diff --git a/artifacts/program_methods/amm.bin b/artifacts/program_methods/amm.bin index 28a855d7..c780e6b3 100644 Binary files a/artifacts/program_methods/amm.bin and b/artifacts/program_methods/amm.bin differ diff --git a/artifacts/program_methods/associated_token_account.bin b/artifacts/program_methods/associated_token_account.bin index 40d734e5..0316eaee 100644 Binary files a/artifacts/program_methods/associated_token_account.bin and b/artifacts/program_methods/associated_token_account.bin differ diff --git a/artifacts/program_methods/authenticated_transfer.bin b/artifacts/program_methods/authenticated_transfer.bin index 86ea94a6..5a8c88d7 100644 Binary files a/artifacts/program_methods/authenticated_transfer.bin and b/artifacts/program_methods/authenticated_transfer.bin differ diff --git a/artifacts/program_methods/pinata.bin b/artifacts/program_methods/pinata.bin index a87a553b..04326ebf 100644 Binary files a/artifacts/program_methods/pinata.bin and b/artifacts/program_methods/pinata.bin differ diff --git a/artifacts/program_methods/pinata_token.bin b/artifacts/program_methods/pinata_token.bin index 93006e3e..c662db47 100644 Binary files a/artifacts/program_methods/pinata_token.bin and b/artifacts/program_methods/pinata_token.bin differ diff --git a/artifacts/program_methods/privacy_preserving_circuit.bin b/artifacts/program_methods/privacy_preserving_circuit.bin index 4d82008f..a7e81cf4 100644 Binary files a/artifacts/program_methods/privacy_preserving_circuit.bin and b/artifacts/program_methods/privacy_preserving_circuit.bin differ diff --git a/artifacts/program_methods/token.bin b/artifacts/program_methods/token.bin index 9284ba71..599ef7df 100644 Binary files a/artifacts/program_methods/token.bin and b/artifacts/program_methods/token.bin differ diff --git a/artifacts/test_program_methods/burner.bin b/artifacts/test_program_methods/burner.bin index 2daeec51..59557543 100644 Binary files a/artifacts/test_program_methods/burner.bin and b/artifacts/test_program_methods/burner.bin differ diff --git a/artifacts/test_program_methods/chain_caller.bin b/artifacts/test_program_methods/chain_caller.bin index 602b32ad..69aa790d 100644 Binary files a/artifacts/test_program_methods/chain_caller.bin and b/artifacts/test_program_methods/chain_caller.bin differ diff --git a/artifacts/test_program_methods/changer_claimer.bin b/artifacts/test_program_methods/changer_claimer.bin index 4ab3632f..471314e5 100644 Binary files a/artifacts/test_program_methods/changer_claimer.bin and b/artifacts/test_program_methods/changer_claimer.bin differ diff --git a/artifacts/test_program_methods/claimer.bin b/artifacts/test_program_methods/claimer.bin index d9a67792..8f23cffc 100644 Binary files a/artifacts/test_program_methods/claimer.bin and b/artifacts/test_program_methods/claimer.bin differ diff --git a/artifacts/test_program_methods/data_changer.bin b/artifacts/test_program_methods/data_changer.bin index 2b21071d..87775199 100644 Binary files a/artifacts/test_program_methods/data_changer.bin and b/artifacts/test_program_methods/data_changer.bin differ diff --git a/artifacts/test_program_methods/extra_output.bin b/artifacts/test_program_methods/extra_output.bin index 8999810e..2316340b 100644 Binary files a/artifacts/test_program_methods/extra_output.bin and b/artifacts/test_program_methods/extra_output.bin differ diff --git a/artifacts/test_program_methods/malicious_authorization_changer.bin b/artifacts/test_program_methods/malicious_authorization_changer.bin index 5e09378d..683202fd 100644 Binary files a/artifacts/test_program_methods/malicious_authorization_changer.bin and b/artifacts/test_program_methods/malicious_authorization_changer.bin differ diff --git a/artifacts/test_program_methods/minter.bin b/artifacts/test_program_methods/minter.bin index 21bb85d8..c49b681b 100644 Binary files a/artifacts/test_program_methods/minter.bin and b/artifacts/test_program_methods/minter.bin differ diff --git a/artifacts/test_program_methods/missing_output.bin b/artifacts/test_program_methods/missing_output.bin index 6946618b..4ff2599e 100644 Binary files a/artifacts/test_program_methods/missing_output.bin and