From 9141fbf06c9c43ade5d368888357ec9d50aaadf1 Mon Sep 17 00:00:00 2001
From: Sergio Chouhy <sergio.chouhy@gmail.com>
Date: Fri, 3 Oct 2025 01:30:40 -0300
Subject: [PATCH] use random nonces for private accounts in wallet

---
 wallet/Cargo.toml                        |  1 +
 wallet/src/helperfunctions.rs            | 11 +++++++++++
 wallet/src/token_transfers/deshielded.rs |  4 ++--
 wallet/src/token_transfers/private.rs    |  6 +++---
 wallet/src/token_transfers/shielded.rs   |  6 +++---
 5 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/wallet/Cargo.toml b/wallet/Cargo.toml
index 5884ffa..1bbd79e 100644
--- a/wallet/Cargo.toml
+++ b/wallet/Cargo.toml
@@ -17,6 +17,7 @@ base64.workspace = true
 k256 = { version = "0.13.3" }
 bytemuck = "1.23.2"
 hex.workspace = true
+rand.workspace = true
 
 [dependencies.key_protocol]
 path = "../key_protocol"
diff --git a/wallet/src/helperfunctions.rs b/wallet/src/helperfunctions.rs
index b46fe19..ff0ccf9 100644
--- a/wallet/src/helperfunctions.rs
+++ b/wallet/src/helperfunctions.rs
@@ -1,4 +1,6 @@
 use base64::{Engine, engine::general_purpose::STANDARD as BASE64};
+use nssa_core::account::Nonce;
+use rand::{RngCore, rngs::OsRng};
 use std::{fs::File, io::BufReader, path::PathBuf, str::FromStr};
 
 use anyhow::Result;
@@ -82,6 +84,15 @@ pub fn produce_data_for_storage(user_data: &NSSAUserData) -> Vec<PersistentAccou
     vec_for_storage
 }
 
+pub(crate) fn produce_random_nonces(size: usize) -> Vec<Nonce> {
+    let mut result = vec![[0; 16]; size];
+    result.iter_mut().for_each(|bytes| OsRng.fill_bytes(bytes));
+    result
+        .into_iter()
+        .map(Nonce::from_le_bytes)
+        .collect()
+}
+
 /// Human-readable representation of an account.
 #[derive(Serialize)]
 pub(crate) struct HumanReadableAccount {
diff --git a/wallet/src/token_transfers/deshielded.rs b/wallet/src/token_transfers/deshielded.rs
index 094afe7..f01b8f5 100644
--- a/wallet/src/token_transfers/deshielded.rs
+++ b/wallet/src/token_transfers/deshielded.rs
@@ -4,7 +4,7 @@ use key_protocol::key_management::ephemeral_key_holder::EphemeralKeyHolder;
 use nssa::Address;
 use nssa_core::{SharedSecretKey, encryption::EphemeralPublicKey};
 
-use crate::WalletCore;
+use crate::{helperfunctions::produce_random_nonces, WalletCore};
 
 impl WalletCore {
     pub async fn send_deshielded_native_token_transfer(
@@ -46,7 +46,7 @@ impl WalletCore {
                 &[sender_pre, recipient_pre],
                 &nssa::program::Program::serialize_instruction(balance_to_move).unwrap(),
                 &[1, 0],
-                &[from_acc.nonce + 1],
+                &produce_random_nonces(1),
                 &[(npk_from.clone(), shared_secret.clone())],
                 &[(
                     from_keys.private_key_holder.nullifier_secret_key,
diff --git a/wallet/src/token_transfers/private.rs b/wallet/src/token_transfers/private.rs
index 4120571..c46ea85 100644
--- a/wallet/src/token_transfers/private.rs
+++ b/wallet/src/token_transfers/private.rs
@@ -2,7 +2,7 @@ use common::{ExecutionFailureKind, sequencer_client::json::SendTxResponse};
 use key_protocol::key_management::ephemeral_key_holder::EphemeralKeyHolder;
 use nssa::Address;
 
-use crate::WalletCore;
+use crate::{WalletCore, helperfunctions::produce_random_nonces};
 
 impl WalletCore {
     pub async fn send_private_native_token_transfer_outer_account(
@@ -43,7 +43,7 @@ impl WalletCore {
                 &[sender_pre, recipient_pre],
                 &nssa::program::Program::serialize_instruction(balance_to_move).unwrap(),
                 &[1, 2],
-                &[from_acc.nonce + 1, to_acc.nonce + 1],
+                &produce_random_nonces(2),
                 &[
                     (from_npk.clone(), shared_secret_from.clone()),
                     (to_npk.clone(), shared_secret_to.clone()),
@@ -144,7 +144,7 @@ impl WalletCore {
                 &[sender_pre, recipient_pre],
                 &nssa::program::Program::serialize_instruction(balance_to_move).unwrap(),
                 &[1, 1],
-                &[from_acc.nonce + 1, to_acc.nonce + 1],
+                &produce_random_nonces(2),
                 &[
                     (from_npk.clone(), shared_secret_from.clone()),
                     (to_npk.clone(), shared_secret_to.clone()),
diff --git a/wallet/src/token_transfers/shielded.rs b/wallet/src/token_transfers/shielded.rs
index 5f8dd75..a81af1e 100644
--- a/wallet/src/token_transfers/shielded.rs
+++ b/wallet/src/token_transfers/shielded.rs
@@ -4,7 +4,7 @@ use key_protocol::key_management::ephemeral_key_holder::{
 };
 use nssa::Address;
 
-use crate::WalletCore;
+use crate::{WalletCore, helperfunctions::produce_random_nonces};
 
 impl WalletCore {
     pub async fn send_shielded_native_token_transfer(
@@ -49,7 +49,7 @@ impl WalletCore {
                 &[sender_pre, recipient_pre],
                 &nssa::program::Program::serialize_instruction(balance_to_move).unwrap(),
                 &[0, 1],
-                &[to_acc.nonce + 1],
+                &produce_random_nonces(1),
                 &[(to_npk.clone(), shared_secret.clone())],
                 &[(
                     to_keys.private_key_holder.nullifier_secret_key,
@@ -138,7 +138,7 @@ impl WalletCore {
                 &[sender_pre, recipient_pre],
                 &nssa::program::Program::serialize_instruction(balance_to_move).unwrap(),
                 &[0, 2],
-                &[to_acc.nonce + 1],
+                &produce_random_nonces(1),
                 &[(to_npk.clone(), shared_secret.clone())],
                 &[],
                 &program,