diff --git a/integration_tests/src/config.rs b/integration_tests/src/config.rs index c4718f71..f385682f 100644 --- a/integration_tests/src/config.rs +++ b/integration_tests/src/config.rs @@ -60,11 +60,11 @@ impl InitialData { let mut private_charlie_key_chain = KeyChain::new_os_random(); let mut private_charlie_account_id = - AccountId::from(&private_charlie_key_chain.nullifier_public_key); + AccountId::from((&private_charlie_key_chain.nullifier_public_key, 0)); let mut private_david_key_chain = KeyChain::new_os_random(); let mut private_david_account_id = - AccountId::from(&private_david_key_chain.nullifier_public_key); + AccountId::from((&private_david_key_chain.nullifier_public_key, 0)); // Ensure consistent ordering if private_charlie_account_id > private_david_account_id { @@ -139,7 +139,7 @@ impl InitialData { }) }) .chain(self.private_accounts.iter().map(|(key_chain, account)| { - let account_id = AccountId::from(&key_chain.nullifier_public_key); + let account_id = AccountId::from((&key_chain.nullifier_public_key, 0)); InitialAccountData::Private(Box::new(PrivateAccountPrivateInitialData { account_id, account: account.clone(), diff --git a/integration_tests/tests/tps.rs b/integration_tests/tests/tps.rs index bd46849e..d670ba29 100644 --- a/integration_tests/tests/tps.rs +++ b/integration_tests/tests/tps.rs @@ -220,14 +220,14 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction { data: Data::default(), }, true, - AccountId::from(&sender_npk), + AccountId::from((&sender_npk, 0)), ); let recipient_nsk = [2; 32]; let recipient_vsk = [99; 32]; let recipient_vpk = ViewingPublicKey::from_scalar(recipient_vsk); let recipient_npk = NullifierPublicKey::from(&recipient_nsk); let recipient_pre = - AccountWithMetadata::new(Account::default(), false, AccountId::from(&recipient_npk)); + AccountWithMetadata::new(Account::default(), false, AccountId::from((&recipient_npk, 0))); let eph_holder_from = EphemeralKeyHolder::new(&sender_npk); let sender_ss = eph_holder_from.calculate_shared_secret_sender(&sender_vpk); diff --git a/integration_tests/tests/wallet_ffi.rs b/integration_tests/tests/wallet_ffi.rs index ac548280..5a7f1787 100644 --- a/integration_tests/tests/wallet_ffi.rs +++ b/integration_tests/tests/wallet_ffi.rs @@ -332,7 +332,7 @@ fn wallet_ffi_save_and_load_persistent_storage() -> Result<()> { }; assert_eq!( - nssa::AccountId::from(&private_account_keys.npk()), + nssa::AccountId::from((&private_account_keys.npk(), 0)), out_private_account_id.into() ); diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs index 42130b1f..ffee6687 100644 --- a/key_protocol/src/key_management/key_tree/keys_private.rs +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -10,6 +10,7 @@ use crate::key_management::{ #[derive(Debug, Serialize, Deserialize, Clone)] pub struct ChildKeysPrivate { + // this should store value: (keychain, vec) pub value: (KeyChain, nssa::Account), pub ccc: [u8; 32], /// Can be [`None`] if root. @@ -111,7 +112,7 @@ impl KeyNode for ChildKeysPrivate { } fn account_id(&self) -> nssa::AccountId { - nssa::AccountId::from(&self.value.0.nullifier_public_key) + nssa::AccountId::from((&self.value.0.nullifier_public_key, 0)) } } diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index 8186865f..3d3eb1b5 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -17,6 +17,7 @@ pub struct NSSAUserData { /// Default public accounts. pub default_pub_account_signing_keys: BTreeMap, /// Default private accounts. + // TODO: this should store (keychain, account, identifier) in the values of the map pub default_user_private_accounts: BTreeMap, /// Tree of public keys. @@ -46,7 +47,8 @@ impl NSSAUserData { ) -> bool { let mut check_res = true; for (account_id, (key, _)) in accounts_keys_map { - let expected_account_id = nssa::AccountId::from(&key.nullifier_public_key); + // TODO: Generalize to other identifiers + let expected_account_id = nssa::AccountId::from((&key.nullifier_public_key, 0)); if expected_account_id != *account_id { println!