Merge pull request #1630 from evoskuil/master

evoskuil · web-flow · commit 3a12b9d016a0 · 2025-04-07T16:37:20.000-04:00
Optimize point hash to avoid loss of 1 bit of sha256 entropy.
diff --git a/include/bitcoin/system/chain/point.hpp b/include/bitcoin/system/chain/point.hpp
@@ -134,8 +134,9 @@ struct hash<bc::system::chain::point>
 {
     size_t operator()(const bc::system::chain::point& value) const NOEXCEPT
     {
-        return bc::system::hash_combine(value.index(),
-            bc::system::unique_hash(value.hash()));
+        // Right should always be the lower entropy value (i.e. point index).
+        return bc::system::hash_combine(bc::system::unique_hash(value.hash()),
+            value.index());
     }
 };
 
diff --git a/include/bitcoin/system/impl/hash/functions.ipp b/include/bitcoin/system/impl/hash/functions.ipp
@@ -237,30 +237,10 @@ INLINE constexpr size_t djb2_hash(const data_slice& data) NOEXCEPT
 }
 
 // Combine hash values, such as djb2_hash or unique_hash outputs.
+// Right should always be the lower entropy value (e.g. point index).
 INLINE constexpr size_t hash_combine(size_t left, size_t right) NOEXCEPT
 {
-    //// This leads to mixing null points (850k identical) with other buckets.
-    ////constexpr auto prime1 = possible_narrow_cast<size_t>(0x9e3779b97f4a7c15_u64);
-    ////constexpr auto prime2 = possible_narrow_cast<size_t>(0x517cc1b727220a95_u64);
-    ////
-    ////auto first = left;
-    ////first ^= shift_right(first, 23);
-    ////first *= prime1;
-    ////first ^= shift_right(first, 19);
-    ////
-    ////auto second = right;
-    ////second ^= shift_right(second, 13);
-    ////second *= prime2;
-    ////second ^= shift_right(second, 31);
-    ////
-    ////// seed parameter, defaults to zero.
-    ////first ^= second;
-    ////first += seed;
-    ////first ^= shift_right(first, 17);
-    ////first *= prime1;
-    ////first ^= shift_right(first, 29);
-
-    ////return first;
+    // Shift ensures left == right does not always return zero.
     return bit_xor(left, shift_left(right));
 }
 
diff --git a/src/wallet/keys/hd_private.cpp b/src/wallet/keys/hd_private.cpp
@@ -128,7 +128,7 @@ hd_private hd_private::from_entropy(const data_slice& entropy,
     static const auto magic = to_chunk("Bitcoin seed");
     const auto intermediate = split(hmac<sha512>::code(entropy, magic));
 
-    return hd_private(intermediate.first, intermediate.second, prefixes);
+    return { intermediate.first, intermediate.second, prefixes };
 }
 
 hd_private hd_private::from_key(const hd_key& key,
@@ -162,7 +162,7 @@ hd_private hd_private::from_key(const hd_key& key, uint64_t prefixes) NOEXCEPT
         child
     };
 
-    return hd_private(secret, chain, lineage);
+    return { secret, chain, lineage };
 }
 
 hd_private hd_private::from_string(const std::string& encoded,
@@ -231,8 +231,8 @@ hd_key hd_private::to_hd_key() const NOEXCEPT
 
 hd_public hd_private::to_public() const NOEXCEPT
 {
-    return hd_public(((hd_public)*this).to_hd_key(),
-        hd_public::to_prefix(lineage_.prefixes));
+    const auto key = static_cast<hd_public>(*this).to_hd_key();
+    return { key, hd_public::to_prefix(lineage_.prefixes) };
 }
 
 hd_private hd_private::derive_private(uint32_t index) const NOEXCEPT
@@ -261,7 +261,7 @@ hd_private hd_private::derive_private(uint32_t index) const NOEXCEPT
         index
     };
 
-    return hd_private(child, intermediate.second, lineage);
+    return { child, intermediate.second, lineage };
 }
 
 hd_public hd_private::derive_public(uint32_t index) const NOEXCEPT
diff --git a/src/wallet/keys/hd_public.cpp b/src/wallet/keys/hd_public.cpp
@@ -132,7 +132,7 @@ hd_public hd_public::from_key(const hd_key& key, uint32_t prefix) NOEXCEPT
         child
     };
 
-    return hd_public(compressed, chain, lineage);
+    return { compressed, chain, lineage };
 }
 
 hd_public hd_public::from_string(const std::string& encoded,
@@ -142,7 +142,7 @@ hd_public hd_public::from_string(const std::string& encoded,
     if (!decode_base58(key, encoded))
         return {};
 
-    return hd_public(from_key(key, prefix));
+    return { from_key(key, prefix) };
 }
 
 // Cast operators.
@@ -227,7 +227,7 @@ hd_public hd_public::derive_public(uint32_t index) const NOEXCEPT
         index
     };
 
-    return hd_public(child, intermediate.second, lineage);
+    return { child, intermediate.second, lineage };
 }
 
 // Helpers.

