Federated Mint Prototype

Overview

Minimint

This is an experimental implementation of a federated Chaumian bank. DO NOT USE IT WITH REAL MONEY, THERE ARE MULTIPLE KNOWN SECURITY ISSUES.

Running MiniMint locally

MiniMint is tested and developed using rust stable, you can get it through your package manager or from rustup.rs.

Generating config

You first need to generate some config. All scripts assume config to be located in a folder called cfg. Then you can generate the necessary configuration files as follows:

mkdir -p cfg
cargo run --bin configgen cfg <num_nodes> 5000 6000 <tier1> <tier2>

is the amount of nodes the federation shall consist of. It should be >=4 (I always test with 5) and not too big as the cryptography of the BFT protocol is rather intense and you should ideally have 1 core per node. The numbers 5000 and 6000 specify the beginning of the port range the inner-federation sockets and API sockets bind to. The remaining arguments will be interpreted as amount tiers in msat.

This will both create all the server-n.json config files and one client.json. If you want to play with multiple clients you should create one subdirectory per client and copy the client.json into each.

Running the mints

A script for running all mints and a regtest bitcoind at once is provided at scripts/startfed.sh. Run it as follows:

bash scripts/startfed.sh <num_nodes> 0

The 0 in the end specifies how many nodes to leave out. E.g. changing it to one would skip the first node. This is useful to run a single node with a debugger attached.

Log output can be adjusted using the RUST_LOG environment variable and is set to info by default. Logging can be adjusted per module, see the env_logger documentation for details.

Using the client

First you need to make sure that your regtest bitcoind has some coins that are mature. For that you can generate a few hundred blocks to your own wallet:

ADDRESS="$(bitcoin-cli -regtest -rpcuser=bitcoin -rpcpassword=bitcoin getnewaddress)"
bitcoin-cli -regtest -rpcuser=bitcoin -rpcpassword=bitcoin generatetoaddress 200 "$ADDRESS"

Then you can use the peg-in script to deposit funds. It contains comments that explain the deposit process.

bash scripts/pegin.sh <amount in BTC>

Take care to not request too big of a peg-in (depending on your amount tier the smallest representations as tokens might be too big to finish signing in reasonable time) or too small (there is a 500sat fee that needs to be paid). After about 20s your default client in cfg should have newly issued coins.

You can view your client's holdings using the info command:

minimint $ cargo run --bin mint-client --release -- cfg info
    Finished release [optimized] target(s) in 0.11s
     Running `target/release/mint-client cfg info`
Jun 15 14:57:22.066  INFO mint_client: We own 14 coins with a total value of 9500000 msat
Jun 15 14:57:22.066  INFO mint_client: We own 5 coins of denomination 100000 msat
Jun 15 14:57:22.066  INFO mint_client: We own 9 coins of denomination 1000000 msat

The spend subcommand allows to send tokens to another client. This will select the smallest possible set of the client's coins that represents a given amount. The coins are base64 encoded and printed to stdout.

minimint $ cargo run --bin mint-client --release -- cfg spend 400000
    Finished release [optimized] target(s) in 0.12s
     Running `target/release/mint-client cfg spend 400000`
AQAAAAAAAACghgEAAAAAAAQAAAAAAAAAA7mGus9L4ojsIsctFK7oNz5s4ozZe3pVa0S1jZ3XvSnMMAAAAAAAAACFjOG3a4vlxBOCa9fYD6qWIM2JhH9vitG0
DXQhd9KhGYKheKADLOVXgZwOQDX0NheGP5fFEMYOfidY1FPXB1qRhrEiZKh3YVb2i922uUHoggOsZhrLpk4EGCJjuT1QUWpO8HZ9WOxD4oUv6nPNVQnKvDAA
AAAAAAAAoXKhtm/0w8pFz7CN6xcEQUnukrNcfhc/NtRita1vvZDyX/NBiSmHZVyWx8WEloclIw0A8ljJhp+b517c1LsLJ5Z6Issf9QcV/hwAgY/RJo4DRGWD
IDyyyBYXxRbFuTZoDaTR3TM/49m41Bl7/CPVz98wAAAAAAAAAJOjsZSwWrBUXt+OsojEkxRbqn8KAJrz1TTQkNrdlEiaSRqjx+YCfET3HwL3j26s2clhRugM
rRj6oMC6wKoZz0jCuS5i8faLRHGZp3AMR1/xAvMglQZ9zMEDdDd7dcxwp9WpR6JfdAUJku3EGQ/FUXaQMAAAAAAAAACUXn9s935ruZ5jA5o5aNf1u/smH4TN
+qO8jMHVf6Zzh22P5jJvhWdX62s7kftXTa9AKeiC0I4QxWdWVK4JTLnE62GzGLQqQyEkne3Pn/Pm1g==