("{expected_account_id}, {account_id}"); check_res = false; diff --git a/nssa/core/src/nullifier.rs b/nssa/core/src/nullifier.rs index 0e15ec74..6cff8246 100644 --- a/nssa/core/src/nullifier.rs +++ b/nssa/core/src/nullifier.rs @@ -8,14 +8,22 @@ use crate::{Commitment, account::AccountId}; #[cfg_attr(any(feature = "host", test), derive(Clone, Hash))] pub struct NullifierPublicKey(pub [u8; 32]); -impl From<&NullifierPublicKey> for AccountId { - fn from(value: &NullifierPublicKey) -> Self { +pub type Identifier = u128; + +impl From<(&NullifierPublicKey, Identifier)> for AccountId { + fn from(value: (&NullifierPublicKey, Identifier)) -> Self { + let (npk, _identifier) = value; const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/LEE/v0.3/AccountId/Private/\x00\x00\x00\x00"; + // 32 bytes prefix || 32 bytes npk || 16 bytes identifier + // TODO: change bytes to [0; 80] and include identifier in little endian; let mut bytes = [0; 64]; bytes[0..32].copy_from_slice(PRIVATE_ACCOUNT_ID_PREFIX); - bytes[32..].copy_from_slice(&value.0); + bytes[32..64].copy_from_slice(&npk.0); + // // TODO: uncomment this line + // bytes[64..].copy_from_slice(&identifier.to_le_bytes()); + Self::new( Impl::hash_bytes(&bytes) .as_bytes() @@ -149,7 +157,7 @@ mod tests { 81, 186, 14, 167, 234, 28, 236, 32, 213, 125, 251, 193, 233, ]); - let account_id = AccountId::from(&npk); + let account_id = AccountId::from((&npk, 0)); assert_eq!(account_id, expected_account_id); } diff --git a/nssa/src/privacy_preserving_transaction/circuit.rs b/nssa/src/privacy_preserving_transaction/circuit.rs index 6c174450..6506e9fe 100644 --- a/nssa/src/privacy_preserving_transaction/circuit.rs +++ b/nssa/src/privacy_preserving_transaction/circuit.rs @@ -214,7 +214,7 @@ mod tests { let recipient = AccountWithMetadata::new( Account::default(), false, - AccountId::from(&recipient_keys.npk()), + AccountId::from((&recipient_keys.npk(), 0)), ); let balance_to_move: u128 = 37; @@ -284,14 +284,14 @@ mod tests { data: Data::default(), }, true, - AccountId::from(&sender_keys.npk()), + AccountId::from((&sender_keys.npk(), 0)), ); let commitment_sender = Commitment::new(&sender_keys.npk(), &sender_pre.account); let recipient = AccountWithMetadata::new( Account::default(), false, - AccountId::from(&recipient_keys.npk()), + AccountId::from((&recipient_keys.npk(), 0)), ); let balance_to_move: u128 = 37; @@ -380,7 +380,7 @@ mod tests { let pre = AccountWithMetadata::new( Account::default(), false, - AccountId::from(&account_keys.npk()), + AccountId::from((&account_keys.npk(), 0)), ); let validity_window_chain_caller = Program::validity_window_chain_caller(); diff --git a/nssa/src/state.rs b/nssa/src/state.rs index 17abc6d1..5c15e192 100644 --- a/nssa/src/state.rs +++ b/nssa/src/state.rs @@ -1212,7 +1212,7 @@ pub mod tests { let sender_nonce = sender.account.nonce; - let recipient = AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + let recipient = AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); let esk = [3; 32]; let shared_secret = SharedSecretKey::new(&esk, &recipient_keys.vpk()); @@ -1251,9 +1251,9 @@ pub mod tests { let program = Program::authenticated_transfer_program(); let sender_commitment = Commitment::new(&sender_keys.npk(), sender_private_account); let sender_pre = - AccountWithMetadata::new(sender_private_account.clone(), true, &sender_keys.npk()); + AccountWithMetadata::new(sender_private_account.clone(), true, (&sender_keys.npk(), 0)); let recipient_pre = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); let esk_1 = [3; 32]; let shared_secret_1 = SharedSecretKey::new(&esk_1, &sender_keys.vpk()); @@ -1303,7 +1303,7 @@ pub mod tests { let program = Program::authenticated_transfer_program(); let sender_commitment = Commitment::new(&sender_keys.npk(), sender_private_account); let sender_pre = - AccountWithMetadata::new(sender_private_account.clone(), true, &sender_keys.npk()); + AccountWithMetadata::new(sender_private_account.clone(), true, (&sender_keys.npk(), 0)); let recipient_pre = AccountWithMetadata::new( state.get_account_by_id(*recipient_account_id), false, @@ -1824,10 +1824,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); let result = execute_and_prove( vec![private_account_1, private_account_2], @@ -1862,7 +1862,7 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32])); @@ -1897,10 +1897,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); // Setting