refactor: rename PrivateUnauthorized to PrivateForeignInit

The account_identity's is_authorized flag no longer determines
authorization for this variant, so keep the name tied to what
actually distinguishes it: no nsk, only npk (a foreign account init).
This commit is contained in:
Marvin Jones 2026-07-15 09:23:21 -04:00
parent 40595604a4
commit 000176c205
9 changed files with 26 additions and 26 deletions

View File

@ -638,7 +638,7 @@ async fn prove_init_with_commitment_root(
})?,
vec![
InputAccountIdentity::Public,
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk,
random_seed: [0; 32],
npk,

View File

@ -298,7 +298,7 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction {
membership_proof: proof,
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_vpk,
random_seed: [0; 32],
npk: recipient_npk,

View File

@ -117,7 +117,7 @@ pub fn compute_circuit_output(
new_nonce,
);
}
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk,
random_seed,
npk,
@ -133,8 +133,8 @@ pub fn compute_circuit_output(
"Found new private account with non default values",
);
assert!(
!pre_state.is_authorized,
"Found new private account marked as authorized."
pre_state.is_authorized,
"Found new private account marked as unauthorized."
);
let new_nullifier = (

View File

@ -48,7 +48,7 @@ pub enum InputAccountIdentity {
},
/// Init of a standalone private account the caller does not own (e.g. a recipient who
/// doesn't yet exist on chain). No `nsk`, no membership proof.
PrivateUnauthorized {
PrivateForeignInit {
vpk: ViewingPublicKey,
random_seed: [u8; 32],
npk: NullifierPublicKey,
@ -125,7 +125,7 @@ impl InputAccountIdentity {
Self::Public
| Self::PrivateAuthorizedInit { .. }
| Self::PrivateAuthorizedUpdate { .. }
| Self::PrivateUnauthorized { .. } => None,
| Self::PrivateForeignInit { .. } => None,
}
}
}

View File

@ -89,7 +89,7 @@ fn prove_privacy_preserving_execution_circuit_public_and_private_pre_accounts()
Program::serialize_instruction(balance_to_move).unwrap(),
vec![
InputAccountIdentity::Public,
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -204,7 +204,7 @@ fn prove_privacy_preserving_execution_circuit_fully_private() {
.expect("sender's commitment must be in the set"),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -271,7 +271,7 @@ fn circuit_fails_when_chained_validity_windows_have_empty_intersection() {
let result = execute_and_prove(
vec![pre],
instruction,
vec![InputAccountIdentity::PrivateUnauthorized {
vec![InputAccountIdentity::PrivateForeignInit {
vpk: account_keys.vpk(),
random_seed: [0; 32],
npk: account_keys.npk(),
@ -455,7 +455,7 @@ fn shared_account_receives_via_simple_transfer() {
instruction,
vec![
InputAccountIdentity::Public,
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: shared_keys.vpk(),
random_seed: [0; 32],
npk: shared_npk,
@ -507,7 +507,7 @@ fn private_authorized_init_encrypts_regular_kind_with_identifier() {
);
}
/// `PrivateUnauthorized` with a non-default identifier produces a ciphertext that decrypts
/// `PrivateForeignInit` with a non-default identifier produces a ciphertext that decrypts
/// to `PrivateAccountKind::Regular` carrying the correct identifier.
#[test]
fn private_unauthorized_init_encrypts_regular_kind_with_identifier() {
@ -526,7 +526,7 @@ fn private_unauthorized_init_encrypts_regular_kind_with_identifier() {
let (output, _) = execute_and_prove(
vec![recipient],
Program::serialize_instruction(()).unwrap(),
vec![InputAccountIdentity::PrivateUnauthorized {
vec![InputAccountIdentity::PrivateForeignInit {
vpk: keys.vpk(),
random_seed: [0; 32],
npk: keys.npk(),

View File

@ -68,7 +68,7 @@ fn circuit_fails_if_invalid_auth_keys_are_provided() {
membership_proof: (0, vec![]),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -117,7 +117,7 @@ fn circuit_should_fail_if_new_private_account_with_non_default_balance_is_provid
membership_proof: (0, vec![]),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -166,7 +166,7 @@ fn circuit_should_fail_if_new_private_account_with_non_default_program_owner_is_
membership_proof: (0, vec![]),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -215,7 +215,7 @@ fn circuit_should_fail_if_new_private_account_with_non_default_data_is_provided(
membership_proof: (0, vec![]),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -264,7 +264,7 @@ fn circuit_should_fail_if_new_private_account_with_non_default_nonce_is_provided
membership_proof: (0, vec![]),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -311,7 +311,7 @@ fn circuit_should_fail_if_new_private_account_is_provided_with_default_values_bu
membership_proof: (0, vec![]),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -782,7 +782,7 @@ fn private_unauthorized_uninitialized_account_can_still_be_claimed() {
let (output, proof) = execute_and_prove(
vec![unauthorized_account],
Program::serialize_instruction(()).unwrap(),
vec![InputAccountIdentity::PrivateUnauthorized {
vec![InputAccountIdentity::PrivateForeignInit {
vpk: private_keys.vpk(),
random_seed: [0; 32],
npk: private_keys.npk(),

View File

@ -278,7 +278,7 @@ fn shielded_balance_transfer_for_tests(
Program::serialize_instruction(balance_to_move).unwrap(),
vec![
InputAccountIdentity::Public,
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),
@ -336,7 +336,7 @@ fn private_balance_transfer_for_tests(
.expect("sender's commitment must be in state"),
identifier: 0,
},
InputAccountIdentity::PrivateUnauthorized {
InputAccountIdentity::PrivateForeignInit {
vpk: recipient_keys.vpk(),
random_seed: [0; 32],
npk: recipient_keys.npk(),

View File

@ -138,7 +138,7 @@ fn validity_window_works_in_privacy_preserving_transactions(
let (output, proof) = crate::privacy_preserving_transaction::circuit::execute_and_prove(
vec![pre],
Program::serialize_instruction(instruction).unwrap(),
vec![InputAccountIdentity::PrivateUnauthorized {
vec![InputAccountIdentity::PrivateForeignInit {
vpk: account_keys.vpk(),
random_seed: [0; 32],
npk: account_keys.npk(),
@ -203,7 +203,7 @@ fn timestamp_validity_window_works_in_privacy_preserving_transactions(
let (output, proof) = crate::privacy_preserving_transaction::circuit::execute_and_prove(
vec![pre],
Program::serialize_instruction(instruction).unwrap(),
vec![InputAccountIdentity::PrivateUnauthorized {
vec![InputAccountIdentity::PrivateForeignInit {
vpk: account_keys.vpk(),
random_seed: [0; 32],
npk: account_keys.npk(),

View File

@ -262,7 +262,7 @@ impl AccountManager {
identifier,
} => {
let acc = lee_core::account::Account::default();
let auth_acc = AccountWithMetadata::new(acc, false, (&npk, &vpk, identifier));
let auth_acc = AccountWithMetadata::new(acc, true, (&npk, &vpk, identifier));
let mut random_seed: [u8; 32] = [0; 32];
OsRng.fill_bytes(&mut random_seed);
let pre = AccountPreparedData {
@ -454,7 +454,7 @@ impl AccountManager {
identifier: pre.identifier,
commitment_root: self.dummy_commitment_root,
},
(None, _) => InputAccountIdentity::PrivateUnauthorized {
(None, _) => InputAccountIdentity::PrivateForeignInit {
vpk: pre.vpk.clone(),
random_seed: pre.random_seed,
npk: pre.npk,