MWEB Progress Update Thread

Hi David. Thanks for the update & hard work. What a great idea with taproot activation.

We appreciate your focus & consistency to making litecoin the best currency for the people by the people.

10 years 100% uptime.

19 Likes

You are THE best

5 Likes

Waiting for the November update like Hawk :slight_smile:

3 Likes

It’s going to be worth the wait @vasajb. I was hoping to have written it already, but I’ve hit a couple roadblocks. Hopefully not too much longer :slight_smile:

8 Likes

Absolutely! Really Appreciate all your consistent work over few years on this Project. Being software engineer myself - I know its not easy task… Thanks Again!

Regards,
Srinivas

1 Like

October Progress:

Audit

Quarkslab has finished their audit of the code! :rocket:

I’ll be meeting with them Friday to discuss their findings. After that, they’ll work on releasing the audit report in a blog post, which I look forward to sharing with you all.

Findings

Since you’ll be able to read the full report once they share their blog post, I won’t dive too deeply into the findings here. But at a quick glance:


There was one critical issue found that resulted from a mistake while merging the MWEB code & v0.21.1 code together. So when copying the changes into the latest release code, I missed a small, but crucial line of validation code that could’ve been exploited by a malicious attacker to cause serious disruptions to the chain :flushed:

This tells us…

  1. We could really benefit from better functional test coverage around our validation logic to make sure we would catch similar issues ourselves in future releases.

  2. We should think about adding some processes we can follow to minimize the possibility of this happening. That could mean documenting all changes, or having 2 people perform the merge separately then comparing results, or a change to how we approach the code reviews.

  3. The audit was a really good idea (thanks Quarkslab!)


There were also some smaller findings, and some great suggestions for how we could improve the quality and safety of the code. Overall, they were impressed with the code quality, which was exciting to hear :partying_face:

v0.21.1 (Taproot) Release

The release process we inherited from bitcoin can be quite painful. It uses gitian to build repeatable and deterministic binaries from the source code. This means that multiple people can all build the code on different machines (and even different operating systems) and still get the same exact release binaries. We can then all compare the results and then sign the release, certifying that we all agree that the published release is safe & accurate.

There’s a lot of magic involved to make this work, which leads to a time-consuming & often frustrating experience (especially for n00bs like me). So I really dragged my feet on this one :grimacing:. I finally forced myself to push through this a few days ago, and after fighting with some outdated scripts, was able to build all of the binaries successfully. I’ll finish signing these tomorrow and hand them off for the other developers to repeat the build & verify results.

MWEB Testnet

After lots of promises and then take-backs, I’ve finally decided to release a binary that allows non-technical users to try out the MWEB testnet. I only have the windows release available right now, but I’ll work on getting binaries for Mac OS X on Friday. Linux users can build their own, because I’m tired :stuck_out_tongue_closed_eyes:

Link: MWEB Testnet Release

Here’s my gpg key if you’d like to verify the binaries first (you should). I’ll add instructions on how to do that on the release page when I have some time.

There’s no installer, because I didn’t want anyone accidentally replacing their actual litecoin wallet, so to use it:

  • Download (and verify) the zip file
  • Extract the litecoin-63fe928e4e8a folder
  • Find and run litecoin-qt.exe from inside the bin folder

This will default to using the MWEB testnet, which you can tell by the off-colored logo and the [mwebtest] in the title bar. These use mwebtest coins, not actual litecoin coins. So pleeease don’t try to use it with real money.

You’ll either have to mine a block to get mwebtest coins (you can CPU mine a block in no time), or find someone to give you some. If anyone is willing to setup a faucet, I’ve got a ton of coins you can have :slight_smile:

Also, if someone feels like writing a guide for how to create stealth addresses, send to and receive from them, and all of the fun stuff that goes along with it, you’d be my new favorite person.

Remaining Schedule

You’re pretty much back to just waiting on me again :stopwatch: while I finish applying audit suggestions and then pushing through the tedious process of merging, coordinating final reviews, writing release notes, and finally kicking off the beloved gitian builds. I don’t know exactly how long that will take, but rumor has it that it increases by a full day for every person that asks me :stuck_out_tongue_winking_eye:

What a long journey this has been :sweat_smile:

P.S. https://wenmweb.com is up to date.

28 Likes

Amazing work mate! Congratulations on this milestone!

1 Like

hi David, my name is wasim and I am big fan of LTC, I always believed in Crypto Since the start, i carry massive investment in LTC and I would love to be part of the coming up on LTC, do you mind if we can have a meeting to discuss further your hard work.

4 Likes

Thank you so much David…your work is amazing
Really hope you’ll be held as a King after MWEB is activated

2 Likes

Litecoin is about to have its largest upgrade of all time. MimbleWimble technology offers a way to allow for private transactions making litecoin one of the best digital cash options.

We look forward to seeing litecoin lead again as we develop better sound money for the people.