A receiving client can now reissue these coins to claim them and avoid double spends:

minimint $ cargo run --bin mint-client --release -- cfg reissue AQAAAAAAAACghgE…
    Finished release [optimized] target(s) in 0.13s
     Running `target/release/mint-client cfg reissue AQAAAAAAAACghgE…
Jun 15 15:01:47.027  INFO mint_client: Starting reissuance transaction for 400000 msat
Jun 15 15:01:47.040  INFO mint_client: Started reissuance 47d8f08710423c1e300854ecb6463ca6185e4b3890bbbb90fd1ff70c72e1ed18, please fetch the result later
minimint $ cargo run --bin mint-client --release -- cfg fetch
    Finished release [optimized] target(s) in 0.12s
     Running `target/release/mint-client cfg fetch`
Jun 15 15:02:06.264  INFO mint_client: Fetched coins from issuance 47d8f08710423c1e300854ecb6463ca6185e4b3890bbbb90fd1ff70c72e1ed18

There also exist some other, more experimental commands that can be explored using the --help flag:

minimint $ cargo run --bin mint-client --release -- --help
    Finished release [optimized] target(s) in 0.12s
     Running `target/release/mint-client --help`
mint-client 0.1.0

USAGE:
    mint-client 
    
    
     

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

ARGS:
    
     
          

SUBCOMMANDS:
    fetch             Fetch (re-)issued coins and finalize issuance process
    help              Prints this message or the help of the given subcommand(s)
    info              Display wallet info (holdings, tiers)
    ln-pay            Pay a lightning invoice via a gateway
    peg-in            Issue tokens in exchange for a peg-in proof (not yet implemented, just creates coins)
    peg-in-address    Generate a new peg-in address, funds sent to it can later be claimed
    peg-out           Withdraw funds from the federation
    reissue           Reissue tokens received from a third party to avoid double spends
    spend             Prepare coins to send to a third party as a payment

     
    
   
Comments
  • Migrate away from sled

    Migrate away from sled

    Sled seems not mature enough and development has slowed down. In the beginning I thought they might get to a stable release before MiniMint, but that's probably too optimistic.

    I'd like to stick to dumb key-value stores with transactions, prefix-fetching and deterministic ordering because there seems to be less room for accidental consensus-incompatibility that way (e.g. complicated SQLite queries would be hard to analyze for being deterministic on all platforms). I'd also like the database to be embedded to reduce complexity (currently, if there's a DB error it's safe to assume something went horribly wrong, like the underlying drive unmounting, and we can shut down). That leaves a few options off the top of my head:

    • LevelDB: my current favorite, used in Bitcoin Core, so already a dependency
    • SQLite as a simple KV store: probably also a great choice, feels hacky though
    • Berkeley DB: used in Bitcoin Core, but has caused problems historically afaik

    I did not deeply evaluate any of these options and would be happy to hear opinions on these or other KV stores.

    EDIT 1: I confused LMDB with LevelDB, fixed

    enhancement help wanted I:Medium 
    opened by elsirion 17
  • Concurrent integration tests

    Concurrent integration tests

    Integration tests should be able to run concurrently.

    This PR attempted a fix by using randomly generated ports, but I think it would be better to have an option to mock out network APIs so we don't need to worry about port conflicts at all.

    Figured I'd make an issue because this is a recurring problem that needs to be fixed.

    opened by justinmoon 15
  • Timing tweaks in shell scripts

    Timing tweaks in shell scripts

    Starting the gateway CLN plugin runs the gateway. On run, the gateway attempts to register with a federation. If the federation is not ready, the gateway registration call fails, which in turn would fail the CLN plugin start.

