From 71867a4d57b95ad2ecb5ed469b4f0a93195a0962 Mon Sep 17 00:00:00 2001 From: Artem Gureev Date: Tue, 30 Jun 2026 11:39:10 +0000 Subject: [PATCH] refactor(lee_core): make PrivateAddressPlaintext have a vpk lifetime --- integration_tests/tests/account.rs | 4 +- .../tests/auth_transfer/private.rs | 7 +- integration_tests/tests/private_pda.rs | 10 +- integration_tests/tests/tps.rs | 4 +- integration_tests/tests/wallet_ffi.rs | 4 +- .../src/key_management/group_key_holder.rs | 10 +- .../src/key_management/key_tree/mod.rs | 2 +- lee/state_machine/core/src/account.rs | 8 +- lee/state_machine/core/src/circuit_io.rs | 6 +- lee/state_machine/core/src/nullifier.rs | 8 +- lee/state_machine/core/src/program.rs | 38 +++---- .../privacy_preserving_transaction/circuit.rs | 34 +++--- .../privacy_preserving_transaction/message.rs | 7 +- lee/state_machine/src/state.rs | 104 +++++++++--------- lee/state_machine/src/validated_state_diff.rs | 8 +- lez/sequencer/core/src/lib.rs | 4 +- lez/testnet_initial_state/src/lib.rs | 5 +- lez/wallet/src/account_manager.rs | 5 +- lez/wallet/src/cli/account.rs | 2 +- lez/wallet/src/lib.rs | 4 +- lez/wallet/src/storage/key_chain.rs | 8 +- .../execution_state.rs | 10 +- .../bin/privacy_preserving_circuit/output.rs | 12 +- test_fixtures/src/config.rs | 2 +- .../benches/primitives.rs | 2 +- 25 files changed, 149 insertions(+), 159 deletions(-) diff --git a/integration_tests/tests/account.rs b/integration_tests/tests/account.rs index c65cb657..88780321 100644 --- a/integration_tests/tests/account.rs +++ b/integration_tests/tests/account.rs @@ -158,7 +158,7 @@ async fn import_private_account() -> Result<()> { let key_chain = KeyChain::new_os_random(); let account_id = lee::PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key.clone(), + &key_chain.viewing_public_key, 0, ) .account_id(); @@ -220,7 +220,7 @@ async fn import_private_account_second_time_overrides_account_data() -> Result<( let key_chain = KeyChain::new_os_random(); let account_id = lee::PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key.clone(), + &key_chain.viewing_public_key, 0, ) .account_id(); diff --git a/integration_tests/tests/auth_transfer/private.rs b/integration_tests/tests/auth_transfer/private.rs index 208e692e..fa309f53 100644 --- a/integration_tests/tests/auth_transfer/private.rs +++ b/integration_tests/tests/auth_transfer/private.rs @@ -599,14 +599,14 @@ async fn shielded_transfers_to_two_identifiers_same_npk() -> Result<()> { .await?; // Both accounts must be discovered with the correct balances. - let account_id_1 = PrivateAddressPlaintext::new(npk, vpk.clone(), identifier_1).account_id(); + let account_id_1 = PrivateAddressPlaintext::new(npk, &vpk, identifier_1).account_id(); let acc_1 = ctx .wallet() .get_account_private(account_id_1) .context("account for identifier 1 not found after sync")?; assert_eq!(acc_1.balance, 100); - let account_id_2 = PrivateAddressPlaintext::new(npk, vpk.clone(), identifier_2).account_id(); + let account_id_2 = PrivateAddressPlaintext::new(npk, &vpk, identifier_2).account_id(); let acc_2 = ctx .wallet() .get_account_private(account_id_2) @@ -667,8 +667,7 @@ async fn ppt_cant_chain_call_faucet() -> Result<()> { let vpk = ViewingPublicKey::from_bytes(vec![4_u8; 1184]).unwrap(); let attacker_vault_id = { let seed = vault_core::compute_vault_seed(attacker_id); - PrivateAddressPlaintext::new(npk, vpk.clone(), 1337) - .pda_account_id(&vault_program_id, &seed) + PrivateAddressPlaintext::new(npk, &vpk, 1337).pda_account_id(&vault_program_id, &seed) }; let amount: u128 = 1; diff --git a/integration_tests/tests/private_pda.rs b/integration_tests/tests/private_pda.rs index 1aa32d2d..45fd6fcd 100644 --- a/integration_tests/tests/private_pda.rs +++ b/integration_tests/tests/private_pda.rs @@ -51,7 +51,7 @@ async fn fund_private_pda( amount: u128, auth_transfer: &ProgramWithDependencies, ) -> Result<()> { - let pda_account_id = PrivateAddressPlaintext::new(npk, vpk.clone(), identifier) + let pda_account_id = PrivateAddressPlaintext::new(npk, &vpk, identifier) .pda_account_id(&authority_program_id, &seed); let sender_account = wallet .get_account_public(sender) @@ -177,10 +177,10 @@ async fn private_pda_family_members_receive_and_spend() -> Result<()> { let spend_program = ProgramWithDependencies::new(proxy, [(auth_transfer_id, auth_transfer)].into()); - let alice_pda_0_id = PrivateAddressPlaintext::new(alice_npk, alice_vpk.clone(), 0) - .pda_account_id(&proxy_id, &seed); - let alice_pda_1_id = PrivateAddressPlaintext::new(alice_npk, alice_vpk.clone(), 1) - .pda_account_id(&proxy_id, &seed); + let alice_pda_0_id = + PrivateAddressPlaintext::new(alice_npk, &alice_vpk, 0).pda_account_id(&proxy_id, &seed); + let alice_pda_1_id = + PrivateAddressPlaintext::new(alice_npk, &alice_vpk, 1).pda_account_id(&proxy_id, &seed); // Use two different public senders to avoid nonce conflicts between the back-to-back txs. let senders = ctx.existing_public_accounts(); diff --git a/integration_tests/tests/tps.rs b/integration_tests/tests/tps.rs index 3f9e2435..71ac334d 100644 --- a/integration_tests/tests/tps.rs +++ b/integration_tests/tests/tps.rs @@ -266,7 +266,7 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction { data: Data::default(), }, true, - PrivateAddressPlaintext::new(sender_npk, sender_vpk.clone(), 0).account_id(), + PrivateAddressPlaintext::new(sender_npk, &sender_vpk, 0).account_id(), ); let recipient_nsk = [2; 32]; let recipient_vpk = ViewingPublicKey::from_seed(&[101_u8; 32], &[102_u8; 32]); @@ -274,7 +274,7 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction { let recipient_pre = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(recipient_npk, recipient_vpk.clone(), 0).account_id(), + PrivateAddressPlaintext::new(recipient_npk, &recipient_vpk, 0).account_id(), ); let balance_to_move: u128 = 1; diff --git a/integration_tests/tests/wallet_ffi.rs b/integration_tests/tests/wallet_ffi.rs index ba420743..beb349e7 100644 --- a/integration_tests/tests/wallet_ffi.rs +++ b/integration_tests/tests/wallet_ffi.rs @@ -908,7 +908,7 @@ fn test_wallet_ffi_transfer_shielded() -> Result<()> { let mut out_keys = FfiPrivateAccountKeys::default(); wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys).unwrap(); let account_id = - lee::PrivateAddressPlaintext::new(out_keys.npk(), out_keys.vpk().unwrap(), 0_u128) + lee::PrivateAddressPlaintext::new(out_keys.npk(), &out_keys.vpk().unwrap(), 0_u128) .account_id(); let to: FfiBytes32 = account_id.into(); (to, out_keys) @@ -1047,7 +1047,7 @@ fn test_wallet_ffi_transfer_private() -> Result<()> { let mut out_keys = FfiPrivateAccountKeys::default(); wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys).unwrap(); let account_id = - lee::PrivateAddressPlaintext::new(out_keys.npk(), out_keys.vpk().unwrap(), 0_u128) + lee::PrivateAddressPlaintext::new(out_keys.npk(), &out_keys.vpk().unwrap(), 0_u128) .account_id(); let to: FfiBytes32 = account_id.into(); (to, out_keys) diff --git a/lee/key_protocol/src/key_management/group_key_holder.rs b/lee/key_protocol/src/key_management/group_key_holder.rs index 849d7b8c..99f54445 100644 --- a/lee/key_protocol/src/key_management/group_key_holder.rs +++ b/lee/key_protocol/src/key_management/group_key_holder.rs @@ -337,8 +337,8 @@ mod tests { let keys = holder.derive_keys_for_pda(&TEST_PROGRAM_ID, &seed); let npk = keys.generate_nullifier_public_key(); let vpk = keys.generate_viewing_public_key(); - let account_id = PrivateAddressPlaintext::new(npk, vpk.clone(), u128::MAX) - .pda_account_id(&program_id, &seed); + let account_id = + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id, &seed); let expected_npk = NullifierPublicKey([ 136, 176, 234, 71, 208, 8, 143, 142, 126, 155, 132, 18, 71, 27, 88, 56, 100, 90, 79, @@ -346,7 +346,7 @@ mod tests { ]); // AccountId is derived from (program_id, seed, npk), so it changes when npk changes. // We verify npk is pinned, and AccountId is deterministically derived from it. - let expected_account_id = PrivateAddressPlaintext::new(expected_npk, vpk, u128::MAX) + let expected_account_id = PrivateAddressPlaintext::new(expected_npk, &vpk, u128::MAX) .pda_account_id(&program_id, &seed); assert_eq!(npk, expected_npk); @@ -550,9 +550,9 @@ mod tests { let alice_vpk = alice_keys.generate_viewing_public_key(); let bob_group_vpk = bob_group_keys.generate_viewing_public_key(); - let alice_account_id = PrivateAddressPlaintext::new(alice_npk, alice_vpk, 0) + let alice_account_id = PrivateAddressPlaintext::new(alice_npk, &alice_vpk, 0) .pda_account_id(&program_id, &pda_seed); - let bob_account_id = PrivateAddressPlaintext::new(bob_npk, bob_group_vpk, 0) + let bob_account_id = PrivateAddressPlaintext::new(bob_npk, &bob_group_vpk, 0) .pda_account_id(&program_id, &pda_seed); assert_eq!(alice_account_id, bob_account_id); } diff --git a/lee/key_protocol/src/key_management/key_tree/mod.rs b/lee/key_protocol/src/key_management/key_tree/mod.rs index c592647b..37d4afe0 100644 --- a/lee/key_protocol/src/key_management/key_tree/mod.rs +++ b/lee/key_protocol/src/key_management/key_tree/mod.rs @@ -277,7 +277,7 @@ impl KeyTree { let node = self.key_map.get(cci)?; let account_id = lee::PrivateAddressPlaintext::new( node.value.0.nullifier_public_key, - node.value.0.viewing_public_key.clone(), + &node.value.0.viewing_public_key, identifier, ) .account_id(); diff --git a/lee/state_machine/core/src/account.rs b/lee/state_machine/core/src/account.rs index bc7e55d0..2f7c041f 100644 --- a/lee/state_machine/core/src/account.rs +++ b/lee/state_machine/core/src/account.rs @@ -183,17 +183,17 @@ impl AccountId { } #[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))] -pub struct PrivateAddressPlaintext { +pub struct PrivateAddressPlaintext<'vpk> { pub npk: NullifierPublicKey, - pub vpk: ViewingPublicKey, + pub vpk: &'vpk ViewingPublicKey, pub identifier: Identifier, } -impl PrivateAddressPlaintext { +impl<'vpk> PrivateAddressPlaintext<'vpk> { #[must_use] pub const fn new( npk: NullifierPublicKey, - vpk: ViewingPublicKey, + vpk: &'vpk ViewingPublicKey, identifier: Identifier, ) -> Self { Self { diff --git a/lee/state_machine/core/src/circuit_io.rs b/lee/state_machine/core/src/circuit_io.rs index 1eed0053..a7fe7cf5 100644 --- a/lee/state_machine/core/src/circuit_io.rs +++ b/lee/state_machine/core/src/circuit_io.rs @@ -103,14 +103,14 @@ impl InputAccountIdentity { } #[must_use] - pub fn private_pda_address(&self) -> Option { + pub fn private_pda_address(&self) -> Option> { match self { Self::PrivatePdaInit { npk, vpk, identifier, .. - } => Some(PrivateAddressPlaintext::new(*npk, vpk.clone(), *identifier)), + } => Some(PrivateAddressPlaintext::new(*npk, vpk, *identifier)), Self::PrivatePdaUpdate { nsk, vpk, @@ -118,7 +118,7 @@ impl InputAccountIdentity { .. } => Some(PrivateAddressPlaintext::new( NullifierPublicKey::from(nsk), - vpk.clone(), + vpk, *identifier, )), Self::Public diff --git a/lee/state_machine/core/src/nullifier.rs b/lee/state_machine/core/src/nullifier.rs index 8eaf4740..6df7bd2a 100644 --- a/lee/state_machine/core/src/nullifier.rs +++ b/lee/state_machine/core/src/nullifier.rs @@ -16,7 +16,7 @@ pub type Identifier = u128; #[cfg_attr(any(feature = "host", test), derive(Hash))] pub struct NullifierPublicKey(pub [u8; 32]); -impl PrivateAddressPlaintext { +impl PrivateAddressPlaintext<'_> { /// Derives an [`AccountId`] for a regular (non-PDA) private account from the nullifier public /// key and identifier. #[must_use] @@ -162,7 +162,7 @@ mod tests { 220, 68, 135, 10, 171, 182, 80, 54, 74, 228, 244, 236, 7, ]); - let account_id = PrivateAddressPlaintext::new(npk, vpk, 0).account_id(); + let account_id = PrivateAddressPlaintext::new(npk, &vpk, 0).account_id(); assert_eq!(account_id, expected_account_id); } @@ -180,7 +180,7 @@ mod tests { 189, 170, 32, 181, 255, 231, 19, 92, 235, 59, 153, 185, 172, 206, ]); - let account_id = PrivateAddressPlaintext::new(npk, vpk, 1).account_id(); + let account_id = PrivateAddressPlaintext::new(npk, &vpk, 1).account_id(); assert_eq!(account_id, expected_account_id); } @@ -199,7 +199,7 @@ mod tests { 159, 112, 84, 100, 133, 244, 16, 34, 221, 35, 128, 131, 98, 159, ]); - let account_id = PrivateAddressPlaintext::new(npk, vpk, identifier).account_id(); + let account_id = PrivateAddressPlaintext::new(npk, &vpk, identifier).account_id(); assert_eq!