logos-blockchain/lssa
1
0
Fork 0
mirror of https://github.com/logos-blockchain/lssa.git synced 2026-01-02 13:23:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into marvin/nfts

Browse Source
This commit is contained in:
jonesmarvin8 2025-12-12 16:35:23 -05:00
commit e76800e283
42 changed files with 3138 additions and 2088 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
integration_tests/data_changer.bin Normal file
View File

Binary file not shown.

BIN
integration_tests/src/data_changer.bin
View File

Binary file not shown.

2
integration_tests/src/lib.rs
View File

@ -42,7 +42,7 @@ pub const ACC_RECEIVER_PRIVATE: &str = "AKTcXgJ1xoynta1Ec7y6Jso1z1JQtHqd7aPQ1h9e
pub const TIME_TO_WAIT_FOR_BLOCK_SECONDS: u64 = 12;
pub const NSSA_PROGRAM_FOR_TEST_DATA_CHANGER: &[u8] = include_bytes!("data_changer.bin");
pub const NSSA_PROGRAM_FOR_TEST_DATA_CHANGER: &str = "data_changer.bin";
fn make_public_account_input_from_str(account_id: &str) -> String {
format!("Public/{account_id}")

499
integration_tests/src/test_suite_map.rs
View File

@ -2,6 +2,7 @@ use std::{
collections::HashMap,
path::PathBuf,
pin::Pin,
str::FromStr,
time::{Duration, Instant},
};
@ -10,7 +11,7 @@ use anyhow::Result;
use common::{PINATA_BASE58, sequencer_client::SequencerClient};
use key_protocol::key_management::key_tree::chain_index::ChainIndex;
use log::info;
use nssa::{AccountId, ProgramDeploymentTransaction, program::Program};
use nssa::{AccountId, program::Program};
use nssa_core::{NullifierPublicKey, encryption::shared_key_derivation::Secp256k1Point};
use sequencer_runner::startup_sequencer;
use tempfile::TempDir;
@ -86,9 +87,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
#[nssa_integration_test]
pub async fn test_success_move_to_another_account() {
info!("########## test_success_move_to_another_account ##########");
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public {
cci: ChainIndex::root(),
}));
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public { cci: None }));
let wallet_config = fetch_config().await.unwrap();
@ -292,9 +291,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -305,9 +302,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -318,9 +313,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: recipient_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -444,20 +437,18 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
}
/// This test creates a new private token using the token program. After creating the token, the
/// test executes a private token transfer to a new account. All accounts are owned except
/// definition.
/// test executes a private token transfer to a new account. All accounts are private owned
/// except definition which is public.
#[nssa_integration_test]
pub async fn test_success_token_program_private_owned() {
info!("########## test_success_token_program_private_owned ##########");
pub async fn test_success_token_program_private_owned_supply() {
info!("########## test_success_token_program_private_owned_supply ##########");
let wallet_config = fetch_config().await.unwrap();
// Create new account for the token definition (public)
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -468,9 +459,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
},
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
@ -481,9 +470,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: recipient_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
},
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
@ -605,19 +592,104 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
assert!(verify_commitment_is_in_state(new_commitment2, &seq_client).await);
}
/// This test creates a new private token using the token program. After creating the token, the
/// test executes a private token transfer to a new account.
/// This test creates a new private token using the token program. All accounts are private
/// owned except supply which is public.
#[nssa_integration_test]
pub async fn test_success_token_program_private_claiming_path() {
info!("########## test_success_token_program_private_claiming_path ##########");
pub async fn test_success_token_program_private_owned_definition() {
info!("########## test_success_token_program_private_owned_definition ##########");
let wallet_config = fetch_config().await.unwrap();
// Create new account for the token definition (public)
// Create new account for the token definition (private)
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: Some(ChainIndex::root()),
},
)))
.await
.unwrap()
else {
panic!("invalid subcommand return value");
};
// Create new account for the token supply holder (public)
let SubcommandReturnValue::RegisterAccount {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
cci: Some(ChainIndex::root()),
},
)))
.await
.unwrap()
else {
panic!("invalid subcommand return value");
};
// Create new token
let subcommand = TokenProgramAgnosticSubcommand::New {
definition_account_id: make_private_account_input_from_str(
&definition_account_id.to_string(),
),
supply_account_id: make_public_account_input_from_str(&supply_account_id.to_string()),
name: "A NAME".to_string(),
total_supply: 37,
};
wallet::cli::execute_subcommand(Command::Token(subcommand))
.await
.unwrap();
info!("Waiting for next block creation");
tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await;
let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap();
let wallet_config = fetch_config().await.unwrap();
let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config)
.await
.unwrap();
let new_commitment1 = wallet_storage
.get_private_account_commitment(&definition_account_id)
.unwrap();
assert!(verify_commitment_is_in_state(new_commitment1, &seq_client).await);
// Check the status of the token definition account is the expected after the execution
let supply_acc = seq_client
.get_account(supply_account_id.to_string())
.await
.unwrap()
.account;
assert_eq!(supply_acc.program_owner, Program::token().id());
// The data of a token definition account has the following layout:
// [ 0x00 || name (6 bytes) || total supply (little endian 16 bytes) ]
assert_eq!(
supply_acc.data.as_ref(),
&[
1, 128, 101, 5, 31, 43, 36, 97, 108, 164, 92, 25, 157, 173, 5, 14, 194, 121, 239,
84, 19, 160, 243, 47, 193, 2, 250, 247, 232, 253, 191, 232, 173, 37, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0
]
);
}
/// This test creates a new private token using the token program. All accounts are private
/// owned.
#[nssa_integration_test]
pub async fn test_success_token_program_private_owned_definition_and_supply() {
info!(
"########## test_success_token_program_private_owned_definition_and_supply ##########"
);
let wallet_config = fetch_config().await.unwrap();
// Create new account for the token definition (private)
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: Some(ChainIndex::root()),
},
)))
.await
@ -630,7 +702,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
cci: Some(ChainIndex::root()),
},
)))
.await
@ -638,13 +710,105 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
else {
panic!("invalid subcommand return value");
};
// Create new token
let subcommand = TokenProgramAgnosticSubcommand::New {
definition_account_id: make_private_account_input_from_str(
&definition_account_id.to_string(),
),
supply_account_id: make_private_account_input_from_str(&supply_account_id.to_string()),
name: "A NAME".to_string(),
total_supply: 37,
};
wallet::cli::execute_subcommand(Command::Token(subcommand))
.await
.unwrap();
info!("Waiting for next block creation");
tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await;
let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap();
let wallet_config = fetch_config().await.unwrap();
let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config)
.await
.unwrap();
let new_commitment1 = wallet_storage
.get_private_account_commitment(&definition_account_id)
.unwrap();
assert!(verify_commitment_is_in_state(new_commitment1, &seq_client).await);
let new_commitment2 = wallet_storage
.get_private_account_commitment(&supply_account_id)
.unwrap();
assert!(verify_commitment_is_in_state(new_commitment2, &seq_client).await);
let definition_acc = wallet_storage
.get_account_private(&definition_account_id)
.unwrap();
let supply_acc = wallet_storage
.get_account_private(&supply_account_id)
.unwrap();
assert_eq!(definition_acc.program_owner, Program::token().id());
// The data of a token definition account has the following layout:
// [ 0x00 || name (6 bytes) || total supply (little endian 16 bytes) ]
assert_eq!(
definition_acc.data.as_ref(),
&[
0, 65, 32, 78, 65, 77, 69, 37, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
]
);
assert_eq!(supply_acc.program_owner, Program::token().id());
// The data of a token definition account has the following layout:
// [ 0x00 || name (6 bytes) || total supply (little endian 16 bytes) ]
assert_eq!(
supply_acc.data.as_ref(),
&[
1, 128, 101, 5, 31, 43, 36, 97, 108, 164, 92, 25, 157, 173, 5, 14, 194, 121, 239,
84, 19, 160, 243, 47, 193, 2, 250, 247, 232, 253, 191, 232, 173, 37, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0
]
);
}
/// This test creates a new private token using the token program. After creating the token, the
/// test executes a private token transfer to a new account.
#[nssa_integration_test]
pub async fn test_success_token_program_private_claiming_path() {
info!("########## test_success_token_program_private_claiming_path ##########");
let wallet_config = fetch_config().await.unwrap();
// Create new account for the token definition (public)
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
else {
panic!("invalid subcommand return value");
};
// Create new account for the token supply holder (private)
let SubcommandReturnValue::RegisterAccount {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
else {
panic!("invalid subcommand return value");
};
// Create new account for receiving a token transaction
let SubcommandReturnValue::RegisterAccount {
account_id: recipient_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
},
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
@ -758,9 +922,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -771,9 +933,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -784,9 +944,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: recipient_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
},
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
@ -900,9 +1058,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: definition_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -913,9 +1069,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: supply_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
},
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
@ -926,9 +1080,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: recipient_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Public {
cci: ChainIndex::root(),
},
NewSubcommand::Public { cci: None },
)))
.await
.unwrap()
@ -1129,9 +1281,8 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
);
let from: AccountId = ACC_SENDER_PRIVATE.parse().unwrap();
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private {
cci: ChainIndex::root(),
}));
let command =
Command::Account(AccountSubcommand::New(NewSubcommand::Private { cci: None }));
let sub_ret = wallet::cli::execute_subcommand(command).await.unwrap();
let SubcommandReturnValue::RegisterAccount {
@ -1444,15 +1595,18 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
#[nssa_integration_test]
pub async fn test_program_deployment() {
info!("########## test program deployment ##########");
let bytecode = NSSA_PROGRAM_FOR_TEST_DATA_CHANGER.to_vec();
let message = nssa::program_deployment_transaction::Message::new(bytecode.clone());
let transaction = ProgramDeploymentTransaction::new(message);
let binary_filepath: PathBuf = NSSA_PROGRAM_FOR_TEST_DATA_CHANGER.parse().unwrap();
let command = Command::DeployProgram {
binary_filepath: binary_filepath.clone(),
};
wallet::cli::execute_subcommand(command).await.unwrap();
let wallet_config = fetch_config().await.unwrap();
let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap();
let _response = seq_client.send_tx_program(transaction).await.unwrap();
info!("Waiting for next block creation");
tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await;
@ -1460,6 +1614,8 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
// We pass an uninitialized account and we expect after execution to be owned by the data
// changer program (NSSA account claiming mechanism) with data equal to [0] (due to program
// logic)
//
let bytecode = std::fs::read(binary_filepath).unwrap();
let data_changer = Program::new(bytecode).unwrap();
let account_id: AccountId = "11".repeat(16).parse().unwrap();
let message = nssa::public_transaction::Message::try_new(
@ -1492,9 +1648,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
#[nssa_integration_test]
pub async fn test_authenticated_transfer_initialize_function() {
info!("########## test initialize account for authenticated transfer ##########");
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public {
cci: ChainIndex::root(),
}));
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public { cci: None }));
let SubcommandReturnValue::RegisterAccount { account_id } =
wallet::cli::execute_subcommand(command).await.unwrap()
else {
@ -1592,9 +1746,7 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
let SubcommandReturnValue::RegisterAccount {
account_id: winner_account_id,
} = wallet::cli::execute_subcommand(Command::Account(AccountSubcommand::New(
NewSubcommand::Private {
cci: ChainIndex::root(),
},
NewSubcommand::Private { cci: None },
)))
.await
.unwrap()
@ -1672,6 +1824,217 @@ pub fn prepare_function_map() -> HashMap<String, TestFunction> {
info!("Success!");
}
#[nssa_integration_test]
pub async fn test_keys_restoration() {
info!("########## test_keys_restoration ##########");
let from: AccountId = ACC_SENDER_PRIVATE.parse().unwrap();
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private {
cci: Some(ChainIndex::root()),
}));
let sub_ret = wallet::cli::execute_subcommand(command).await.unwrap();
let SubcommandReturnValue::RegisterAccount {
account_id: to_account_id1,
} = sub_ret
else {
panic!("FAILED TO REGISTER ACCOUNT");
};
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private {
cci: Some(ChainIndex::from_str("/0").unwrap()),
}));
let sub_ret = wallet::cli::execute_subcommand(command).await.unwrap();
let SubcommandReturnValue::RegisterAccount {
account_id: to_account_id2,
} = sub_ret
else {
panic!("FAILED TO REGISTER ACCOUNT");
};
let command = Command::AuthTransfer(AuthTransferSubcommand::Send {
from: make_private_account_input_from_str(&from.to_string()),
to: Some(make_private_account_input_from_str(
&to_account_id1.to_string(),
)),
to_npk: None,
to_ipk: None,
amount: 100,
});
wallet::cli::execute_subcommand(command).await.unwrap();
let command = Command::AuthTransfer(AuthTransferSubcommand::Send {
from: make_private_account_input_from_str(&from.to_string()),
to: Some(make_private_account_input_from_str(
&to_account_id2.to_string(),
)),
to_npk: None,
to_ipk: None,
amount: 101,
});
wallet::cli::execute_subcommand(command).await.unwrap();
let from: AccountId = ACC_SENDER.parse().unwrap();
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public {
cci: Some(ChainIndex::root()),
}));
let sub_ret = wallet::cli::execute_subcommand(command).await.unwrap();
let SubcommandReturnValue::RegisterAccount {
account_id: to_account_id3,
} = sub_ret
else {
panic!("FAILED TO REGISTER ACCOUNT");
};
let command = Command::Account(AccountSubcommand::New(NewSubcommand::Public {
cci: Some(ChainIndex::from_str("/0").unwrap()),
}));
let sub_ret = wallet::cli::execute_subcommand(command).await.unwrap();
let SubcommandReturnValue::RegisterAccount {
account_id: to_account_id4,
} = sub_ret
else {
panic!("FAILED TO REGISTER ACCOUNT");
};
let command = Command::AuthTransfer(AuthTransferSubcommand::Send {
from: make_public_account_input_from_str(&from.to_string()),
to: Some(make_public_account_input_from_str(
&to_account_id3.to_string(),
)),
to_npk: None,
to_ipk: None,
amount: 102,
});
wallet::cli::execute_subcommand(command).await.unwrap();
let command = Command::AuthTransfer(AuthTransferSubcommand::Send {
from: make_public_account_input_from_str(&from.to_string()),
to: Some(make_public_account_input_from_str(
&to_account_id4.to_string(),
)),
to_npk: None,
to_ipk: None,
amount: 103,
});
wallet::cli::execute_subcommand(command).await.unwrap();
info!("########## PREPARATION END ##########");
wallet::cli::execute_keys_restoration("test_pass".to_string(), 10)
.await
.unwrap();
let wallet_config = fetch_config().await.unwrap();
let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config.clone())
.await
.unwrap();
let acc1 = wallet_storage
.storage
.user_data
.private_key_tree
.get_node(to_account_id1)
.expect("Acc 1 should be restored");
let acc2 = wallet_storage
.storage
.user_data
.private_key_tree
.get_node(to_account_id2)
.expect("Acc 2 should be restored");
let _ = wallet_storage
.storage
.user_data
.public_key_tree
.get_node(to_account_id3)
.expect("Acc 3 should be restored");
let _ = wallet_storage
.storage
.user_data
.public_key_tree
.get_node(to_account_id4)
.expect("Acc 4 should be restored");
assert_eq!(
acc1.value.1.program_owner,
Program::authenticated_transfer_program().id()
);
assert_eq!(
acc2.value.1.program_owner,
Program::authenticated_transfer_program().id()
);
assert_eq!(acc1.value.1.balance, 100);
assert_eq!(acc2.value.1.balance, 101);
info!("########## TREE CHECKS END ##########");
let command = Command::AuthTransfer(AuthTransferSubcommand::Send {
from: make_private_account_input_from_str(&to_account_id1.to_string()),
to: Some(make_private_account_input_from_str(
&to_account_id2.to_string(),
)),
to_npk: None,
to_ipk: None,
amount: 10,
});
wallet::cli::execute_subcommand(command).await.unwrap();
let command = Command::AuthTransfer(AuthTransferSubcommand::Send {
from: make_public_account_input_from_str(&to_account_id3.to_string()),
to: Some(make_public_account_input_from_str(
&to_account_id4.to_string(),
)),
to_npk: None,
to_ipk: None,
amount: 11,
});
wallet::cli::execute_subcommand(command).await.unwrap();
let wallet_config = fetch_config().await.unwrap();
let seq_client = SequencerClient::new(wallet_config.sequencer_addr.clone()).unwrap();
let wallet_storage = WalletCore::start_from_config_update_chain(wallet_config.clone())
.await
.unwrap();
let comm1 = wallet_storage
.get_private_account_commitment(&to_account_id1)
.expect("Acc 1 commitment should exist");
let comm2 = wallet_storage
.get_private_account_commitment(&to_account_id2)
.expect("Acc 2 commitment should exist");
assert!(verify_commitment_is_in_state(comm1, &seq_client).await);
assert!(verify_commitment_is_in_state(comm2, &seq_client).await);
let acc3 = seq_client
.get_account_balance(to_account_id3.to_string())
.await
.expect("Acc 3 must be present in public state");
let acc4 = seq_client
.get_account_balance(to_account_id4.to_string())
.await
.expect("Acc 4 must be present in public state");
assert_eq!(acc3.balance, 91);
assert_eq!(acc4.balance, 114);
info!("Success!");
}
println!("{function_map:#?}");
function_map

