Development update: transactions test-net preparations, vulnerability patch progress and research

Published in

Tangram

3 min readMar 21, 2019

As part of our ongoing development updates, we’ve consolidated all revisions which the core team worked on for the past two weeks. Please feel free to discuss any of the information in any of our channels.

Transactions test-net preparations

As development progresses steadily, it is important to ensure that the different components of Tangram work together as intended. For this reason, a test-net will commence soon after the release of this update. This will employ the recently released CLi wallet, and is intended to test the transactions layer. Wallets will communicate with nodes operated by the Tangram team.

Further details will be provided.

Notable changes

Wallet

Vault service refactoring [61e823]
Added rest API method enum pattern [5ea4863]
Vault Service to use secure strings [363a21]
Receive manual payment from redemption key [219363]
Overall refactoring [f451e6c]
Finished ISO/IEC 7816–4 padding algorithm [f451e6]

Node

Added message routing rules
Added missing Pedersen commitment fields
Refactored coin fields for Pedersen commitments
Changed add coin return type & fixed coin lookup
Added message count and range lookups
Removed onion startup from Token.API
SWIM (Gossip protocol) refactoring

Vulnerability patch progress

As explained in our last development update, wallets and nodes alike are important parts of the Tangram network. Fixes to the vulnerability discussed in January are being applied on both sides. Steady progress has been made, and two tests remain on the wallet side:

Check sender commitments are correct (inputs & outputs)
Check receiver commitments are correct (inputs & outputs)

The sole purpose of checking if commitments are correct is to verify that the amount received is equal to the amount sent as per the target library.

Once these two items are verified to be correct and complete, node side development for the vulnerability patch will continue, especially with reference to the C# wrapper for the native secp256k1-zkp library.

Patch expectations

At every point the user must know the amount of all the values of their secret random blinding factor per coin.

The patch provides the ability to create transactions that does not allow any further information to a recipient’s secret random blinding key which has the values and the sum of their balance.

Pedersen Commitments provides us and specifically the forked library of https://github.com/tangramproject/secp256k1-zkp, transactions to sum to a non zero, therefore does not allow any information to the sender OR recipient for the blinding factors that make up the balance of the user at the point of the transaction per coin or previous transactions of a coin made for entry and issued. *in theory.

Once the patch has been applied thoroughly tested for both node and wallet code, we will communicate a complete post-mortem of the vulnerability.

Research

Furthermore, research is being conducted to collect more information that will allow us to strengthen unlinkability, as previously discussed in our vulnerability discovery announcement.

One area of current research is focused on determining whether the Boneh-Lynn-Shacham (BLS) signature scheme can strengthen the protocol (security), and provide further efficiencies by proving knowledge by obtaining a signature on a (secret) committed message. We expect this to be included in the patch upgrade following the Pedersen Commitment patch.

Some articles of the target research is linked below for further reading:

A Signature Scheme with Efficient Protocols:

Signature Scheme and Anonymous Credentials from Bilinear Maps:

PBC Library: