public static void Initialize(Config config)
{
WalletService = null;
ChaumianClient = null;
Config = Guard.NotNull(nameof(config), config);
string blindingPubKeyFile = Path.Combine(DataDir, $"BlindingPubKey{Network}.json");
if (File.Exists(blindingPubKeyFile))
{
string blindingPubKeyJson = "";
blindingPubKeyJson = File.ReadAllText(blindingPubKeyFile);
BlindingPubKey = BlindingRsaPubKey.CreateFromJson(blindingPubKeyJson);
}
else
{
if (Network == Network.Main)
{
BlindingPubKey = new BlindingRsaPubKey(new BigInteger("16421152619146079007287475569112871971988560541093277613438316709041030720662622782033859387192362542996510605015506477964793447620206674394713753349543444988246276357919473682408472170521463339860947351211455351029147665615454176157348164935212551240942809518428851690991984017733153078846480521091423447691527000770982623947706172997649440619968085147635776736938871139581019988225202983052255684151711253254086264386774936200194229277914886876824852466823571396538091430866082004097086602287294474304344865162932126041736158327600847754258634325228417149098062181558798532036659383679712667027126535424484318399849"), new BigInteger("65537"));
}
else
{
BlindingPubKey = new BlindingRsaPubKey(new BigInteger("19473594448380717274202325076521698699373476167359253614775896809797414915031772455344343455269320444157176520539924715307970060890094127521516100754263825112231545354422893125394219335109864514907655429499954825469485252969706079992227103439161156022844535556626007277544637236136559868400854764962522288139619969507311597914908752685925185380735570791798593290356424409633800092336087046668579610273133131498947353719917407262847070395909920415822288443947309434039008038907229064999576278651443575362470457496666718250346530518268694562965606704838796709743032825816642704620776596590683042135764246115456630753521"), new BigInteger("65537"));
}
Directory.CreateDirectory(DataDir);
File.WriteAllText(blindingPubKeyFile, BlindingPubKey.ToJson());
}
var addressManagerFolderPath = Path.Combine(DataDir, "AddressManager");
AddressManagerFilePath = Path.Combine(addressManagerFolderPath, $"AddressManager{Network}.dat");
var blocksFolderPath = Path.Combine(DataDir, $"Blocks{Network}");
var connectionParameters = new NodeConnectionParameters();
AddressManager = null;
try
{
AddressManager = AddressManager.LoadPeerFile(AddressManagerFilePath);
Logger.LogInfo <AddressManager>($"Loaded {nameof(AddressManager)} from `{AddressManagerFilePath}`.");
}
catch (DirectoryNotFoundException ex)
{
Logger.LogInfo <AddressManager>($"{nameof(AddressManager)} did not exist at `{AddressManagerFilePath}`. Initializing new one.");
Logger.LogTrace <AddressManager>(ex);
AddressManager = new AddressManager();
}
catch (FileNotFoundException ex)
{
Logger.LogInfo <AddressManager>($"{nameof(AddressManager)} did not exist at `{AddressManagerFilePath}`. Initializing new one.");
Logger.LogTrace <AddressManager>(ex);
AddressManager = new AddressManager();
}
connectionParameters.TemplateBehaviors.Add(new AddressManagerBehavior(AddressManager));
MemPoolService = new MemPoolService();
connectionParameters.TemplateBehaviors.Add(new MemPoolBehavior(MemPoolService));
Nodes = new NodesGroup(Network, connectionParameters,
new NodeRequirement
{
RequiredServices = NodeServices.Network,
MinVersion = Constants.ProtocolVersion_WITNESS_VERSION
});
var indexFilePath = Path.Combine(DataDir, $"Index{Network}.dat");
IndexDownloader = new IndexDownloader(Network, indexFilePath, Config.GetCurrentBackendUri());
Nodes.Connect();
Logger.LogInfo("Start connecting to nodes...");
IndexDownloader.Synchronize(requestInterval: TimeSpan.FromSeconds(21));
Logger.LogInfo("Start synchronizing filters...");
}
private async Task ProcessStatusAsync()
{
try
{
IEnumerable <CcjRunningRoundState> states = await SatoshiClient.GetAllRoundStatesAsync();
using (await MixLock.LockAsync())
{
foreach (CcjRunningRoundState state in states)
{
CcjClientRound round = Rounds.SingleOrDefault(x => x.State.RoundId == state.RoundId);
if (round == null) // It's a new running round.
{
var r = new CcjClientRound(state);
Rounds.Add(r);
RoundAdded?.Invoke(this, r);
}
else
{
round.State = state;
RoundUpdated?.Invoke(this, round);
}
}
var roundsToRemove = new List <long>();
foreach (CcjClientRound round in Rounds)
{
CcjRunningRoundState state = states.SingleOrDefault(x => x.RoundId == round.State.RoundId);
if (state == null) // The round is not running anymore.
