donttracemebruh
commented
1 year ago I'm offering an additional 2 XMR to the bounty.
Open mjg-foundation opened 1 year ago
donttracemebruh
commented
1 year ago I'm offering an additional 2 XMR to the bounty.
kayabaNerve
commented
1 year ago Just to comment on flow:
Ideally, just the following needs to be sent to the device:
1) The inputs to use. 2) The decoys to use for them. 3) The payments to make.
In this case, the hardware wallet does the entire TX.
Alternatively, you could send: 1) The full TX, with nulled out CLSAGs 2) 32-bytes of entropy to use for the TX one time keys. The actual one time keys would be H(key_images, entropy, index). 3) The payments.
The HW wallet wouldn't have to do the BPs, yet would have to check TX extra, the output keys, and commitments are well formed. The HW wallet would only do the CLSAGs.
Monero-HackerIndustrial
commented
1 year ago Would it be more portable to send the device the full unsigned tx? This might simplify the reqs on the device as it would just parse and sign the transaction. The unsigned tx file is already standard in the cli and might be good to keep that consistent (especially as the protocol changes in the future).
kayabaNerve
commented
1 year ago I can't comment on Monero's unsigned TX file. If monero's unsigned TX file satisfies either of the above flows, it'd be fine. Else, it'd introduce security issues.
I'd also argue the latter flow, not doing BPs on the device, may save enough time it's preferable. I'm again unsure how Monero's unsigned TX file handles it.
This is the main event, and is essentially the passport side of #3 . This depends on #4 and #5 as well, and doesn't include multisig. Relevant files:
Bounty: 2 XMR