2
integration_tests/src/tps_test_utils.rs
View File

@ -168,7 +168,7 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction {
(recipient_npk.clone(), recipient_ss),
],
&[(sender_nsk, proof)],
&program,
&program.into(),
)
.unwrap();
let message = pptx::message::Message::try_from_circuit_output(

1
key_protocol/Cargo.toml
View File

@ -16,6 +16,7 @@ bip39.workspace = true
hmac-sha512.workspace = true
thiserror.workspace = true
nssa-core = { path = "../nssa/core", features = ["host"] }
itertools.workspace = true
[dependencies.common]
path = "../common"

152
key_protocol/src/key_management/key_tree/chain_index.rs
View File

@ -1,8 +1,9 @@
use std::{fmt::Display, str::FromStr};
use itertools::Itertools;
use serde::{Deserialize, Serialize};
#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone, Serialize, Deserialize)]
#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone, Serialize, Deserialize, Hash)]
pub struct ChainIndex(Vec<u32>);
#[derive(thiserror::Error, Debug)]
@ -77,12 +78,82 @@ impl ChainIndex {
ChainIndex(chain)
}
pub fn previous_in_line(&self) -> Option<ChainIndex> {
let mut chain = self.0.clone();
if let Some(last_p) = chain.last_mut() {
*last_p = last_p.checked_sub(1)?;
}
Some(ChainIndex(chain))
}
pub fn parent(&self) -> Option<ChainIndex> {
if self.0.is_empty() {
None
} else {
Some(ChainIndex(self.0[..(self.0.len() - 1)].to_vec()))
}
}
pub fn nth_child(&self, child_id: u32) -> ChainIndex {
let mut chain = self.0.clone();
chain.push(child_id);
ChainIndex(chain)
}
pub fn depth(&self) -> u32 {
self.0.iter().map(|cci| cci + 1).sum()
}
fn collapse_back(&self) -> Option<Self> {
let mut res = self.parent()?;
let last_mut = res.0.last_mut()?;
*last_mut += *(self.0.last()?) + 1;
Some(res)
}
fn shuffle_iter(&self) -> impl Iterator<Item = ChainIndex> {
self.0
.iter()
.permutations(self.0.len())
.unique()
.map(|item| ChainIndex(item.into_iter().cloned().collect()))
}
pub fn chain_ids_at_depth(depth: usize) -> impl Iterator<Item = ChainIndex> {
let mut stack = vec![ChainIndex(vec![0; depth])];
let mut cumulative_stack = vec![ChainIndex(vec![0; depth])];
while let Some(id) = stack.pop() {
if let Some(collapsed_id) = id.collapse_back() {
for id in collapsed_id.shuffle_iter() {
stack.push(id.clone());
cumulative_stack.push(id);
}
}
}
cumulative_stack.into_iter().unique()
}
pub fn chain_ids_at_depth_rev(depth: usize) -> impl Iterator<Item = ChainIndex> {
let mut stack = vec![ChainIndex(vec![0; depth])];
let mut cumulative_stack = vec![ChainIndex(vec![0; depth])];
while let Some(id) = stack.pop() {
if let Some(collapsed_id) = id.collapse_back() {
for id in collapsed_id.shuffle_iter() {
stack.push(id.clone());
cumulative_stack.push(id);
}
}
}
cumulative_stack.into_iter().rev().unique()
}
}
#[cfg(test)]
@ -145,4 +216,83 @@ mod tests {
assert_eq!(string_index, "/5/7/8".to_string());
}
#[test]
fn test_prev_in_line() {
let chain_id = ChainIndex(vec![1, 7, 3]);
let prev_chain_id = chain_id.previous_in_line().unwrap();
assert_eq!(prev_chain_id, ChainIndex(vec![1, 7, 2]))
}
#[test]
fn test_prev_in_line_no_prev() {
let chain_id = ChainIndex(vec![1, 7, 0]);
let prev_chain_id = chain_id.previous_in_line();
assert_eq!(prev_chain_id, None)
}
#[test]
fn test_parent() {
let chain_id = ChainIndex(vec![1, 7, 3]);
let parent_chain_id = chain_id.parent().unwrap();
assert_eq!(parent_chain_id, ChainIndex(vec![1, 7]))
}
#[test]
fn test_parent_no_parent() {
let chain_id = ChainIndex(vec![]);
let parent_chain_id = chain_id.parent();
assert_eq!(parent_chain_id, None)
}
#[test]
fn test_parent_root() {
let chain_id = ChainIndex(vec![1]);
let parent_chain_id = chain_id.parent().unwrap();
assert_eq!(parent_chain_id, ChainIndex::root())
}
#[test]
fn test_collapse_back() {
let chain_id = ChainIndex(vec![1, 1]);
let collapsed = chain_id.collapse_back().unwrap();
assert_eq!(collapsed, ChainIndex(vec![3]))
}
#[test]
fn test_collapse_back_one() {
let chain_id = ChainIndex(vec![1]);
let collapsed = chain_id.collapse_back();
assert_eq!(collapsed, None)
}
#[test]
fn test_collapse_back_root() {
let chain_id = ChainIndex(vec![]);
let collapsed = chain_id.collapse_back();
assert_eq!(collapsed, None)
}
#[test]
fn test_shuffle() {
for id in ChainIndex::chain_ids_at_depth(5) {
println!("{id}");
}
}
}

334
key_protocol/src/key_management/key_tree/mod.rs
View File

@ -1,5 +1,10 @@
use std::collections::{BTreeMap, HashMap};
use std::{
collections::{BTreeMap, HashMap},
sync::Arc,
};
use anyhow::Result;
use common::sequencer_client::SequencerClient;
use serde::{Deserialize, Serialize};
use crate::key_management::{
@ -15,6 +20,8 @@ pub mod keys_private;
pub mod keys_public;
pub mod traits;
pub const DEPTH_SOFT_CAP: u32 = 20;
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct KeyTree<N: KeyNode> {
pub key_map: BTreeMap<ChainIndex, N>,
@ -96,21 +103,53 @@ impl<N: KeyNode> KeyTree<N> {
}
}
pub fn generate_new_node(&mut self, parent_cci: ChainIndex) -> Option<nssa::AccountId> {
let father_keys = self.key_map.get(&parent_cci)?;
pub fn generate_new_node(
&mut self,
parent_cci: &ChainIndex,
) -> Option<(nssa::AccountId, ChainIndex)> {
let parent_keys = self.key_map.get(parent_cci)?;
let next_child_id = self
.find_next_last_child_of_id(&parent_cci)
.find_next_last_child_of_id(parent_cci)
.expect("Can be None only if parent is not present");
let next_cci = parent_cci.nth_child(next_child_id);
let child_keys = father_keys.nth_child(next_child_id);
let child_keys = parent_keys.nth_child(next_child_id);
let account_id = child_keys.account_id();
self.key_map.insert(next_cci.clone(), child_keys);
self.account_id_map.insert(account_id, next_cci);
self.account_id_map.insert(account_id, next_cci.clone());
Some(account_id)
Some((account_id, next_cci))
}
fn find_next_slot_layered(&self) -> ChainIndex {
let mut depth = 1;
'outer: loop {
for chain_id in ChainIndex::chain_ids_at_depth_rev(depth) {
if !self.key_map.contains_key(&chain_id) {
break 'outer chain_id;
}
}
depth += 1;
}
}
pub fn fill_node(&mut self, chain_index: &ChainIndex) -> Option<(nssa::AccountId, ChainIndex)> {
let parent_keys = self.key_map.get(&chain_index.parent()?)?;
let child_id = *chain_index.chain().last()?;
let child_keys = parent_keys.nth_child(child_id);
let account_id = child_keys.account_id();
self.key_map.insert(chain_index.clone(), child_keys);
self.account_id_map.insert(account_id, chain_index.clone());
Some((account_id, chain_index.clone()))
}
pub fn generate_new_node_layered(&mut self) -> Option<(nssa::AccountId, ChainIndex)> {
self.fill_node(&self.find_next_slot_layered())
}
pub fn get_node(&self, account_id: nssa::AccountId) -> Option<&N> {
@ -129,11 +168,164 @@ impl<N: KeyNode> KeyTree<N> {
self.account_id_map.insert(account_id, chain_index.clone());
self.key_map.insert(chain_index, node);
}
pub fn remove(&mut self, addr: nssa::AccountId) -> Option<N> {
let chain_index = self.account_id_map.remove(&addr).unwrap();
self.key_map.remove(&chain_index)
}
/// Populates tree with children.
///
/// For given `depth` adds children to a tree such that their `ChainIndex::depth(&self) <
/// depth`.
///
/// Tree must be empty before start
pub fn generate_tree_for_depth(&mut self, depth: u32) {
let mut id_stack = vec![ChainIndex::root()];
while let Some(curr_id) = id_stack.pop() {
let mut next_id = curr_id.nth_child(0);
while (next_id.depth()) < depth {
self.generate_new_node(&curr_id);
id_stack.push(next_id.clone());
next_id = next_id.next_in_line();
}
}
}
}
impl KeyTree<ChildKeysPrivate> {
/// Cleanup of all non-initialized accounts in a private tree
///
/// For given `depth` checks children to a tree such that their `ChainIndex::depth(&self) <
/// depth`.
///
/// If account is default, removes them.
///
/// Chain must be parsed for accounts beforehand
///
/// Fast, leaves gaps between accounts
pub fn cleanup_tree_remove_uninit_for_depth(&mut self, depth: u32) {
let mut id_stack = vec![ChainIndex::root()];
while let Some(curr_id) = id_stack.pop() {
if let Some(node) = self.key_map.get(&curr_id)
&& node.value.1 == nssa::Account::default()
&& curr_id != ChainIndex::root()
{
let addr = node.account_id();
self.remove(addr);
}
let mut next_id = curr_id.nth_child(0);
while (next_id.depth()) < depth {
id_stack.push(next_id.clone());
next_id = next_id.next_in_line();
}
}
}
/// Cleanup of non-initialized accounts in a private tree
///
/// If account is default, removes them, stops at first non-default account.
///
/// Walks through tree in lairs of same depth using `ChainIndex::chain_ids_at_depth()`
///
/// Chain must be parsed for accounts beforehand
///
/// Slow, maintains tree consistency.
pub fn cleanup_tree_remove_uninit_layered(&mut self, depth: u32) {
'outer: for i in (1..(depth as usize)).rev() {
println!("Cleanup of tree at depth {i}");
for id in ChainIndex::chain_ids_at_depth(i) {
if let Some(node) = self.key_map.get(&id) {
if node.value.1 == nssa::Account::default() {
let addr = node.account_id();
self.remove(addr);
} else {
break 'outer;
}
}
}
}
}
}
impl KeyTree<ChildKeysPublic> {
/// Cleanup of all non-initialized accounts in a public tree
///
/// For given `depth` checks children to a tree such that their `ChainIndex::depth(&self) <
/// depth`.
///
/// If account is default, removes them.
///
/// Fast, leaves gaps between accounts
pub async fn cleanup_tree_remove_ininit_for_depth(
&mut self,
depth: u32,
client: Arc<SequencerClient>,
) -> Result<()> {
let mut id_stack = vec![ChainIndex::root()];
while let Some(curr_id) = id_stack.pop() {
if let Some(node) = self.key_map.get(&curr_id) {
let address = node.account_id();
let node_acc = client.get_account(address.to_string()).await?.account;
if node_acc == nssa::Account::default() && curr_id != ChainIndex::root() {
self.remove(address);
}
}
let mut next_id = curr_id.nth_child(0);
while (next_id.depth()) < depth {
id_stack.push(next_id.clone());
next_id = next_id.next_in_line();
}
}
Ok(())
}
/// Cleanup of non-initialized accounts in a public tree
///
/// If account is default, removes them, stops at first non-default account.
///
/// Walks through tree in lairs of same depth using `ChainIndex::chain_ids_at_depth()`
///
/// Slow, maintains tree consistency.
pub async fn cleanup_tree_remove_uninit_layered(
&mut self,
depth: u32,
client: Arc<SequencerClient>,
) -> Result<()> {
'outer: for i in (1..(depth as usize)).rev() {
println!("Cleanup of tree at depth {i}");
for id in ChainIndex::chain_ids_at_depth(i) {
if let Some(node) = self.key_map.get(&id) {
let address = node.account_id();
let node_acc = client.get_account(address.to_string()).await?.account;
if node_acc == nssa::Account::default() {
let addr = node.account_id();
self.remove(addr);
} else {
break 'outer;
}
}
}
}
Ok(())
}
}
#[cfg(test)]
mod tests {
use std::str::FromStr;
use std::{collections::HashSet, str::FromStr};
use nssa::AccountId;
@ -162,7 +354,7 @@ mod tests {
fn test_small_key_tree() {
let seed_holder = seed_holder_for_tests();
let mut tree = KeyTreePublic::new(&seed_holder);
let mut tree = KeyTreePrivate::new(&seed_holder);
let next_last_child_for_parent_id = tree
.find_next_last_child_of_id(&ChainIndex::root())
@ -170,7 +362,7 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 0);
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
assert!(
tree.key_map
@ -183,12 +375,12 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 1);
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
let next_last_child_for_parent_id = tree
.find_next_last_child_of_id(&ChainIndex::root())
@ -201,7 +393,7 @@ mod tests {
fn test_key_tree_can_not_make_child_keys() {
let seed_holder = seed_holder_for_tests();
let mut tree = KeyTreePublic::new(&seed_holder);
let mut tree = KeyTreePrivate::new(&seed_holder);
let next_last_child_for_parent_id = tree
.find_next_last_child_of_id(&ChainIndex::root())
@ -209,7 +401,7 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 0);
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
assert!(
tree.key_map
@ -222,7 +414,7 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 1);
let key_opt = tree.generate_new_node(ChainIndex::from_str("/3").unwrap());
let key_opt = tree.generate_new_node(&ChainIndex::from_str("/3").unwrap());
assert_eq!(key_opt, None);
}
@ -239,7 +431,7 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 0);
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
assert!(
tree.key_map
@ -252,7 +444,7 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 1);
tree.generate_new_node(ChainIndex::root()).unwrap();
tree.generate_new_node(&ChainIndex::root()).unwrap();
assert!(
tree.key_map
@ -265,7 +457,7 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 2);
tree.generate_new_node(ChainIndex::from_str("/0").unwrap())
tree.generate_new_node(&ChainIndex::from_str("/0").unwrap())
.unwrap();
let next_last_child_for_parent_id = tree
@ -279,7 +471,7 @@ mod tests {
.contains_key(&ChainIndex::from_str("/0/0").unwrap())
);
tree.generate_new_node(ChainIndex::from_str("/0").unwrap())
tree.generate_new_node(&ChainIndex::from_str("/0").unwrap())
.unwrap();
let next_last_child_for_parent_id = tree
@ -293,7 +485,7 @@ mod tests {
.contains_key(&ChainIndex::from_str("/0/1").unwrap())
);
tree.generate_new_node(ChainIndex::from_str("/0").unwrap())
tree.generate_new_node(&ChainIndex::from_str("/0").unwrap())
.unwrap();
let next_last_child_for_parent_id = tree
@ -307,7 +499,7 @@ mod tests {
.contains_key(&ChainIndex::from_str("/0/2").unwrap())
);
tree.generate_new_node(ChainIndex::from_str("/0/1").unwrap())
tree.generate_new_node(&ChainIndex::from_str("/0/1").unwrap())
.unwrap();
assert!(
@ -321,4 +513,94 @@ mod tests {
assert_eq!(next_last_child_for_parent_id, 1);
}
#[test]
fn test_tree_balancing_automatic() {
let seed_holder = seed_holder_for_tests();
let mut tree = KeyTreePublic::new(&seed_holder);
for _ in 0..100 {
tree.generate_new_node_layered().unwrap();
}
let next_slot = tree.find_next_slot_layered();
assert_eq!(next_slot, ChainIndex::from_str("/0/0/2/1").unwrap());
}
#[test]
fn test_cleanup() {
let seed_holder = seed_holder_for_tests();
let mut tree = KeyTreePrivate::new(&seed_holder);
tree.generate_tree_for_depth(10);
let acc = tree
.key_map
.get_mut(&ChainIndex::from_str("/1").unwrap())
.unwrap();
acc.value.1.balance = 2;
let acc = tree
.key_map
.get_mut(&ChainIndex::from_str("/2").unwrap())
.unwrap();
acc.value.1.balance = 3;
let acc = tree
.key_map
.get_mut(&ChainIndex::from_str("/0/1").unwrap())
.unwrap();
acc.value.1.balance = 5;
let acc = tree
.key_map
.get_mut(&ChainIndex::from_str("/1/0").unwrap())
.unwrap();
acc.value.1.balance = 6;
tree.cleanup_tree_remove_uninit_layered(10);
let mut key_set_res = HashSet::new();
key_set_res.insert("/0".to_string());
key_set_res.insert("/1".to_string());
key_set_res.insert("/2".to_string());
key_set_res.insert("/".to_string());
key_set_res.insert("/0/0".to_string());
key_set_res.insert("/0/1".to_string());
key_set_res.insert("/1/0".to_string());
let mut key_set = HashSet::new();
for key in tree.key_map.keys() {
key_set.insert(key.to_string());
}
assert_eq!(key_set, key_set_res);
let acc = tree
.key_map
.get(&ChainIndex::from_str("/1").unwrap())
.unwrap();
assert_eq!(acc.value.1.balance, 2);
let acc = tree
.key_map
.get(&ChainIndex::from_str("/2").unwrap())
.unwrap();
assert_eq!(acc.value.1.balance, 3);
let acc = tree
.key_map
.get(&ChainIndex::from_str("/0/1").unwrap())
.unwrap();
assert_eq!(acc.value.1.balance, 5);
let acc = tree
.key_map
.get(&ChainIndex::from_str("/1/0").unwrap())
.unwrap();
assert_eq!(acc.value.1.balance, 6);
}
}