(account_id, expected_account_id); } diff --git a/lee/state_machine/core/src/program.rs b/lee/state_machine/core/src/program.rs index 4af96dc7..fb5d6805 100644 --- a/lee/state_machine/core/src/program.rs +++ b/lee/state_machine/core/src/program.rs @@ -152,19 +152,19 @@ impl AccountId { ) -> Self { match kind { PrivateAccountKind::Regular(identifier) => { - PrivateAddressPlaintext::new(*npk, vpk.clone(), *identifier).account_id() + PrivateAddressPlaintext::new(*npk, vpk, *identifier).account_id() } PrivateAccountKind::Pda { program_id, seed, identifier, - } => PrivateAddressPlaintext::new(*npk, vpk.clone(), *identifier) + } => PrivateAddressPlaintext::new(*npk, vpk, *identifier) .pda_account_id(program_id, seed), } } } -impl PrivateAddressPlaintext { +impl PrivateAddressPlaintext<'_> { /// Derives an [`AccountId`] for a private PDA from the program ID, seed, nullifier public /// key, and identifier. /// @@ -964,7 +964,7 @@ mod tests { 156, 13, 55, 32, 139, 91, 222, 209, 83, 172, 148, 123, 179, ]); assert_eq!( - PrivateAddressPlaintext::new(npk, vpk, identifier).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk, &vpk, identifier).pda_account_id(&program_id, &seed), expected ); } @@ -978,9 +978,8 @@ mod tests { let npk_b = NullifierPublicKey([4; 32]); let vpk = ViewingPublicKey::from_seed(&[1_u8; 32], &[2_u8; 32]); assert_ne!( - PrivateAddressPlaintext::new(npk_a, vpk.clone(), u128::MAX) - .pda_account_id(&program_id, &seed), - PrivateAddressPlaintext::new(npk_b, vpk, u128::MAX).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk_a, &vpk, u128::MAX).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk_b, &vpk, u128::MAX).pda_account_id(&program_id, &seed), ); } @@ -993,9 +992,8 @@ mod tests { let npk = NullifierPublicKey([3; 32]); let vpk = ViewingPublicKey::from_seed(&[1_u8; 32], &[2_u8; 32]); assert_ne!( - PrivateAddressPlaintext::new(npk, vpk.clone(), u128::MAX) - .pda_account_id(&program_id, &seed_a), - PrivateAddressPlaintext::new(npk, vpk, u128::MAX).pda_account_id(&program_id, &seed_b), + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id, &seed_a), + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id, &seed_b), ); } @@ -1008,9 +1006,8 @@ mod tests { let npk = NullifierPublicKey([3; 32]); let vpk = ViewingPublicKey::from_seed(&[1_u8; 32], &[2_u8; 32]); assert_ne!( - PrivateAddressPlaintext::new(npk, vpk.clone(), u128::MAX) - .pda_account_id(&program_id_a, &seed), - PrivateAddressPlaintext::new(npk, vpk, u128::MAX).pda_account_id(&program_id_b, &seed), + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id_a, &seed), + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id_b, &seed), ); } @@ -1023,12 +1020,12 @@ mod tests { let npk = NullifierPublicKey([3; 32]); let vpk = ViewingPublicKey::from_seed(&[1_u8; 32], &[2_u8; 32]); assert_ne!( - PrivateAddressPlaintext::new(npk, vpk.clone(), 0).pda_account_id(&program_id, &seed), - PrivateAddressPlaintext::new(npk, vpk.clone(), 1).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk, &vpk, 0).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk, &vpk, 1).pda_account_id(&program_id, &seed), ); assert_ne!( - PrivateAddressPlaintext::new(npk, vpk.clone(), 0).pda_account_id(&program_id, &seed), - PrivateAddressPlaintext::new(npk, vpk, u128::MAX).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk, &vpk, 0).pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id, &seed), ); } @@ -1041,7 +1038,7 @@ mod tests { let npk = NullifierPublicKey([3; 32]); let vpk = ViewingPublicKey::from_seed(&[1_u8; 32], &[2_u8; 32]); let private_id = - PrivateAddressPlaintext::new(npk, vpk, u128::MAX).pda_account_id(&program_id, &seed); + PrivateAddressPlaintext::new(npk, &vpk, u128::MAX).pda_account_id(&program_id, &seed); let public_id = AccountId::for_public_pda(&program_id, &seed); assert_ne!(private_id, public_id); } @@ -1083,7 +1080,7 @@ mod tests { assert_eq!( AccountId::for_private_account(&npk, &vpk, &PrivateAccountKind::Regular(identifier)), - PrivateAddressPlaintext::new(npk, vpk.clone(), identifier).account_id(), + PrivateAddressPlaintext::new(npk, &vpk, identifier).account_id(), ); assert_eq!( AccountId::for_private_account( @@ -1095,8 +1092,7 @@ mod tests { identifier } ), - PrivateAddressPlaintext::new(npk, vpk.clone(), identifier) - .pda_account_id(&program_id, &seed), + PrivateAddressPlaintext::new(npk, &vpk, identifier).pda_account_id(&program_id, &seed), ); } diff --git a/lee/state_machine/src/privacy_preserving_transaction/circuit.rs b/lee/state_machine/src/privacy_preserving_transaction/circuit.rs index 8c6c0785..aa30eb80 100644 --- a/lee/state_machine/src/privacy_preserving_transaction/circuit.rs +++ b/lee/state_machine/src/privacy_preserving_transaction/circuit.rs @@ -238,7 +238,7 @@ mod tests { ); let recipient_account_id = - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(); let recipient = AccountWithMetadata::new(Account::default(), false, recipient_account_id); @@ -319,14 +319,14 @@ mod tests { data: Data::default(), }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let sender_account_id = - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(); let commitment_sender = Commitment::new(&sender_account_id, &sender_pre.account); let recipient_account_id = - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(); let recipient = AccountWithMetadata::new(Account::default(), false, recipient_account_id); let balance_to_move: u128 = 37; @@ -433,7 +433,7 @@ mod tests { let pre = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(account_keys.npk(), account_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(account_keys.npk(), &account_keys.vpk(), 0).account_id(), ); let validity_window_chain_caller = Program::validity_window_chain_caller(); @@ -477,7 +477,7 @@ mod tests { let npk = keys.npk(); let seed = PdaSeed::new([42; 32]); let identifier: u128 = 99; - let account_id = PrivateAddressPlaintext::new(npk, keys.vpk(), identifier) + let account_id = PrivateAddressPlaintext::new(npk, &keys.vpk(), identifier) .pda_account_id(&program.id(), &seed); let