b/artifacts/test_program_methods/missing_output.bin differ diff --git a/artifacts/test_program_methods/modified_transfer.bin b/artifacts/test_program_methods/modified_transfer.bin index 8dc5420f..19b684c3 100644 Binary files a/artifacts/test_program_methods/modified_transfer.bin and b/artifacts/test_program_methods/modified_transfer.bin differ diff --git a/artifacts/test_program_methods/nonce_changer.bin b/artifacts/test_program_methods/nonce_changer.bin index 6bdbee2f..7e9e2ee5 100644 Binary files a/artifacts/test_program_methods/nonce_changer.bin and b/artifacts/test_program_methods/nonce_changer.bin differ diff --git a/artifacts/test_program_methods/noop.bin b/artifacts/test_program_methods/noop.bin index 080985a5..af0041e8 100644 Binary files a/artifacts/test_program_methods/noop.bin and b/artifacts/test_program_methods/noop.bin differ diff --git a/artifacts/test_program_methods/program_owner_changer.bin b/artifacts/test_program_methods/program_owner_changer.bin index 6f09512c..9fe35bf6 100644 Binary files a/artifacts/test_program_methods/program_owner_changer.bin and b/artifacts/test_program_methods/program_owner_changer.bin differ diff --git a/artifacts/test_program_methods/simple_balance_transfer.bin b/artifacts/test_program_methods/simple_balance_transfer.bin index b54284d7..ffc9d5d6 100644 Binary files a/artifacts/test_program_methods/simple_balance_transfer.bin and b/artifacts/test_program_methods/simple_balance_transfer.bin differ diff --git a/artifacts/test_program_methods/validity_window.bin b/artifacts/test_program_methods/validity_window.bin index be9bea6f..4ec53610 100644 Binary files a/artifacts/test_program_methods/validity_window.bin and b/artifacts/test_program_methods/validity_window.bin differ diff --git a/artifacts/test_program_methods/validity_window_chain_caller.bin b/artifacts/test_program_methods/validity_window_chain_caller.bin index 2c779cb8..6eb706cb 100644 Binary files a/artifacts/test_program_methods/validity_window_chain_caller.bin and b/artifacts/test_program_methods/validity_window_chain_caller.bin differ diff --git a/integration_tests/tests/tps.rs b/integration_tests/tests/tps.rs index b83ae80a..c124dbcf 100644 --- a/integration_tests/tests/tps.rs +++ b/integration_tests/tests/tps.rs @@ -256,7 +256,7 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction { vec![1, 2], vec![(sender_npk, sender_ss), (recipient_npk, recipient_ss)], vec![sender_nsk], - vec![], // TODO: marvin fix + vec![], vec![Some(proof)], &program.into(), ) diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs index f3723802..416f2b81 100644 --- a/key_protocol/src/key_management/key_tree/keys_private.rs +++ b/key_protocol/src/key_management/key_tree/keys_private.rs @@ -1,5 +1,5 @@ use k256::{Scalar, elliptic_curve::PrimeField as _}; -use nssa_core::{NullifierPublicKey, encryption::ViewingPublicKey}; +use nssa_core::{NullifierPublicKey, account::Identifier, encryption::ViewingPublicKey}; use serde::{Deserialize, Serialize}; use crate::key_management::{ @@ -111,7 +111,7 @@ impl KeyNode for ChildKeysPrivate { } fn account_id(&self) -> nssa::AccountId { - nssa::AccountId::private_account_id(&self.value.0.nullifier_public_key, None) + nssa::AccountId::private_account_id(&self.value.0.nullifier_public_key, Identifier(0_u128)) } } diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs index c2d9f300..6bdea6fb 100644 --- a/key_protocol/src/key_management/key_tree/keys_public.rs +++ b/key_protocol/src/key_management/key_tree/keys_public.rs @@ -99,7 +99,7 @@ impl KeyNode for ChildKeysPublic { } fn account_id(&self) -> nssa::AccountId { - nssa::AccountId::public_account_id(&self.cpk, None) + nssa::AccountId::public_account_id(&self.cpk) } } diff --git a/key_protocol/src/key_management/mod.rs b/key_protocol/src/key_management/mod.rs index c5572d15..17dbb007 100644 --- a/key_protocol/src/key_management/mod.rs +++ b/key_protocol/src/key_management/mod.rs @@ -129,7 +129,7 @@ mod tests { let public_key = nssa_core::PublicKey::new_from_private_key(&pub_account_signing_key); - let account = nssa::AccountId::public_account_id(&public_key, None); + let account = nssa::AccountId::public_account_id(&public_key); println!