42
key_protocol/src/key_protocol_core/mod.rs
View File

@ -89,9 +89,18 @@ impl NSSAUserData {
/// Returns the account_id of new account
pub fn generate_new_public_transaction_private_key(
&mut self,
parent_cci: ChainIndex,
) -> nssa::AccountId {
self.public_key_tree.generate_new_node(parent_cci).unwrap()
parent_cci: Option<ChainIndex>,
) -> (nssa::AccountId, ChainIndex) {
match parent_cci {
Some(parent_cci) => self
.public_key_tree
.generate_new_node(&parent_cci)
.expect("Parent must be present in a tree"),
None => self
.public_key_tree
.generate_new_node_layered()
.expect("Search for new node slot failed"),
}
}
/// Returns the signing key for public transaction signatures
@ -113,9 +122,18 @@ impl NSSAUserData {
/// Returns the account_id of new account
pub fn generate_new_privacy_preserving_transaction_key_chain(
&mut self,
parent_cci: ChainIndex,
) -> nssa::AccountId {
self.private_key_tree.generate_new_node(parent_cci).unwrap()
parent_cci: Option<ChainIndex>,
) -> (nssa::AccountId, ChainIndex) {
match parent_cci {
Some(parent_cci) => self
.private_key_tree
.generate_new_node(&parent_cci)
.expect("Parent must be present in a tree"),
None => self
.private_key_tree
.generate_new_node_layered()
.expect("Search for new node slot failed"),
}
}
/// Returns the signing key for public transaction signatures
@ -169,16 +187,8 @@ mod tests {
fn test_new_account() {
let mut user_data = NSSAUserData::default();
let account_id_pub =
user_data.generate_new_public_transaction_private_key(ChainIndex::root());
let account_id_private =
user_data.generate_new_privacy_preserving_transaction_key_chain(ChainIndex::root());
let is_private_key_generated = user_data
.get_pub_account_signing_key(&account_id_pub)
.is_some();
assert!(is_private_key_generated);
let (account_id_private, _) = user_data
.generate_new_privacy_preserving_transaction_key_chain(Some(ChainIndex::root()));
let is_key_chain_generated = user_data.get_private_account(&account_id_private).is_some();

4
nssa/core/src/account.rs
View File

@ -25,8 +25,8 @@ pub struct Account {
pub nonce: Nonce,
}
#[derive(Serialize, Deserialize, Clone)]
#[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))]
#[derive(Serialize, Deserialize, Clone, PartialEq, Eq)]
#[cfg_attr(any(feature = "host", test), derive(Debug))]
pub struct AccountWithMetadata {
pub account: Account,
pub is_authorized: bool,

2
nssa/core/src/circuit_io.rs
View File

@ -10,7 +10,7 @@ use crate::{
#[derive(Serialize, Deserialize)]
pub struct PrivacyPreservingCircuitInput {
pub program_output: ProgramOutput,
pub program_outputs: Vec<ProgramOutput>,
pub visibility_mask: Vec<u8>,
pub private_account_nonces: Vec<Nonce>,
pub private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>,

55
nssa/core/src/program.rs
View File

@ -1,3 +1,5 @@
use std::collections::HashSet;
use risc0_zkvm::{DeserializeOwned, guest::env, serde::Deserializer};
use serde::{Deserialize, Serialize};
@ -8,6 +10,7 @@ use crate::account::{Account, AccountWithMetadata};
pub type ProgramId = [u32; 8];
pub type InstructionData = Vec<u32>;
pub const DEFAULT_PROGRAM_ID: ProgramId = [0; 8];
pub const MAX_NUMBER_CHAINED_CALLS: usize = 10;
pub struct ProgramInput<T> {
pub pre_states: Vec<AccountWithMetadata>,
@ -54,7 +57,9 @@ impl From<(&ProgramId, &PdaSeed)> for AccountId {
#[derive(Serialize, Deserialize, Clone)]
#[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))]
pub struct ChainedCall {
/// The program ID of the program to execute
pub program_id: ProgramId,
/// The instruction data to pass
pub instruction_data: InstructionData,
pub pre_states: Vec<AccountWithMetadata>,
pub pda_seeds: Vec<PdaSeed>,
@ -111,26 +116,34 @@ impl AccountPostState {
#[derive(Serialize, Deserialize, Clone)]
#[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))]
pub struct ProgramOutput {
/// The instruction data the program received to produce this output
pub instruction_data: InstructionData,
/// The account pre states the program received to produce this output
pub pre_states: Vec<AccountWithMetadata>,
pub post_states: Vec<AccountPostState>,
pub chained_calls: Vec<ChainedCall>,
}
pub fn read_nssa_inputs<T: DeserializeOwned>() -> ProgramInput<T> {
pub fn read_nssa_inputs<T: DeserializeOwned>() -> (ProgramInput<T>, InstructionData) {
let pre_states: Vec<AccountWithMetadata> = env::read();
let instruction_words: InstructionData = env::read();
let instruction = T::deserialize(&mut Deserializer::new(instruction_words.as_ref())).unwrap();
ProgramInput {
pre_states,
instruction,
}
(
ProgramInput {
pre_states,
instruction,
},
instruction_words,
)
}
pub fn write_nssa_outputs(
instruction_data: InstructionData,
pre_states: Vec<AccountWithMetadata>,
post_states: Vec<AccountPostState>,
) {
let output = ProgramOutput {
instruction_data,
pre_states,
post_states,
chained_calls: Vec::new(),
@ -139,11 +152,13 @@ pub fn write_nssa_outputs(
}
pub fn write_nssa_outputs_with_chained_call(
instruction_data: InstructionData,
pre_states: Vec<AccountWithMetadata>,
post_states: Vec<AccountPostState>,
chained_calls: Vec<ChainedCall>,
) {
let output = ProgramOutput {
instruction_data,
pre_states,
post_states,
chained_calls,
@ -162,32 +177,37 @@ pub fn validate_execution(
post_states: &[AccountPostState],
executing_program_id: ProgramId,
) -> bool {
// 1. Lengths must match
// 1. Check account ids are all different
if !validate_uniqueness_of_account_ids(pre_states) {
return false;
}
// 2. Lengths must match
if pre_states.len() != post_states.len() {
return false;
}
for (pre, post) in pre_states.iter().zip(post_states) {
// 2. Nonce must remain unchanged
// 3. Nonce must remain unchanged
if pre.account.nonce != post.account.nonce {
return false;
}
// 3. Program ownership changes are not allowed
// 4. Program ownership changes are not allowed
if pre.account.program_owner != post.account.program_owner {
return false;
}
let account_program_owner = pre.account.program_owner;
// 4. Decreasing balance only allowed if owned by executing program
// 5. Decreasing balance only allowed if owned by executing program
if post.account.balance < pre.account.balance
&& account_program_owner != executing_program_id
{
return false;
}
// 5. Data changes only allowed if owned by executing program or if account pre state has
// 6. Data changes only allowed if owned by executing program or if account pre state has
// default values
if pre.account.data != post.account.data
&& pre.account != Account::default()
@ -196,14 +216,14 @@ pub fn validate_execution(
return false;
}
// 6. If a post state has default program owner, the pre state must have been a default
// 7. If a post state has default program owner, the pre state must have been a default
// account
if post.account.program_owner == DEFAULT_PROGRAM_ID && pre.account != Account::default() {
return false;
}
}
// 7. Total balance is preserved
// 8. Total balance is preserved
let Some(total_balance_pre_states) =
WrappedBalanceSum::from_balances(pre_states.iter().map(|pre| pre.account.balance))
@ -224,6 +244,17 @@ pub fn validate_execution(
true
}
fn validate_uniqueness_of_account_ids(pre_states: &[AccountWithMetadata]) -> bool {
let number_of_accounts = pre_states.len();
let number_of_account_ids = pre_states
.iter()
.map(|account| &account.account_id)
.collect::<HashSet<_>>()
.len();
number_of_accounts == number_of_account_ids
}
/// Representation of a number as `lo + hi * 2^128`.
#[derive(PartialEq, Eq)]
struct WrappedBalanceSum {

43
nssa/program_methods/guest/src/bin/authenticated_transfer.rs
View File

@ -6,34 +6,37 @@ use nssa_core::{
};
/// Initializes a default account under the ownership of this program.
fn initialize_account(pre_state: AccountWithMetadata) {
fn initialize_account(pre_state: AccountWithMetadata) -> AccountPostState {
let account_to_claim = AccountPostState::new_claimed(pre_state.account.clone());
let is_authorized = pre_state.is_authorized;
// Continue only if the account to claim has default values
if account_to_claim.account() != &Account::default() {
return;
panic!("Account must be uninitialized");
}
// Continue only if the owner authorized this operation
if !is_authorized {
return;
panic!("Invalid input");
}
// Noop will result in account being claimed for this program
write_nssa_outputs(vec![pre_state], vec![account_to_claim]);
account_to_claim
}
/// Transfers `balance_to_move` native balance from `sender` to `recipient`.
fn transfer(sender: AccountWithMetadata, recipient: AccountWithMetadata, balance_to_move: u128) {
fn transfer(
sender: AccountWithMetadata,
recipient: AccountWithMetadata,
balance_to_move: u128,
) -> Vec<AccountPostState> {
// Continue only if the sender has authorized this operation
if !sender.is_authorized {
return;
panic!("Invalid input");
}
// Continue only if the sender has enough balance
if sender.account.balance < balance_to_move {
return;
panic!("Invalid input");
}
// Create accounts post states, with updated balances
@ -57,23 +60,31 @@ fn transfer(sender: AccountWithMetadata, recipient: AccountWithMetadata, balance
}
};
write_nssa_outputs(vec![sender, recipient], vec![sender_post, recipient_post]);
vec![sender_post, recipient_post]
}
/// A transfer of balance program.
/// To be used both in public and private contexts.
fn main() {
// Read input accounts.
let ProgramInput {
pre_states,
instruction: balance_to_move,
} = read_nssa_inputs();
let (
ProgramInput {
pre_states,
instruction: balance_to_move,
},
instruction_words,
) = read_nssa_inputs();
match (pre_states.as_slice(), balance_to_move) {
([account_to_claim], 0) => initialize_account(account_to_claim.clone()),
let post_states = match (pre_states.as_slice(), balance_to_move) {
([account_to_claim], 0) => {
let post = initialize_account(account_to_claim.clone());
vec![post]
}
([sender, recipient], balance_to_move) => {
transfer(sender.clone(), recipient.clone(), balance_to_move)
}
_ => panic!("invalid params"),
}
};
write_nssa_outputs(instruction_words, pre_states, post_states);
}