init_nonce = Nonce::private_account_nonce_init(&account_id); let esk = EphemeralSecretKey::new(&account_id, &[0; 32], &init_nonce); @@ -522,7 +522,7 @@ mod tests { // PDA (new, private PDA) let pda_id = - PrivateAddressPlaintext::new(npk, keys.vpk(), 0).pda_account_id(&program.id(), &seed); + PrivateAddressPlaintext::new(npk, &keys.vpk(), 0).pda_account_id(&program.id(), &seed); let pda_pre = AccountWithMetadata::new(Account::default(), false, pda_id); let auth_id = auth_transfer.id(); @@ -562,7 +562,7 @@ mod tests { // PDA (new, private PDA) let pda_id = - PrivateAddressPlaintext::new(npk, keys.vpk(), 0).pda_account_id(&program.id(), &seed); + PrivateAddressPlaintext::new(npk, &keys.vpk(), 0).pda_account_id(&program.id(), &seed); let pda_pre = AccountWithMetadata::new(Account::default(), false, pda_id); // Recipient (public) @@ -630,7 +630,7 @@ mod tests { // Recipient: shared private account (new, unauthorized) let shared_account_id = - PrivateAddressPlaintext::new(shared_npk, shared_keys.vpk(), shared_identifier) + PrivateAddressPlaintext::new(shared_npk, &shared_keys.vpk(), shared_identifier) .account_id(); let recipient = AccountWithMetadata::new(Account::default(), false, shared_account_id); @@ -669,7 +669,7 @@ mod tests { let keys = test_private_account_keys_1(); let identifier: u128 = 99; let account_id = - PrivateAddressPlaintext::new(keys.npk(), keys.vpk(), identifier).account_id(); + PrivateAddressPlaintext::new(keys.npk(), &keys.vpk(), identifier).account_id(); let nonce = Nonce::private_account_nonce_init(&account_id); let esk = EphemeralSecretKey::new(&account_id, &[0; 32], &nonce); let ssk = SharedSecretKey::encapsulate_deterministic(&keys.vpk(), &esk).0; @@ -703,7 +703,7 @@ mod tests { let keys = test_private_account_keys_1(); let identifier: u128 = 99; let account_id = - PrivateAddressPlaintext::new(keys.npk(), keys.vpk(), identifier).account_id(); + PrivateAddressPlaintext::new(keys.npk(), &keys.vpk(), identifier).account_id(); let pre = AccountWithMetadata::new(Account::default(), true, account_id); let (output, _) = execute_and_prove( @@ -749,7 +749,7 @@ mod tests { let identifier: u128 = 99; // create an account id with one set of viewing keys let account_id = - PrivateAddressPlaintext::new(keys.npk(), keys.vpk(), identifier).account_id(); + PrivateAddressPlaintext::new(keys.npk(), &keys.vpk(), identifier).account_id(); let pre = AccountWithMetadata::new(Account::default(), true, account_id); let result = execute_and_prove( @@ -778,7 +778,7 @@ mod tests { let keys = test_private_account_keys_1(); let identifier: u128 = 99; let recipient_id = - PrivateAddressPlaintext::new(keys.npk(), keys.vpk(), identifier).account_id(); + PrivateAddressPlaintext::new(keys.npk(), &keys.vpk(), identifier).account_id(); let init_nonce = Nonce::private_account_nonce_init(&recipient_id); let esk = EphemeralSecretKey::new(&recipient_id, &[0; 32], &init_nonce); let ssk = SharedSecretKey::encapsulate_deterministic(&keys.vpk(), &esk).0; @@ -827,7 +827,7 @@ mod tests { let keys = test_private_account_keys_1(); let identifier: u128 = 99; let account_id = - PrivateAddressPlaintext::new(keys.npk(), keys.vpk(), identifier).account_id(); + PrivateAddressPlaintext::new(keys.npk(), &keys.vpk(), identifier).account_id(); let update_nonce = Nonce::default().private_account_nonce_increment(&keys.nsk); let esk = EphemeralSecretKey::new(&account_id, &[0; 32], &update_nonce); let ssk = SharedSecretKey::encapsulate_deterministic(&keys.vpk(), &esk).0; @@ -880,7 +880,7 @@ mod tests { let seed = PdaSeed::new([42; 32]); let identifier: u128 = 99; let auth_transfer_id = auth_transfer.id(); - let pda_id = PrivateAddressPlaintext::new(npk, keys.vpk(), identifier) + let pda_id = PrivateAddressPlaintext::new(npk, &keys.vpk(), identifier) .pda_account_id(&program.id(), &seed); let update_nonce = Nonce::default().private_account_nonce_increment(&keys.nsk); let esk = EphemeralSecretKey::new(&pda_id, &[0; 32], &update_nonce); @@ -938,7 +938,7 @@ mod tests { let npk = keys.npk(); let seed = PdaSeed::new([42; 32]); let account_id = - PrivateAddressPlaintext::new(npk, keys.vpk(), 5).pda_account_id(&program.id(), &seed); + PrivateAddressPlaintext::new(npk, &keys.vpk(), 5).pda_account_id(&program.id(), &seed); let pre_state = AccountWithMetadata::new(Account::default(), false, account_id); let result = execute_and_prove( @@ -966,7 +966,7 @@ mod tests { let seed = PdaSeed::new([42; 32]); let auth_transfer_id = auth_transfer.id(); let pda_id = - PrivateAddressPlaintext::new(npk, keys.vpk(), 5).pda_account_id(&program.id(), &seed); + PrivateAddressPlaintext::new(npk, &keys.vpk(), 5).pda_account_id(&program.id(), &seed); let pda_account = Account { program_owner: auth_transfer_id, balance: 1, diff --git a/lee/state_machine/src/privacy_preserving_transaction/message.rs b/lee/state_machine/src/privacy_preserving_transaction/message.rs index 72f15bf3..a2a93719 100644 --- a/lee/state_machine/src/privacy_preserving_transaction/message.rs +++ b/lee/state_machine/src/privacy_preserving_transaction/message.rs @@ -120,11 +120,11 @@ pub mod tests { let encrypted_private_post_states = Vec::new(); let account_id2 = - lee_core::account::PrivateAddressPlaintext::new(npk2, vpk.clone(), 0).account_id(); + lee_core::account::PrivateAddressPlaintext::new(npk2, &vpk, 0).account_id(); let new_commitments = vec![Commitment::new(&account_id2, &account2)]; let account_id1 = - lee_core::account::PrivateAddressPlaintext::new(npk1, vpk, 0).account_id(); + lee_core::account::PrivateAddressPlaintext::new(npk1, &vpk, 0).account_id(); let old_commitment = Commitment::new(&account_id1, &account1); let new_nullifiers = vec![( Nullifier::for_account_update(&old_commitment, &nsk1), @@ -200,8 +200,7 @@ pub mod tests { let npk = NullifierPublicKey::from(&[1; 32]); let vpk = ViewingPublicKey::from_seed(&[2_u8; 32], &[3_u8; 32]); let account = Account::default(); - let account_id = - lee_core::account::PrivateAddressPlaintext::new(npk, vpk.clone(), 0).account_id(); + let account_id = lee_core::account::PrivateAddressPlaintext::new(npk, &vpk, 