Original file line number	Diff line number	Diff line change
`@@ -134,8 +134,9 @@ struct hash<bc::system::chain::point>`
`134`	`134`	`{`
`135`	`135`	`size_t operator()(const bc::system::chain::point& value) const NOEXCEPT`
`136`	`136`	`{`
`137`		`- return bc::system::hash_combine(value.index(),`
`138`		`- bc::system::unique_hash(value.hash()));`
	`137`	`+ // Right should always be the lower entropy value (i.e. point index).`
	`138`	`+ return bc::system::hash_combine(bc::system::unique_hash(value.hash()),`
	`139`	`+ value.index());`
`139`	`140`	`}`
`140`	`141`	`};`
`141`	`142`
Original file line number	Diff line number	Diff line change
`@@ -128,7 +128,7 @@ hd_private hd_private::from_entropy(const data_slice& entropy,`
`128`	`128`	`static const auto magic = to_chunk("Bitcoin seed");`
`129`	`129`	`const auto intermediate = split(hmac<sha512>::code(entropy, magic));`
`130`	`130`
`131`		`- return hd_private(intermediate.first, intermediate.second, prefixes);`
	`131`	`+ return { intermediate.first, intermediate.second, prefixes };`
`132`	`132`	`}`
`133`	`133`
`134`	`134`	`hd_private hd_private::from_key(const hd_key& key,`
`@@ -162,7 +162,7 @@ hd_private hd_private::from_key(const hd_key& key, uint64_t prefixes) NOEXCEPT`
`162`	`162`	`child`
`163`	`163`	`};`
`164`	`164`
`165`		`- return hd_private(secret, chain, lineage);`
	`165`	`+ return { secret, chain, lineage };`
`166`	`166`	`}`
`167`	`167`
`168`	`168`	`hd_private hd_private::from_string(const std::string& encoded,`
`@@ -231,8 +231,8 @@ hd_key hd_private::to_hd_key() const NOEXCEPT`
`231`	`231`
`232`	`232`	`hd_public hd_private::to_public() const NOEXCEPT`
`233`	`233`	`{`
`234`		`- return hd_public(((hd_public)*this).to_hd_key(),`
`235`		`- hd_public::to_prefix(lineage_.prefixes));`
	`234`	`+ const auto key = static_cast<hd_public>(*this).to_hd_key();`
	`235`	`+ return { key, hd_public::to_prefix(lineage_.prefixes) };`
`236`	`236`	`}`
`237`	`237`
`238`	`238`	`hd_private hd_private::derive_private(uint32_t index) const NOEXCEPT`
`@@ -261,7 +261,7 @@ hd_private hd_private::derive_private(uint32_t index) const NOEXCEPT`
`261`	`261`	`index`
`262`	`262`	`};`
`263`	`263`
`264`		`- return hd_private(child, intermediate.second, lineage);`
	`264`	`+ return { child, intermediate.second, lineage };`
`265`	`265`	`}`
`266`	`266`
`267`	`267`	`hd_public hd_private::derive_public(uint32_t index) const NOEXCEPT`
Original file line number	Diff line number	Diff line change
`@@ -132,7 +132,7 @@ hd_public hd_public::from_key(const hd_key& key, uint32_t prefix) NOEXCEPT`
`132`	`132`	`child`
`133`	`133`	`};`
`134`	`134`
`135`		`- return hd_public(compressed, chain, lineage);`
	`135`	`+ return { compressed, chain, lineage };`
`136`	`136`	`}`
`137`	`137`
`138`	`138`	`hd_public hd_public::from_string(const std::string& encoded,`
`@@ -142,7 +142,7 @@ hd_public hd_public::from_string(const std::string& encoded,`
`142`	`142`	`if (!decode_base58(key, encoded))`
`143`	`143`	`return {};`
`144`	`144`
`145`		`- return hd_public(from_key(key, prefix));`
	`145`	`+ return { from_key(key, prefix) };`
`146`	`146`	`}`
`147`	`147`
`148`	`148`	`// Cast operators.`
`@@ -227,7 +227,7 @@ hd_public hd_public::derive_public(uint32_t index) const NOEXCEPT`
`227`	`227`	`index`
`228`	`228`	`};`
`229`	`229`
`230`		`- return hd_public(child, intermediate.second, lineage);`
	`230`	`+ return { child, intermediate.second, lineage };`
`231`	`231`	`}`
`232`	`232`
`233`	`233`	`// Helpers.`