12
nssa/program_methods/guest/src/bin/pinata.rs
View File

@ -44,10 +44,13 @@ impl Challenge {
fn main() {
// Read input accounts.
// It is expected to receive only two accounts: [pinata_account, winner_account]
let ProgramInput {
pre_states,
instruction: solution,
} = read_nssa_inputs::<Instruction>();
let (
ProgramInput {
pre_states,
instruction: solution,
},
instruction_words,
) = read_nssa_inputs::<Instruction>();
let [pinata, winner] = match pre_states.try_into() {
Ok(array) => array,
@ -71,6 +74,7 @@ fn main() {
winner_post.balance += PRIZE;
write_nssa_outputs(
instruction_words,
vec![pinata, winner],
vec![
AccountPostState::new(pinata_post),

12
nssa/program_methods/guest/src/bin/pinata_token.rs
View File

@ -54,10 +54,13 @@ fn main() {
// Read input accounts.
// It is expected to receive three accounts: [pinata_definition, pinata_token_holding,
// winner_token_holding]
let ProgramInput {
pre_states,
instruction: solution,
} = read_nssa_inputs::<Instruction>();
let (
ProgramInput {
pre_states,
instruction: solution,
},
instruction_words,
) = read_nssa_inputs::<Instruction>();
let [
pinata_definition,
@ -98,6 +101,7 @@ fn main() {
}];
write_nssa_outputs_with_chained_call(
instruction_words,
vec![
pinata_definition,
pinata_token_holding,

135
nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
View File

@ -1,4 +1,4 @@
use std::collections::HashSet;
use std::collections::HashMap;
use nssa_core::{
Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, Nullifier,
@ -6,43 +6,114 @@ use nssa_core::{
account::{Account, AccountId, AccountWithMetadata},
compute_digest_for_path,
encryption::Ciphertext,
program::{DEFAULT_PROGRAM_ID, ProgramOutput, validate_execution},
program::{DEFAULT_PROGRAM_ID, MAX_NUMBER_CHAINED_CALLS, validate_execution},
};
use risc0_zkvm::{guest::env, serde::to_vec};
fn main() {
let PrivacyPreservingCircuitInput {
program_output,
program_outputs,
visibility_mask,
private_account_nonces,
private_account_keys,
private_account_auth,
program_id,
mut program_id,
} = env::read();
// Check that `program_output` is consistent with the execution of the corresponding program.
env::verify(program_id, &to_vec(&program_output).unwrap()).unwrap();
let mut pre_states: Vec<AccountWithMetadata> = Vec::new();
let mut state_diff: HashMap<AccountId, Account> = HashMap::new();
let ProgramOutput {
pre_states,
post_states,
chained_calls,
} = program_output;
// TODO: implement chained calls for privacy preserving transactions
if !chained_calls.is_empty() {
panic!("Privacy preserving transactions do not support yet chained calls.")
let num_calls = program_outputs.len();
if num_calls > MAX_NUMBER_CHAINED_CALLS {
panic!("Max chained calls depth is exceeded");
}
// Check that there are no repeated account ids
if !validate_uniqueness_of_account_ids(&pre_states) {
panic!("Repeated account ids found")
let Some(last_program_call) = program_outputs.last() else {
panic!("Program outputs is empty")
};
if !last_program_call.chained_calls.is_empty() {
panic!("Call stack is incomplete");
}
// Check that the program is well behaved.
// See the # Programs section for the definition of the `validate_execution` method.
if !validate_execution(&pre_states, &post_states, program_id) {
panic!("Bad behaved program");
for window in program_outputs.windows(2) {
let caller = &window[0];
let callee = &window[1];
if caller.chained_calls.len() > 1 {
panic!("Privacy Multi-chained calls are not supported yet");
}
// TODO: Modify when multi-chain calls are supported in the circuit
let Some(caller_chained_call) = &caller.chained_calls.first() else {
panic!("Expected chained call");
};
// Check that instruction data in caller is the instruction data in callee
if caller_chained_call.instruction_data != callee.instruction_data {
panic!("Invalid instruction data");
}
// Check that account pre_states in caller are the ones in calle
if caller_chained_call.pre_states != callee.pre_states {
panic!("Invalid pre states");
}
}
for (i, program_output) in program_outputs.iter().enumerate() {
let mut program_output = program_output.clone();
// Check that `program_output` is consistent with the execution of the corresponding program.
let program_output_words =
&to_vec(&program_output).expect("program_output must be serializable");
env::verify(program_id, program_output_words)
.expect("program output must match the program's execution");
// Check that the program is well behaved.
// See the # Programs section for the definition of the `validate_execution` method.
if !validate_execution(
&program_output.pre_states,
&program_output.post_states,
program_id,
) {
panic!("Bad behaved program");
}
// The invoked program claims the accounts with default program id.
for post in program_output
.post_states
.iter_mut()
.filter(|post| post.requires_claim())
{
// The invoked program can only claim accounts with default program id.
if post.account().program_owner == DEFAULT_PROGRAM_ID {
post.account_mut().program_owner = program_id;
} else {
panic!("Cannot claim an initialized account")
}
}
for (pre, post) in program_output
.pre_states
.iter()
.zip(&program_output.post_states)
{
if let Some(account_pre) = state_diff.get(&pre.account_id) {
if account_pre != &pre.account {
panic!("Invalid input");
}
} else {
pre_states.push(pre.clone());
}
state_diff.insert(pre.account_id.clone(), post.account().clone());
}
// TODO: Modify when multi-chain calls are supported in the circuit
if let Some(next_chained_call) = &program_output.chained_calls.first() {
program_id = next_chained_call.program_id;
} else if i != program_outputs.len() - 1 {
panic!("Inner call without a chained call found")
};
}
let n_accounts = pre_states.len();
@ -69,10 +140,8 @@ fn main() {
// Public account
public_pre_states.push(pre_states[i].clone());
let mut post = post_states[i].account().clone();
if pre_states[i].is_authorized {
post.nonce += 1;
}
let mut post = state_diff.get(&pre_states[i].account_id).unwrap().clone();
if post.program_owner == DEFAULT_PROGRAM_ID {
// Claim account
post.program_owner = program_id;
@ -125,7 +194,8 @@ fn main() {
}
// Update post-state with new nonce
let mut post_with_updated_values = post_states[i].account().clone();
let mut post_with_updated_values =
state_diff.get(&pre_states[i].account_id).unwrap().clone();
post_with_updated_values.nonce = *new_nonce;
if post_with_updated_values.program_owner == DEFAULT_PROGRAM_ID {
@ -174,14 +244,3 @@ fn main() {
env::commit(&output);
}
fn validate_uniqueness_of_account_ids(pre_states: &[AccountWithMetadata]) -> bool {
let number_of_accounts = pre_states.len();
let number_of_account_ids = pre_states
.iter()
.map(|account| account.account_id.clone())
.collect::<HashSet<_>>()
.len();
number_of_accounts == number_of_account_ids
}

2124
nssa/program_methods/guest/src/bin/token.rs
View File

File diff suppressed because it is too large Load Diff

92
nssa/src/privacy_preserving_transaction/circuit.rs
View File

@ -1,9 +1,11 @@
use std::collections::HashMap;
use borsh::{BorshDeserialize, BorshSerialize};
use nssa_core::{
MembershipProof, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput,
PrivacyPreservingCircuitOutput, SharedSecretKey,
account::AccountWithMetadata,
program::{InstructionData, ProgramOutput},
program::{InstructionData, ProgramId, ProgramOutput},
};
use risc0_zkvm::{ExecutorEnv, InnerReceipt, Receipt, default_prover};
@ -11,12 +13,35 @@ use crate::{
error::NssaError,
program::Program,
program_methods::{PRIVACY_PRESERVING_CIRCUIT_ELF, PRIVACY_PRESERVING_CIRCUIT_ID},
state::MAX_NUMBER_CHAINED_CALLS,
};
/// Proof of the privacy preserving execution circuit
#[derive(Debug, Clone, PartialEq, Eq, BorshSerialize, BorshDeserialize)]
pub struct Proof(pub(crate) Vec<u8>);
#[derive(Clone)]
pub struct ProgramWithDependencies {
pub program: Program,
// TODO: avoid having a copy of the bytecode of each dependency.
pub dependencies: HashMap<ProgramId, Program>,
}
impl ProgramWithDependencies {
pub fn new(program: Program, dependencies: HashMap<ProgramId, Program>) -> Self {
Self {
program,
dependencies,
}
}
}
impl From<Program> for ProgramWithDependencies {
fn from(program: Program) -> Self {
ProgramWithDependencies::new(program, HashMap::new())
}
}
/// Generates a proof of the execution of a NSSA program inside the privacy preserving execution
/// circuit
pub fn execute_and_prove(
@ -26,27 +51,64 @@ pub fn execute_and_prove(
private_account_nonces: &[u128],
private_account_keys: &[(NullifierPublicKey, SharedSecretKey)],
private_account_auth: &[(NullifierSecretKey, MembershipProof)],
program: &Program,
program_with_dependencies: &ProgramWithDependencies,
) -> Result<(PrivacyPreservingCircuitOutput, Proof), NssaError> {
let inner_receipt = execute_and_prove_program(program, pre_states, instruction_data)?;
let mut program = &program_with_dependencies.program;
let dependencies = &program_with_dependencies.dependencies;
let mut instruction_data = instruction_data.clone();
let mut pre_states = pre_states.to_vec();
let mut env_builder = ExecutorEnv::builder();
let mut program_outputs = Vec::new();
let program_output: ProgramOutput = inner_receipt
.journal
.decode()
.map_err(|e| NssaError::ProgramOutputDeserializationError(e.to_string()))?;
for _i in 0..MAX_NUMBER_CHAINED_CALLS {
let inner_receipt = execute_and_prove_program(program, &pre_states, &instruction_data)?;
let program_output: ProgramOutput = inner_receipt
.journal
.decode()
.map_err(|e| NssaError::ProgramOutputDeserializationError(e.to_string()))?;
// TODO: remove clone
program_outputs.push(program_output.clone());
// Prove circuit.
env_builder.add_assumption(inner_receipt);
// TODO: Remove when multi-chain calls are supported in the circuit
assert!(program_output.chained_calls.len() <= 1);
// TODO: Modify when multi-chain calls are supported in the circuit
if let Some(next_call) = program_output.chained_calls.first() {
program = dependencies
.get(&next_call.program_id)
.ok_or(NssaError::InvalidProgramBehavior)?;
instruction_data = next_call.instruction_data.clone();
// Build post states with metadata for next call
let mut post_states_with_metadata = Vec::new();
for (pre, post) in program_output
.pre_states
.iter()
.zip(program_output.post_states)
{
let mut post_with_metadata = pre.clone();
post_with_metadata.account = post.account().clone();
post_states_with_metadata.push(post_with_metadata);
}
pre_states = next_call.pre_states.clone();
} else {
break;
}
}
let circuit_input = PrivacyPreservingCircuitInput {
program_output,
program_outputs,
visibility_mask: visibility_mask.to_vec(),
private_account_nonces: private_account_nonces.to_vec(),
private_account_keys: private_account_keys.to_vec(),
private_account_auth: private_account_auth.to_vec(),
program_id: program.id(),
program_id: program_with_dependencies.program.id(),
};
// Prove circuit.
let mut env_builder = ExecutorEnv::builder();
env_builder.add_assumption(inner_receipt);
env_builder.write(&circuit_input).unwrap();
let env = env_builder.build().unwrap();
let prover = default_prover();
@ -133,7 +195,7 @@ mod tests {
let expected_sender_post = Account {
program_owner: program.id(),
balance: 100 - balance_to_move,
nonce: 1,
nonce: 0,
data: Data::default(),
};
@ -156,7 +218,7 @@ mod tests {
&[0xdeadbeef],
&[(recipient_keys.npk(), shared_secret.clone())],
&[],
&Program::authenticated_transfer_program(),
&Program::authenticated_transfer_program().into(),
)
.unwrap();
@ -257,7 +319,7 @@ mod tests {
sender_keys.nsk,
commitment_set.get_proof_for(&commitment_sender).unwrap(),
)],
&program,
&program.into(),
)
.unwrap();

17
nssa/src/program.rs
View File

@ -7,14 +7,14 @@ use serde::Serialize;
use crate::{
error::NssaError,
program_methods::{AUTHENTICATED_TRANSFER_ELF, MODIFIED_TRANSFER_ELF, PINATA_ELF, TOKEN_ELF},
program_methods::{AUTHENTICATED_TRANSFER_ELF, PINATA_ELF, TOKEN_ELF},
};
/// Maximum number of cycles for a public execution.
/// TODO: Make this variable when fees are implemented
const MAX_NUM_CYCLES_PUBLIC_EXECUTION: u64 = 1024 * 1024 * 32; // 32M cycles
#[derive(Debug, PartialEq, Eq)]
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct Program {
id: ProgramId,
elf: Vec<u8>,
@ -95,12 +95,6 @@ impl Program {
// `program_methods`
Self::new(TOKEN_ELF.to_vec()).unwrap()
}
pub fn modified_transfer_program() -> Self {
// This unwrap won't panic since the `MODIFIED_TRANSFER_ELF` comes from risc0 build of
// `program_methods`
Self::new(MODIFIED_TRANSFER_ELF.to_vec()).unwrap()
}
}
// TODO: Testnet only. Refactor to prevent compilation on mainnet.
@ -227,6 +221,13 @@ mod tests {
elf: CLAIMER_ELF.to_vec(),
}
}
pub fn modified_transfer_program() -> Self {
use test_program_methods::MODIFIED_TRANSFER_ELF;
// This unwrap won't panic since the `MODIFIED_TRANSFER_ELF` comes from risc0 build of
// `program_methods`
Self::new(MODIFIED_TRANSFER_ELF.to_vec()).unwrap()
}
}
#[test]