    The recent change to encrypt configs at rest (#808) marginally slows down the federation start, which then leads into the situation described above. As a temporary fix, this PR tweaks our sleep timers in the shell scripts we use to orchestrate federation and gateway start by:

    • delaying CLN1 (with plugin) and CLN2 by 5s each to ensure the federation is started
    • delaying channel opens by 10s to ensure the CLN instances are up and running

    Follow Ups:

    • [ ] We should look to complete work proposed by #699, such that the gateway does not need a federation configuration at boot, but can register federations later, at runtime. Alternatively
    • [x] Alternative solution: We should use retries for the gateway registration action, instead of relying on timing to sequence the boot process [WIP] - #840
    opened by okjodom 14
  • Discuss API-Design and Web-Framework (tide) alternatives

    Discuss API-Design and Web-Framework (tide) alternatives

    I am currently re-implementing #55 and had issues with tide not supporting http 1.0 (tides dependency respectively) which is needed for the json-rpcclient. Now I am wondering if we should migrate away from tide and use a different web-framework. Since I'm new to web-dev I really don't know how to choose one over another so a discussion about that would be great. My only criteria would be that it's lightweight (?) @elsirion said that somebody already suggested axum.

    Also since I am re-implementing the API anyway this would be a chance to discuss general decisions and the API standard to choose. I wanted to go for JSON-2.0 RPC but feel free to discuss here if something else would be better (or multiple APIs make sense). Feel free to comment your thoughts (not only from a dev decision perspective but maybe also a API consumer (e.g app @justinmoon @Maan2003 )

    question Dependencies 
    opened by NicolaLS 14
  • daily dependency audit

    daily dependency audit

    cargo audit is very usefull (install it with cargo install cargo-audit) we should also add it to the CI on push (if .toml) changes but now fedimint is not regarded usable anyway so this would just slow down development

    opened by NicolaLS 13
  • coverage and test can be one step

    coverage and test can be one step

    testing CI

    • removed --all-features so we can use stable (avoiding the ''diagnostics` flag): should I now list all other flags manually ? we didn't run the tests with any flags but maybe we should ?
    • can add a commit that removes udeps as well if wanted
    opened by NicolaLS 13
  • clientd wait_block_height

    clientd wait_block_height

    analogous to the mint-client-cli

    will be needed for testing the following endpoints (e.g peg_in) because clientd and mint-client-cli can never run simultaneously

    opened by NicolaLS 13
  • Faster dev environment setup

    Faster dev environment setup

    It's great that we support setting up a dev environment in 2 steps: install nix and run tmuxinator.sh.

    But the problem now it that it takes like 10+ minutes for tmuxinator.sh to run. Has to compile bitcoin core and lightningd. Is there any way we could just download binaries for these? Of course might want to build from source for deployments, but for development it's a huge friction point for prospective contributors.

    opened by justinmoon 13
  • 331: Group database key prefixes as enums.

    331: Group database key prefixes as enums.

    This commit reformulates database key prefixes such that they are grouped into enums.

    Currently, key prefixes are listed as separate const values. This formulation makes it difficult to manage key prefixes (import, iterate, test, etc), particularly when it comes to dbdump. This commit simplifies key prefix management using enums and a key prefix trait. It also makes it possible to test and ensure key prefixes are locally unique.

    opened by rndhouse 12
  • Added rocksdb with transactions using Yiyuanliu branch of rust-rocksdb.

    Added rocksdb with transactions using Yiyuanliu branch of rust-rocksdb.

    TODO:

    • Fix the lifetimes for the raw prefix search
    • Change the API and Database trait to support self referencing transactions
    • Use native rocksdb column families instead of prefixing (e.g. collecting signature shares for a given token and deleting the column later)
    • Perhaps create inherited traits for basic database -> transactional database -> transactional + column family database
    • Crate generic trait for expected "transaction" behaviors and functionality
    • Get rid of sled_impl and replace all references
    • Remove Batch.rs
    • Improve UT and add coverage for all expected trait functionality Note: transactions are soon to be merged into rust-rocksdb we are simply waiting on a couple changes for the next rocksdb you can track the issue here https://github.com/rust-rocksdb/rust-rocksdb/pull/565/files#. Obviously we will want to change to master as soon as possible.
    opened by Mo0nbase 12
  • CI: Check that LN Gateway receives funds

    CI: Check that LN Gateway receives funds

    The integration test should wait for the LN Gateway to actually receive the e-cash tokens for its LN payment. This probably requires creating a new (authenticated) API endpoint for LN Gateway operators to query its balance.

    enhancement good first issue help wanted CI 
    opened by elsirion 12
  • CLI amount parameters are confusing

    CLI amount parameters are confusing

    Two times in the last few days I've been confused about how to put an amount into our CLIs.