0).account_id(); let commitment = Commitment::new(&account_id, &account); let (shared_secret, epk) = SharedSecretKey::encapsulate_deterministic(&vpk, &EphemeralSecretKey([0_u8; 32])); diff --git a/lee/state_machine/src/state.rs b/lee/state_machine/src/state.rs index 43353662..4965c431 100644 --- a/lee/state_machine/src/state.rs +++ b/lee/state_machine/src/state.rs @@ -519,7 +519,7 @@ pub mod tests { #[must_use] pub fn with_private_account(mut self, keys: &TestPrivateKeys, account: &Account) -> Self { - let account_id = PrivateAddressPlaintext::new(keys.npk(), keys.vpk(), 0).account_id(); + let account_id = PrivateAddressPlaintext::new(keys.npk(), &keys.vpk(), 0).account_id(); let commitment = Commitment::new(&account_id, account); self.private_state.0.extend(&[commitment]); self @@ -731,8 +731,8 @@ pub mod tests { ..Account::default() }; - let account_id1 = PrivateAddressPlaintext::new(keys1.npk(), keys1.vpk(), 0).account_id(); - let account_id2 = PrivateAddressPlaintext::new(keys2.npk(), keys2.vpk(), 0).account_id(); + let account_id1 = PrivateAddressPlaintext::new(keys1.npk(), &keys1.vpk(), 0).account_id(); + let account_id2 = PrivateAddressPlaintext::new(keys2.npk(), &keys2.vpk(), 0).account_id(); let init_commitment1 = Commitment::new(&account_id1, &account); let init_commitment2 = Commitment::new(&account_id2, &account); @@ -1408,7 +1408,7 @@ pub mod tests { let recipient = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -1451,17 +1451,17 @@ pub mod tests { ) -> PrivacyPreservingTransaction { let program = Program::authenticated_transfer_program(); let sender_account_id = - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(); let sender_commitment = Commitment::new(&sender_account_id, sender_private_account); let sender_pre = AccountWithMetadata::new( sender_private_account.clone(), true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let recipient_pre = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -1508,12 +1508,12 @@ pub mod tests { ) -> PrivacyPreservingTransaction { let program = Program::authenticated_transfer_program(); let sender_account_id = - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(); let sender_commitment = Commitment::new(&sender_account_id, sender_private_account); let sender_pre = AccountWithMetadata::new( sender_private_account.clone(), true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let recipient_pre = AccountWithMetadata::new( state.get_account_by_id(*recipient_account_id), @@ -1619,9 +1619,9 @@ pub mod tests { ); let sender_account_id = - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(); let recipient_account_id = - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(); let expected_new_commitment_1 = Commitment::new( &sender_account_id, @@ -1774,7 +1774,7 @@ pub mod tests { ); let sender_account_id = - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(); let expected_new_commitment = Commitment::new( &sender_account_id, &Account { @@ -2086,12 +2086,12 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let private_account_2 = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -2135,7 +2135,7 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2144,7 +2144,7 @@ pub mod tests { ..Account::default() }, false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -2184,7 +2184,7 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2193,7 +2193,7 @@ pub mod tests { ..Account::default() }, false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -2233,7 +2233,7 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2242,7 +2242,7 @@ pub mod tests { ..Account::default() }, false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -2282,7 +2282,7 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2291,7 +2291,7 @@ pub mod tests { ..Account::default() }, false, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -2332,13 +2332,13 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let private_account_2 = AccountWithMetadata::new( Account::default(), // This should be set to false in normal circumstances true, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); @@ -2419,7 +2419,7 @@ pub mod tests { let npk = keys.npk(); let seed = PdaSeed::new([42; 32]); - let account_id = PrivateAddressPlaintext::new(npk, keys.vpk(), u128::MAX) + let account_id = PrivateAddressPlaintext::new(npk, &keys.vpk(), u128::MAX) .pda_account_id(&program.id(), &seed); let pre_state = AccountWithMetadata::new(Account::default(), false, account_id); @@ -2461,7 +2461,7 @@ pub mod tests { // `account_id` is derived from `npk_a`, but `npk_b` is supplied for this pre_state. // `PrivateAddressPlaintext::new(npk_b, ..).pda_account_id(program, seed) != account_id`, so // the claim check in the circuit must reject. - let account_id = PrivateAddressPlaintext::new(npk_a, keys_a.vpk(), u128::MAX) + let account_id = PrivateAddressPlaintext::new(npk_a, &keys_a.vpk(), u128::MAX) .pda_account_id(&program.id(), &seed); let pre_state = AccountWithMetadata::new(Account::default(), false, account_id); @@ -2494,7 +2494,7 @@ pub mod tests { let npk = keys.npk(); let seed = PdaSeed::new([77; 32]); - let account_id = PrivateAddressPlaintext::new(npk, keys.vpk(), u128::MAX) + let account_id = PrivateAddressPlaintext::new(npk, &keys.vpk(), u128::MAX) .pda_account_id(&delegator.id(), &seed); let pre_state = AccountWithMetadata::new(Account::default(), false, account_id); @@ -2534,7 +2534,7 @@ pub mod tests { let claim_seed = PdaSeed::new([77; 32]); let wrong_delegated_seed = PdaSeed::new([88; 32]); - let account_id = PrivateAddressPlaintext::new(npk, keys.vpk(), u128::MAX) + let account_id = PrivateAddressPlaintext::new(npk, &keys.vpk(), u128::MAX) .pda_account_id(&delegator.id(), &claim_seed); let pre_state = AccountWithMetadata::new(Account::default(), false, account_id); @@ -2573,9 +2573,9 @@ pub mod tests { let keys_b = test_private_account_keys_2(); let seed = PdaSeed::new([55; 32]); - let account_a = PrivateAddressPlaintext::new(keys_a.npk(), keys_a.vpk(), u128::MAX) + let account_a = PrivateAddressPlaintext::new(keys_a.npk(), &keys_a.vpk(), u128::MAX) .pda_account_id(&program.id(), &seed); - let