189
nssa/src/state.rs
View File

@ -154,6 +154,12 @@ impl V02State {
*current_account = post;
}
// 5. Increment nonces for public signers
for account_id in tx.signer_account_ids() {
let current_account = self.get_account_by_id_mut(account_id);
current_account.nonce += 1;
}
Ok(())
}
@ -272,7 +278,10 @@ pub mod tests {
error::NssaError,
execute_and_prove,
privacy_preserving_transaction::{
PrivacyPreservingTransaction, circuit, message::Message, witness_set::WitnessSet,
PrivacyPreservingTransaction,
circuit::{self, ProgramWithDependencies},
message::Message,
witness_set::WitnessSet,
},
program::Program,
public_transaction,
@ -859,7 +868,7 @@ pub mod tests {
&[0xdeadbeef],
&[(recipient_keys.npk(), shared_secret)],
&[],
&Program::authenticated_transfer_program(),
&Program::authenticated_transfer_program().into(),
)
.unwrap();
@ -911,7 +920,7 @@ pub mod tests {
sender_keys.nsk,
state.get_proof_for_commitment(&sender_commitment).unwrap(),
)],
&program,
&program.into(),
)
.unwrap();
@ -963,7 +972,7 @@ pub mod tests {
sender_keys.nsk,
state.get_proof_for_commitment(&sender_commitment).unwrap(),
)],
&program,
&program.into(),
)
.unwrap();
@ -1176,7 +1185,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1202,7 +1211,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1228,7 +1237,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1254,7 +1263,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1282,7 +1291,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.to_owned().into(),
);
assert!(matches!(result, Err(NssaError::ProgramProveFailed(_))));
@ -1308,7 +1317,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1343,7 +1352,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1369,7 +1378,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1404,7 +1413,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1441,7 +1450,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1482,7 +1491,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1516,7 +1525,7 @@ pub mod tests {
&[0xdeadbeef1, 0xdeadbeef2],
&private_account_keys,
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1557,7 +1566,7 @@ pub mod tests {
),
],
&private_account_auth,
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1605,7 +1614,7 @@ pub mod tests {
&[0xdeadbeef1, 0xdeadbeef2],
&private_account_keys,
&private_account_auth,
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1651,7 +1660,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1698,7 +1707,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1744,7 +1753,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1790,7 +1799,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1834,7 +1843,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1863,7 +1872,7 @@ pub mod tests {
&[],
&[],
&[],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1905,7 +1914,7 @@ pub mod tests {
),
],
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1951,7 +1960,7 @@ pub mod tests {
&[0xdeadbeef1, 0xdeadbeef2],
&private_account_keys,
&[(sender_keys.nsk, (0, vec![]))],
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -1997,7 +2006,7 @@ pub mod tests {
),
],
&private_account_auth,
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -2088,7 +2097,7 @@ pub mod tests {
(sender_keys.npk(), shared_secret),
],
&private_account_auth,
&program,
&program.into(),
);
assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
@ -2131,7 +2140,7 @@ pub mod tests {
}
#[test]
fn test_chained_call_succeeds() {
fn test_public_chained_call() {
let program = Program::chain_caller();
let key = PrivateKey::try_new([1; 32]).unwrap();
let from = AccountId::from(&PublicKey::new_from_private_key(&key));
@ -2310,6 +2319,128 @@ pub mod tests {
assert_eq!(to_post, expected_to_post);
}
#[test]
fn test_private_chained_call() {
// Arrange
let chain_caller = Program::chain_caller();
let auth_transfers = Program::authenticated_transfer_program();
let from_keys = test_private_account_keys_1();
let to_keys = test_private_account_keys_2();
let initial_balance = 100;
let from_account = AccountWithMetadata::new(
Account {
program_owner: auth_transfers.id(),
balance: initial_balance,
..Account::default()
},
true,
&from_keys.npk(),
);
let to_account = AccountWithMetadata::new(
Account {
program_owner: auth_transfers.id(),
..Account::default()
},
true,
&to_keys.npk(),
);
let from_commitment = Commitment::new(&from_keys.npk(), &from_account.account);
let to_commitment = Commitment::new(&to_keys.npk(), &to_account.account);
let mut state = V02State::new_with_genesis_accounts(
&[],
&[from_commitment.clone(), to_commitment.clone()],
)
.with_test_programs();
let amount: u128 = 37;
let instruction: (u128, ProgramId, u32, Option<PdaSeed>) = (
amount,
Program::authenticated_transfer_program().id(),
1,
None,
);
let from_esk = [3; 32];
let from_ss = SharedSecretKey::new(&from_esk, &from_keys.ivk());
let from_epk = EphemeralPublicKey::from_scalar(from_esk);
let to_esk = [3; 32];
let to_ss = SharedSecretKey::new(&to_esk, &to_keys.ivk());
let to_epk = EphemeralPublicKey::from_scalar(to_esk);
let mut dependencies = HashMap::new();
dependencies.insert(auth_transfers.id(), auth_transfers);
let program_with_deps = ProgramWithDependencies::new(chain_caller, dependencies);
let from_new_nonce = 0xdeadbeef1;
let to_new_nonce = 0xdeadbeef2;
let from_expected_post = Account {
balance: initial_balance - amount,
nonce: from_new_nonce,
..from_account.account.clone()
};
let from_expected_commitment = Commitment::new(&from_keys.npk(), &from_expected_post);
let to_expected_post = Account {
balance: amount,
nonce: to_new_nonce,
..to_account.account.clone()
};
let to_expected_commitment = Commitment::new(&to_keys.npk(), &to_expected_post);
// Act
let (output, proof) = execute_and_prove(
&[to_account, from_account],
&Program::serialize_instruction(instruction).unwrap(),
&[1, 1],
&[from_new_nonce, to_new_nonce],
&[(from_keys.npk(), to_ss), (to_keys.npk(), from_ss)],
&[
(
from_keys.nsk,
state.get_proof_for_commitment(&from_commitment).unwrap(),
),
(
to_keys.nsk,
state.get_proof_for_commitment(&to_commitment).unwrap(),
),
],
&program_with_deps,
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![],
vec![],
vec![
(to_keys.npk(), to_keys.ivk(), to_epk),
(from_keys.npk(), from_keys.ivk(), from_epk),
],
output,
)
.unwrap();
let witness_set = WitnessSet::for_message(&message, proof, &[]);
let transaction = PrivacyPreservingTransaction::new(message, witness_set);
state
.transition_from_privacy_preserving_transaction(&transaction)
.unwrap();
// Assert
assert!(
state
.get_proof_for_commitment(&from_expected_commitment)
.is_some()
);
assert!(
state
.get_proof_for_commitment(&to_expected_commitment)
.is_some()
);
}
#[test]
fn test_pda_mechanism_with_pinata_token_program() {
let pinata_token = Program::pinata_token();

13
nssa/test_program_methods/guest/src/bin/burner.rs
View File

@ -3,10 +3,13 @@ use nssa_core::program::{AccountPostState, ProgramInput, read_nssa_inputs, write
type Instruction = u128;
fn main() {
let ProgramInput {
pre_states,
instruction: balance_to_burn,
} = read_nssa_inputs::<Instruction>();
let (
ProgramInput {
pre_states,
instruction: balance_to_burn,
},
instruction_words,
) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -17,5 +20,5 @@ fn main() {
let mut account_post = account_pre.clone();
account_post.balance -= balance_to_burn;
write_nssa_outputs(vec![pre], vec![AccountPostState::new(account_post)]);
write_nssa_outputs(instruction_words, vec![pre], vec![AccountPostState::new(account_post)]);
}

10
nssa/test_program_methods/guest/src/bin/chain_caller.rs
View File

@ -10,10 +10,13 @@ type Instruction = (u128, ProgramId, u32, Option<PdaSeed>);
/// It permutes the order of the input accounts on the subsequent call
/// The `ProgramId` in the instruction must be the program_id of the authenticated transfers program
fn main() {
let ProgramInput {
pre_states,
let (
ProgramInput {
pre_states,
instruction: (balance, auth_transfer_id, num_chain_calls, pda_seed),
} = read_nssa_inputs::<Instruction>();
},
instruction_words
) = read_nssa_inputs::<Instruction>();
let [recipient_pre, sender_pre] = match pre_states.try_into() {
Ok(array) => array,
@ -44,6 +47,7 @@ fn main() {
}
write_nssa_outputs_with_chained_call(
instruction_words,
vec![sender_pre.clone(), recipient_pre.clone()],
vec![
AccountPostState::new(sender_pre.account),

13
nssa/test_program_methods/guest/src/bin/claimer.rs
View File

@ -3,10 +3,13 @@ use nssa_core::program::{AccountPostState, ProgramInput, read_nssa_inputs, write
type Instruction = ();
fn main() {
let ProgramInput {
pre_states,
instruction: _,
} = read_nssa_inputs::<Instruction>();
let (
ProgramInput {
pre_states,
instruction: _,
},
instruction_words,
) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -15,5 +18,5 @@ fn main() {
let account_post = AccountPostState::new_claimed(pre.account.clone());
write_nssa_outputs(vec![pre], vec![account_post]);
write_nssa_outputs(instruction_words, vec![pre], vec![account_post]);
}

8
nssa/test_program_methods/guest/src/bin/data_changer.rs
View File

@ -4,7 +4,7 @@ type Instruction = Vec<u8>;
/// A program that modifies the account data by setting bytes sent in instruction.
fn main() {
let ProgramInput { pre_states, instruction: data } = read_nssa_inputs::<Instruction>();
let (ProgramInput { pre_states, instruction: data }, instruction_words) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -15,5 +15,9 @@ fn main() {
let mut account_post = account_pre.clone();
account_post.data = data.try_into().expect("provided data should fit into data limit");
write_nssa_outputs(vec![pre], vec![AccountPostState::new_claimed(account_post)]);
write_nssa_outputs(
instruction_words,
vec![pre],
vec![AccountPostState::new_claimed(account_post)],
);
}

3
nssa/test_program_methods/guest/src/bin/extra_output.rs
View File

@ -6,7 +6,7 @@ use nssa_core::{
type Instruction = ();
fn main() {
let ProgramInput { pre_states, .. } = read_nssa_inputs::<Instruction>();
let (ProgramInput { pre_states, .. }, instruction_words) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -16,6 +16,7 @@ fn main() {
let account_pre = pre.account.clone();
write_nssa_outputs(
instruction_words,
vec![pre],
vec![
AccountPostState::new(account_pre),

4
nssa/test_program_methods/guest/src/bin/minter.rs
View File

@ -3,7 +3,7 @@ use nssa_core::program::{read_nssa_inputs, write_nssa_outputs, AccountPostState,
type Instruction = ();
fn main() {
let ProgramInput { pre_states, .. } = read_nssa_inputs::<Instruction>();
let (ProgramInput { pre_states, .. }, instruction_words) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -14,5 +14,5 @@ fn main() {
let mut account_post = account_pre.clone();
account_post.balance += 1;
write_nssa_outputs(vec![pre], vec![AccountPostState::new(account_post)]);
write_nssa_outputs(instruction_words, vec![pre], vec![AccountPostState::new(account_post)]);
}

8
nssa/test_program_methods/guest/src/bin/missing_output.rs
View File

@ -3,7 +3,7 @@ use nssa_core::program::{AccountPostState, ProgramInput, read_nssa_inputs, write
type Instruction = ();
fn main() {
let ProgramInput { pre_states, .. } = read_nssa_inputs::<Instruction>();
let (ProgramInput { pre_states, .. }, instruction_words) = read_nssa_inputs::<Instruction>();
let [pre1, pre2] = match pre_states.try_into() {
Ok(array) => array,
@ -12,5 +12,9 @@ fn main() {
let account_pre1 = pre1.account.clone();
write_nssa_outputs(vec![pre1, pre2], vec![AccountPostState::new(account_pre1)]);
write_nssa_outputs(
instruction_words,
vec![pre1, pre2],
vec![AccountPostState::new(account_pre1)],
);
}

52
nssa/program_methods/guest/src/bin/modified_transfer.rs → nssa/test_program_methods/guest/src/bin/modified_transfer.rs
View File

@ -5,32 +5,32 @@ use nssa_core::{
/// Initializes a default account under the ownership of this program.
/// This is achieved by a noop.
fn initialize_account(pre_state: AccountWithMetadata) {
fn initialize_account(pre_state: AccountWithMetadata) -> AccountPostState {
let account_to_claim = pre_state.account.clone();
let is_authorized = pre_state.is_authorized;
// Continue only if the account to claim has default values
if account_to_claim != Account::default() {
return;
panic!("Account is already initialized");
}
// Continue only if the owner authorized this operation
if !is_authorized {
return;
panic!("Missing required authorization");
}
// Noop will result in account being claimed for this program
write_nssa_outputs(
vec![pre_state],
vec![AccountPostState::new(account_to_claim)],
);
AccountPostState::new(account_to_claim)
}
/// Transfers `balance_to_move` native balance from `sender` to `recipient`.
fn transfer(sender: AccountWithMetadata, recipient: AccountWithMetadata, balance_to_move: u128) {
fn transfer(
sender: AccountWithMetadata,
recipient: AccountWithMetadata,
balance_to_move: u128,
) -> Vec<AccountPostState> {
// Continue only if the sender has authorized this operation
if !sender.is_authorized {
return;
panic!("Missing required authorization");
}
// This segment is a safe protection from authenticated transfer program
@ -50,29 +50,33 @@ fn transfer(sender: AccountWithMetadata, recipient: AccountWithMetadata, balance
sender_post.balance -= balance_to_move + malicious_offset;
recipient_post.balance += balance_to_move + malicious_offset;
write_nssa_outputs(
vec![sender, recipient],
vec![
AccountPostState::new(sender_post),
AccountPostState::new(recipient_post),
],
);
vec![
AccountPostState::new(sender_post),
AccountPostState::new(recipient_post),
]
}
/// A transfer of balance program.
/// To be used both in public and private contexts.
fn main() {
// Read input accounts.
let ProgramInput {
pre_states,
instruction: balance_to_move,
} = read_nssa_inputs();
let (
ProgramInput {
pre_states,
instruction: balance_to_move,
},
instruction_data,
) = read_nssa_inputs();
match (pre_states.as_slice(), balance_to_move) {
([account_to_claim], 0) => initialize_account(account_to_claim.clone()),
let post_states = match (pre_states.as_slice(), balance_to_move) {
([account_to_claim], 0) => {
let post = initialize_account(account_to_claim.clone());
vec![post]
}
([sender, recipient], balance_to_move) => {
transfer(sender.clone(), recipient.clone(), balance_to_move)
}
_ => panic!("invalid params"),
}
};
write_nssa_outputs(instruction_data, pre_states, post_states);
}

4
nssa/test_program_methods/guest/src/bin/nonce_changer.rs
View File

@ -3,7 +3,7 @@ use nssa_core::program::{read_nssa_inputs, write_nssa_outputs, AccountPostState,
type Instruction = ();
fn main() {
let ProgramInput { pre_states, .. } = read_nssa_inputs::<Instruction>();
let (ProgramInput { pre_states, .. } , instruction_words) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -14,5 +14,5 @@ fn main() {
let mut account_post = account_pre.clone();
account_post.nonce += 1;
write_nssa_outputs(vec![pre], vec![AccountPostState::new(account_post)]);
write_nssa_outputs(instruction_words ,vec![pre], vec![AccountPostState::new(account_post)]);
}

4
nssa/test_program_methods/guest/src/bin/program_owner_changer.rs
View File

@ -3,7 +3,7 @@ use nssa_core::program::{read_nssa_inputs, write_nssa_outputs, AccountPostState,
type Instruction = ();
fn main() {
let ProgramInput { pre_states, .. } = read_nssa_inputs::<Instruction>();
let (ProgramInput { pre_states, .. }, instruction_words) = read_nssa_inputs::<Instruction>();
let [pre] = match pre_states.try_into() {
Ok(array) => array,
@ -14,5 +14,5 @@ fn main() {
let mut account_post = account_pre.clone();
account_post.program_owner = [0, 1, 2, 3, 4, 5, 6, 7];
write_nssa_outputs(vec![pre], vec![AccountPostState::new(account_post)]);
write_nssa_outputs(instruction_words, vec![pre], vec![AccountPostState::new(account_post)]);
}

