Development Blog 27th September 2023
By Ed Tubbs - miércoles, sept. 27, 2023
Happy September Shibes! We’ve been busy working on a number of things, and we wanted to share some of the progress we’ve made. The last blog contained bullet points of the things we were working on. In this post we’ll go into more detail on some of the items, and we’ll also share some new things that we’ve been working on.
libdogecoin 0.1.3
In this blog post, we’ll explore some of the features introduced in libdogecoin 0.1.3. We’ll focus on SPV node, TPM2 support, BIP44 extended key functions, simplified API wrappers as well as the ongoing OpenEnclave integration and the Radiodoge GitHub repository. Each section provides a technical explanation of the feature and an example. There’s also a short FAQ.
I. Understanding libdogecoin
Libdogecoin serves as a library that equips developers with essential functions and utilities to create secure and efficient Dogecoin wallets, applications, and services as well as more easily integrate Dogecoin into their projects. In the broader context of the Dogecoin ecosystem, which includes wallets, nodes, and various other tools, libdogecoin plays an important role. It provides developers with a valuable resource for building upon and contributing to Dogecoin.
Since the release of 0.1.2 earlier this year, we’ve had a number of developers and enthusiasts contribute to libdogecoin. This includes the addition of new features, bug fixes, and improvements to the codebase. The 0.1.3 release is a culmination of these efforts, with a number of new features and enhancements. The 0.1.3 release is currently in the final stages of testing and is expected to be available within the next month or so.
II. SPV node: Lightweight and Efficient
One of the standout features in libdogecoin 0.1.3 is the addition of the Simplified Payment Verification (SPV) node. SPV is a technology that enables lightweight Dogecoin clients to verify transactions without the need to download the entire blockchain. SPV node is a command-line application in libdogecoin designed for address scanning and wallet balance tracking. Checkpoints enable SPV node to start sync from a recent point in time, without downloading the entire blockchain.
Storage for block headers and memory consumed is on the order of Megabytes. SPV node footprint is small enough to run on most single board computers, such as Raspberry Pi. With SPV node, clients only need to fetch and validate block headers from a recent checkpoint, eliminating the necessity to download full blocks or the entire blockchain for a new wallet.
The 0.1.3 release also introduces Scrypt validation as an essential component of SPV node. SPV node relies on Scrypt, the underlying algorithm of the Dogecoin consensus in order to maintain the integrity of the locally stored block header data. In this release, SPV node also includes full block validation. While full block validation isn’t required to run SPV node, this version add that capability similar to a full node.
SPV node differs from a full node in several ways. SPV node does not store the entire blockchain. Additionally, SPV node does not maintain a mempool, which is a pool of unconfirmed transactions waiting to be included in a block. SPV node calculates the balance for an address, transactions are confirmed when the block with that transaction is validated.
Example 1: Scanning for Block Headers
# Scan continuously (-c), for an address (-a) from the last checkpoint (-p), headers
spvnode -c -a "DDogepartyxxxxxxxxxxxxxxxxxxw1dfzr" -p scan
Example 2: Scanning for Full Blocks
# Scan continuously (-c), for an address (-a) from the last checkpoint (-p), blocks (-b)
spvnode -c -a "DDogepartyxxxxxxxxxxxxxxxxxxw1dfzr" -p -b scan
By running the command spvnode -c -a "DDogepartyxxxxxxxxxxxxxxxxxxw1dfzr" -p scan
, SPV node continuously scans the Dogecoin blockchain for block headers from a specific address, starting from the last checkpoint. Adding -b spvnode -c -a "DDogepartyxxxxxxxxxxxxxxxxxxw1dfzr" -p -b scan
continuously scans for full blocks.
III. Strengthening Security with TPM2 Integration
Another key security upgrade is the integration of Trusted Platform Module 2 (TPM2). TPM2 is a specialized hardware-based security chip engineered to deliver cryptographic security. This feature is of particular importance in libdogecoin 0.1.3, with enhancements crafted to safeguard users’ secrets.
Libdogecoin 0.1.3 supports TPM2, currently only on Windows platforms. TPM2, embedded within PCs, acts as a security vault for cryptographic functions. For libdogecoin users, TPM2 comes into play by enabling the encryption of secret data, specifically seed phrases and private keys associated with Dogecoin wallets. Technically, Dogecoin secrets themselves are not stored in the TPM. Instead, the TPM stores encryption keys that libdogecoin employs to protect secrets at rest and for backup.