7 Likes

hi David. Interesting. I’ll try this Release MWEB Testnet Release · ltc-mweb/litecoin · GitHub
and give feedback.
One question: in case bitcoincore wants to use this MWEB, is it compatible or near compatible for btc?
tks

3 Likes

runing ok on win8/es.
only one peer: 167.99.227.183:49339 (ID de nodo: 0)
pls, some test-LTC to tmweb1qqgunzszdkghjd8wemyh9g0w78hewk7a9dcpnhjq3fy6q34r8q4ydsq59mrfdw3t7utj84md82nwkd768lrgwdzrjywc8v9ym6ts02v5zduldjz0e

or this one (with label and message)
tmweb1qqf0y9zygy5ke5hd8plqz7t879p08yc6nall2vvczt84askazuh7gcqncvd80k7k8drde7w6zv3r06tn09c633llvddt2fx75yea4u2d22v587psh

5 Likes

What is happening with taproot signal?

1 Like

I’ve created a faucet at mwebtest [dot] wasylk [dot] ovh

Aside from that I couldn’t get mweb transactions working, they never land in memory pool.

December news! Some important messages are being thrown on @David 's twitter: https://twitter.com/DavidBurkett38/status/1466460568525713413

1 Like

November Progress:

Security Vulnerability

As shared on Twitter yesterday:

Kurt, a long-time GRIN community member, contacted Charlie and I to inform us of a vulnerability in the design for non-interactive transactions. While the attack is difficult to perform in practice, it does allow for theft of funds if the conditions line up just right.

This attack is rather technical, and difficult to understand without first learning all of the crypto behind MWEB. Very informally, it works like this:

  1. Alice sends 2 coins to Bob:
    • coin 1 = 10 LTC
    • coin 2 = 20 LTC
  2. Bob creates 2 transactions, 1 to Charlie, and another back to Alice, and sends them at roughly the same time:
    • tx1 = spend coin 1 to send 8 LTCs to Alice (8 LTC Alice, 2 LTC Change)
    • tx2 = spend coin 2 to send 15 LTCs to Charlie (15 LTC Charlie, 5 LTC Change)
  3. Alice changes tx1 to spend coin 2 instead, keeping the additional 10 LTCs for herself:
    • tx3 = spend coin 2 to send 18 LTCs to Alice and 2 LTC back to Bob as Change
    • tx1 & tx2 dropped and replaced with tx3

There are a number of reasons why this attack would fail in practice nearly every time. But the consequences if it did succeed would be very serious, so it was obvious this was something we had to prevent.

We are very grateful for Kurt taking the time to study MWEB’s design, and for reaching out to share this attack with us. Due to the importance of the finding, Charlie generously donated his own money to pay Kurt a well-deserved 0.15 BTC bounty.

The Fix

Considering the proximity to the planned release date, panic started to set in. Fortunately, I realized there’s a relatively straightforward fix for the attack that consists of introducing a new public key in each input that prevents reuse of input signatures.

At the same time we were working through the details of the attack & fixes, I was put in contact with some top-notch cryptographers who offered to do a security audit of our design, which they were considering to use as a starting point for another project they were working on.

The need for a more formally documented design became evident, so I spent the next few weeks rewriting LIP-0004 into a more complete and formally specified design, making minor tweaks along the way to harden it where I could. Clearly, I should’ve done this from the beginning, because we’ve had nearly as many reviewers of LIP-0004 in this past month as we have for the previous 1.5 years :slightly_smiling_face:
While I would’ve loved to have all of these eyes on the design long ago, I’m thrilled about all of the feedback I’ve received.

Unfortunately, some changes do need to be made to the code to now match the new design, which means a few more more weeks of dev work. Fortunately, nearly all of the changes will be in the libmw subproject, which is highly modularized and heavily tested. This is great news, since it means the changes should be easier to make, test, and most importantly, review. This review can be carefully performed by the other LTC developers, so I don’t believe it’s necessary to send the changes back to the auditors. This will have an impact on release date, but the delay should be minimal.

Release Process

I mentioned last month that the release build process was time-consuming, and the scripts were outdated, so I spent some time cleaning all of the old scripts up, and creating a simpler, more automated build process. The build scripts and verification keys are going to be maintained in a separate repo going forward. Right now, the new ltc-release-builder is just under my personal github account, but if it works out well for the MWEB release, we’ll get that moved to litecoin’s github org.


Timeline updates

  • I’ve chosen to push the release to January to ensure we have enough time to fix the vulnerability found. Hopefully that will be the last time :crossed_fingers:. wenmweb.com is once again up-to-date.

  • v0.21.1 any day now™ for real this time™ :sweat_smile:

17 Likes

Thanks for the update & the continued development of the MimbleWimble code. We appreciate your thoroughness in reviewing & fine tuning the code for better improvement & protection from vulnerabilities.

5 Likes

Get ready to release into a bear market! Awesome job though.

3 Likes

Thanks for the hard work on this! Protecting privacy is absolutely paramount and I really hope this leads the way toward more adoption. Great job!

4 Likes

Thanks for your work!

1 Like