12
nssa/test_program_methods/guest/src/bin/simple_balance_transfer.rs
View File

@ -3,10 +3,13 @@ use nssa_core::program::{AccountPostState, ProgramInput, read_nssa_inputs, write
type Instruction = u128;
fn main() {
let ProgramInput {
pre_states,
instruction: balance,
} = read_nssa_inputs::<Instruction>();
let (
ProgramInput {
pre_states,
instruction: balance,
},
instruction_words,
) = read_nssa_inputs::<Instruction>();
let [sender_pre, receiver_pre] = match pre_states.try_into() {
Ok(array) => array,
@ -19,6 +22,7 @@ fn main() {
receiver_post.balance += balance;
write_nssa_outputs(
instruction_words,
vec![sender_pre, receiver_pre],
vec![
AccountPostState::new(sender_post),

1
wallet/Cargo.toml
View File

@ -23,6 +23,7 @@ itertools.workspace = true
sha2.workspace = true
futures.workspace = true
async-stream = "0.3.6"
indicatif = { version = "0.18.3", features = ["improved_unicode"] }
[dependencies.key_protocol]
path = "../key_protocol"

3
wallet/src/chain_storage.rs
View File

@ -8,6 +8,7 @@ use key_protocol::{
},
key_protocol_core::NSSAUserData,
};
use log::debug;
use nssa::program::Program;
use crate::config::{InitialAccountData, PersistentAccountData, WalletConfig};
@ -127,7 +128,7 @@ impl WalletChainStore {
account_id: nssa::AccountId,
account: nssa_core::account::Account,
) {
println!("inserting at address {account_id}, this account {account:?}");
debug!("inserting at address {account_id}, this account {account:?}");
let entry = self
.user_data

14
wallet/src/cli/account.rs
View File

@ -96,13 +96,13 @@ pub enum NewSubcommand {
Public {
#[arg(long)]
/// Chain index of a parent node
cci: ChainIndex,
cci: Option<ChainIndex>,
},
/// Register new private account
Private {
#[arg(long)]
/// Chain index of a parent node
cci: ChainIndex,
cci: Option<ChainIndex>,
},
}
@ -113,9 +113,11 @@ impl WalletSubcommand for NewSubcommand {
) -> Result<SubcommandReturnValue> {
match self {
NewSubcommand::Public { cci } => {
let account_id = wallet_core.create_new_account_public(cci);
let (account_id, chain_index) = wallet_core.create_new_account_public(cci);
println!("Generated new account with account_id Public/{account_id}");
println!(
"Generated new account with account_id Public/{account_id} at path {chain_index}"
);
let path = wallet_core.store_persistent_data().await?;
@ -124,7 +126,7 @@ impl WalletSubcommand for NewSubcommand {
Ok(SubcommandReturnValue::RegisterAccount { account_id })
}
NewSubcommand::Private { cci } => {
let account_id = wallet_core.create_new_account_private(cci);
let (account_id, chain_index) = wallet_core.create_new_account_private(cci);
let (key, _) = wallet_core
.storage
@ -133,7 +135,7 @@ impl WalletSubcommand for NewSubcommand {
.unwrap();
println!(
"Generated new account with account_id Private/{}",
"Generated new account with account_id Private/{} at path {chain_index}",
account_id.to_bytes().to_base58()
);
println!("With npk {}", hex::encode(key.nullifer_public_key.0));

9
wallet/src/cli/config.rs
View File

@ -9,10 +9,6 @@ use crate::{
/// Represents generic config CLI subcommand
#[derive(Subcommand, Debug, Clone)]
pub enum ConfigSubcommand {
/// Command to explicitly setup config and storage
///
/// Does nothing in case if both already present
Setup {},
/// Getter of config fields
Get { key: String },
/// Setter of config fields
@ -27,11 +23,6 @@ impl WalletSubcommand for ConfigSubcommand {
wallet_core: &mut WalletCore,
) -> Result<SubcommandReturnValue> {
match self {
ConfigSubcommand::Setup {} => {
let path = wallet_core.store_persistent_data().await?;
println!("Stored persistent accounts at {path:#?}");
}
ConfigSubcommand::Get { key } => match key.as_str() {
"all" => {
let config_str =

134
wallet/src/cli/mod.rs
View File

@ -1,6 +1,8 @@
use anyhow::Result;
use std::{io::Write, path::PathBuf};
use anyhow::{Context, Result};
use clap::{Parser, Subcommand};
use nssa::program::Program;
use nssa::{ProgramDeploymentTransaction, program::Program};
use crate::{
WalletCore,
@ -13,7 +15,7 @@ use crate::{
token::TokenProgramAgnosticSubcommand,
},
},
helperfunctions::{fetch_config, merge_auth_config},
helperfunctions::{fetch_config, fetch_persistent_storage, merge_auth_config},
};
pub mod account;
@ -51,20 +53,16 @@ pub enum Command {
/// Command to setup config, get and set config fields
#[command(subcommand)]
Config(ConfigSubcommand),
}
/// Represents overarching CLI command for a wallet with setup included
#[derive(Debug, Subcommand, Clone)]
#[clap(about)]
pub enum OverCommand {
/// Represents CLI command for a wallet
#[command(subcommand)]
Command(Command),
/// Setup of a storage. Initializes rots for public and private trees from `password`.
Setup {
/// Restoring keys from given password at given `depth`
///
/// !!!WARNING!!! will rewrite current storage
RestoreKeys {
#[arg(short, long)]
password: String,
/// Indicates, how deep in tree accounts may be. Affects command complexity.
depth: u32,
},
/// Deploy a program
DeployProgram { binary_filepath: PathBuf },
}
/// To execute commands, env var NSSA_WALLET_HOME_DIR must be set into directory with config
@ -84,7 +82,7 @@ pub struct Args {
pub auth: Option<String>,
/// Wallet command
#[command(subcommand)]
pub command: Option<OverCommand>,
pub command: Option<Command>,
}
#[derive(Debug, Clone)]
@ -104,8 +102,15 @@ pub async fn execute_subcommand_with_auth(
command: Command,
auth: Option<String>,
) -> Result<SubcommandReturnValue> {
if fetch_persistent_storage().await.is_err() {
println!("Persistent storage not found, need to execute setup");
let password = read_password_from_stdin()?;
execute_setup_with_auth(password, auth.clone()).await?;
}
let wallet_config = fetch_config().await?;
let wallet_config = merge_auth_config(wallet_config, auth)?;
let wallet_config = merge_auth_config(wallet_config, auth.clone())?;
let mut wallet_core = WalletCore::start_from_config_update_chain(wallet_config).await?;
let subcommand_ret = match command {
@ -165,6 +170,27 @@ pub async fn execute_subcommand_with_auth(
.handle_subcommand(&mut wallet_core)
.await?
}
Command::RestoreKeys { depth } => {
let password = read_password_from_stdin()?;
execute_keys_restoration_with_auth(password, depth, auth).await?;
SubcommandReturnValue::Empty
}
Command::DeployProgram { binary_filepath } => {
let bytecode: Vec<u8> = std::fs::read(&binary_filepath).context(format!(
"Failed to read program binary at {}",
binary_filepath.display()
))?;
let message = nssa::program_deployment_transaction::Message::new(bytecode);
let transaction = ProgramDeploymentTransaction::new(message);
let _response = wallet_core
.sequencer_client
.send_tx_program(transaction)
.await
.context("Transaction submission error");
SubcommandReturnValue::Empty
}
};
Ok(subcommand_ret)
@ -193,6 +219,16 @@ pub async fn execute_continuous_run_with_auth(auth: Option<String>) -> Result<()
}
}
pub fn read_password_from_stdin() -> Result<String> {
let mut password = String::new();
print!("Input password: ");
std::io::stdout().flush()?;
std::io::stdin().read_line(&mut password)?;
Ok(password.trim().to_string())
}
pub async fn execute_setup(password: String) -> Result<()> {
execute_setup_with_auth(password, None).await
}
@ -206,3 +242,67 @@ pub async fn execute_setup_with_auth(password: String, auth: Option<String>) ->
Ok(())
}
pub async fn execute_keys_restoration(password: String, depth: u32) -> Result<()> {
execute_keys_restoration_with_auth(password, depth, None).await
}
pub async fn execute_keys_restoration_with_auth(
password: String,
depth: u32,
auth: Option<String>,
) -> Result<()> {
let config = fetch_config().await?;
let config = merge_auth_config(config, auth)?;
let mut wallet_core =
WalletCore::start_from_config_new_storage(config.clone(), password.clone()).await?;
wallet_core
.storage
.user_data
.public_key_tree
.generate_tree_for_depth(depth);
println!("Public tree generated");
wallet_core
.storage
.user_data
.private_key_tree
.generate_tree_for_depth(depth);
println!("Private tree generated");
wallet_core
.storage
.user_data
.public_key_tree
.cleanup_tree_remove_uninit_layered(depth, wallet_core.sequencer_client.clone())
.await?;
println!("Public tree cleaned up");
let last_block = wallet_core
.sequencer_client
.get_last_block()
.await?
.last_block;
println!("Last block is {last_block}");
wallet_core.sync_to_block(last_block).await?;
println!("Private tree clean up start");
wallet_core
.storage
.user_data
.private_key_tree
.cleanup_tree_remove_uninit_layered(depth);
println!("Private tree cleaned up");
wallet_core.store_persistent_data().await?;
Ok(())
}