("======Prerequisites======"); println!(); diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs index 7700f047..c7bcde67 100644 --- a/key_protocol/src/key_protocol_core/mod.rs +++ b/key_protocol/src/key_protocol_core/mod.rs @@ -2,6 +2,7 @@ use std::collections::BTreeMap; use anyhow::Result; use k256::AffinePoint; +use nssa_core::account::Identifier; use serde::{Deserialize, Serialize}; use crate::key_management::{ @@ -33,7 +34,6 @@ impl NSSAUserData { for (account_id, key) in accounts_keys_map { let expected_account_id = nssa::AccountId::public_account_id( &nssa_core::PublicKey::new_from_private_key(key), - None, ); if &expected_account_id != account_id { println!("{expected_account_id}, {account_id}"); @@ -49,7 +49,7 @@ impl NSSAUserData { let mut check_res = true; for (account_id, (key, _)) in accounts_keys_map { let expected_account_id = - nssa::AccountId::private_account_id(&key.nullifier_public_key, None); + nssa::AccountId::private_account_id(&key.nullifier_public_key, Identifier(0_u128)); if expected_account_id != *account_id { println!("{expected_account_id}, {account_id}"); check_res = false; diff --git a/nssa/Cargo.toml b/nssa/Cargo.toml index 07f5fe53..a93919bb 100644 --- a/nssa/Cargo.toml +++ b/nssa/Cargo.toml @@ -8,7 +8,7 @@ license = { workspace = true } workspace = true [dependencies] -nssa_core = { workspace = true, features = ["host"] } +nssa_core = { workspace = true, features = ["host", "test-utils"] } anyhow.workspace = true thiserror.workspace = true diff --git a/nssa/core/Cargo.toml b/nssa/core/Cargo.toml index e52f1487..9fd0e983 100644 --- a/nssa/core/Cargo.toml +++ b/nssa/core/Cargo.toml @@ -27,3 +27,4 @@ serde_json.workspace = true [features] default = ["dep:k256"] host = ["dep:k256"] +test-utils = ["dep:k256"] diff --git a/nssa/core/src/account.rs b/nssa/core/src/account.rs index 6ed70af6..5d56a240 100644 --- a/nssa/core/src/account.rs +++ b/nssa/core/src/account.rs @@ -10,12 +10,16 @@ use risc0_zkvm::sha::{Impl, Sha256 as _}; use serde::{Deserialize, Serialize}; use serde_with::{DeserializeFromStr, SerializeDisplay}; -use crate::{NullifierPublicKey, NullifierSecretKey, PublicKey, program::ProgramId}; +use crate::{ + EphemeralPublicKey, NullifierPublicKey, NullifierSecretKey, PublicKey, program::ProgramId, +}; pub mod data; #[derive(Copy, Debug, Default, Clone, Eq, PartialEq)] pub struct Nonce(pub u128); +#[derive(Copy, Debug, Clone, Eq, PartialEq, Serialize, Deserialize)] +pub struct Identifier(pub u128); impl Nonce { pub const fn public_account_nonce_increment(&mut self) { @@ -91,6 +95,23 @@ impl BorshDeserialize for Nonce { pub type Balance = u128; +impl Identifier { + #[must_use] + pub fn private_identifier(epk: &EphemeralPublicKey, index: u8) -> Self { + const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/LEE/v0.3/AccountId/Identifier/\x00"; + + let mut bytes = Vec::::new(); + bytes.extend_from_slice(PRIVATE_ACCOUNT_ID_PREFIX); + bytes.extend_from_slice(&epk.0); + bytes.extend_from_slice(&[index]); + + let mut value = [0_u8; 16]; + value.copy_from_slice(&Impl::hash_bytes(&bytes).as_bytes()[0..16]); + + Self(u128::from_le_bytes(value)) + } +} + /// Account to be used both in public and private contexts. #[derive( Default, Clone, Eq, PartialEq, Serialize, Deserialize, BorshSerialize, BorshDeserialize, @@ -180,18 +201,14 @@ impl AccountId { } #[must_use] - pub fn private_account_id(value: &NullifierPublicKey, identifier: Option) -> Self { + pub fn private_account_id(value: &NullifierPublicKey, identifier: Identifier) -> Self { const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/LEE/v0.3/AccountId/Private/\x00\x00\x00\x00"; let mut bytes = Vec::::new(); bytes.extend_from_slice(PRIVATE_ACCOUNT_ID_PREFIX); bytes.extend_from_slice(&value.0); - - match identifier { - None => {} - Some(identifier) => bytes.extend_from_slice(&identifier.to_le_bytes()), - } + bytes.extend_from_slice(&identifier.0.to_le_bytes()); Self::new( Impl::hash_bytes(&bytes) @@ -202,18 +219,14 @@ impl AccountId { } #[must_use] - pub fn public_account_id(value: &PublicKey, identifier: Option) -> Self { + pub fn public_account_id(value: &PublicKey) -> Self { const