Cleanup for carrot_core

src/carrot_core/account_secrets.cpp

@@ -49,8 +49,8 @@ namespace carrot
 void make_carrot_provespend_key(const crypto::secret_key &s_master,
     crypto::secret_key &k_prove_spend_out)
 {
-    // k_ps = H_n(s_m)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_PROVE_SPEND_KEY>();
+    // k_ps = H_n[s_m]()
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_PROVE_SPEND_KEY>();
     derive_scalar(transcript.data(), transcript.size(), &s_master, to_bytes(k_prove_spend_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
@@ -65,41 +65,41 @@ void make_carrot_partial_spend_pubkey(const crypto::secret_key &k_prove_spend,
 void make_carrot_viewbalance_secret(const crypto::secret_key &s_master,
     crypto::secret_key &s_view_balance_out)
 {
-    // s_vb = H_32(s_m)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_VIEW_BALANCE_SECRET>();
+    // s_vb = H_32[s_m]()
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_VIEW_BALANCE_SECRET>();
     derive_bytes_32(transcript.data(), transcript.size(), &s_master, to_bytes(s_view_balance_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_carrot_generateimage_preimage(const crypto::secret_key &s_view_balance,
     crypto::secret_key &s_generate_image_preimage_out)
 {
-    // s_gp = H_n(s_vb)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_GENERATE_IMAGE_PREIMAGE>();
+    // s_gp = H_n[s_vb]()
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_GENERATE_IMAGE_PREIMAGE>();
     derive_bytes_32(transcript.data(), transcript.size(), &s_view_balance, to_bytes(s_generate_image_preimage_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_carrot_generateimage_key(const crypto::secret_key &s_generate_image_preimage,
     const crypto::public_key &partial_spend_pubkey,
     crypto::secret_key &k_generate_image_out)
 {
-    // k_gi = H_n(s_gp, K_ps)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_GENERATE_IMAGE_KEY>(partial_spend_pubkey);
+    // k_gi = H_n[s_gp](K_ps)
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_GENERATE_IMAGE_KEY>(partial_spend_pubkey);
     derive_scalar(transcript.data(), transcript.size(), &s_generate_image_preimage, to_bytes(k_generate_image_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_carrot_viewincoming_key(const crypto::secret_key &s_view_balance,
     crypto::secret_key &k_view_out)
 {
-    // k_v = H_n(s_vb)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_INCOMING_VIEW_KEY>();
+    // k_v = H_n[s_vb]()
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_INCOMING_VIEW_KEY>();
     derive_scalar(transcript.data(), transcript.size(), &s_view_balance, to_bytes(k_view_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_carrot_generateaddress_secret(const crypto::secret_key &s_view_balance,
     crypto::secret_key &s_generate_address_out)
 {
-    // s_ga = H_32(s_vb)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_GENERATE_ADDRESS_SECRET>();
+    // s_ga = H_32[s_vb]()
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_GENERATE_ADDRESS_SECRET>();
     derive_bytes_32(transcript.data(), transcript.size(), &s_view_balance, to_bytes(s_generate_address_out));
 }
 //-------------------------------------------------------------------------------------------------------------------

src/carrot_core/account_secrets.h

@@ -51,7 +51,7 @@ namespace carrot
 
 /**
 * brief: make_carrot_provespend_key - prove-spend key, for signing input proofs to spend enotes
-*   k_ps = H_n(s_m)
+*   k_ps = H_n[s_m]()
 * param: s_master - s_m
 * outparam: k_prove_spend_out - k_ps
 */
@@ -67,23 +67,23 @@ void make_carrot_partial_spend_pubkey(const crypto::secret_key &k_prove_spend,
     crypto::public_key &partial_spend_pubkey_out);
 /**
 * brief: make_carrot_viewbalance_secret - view-balance secret, for viewing all balance information
-*   s_vb = H_n(s_m)
+*   s_vb = H_n[s_m]()
 * param: s_master - s_m
 * outparam: s_view_balance_out - s_vb
 */
 void make_carrot_viewbalance_secret(const crypto::secret_key &s_master,
     crypto::secret_key &s_view_balance_out);
 /**
 * brief: make_carrot_generateimage_preimage - generate-image key preimage
-*   s_gp = H_n(s_vb)
+*   s_gp = H_n[s_vb]()
 * param: s_view_balance - s_vb
 * outparam: s_generate_image_preimage_out - s_gp
 */
 void make_carrot_generateimage_preimage(const crypto::secret_key &s_view_balance,
     crypto::secret_key &s_generate_image_preimage_out);
     /**
 * brief: make_carrot_generateimage_key - generate-image key, for identifying enote spends
-*   k_gi = H_n(s_gp, K_ps)
+*   k_gi = H_n[s_gp](K_ps)
 * param: s_generate_image_preimage - s_gp
 * param: partial_spend_pubkey - K_ps
 * outparam: k_generate_image_out - k_gi
@@ -93,15 +93,15 @@ void make_carrot_generateimage_key(const crypto::secret_key &s_generate_image_pr
     crypto::secret_key &k_generate_image_out);
 /**
 * brief: make_carrot_viewincoming_key - view-incoming key, for identifying received external enotes
-*   k_v = H_n(s_vb)
+*   k_v = H_n[s_vb]()
 * param: s_view_balance - s_vb
 * outparam: k_view_out - k_v
 */
 void make_carrot_viewincoming_key(const crypto::secret_key &s_view_balance,
     crypto::secret_key &k_view_out);
 /**
 * brief: make_carrot_generateaddress_secret - generate-address secret, for generating addresses
-*   s_ga = H_32(s_vb)
+*   s_ga = H_32[s_vb]()
 * param: s_view_balance - s_vb
 * outparam: s_generate_address_out - s_ga
 */

