logos-blockchain/lssa
1
0
Fork 0
mirror of https://github.com/logos-blockchain/lssa.git synced 2026-01-02 13:23:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #120 from vacp2p/schouhy/add-check-for-repeated-account-ids-in-circuit

Browse Source 
Fix repeated ids inflation bug
This commit is contained in:
Sergio Chouhy 2025-10-07 11:43:29 -03:00 committed by GitHub
commit 1645dacd1f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 77 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nssa/core/src/account.rs
View File

@ -14,16 +14,6 @@ pub struct Account {
pub nonce: Nonce,
}
// /// A fingerprint of the owner of an account. This can be, for example, an `Address` in case the account
// /// is public, or a `NullifierPublicKey` in case the account is private.
// #[derive(Serialize, Deserialize, Clone, PartialEq, Eq)]
// #[cfg_attr(any(feature = "host", test), derive(Debug))]
// pub struct AccountId(pub(super) [u8; 32]);
// impl AccountId {
// pub fn new(value: [u8; 32]) -> Self {
// Self(value)
// }
// }
pub type AccountId = Address;
#[derive(Serialize, Deserialize, Clone)]

18
nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
View File

@ -1,3 +1,5 @@
use std::collections::HashSet;
use risc0_zkvm::{guest::env, serde::to_vec};
use nssa_core::{
@ -30,6 +32,11 @@ fn main() {
post_states,
} = program_output;
// Check that there are no repeated account ids
if !validate_uniqueness_of_account_ids(&pre_states) {
panic!("Repeated account ids found")
}
// Check that the program is well behaved.
// See the # Programs section for the definition of the `validate_execution` method.
if !validate_execution(&pre_states, &post_states, program_id) {
@ -161,3 +168,14 @@ fn main() {
env::commit(&output);
}
fn validate_uniqueness_of_account_ids(pre_states: &[AccountWithMetadata]) -> bool {
let number_of_accounts = pre_states.len();
let number_of_account_ids = pre_states
.iter()
.map(|account| account.account_id.clone())
.collect::<HashSet<_>>()
.len();
number_of_accounts == number_of_account_ids
}

82
nssa/src/state.rs
View File

@ -1398,10 +1398,10 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
// Setting only one nonce for an execution with two private accounts.
let private_account_nonces = [0xdeadbeef1];
@ -1438,7 +1438,7 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
@ -1473,10 +1473,10 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
// Setting no auth key for an execution with one non default private accounts.
let private_account_auth = [];
@ -1514,10 +1514,10 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
let private_account_keys = [
// First private account is the sender
@ -1562,7 +1562,7 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 = AccountWithMetadata::new(
Account {
@ -1571,7 +1571,7 @@ pub mod tests {
..Account::default()
},
false,
AccountId::new([1; 32]),
&recipient_keys.npk(),
);
let result = execute_and_prove(
@ -1609,7 +1609,7 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 = AccountWithMetadata::new(
Account {
@ -1618,7 +1618,7 @@ pub mod tests {
..Account::default()
},
false,
AccountId::new([1; 32]),
&recipient_keys.npk(),
);
let result = execute_and_prove(
@ -1655,7 +1655,7 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 = AccountWithMetadata::new(
Account {
@ -1664,7 +1664,7 @@ pub mod tests {
..Account::default()
},
false,
AccountId::new([1; 32]),
&recipient_keys.npk(),
);
let result = execute_and_prove(
@ -1701,7 +1701,7 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 = AccountWithMetadata::new(
Account {
@ -1710,7 +1710,7 @@ pub mod tests {
..Account::default()
},
false,
AccountId::new([1; 32]),
&recipient_keys.npk(),
);
let result = execute_and_prove(
@ -1748,13 +1748,13 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 = AccountWithMetadata::new(
Account::default(),
// This should be set to false in normal circumstances
true,
AccountId::new([1; 32]),
&recipient_keys.npk(),
);
let result = execute_and_prove(
@ -1820,10 +1820,10 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
// Setting three new private account nonces for a circuit execution with only two private
// accounts.
@ -1862,10 +1862,10 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
// Setting three private account keys for a circuit execution with only two private
// accounts.
@ -1908,10 +1908,10 @@ pub mod tests {
..Account::default()
},
true,
AccountId::new([0; 32]),
&sender_keys.npk(),
);
let private_account_2 =
AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
// Setting two private account keys for a circuit execution with only one non default
// private account (visibility mask equal to 1 means that auth keys are expected).
@ -1941,4 +1941,40 @@ pub mod tests {
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
}
#[test]
fn test_circuit_should_fail_if_there_are_repeated_ids() {
let program = Program::simple_balance_transfer();
let sender_keys = test_private_account_keys_1();
let private_account_1 = AccountWithMetadata::new(
Account {
program_owner: program.id(),
balance: 100,
..Account::default()
},
true,
&sender_keys.npk(),
);
let visibility_mask = [1, 1];
let private_account_auth = [
(sender_keys.nsk, (1, vec![])),
(sender_keys.nsk, (1, vec![])),
];
let shared_secret = SharedSecretKey::new(&[55; 32], &sender_keys.ivk());
let result = execute_and_prove(
&[private_account_1.clone(), private_account_1],
&Program::serialize_instruction(100u128).unwrap(),
&visibility_mask,
&[0xdeadbeef1, 0xdeadbeef2],
&[
(sender_keys.npk(), shared_secret.clone()),
(sender_keys.npk(), shared_secret),
],
&private_account_auth,
&program,
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
}
}