account_b = PrivateAddressPlaintext::new(keys_b.npk(), keys_b.vpk(), u128::MAX) + let account_b = PrivateAddressPlaintext::new(keys_b.npk(), &keys_b.vpk(), u128::MAX) .pda_account_id(&program.id(), &seed); let pre_a = AccountWithMetadata::new(Account::default(), false, account_a); @@ -2620,7 +2620,7 @@ pub mod tests { // Simulate a previously-claimed private PDA: program_owner != DEFAULT, is_authorized = // true, account_id derived via the private formula. - let account_id = PrivateAddressPlaintext::new(npk, keys.vpk(), u128::MAX) + let account_id = PrivateAddressPlaintext::new(npk, &keys.vpk(), u128::MAX) .pda_account_id(&program.id(), &seed); let owned_pre_state = AccountWithMetadata::new( Account { @@ -2714,7 +2714,7 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let result = execute_and_prove( @@ -3048,7 +3048,7 @@ pub mod tests { ..Account::default() }; let sender_account_id = - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(); let sender_commitment = Commitment::new(&sender_account_id, &sender_private_account); let sender_init_nullifier = Nullifier::for_account_initialization(&sender_account_id); let mut state = V03State::new_with_genesis_accounts( @@ -3059,7 +3059,7 @@ pub mod tests { let sender_pre = AccountWithMetadata::new( sender_private_account, true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); let recipient_private_key = PrivateKey::try_new([2; 32]).unwrap(); let recipient_account_id = @@ -3132,7 +3132,7 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(from_keys.npk(), from_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(from_keys.npk(), &from_keys.vpk(), 0).account_id(), ); let to_account = AccountWithMetadata::new( Account { @@ -3140,13 +3140,13 @@ pub mod tests { ..Account::default() }, true, - PrivateAddressPlaintext::new(to_keys.npk(), to_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(to_keys.npk(), &to_keys.vpk(), 0).account_id(), ); let from_account_id = - PrivateAddressPlaintext::new(from_keys.npk(), from_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(from_keys.npk(), &from_keys.vpk(), 0).account_id(); let to_account_id = - PrivateAddressPlaintext::new(to_keys.npk(), to_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(to_keys.npk(), &to_keys.vpk(), 0).account_id(); let from_commitment = Commitment::new(&from_account_id, &from_account.account); let to_commitment = Commitment::new(&to_account_id, &to_account.account); let from_init_nullifier = Nullifier::for_account_initialization(&from_account_id); @@ -3453,7 +3453,7 @@ pub mod tests { let authorized_account = AccountWithMetadata::new( Account::default(), true, - PrivateAddressPlaintext::new(private_keys.npk(), private_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(private_keys.npk(), &private_keys.vpk(), 0).account_id(), ); let program = Program::authenticated_transfer_program(); @@ -3486,7 +3486,7 @@ pub mod tests { assert!(result.is_ok()); let account_id = - PrivateAddressPlaintext::new(private_keys.npk(), private_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(private_keys.npk(), &private_keys.vpk(), 0).account_id(); let nullifier = Nullifier::for_account_initialization(&account_id); assert!(state.private_state.1.contains(&nullifier)); } @@ -3503,7 +3503,7 @@ pub mod tests { let unauthorized_account = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(private_keys.npk(), private_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(private_keys.npk(), &private_keys.vpk(), 0).account_id(), ); let program = Program::claimer(); @@ -3531,7 +3531,7 @@ pub mod tests { .unwrap(); let account_id = - PrivateAddressPlaintext::new(private_keys.npk(), private_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(private_keys.npk(), &private_keys.vpk(), 0).account_id(); let nullifier = Nullifier::for_account_initialization(&account_id); assert!(state.private_state.1.contains(&nullifier)); } @@ -3547,7 +3547,7 @@ pub mod tests { let authorized_account = AccountWithMetadata::new( Account::default(), true, - PrivateAddressPlaintext::new(private_keys.npk(), private_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(private_keys.npk(), &private_keys.vpk(), 0).account_id(), ); let claimer_program = Program::claimer(); @@ -3584,7 +3584,7 @@ pub mod tests { // Verify the account is now initialized (nullifier exists) let account_id = - PrivateAddressPlaintext::new(private_keys.npk(), private_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(private_keys.npk(), &private_keys.vpk(), 0).account_id(); let nullifier = Nullifier::for_account_initialization(&account_id); assert!(state.private_state.1.contains(&nullifier)); @@ -3674,7 +3674,7 @@ pub mod tests { let private_account = AccountWithMetadata::new( Account::default(), true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); // Don't change data (None) and don't claim (false) let instruction: (Option>, bool) = (None, false); @@ -3703,7 +3703,7 @@ pub mod tests { let private_account = AccountWithMetadata::new( Account::default(), true, - PrivateAddressPlaintext::new(sender_keys.npk(), sender_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(sender_keys.npk(), &sender_keys.vpk(), 0).account_id(), ); // Change data but don't claim (false) - should fail let new_data = vec![1, 2, 3, 4, 5]; @@ -3746,12 +3746,12 @@ pub mod tests { let recipient_account = AccountWithMetadata::new( Account::default(), true, - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(), ); let recipient_account_id = - PrivateAddressPlaintext::new(recipient_keys.npk(), recipient_keys.vpk(), 0) + PrivateAddressPlaintext::new(recipient_keys.npk(), &recipient_keys.vpk(), 0) .account_id(); let recipient_commitment = Commitment::new(&recipient_account_id, &recipient_account.account); @@ -3921,7 +3921,7 @@ pub mod tests { let pre = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(account_keys.npk(), account_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(account_keys.npk(), &account_keys.vpk(), 0).account_id(), ); let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0).with_test_programs(); let tx = { @@ -3986,7 +3986,7 @@ pub mod tests { let pre = AccountWithMetadata::new( Account::default(), false, - PrivateAddressPlaintext::new(account_keys.npk(), account_keys.vpk(), 0).account_id(), + PrivateAddressPlaintext::new(account_keys.npk(), &account_keys.vpk(), 0).account_id(), ); let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0).with_test_programs(); let tx = { @@ -4517,9 +4517,9 @@ pub mod tests { ProgramWithDependencies::new(proxy, [(auth_transfer_id, auth_transfer.clone())].into()); let funder_id = funder_keys.account_id(); - let alice_pda_0_id = PrivateAddressPlaintext::new(alice_npk, alice_keys.vpk(), 0) + let alice_pda_0_id = PrivateAddressPlaintext::new(alice_npk, &alice_keys.vpk(), 0) .pda_account_id(&proxy_id, &seed); - let alice_pda_1_id = PrivateAddressPlaintext::new(alice_npk, alice_keys.vpk(), 1) + let alice_pda_1_id = PrivateAddressPlaintext::new(alice_npk, &alice_keys.vpk(), 1) .pda_account_id(&proxy_id, &seed); let recipient_id = test_public_account_keys_2().account_id(); let recipient_signing_key = test_public_account_keys_2().signing_key; diff --git a/lee/state_machine/src/validated_state_diff.rs b/lee/state_machine/src/validated_state_diff.rs index 7befe5d9..0bc953c0 100644 --- a/lee/state_machine/src/validated_state_diff.rs +++ b/lee/state_machine/src/validated_state_diff.rs @@ -603,7 +603,7 @@ mod tests { // Attacker controls a private account. let attacker_keys = test_private_account_keys_1(); let attacker_id = - PrivateAddressPlaintext::new(attacker_keys.npk(), attacker_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(attacker_keys.npk(), &attacker_keys.vpk(), 0).account_id(); let victim_id = AccountId::new([20_u8; 32]); let recipient_id = AccountId::new([42_u8; 32]); @@ -709,7 +709,7 @@ mod tests { /// There are two routes, both closed: /// /// - **mask=1 (`PrivateAuthorizedUpdate`)**: the circuit derives `account_id = - /// PrivateAddressPlaintext::new(npk_from(nsk), vpk, identifier).account_id()` and asserts it + /// PrivateAddressPlaintext::new(npk_from(nsk), &vpk, identifier).account_id()` and asserts it /// matches `pre_state.account_id`. Passing this check requires the victim's `nsk`, which the /// attacker does not have. `execute_and_prove` panics inside the ZKVM and no proof is /// produced. @@ -755,12 +755,12 @@ mod tests { // Attacker controls a private account. let attacker_keys = test_private_account_keys_1(); let attacker_id = - PrivateAddressPlaintext::new(attacker_keys.npk(), attacker_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(attacker_keys.npk(), &attacker_keys.vpk(), 0).account_id(); // Victim is a private account — not registered in public chain state. let victim_keys = test_private_account_keys_2(); let victim_id = - PrivateAddressPlaintext::new(victim_keys.npk(), victim_keys.vpk(), 0).account_id(); + PrivateAddressPlaintext::new(victim_keys.npk(), &victim_keys.vpk(), 0).account_id(); let victim_balance = 5_000_u128; let recipient_id = AccountId::new([42_u8; 32]); diff --git a/lez/sequencer/core/src/lib.rs b/lez/sequencer/core/src/lib.rs index 8f2ee154..b4a152c2 100644 --- a/lez/sequencer/core/src/lib.rs +++ b/lez/sequencer/core/src/lib.rs @@ -1606,7 +1606,7 @@ mod tests { let sender_keys = KeyChain::new_os_random(); let sender_account_id = PrivateAddressPlaintext::new( sender_keys.nullifier_public_key, - sender_keys.viewing_public_key.clone(), + &sender_keys.viewing_public_key, 0, ) .account_id(); @@ -1634,7 +1634,7 @@ mod tests { true, PrivateAddressPlaintext::new( sender_keys.nullifier_public_key, - sender_keys.viewing_public_key.clone(), + &sender_keys.viewing_public_key, 0, ) .account_id(), diff --git a/lez/testnet_initial_state/src/lib.rs b/lez/testnet_initial_state/src/lib.rs index f71359ef..bf43a05b 100644 --- a/lez/testnet_initial_state/src/lib.rs +++ b/lez/testnet_initial_state/src/lib.rs @@ -108,7 +108,7 @@ impl PrivateAccountPrivateInitialData { pub fn account_id(&self) -> lee::AccountId { lee::PrivateAddressPlaintext::new( self.key_chain.nullifier_public_key, - self.key_chain.viewing_public_key.clone(), + &self.key_chain.viewing_public_key, self.identifier, ) .account_id() @@ -220,8 +220,7 @@ pub fn initial_state() -> V03State { .map(|init_comm_data| { let npk = &init_comm_data.npk; let account_id = - lee::PrivateAddressPlaintext::new(*npk, init_comm_data.vpk.clone(), 0) - .account_id(); + lee::PrivateAddressPlaintext::new(*npk, &init_comm_data.vpk, 0).account_id(); let mut acc = init_comm_data.account.clone(); diff --git a/lez/wallet/src/account_manager.rs b/lez/wallet/src/account_manager.rs index 226d4b5b..9b68788a 100644 --- a/lez/wallet/src/account_manager.rs +++ b/lez/wallet/src/account_manager.rs @@ -264,7 +264,7 @@ impl AccountManager { let auth_acc = AccountWithMetadata::new( acc, false, - PrivateAddressPlaintext::new(npk, vpk.clone(), identifier).account_id(), + PrivateAddressPlaintext::new(npk, &vpk, identifier).account_id(), ); let mut random_seed: [u8; 32] = [0; 32]; OsRng.fill_bytes(&mut random_seed); @@ -314,8 +314,7 @@ impl AccountManager { identifier, } => { let account_id = - lee::PrivateAddressPlaintext::new(npk, vpk.clone(), identifier) - .account_id(); + lee::PrivateAddressPlaintext::new(npk, &vpk, identifier).account_id(); let pre = private_shared_acc_preparation( wallet, account_id, nsk, npk, vpk, identifier, false, ) diff --git a/lez/wallet/src/cli/account.rs b/lez/wallet/src/cli/account.rs index 42e3df4c..f7cf43ba 100644 --- a/lez/wallet/src/cli/account.rs +++ b/lez/wallet/src/cli/account.rs @@ -527,7 +527,7 @@ impl WalletSubcommand for ImportSubcommand { let account = lee::Account::from(account_state); let account_id = lee::PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key.clone(), + &key_chain.viewing_public_key, identifier, ) .account_id(); diff --git a/lez/wallet/src/lib.rs b/lez/wallet/src/lib.rs index d71a795b..dbe427c3 100644 --- a/lez/wallet/src/lib.rs +++ b/lez/wallet/src/lib.rs @@ -377,7 +377,7 @@ impl WalletCore { let keys = holder.derive_keys_for_pda(&program_id, &pda_seed); let npk = keys.generate_nullifier_public_key(); let vpk = keys.generate_viewing_public_key(); - let account_id = PrivateAddressPlaintext::new(npk, vpk.clone(), identifier) + let account_id = PrivateAddressPlaintext::new(npk, &vpk, identifier) .pda_account_id(&program_id, &pda_seed); self.register_shared_account( @@ -420,7 +420,7 @@ impl WalletCore { let keys = holder.derive_keys_for_shared_account(&derivation_seed); let npk = keys.generate_nullifier_public_key(); let vpk = keys.generate_viewing_public_key(); - let account_id = PrivateAddressPlaintext::new(npk, vpk.clone(), identifier).account_id(); + let account_id = PrivateAddressPlaintext::new(npk, &vpk, identifier).account_id(); self.register_shared_account(account_id, group_name, identifier, None, None); diff --git a/lez/wallet/src/storage/key_chain.rs b/lez/wallet/src/storage/key_chain.rs index bfecb9d6..d30f26f1 100644 --- a/lez/wallet/src/storage/key_chain.rs +++ b/lez/wallet/src/storage/key_chain.rs @@ -738,7 +738,7 @@ mod tests { let key_chain = KeyChain::new_os_random(); let account_id = PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key.clone(), + &key_chain.viewing_public_key, 0, ) .account_id(); @@ -758,7 +758,7 @@ mod tests { let key_chain = KeyChain::new_os_random(); let account_id = PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key.clone(), + &key_chain.viewing_public_key, 0, ) .account_id(); @@ -808,7 +808,7 @@ mod tests { let key_chain = KeyChain::new_os_random(); let account_id = PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key, + &key_chain.viewing_public_key, 0, ) .account_id(); @@ -834,7 +834,7 @@ mod tests { let key_chain = KeyChain::new_os_random(); let account_id1 = PrivateAddressPlaintext::new( key_chain.nullifier_public_key, - key_chain.viewing_public_key.clone(), + &key_chain.viewing_public_key, 0, ) .account_id(); diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit/execution_state.rs b/program_methods/guest/src/bin/privacy_preserving_circuit/execution_state.rs index b2f55624..85765121 100644 --- a/program_methods/guest/src/bin/privacy_preserving_circuit/execution_state.rs +++ b/program_methods/guest/src/bin/privacy_preserving_circuit/execution_state.rs @@ -295,9 +295,8 @@ impl ExecutionState { seed: Some((seed, authority_program_id)), .. }) => { - let expected = - PrivateAddressPlaintext::new(*npk, vpk.clone(), *identifier) - .pda_account_id(authority_program_id, seed); + let expected = PrivateAddressPlaintext::new(*npk, vpk, *identifier) + .pda_account_id(authority_program_id, seed); assert_eq!( pre_account_id, expected, "External seed mismatch for PrivatePdaInit at position {pre_state_position}" @@ -312,9 +311,8 @@ impl ExecutionState { .. }) => { let npk = NullifierPublicKey::from(nsk); - let expected = - PrivateAddressPlaintext::new(npk, vpk.clone(), *identifier) - .pda_account_id(authority_program_id, seed); + let expected = PrivateAddressPlaintext::new(npk, vpk, *identifier) + .pda_account_id(authority_program_id, seed); assert_eq!( pre_account_id, expected, "External seed mismatch for PrivatePdaUpdate at position {pre_state_position}" diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs b/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs index c5fe0570..307aa507 100644 --- a/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs +++ b/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs @@ -47,7 +47,7 @@ pub fn compute_circuit_output( identifier, } => { let address = - PrivateAddressPlaintext::new(NullifierPublicKey::from(&nsk), vpk, identifier); + PrivateAddressPlaintext::new(NullifierPublicKey::from(&nsk), &vpk, identifier); let account_id = address.account_id(); assert_eq!(account_id, pre_state.account_id, "AccountId mismatch"); @@ -74,7 +74,7 @@ pub fn compute_circuit_output( &account_id, &PrivateAccountKind::Regular(address.identifier), &address.npk, - &address.vpk, + address.vpk, &random_seed, new_nullifier, new_nonce, @@ -88,7 +88,7 @@ pub fn compute_circuit_output( identifier, } => { let address = - PrivateAddressPlaintext::new(NullifierPublicKey::from(&nsk), vpk, identifier); + PrivateAddressPlaintext::new(NullifierPublicKey::from(&nsk), &vpk, identifier); let account_id = address.account_id(); assert_eq!(account_id, pre_state.account_id, "AccountId mismatch"); @@ -115,7 +115,7 @@ pub fn compute_circuit_output( &account_id, &PrivateAccountKind::Regular(address.identifier), &address.npk, - &address.vpk, + address.vpk, &random_seed, new_nullifier, new_nonce, @@ -127,7 +127,7 @@ pub fn compute_circuit_output( npk, identifier, } => { - let address = PrivateAddressPlaintext::new(npk, vpk, identifier); + let address = PrivateAddressPlaintext::new(npk, &vpk, identifier); let account_id = address.account_id(); assert_eq!(account_id, pre_state.account_id, "AccountId mismatch"); @@ -154,7 +154,7 @@ pub fn compute_circuit_output( &account_id, &PrivateAccountKind::Regular(address.identifier), &address.npk, - &address.vpk, + address.vpk, &random_seed, new_nullifier, new_nonce, diff --git a/test_fixtures/src/config.rs b/test_fixtures/src/config.rs index dd48b5d1..2ffc2aba 100644 --- a/test_fixtures/src/config.rs +++ b/test_fixtures/src/config.rs @@ -25,7 +25,7 @@ impl InitialPrivateAccountForWallet { pub fn account_id(&self) -> AccountId { PrivateAddressPlaintext::new( self.key_chain.nullifier_public_key, - self.key_chain.viewing_public_key.clone(), + &self.key_chain.viewing_public_key, self.identifier, ) .account_id() diff --git a/tools/crypto_primitives_bench/benches/primitives.rs b/tools/crypto_primitives_bench/benches/primitives.rs index dade11e3..66b481c9 100644 --- a/tools/crypto_primitives_bench/benches/primitives.rs +++ b/tools/crypto_primitives_bench/benches/primitives.rs @@ -49,7 +49,7 @@ fn bench_encryption(c: &mut Criterion) { let npk = recipient_kc.nullifier_public_key; let account = Account::default(); let account_id = - PrivateAddressPlaintext::new(npk, recipient_kc.viewing_public_key.clone(), 0).account_id(); + PrivateAddressPlaintext::new(npk, &recipient_kc.viewing_public_key, 0).account_id(); let commitment = Commitment::new(&account_id, &account); let (shared, _epk) = SharedSecretKey::encapsulate(&recipient_kc.viewing_public_key); let kind = PrivateAccountKind::Regular(0_u128);