src/carrot_core/address_utils.cpp

@@ -51,8 +51,8 @@ void make_carrot_address_index_preimage_1(const crypto::secret_key &s_generate_a
     crypto::secret_key &address_index_preimage_1_out)
 {
     // s^j_ap1 = H_32[s_ga](j_major, j_minor)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_ADDRESS_INDEX_PREIMAGE_1>(j_major, j_minor);
-    derive_bytes_32(transcript.data(), transcript.size(), &s_generate_address, &address_index_preimage_1_out);
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_ADDRESS_INDEX_PREIMAGE_1>(j_major, j_minor);
+    derive_bytes_32(transcript.data(), transcript.size(), &s_generate_address, to_bytes(address_index_preimage_1_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_carrot_address_index_preimage_2(const crypto::secret_key &address_index_preimage_1,
@@ -63,18 +63,18 @@ void make_carrot_address_index_preimage_2(const crypto::secret_key &address_inde
     crypto::secret_key &address_index_preimage_2_out)
 {
     // s^j_ap2 = H_32[s^j_ap1](j_major, j_minor, K_s, K_v)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_ADDRESS_INDEX_PREIMAGE_2>(j_major, j_minor,
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_ADDRESS_INDEX_PREIMAGE_2>(j_major, j_minor,
         account_spend_pubkey, account_view_pubkey);
-    derive_bytes_32(transcript.data(), transcript.size(), &address_index_preimage_1, &address_index_preimage_2_out);
+    derive_bytes_32(transcript.data(), transcript.size(), &address_index_preimage_1, to_bytes(address_index_preimage_2_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 void make_carrot_subaddress_scalar(const crypto::secret_key &address_index_preimage_2,
     const crypto::public_key &account_spend_pubkey,
     crypto::secret_key &subaddress_scalar_out)
 {
     // k^j_subscal = H_n[s^j_ap2](K_s)
-    const auto transcript = sp::make_fixed_transcript<CARROT_DOMAIN_SEP_SUBADDRESS_SCALAR>(account_spend_pubkey);
-    derive_scalar(transcript.data(), transcript.size(), &address_index_preimage_2, subaddress_scalar_out.data);
+    const auto transcript = make_fixed_transcript<CARROT_DOMAIN_SEP_SUBADDRESS_SCALAR>(account_spend_pubkey);
+    derive_scalar(transcript.data(), transcript.size(), &address_index_preimage_2, to_bytes(subaddress_scalar_out));
 }
 //-------------------------------------------------------------------------------------------------------------------
 } //namespace carrot

src/carrot_core/carrot_enote_types.cpp

@@ -26,7 +26,7 @@
 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-// Utilities for scanning carrot enotes
+// Utilities for scanning carrot enotes.
 
 //paired header
 #include "carrot_enote_types.h"
@@ -38,13 +38,15 @@
 //standard headers
 
 /*
- onetime address
-// - amount commitment
-// - encrypted amount
-// - encrypted janus anchor
-// - view tag
-// - ephemeral pubkey
-// - tx first key image*/
+Expected:
+- onetime address
+- amount commitment
+- encrypted amount
+- encrypted janus anchor
+- view tag
+- ephemeral pubkey
+- tx first key image
+*/
 
 namespace carrot
 {

src/carrot_core/carrot_enote_types.h

@@ -26,7 +26,7 @@
 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-// Seraphis core types.
+// Carrot core types.
 
 #pragma once
 
@@ -45,16 +45,6 @@
 namespace carrot
 {
 
-////
-// CarrotEnoteV1
-// - onetime address
-// - amount commitment
-// - encrypted amount
-// - encrypted janus anchor
-// - view tag
-// - ephemeral pubkey
-// - tx first key image
-///
 struct CarrotEnoteV1 final
 {
     /// K_o
@@ -77,15 +67,6 @@ struct CarrotEnoteV1 final
 bool operator==(const CarrotEnoteV1 &a, const CarrotEnoteV1 &b);
 static inline bool operator!=(const CarrotEnoteV1 &a, const CarrotEnoteV1 &b) { return !(a == b); }
 
-////
-// CarrotCoinbaseEnoteV1
-// - onetime address
-// - cleartext amount
-// - encrypted janus anchor
-// - view tag
-// - ephemeral pubkey
-// - block index
-///
 struct CarrotCoinbaseEnoteV1 final
 {
     /// K_o

src/carrot_core/core_types.h

@@ -46,7 +46,8 @@ namespace carrot
 
 constexpr std::size_t JANUS_ANCHOR_BYTES{16};
 