PUBLIC_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/LEE/v0.3/AccountId/Public/\x00\x00\x00\x00\x00"; let mut bytes = Vec::::new(); bytes.extend_from_slice(PUBLIC_ACCOUNT_ID_PREFIX); bytes.extend_from_slice(value.value()); - - match identifier { - None => {} - Some(identifier) => bytes.extend_from_slice(&identifier.to_le_bytes()), - } + // bytes.extend_from_slice(&identifier.0.to_le_bytes()); Self::new( Impl::hash_bytes(&bytes) @@ -409,7 +422,9 @@ mod tests { 126, 85, 106, 222, 127, 193, 125, 168, 62, 150, 129, 194, 135, 114, ]); - let account_id = AccountId::private_account_id(&npk, Some(13_u128)); + let identifier = Identifier(13_u128); + + let account_id = AccountId::private_account_id(&npk, identifier); assert_eq!(account_id, expected_account_id); } @@ -419,12 +434,27 @@ mod tests { let pub_key = PublicKey::try_new([42_u8; 32]).expect("Expect valid Public Key"); let expected_account_id = AccountId::new([ - 75, 60, 223, 47, 170, 89, 187, 173, 89, 16, 96, 18, 76, 101, 203, 128, 241, 4, 253, 18, - 61, 201, 37, 226, 199, 119, 9, 1, 239, 131, 221, 142, + 55, 223, 166, 27, 166, 126, 71, 128, 222, 225, 215, 176, 98, 21, 215, 13, 71, 74, 13, + 72, 200, 175, 25, 19, 96, 160, 250, 230, 45, 15, 254, 134, ]); - let account_id = AccountId::public_account_id(&pub_key, Some(13_u128)); + let account_id = AccountId::public_account_id(&pub_key); assert_eq!(account_id, expected_account_id); } + + #[test] + fn identifier_from_ephemeral_public_key() { + let epk = EphemeralPublicKey::from_scalar([ + 185, 147, 32, 242, 145, 91, 123, 77, 42, 33, 134, 84, 12, 165, 117, 70, 158, 201, 95, + 153, 14, 12, 92, 235, 128, 156, 194, 169, 68, 35, 165, 127, + ]); + + let expected_identifier = Identifier(u128::from_le_bytes([ + 170, 216, 75, 182, 85, 117, 119, 230, 115, 121, 70, 204, 104, 96, 182, 122, + ])); + let identifier = Identifier::private_identifier(&epk, 13_u8); + + assert_eq!(identifier, expected_identifier); + } } diff --git a/nssa/core/src/circuit_io.rs b/nssa/core/src/circuit_io.rs index 6c592f32..265ae049 100644 --- a/nssa/core/src/circuit_io.rs +++ b/nssa/core/src/circuit_io.rs @@ -3,7 +3,7 @@ use serde::{Deserialize, Serialize}; use crate::{ Commitment, CommitmentSetDigest, MembershipProof, Nullifier, NullifierPublicKey, NullifierSecretKey, SharedSecretKey, - account::{Account, AccountWithMetadata}, + account::{Account, AccountWithMetadata, Identifier}, encryption::Ciphertext, program::{BlockValidityWindow, ProgramId, ProgramOutput, TimestampValidityWindow}, }; @@ -22,8 +22,8 @@ pub struct PrivacyPreservingCircuitInput { pub private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>, /// Nullifier secret keys for authorized private accounts. pub private_account_nsks: Vec, - /// Identifiers used to generate `AccountId` (TODO: marvin double check logic). - pub private_account_identifiers: Vec, + /// Identifiers used to generate `AccountId`. + pub private_account_identifiers: Vec, /// Membership proofs for private accounts. Can be [`None`] for uninitialized accounts. pub private_account_membership_proofs: Vec>, /// Program ID. @@ -59,7 +59,7 @@ mod tests { use super::*; use crate::{ Commitment, Nullifier, NullifierPublicKey, - account::{Account, AccountId, AccountWithMetadata, Nonce}, + account::{Account, AccountId, AccountWithMetadata, Identifier, Nonce}, }; #[test] @@ -95,7 +95,10 @@ mod tests { }], ciphertexts: vec![Ciphertext(vec![255, 255, 1, 1, 2, 2])], new_commitments: vec![Commitment::new( - &AccountId::private_account_id(&NullifierPublicKey::from(&[1_u8; 32]), None), + &AccountId::private_account_id( + &NullifierPublicKey::from(&[1_u8; 32]), + Identifier(0_u128), + ), &Account::default(), )], new_nullifiers: vec![( @@ -103,7 +106,7 @@ mod tests { &Commitment::new( &AccountId::private_account_id( &NullifierPublicKey::from(&[2_u8; 32]), - None, + Identifier(0_u128), ), &Account::default(), ), diff --git a/nssa/core/src/encryption/mod.rs b/nssa/core/src/encryption/mod.rs index 400fb331..9832d972 100644 --- a/nssa/core/src/encryption/mod.rs +++ b/nssa/core/src/encryption/mod.rs @@ -5,11 +5,11 @@ use chacha20::{ }; use risc0_zkvm::sha::{Impl, Sha256 as _}; use serde::{Deserialize, Serialize}; +pub use