Add accordant address generation

Add a new method on trait Accordant to generate the accordant address
used to lock funds based on keys generated during the commit/reveal
phase.

src/crypto.rs

@@ -11,6 +11,7 @@ use thiserror::Error;
 use tiny_keccak::{Hasher, Keccak};
 
 use crate::consensus::{self, CanonicalBytes, Decodable, Encodable};
+use crate::role::Accordant;
 
 /// List of cryptographic errors that can be encountered in cryptographic operations such as
 /// signatures, proofs, key derivation, or commitments.
@@ -19,6 +20,9 @@ pub enum Error {
     /// The key identifier is not supported and the key cannot be derived.
     #[error("The key identifier is not supported and the key cannot be derived")]
     UnsupportedKey,
+    /// The key or key identifier does not exists or is missing.
+    #[error("The key or key identifier does not exists or is missing")]
+    MissingKey,
     /// The signature does not pass the validation tests.
     #[error("The signature does not pass the validation")]
     InvalidSignature,
@@ -239,6 +243,17 @@ impl Decodable for SharedKeyId {
     }
 }
 
+pub struct AccordantKeys<A: Accordant> {
+    pub spend_key: A::PublicKey,
+    pub extra_accordant_keys: Vec<TaggedElement<u16, A::PublicKey>>,
+    pub shared_keys: Vec<TaggedElement<SharedKeyId, A::SharedSecretKey>>,
+}
+
+pub struct SwapAccordantKeys<A: Accordant> {
+    pub alice: AccordantKeys<A>,
+    pub bob: AccordantKeys<A>,
+}
+
 fixed_hash::construct_fixed_hash!(
     /// Result of a keccak256 commitment.
     #[cfg_attr(

src/monero.rs

@@ -1,9 +1,9 @@
 //! Implementation of the Monero blockchain as an accordant blockchain in a swap. This
 //! implementation should work in pair with any other arbitrating implementation, like Bitcoin.
 
-use crate::blockchain::{self, Asset};
+use crate::blockchain::{self, Asset, Network};
 use crate::consensus::{self, CanonicalBytes};
-use crate::crypto::{Keys, SharedKeyId, SharedSecretKeys};
+use crate::crypto::{self, AccordantKeys, Keys, SharedKeyId, SharedSecretKeys, SwapAccordantKeys};
 use crate::role::Accordant;
 
 use monero::util::key::{PrivateKey, PublicKey};
@@ -22,7 +22,52 @@ pub const SHARED_VIEW_KEY_ID: u16 = 0x01;
 #[derive(Clone, Debug, Copy, PartialEq, Eq)]
 pub struct Monero;
 
-impl Accordant for Monero {}
+impl Accordant for Monero {
+    fn derive_lock_address(
+        network: Network,
+        keys: SwapAccordantKeys<Self>,
+    ) -> Result<Address, crypto::Error> {
+        let SwapAccordantKeys {
+            alice:
+                AccordantKeys {
+                    spend_key: a_spend_key,
+                    shared_keys: a_shared_keys,
+                    ..
+                },
+            bob:
+                AccordantKeys {
+                    spend_key: b_spend_key,
+                    shared_keys: b_shared_keys,
+                    ..
+                },
+        } = keys;
+
+        let a_tagged_view_secretkey = a_shared_keys
+            .iter()
+            .find(|tagged_key| *tagged_key.tag() == SharedKeyId::new(SHARED_VIEW_KEY_ID))
+            .ok_or(crypto::Error::MissingKey)?;
+        let b_tagged_view_secretkey = b_shared_keys
+            .iter()
+            .find(|tagged_key| *tagged_key.tag() == SharedKeyId::new(SHARED_VIEW_KEY_ID))
+            .ok_or(crypto::Error::MissingKey)?;
+
+        let public_spend = a_spend_key + b_spend_key;
+        let secret_view = a_tagged_view_secretkey.elem() + b_tagged_view_secretkey.elem();
+        let public_view = PublicKey::from_private_key(&secret_view);
+
+        Ok(Address::standard(network.into(), public_spend, public_view))
+    }
+}
+
+impl From<Network> for monero::Network {
+    fn from(network: Network) -> Self {
+        match network {
+            Network::Mainnet => monero::Network::Mainnet,
+            Network::Testnet => monero::Network::Stagenet,
+            Network::Local => monero::Network::Testnet,
+        }
+    }
+}
 
 impl std::str::FromStr for Monero {
     type Err = crate::consensus::Error;

src/protocol_message.rs

@@ -318,9 +318,6 @@ where
     type Strategy = AsStrict;
 }
 
-// TODO: Add more common data to reveal, e.g. help to ensure that both node uses the same value for
-// fee
-
 /// Reveals the parameters commited by the [`CommitAliceParameters`] protocol message.
 #[derive(Clone, Debug, Display)]
 #[display(Debug)]

src/role.rs

@@ -6,16 +6,18 @@ use std::fmt::Debug;
 use std::io;
 use std::str::FromStr;
 
-use crate::blockchain::{Address, Asset, Fee, FeePriority, Onchain, Timelock, Transactions};
+use crate::blockchain::{
+    Address, Asset, Fee, FeePriority, Network, Onchain, Timelock, Transactions,
+};
 use crate::bundle::{
     AliceParameters, BobParameters, CoreArbitratingTransactions, CosignedArbitratingCancel,
     FullySignedBuy, FullySignedPunish, FullySignedRefund, SignedAdaptorBuy, SignedAdaptorRefund,
     SignedArbitratingLock,
 };
 use crate::consensus::{self, Decodable, Encodable};
 use crate::crypto::{
-    AccordantKeyId, ArbitratingKeyId, KeyGenerator, Keys, SharedSecretKeys, Sign, Signatures,
-    TaggedElement, TaggedExtraKeys, TaggedSharedKeys,
+    self, AccordantKeyId, ArbitratingKeyId, KeyGenerator, Keys, SharedSecretKeys, Sign, Signatures,
+    SwapAccordantKeys, TaggedElement, TaggedExtraKeys, TaggedSharedKeys,
 };
 use crate::negotiation::PublicOffer;
 use crate::script::{DataLock, DataPunishableLock, DoubleKeys, ScriptPath};
@@ -1330,4 +1332,10 @@ pub trait Arbitrating:
 
 /// An accordant is the blockchain which does not need transaction inside the protocol nor
 /// timelocks, it is the blockchain with the less requirements for an atomic swap.
-pub trait Accordant: Asset + Address + Keys + SharedSecretKeys + Clone + Eq {}
+pub trait Accordant: Asset + Address + Keys + SharedSecretKeys + Clone + Eq {
+    /// Derive the lock address for the accordant blockchain.
+    fn derive_lock_address(
+        network: Network,
+        keys: SwapAccordantKeys<Self>,
+    ) -> Result<Self::Address, crypto::Error>;
+}