no second commitment proof. let private_account_membership_proofs = [Some((0, vec![]))]; @@ -1938,10 +1938,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); // Setting no auth key for an execution with one non default private accounts. let private_account_nsks = []; @@ -1979,10 +1979,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); let private_account_keys = [ // First private account is the sender @@ -2027,7 +2027,7 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2036,7 +2036,7 @@ pub mod tests { ..Account::default() }, false, - &recipient_keys.npk(), + (&recipient_keys.npk(), 0), ); let result = execute_and_prove( @@ -2073,7 +2073,7 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2082,7 +2082,7 @@ pub mod tests { ..Account::default() }, false, - &recipient_keys.npk(), + (&recipient_keys.npk(), 0), ); let result = execute_and_prove( @@ -2119,7 +2119,7 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2128,7 +2128,7 @@ pub mod tests { ..Account::default() }, false, - &recipient_keys.npk(), + (&recipient_keys.npk(), 0), ); let result = execute_and_prove( @@ -2165,7 +2165,7 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = AccountWithMetadata::new( Account { @@ -2174,7 +2174,7 @@ pub mod tests { ..Account::default() }, false, - &recipient_keys.npk(), + (&recipient_keys.npk(), 0), ); let result = execute_and_prove( @@ -2212,13 +2212,13 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = AccountWithMetadata::new( Account::default(), // This should be set to false in normal circumstances true, - &recipient_keys.npk(), + (&recipient_keys.npk(), 0), ); let result = execute_and_prove( @@ -2284,10 +2284,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); let result = execute_and_prove( vec![private_account_1, private_account_2], @@ -2323,10 +2323,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); // Setting three private account keys for a circuit execution with only two private // accounts. @@ -2369,10 +2369,10 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let private_account_2 = - AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0)); // Setting two private account keys for a circuit execution with only one non default // private account (visibility mask equal to 1 means that auth keys are expected). @@ -2468,7 +2468,7 @@ pub mod tests { ..Account::default() }, true, - &sender_keys.npk(), + (&sender_keys.npk(), 0), ); let visibility_mask = [1, 1]; @@ -2802,7 +2802,7 @@ pub mod tests { vec![(sender_commitment.clone(), sender_init_nullifier)], 0, ); - let sender_pre = AccountWithMetadata::new(sender_private_account, true, &sender_keys.npk()); + let sender_pre = AccountWithMetadata::new(sender_private_account, true, (&sender_keys.npk(), 0)); let recipient_private_key = PrivateKey::try_new([2; 32]).unwrap(); let recipient_account_id = AccountId::from(&PublicKey::new_from_private_key(&recipient_private_key)); @@ -2868,7 +2868,7 @@ pub mod tests { ..Account::default() }, true, - &from_keys.npk(), + (&from_keys.npk(), 0), ); let to_account = AccountWithMetadata::new( Account { @@ -2876,7 +2876,7 @@ pub mod tests { ..Account::default() }, true, - &to_keys.npk(), + (&to_keys.npk(), 0), ); let from_commitment = Commitment::new(&from_keys.npk(), &from_account.account); @@ -3166,7 +3166,7 @@ pub mod tests { // Create an authorized private account with default values (new account being initialized) let authorized_account = - AccountWithMetadata::new(Account::default(), true, &private_keys.npk()); + AccountWithMetadata::new(Account::default(), true, (&private_keys.npk(), 0)); let program = Program::authenticated_transfer_program(); @@ -3219,7 +3219,7 @@ pub mod tests { // operate them without the corresponding private keys, so unauthorized private claiming // remains allowed. let unauthorized_account = - AccountWithMetadata::new(Account::default(), false, &private_keys.npk()); + AccountWithMetadata::new(Account::default(), false, (&private_keys.npk(), 0)); let program = Program::claimer(); let esk = [5; 32]; @@ -3265,7 +3265,7 @@ pub mod tests { // Step 1: Create a new private account with authorization let authorized_account = - AccountWithMetadata::new(Account::default(), true, &private_keys.npk()); + AccountWithMetadata::new(Account::default(), true, (&private_keys.npk(), 0)); let claimer_program = Program::claimer(); @@ -3387,7 +3387,7 @@ pub mod tests { let program = Program::changer_claimer(); let sender_keys = test_private_account_keys_1(); let private_account = - AccountWithMetadata::new(Account::default(), true, &sender_keys.npk()); + AccountWithMetadata::new(Account::default(), true, (&sender_keys.npk(), 0)); // Don't change data (None) and don't claim (false) let instruction: (Option>, bool) = (None, false); @@ -3413,7 +3413,7 @@ pub mod tests { let program = Program::changer_claimer(); let sender_keys = test_private_account_keys_1(); let private_account = - AccountWithMetadata::new(Account::default(), true, &sender_keys.npk()); + AccountWithMetadata::new(Account::default(), true, (&sender_keys.npk(), 0)); // Change data but don't claim (false) - should fail let new_data = vec![1, 2, 3, 4, 5]; let instruction: (Option>, bool) = (Some(new_data), false); @@ -3453,7 +3453,7 @@ pub mod tests { sender_keys.account_id(), ); let recipient_account = - AccountWithMetadata::new(Account::default(), true, &recipient_keys.npk()); + AccountWithMetadata::new(Account::default(), true, (&recipient_keys.npk(), 0)); let recipient_commitment = Commitment::new(&recipient_keys.npk(), &recipient_account.account); @@ -3615,7 +3615,7 @@ pub mod tests { let block_validity_window: BlockValidityWindow = validity_window.try_into().unwrap(); let validity_window_program = Program::validity_window(); let account_keys = test_private_account_keys_1(); - let pre = AccountWithMetadata::new(Account::default(), false, &account_keys.npk()); + let pre = AccountWithMetadata::new(Account::default(), false, (&account_keys.npk(), 0)); let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0).with_test_programs(); let tx = { let esk = [3; 32]; @@ -3684,7 +3684,7 @@ pub mod tests { validity_window.try_into().unwrap(); let validity_window_program = Program::validity_window(); let account_keys = test_private_account_keys_1(); - let pre = AccountWithMetadata::new(Account::default(), false, &account_keys.npk()); + let pre = AccountWithMetadata::new(Account::default(), false, (&account_keys.npk(), 0)); let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0).with_test_programs(); let tx = { let esk = [3; 32]; diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit.rs b/program_methods/guest/src/bin/privacy_preserving_circuit.rs index 1d091e1c..b9287558 100644 --- a/program_methods/guest/src/bin/privacy_preserving_circuit.rs +++ b/program_methods/guest/src/bin/privacy_preserving_circuit.rs @@ -343,7 +343,7 @@ fn compute_circuit_output( }; assert_eq!( - AccountId::from(npk), + AccountId::from((npk, 0)), pre_state.account_id, "AccountId mismatch" ); diff --git a/sequencer/core/src/lib.rs b/sequencer/core/src/lib.rs index cbf8e910..16f5b4d5 100644 --- a/sequencer/core/src/lib.rs +++ b/sequencer/core/src/lib.rs @@ -1107,7 +1107,7 @@ mod tests { let epk = EphemeralPublicKey::from_scalar(esk); let (output, proof) = execute_and_prove( - vec![AccountWithMetadata::new(Account::default(), true, &npk)], + vec![AccountWithMetadata::new(Account::default(), true, (&npk, 0))], Program::serialize_instruction(0_u128).unwrap(), vec![1], vec![(npk.clone(), shared_secret)], diff --git a/testnet_initial_state/src/lib.rs b/testnet_initial_state/src/lib.rs index 91315eec..8532968e 100644 --- a/testnet_initial_state/src/lib.rs +++ b/testnet_initial_state/src/lib.rs @@ -142,7 +142,7 @@ pub fn initial_priv_accounts_private_keys() -> Vec Vec { let acc = nssa_core::account::Account::default(); - let auth_acc = AccountWithMetadata::new(acc, false, &npk); + let auth_acc = AccountWithMetadata::new(acc, false, (&npk, 0)); let pre = AccountPreparedData { nsk: None, npk, @@ -224,7 +224,7 @@ async fn private_acc_preparation( // TODO: Technically we could allow unauthorized owned accounts, but currently we don't have // support from that in the wallet. - let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, &from_npk); + let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, (&from_npk, 0)); Ok(AccountPreparedData { nsk: Some(nsk),