{
foreach (MixCoin rc in round.CoinsRegistered)
{
CoinsWaitingForMix.Add(rc);
}
roundsToRemove.Add(round.State.RoundId);
}
}
foreach (long roundId in roundsToRemove)
{
Rounds.RemoveAll(x => x.State.RoundId == roundId);
RoundRemoved?.Invoke(this, roundId);
}
}
int delay = new Random().Next(0, 7); // delay the response to defend timing attack privacy
await Task.Delay(TimeSpan.FromSeconds(delay), Stop.Token);
using (await MixLock.LockAsync())
{
CoinsWaitingForMix.RemoveAll(x => x.SmartCoin.SpenderTransactionId != null); // Make sure coins those were somehow spent are removed.
CcjClientRound inputRegistrableRound = Rounds.First(x => x.State.Phase == CcjRoundPhase.InputRegistration);
if (inputRegistrableRound.AliceUniqueId == null) // If didn't register already, check what can we register.
{
try
{
var coinsToRegister = new List <MixCoin>();
var amountSoFar = Money.Zero;
Money amountNeededExceptInputFees = inputRegistrableRound.State.Denomination + inputRegistrableRound.State.FeePerOutputs * 2;
var tooSmallInputs = false;
foreach (MixCoin coin in CoinsWaitingForMix
.Where(x => x.SmartCoin.Confirmed || x.SmartCoin.Label.Contains("CoinJoin", StringComparison.Ordinal)) // Where our label contains CoinJoin, CoinJoins can be registered even if not confirmed, our label will likely be CoinJoin only if it was a previous CoinJoin, otherwise the server will refuse us.
.OrderByDescending(y => y.SmartCoin.Amount) // First order by amount.
.OrderByDescending(z => z.SmartCoin.Confirmed)) // Then order by the amount ordered ienumerable by confirmation, so first try to register confirmed coins.
{
coinsToRegister.Add(coin);
if (inputRegistrableRound.State.MaximumInputCountPerPeer < coinsToRegister.Count)
{
tooSmallInputs = true;
break;
}
amountSoFar += coin.SmartCoin.Amount;
if (amountSoFar > amountNeededExceptInputFees + inputRegistrableRound.State.FeePerInputs * coinsToRegister.Count)
{
break;
}
}
// If input count doesn't reach the max input registration AND there are enough coins queued, then register to mix.
if (!tooSmallInputs && amountSoFar > amountNeededExceptInputFees + inputRegistrableRound.State.FeePerInputs * coinsToRegister.Count)
{
var changeKey = KeyManager.GenerateNewKey("CoinJoin Change Output", KeyState.Locked, isInternal: true);
var activeKey = KeyManager.GenerateNewKey("CoinJoin Active Output", KeyState.Locked, isInternal: true);
var blind = BlindingPubKey.Blind(activeKey.GetP2wpkhScript().ToBytes());
var inputProofs = new List <InputProofModel>();
foreach (var coin in coinsToRegister)
{
var inputProof = new InputProofModel
{
Input = coin.SmartCoin.GetOutPoint(),
Proof = coin.Secret.PrivateKey.SignMessage(ByteHelpers.ToHex(blind.BlindedData))
};
inputProofs.Add(inputProof);
}
InputsResponse inputsResponse = await AliceClient.PostInputsAsync(changeKey.GetP2wpkhScript(), blind.BlindedData, inputProofs.ToArray());
if (!BlindingPubKey.Verify(inputsResponse.BlindedOutputSignature, blind.BlindedData))
{
throw new NotSupportedException("Coordinator did not sign the blinded output properly.");
}
CcjClientRound roundRegistered = Rounds.SingleOrDefault(x => x.State.RoundId == inputsResponse.RoundId);
if (roundRegistered == null)
{
// If our SatoshiClient doesn't yet know about the round because of the dealy create it.
// Make its state as it'd be the same as our assumed round was, except the roundId and registeredPeerCount, it'll be updated later.
roundRegistered = new CcjClientRound(CcjRunningRoundState.CloneExcept(inputRegistrableRound.State, inputsResponse.RoundId, registeredPeerCount: 1));
Rounds.Add(roundRegistered);
RoundAdded?.Invoke(this, roundRegistered);
}
foreach (var coin in coinsToRegister)
{
roundRegistered.CoinsRegistered.Add(coin);
CoinsWaitingForMix.Remove(coin);
}
roundRegistered.ActiveOutput = activeKey;
roundRegistered.ChangeOutput = changeKey;
roundRegistered.UnblindedSignature = BlindingPubKey.UnblindSignature(inputsResponse.BlindedOutputSignature, blind.BlindingFactor);
roundRegistered.AliceUniqueId = inputsResponse.UniqueId;
RoundUpdated?.Invoke(this, roundRegistered);
}
}
catch (Exception ex)
{
Logger.LogError <CcjClient>(ex);
}
}
else // We registered, let's confirm we're online.
{
try
{
string roundHash = await AliceClient.PostConfirmationAsync(inputRegistrableRound.State.RoundId, (Guid)inputRegistrableRound.AliceUniqueId);
if (roundHash != null) // Then the phase went to connection confirmation.