    Yesterday:

    $ gateway-cli withdraw rcklss 123456 <address>
    error: Invalid value '123456' for '<AMOUNT>': invalid number format
    

    The solution was to enter the amount field as "1203381 sats" in quotes.

    Today:

    $ fedimint-cli -- --workdir <workdir> info          
    {
      "total_amount": 21000000,
      "total_num_notes": 10,
      "details": {
        ...
      }
    }
    
    $ fedimint-cli -- --workdir <workdir> spend 21000000
    error: The following required arguments were not provided:
      <AMOUNT>
    
    Usage: fedimint-cli --workdir <WORKDIR> spend <AMOUNT>
    
    For more information try '--help'
    

    The solution was to convert the 21000000 msat to 21000 sat value.

    What to do?

    Previously I had suggested that we try to use sats for all cli units because I thought it would be easier for users to work with. But it's a little problematic because that's not how we actually represent amounts internally.

    What should be our plan for representing amounts in CLIs going forward?

    good first issue 
    opened by justinmoon 1
  • `distributedgen` logging nits

    `distributedgen` logging nits

    The first warning should probably be logged via tracing and the second one should probably be a of level debug.

    [root@hcpp:/var/lib/fedimint]# distributedgen run … --password password
    WARNING: Passing in a password from the command line may be less secure!
    2022-12-30T11:18:36.243536Z  WARN fedimintd::encrypt: READ "./tls-pk"
    
    good first issue 
    opened by elsirion 1
  • Prefer PublicKey instead of XOnlyPublicKey for gateway references

    Prefer PublicKey instead of XOnlyPublicKey for gateway references

    As inspired by https://github.com/jonasnick/bips/issues/32 and the fact that I need tke mint_pub_key in PublicKey but don't know the parity with which I can type convert it

    opened by okjodom 0
  • Use `FederationModuleConfigGen` to manipulate module configs

    Use `FederationModuleConfigGen` to manipulate module configs

    Get rid of some hardcodings listing federation modules deep inside generic code, and move toward edges (final binaries), so it's easier to customize/inject new modules.

    There's probably a lot more work to do around it, but it's a step towards the goal, I think.

    opened by dpc 2
  • Stop using `actions-rs`

    Stop using `actions-rs`

    See https://github.com/rust-bitcoin/rust-bitcoin/pull/1509#issue-1512287084 . We use actions-rs just in a handful of places, but still we should do the same.

    good first issue 
    opened by dpc 0
  • Add

    Add "admin secret" for guardians to sign rpcs to fedimintd

    We are going to need a way for the guardians to do things remotely via their app.

    For social recovery the guardian needs to inform the fedimintd to create and publish decryption share, ideally from the conveniance of their app.

    In the future we might want an option for the fedimintd to start in a locked mode and require remote config decryption (so we don't have to store any passphrase locally at all).

    Other modules might require their own guardian authentication.

    opened by dpc 4
Owner
FediMint
A place to discuss and build federated chaumian e-cash on Bitcoin
FediMint
🐀 Building a federated alternative to reddit in rust

Lemmy A link aggregator / Reddit clone for the fediverse. Join Lemmy · Documentation · Report Bug · Request Feature · Releases · Code of Conduct About

LemmyNet 7.2k Jan 3, 2023
🐀 Building a federated link aggregator in rust

English | Español | Русский Lemmy A link aggregator / Reddit clone for the fediverse. Join Lemmy · Documentation · Report Bug · Request Feature · Rele

LemmyNet 7.2k Jan 2, 2023
Decode Metaplex mint account metadata into a JSON file.

Simple Metaplex Decoder (WIP) Install From Source Install Rust. curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh Clone the source: git c

Samuel Vanderwaal 8 Aug 25, 2022
A solana program designed to mint Metaplex compliant NFTs.