368
wallet/src/cli/programs/token.rs
View File

@ -14,8 +14,6 @@ use crate::{
#[derive(Subcommand, Debug, Clone)]
pub enum TokenProgramAgnosticSubcommand {
/// Produce a new token
///
/// Currently the only supported privacy options is for public definition
New {
/// definition_account_id - valid 32 byte base58 string with privacy prefix
#[arg(long)]
@ -72,8 +70,8 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
let underlying_subcommand = match (definition_addr_privacy, supply_addr_privacy) {
(AccountPrivacyKind::Public, AccountPrivacyKind::Public) => {
TokenProgramSubcommand::Public(
TokenProgramSubcommandPublic::CreateNewToken {
TokenProgramSubcommand::Create(
CreateNewTokenProgramSubcommand::NewPublicDefPublicSupp {
definition_account_id,
supply_account_id,
name,
@ -82,8 +80,8 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
)
}
(AccountPrivacyKind::Public, AccountPrivacyKind::Private) => {
TokenProgramSubcommand::Private(
TokenProgramSubcommandPrivate::CreateNewTokenPrivateOwned {
TokenProgramSubcommand::Create(
CreateNewTokenProgramSubcommand::NewPublicDefPrivateSupp {
definition_account_id,
supply_account_id,
name,
@ -92,14 +90,24 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
)
}
(AccountPrivacyKind::Private, AccountPrivacyKind::Private) => {
// ToDo: maybe implement this one. It is not immediately clear why
// definition should be private.
anyhow::bail!("Unavailable privacy pairing")
TokenProgramSubcommand::Create(
CreateNewTokenProgramSubcommand::NewPrivateDefPrivateSupp {
definition_account_id,
supply_account_id,
name,
total_supply,
},
)
}
(AccountPrivacyKind::Private, AccountPrivacyKind::Public) => {
// ToDo: Probably valid. If definition is not public, but supply is it is
// very suspicious.
anyhow::bail!("Unavailable privacy pairing")
TokenProgramSubcommand::Create(
CreateNewTokenProgramSubcommand::NewPrivateDefPublicSupp {
definition_account_id,
supply_account_id,
name,
total_supply,
},
)
}
};
@ -202,6 +210,9 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
/// Represents generic CLI subcommand for a wallet working with token_program
#[derive(Subcommand, Debug, Clone)]
pub enum TokenProgramSubcommand {
/// Creation of new token
#[command(subcommand)]
Create(CreateNewTokenProgramSubcommand),
/// Public execution
#[command(subcommand)]
Public(TokenProgramSubcommandPublic),
@ -219,17 +230,6 @@ pub enum TokenProgramSubcommand {
/// Represents generic public CLI subcommand for a wallet working with token_program
#[derive(Subcommand, Debug, Clone)]
pub enum TokenProgramSubcommandPublic {
// Create a new token using the token program
CreateNewToken {
#[arg(short, long)]
definition_account_id: String,
#[arg(short, long)]
supply_account_id: String,
#[arg(short, long)]
name: String,
#[arg(short, long)]
total_supply: u128,
},
// Transfer tokens using the token program
TransferToken {
#[arg(short, long)]
@ -244,17 +244,6 @@ pub enum TokenProgramSubcommandPublic {
/// Represents generic private CLI subcommand for a wallet working with token_program
#[derive(Subcommand, Debug, Clone)]
pub enum TokenProgramSubcommandPrivate {
// Create a new token using the token program
CreateNewTokenPrivateOwned {
#[arg(short, long)]
definition_account_id: String,
#[arg(short, long)]
supply_account_id: String,
#[arg(short, long)]
name: String,
#[arg(short, long)]
total_supply: u128,
},
// Transfer tokens using the token program
TransferTokenPrivateOwned {
#[arg(short, long)]
@ -320,35 +309,69 @@ pub enum TokenProgramSubcommandShielded {
},
}
/// Represents generic initialization subcommand for a wallet working with token_program
#[derive(Subcommand, Debug, Clone)]
pub enum CreateNewTokenProgramSubcommand {
/// Create a new token using the token program
///
/// Definition - public, supply - public
NewPublicDefPublicSupp {
#[arg(short, long)]
definition_account_id: String,
#[arg(short, long)]
supply_account_id: String,
#[arg(short, long)]
name: String,
#[arg(short, long)]
total_supply: u128,
},
/// Create a new token using the token program
///
/// Definition - public, supply - private
NewPublicDefPrivateSupp {
#[arg(short, long)]
definition_account_id: String,
#[arg(short, long)]
supply_account_id: String,
#[arg(short, long)]
name: String,
#[arg(short, long)]
total_supply: u128,
},
/// Create a new token using the token program
///
/// Definition - private, supply - public
NewPrivateDefPublicSupp {
#[arg(short, long)]
definition_account_id: String,
#[arg(short, long)]
supply_account_id: String,
#[arg(short, long)]
name: String,
#[arg(short, long)]
total_supply: u128,
},
/// Create a new token using the token program
///
/// Definition - private, supply - private
NewPrivateDefPrivateSupp {
#[arg(short, long)]
definition_account_id: String,
#[arg(short, long)]
supply_account_id: String,
#[arg(short, long)]
name: String,
#[arg(short, long)]
total_supply: u128,
},
}
impl WalletSubcommand for TokenProgramSubcommandPublic {
async fn handle_subcommand(
self,
wallet_core: &mut WalletCore,
) -> Result<SubcommandReturnValue> {
match self {
TokenProgramSubcommandPublic::CreateNewToken {
definition_account_id,
supply_account_id,
name,
total_supply,
} => {
let name = name.as_bytes();
if name.len() > 6 {
// TODO: return error
panic!();
}
let mut name_bytes = [0; 6];
name_bytes[..name.len()].copy_from_slice(name);
Token(wallet_core)
.send_new_definition(
definition_account_id.parse().unwrap(),
supply_account_id.parse().unwrap(),
name_bytes,
total_supply,
)
.await?;
Ok(SubcommandReturnValue::Empty)
}
TokenProgramSubcommandPublic::TransferToken {
sender_account_id,
recipient_account_id,
@ -373,54 +396,6 @@ impl WalletSubcommand for TokenProgramSubcommandPrivate {
wallet_core: &mut WalletCore,
) -> Result<SubcommandReturnValue> {
match self {
TokenProgramSubcommandPrivate::CreateNewTokenPrivateOwned {
definition_account_id,
supply_account_id,
name,
total_supply,
} => {
let name = name.as_bytes();
if name.len() > 6 {
// TODO: return error
panic!("Name length mismatch");
}
let mut name_bytes = [0; 6];
name_bytes[..name.len()].copy_from_slice(name);
let definition_account_id: AccountId = definition_account_id.parse().unwrap();
let supply_account_id: AccountId = supply_account_id.parse().unwrap();
let (res, secret_supply) = Token(wallet_core)
.send_new_definition_private_owned(
definition_account_id,
supply_account_id,
name_bytes,
total_supply,
)
.await?;
println!("Results of tx send are {res:#?}");
let tx_hash = res.tx_hash;
let transfer_tx = wallet_core
.poll_native_token_transfer(tx_hash.clone())
.await?;
if let NSSATransaction::PrivacyPreserving(tx) = transfer_tx {
let acc_decode_data = vec![(secret_supply, supply_account_id)];
wallet_core.decode_insert_privacy_preserving_transaction_results(
tx,
&acc_decode_data,
)?;
}
let path = wallet_core.store_persistent_data().await?;
println!("Stored persistent accounts at {path:#?}");
Ok(SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash })
}
TokenProgramSubcommandPrivate::TransferTokenPrivateOwned {
sender_account_id,
recipient_account_id,
@ -657,12 +632,195 @@ impl WalletSubcommand for TokenProgramSubcommandShielded {
}
}
impl WalletSubcommand for CreateNewTokenProgramSubcommand {
async fn handle_subcommand(
self,
wallet_core: &mut WalletCore,
) -> Result<SubcommandReturnValue> {
match self {
CreateNewTokenProgramSubcommand::NewPrivateDefPrivateSupp {
definition_account_id,
supply_account_id,
name,
total_supply,
} => {
let name = name.as_bytes();
if name.len() > 6 {
// TODO: return error
panic!("Name length mismatch");
}
let mut name_bytes = [0; 6];
name_bytes[..name.len()].copy_from_slice(name);
let definition_account_id: AccountId = definition_account_id.parse().unwrap();
let supply_account_id: AccountId = supply_account_id.parse().unwrap();
let (res, [secret_definition, secret_supply]) = Token(wallet_core)
.send_new_definition_private_owned_definiton_and_supply(
definition_account_id,
supply_account_id,
name_bytes,
total_supply,
)
.await?;
println!("Results of tx send are {res:#?}");
let tx_hash = res.tx_hash;
let transfer_tx = wallet_core
.poll_native_token_transfer(tx_hash.clone())
.await?;
if let NSSATransaction::PrivacyPreserving(tx) = transfer_tx {
let acc_decode_data = vec![
(secret_definition, definition_account_id),
(secret_supply, supply_account_id),
];
wallet_core.decode_insert_privacy_preserving_transaction_results(
tx,
&acc_decode_data,
)?;
}
let path = wallet_core.store_persistent_data().await?;
println!("Stored persistent accounts at {path:#?}");
Ok(SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash })
}
CreateNewTokenProgramSubcommand::NewPrivateDefPublicSupp {
definition_account_id,
supply_account_id,
name,
total_supply,
} => {
let name = name.as_bytes();
if name.len() > 6 {
// TODO: return error
panic!("Name length mismatch");
}
let mut name_bytes = [0; 6];
name_bytes[..name.len()].copy_from_slice(name);
let definition_account_id: AccountId = definition_account_id.parse().unwrap();
let supply_account_id: AccountId = supply_account_id.parse().unwrap();
let (res, secret_definition) = Token(wallet_core)
.send_new_definition_private_owned_definiton(
definition_account_id,
supply_account_id,
name_bytes,
total_supply,
)
.await?;
println!("Results of tx send are {res:#?}");
let tx_hash = res.tx_hash;
let transfer_tx = wallet_core
.poll_native_token_transfer(tx_hash.clone())
.await?;
if let NSSATransaction::PrivacyPreserving(tx) = transfer_tx {
let acc_decode_data = vec![(secret_definition, definition_account_id)];
wallet_core.decode_insert_privacy_preserving_transaction_results(
tx,
&acc_decode_data,
)?;
}
let path = wallet_core.store_persistent_data().await?;
println!("Stored persistent accounts at {path:#?}");
Ok(SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash })
}
CreateNewTokenProgramSubcommand::NewPublicDefPrivateSupp {
definition_account_id,
supply_account_id,
name,
total_supply,
} => {
let name = name.as_bytes();
if name.len() > 6 {
// TODO: return error
panic!("Name length mismatch");
}
let mut name_bytes = [0; 6];
name_bytes[..name.len()].copy_from_slice(name);
let definition_account_id: AccountId = definition_account_id.parse().unwrap();
let supply_account_id: AccountId = supply_account_id.parse().unwrap();
let (res, secret_supply) = Token(wallet_core)
.send_new_definition_private_owned_supply(
definition_account_id,
supply_account_id,
name_bytes,
total_supply,
)
.await?;
println!("Results of tx send are {res:#?}");
let tx_hash = res.tx_hash;
let transfer_tx = wallet_core
.poll_native_token_transfer(tx_hash.clone())
.await?;
if let NSSATransaction::PrivacyPreserving(tx) = transfer_tx {
let acc_decode_data = vec![(secret_supply, supply_account_id)];
wallet_core.decode_insert_privacy_preserving_transaction_results(
tx,
&acc_decode_data,
)?;
}
let path = wallet_core.store_persistent_data().await?;
println!("Stored persistent accounts at {path:#?}");
Ok(SubcommandReturnValue::PrivacyPreservingTransfer { tx_hash })
}
CreateNewTokenProgramSubcommand::NewPublicDefPublicSupp {
definition_account_id,
supply_account_id,
name,
total_supply,
} => {
let name = name.as_bytes();
if name.len() > 6 {
// TODO: return error
panic!();
}
let mut name_bytes = [0; 6];
name_bytes[..name.len()].copy_from_slice(name);
Token(wallet_core)
.send_new_definition(
definition_account_id.parse().unwrap(),
supply_account_id.parse().unwrap(),
name_bytes,
total_supply,
)
.await?;
Ok(SubcommandReturnValue::Empty)
}
}
}
}
impl WalletSubcommand for TokenProgramSubcommand {
async fn handle_subcommand(
self,
wallet_core: &mut WalletCore,
) -> Result<SubcommandReturnValue> {
match self {
TokenProgramSubcommand::Create(creation_subcommand) => {
creation_subcommand.handle_subcommand(wallet_core).await
}
TokenProgramSubcommand::Private(private_subcommand) => {
private_subcommand.handle_subcommand(wallet_core).await
}

19
wallet/src/lib.rs
View File

@ -126,13 +126,19 @@ impl WalletCore {
Ok(config_path)
}
pub fn create_new_account_public(&mut self, chain_index: ChainIndex) -> AccountId {
pub fn create_new_account_public(
&mut self,
chain_index: Option<ChainIndex>,
) -> (AccountId, ChainIndex) {
self.storage
.user_data
.generate_new_public_transaction_private_key(chain_index)
}
pub fn create_new_account_private(&mut self, chain_index: ChainIndex) -> AccountId {
pub fn create_new_account_private(
&mut self,
chain_index: Option<ChainIndex>,
) -> (AccountId, ChainIndex) {
self.storage
.user_data
.generate_new_privacy_preserving_transaction_key_chain(chain_index)
@ -277,7 +283,7 @@ impl WalletCore {
.map(|keys| (keys.npk.clone(), keys.ssk.clone()))
.collect::<Vec<_>>(),
&acc_manager.private_account_auth(),
program,
&program.to_owned().into(),
)
.unwrap();
@ -320,11 +326,14 @@ impl WalletCore {
}
let before_polling = std::time::Instant::now();
let num_of_blocks = block_id - self.last_synced_block;
println!("Syncing to block {block_id}. Blocks to sync: {num_of_blocks}");
let poller = self.poller.clone();
let mut blocks =
std::pin::pin!(poller.poll_block_range(self.last_synced_block + 1..=block_id));
let bar = indicatif::ProgressBar::new(num_of_blocks);
while let Some(block) = blocks.try_next().await? {
for tx in block.transactions {
let nssa_tx = NSSATransaction::try_from(&tx)?;
@ -333,7 +342,9 @@ impl WalletCore {
self.last_synced_block = block.block_id;
self.store_persistent_data().await?;
bar.inc(1);
}
bar.finish();
println!(
"Synced to block {block_id} in {:?}",
@ -393,7 +404,7 @@ impl WalletCore {
.collect::<Vec<_>>();
for (affected_account_id, new_acc) in affected_accounts {
println!(
info!(
"Received new account for account_id {affected_account_id:#?} with account object {new_acc:#?}"
);
self.storage

18
wallet/src/main.rs
View File

@ -1,10 +1,7 @@
use anyhow::Result;
use clap::{CommandFactory as _, Parser as _};
use tokio::runtime::Builder;
use wallet::cli::{
Args, OverCommand, execute_continuous_run_with_auth, execute_setup_with_auth,
execute_subcommand_with_auth,
};
use wallet::cli::{Args, execute_continuous_run_with_auth, execute_subcommand_with_auth};
pub const NUM_THREADS: usize = 2;
@ -25,16 +22,9 @@ fn main() -> Result<()> {
env_logger::init();
runtime.block_on(async move {
if let Some(over_command) = args.command {
match over_command {
OverCommand::Command(command) => {
let _output = execute_subcommand_with_auth(command, args.auth).await?;
Ok(())
}
OverCommand::Setup { password } => {
execute_setup_with_auth(password, args.auth).await
}
}
if let Some(command) = args.command {
let _output = execute_subcommand_with_auth(command, args.auth).await?;
Ok(())
} else if args.continuous_run {
execute_continuous_run_with_auth(args.auth).await
} else {

161
wallet/src/pinata_interactions.rs Normal file
View File

@ -0,0 +1,161 @@
use common::{error::ExecutionFailureKind, sequencer_client::json::SendTxResponse};
use key_protocol::key_management::ephemeral_key_holder::EphemeralKeyHolder;
use nssa::{AccountId, privacy_preserving_transaction::circuit};
use nssa_core::{MembershipProof, SharedSecretKey, account::AccountWithMetadata};
use crate::{
WalletCore, helperfunctions::produce_random_nonces, transaction_utils::AccountPreparedData,
};
impl WalletCore {
pub async fn claim_pinata(
&self,
pinata_account_id: AccountId,
winner_account_id: AccountId,
solution: u128,
) -> Result<SendTxResponse, ExecutionFailureKind> {
let account_ids = vec![pinata_account_id, winner_account_id];
let program_id = nssa::program::Program::pinata().id();
let message =
nssa::public_transaction::Message::try_new(program_id, account_ids, vec![], solution)
.unwrap();
let witness_set = nssa::public_transaction::WitnessSet::for_message(&message, &[]);
let tx = nssa::PublicTransaction::new(message, witness_set);
Ok(self.sequencer_client.send_tx_public(tx).await?)
}
pub async fn claim_pinata_private_owned_account_already_initialized(
&self,
pinata_account_id: AccountId,
winner_account_id: AccountId,
solution: u128,
winner_proof: MembershipProof,
) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: winner_nsk,
npk: winner_npk,
ipk: winner_ipk,
auth_acc: winner_pre,
proof: _,
} = self
.private_acc_preparation(winner_account_id, true, false)
.await?;
let pinata_acc = self.get_account_public(pinata_account_id).await.unwrap();
let program = nssa::program::Program::pinata();
let pinata_pre = AccountWithMetadata::new(pinata_acc.clone(), false, pinata_account_id);
let eph_holder_winner = EphemeralKeyHolder::new(&winner_npk);
let shared_secret_winner = eph_holder_winner.calculate_shared_secret_sender(&winner_ipk);
let (output, proof) = circuit::execute_and_prove(
&[pinata_pre, winner_pre],
&nssa::program::Program::serialize_instruction(solution).unwrap(),
&[0, 1],
&produce_random_nonces(1),
&[(winner_npk.clone(), shared_secret_winner.clone())],
&[(winner_nsk.unwrap(), winner_proof)],
&program.into(),
)
.unwrap();
let message =
nssa::privacy_preserving_transaction::message::Message::try_from_circuit_output(
vec![pinata_account_id],
vec![],
vec![(
winner_npk.clone(),
winner_ipk.clone(),
eph_holder_winner.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let witness_set =
nssa::privacy_preserving_transaction::witness_set::WitnessSet::for_message(
&message,
proof,
&[],
);
let tx = nssa::privacy_preserving_transaction::PrivacyPreservingTransaction::new(
message,
witness_set,
);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret_winner],
))
}
pub async fn claim_pinata_private_owned_account_not_initialized(
&self,
pinata_account_id: AccountId,
winner_account_id: AccountId,
solution: u128,
) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: _,
npk: winner_npk,
ipk: winner_ipk,
auth_acc: winner_pre,
proof: _,
} = self
.private_acc_preparation(winner_account_id, false, false)
.await?;
let pinata_acc = self.get_account_public(pinata_account_id).await.unwrap();
let program = nssa::program::Program::pinata();
let pinata_pre = AccountWithMetadata::new(pinata_acc.clone(), false, pinata_account_id);
let eph_holder_winner = EphemeralKeyHolder::new(&winner_npk);
let shared_secret_winner = eph_holder_winner.calculate_shared_secret_sender(&winner_ipk);
let (output, proof) = circuit::execute_and_prove(
&[pinata_pre, winner_pre],
&nssa::program::Program::serialize_instruction(solution).unwrap(),
&[0, 2],
&produce_random_nonces(1),
&[(winner_npk.clone(), shared_secret_winner.clone())],
&[],
&program.into(),
)
.unwrap();
let message =
nssa::privacy_preserving_transaction::message::Message::try_from_circuit_output(
vec![pinata_account_id],
vec![],
vec![(
winner_npk.clone(),
winner_ipk.clone(),
eph_holder_winner.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let witness_set =
nssa::privacy_preserving_transaction::witness_set::WitnessSet::for_message(
&message,
proof,
&[],
);
let tx = nssa::privacy_preserving_transaction::PrivacyPreservingTransaction::new(
message,
witness_set,
);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret_winner],
))
}
}