{
inputRegistrableRound.RoundHash = roundHash;
inputRegistrableRound.State.Phase = CcjRoundPhase.ConnectionConfirmation;
RoundUpdated?.Invoke(this, inputRegistrableRound);
}
}
catch (Exception ex)
{
Logger.LogError <CcjClient>(ex);
}
}
foreach (CcjClientRound ongoingRound in Rounds.Where(x => x.State.Phase != CcjRoundPhase.InputRegistration && x.AliceUniqueId != null))
{
try
{
if (ongoingRound.State.Phase == CcjRoundPhase.ConnectionConfirmation)
{
if (ongoingRound.RoundHash == null) // If we didn't already obtained our roundHash obtain it.
{
string roundHash = await AliceClient.PostConfirmationAsync(inputRegistrableRound.State.RoundId, (Guid)inputRegistrableRound.AliceUniqueId);
if (roundHash == null)
{
throw new NotSupportedException("Coordinator didn't gave us the expected roundHash, even though it's in ConnectionConfirmation phase.");
}
else
{
ongoingRound.RoundHash = roundHash;
RoundUpdated?.Invoke(this, ongoingRound);
}
}
}
else if (ongoingRound.State.Phase == CcjRoundPhase.OutputRegistration)
{
if (ongoingRound.RoundHash == null)
{
throw new NotSupportedException("Coordinator progressed to OutputRegistration phase, even though we didn't obtain roundHash.");
}
await BobClient.PostOutputAsync(ongoingRound.RoundHash, ongoingRound.ActiveOutput.GetP2wpkhScript(), ongoingRound.UnblindedSignature);
}
else if (ongoingRound.State.Phase == CcjRoundPhase.Signing)
{
Transaction unsignedCoinJoin = await AliceClient.GetUnsignedCoinJoinAsync(ongoingRound.State.RoundId, (Guid)ongoingRound.AliceUniqueId);
if (NBitcoinHelpers.HashOutpoints(unsignedCoinJoin.Inputs.Select(x => x.PrevOut)) != ongoingRound.RoundHash)
{
throw new NotSupportedException("Coordinator provided invalid roundHash.");
}
Money amountBack = unsignedCoinJoin.Outputs
.Where(x => x.ScriptPubKey == ongoingRound.ActiveOutput.GetP2wpkhScript() || x.ScriptPubKey == ongoingRound.ChangeOutput.GetP2wpkhScript())
.Sum(y => y.Value);
Money minAmountBack = ongoingRound.CoinsRegistered.Sum(x => x.SmartCoin.Amount); // Start with input sum.
minAmountBack -= ongoingRound.State.FeePerOutputs * 2 + ongoingRound.State.FeePerInputs * ongoingRound.CoinsRegistered.Count; // Minus miner fee.
Money actualDenomination = unsignedCoinJoin.GetIndistinguishableOutputs().OrderByDescending(x => x.count).First().value; // Denomination may grow.
Money expectedCoordinatorFee = new Money((ongoingRound.State.CoordinatorFeePercent * 0.01m) * decimal.Parse(actualDenomination.ToString(false, true)), MoneyUnit.BTC);
minAmountBack -= expectedCoordinatorFee; // Minus expected coordinator fee.
// If there's no change output then coordinator protection may happened:
if (unsignedCoinJoin.Outputs.All(x => x.ScriptPubKey != ongoingRound.ChangeOutput.GetP2wpkhScript()))
{
Money minimumOutputAmount = new Money(0.0001m, MoneyUnit.BTC); // If the change would be less than about $1 then add it to the coordinator.
Money onePercentOfDenomination = new Money(actualDenomination.ToDecimal(MoneyUnit.BTC) * 0.01m, MoneyUnit.BTC); // If the change is less than about 1% of the newDenomination then add it to the coordinator fee.
Money minimumChangeAmount = Math.Max(minimumOutputAmount, onePercentOfDenomination);
minAmountBack -= minimumChangeAmount; // Minus coordinator protections (so it won't create bad coinjoins.)
}
if (amountBack < minAmountBack)
{
throw new NotSupportedException("Coordinator did not add enough value to our outputs in the coinjoin.");
}
new TransactionBuilder()
.AddKeys(ongoingRound.CoinsRegistered.Select(x => x.Secret).ToArray())
.AddCoins(ongoingRound.CoinsRegistered.Select(x => x.SmartCoin.GetCoin()))
.SignTransactionInPlace(unsignedCoinJoin, SigHash.All);
var myDic = new Dictionary <int, WitScript>();
for (int i = 0; i < unsignedCoinJoin.Inputs.Count; i++)
{
var input = unsignedCoinJoin.Inputs[i];
if (ongoingRound.CoinsRegistered.Select(x => x.SmartCoin.GetOutPoint()).Contains(input.PrevOut))
{
myDic.Add(i, unsignedCoinJoin.Inputs[i].WitScript);
}
}
await AliceClient.PostSignaturesAsync(ongoingRound.State.RoundId, (Guid)ongoingRound.AliceUniqueId, myDic);
}
}
catch (Exception ex)
{
Logger.LogError <CcjClient>(ex);
}
}
}
}
catch (TaskCanceledException ex)
{
Logger.LogTrace <CcjClient>(ex);
}
catch (Exception ex)
{
Logger.LogError <CcjClient>(ex);
}
}