Example: Encrypting and Decrypting a Mnemonic with TPM2
MNEMONIC mnemonic;
// Generate and encrypt the mnemonic with TPM2 and write it to dogecoin_mnemonic_999
// english, space-delimited, no custom word list
int file_num = 999;
dogecoin_bool success = dogecoin_generate_mnemonic_encrypt_with_tpm(mnemonic, file_num, true, "eng", " ", NULL);
if (success) {
printf("Mnemonic encrypted with TPM2 and stored. Backup dogecoin_mnemonic_999.\n");
} else {
printf("Failed to encrypt and store mnemonic.\n");
}
// Decrypt the mnemonic with TPM2 and print
success = dogecoin_decrypt_mnemonic_with_tpm(mnemonic, file_num);
if (success) {
printf("Mnemonic decrypted with TPM2.\n%s.\n", mnemonic);
} else {
printf("Failed to decrypt mnemonic.\n");
}
This example generates a BIP39 mnemonic, encrypts it with TPM2, and stores it in a file called dogecoin_mnemonic_999. The code snippet, including dogecoin_generate_mnemonic_encrypt_with_tpm
, demonstrates how TPM2 acts as a security vault, ensuring that even if a user’s device is compromised, their secrets remains protected. dogecoin_decrypt_mnemonic_with_tpm
is used to decrypt the mnemonic in a give file. Windows prompts for a password when a mnemonic is encrypted or decrypted.
IV. BIP44 Extended Key Functions for Web Wallets
BIP44, or Bitcoin Improvement Proposal 44, sets the standard for hierarchical deterministic (HD) wallets. Libdogecoin 0.1.3 introduces an expanded set of HD functions tailored for web wallets. Web wallets often face a security challenge as their secrets reside on the same system as their web presence. This vulnerability underscores the importance of secure web wallet integration.
This version of libdogecoin bolsters web wallets by enabling them to generate HD addresses using extended public keys (dgub). Crucially, this occurs while the seeds and master keys remain securely stored, ideally on an air-gapped system separate from the web wallet.
Example: Generating an Extended Public Key (dgub)
// Generate a master HD key
char masterkey[HDKEYLEN];
genHDMaster(true, masterkey, HDKEYLEN);
// Define a BIP44 path for Dogecoin (coin type 3)
char bip44_path[] = "m/44'/3'/0'/0/0";
// Derive the extended public key for testnet (tpub) from the master key and path
char extpubkey[HDKEYLEN];
deriveExtPubKeyFromHDKey(masterkey, bip44_path, true, extpubkey);
// Now, you have the extended public key (tpub) for Dogecoin at the specified path
printf("BIP44 Extended Public Key (tpub): %s\n", extpubkey);
The code generates a BIP32 master key, defines a BIP44 path for Dogecoin, and derives the dgub key. This is important for web wallets that want to generate addresses securely while keeping master keys and seeds isolated on another system. This separation ensures that even if the online system is compromised, the master keys remain safe.
V. Simplified API with Wrappers
New wrapper functions in the API simplify interactions with libdogecoin, eliminating the need for dealing with complex data structures and pointers. These wrappers handle strings and straightforward data types, simplifying the process of interacting with libdogecoin.
Previously, libdogecoin exposed functions with intricate data structures and pointers, necessitating memory allocation and management. With these new wrappers, only basic strings and data types are utilized, making it easier to integrate libdogecoin into languages like Python and Go.
Example: Deriving an Extended Public Key & Address with Wrappers
// Define a BIP44 path for Dogecoin (coin type 3)
char bip44_path[KEYPATHMAXLEN] = "m/0/0";
// Derive the extended public key (dgub) from the master key and path
char master_pub_key[HDKEYLEN] = "dgub8kXBZ7ymNWy2RzFfCuAkHMfuUEjbxDK33snqz5r7YTvUsExaHDbWWdju6FedaPkBTDmwMqtGHL8NhLDczSVBKMdpJHR6KrcTDQdnwPMrQZU";
char ext_pub_key[HDKEYLEN];
deriveExtPubKeyFromHDKey(master_pub_key, bip44_path, false, ext_pub_key);
// Now, you have the extended public key (dgub) for Dogecoin at the specified path
printf("BIP44 Extended Public Key (dgub): %s\n", ext_pub_key);
// Derive the address (0) from the extended public key
char addrkeypath[KEYPATHMAXLEN] = "m/0";
char hdaddr[PUBKEYLEN];
if (getDerivedHDAddressByPath(ext_pub_key, addrkeypath, hdaddr, false)) {
printf("Derived HD Addresses:\n%s\n", hdaddr);
} else {
printf("getDerivedHDAddressByPath failed!\n");
return -1;
}
This code derives an extended public key and an address from a BIP32 master public key using wrappers with only string variables. This streamlines the development process for creating Dogecoin-related applications and services.
VI. Using Libdogecoin
To get started, you can download pre-built binaries from previous Libdogecoin Releases. These pre-made binaries are ready to use without any modifications to the source code. You can also build libdogecoin from source following the instructions provided in the Getting Started with Libdogecoin guide. To build the examples in this blog post, the 0.1.3 source is available in the dev branch of the libdogecoin repository.
