MWEB Progress Update Thread

hi David. Interesting. I’ll try this Release MWEB Testnet Release · ltc-mweb/litecoin · GitHub
and give feedback.
One question: in case bitcoincore wants to use this MWEB, is it compatible or near compatible for btc?
tks

3 Likes

runing ok on win8/es.
only one peer: 167.99.227.183:49339 (ID de nodo: 0)
pls, some test-LTC to tmweb1qqgunzszdkghjd8wemyh9g0w78hewk7a9dcpnhjq3fy6q34r8q4ydsq59mrfdw3t7utj84md82nwkd768lrgwdzrjywc8v9ym6ts02v5zduldjz0e

or this one (with label and message)
tmweb1qqf0y9zygy5ke5hd8plqz7t879p08yc6nall2vvczt84askazuh7gcqncvd80k7k8drde7w6zv3r06tn09c633llvddt2fx75yea4u2d22v587psh

5 Likes

What is happening with taproot signal?

1 Like

I’ve created a faucet at mwebtest [dot] wasylk [dot] ovh

Aside from that I couldn’t get mweb transactions working, they never land in memory pool.

December news! Some important messages are being thrown on @David 's twitter: https://twitter.com/DavidBurkett38/status/1466460568525713413

1 Like

November Progress:

Security Vulnerability

As shared on Twitter yesterday:

Kurt, a long-time GRIN community member, contacted Charlie and I to inform us of a vulnerability in the design for non-interactive transactions. While the attack is difficult to perform in practice, it does allow for theft of funds if the conditions line up just right.

This attack is rather technical, and difficult to understand without first learning all of the crypto behind MWEB. Very informally, it works like this:

  1. Alice sends 2 coins to Bob:
    • coin 1 = 10 LTC
    • coin 2 = 20 LTC
  2. Bob creates 2 transactions, 1 to Charlie, and another back to Alice, and sends them at roughly the same time:
    • tx1 = spend coin 1 to send 8 LTCs to Alice (8 LTC Alice, 2 LTC Change)
    • tx2 = spend coin 2 to send 15 LTCs to Charlie (15 LTC Charlie, 5 LTC Change)
  3. Alice changes tx1 to spend coin 2 instead, keeping the additional 10 LTCs for herself:
    • tx3 = spend coin 2 to send 18 LTCs to Alice and 2 LTC back to Bob as Change
    • tx1 & tx2 dropped and replaced with tx3

There are a number of reasons why this attack would fail in practice nearly every time. But the consequences if it did succeed would be very serious, so it was obvious this was something we had to prevent.

We are very grateful for Kurt taking the time to study MWEB’s design, and for reaching out to share this attack with us. Due to the importance of the finding, Charlie generously donated his own money to pay Kurt a well-deserved 0.15 BTC bounty.

The Fix

Considering the proximity to the planned release date, panic started to set in. Fortunately, I realized there’s a relatively straightforward fix for the attack that consists of introducing a new public key in each input that prevents reuse of input signatures.

At the same time we were working through the details of the attack & fixes, I was put in contact with some top-notch cryptographers who offered to do a security audit of our design, which they were considering to use as a starting point for another project they were working on.

The need for a more formally documented design became evident, so I spent the next few weeks rewriting LIP-0004 into a more complete and formally specified design, making minor tweaks along the way to harden it where I could. Clearly, I should’ve done this from the beginning, because we’ve had nearly as many reviewers of LIP-0004 in this past month as we have for the previous 1.5 years :slightly_smiling_face:
While I would’ve loved to have all of these eyes on the design long ago, I’m thrilled about all of the feedback I’ve received.

Unfortunately, some changes do need to be made to the code to now match the new design, which means a few more more weeks of dev work. Fortunately, nearly all of the changes will be in the libmw subproject, which is highly modularized and heavily tested. This is great news, since it means the changes should be easier to make, test, and most importantly, review. This review can be carefully performed by the other LTC developers, so I don’t believe it’s necessary to send the changes back to the auditors. This will have an impact on release date, but the delay should be minimal.

Release Process

I mentioned last month that the release build process was time-consuming, and the scripts were outdated, so I spent some time cleaning all of the old scripts up, and creating a simpler, more automated build process. The build scripts and verification keys are going to be maintained in a separate repo going forward. Right now, the new ltc-release-builder is just under my personal github account, but if it works out well for the MWEB release, we’ll get that moved to litecoin’s github org.


Timeline updates

  • I’ve chosen to push the release to January to ensure we have enough time to fix the vulnerability found. Hopefully that will be the last time :crossed_fingers:. wenmweb.com is once again up-to-date.

  • v0.21.1 any day now™ for real this time™ :sweat_smile:

16 Likes

Thanks for the update & the continued development of the MimbleWimble code. We appreciate your thoroughness in reviewing & fine tuning the code for better improvement & protection from vulnerabilities.

5 Likes

Get ready to release into a bear market! Awesome job though.

3 Likes

Thanks for the hard work on this! Protecting privacy is absolutely paramount and I really hope this leads the way toward more adoption. Great job!

3 Likes

Thanks for your work!

1 Like

MWEB It’s getting closer, checkout the release candidate: Litecoin Core v0.21.1 by DavidBurkett · Pull Request #751 · litecoin-project/litecoin · GitHub

4 Likes

I think LTC needs much more than just staying up to date.
Specially the marketing share is frankly spoken neglected. And that with a userbase which is most cooperative. Why don’t you pool a 100 + Users and give us something to do?
Tec Wise if not there already done:

  • litecoin plugin,
  • module and
  • extensions

and a 1000% higher #spreadtheword output.

@David I think the release notes you recently added should be reviewed. The download link doesn’t match the version and the command line ‘bitcoin-cli’ is not available at litecoin core.

They’re still a WIP. They haven’t been merged to the main litecoin repo yet. Feel free to add comments directly to the review: 0.21.1: Updating chainparams and adding release notes by DavidBurkett · Pull Request #767 · litecoin-project/litecoin · GitHub

2 Likes

Didn’t quite understood it was a WIP, I saw it as a PR. I will try to comment if I find some spare time.

3 Likes

December Progress:

Taproot Release

The first release candidate of v0.21 with taproot support (v0.21.1rc1) is now available for download.

I’ve been testing it out, and everything has been working fine for me, so the official release is being built and signed now. Feel free to test out rc1, or wait a few days for the official release (v0.21.1), which will be made available for download at https://litecoin.org after it’s been signed by the devs.

Please report any issues you find with the release using github.

Security Fixes

As reported last month, a security vulnerability was found, which required changes to the non-interactive transaction design, and therefore changes to the consensus code. These changes have all been made, tested, and documented. :partying_face:

Final Reviews

Next week, I’ll be meeting with the other devs daily so we can go through the code together with a fine-tooth comb. If no critical issues are found, that should be the final MWEB code review.

MWEB Release

If the review is successful, which I’m optimistic it will be, I’ll create the first release candidate this month :rocket:

31 Likes

Ok, now we rock!

1 Like

GOOD litecoin WILL to the moon

This is indeed exciting news for me! It’s been two years and finally waited

Amazing…tx so much for the consistency on the updates throughout the development