19491336680

Committed 19 Nov 2025 05:51AM UTC coverage: 61.332% (+10.0%) from 51.294%

Build # 19491336680

Build Type

push

github

Committed by

web-flow

Commit Message

feat: make key manager stateless (#7550)

Description
---
Changes the key manager to make it stateless. 
This allows the key manager to only work from view and spend keys. 
Removes all async from the key manager.

Motivation and Context
---
Simplify the usage of the key manager


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
  * Hardware ledger wallet support and new wallet types.

* **Improvements**
* Key-management and transaction APIs now operate synchronously for more
predictable behavior.
* Memo construction, transaction signing, and error reporting refined
for more reliable submissions and clearer diagnostics.

* **Bug Fixes**
* Improved memo creation and wallet address error handling to reduce
failed transactions.

* **Refactor**
* Large internal modernization of key-management, wallet, and test
infrastructure (performance and maintainability).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: stringhandler <stringhandler@protonmail.com>

Run Details

2156 of 4401 new or added lines in 81 files covered. (48.99%)

271 existing lines in 19 files now uncovered.

70402 of 114788 relevant lines covered (61.33%)

228492.92 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

64.1

/base_layer/transaction_components/src/multisig/script.rs

// Copyright 2025 The Tari Project
//
// Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
// following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
// disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
// following disclaimer in the documentation and/or other materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote
// products derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
// INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
// WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
// USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
use tari_common_types::types::{CompressedPublicKey, PrivateKey, UncompressedPublicKey};
use tari_crypto::keys::{PublicKey, SecretKey};
use tari_script::{Opcode, TariScript};

use crate::{
    key_manager::{TariKeyId, TransactionKeyManagerInterface},
    transaction_components::{one_sided::diffie_hellman_stealth_domain_hasher, TransactionError},
};

pub fn is_multisig_utxo(tari_script: &TariScript) -> bool {
    tari_script
        .as_slice()
        .iter()
        .any(|op| matches!(op, Opcode::CheckMultiSigVerify(..)))
}

pub fn get_multi_sig_script_components(script: &TariScript) -> Option<(Vec<CompressedPublicKey>, u8)> {
    for op in script.as_slice() {
        if let Opcode::CheckMultiSigVerify(m, _n, keys, _msg) = op {
            return Some((keys.clone(), *m));
        }
    }

    None
}

pub fn derive_multisig_ephemeral_pubkey<KM: TransactionKeyManagerInterface>(
    key_manager: &KM,
    public_key: &CompressedPublicKey,
    sender_offset_key: &TariKeyId,
) -> Result<CompressedPublicKey, TransactionError> {
    let dh_shared_secret = key_manager.get_diffie_hellman_shared_secret(sender_offset_key, public_key)?;

    let stealth_hash = diffie_hellman_stealth_domain_hasher(&dh_shared_secret);
    let private_key = PrivateKey::from_uniform_bytes(stealth_hash.as_ref())?;

    let shared_secret = UncompressedPublicKey::from_secret_key(&private_key);
    Ok(CompressedPublicKey::new_from_pk(
        public_key.to_public_key()? + shared_secret,
    ))
}

pub fn derive_multisig_ephemeral_pubkeys<KM: TransactionKeyManagerInterface>(
    key_manager: &KM,
    public_keys: &[CompressedPublicKey],
    sender_offset_key: &TariKeyId,
) -> Result<Vec<CompressedPublicKey>, TransactionError> {
    let mut ephemeral_pubkeys = Vec::new();
    for pub_key in public_keys {
        ephemeral_pubkeys.push(derive_multisig_ephemeral_pubkey(
            key_manager,
            pub_key,
            sender_offset_key,
        )?);
    }
    Ok(ephemeral_pubkeys)
}

1	// Copyright 2025 The Tari Project
2	//
3	// Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
4	// following conditions are met:
5	//
6	// 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
7	// disclaimer.
8	//
9	// 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
10	// following disclaimer in the documentation and/or other materials provided with the distribution.
11	//
12	// 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote
13	// products derived from this software without specific prior written permission.
14	//
15	// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
16	// INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
17	// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
18	// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
19	// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
20	// WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
21	// USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
22	use tari_common_types::types::{CompressedPublicKey, PrivateKey, UncompressedPublicKey};
23	use tari_crypto::keys::{PublicKey, SecretKey};
24	use tari_script::{Opcode, TariScript};
25
26	use crate::{
27	key_manager::{TariKeyId, TransactionKeyManagerInterface},
28	transaction_components::{one_sided::diffie_hellman_stealth_domain_hasher, TransactionError},
29	};
30
31	pub fn is_multisig_utxo(tari_script: &TariScript) -> bool {	×
32	tari_script	×
33	.as_slice()	×
34	.iter()	×
35	.any(\|op\| matches!(op, Opcode::CheckMultiSigVerify(..)))	×
36	}	×
37
38	pub fn get_multi_sig_script_components(script: &TariScript) -> Option<(Vec<CompressedPublicKey>, u8)> {	×
39	for op in script.as_slice() {	×
40	if let Opcode::CheckMultiSigVerify(m, _n, keys, _msg) = op {	×
41	return Some((keys.clone(), *m));	×
42	}	×
43	}
44
45	None	×
46	}	×
47
48	pub fn derive_multisig_ephemeral_pubkey<KM: TransactionKeyManagerInterface>(	6✔
49	key_manager: &KM,	6✔
50	public_key: &CompressedPublicKey,	6✔
51	sender_offset_key: &TariKeyId,	6✔
52	) -> Result<CompressedPublicKey, TransactionError> {	6✔
53	let dh_shared_secret = key_manager.get_diffie_hellman_shared_secret(sender_offset_key, public_key)?;	6✔
54
55	let stealth_hash = diffie_hellman_stealth_domain_hasher(&dh_shared_secret);	6✔
56	let private_key = PrivateKey::from_uniform_bytes(stealth_hash.as_ref())?;	6✔
57
58	let shared_secret = UncompressedPublicKey::from_secret_key(&private_key);	6✔
59	Ok(CompressedPublicKey::new_from_pk(	6✔
60	public_key.to_public_key()? + shared_secret,	6✔
61	))
62	}	6✔
63
64	pub fn derive_multisig_ephemeral_pubkeys<KM: TransactionKeyManagerInterface>(	2✔
65	key_manager: &KM,	2✔
66	public_keys: &[CompressedPublicKey],	2✔
67	sender_offset_key: &TariKeyId,	2✔
68	) -> Result<Vec<CompressedPublicKey>, TransactionError> {	2✔
69	let mut ephemeral_pubkeys = Vec::new();	2✔
70	for pub_key in public_keys {	8✔
71	ephemeral_pubkeys.push(derive_multisig_ephemeral_pubkey(	6✔
72	key_manager,	6✔
73	pub_key,	6✔
74	sender_offset_key,	6✔
NEW 75	)?);	×
76	}
77	Ok(ephemeral_pubkeys)	2✔
78	}	2✔

tari-project / tari / 19491336680

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous