diff --git a/ci_scripts/test-ubuntu.sh b/ci_scripts/test-ubuntu.sh index 5c19b36..78761df 100755 --- a/ci_scripts/test-ubuntu.sh +++ b/ci_scripts/test-ubuntu.sh @@ -9,7 +9,6 @@ RISC0_DEV_MODE=1 cargo test --release cd integration_tests export NSSA_WALLET_HOME_DIR=$(pwd)/configs/debug/wallet/ export RUST_LOG=info -cargo run $(pwd)/configs/debug all echo "Try test valid proof at least once" cargo run $(pwd)/configs/debug test_success_private_transfer_to_another_owned_account echo "Continuing in dev mode" diff --git a/common/Cargo.toml b/common/Cargo.toml index d235246..d0d145f 100644 --- a/common/Cargo.toml +++ b/common/Cargo.toml @@ -19,5 +19,9 @@ hex.workspace = true nssa-core = { path = "../nssa/core", features = ["host"] } borsh.workspace = true +[dependencies.generic-array] +version = "1.3.3" +features = ["zeroize"] + [dependencies.nssa] path = "../nssa" diff --git a/common/src/transaction.rs b/common/src/transaction.rs index 3a2bda1..7790ea0 100644 --- a/common/src/transaction.rs +++ b/common/src/transaction.rs @@ -3,13 +3,10 @@ use k256::ecdsa::{Signature, SigningKey, VerifyingKey}; use log::info; use serde::{Deserialize, Serialize}; -use sha2::{Digest, digest::FixedOutput}; - -use elliptic_curve::{ - consts::{B0, B1}, - generic_array::GenericArray, -}; +use generic_array::GenericArray; +use sha2::digest::typenum::{B0, B1}; use sha2::digest::typenum::{UInt, UTerm}; +use sha2::{Digest, digest::FixedOutput}; #[derive(Debug, Clone, PartialEq, Eq)] pub enum NSSATransaction { diff --git a/integration_tests/src/lib.rs b/integration_tests/src/lib.rs index 1690445..78b7a6b 100644 --- a/integration_tests/src/lib.rs +++ b/integration_tests/src/lib.rs @@ -458,29 +458,11 @@ pub async fn test_success_private_transfer_to_another_owned_account() { amount: 100, }; - let SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash } = - wallet::execute_subcommand(command).await.unwrap() - else { - panic!("invalid subcommand return value"); - }; + wallet::execute_subcommand(command).await.unwrap(); info!("Waiting for next block creation"); tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await; - let command = Command::FetchPrivateAccount { - tx_hash: tx_hash.clone(), - acc_addr: from.to_string(), - output_id: 0, - }; - wallet::execute_subcommand(command).await.unwrap(); - - let command = Command::FetchPrivateAccount { - tx_hash, - acc_addr: to.to_string(), - output_id: 1, - }; - wallet::execute_subcommand(command).await.unwrap(); - let wallet_config = fetch_config().unwrap(); let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config).unwrap(); @@ -519,13 +501,6 @@ pub async fn test_success_private_transfer_to_another_foreign_account() { info!("Waiting for next block creation"); tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await; - let command = Command::FetchPrivateAccount { - tx_hash: tx_hash.clone(), - acc_addr: from.to_string(), - output_id: 0, - }; - wallet::execute_subcommand(command).await.unwrap(); - let wallet_config = fetch_config().unwrap(); let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config).unwrap(); @@ -624,21 +599,11 @@ pub async fn test_success_deshielded_transfer_to_another_account() { let from_acc = wallet_storage.get_account_private(&from).unwrap(); assert_eq!(from_acc.balance, 10000); - let SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash } = - wallet::execute_subcommand(command).await.unwrap() - else { - panic!("invalid subcommand return value"); - }; + wallet::execute_subcommand(command).await.unwrap(); info!("Waiting for next block creation"); tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await; - let command = Command::FetchPrivateAccount { - tx_hash, - acc_addr: from.to_string(), - output_id: 0, - }; - wallet::execute_subcommand(command).await.unwrap(); let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config).unwrap(); let from_acc = wallet_storage.get_account_private(&from).unwrap(); @@ -671,21 +636,12 @@ pub async fn test_success_shielded_transfer_to_another_owned_account() { let wallet_config = fetch_config().unwrap(); let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); - let SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash } = - wallet::execute_subcommand(command).await.unwrap() - else { - panic!("invalid subcommand return value"); - }; + wallet::execute_subcommand(command).await.unwrap(); info!("Waiting for next block creation"); tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await; - let command = Command::FetchPrivateAccount { - tx_hash, - acc_addr: to.to_string(), - output_id: 0, - }; - wallet::execute_subcommand(command).await.unwrap(); + let wallet_config = fetch_config().unwrap(); let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config).unwrap(); let acc_to = wallet_storage.get_account_private(&to).unwrap(); @@ -791,6 +747,122 @@ pub async fn test_pinata() { info!("Success!"); } +pub async fn test_pinata_private_receiver() { + info!("test_pinata_private_receiver"); + let pinata_addr = "cafe".repeat(16); + let pinata_prize = 150; + let solution = 989106; + + let command = Command::ClaimPinataPrivateReceiverOwned { + pinata_addr: pinata_addr.clone(), + winner_addr: ACC_SENDER_PRIVATE.to_string(), + solution, + }; + + let wallet_config = fetch_config().unwrap(); + + let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); + + let pinata_balance_pre = seq_client + .get_account_balance(pinata_addr.clone()) + .await + .unwrap() + .balance; + + let SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash } = + wallet::execute_subcommand(command).await.unwrap() + else { + panic!("invalid subcommand return value"); + }; + + info!("Waiting for next block creation"); + tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await; + + info!("Checking correct balance move"); + let pinata_balance_post = seq_client + .get_account_balance(pinata_addr.clone()) + .await + .unwrap() + .balance; + + let command = Command::FetchPrivateAccount { + tx_hash: tx_hash.clone(), + acc_addr: ACC_SENDER_PRIVATE.to_string(), + output_id: 0, + }; + wallet::execute_subcommand(command).await.unwrap(); + + let wallet_config = fetch_config().unwrap(); + let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); + let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config).unwrap(); + + let new_commitment1 = wallet_storage + .get_private_account_commitment(&ACC_SENDER_PRIVATE.parse().unwrap()) + .unwrap(); + assert!(verify_commitment_is_in_state(new_commitment1, &seq_client).await); + + assert_eq!(pinata_balance_post, pinata_balance_pre - pinata_prize); + + info!("Success!"); +} + +pub async fn test_pinata_private_receiver_new_account() { + info!("test_pinata_private_receiver"); + let pinata_addr = "cafe".repeat(16); + let pinata_prize = 150; + let solution = 989106; + + // Create new account for the token supply holder (private) + let SubcommandReturnValue::RegisterAccount { addr: winner_addr } = + wallet::execute_subcommand(Command::RegisterAccountPrivate {}) + .await + .unwrap() + else { + panic!("invalid subcommand return value"); + }; + + let command = Command::ClaimPinataPrivateReceiverOwned { + pinata_addr: pinata_addr.clone(), + winner_addr: winner_addr.to_string(), + solution, + }; + + let wallet_config = fetch_config().unwrap(); + + let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); + + let pinata_balance_pre = seq_client + .get_account_balance(pinata_addr.clone()) + .await + .unwrap() + .balance; + + wallet::execute_subcommand(command).await.unwrap(); + + info!("Waiting for next block creation"); + tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await; + + info!("Checking correct balance move"); + let pinata_balance_post = seq_client + .get_account_balance(pinata_addr.clone()) + .await + .unwrap() + .balance; + + let wallet_config = fetch_config().unwrap(); + let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap(); + let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config).unwrap(); + + let new_commitment1 = wallet_storage + .get_private_account_commitment(&winner_addr) + .unwrap(); + assert!(verify_commitment_is_in_state(new_commitment1, &seq_client).await); + + assert_eq!(pinata_balance_post, pinata_balance_pre - pinata_prize); + + info!("Success!"); +} + macro_rules! test_cleanup_wrap { ($home_dir:ident, $test_func:ident) => {{ let res = pre_test($home_dir.clone()).await.unwrap(); @@ -871,6 +943,12 @@ pub async fn main_tests_runner() -> Result<()> { "test_pinata" => { test_cleanup_wrap!(home_dir, test_pinata); } + "test_pinata_private_receiver" => { + test_cleanup_wrap!(home_dir, test_pinata_private_receiver); + } + "test_pinata_private_receiver_new_account" => { + test_cleanup_wrap!(home_dir, test_pinata_private_receiver_new_account); + } "all" => { test_cleanup_wrap!(home_dir, test_success_move_to_another_account); test_cleanup_wrap!(home_dir, test_success); @@ -902,6 +980,8 @@ pub async fn main_tests_runner() -> Result<()> { test_success_private_transfer_to_another_owned_account_claiming_path ); test_cleanup_wrap!(home_dir, test_pinata); + test_cleanup_wrap!(home_dir, test_pinata_private_receiver); + test_cleanup_wrap!(home_dir, test_pinata_private_receiver_new_account); } "all_private" => { test_cleanup_wrap!( @@ -928,6 +1008,8 @@ pub async fn main_tests_runner() -> Result<()> { home_dir, test_success_private_transfer_to_another_owned_account_claiming_path ); + test_cleanup_wrap!(home_dir, test_pinata_private_receiver); + test_cleanup_wrap!(home_dir, test_pinata_private_receiver_new_account); } _ => { anyhow::bail!("Unknown test name"); diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index e56aea6..eb68a5c 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -14,7 +14,7 @@ use log::info; use nssa::{Account, Address, program::Program}; use clap::{Parser, Subcommand}; -use nssa_core::Commitment; +use nssa_core::{Commitment, MembershipProof}; use crate::{ helperfunctions::{ @@ -24,13 +24,12 @@ use crate::{ poller::TxPoller, }; -// - pub const HOME_DIR_ENV_VAR: &str = "NSSA_WALLET_HOME_DIR"; pub mod chain_storage; pub mod config; pub mod helperfunctions; +pub mod pinata_interactions; pub mod poller; pub mod token_transfers; @@ -87,24 +86,6 @@ impl WalletCore { .generate_new_privacy_preserving_transaction_key_chain() } - pub async fn claim_pinata( - &self, - pinata_addr: Address, - winner_addr: Address, - solution: u128, - ) -> Result { - let addresses = vec![pinata_addr, winner_addr]; - let program_id = nssa::program::Program::pinata().id(); - let message = - nssa::public_transaction::Message::try_new(program_id, addresses, vec![], solution) - .unwrap(); - - let witness_set = nssa::public_transaction::WitnessSet::for_message(&message, &[]); - let tx = nssa::PublicTransaction::new(message, witness_set); - - Ok(self.sequencer_client.send_tx_public(tx).await?) - } - pub async fn send_new_token_definition( &self, definition_address: Address, @@ -207,6 +188,48 @@ impl WalletCore { Ok(NSSATransaction::try_from(&pub_tx)?) } + + pub async fn check_private_account_initialized( + &self, + addr: &Address, + ) -> Result> { + if let Some(acc_comm) = self.get_private_account_commitment(addr) { + self.sequencer_client + .get_proof_for_commitment(acc_comm) + .await + .map_err(anyhow::Error::from) + } else { + Ok(None) + } + } + + pub fn decode_insert_privacy_preserving_transaction_results( + &mut self, + tx: nssa::privacy_preserving_transaction::PrivacyPreservingTransaction, + acc_decode_data: &[(nssa_core::SharedSecretKey, Address)], + ) -> Result<()> { + for (output_index, (secret, acc_address)) in acc_decode_data.iter().enumerate() { + let acc_ead = tx.message.encrypted_private_post_states[output_index].clone(); + let acc_comm = tx.message.new_commitments[output_index].clone(); + + let res_acc = nssa_core::EncryptionScheme::decrypt( + &acc_ead.ciphertext, + secret, + &acc_comm, + output_index as u32, + ) + .unwrap(); + + println!("Received new acc {res_acc:#?}"); + + self.storage + .insert_private_account_data(*acc_address, res_acc); + } + + println!("Transaction data is {:?}", tx.message); + + Ok(()) + } } ///Represents CLI command for a wallet @@ -380,6 +403,19 @@ pub enum Command { // Check the wallet can connect to the node and builtin local programs // match the remote versions CheckHealth {}, + // TODO: Testnet only. Refactor to prevent compilation on mainnet. + // Claim piƱata prize + ClaimPinataPrivateReceiverOwned { + ///pinata_addr - valid 32 byte hex string + #[arg(long)] + pinata_addr: String, + ///winner_addr - valid 32 byte hex string + #[arg(long)] + winner_addr: String, + ///solution - solution to pinata challenge + #[arg(long)] + solution: u128, + }, } ///To execute commands, env var NSSA_WALLET_HOME_DIR must be set into directory with config @@ -440,39 +476,10 @@ pub async fn execute_subcommand(command: Command) -> Result Result Result Result Result Result Result { + let pinata_addr = pinata_addr.parse().unwrap(); + let winner_addr = winner_addr.parse().unwrap(); + + let winner_initialization = wallet_core + .check_private_account_initialized(&winner_addr) + .await?; + + let (res, [secret_winner]) = if let Some(winner_proof) = winner_initialization { + wallet_core + .claim_pinata_private_owned_account_already_initialized( + pinata_addr, + winner_addr, + solution, + winner_proof, + ) + .await? + } else { + wallet_core + .claim_pinata_private_owned_account_not_initialized( + pinata_addr, + winner_addr, + solution, + ) + .await? + }; + + info!("Results of tx send is {res:#?}"); + + let tx_hash = res.tx_hash; + let transfer_tx = wallet_core + .poll_native_token_transfer(tx_hash.clone()) + .await?; + + if let NSSATransaction::PrivacyPreserving(tx) = transfer_tx { + let acc_decode_data = vec![(secret_winner, winner_addr)]; + + wallet_core + .decode_insert_privacy_preserving_transaction_results(tx, &acc_decode_data)?; + } + + let path = wallet_core.store_persistent_accounts()?; + + println!("Stored persistent accounts at {path:#?}"); + + SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash } + } }; Ok(subcommand_ret) diff --git a/wallet/src/pinata_interactions.rs b/wallet/src/pinata_interactions.rs new file mode 100644 index 0000000..4506161 --- /dev/null +++ b/wallet/src/pinata_interactions.rs @@ -0,0 +1,168 @@ +use common::{ExecutionFailureKind, sequencer_client::json::SendTxResponse}; +use key_protocol::key_management::ephemeral_key_holder::EphemeralKeyHolder; +use nssa::{Address, privacy_preserving_transaction::circuit}; +use nssa_core::{MembershipProof, SharedSecretKey, account::AccountWithMetadata}; + +use crate::{WalletCore, helperfunctions::produce_random_nonces}; + +impl WalletCore { + pub async fn claim_pinata( + &self, + pinata_addr: Address, + winner_addr: Address, + solution: u128, + ) -> Result { + let addresses = vec![pinata_addr, winner_addr]; + let program_id = nssa::program::Program::pinata().id(); + let message = + nssa::public_transaction::Message::try_new(program_id, addresses, vec![], solution) + .unwrap(); + + let witness_set = nssa::public_transaction::WitnessSet::for_message(&message, &[]); + let tx = nssa::PublicTransaction::new(message, witness_set); + + Ok(self.sequencer_client.send_tx_public(tx).await?) + } + + pub async fn claim_pinata_private_owned_account_already_initialized( + &self, + pinata_addr: Address, + winner_addr: Address, + solution: u128, + winner_proof: MembershipProof, + ) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> { + let Some((winner_keys, winner_acc)) = self + .storage + .user_data + .get_private_account(&winner_addr) + .cloned() + else { + return Err(ExecutionFailureKind::KeyNotFoundError); + }; + + let pinata_acc = self.get_account_public(pinata_addr).await.unwrap(); + + let winner_npk = winner_keys.nullifer_public_key; + let winner_ipk = winner_keys.incoming_viewing_public_key; + + let program = nssa::program::Program::pinata(); + + let pinata_pre = AccountWithMetadata::new(pinata_acc.clone(), false, pinata_addr); + let winner_pre = AccountWithMetadata::new(winner_acc.clone(), true, &winner_npk); + + let eph_holder_winner = EphemeralKeyHolder::new(&winner_npk); + let shared_secret_winner = eph_holder_winner.calculate_shared_secret_sender(&winner_ipk); + + let (output, proof) = circuit::execute_and_prove( + &[pinata_pre, winner_pre], + &nssa::program::Program::serialize_instruction(solution).unwrap(), + &[0, 1], + &produce_random_nonces(1), + &[(winner_npk.clone(), shared_secret_winner.clone())], + &[( + winner_keys.private_key_holder.nullifier_secret_key, + winner_proof, + )], + &program, + ) + .unwrap(); + + let message = + nssa::privacy_preserving_transaction::message::Message::try_from_circuit_output( + vec![pinata_addr], + vec![], + vec![( + winner_npk.clone(), + winner_ipk.clone(), + eph_holder_winner.generate_ephemeral_public_key(), + )], + output, + ) + .unwrap(); + + let witness_set = + nssa::privacy_preserving_transaction::witness_set::WitnessSet::for_message( + &message, + proof, + &[], + ); + let tx = nssa::privacy_preserving_transaction::PrivacyPreservingTransaction::new( + message, + witness_set, + ); + + Ok(( + self.sequencer_client.send_tx_private(tx).await?, + [shared_secret_winner], + )) + } + + pub async fn claim_pinata_private_owned_account_not_initialized( + &self, + pinata_addr: Address, + winner_addr: Address, + solution: u128, + ) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> { + let Some((winner_keys, winner_acc)) = self + .storage + .user_data + .get_private_account(&winner_addr) + .cloned() + else { + return Err(ExecutionFailureKind::KeyNotFoundError); + }; + + let pinata_acc = self.get_account_public(pinata_addr).await.unwrap(); + + let winner_npk = winner_keys.nullifer_public_key; + let winner_ipk = winner_keys.incoming_viewing_public_key; + + let program = nssa::program::Program::pinata(); + + let pinata_pre = AccountWithMetadata::new(pinata_acc.clone(), false, pinata_addr); + let winner_pre = AccountWithMetadata::new(winner_acc.clone(), false, &winner_npk); + + let eph_holder_winner = EphemeralKeyHolder::new(&winner_npk); + let shared_secret_winner = eph_holder_winner.calculate_shared_secret_sender(&winner_ipk); + + let (output, proof) = circuit::execute_and_prove( + &[pinata_pre, winner_pre], + &nssa::program::Program::serialize_instruction(solution).unwrap(), + &[0, 2], + &produce_random_nonces(1), + &[(winner_npk.clone(), shared_secret_winner.clone())], + &[], + &program, + ) + .unwrap(); + + let message = + nssa::privacy_preserving_transaction::message::Message::try_from_circuit_output( + vec![pinata_addr], + vec![], + vec![( + winner_npk.clone(), + winner_ipk.clone(), + eph_holder_winner.generate_ephemeral_public_key(), + )], + output, + ) + .unwrap(); + + let witness_set = + nssa::privacy_preserving_transaction::witness_set::WitnessSet::for_message( + &message, + proof, + &[], + ); + let tx = nssa::privacy_preserving_transaction::PrivacyPreservingTransaction::new( + message, + witness_set, + ); + + Ok(( + self.sequencer_client.send_tx_private(tx).await?, + [shared_secret_winner], + )) + } +}