Solana Minter My program used to mint Amoebits & Amoebit Minis. I wrote it from scratch using the hello-world program as an example & base. Features C

vlawmz 35 Sep 22, 2022
Quickly mint NFT(able)s port forwards remotely

Easy expose A really simple way to expose some service behind a NAT, similar to rathole and frp. WARNING: This does not secure the channel, or even do

Ben Simms 3 Dec 3, 2022
Using flashbots to mint Otherside metaverse land safely with purchased KYC'd wallets.

Work in progress. Hardcoded to mint 2 lands for 610 APE and approves 100k ape for spending atm, will be updated. Building Install rust, https://rustup

cc 6 May 5, 2022
Federated blogging application, thanks to ActivityPub (now on https://git.joinplu.me/ — this is just a mirror)

Plume Website — Documentation — Contribute — Instances list Plume is a federated blogging engine, based on ActivityPub. It is written in Rust, with th

Plume 1.9k Jan 8, 2023
🐀 Building a federated alternative to reddit in rust

Lemmy A link aggregator / Reddit clone for the fediverse. Join Lemmy · Documentation · Report Bug · Request Feature · Releases · Code of Conduct About

LemmyNet 7.2k Jan 3, 2023
Xaynet represents an agnostic Federated Machine Learning framework to build privacy-preserving AI applications.

xaynet Xaynet: Train on the Edge with Federated Learning Want a framework that supports federated learning on the edge, in desktop browsers, integrate

XayNet 196 Dec 22, 2022
Xaynet represents an agnostic Federated Machine Learning framework to build privacy-preserving AI applications.

xaynet Xaynet: Train on the Edge with Federated Learning Want a framework that supports federated learning on the edge, in desktop browsers, integrate

XayNet 196 Dec 22, 2022
A federated forum / link aggregator using ActivityPub.

lotide A federated forum / link aggregator using ActivityPub. To track progress and report issues, visit the issue tracker. Submit patches on the mail

null 9 Oct 16, 2022
🐀 Building a federated link aggregator in rust

English | Español | Русский Lemmy A link aggregator / Reddit clone for the fediverse. Join Lemmy · Documentation · Report Bug · Request Feature · Rele

LemmyNet 7.2k Jan 2, 2023
GraphQL Summit 2023 Workshop Demo for Federated Subscriptions in GraphOS.

Kahoot Clone Demo App - Subgraphs Welcome to the project for GraphQL Summit 2023 "Federated Subscriptions in GraphOS" workshop! ⚠️ Before the workshop

Apollo GraphQL 4 Oct 10, 2023
A higher dimensional raytracing prototype with non-euclidean-like features

euclider A higher-dimensional "non-euclidean" ray tracing prototype written in Rust. Dual-licensed under MIT or the UNLICENSE. Installation Install th

Jakub Hlusička 190 Dec 11, 2022
Victorem - easy UDP game server and client framework for creating simple 2D and 3D online game prototype in Rust.

Victorem Easy UDP game server and client framework for creating simple 2D and 3D online game prototype in Rust. Example Cargo.toml [dependencies] vict

Victor Winbringer 27 Jan 7, 2023
Prototype: ORAM and related for Intel SGX enclaves

mc-oblivious Traits and implementations for Oblivious RAM inside of Intel SGX enclaves. The scope of this repository is: Traits for fast constant-time

MobileCoin 37 Nov 23, 2022
A prototype implementation of the Host Identity Protocol v2 for bare-metal systems, written in pure-rust.

Host Identity Protocol for bare-metal systems, using Rust I've been evaluating TLS replacements in constrained environments for a while now. Embedded

null 31 Dec 12, 2022
A prototype plugin providing a simple line drawing api for bevy.

bevy_debug_lines A prototype plugin providing a simple line drawing api for bevy. See docs.rs for documentation. Expect breakage on master. Click on t

Michael Palmos 92 Dec 31, 2022
memflow based dxgi screen mirror prototype

memflow-mirror work in progress framebuffer mirror based on memflow. Installation Compile the guest-agent on Windows with: cargo build --release --bin

null 21 May 9, 2022
A prototype WebAssembly linker using module linking.

WebAssembly Module Linker Please note: this is an experimental project. wasmlink is a prototype WebAssembly module linker that can link together a mod

Peter Huene 19 Oct 28, 2022