To explore libdogecoin’s functionality without building projects, you can use the command-line interface (CLI) tools available in the repository. The such
tool is an interactive CLI application that guides you through essential address and transaction operations. Additionally, the spvnode
tool simplifies the process of scanning addresses and tracking wallet balances using Simple Payment Verification (SPV) technology. The sendtx
tool handles the process of broadcasting transactions built with libdogecoin to the blockchain. Detailed information on using these tools is available in the Using Libdogecoin Tools documentation.
VII. OpenEnclave Integration
Although still a work in progress, the 0.1.3 development phase involved preliminary testing with OpenEnclave. OpenEnclave is an open-source project designed to run applications within secure enclaves, delivering platform-independent security. Enclaves leverage CPU security features (e.g. Intel SGX, ARM Trust Zone) to create trusted execution environments (TEE) for applications. This technology is important for libdogecoin wallets handling secrets, as it isolates them from the operating system and potential threats.
https://learn.microsoft.com/en-us/azure/confidential-computing/application-development
Host: This represents the “untrusted” component of the system. Enclave applications run on top of the host, which is considered an untrusted environment. When enclave code is deployed on the host, the host itself cannot access or tamper with that code.
Enclave: This serves as the “trusted” component where the application code, cached data, and sensitive memory are executed. The enclave environment is designed to safeguard your secrets and sensitive data, ensuring that secure computations occur within this isolated space.
The integration of OpenEnclave with libdogecoin essentially leverages this partitioning to execute operations involving secrets within the enclave while the CLI tools run in the host. This architectural approach enhances security by isolating sensitive processes and data from the potentially less secure host environment.
FAQ
Is libdogecoin suitable for non-developers or end-users?
Libdogecoin is primarily a development library, so it’s intended for developers who want to build Dogecoin-related applications or services. However, the libdogecoin command-line tools are available to non-developers and end-users.
Is SPV node intended to replace Dogecoin Core?
No, it is not intended to replicate the full functionality of core, which is a fully featured full node, including a mempool for transaction management and confirmation tracking. Instead, it complements core and other implementations by providing a resource-efficient option for lightweight Dogecoin clients. Core remains the reference implementation of the Dogecoin protocol.
Why no mempool?
SPV node scans for transactions from specific addresses. It is not concerned about other transactions, so it does not maintain a mempool.
Why headers or full block validation?
SPV node can be configured to validate headers only or full blocks. Headers only is the default, but full block validation is also available. Full block validation is useful for applications that require full validation, such as exchanges.
Will TPM2 support be available on Linux?
TPM2 support is available on Windows platforms with TPM2 hardware. Support on Linux has not been completed yet, but is expected to be in 0.1.3.
What programming languages can I use?
API wrappers are designed to facilitate integration with various programming languages. While it simplifies interaction for C/C++ developers, it also opens up possibilities for integrating libdogecoin into languages like Python, Go, and more.
What will benefit from OpenEnclave?
Openenclave is particularly useful for wallets and applications that handle secrets on systems connected to the Internet. By isolating libdogecoin processes, OpenEnclave enhances the security of such applications, making them more resistant to attacks and data breaches.
What is the status of OpenEnclave integration?
OpenEnclave integration is a work in progress. Initial integration with was conducted during 0.1.3 development and is included in the release. Full integration with the API and command line tools has not been completed yet.
When is the anticipated Release Date?
While we don’t have an exact release date yet, we anticipate that libdogecoin 0.1.3 will be available within the next month or so.
Radiodoge GitHub Repository Now Public
To promote transparency and foster collaboration, the Radiodoge project has made its GitHub repository public. This move enables developers and enthusiasts to review the code, actively contribute to its development, and stay updated on any developments. github.com/dogecoinfoundation/radiodoge
GigaWallet Payments System
GigaWallet has been integrated into ShibeShip.com for payments as a light test, and even though there’s not a lot of traffic it’s working well. We’re working toward our first ‘stable’ production release next week with the following changes:
Tim has been building a basic TUI tool that will allow admins to explore the state of accounts/invoices/payments. This is helpful for seeing what’s going on in your GigaWallet instance.
Inevitable360 has been building out docker images for gigawallet + postgres + core, available at https://hub.docker.com/u/dogeorg. We have a couple of interested people trying these out currently and looking to integrate GigaWallet into their shops.
Raffecat has been refactoring the payments APIs to accept multiple outputs, this will allow merchants or integrators to split payouts by amount or percentage, to facilitate use-cases where a facility might take a fee for service.
If you’re interested in joining the conversation, we have a matrix room set up for GigaWallet at https://matrix.to/#/#dogeorg:matrix.org. Jump in and help us make Dogecoin a real memes of exchange for all humanity.
That’s all for now Shibes! We’ll be back with more updates soon. In the meantime, you can follow us on X at @dogecoinfdn and @dogecoin_devs.
Much love,
The Dogecoin Foundation Developers