Vec<BlindedSignature> =
    158. 

  158.                     b_fst.iter().map(|b| self.blind_sign(b).unwrap()).collect();
    159. 

  159.                 let snd: Vec<BlindedSignature> =
    160. 

  160.                     b_snd.iter().map(|b| self.blind_sign(b).unwrap()).collect();
    161. 

  161. 

  162.                 let split_response = SplitResponse::new_from_amount(fst, snd);
    163. 

  163. 

  164.                 if split_response.target_amount() != split_request.amount {
    165. 

  165.                     return Err(Error::CustomError("Output order".to_string()));
    166. 

  166.                 }
    167. 

  167. 

  168.                 Ok(split_response)
    169. 

  169.             }
    170. 

  170.         }
    171. 

  171.     }
    172. 

  172. 

  173.     pub fn verify_proof(&self, proof: &Proof) -> Result<(), Error> {
    174. 

  174.         if self.spent_secrets.contains(&proof.secret) {
    175. 

  175.             return Err(Error::TokenSpent);
    176. 

  176.         }
    177. 

  177. 

  178.         let keyset = proof.id.as_ref().map_or_else(
    179. 

  179.             || &self.active_keyset,
    180. 

  180.             |id| {
    181. 

  181.                 if let Some(keyset) = self.inactive_keysets.get(id) {
    182. 

  182.                     keyset
    183. 

  183.                 } else {
    184. 

  184.                     &self.active_keyset
    185. 

  185.                 }
    186. 

  186.             },
    187. 

  187.         );
    188. 

  188. 

  189.         let Some(keypair) = keyset.keys.0.get(&proof.amount.to_sat()) else {
    190. 

  190.             return Err(Error::AmountKey);
    191. 

  191.         };
    192. 

  192. 

  193.         verify_message(
    194. 

  194.             keypair.secret_key.clone().into(),
    195. 

  195.             proof.c.clone().into(),
    196. 

  196.             &proof.secret,
    197. 

  197.         )?;
    198. 

  198. 

  199.         Ok(())
    200. 

  200.     }
    201. 

  201. 

  202.     pub fn check_spendable(
    203. 

  203.         &self,
    204. 

  204.         check_spendable: &CheckSpendableRequest,
    205. 

  205.     ) -> Result<CheckSpendableResponse, Error> {
    206. 

  206.         let mut spendable = Vec::with_capacity(check_spendable.proofs.len());
    207. 

  207.         let mut pending = Vec::with_capacity(check_spendable.proofs.len());
    208. 

  208. 

  209.         for proof in &check_spendable.proofs {
    210. 

  210.             spendable.push(!self.spent_secrets.contains(&proof.secret));
    211. 

  211.             pending.push(!self.pending_secrets.contains(&proof.secret));
    212. 

  212.         }
    213. 

  213. 

  214.         Ok(CheckSpendableResponse { spendable, pending })
    215. 

  215.     }
    216. 

  216. 

  217.     pub fn verify_melt_request(&mut self, melt_request: &MeltRequest) -> Result<(), Error> {
    218. 

  218.         let proofs_total = melt_request.proofs_amount();
    219. 

  219. 

  220.         // TODO: Fee reserve
    221. 

  221.         if proofs_total
    222. 

  222.             < melt_request
    223. 

  223.                 .invoice_amount()
    224. 

  224.                 .map_err(|_| Error::InvoiceAmountUndefined)?
    225. 

  225.         {
    226. 

  226.             return Err(Error::Amount);
    227. 

  227.         }
    228. 

  228. 

  229.         let secrets: HashSet<&Secret> = melt_request.proofs.iter().map(|p| &p.secret).collect();
    230. 

  230. 

  231.         // Ensure proofs are unique and not being double spent
    232. 

  232.         if melt_request.proofs.len().ne(&secrets.len()) {
    233. 

  233.             return Err(Error::DuplicateProofs);
    234. 

  234.         }
    235. 

  235. 

  236.         Ok(())
    237. 

  237.     }
    238. 

  238. 

  239.     pub fn process_melt_request(
    240. 

  240.         &mut self,
    241. 

  241.         melt_request: &MeltRequest,
    242. 

  242.         preimage: &str,
    243. 

  243.         total_spent: Amount,
    244. 

  244.     ) -> Result<MeltResponse, Error> {
    245. 

  245.         let secrets = Vec::with_capacity(melt_request.proofs.len());
    246. 

  246.         for secret in secrets {
    247. 

  247.             self.spent_secrets.insert(secret);
    248. 

  248.         }
    249. 

  249. 

  250.         let change_target = melt_request.proofs_amount() - total_spent;
    251. 

  251.         let amounts = change_target.split();
    252. 

  252.         let mut change = Vec::with_capacity(amounts.len());
    253. 

  253. 

  254.         if let Some(outputs) = &melt_request.outputs {
    255. 

  255.             for (i, amount) in amounts.iter().enumerate() {
    256. 

  256.                 let mut message = outputs[i].clone();
    257. 

  257. 

  258.                 message.amount = *amount;
    259. 

  259. 

  260.                 let signature = self.blind_sign(&message)?;
    261. 

  261.                 change.push(signature)
    262. 

  262.             }
    263. 

  263.         }
    264. 

  264. 

  265.         Ok(MeltResponse {
    266. 

  266.             paid: true,
    267. 

  267.             preimage: Some(preimage.to_string()),
    268. 

  268.             change: Some(change),
    269. 

  269.         })
    270. 

  270.     }
    271. 

  271. }
    272.