59
wallet/src/program_facades/token.rs
View File

@ -38,7 +38,7 @@ impl Token<'_> {
Ok(self.0.sequencer_client.send_tx_public(tx).await?)
}
pub async fn send_new_definition_private_owned(
pub async fn send_new_definition_private_owned_supply(
&self,
definition_account_id: AccountId,
supply_account_id: AccountId,
@ -61,11 +61,66 @@ impl Token<'_> {
let first = secrets
.into_iter()
.next()
.expect("expected recipient's secret");
.expect("expected supply's secret");
(resp, first)
})
}
pub async fn send_new_definition_private_owned_definiton(
&self,
definition_account_id: AccountId,
supply_account_id: AccountId,
name: [u8; 6],
total_supply: u128,
) -> Result<(SendTxResponse, SharedSecretKey), ExecutionFailureKind> {
let (instruction_data, program) = token_program_preparation_definition(name, total_supply);
self.0
.send_privacy_preserving_tx(
vec![
PrivacyPreservingAccount::PrivateOwned(definition_account_id),
PrivacyPreservingAccount::Public(supply_account_id),
],
&instruction_data,
&program,
)
.await
.map(|(resp, secrets)| {
let first = secrets
.into_iter()
.next()
.expect("expected definition's secret");
(resp, first)
})
}
pub async fn send_new_definition_private_owned_definiton_and_supply(
&self,
definition_account_id: AccountId,
supply_account_id: AccountId,
name: [u8; 6],
total_supply: u128,
) -> Result<(SendTxResponse, [SharedSecretKey; 2]), ExecutionFailureKind> {
let (instruction_data, program) = token_program_preparation_definition(name, total_supply);
self.0
.send_privacy_preserving_tx(
vec![
PrivacyPreservingAccount::PrivateOwned(definition_account_id),
PrivacyPreservingAccount::PrivateOwned(supply_account_id),
],
&instruction_data,
&program,
)
.await
.map(|(resp, secrets)| {
let mut iter = secrets.into_iter();
let first = iter.next().expect("expected definition's secret");
let second = iter.next().expect("expected supply's secret");
(resp, [first, second])
})
}
pub async fn send_transfer_transaction(
&self,
sender_account_id: AccountId,

592
wallet/src/transaction_utils.rs Normal file
View File

@ -0,0 +1,592 @@
use common::{error::ExecutionFailureKind, sequencer_client::json::SendTxResponse};
use key_protocol::key_management::ephemeral_key_holder::EphemeralKeyHolder;
use nssa::{
Account, AccountId, PrivacyPreservingTransaction,
privacy_preserving_transaction::{circuit, message::Message, witness_set::WitnessSet},
program::Program,
};
use nssa_core::{
Commitment, MembershipProof, NullifierPublicKey, NullifierSecretKey, SharedSecretKey,
account::AccountWithMetadata, encryption::IncomingViewingPublicKey, program::InstructionData,
};
use crate::{WalletCore, helperfunctions::produce_random_nonces};
pub(crate) struct AccountPreparedData {
pub nsk: Option<NullifierSecretKey>,
pub npk: NullifierPublicKey,
pub ipk: IncomingViewingPublicKey,
pub auth_acc: AccountWithMetadata,
pub proof: Option<MembershipProof>,
}
impl WalletCore {
pub(crate) async fn private_acc_preparation(
&self,
account_id: AccountId,
is_authorized: bool,
needs_proof: bool,
) -> Result<AccountPreparedData, ExecutionFailureKind> {
let Some((from_keys, from_acc)) = self
.storage
.user_data
.get_private_account(&account_id)
.cloned()
else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let mut nsk = None;
let mut proof = None;
let from_npk = from_keys.nullifer_public_key;
let from_ipk = from_keys.incoming_viewing_public_key;
let sender_commitment = Commitment::new(&from_npk, &from_acc);
let sender_pre = AccountWithMetadata::new(from_acc.clone(), is_authorized, &from_npk);
if is_authorized {
nsk = Some(from_keys.private_key_holder.nullifier_secret_key);
}
if needs_proof {
proof = self
.sequencer_client
.get_proof_for_commitment(sender_commitment)
.await
.unwrap();
}
Ok(AccountPreparedData {
nsk,
npk: from_npk,
ipk: from_ipk,
auth_acc: sender_pre,
proof,
})
}
pub(crate) async fn private_tx_two_accs_all_init(
&self,
from: AccountId,
to: AccountId,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
to_proof: MembershipProof,
) -> Result<(SendTxResponse, [SharedSecretKey; 2]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: from_nsk,
npk: from_npk,
ipk: from_ipk,
auth_acc: sender_pre,
proof: from_proof,
} = self.private_acc_preparation(from, true, true).await?;
let AccountPreparedData {
nsk: to_nsk,
npk: to_npk,
ipk: to_ipk,
auth_acc: recipient_pre,
proof: _,
} = self.private_acc_preparation(to, true, false).await?;
tx_pre_check(&sender_pre.account, &recipient_pre.account)?;
let eph_holder_from = EphemeralKeyHolder::new(&from_npk);
let shared_secret_from = eph_holder_from.calculate_shared_secret_sender(&from_ipk);
let eph_holder_to = EphemeralKeyHolder::new(&to_npk);
let shared_secret_to = eph_holder_to.calculate_shared_secret_sender(&to_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[1, 1],
&produce_random_nonces(2),
&[
(from_npk.clone(), shared_secret_from.clone()),
(to_npk.clone(), shared_secret_to.clone()),
],
&[
(from_nsk.unwrap(), from_proof.unwrap()),
(to_nsk.unwrap(), to_proof),
],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![],
vec![],
vec![
(
from_npk.clone(),
from_ipk.clone(),
eph_holder_from.generate_ephemeral_public_key(),
),
(
to_npk.clone(),
to_ipk.clone(),
eph_holder_to.generate_ephemeral_public_key(),
),
],
output,
)
.unwrap();
let witness_set = WitnessSet::for_message(&message, proof, &[]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret_from, shared_secret_to],
))
}
pub(crate) async fn private_tx_two_accs_receiver_uninit(
&self,
from: AccountId,
to: AccountId,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
) -> Result<(SendTxResponse, [SharedSecretKey; 2]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: from_nsk,
npk: from_npk,
ipk: from_ipk,
auth_acc: sender_pre,
proof: from_proof,
} = self.private_acc_preparation(from, true, true).await?;
let AccountPreparedData {
nsk: _,
npk: to_npk,
ipk: to_ipk,
auth_acc: recipient_pre,
proof: _,
} = self.private_acc_preparation(to, false, false).await?;
tx_pre_check(&sender_pre.account, &recipient_pre.account)?;
let eph_holder_from = EphemeralKeyHolder::new(&from_npk);
let shared_secret_from = eph_holder_from.calculate_shared_secret_sender(&from_ipk);
let eph_holder_to = EphemeralKeyHolder::new(&to_npk);
let shared_secret_to = eph_holder_to.calculate_shared_secret_sender(&to_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[1, 2],
&produce_random_nonces(2),
&[
(from_npk.clone(), shared_secret_from.clone()),
(to_npk.clone(), shared_secret_to.clone()),
],
&[(from_nsk.unwrap(), from_proof.unwrap())],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![],
vec![],
vec![
(
from_npk.clone(),
from_ipk.clone(),
eph_holder_from.generate_ephemeral_public_key(),
),
(
to_npk.clone(),
to_ipk.clone(),
eph_holder_to.generate_ephemeral_public_key(),
),
],
output,
)
.unwrap();
let witness_set = WitnessSet::for_message(&message, proof, &[]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret_from, shared_secret_to],
))
}
pub(crate) async fn private_tx_two_accs_receiver_outer(
&self,
from: AccountId,
to_npk: NullifierPublicKey,
to_ipk: IncomingViewingPublicKey,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
) -> Result<(SendTxResponse, [SharedSecretKey; 2]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: from_nsk,
npk: from_npk,
ipk: from_ipk,
auth_acc: sender_pre,
proof: from_proof,
} = self.private_acc_preparation(from, true, true).await?;
let to_acc = nssa_core::account::Account::default();
tx_pre_check(&sender_pre.account, &to_acc)?;
let recipient_pre = AccountWithMetadata::new(to_acc.clone(), false, &to_npk);
let eph_holder = EphemeralKeyHolder::new(&to_npk);
let shared_secret_from = eph_holder.calculate_shared_secret_sender(&from_ipk);
let shared_secret_to = eph_holder.calculate_shared_secret_sender(&to_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[1, 2],
&produce_random_nonces(2),
&[
(from_npk.clone(), shared_secret_from.clone()),
(to_npk.clone(), shared_secret_to.clone()),
],
&[(from_nsk.unwrap(), from_proof.unwrap())],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![],
vec![],
vec![
(
from_npk.clone(),
from_ipk.clone(),
eph_holder.generate_ephemeral_public_key(),
),
(
to_npk.clone(),
to_ipk.clone(),
eph_holder.generate_ephemeral_public_key(),
),
],
output,
)
.unwrap();
let witness_set = WitnessSet::for_message(&message, proof, &[]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret_from, shared_secret_to],
))
}
pub(crate) async fn deshielded_tx_two_accs(
&self,
from: AccountId,
to: AccountId,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
) -> Result<(SendTxResponse, [nssa_core::SharedSecretKey; 1]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: from_nsk,
npk: from_npk,
ipk: from_ipk,
auth_acc: sender_pre,
proof: from_proof,
} = self.private_acc_preparation(from, true, true).await?;
let Ok(to_acc) = self.get_account_public(to).await else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
tx_pre_check(&sender_pre.account, &to_acc)?;
let recipient_pre = AccountWithMetadata::new(to_acc.clone(), false, to);
let eph_holder = EphemeralKeyHolder::new(&from_npk);
let shared_secret = eph_holder.calculate_shared_secret_sender(&from_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[1, 0],
&produce_random_nonces(1),
&[(from_npk.clone(), shared_secret.clone())],
&[(from_nsk.unwrap(), from_proof.unwrap())],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![to],
vec![],
vec![(
from_npk.clone(),
from_ipk.clone(),
eph_holder.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let witness_set = WitnessSet::for_message(&message, proof, &[]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret],
))
}
pub(crate) async fn shielded_two_accs_all_init(
&self,
from: AccountId,
to: AccountId,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
to_proof: MembershipProof,
) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> {
let Ok(from_acc) = self.get_account_public(from).await else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let AccountPreparedData {
nsk: to_nsk,
npk: to_npk,
ipk: to_ipk,
auth_acc: recipient_pre,
proof: _,
} = self.private_acc_preparation(to, true, false).await?;
tx_pre_check(&from_acc, &recipient_pre.account)?;
let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, from);
let eph_holder = EphemeralKeyHolder::new(&to_npk);
let shared_secret = eph_holder.calculate_shared_secret_sender(&to_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[0, 1],
&produce_random_nonces(1),
&[(to_npk.clone(), shared_secret.clone())],
&[(to_nsk.unwrap(), to_proof)],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![from],
vec![from_acc.nonce],
vec![(
to_npk.clone(),
to_ipk.clone(),
eph_holder.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let signing_key = self.storage.user_data.get_pub_account_signing_key(&from);
let Some(signing_key) = signing_key else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let witness_set = WitnessSet::for_message(&message, proof, &[signing_key]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret],
))
}
pub(crate) async fn shielded_two_accs_receiver_uninit(
&self,
from: AccountId,
to: AccountId,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> {
let Ok(from_acc) = self.get_account_public(from).await else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let AccountPreparedData {
nsk: _,
npk: to_npk,
ipk: to_ipk,
auth_acc: recipient_pre,
proof: _,
} = self.private_acc_preparation(to, false, false).await?;
tx_pre_check(&from_acc, &recipient_pre.account)?;
let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, from);
let eph_holder = EphemeralKeyHolder::new(&to_npk);
let shared_secret = eph_holder.calculate_shared_secret_sender(&to_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[0, 2],
&produce_random_nonces(1),
&[(to_npk.clone(), shared_secret.clone())],
&[],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![from],
vec![from_acc.nonce],
vec![(
to_npk.clone(),
to_ipk.clone(),
eph_holder.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let signing_key = self.storage.user_data.get_pub_account_signing_key(&from);
let Some(signing_key) = signing_key else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let witness_set = WitnessSet::for_message(&message, proof, &[signing_key]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret],
))
}
pub(crate) async fn shielded_two_accs_receiver_outer(
&self,
from: AccountId,
to_npk: NullifierPublicKey,
to_ipk: IncomingViewingPublicKey,
instruction_data: InstructionData,
tx_pre_check: impl FnOnce(&Account, &Account) -> Result<(), ExecutionFailureKind>,
program: Program,
) -> Result<SendTxResponse, ExecutionFailureKind> {
let Ok(from_acc) = self.get_account_public(from).await else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let to_acc = Account::default();
tx_pre_check(&from_acc, &to_acc)?;
let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, from);
let recipient_pre = AccountWithMetadata::new(to_acc.clone(), false, &to_npk);
let eph_holder = EphemeralKeyHolder::new(&to_npk);
let shared_secret = eph_holder.calculate_shared_secret_sender(&to_ipk);
let (output, proof) = circuit::execute_and_prove(
&[sender_pre, recipient_pre],
&instruction_data,
&[0, 2],
&produce_random_nonces(1),
&[(to_npk.clone(), shared_secret.clone())],
&[],
&program.into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![from],
vec![from_acc.nonce],
vec![(
to_npk.clone(),
to_ipk.clone(),
eph_holder.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let signing_key = self.storage.user_data.get_pub_account_signing_key(&from);
let Some(signing_key) = signing_key else {
return Err(ExecutionFailureKind::KeyNotFoundError);
};
let witness_set = WitnessSet::for_message(&message, proof, &[signing_key]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok(self.sequencer_client.send_tx_private(tx).await?)
}
pub async fn register_account_under_authenticated_transfers_programs_private(
&self,
from: AccountId,
) -> Result<(SendTxResponse, [SharedSecretKey; 1]), ExecutionFailureKind> {
let AccountPreparedData {
nsk: _,
npk: from_npk,
ipk: from_ipk,
auth_acc: sender_pre,
proof: _,
} = self.private_acc_preparation(from, false, false).await?;
let eph_holder_from = EphemeralKeyHolder::new(&from_npk);
let shared_secret_from = eph_holder_from.calculate_shared_secret_sender(&from_ipk);
let instruction: u128 = 0;
let (output, proof) = circuit::execute_and_prove(
&[sender_pre],
&Program::serialize_instruction(instruction).unwrap(),
&[2],
&produce_random_nonces(1),
&[(from_npk.clone(), shared_secret_from.clone())],
&[],
&Program::authenticated_transfer_program().into(),
)
.unwrap();
let message = Message::try_from_circuit_output(
vec![],
vec![],
vec![(
from_npk.clone(),
from_ipk.clone(),
eph_holder_from.generate_ephemeral_public_key(),
)],
output,
)
.unwrap();
let witness_set = WitnessSet::for_message(&message, proof, &[]);
let tx = PrivacyPreservingTransaction::new(message, witness_set);
Ok((
self.sequencer_client.send_tx_private(tx).await?,
[shared_secret_from],
))
}
}