-/// either encodes randomness the private key of, or an HMAC of, the ephemeral pubkey 
+/// Encodes either randomness for deriving the ephemeral key (normal), an HMAC of the view key plus
+/// ephemeral pubkey (external selfsends), or a custom message (internal selfsends).
 struct janus_anchor_t final
 {
     unsigned char bytes[JANUS_ANCHOR_BYTES];
@@ -99,7 +100,7 @@ struct input_context_t final
     unsigned char bytes[INPUT_CONTEXT_BYTES];
 };
 
-/// overloaded operators: address tag
+/// overloaded operators: janus anchor
 bool operator==(const janus_anchor_t &a, const janus_anchor_t &b);
 static inline bool operator!=(const janus_anchor_t &a, const janus_anchor_t &b) { return !(a == b); }
 janus_anchor_t operator^(const janus_anchor_t &a, const janus_anchor_t &b);

src/carrot_core/destination.cpp

@@ -95,7 +95,7 @@ void make_carrot_subaddress_v1(const crypto::public_key &account_spend_pubkey,
     // K^j_s = k^j_subscal * K_s
     const rct::key address_spend_pubkey =
         rct::scalarmultKey(rct::pk2rct(account_spend_pubkey), rct::sk2rct(subaddress_scalar));
-    
+
     // K^j_v = k^j_subscal * K_v
     const rct::key address_view_pubkey =
         rct::scalarmultKey(rct::pk2rct(account_view_pubkey), rct::sk2rct(subaddress_scalar));

src/carrot_core/destination.h

@@ -58,7 +58,7 @@ struct CarrotDestinationV1 final
     crypto::public_key address_view_pubkey;
     /// is a subaddress?
     bool is_subaddress;
-    /// legacy payment id pid: null for main addresses and subaddresses
+    /// legacy payment id pid: non-null only for integrated addresses (main address + payment id)
     payment_id_t payment_id;
 };
 
@@ -106,11 +106,11 @@ void make_carrot_integrated_address_v1(const crypto::public_key &account_spend_p
 */
 CarrotDestinationV1 gen_carrot_main_address_v1();
 /**
-* brief: gen_carrot_main_address_v1 - generate a random subaddress
+* brief: gen_carrot_subaddress_v1 - generate a random subaddress
 */
 CarrotDestinationV1 gen_carrot_subaddress_v1();
 /**
-* brief: gen_carrot_main_address_v1 - generate a random integrated address
+* brief: gen_carrot_integrated_address_v1 - generate a random integrated address
 */
 CarrotDestinationV1 gen_carrot_integrated_address_v1();
 

src/carrot_core/device_ram_borrowed.cpp

@@ -52,7 +52,7 @@ bool view_incoming_key_ram_borrowed_device::view_key_scalar_mult_ed25519(const c
 bool view_incoming_key_ram_borrowed_device::view_key_scalar_mult_x25519(const mx25519_pubkey &D,
     mx25519_pubkey &kvD) const
 {
-    return make_carrot_uncontextualized_shared_key_receiver(m_k_view_incoming, D, kvD);
+    return try_make_carrot_uncontextualized_shared_key_receiver(m_k_view_incoming, D, kvD);
 }
 //-------------------------------------------------------------------------------------------------------------------
 void view_incoming_key_ram_borrowed_device::make_janus_anchor_special(

src/carrot_core/device_ram_borrowed.h

@@ -43,7 +43,7 @@
 namespace carrot
 {
 
-class view_incoming_key_ram_borrowed_device: virtual public view_incoming_key_device
+class view_incoming_key_ram_borrowed_device final : virtual public view_incoming_key_device
 {
 public:
     view_incoming_key_ram_borrowed_device(const crypto::secret_key &k_view_incoming):
@@ -64,7 +64,7 @@ class view_incoming_key_ram_borrowed_device: virtual public view_incoming_key_de
     const crypto::secret_key &m_k_view_incoming;
 };
 
-class view_balance_secret_ram_borrowed_device: public view_balance_secret_device
+class view_balance_secret_ram_borrowed_device final : public view_balance_secret_device
 {
 public:
     view_balance_secret_ram_borrowed_device(const crypto::secret_key &s_view_balance):
@@ -82,7 +82,7 @@ class view_balance_secret_ram_borrowed_device: public view_balance_secret_device
     const crypto::secret_key &m_s_view_balance;
 };
 
-class generate_address_secret_ram_borrowed_device: public generate_address_secret_device
+class generate_address_secret_ram_borrowed_device final : public generate_address_secret_device
 {
 public:
     generate_address_secret_ram_borrowed_device(const crypto::secret_key &s_generate_address):
@@ -96,7 +96,7 @@ class generate_address_secret_ram_borrowed_device: public generate_address_secre
     const crypto::secret_key &m_s_generate_address;
 };
 
-class generate_image_key_ram_borrowed_device: public generate_image_key_device
+class generate_image_key_ram_borrowed_device final : public generate_image_key_device
 {
 public:
     generate_image_key_ram_borrowed_device(const crypto::secret_key &k_generate_image):