shared_key_derivation::EphemeralPublicKey; #[cfg(feature = "host")] -pub use shared_key_derivation::{EphemeralPublicKey, EphemeralSecretKey, ViewingPublicKey}; +pub use shared_key_derivation::{EphemeralSecretKey, ViewingPublicKey}; use crate::{Commitment, account::Account}; -#[cfg(feature = "host")] pub mod shared_key_derivation; pub type Scalar = [u8; 32]; diff --git a/nssa/core/src/lib.rs b/nssa/core/src/lib.rs index 08290862..5d6c44cd 100644 --- a/nssa/core/src/lib.rs +++ b/nssa/core/src/lib.rs @@ -8,7 +8,9 @@ pub use commitment::{ Commitment, CommitmentSetDigest, DUMMY_COMMITMENT, DUMMY_COMMITMENT_HASH, MembershipProof, compute_digest_for_path, }; -pub use encryption::{EncryptionScheme, SharedSecretKey}; +pub use encryption::{ + EncryptionScheme, SharedSecretKey, shared_key_derivation::EphemeralPublicKey, +}; pub use nullifier::{Nullifier, NullifierPublicKey, NullifierSecretKey}; pub use signature::{PrivateKey, PublicKey, Signature}; diff --git a/nssa/core/src/nullifier.rs b/nssa/core/src/nullifier.rs index 012af3d4..652eef38 100644 --- a/nssa/core/src/nullifier.rs +++ b/nssa/core/src/nullifier.rs @@ -79,6 +79,7 @@ impl Nullifier { #[cfg(test)] mod tests { use super::*; + use crate::account::Identifier; #[test] fn constructor_for_account_update() { @@ -99,7 +100,9 @@ mod tests { 255, 29, 105, 42, 186, 43, 11, 157, 168, 132, 225, 17, 163, ]); - let account_id = AccountId::private_account_id(&npk, Some(0_u128)); + let identifier = Identifier(0_u128); + + let account_id = AccountId::private_account_id(&npk, identifier); let expected_nullifier = Nullifier([ 63, 58, 51, 159, 15, 100, 240, 243, 60, 143, 151, 108, 116, 144, 101, 6, 134, 72, 198, diff --git a/nssa/core/src/signature/mod.rs b/nssa/core/src/signature/mod.rs index 62aa42cd..197fdc2b 100644 --- a/nssa/core/src/signature/mod.rs +++ b/nssa/core/src/signature/mod.rs @@ -72,6 +72,11 @@ impl Signature { pk.verify_raw(bytes, &sig).is_ok() } + + #[cfg(feature = "test-utils")] + pub fn new_for_tests(value: [u8; 64]) -> Self { + Self { value } + } } #[cfg(test)] @@ -82,12 +87,6 @@ mod tests { use crate::{Signature, signature::bip340_test_vectors}; - impl Signature { - pub(crate) fn _new_for_tests(value: [u8; 64]) -> Self { - Self { value } - } - } - #[test] fn signature_generation_from_bip340_test_vectors() { for (i, test_vector) in bip340_test_vectors::test_vectors().into_iter().enumerate() { diff --git a/nssa/src/privacy_preserving_transaction/circuit.rs b/nssa/src/privacy_preserving_transaction/circuit.rs index 384a3b82..0a6da2c6 100644 --- a/nssa/src/privacy_preserving_transaction/circuit.rs +++ b/nssa/src/privacy_preserving_transaction/circuit.rs @@ -4,7 +4,7 @@ use borsh::{BorshDeserialize, BorshSerialize}; use nssa_core::{ MembershipProof, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput, SharedSecretKey, - account::AccountWithMetadata, + account::{AccountWithMetadata, Identifier}, program::{ChainedCall, InstructionData, ProgramId, ProgramOutput}, }; use risc0_zkvm::{ExecutorEnv, InnerReceipt, ProverOpts, Receipt, default_prover}; @@ -70,7 +70,7 @@ pub fn execute_and_prove( visibility_mask: Vec, private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>, private_account_nsks: Vec, - private_account_identifiers: Vec, + private_account_identifiers: Vec, private_account_membership_proofs: Vec>, program_with_dependencies: &ProgramWithDependencies, ) -> Result<(PrivacyPreservingCircuitOutput, Proof), NssaError> { @@ -177,7 +177,7 @@ mod tests { use nssa_core::{ Commitment, DUMMY_COMMITMENT_HASH, EncryptionScheme, Nullifier, SharedSecretKey, - account::{Account, AccountId, AccountWithMetadata, Nonce, data::Data}, + account::{Account, AccountId, AccountWithMetadata, Identifier, Nonce, data::Data}, }; use super::*; @@ -208,7 +208,7 @@ mod tests { let recipient = AccountWithMetadata::new( Account::default(), false, - AccountId::private_account_id(&recipient_keys.npk(), None), + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)), ); let balance_to_move: u128 = 37; @@ -238,7 +238,7 @@ mod tests { vec![0, 2], vec![(recipient_keys.npk(), shared_secret)], vec![], - vec![], // TODO check (Marvin) + vec![], vec![None], &Program::authenticated_transfer_program().into(), ) @@ -270,7 +270,7 @@ mod tests { let sender_keys = test_private_account_keys_1(); let recipient_keys = test_private_account_keys_2(); let recipient_id = - AccountId::private_account_id(&test_private_account_keys_2().npk(), None); + AccountId::private_account_id(&test_private_account_keys_2().npk(), Identifier(0_u128)); let sender_nonce = Nonce(0xdead_beef); let sender_pre = AccountWithMetadata::new( @@ -281,14 +281,14 @@ mod tests { data: Data::default(), }, true, - AccountId::private_account_id(&sender_keys.npk(), None), + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)), ); let commitment_sender = Commitment::new(&sender_pre.account_id, &sender_pre.account); let recipient = AccountWithMetadata::new( Account::default(), false, - AccountId::private_account_id(&recipient_keys.npk(), None), + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)), ); let balance_to_move: u128 = 37; @@ -340,7 +340,7 @@ mod tests { (recipient_keys.npk(), shared_secret_2), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![commitment_set.get_proof_for(&commitment_sender), None], &program.into(), ) @@ -378,7 +378,7 @@ mod tests { let pre = AccountWithMetadata::new( Account::default(), false, - AccountId::private_account_id(&account_keys.npk(), None), + AccountId::private_account_id(&account_keys.npk(), Identifier(0_u128)), ); let validity_window_chain_caller = Program::validity_window_chain_caller(); @@ -407,7 +407,7 @@ mod tests { vec![2], vec![(account_keys.npk(), shared_secret)], vec![], - vec![], // TODO check (Marvin) + vec![], vec![None], &program_with_deps, ); diff --git a/nssa/src/privacy_preserving_transaction/message.rs b/nssa/src/privacy_preserving_transaction/message.rs index 39c5b6e4..de29857f 100644 --- a/nssa/src/privacy_preserving_transaction/message.rs +++ b/nssa/src/privacy_preserving_transaction/message.rs @@ -130,7 +130,7 @@ impl Message { pub mod tests { use nssa_core::{ Commitment, EncryptionScheme, Nullifier, NullifierPublicKey, SharedSecretKey, - account::Account, + account::{Account, Identifier}, encryption::{EphemeralPublicKey, ViewingPublicKey}, program::{BlockValidityWindow, TimestampValidityWindow}, }; @@ -152,8 +152,8 @@ pub mod tests { let npk1 = NullifierPublicKey::from(&nsk1); let npk2 = NullifierPublicKey::from(&nsk2); - let account_id1 = AccountId::private_account_id(&npk1, None); - let account_id2 = AccountId::private_account_id(&npk2, None); + let account_id1 = AccountId::private_account_id(&npk1, Identifier(0_u128)); + let account_id2 = AccountId::private_account_id(&npk2, Identifier(0_u128)); let public_account_ids = vec![account_id1, account_id2]; let nonces = vec![1_u128.into(), 2_u128.into(), 3_u128.into()]; @@ -186,7 +186,7 @@ pub mod tests { fn encrypted_account_data_constructor() { let npk = NullifierPublicKey::from(&[1; 32]); let vpk = ViewingPublicKey::from_scalar([2; 32]); - let account_id = AccountId::private_account_id(&npk, None); + let account_id = AccountId::private_account_id(&npk, Identifier(0_u128)); let account = Account::default(); let commitment = Commitment::new(&account_id, &account); let esk = [3; 32]; diff --git a/nssa/src/privacy_preserving_transaction/transaction.rs b/nssa/src/privacy_preserving_transaction/transaction.rs index a0c6071e..100d26b4 100644 --- a/nssa/src/privacy_preserving_transaction/transaction.rs +++ b/nssa/src/privacy_preserving_transaction/transaction.rs @@ -154,7 +154,7 @@ impl PrivacyPreservingTransaction { self.witness_set .signatures_and_public_keys() .iter() - .map(|(_, public_key)| AccountId::public_account_id(public_key, None)) + .map(|(_, public_key)| AccountId::public_account_id(public_key)) .collect() } @@ -214,8 +214,8 @@ mod tests { fn keys_for_tests() -> (PrivateKey, PrivateKey, AccountId, AccountId) { let key1 = PrivateKey::try_new([1; 32]).unwrap(); let key2 = PrivateKey::try_new([2; 32]).unwrap(); - let addr1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1), None); - let addr2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2), None); + let addr1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1)); + let addr2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2)); (key1, key2, addr1, addr2) } diff --git a/nssa/src/public_transaction/transaction.rs b/nssa/src/public_transaction/transaction.rs index 742a69f8..7ed85749 100644 --- a/nssa/src/public_transaction/transaction.rs +++ b/nssa/src/public_transaction/transaction.rs @@ -45,7 +45,7 @@ impl PublicTransaction { self.witness_set .signatures_and_public_keys() .iter() - .map(|(_, public_key)| AccountId::public_account_id(public_key, None)) + .map(|(_, public_key)| AccountId::public_account_id(public_key)) .collect() } @@ -282,7 +282,7 @@ impl PublicTransaction { #[cfg(test)] pub mod tests { - use nssa_core::{PrivateKey, PublicKey}; + use nssa_core::{PrivateKey, PublicKey, Signature}; use sha2::{Digest as _, digest::FixedOutput as _}; use crate::{ @@ -295,8 +295,8 @@ pub mod tests { fn keys_for_tests() -> (PrivateKey, PrivateKey, AccountId, AccountId) { let key1 = PrivateKey::try_new([1; 32]).unwrap(); let key2 = PrivateKey::try_new([2; 32]).unwrap(); - let addr1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1), None); - let addr2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2), None); + let addr1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1)); + let addr2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2)); (key1, key2, addr1, addr2) } @@ -422,27 +422,27 @@ pub mod tests { assert!(matches!(result, Err(NssaError::InvalidInput(_)))); } - // TODO: fix Marvin (commented out since that test is local to nssa-core) - // #[test] - // fn all_signatures_must_be_valid() { - // let (key1, key2, addr1, addr2) = keys_for_tests(); - // let state = state_for_tests(); - // let nonces = vec![0_u128.into(), 0_u128.into()]; - // let instruction = 1337; - // let message = Message::try_new( - // Program::authenticated_transfer_program().id(), - // vec![addr1, addr2], - // nonces, - // instruction, - // ) - // .unwrap(); - // - // let mut witness_set = WitnessSet::for_message(&message, &[&key1, &key2]); - // witness_set.signatures_and_public_keys[0].0 = Signature::new_for_tests([1; 64]); - // let tx = PublicTransaction::new(message, witness_set); - // let result = tx.validate_and_produce_public_state_diff(&state, 1, 0); - // assert!(matches!(result, Err(NssaError::InvalidInput(_)))); - // } + #[cfg(feature = "test-utils")] + #[test] + fn all_signatures_must_be_valid() { + let (key1, key2, addr1, addr2) = keys_for_tests(); + let state = state_for_tests(); + let nonces = vec![0_u128.into(), 0_u128.into()]; + let instruction = 1337; + let message = Message::try_new( + Program::authenticated_transfer_program().id(), + vec![addr1, addr2], + nonces, + instruction, + ) + .unwrap(); + + let mut witness_set = WitnessSet::for_message(&message, &[&key1, &key2]); + witness_set.signatures_and_public_keys[0].0 = Signature::new_for_tests([1; 64]); + let tx = PublicTransaction::new(message, witness_set); + let result = tx.validate_and_produce_public_state_diff(&state, 1, 0); + assert!(matches!(result, Err(NssaError::InvalidInput(_)))); + } #[test] fn nonces_must_match_the_state_current_nonces() { diff --git a/nssa/src/public_transaction/witness_set.rs b/nssa/src/public_transaction/witness_set.rs index 1c7c498a..e22af371 100644 --- a/nssa/src/public_transaction/witness_set.rs +++ b/nssa/src/public_transaction/witness_set.rs @@ -66,8 +66,8 @@ mod tests { let key2 = PrivateKey::try_new([2; 32]).unwrap(); let pubkey1 = PublicKey::new_from_private_key(&key1); let pubkey2 = PublicKey::new_from_private_key(&key2); - let addr1 = AccountId::public_account_id(&pubkey1, None); - let addr2 = AccountId::public_account_id(&pubkey2, None); + let addr1 = AccountId::public_account_id(&pubkey1); + let addr2 = AccountId::public_account_id(&pubkey2); let nonces = vec![1_u128.into(), 2_u128.into()]; let instruction = vec![1, 2, 3, 4]; let message = Message::try_new([0; 8], vec![addr1, addr2], nonces, instruction).unwrap(); diff --git a/nssa/src/state.rs b/nssa/src/state.rs index 2ec2ca32..d6bb0048 100644 --- a/nssa/src/state.rs +++ b/nssa/src/state.rs @@ -341,6 +341,7 @@ pub mod tests { use std::collections::HashMap; + use nssa_core::account::Identifier; #[allow(unused_imports)] use nssa_core::{ BlockId, Commitment, Nullifier, NullifierPublicKey, NullifierSecretKey, PrivateKey, @@ -427,7 +428,7 @@ pub mod tests { #[must_use] pub fn with_private_account(mut self, keys: &TestPrivateKeys, account: &Account) -> Self { - let account_id = &AccountId::private_account_id(&keys.npk(), Some(keys.identifier)); + let account_id = &AccountId::private_account_id(&keys.npk(), keys.identifier); let commitment = Commitment::new(account_id, account); self.private_state.0.extend(&[commitment]); self @@ -440,14 +441,14 @@ pub mod tests { impl TestPublicKeys { pub fn account_id(&self) -> AccountId { - AccountId::public_account_id(&PublicKey::new_from_private_key(&self.signing_key), None) + AccountId::public_account_id(&PublicKey::new_from_private_key(&self.signing_key)) } } pub struct TestPrivateKeys { pub nsk: NullifierSecretKey, pub vsk: Scalar, - pub identifier: u128, + pub identifier: Identifier, } impl TestPrivateKeys { @@ -483,8 +484,8 @@ pub mod tests { fn new_with_genesis() { let key1 = PrivateKey::try_new([1; 32]).unwrap(); let key2 = PrivateKey::try_new([2; 32]).unwrap(); - let addr1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1), None); - let addr2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2), None); + let addr1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1)); + let addr2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2)); let initial_data = [(addr1, 100_u128), (addr2, 151_u128)]; let authenticated_transfers_program = Program::authenticated_transfer_program(); let expected_public_state = { @@ -540,7 +541,7 @@ pub mod tests { #[test] fn get_account_by_account_id_non_default_account() { let key = PrivateKey::try_new([1; 32]).unwrap(); - let account_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&key), None); + let account_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&key)); let initial_data = [(account_id, 100_u128)]; let state = V03State::new_with_genesis_accounts(&initial_data, &[]); let expected_account = &state.public_state[&account_id]; @@ -573,12 +574,12 @@ pub mod tests { #[test] fn transition_from_authenticated_transfer_program_invocation_default_account_destination() { let key = PrivateKey::try_new([1; 32]).unwrap(); - let account_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&key), None); + let account_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&key)); let initial_data = [(account_id, 100)]; let mut state = V03State::new_with_genesis_accounts(&initial_data, &[]); let from = account_id; let to_key = PrivateKey::try_new([2; 32]).unwrap(); - let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key), None); + let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key)); assert_eq!(state.get_account_by_id(to), Account::default()); let balance_to_move = 5; @@ -594,13 +595,13 @@ pub mod tests { #[test] fn transition_from_authenticated_transfer_program_invocation_insuficient_balance() { let key = PrivateKey::try_new([1; 32]).unwrap(); - let account_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&key), None); + let account_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&key)); let initial_data = [(account_id, 100)]; let mut state = V03State::new_with_genesis_accounts(&initial_data, &[]); let from = account_id; let from_key = key; let to_key = PrivateKey::try_new([2; 32]).unwrap(); - let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key), None); + let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key)); let balance_to_move = 101; assert!(state.get_account_by_id(from).balance < balance_to_move); @@ -618,10 +619,8 @@ pub mod tests { fn transition_from_authenticated_transfer_program_invocation_non_default_account_destination() { let key1 = PrivateKey::try_new([1; 32]).unwrap(); let key2 = PrivateKey::try_new([2; 32]).unwrap(); - let account_id1 = - AccountId::public_account_id(&PublicKey::new_from_private_key(&key1), None); - let account_id2 = - AccountId::public_account_id(&PublicKey::new_from_private_key(&key2), None); + let account_id1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1)); + let account_id2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2)); let initial_data = [(account_id1, 100), (account_id2, 200)]; let mut state = V03State::new_with_genesis_accounts(&initial_data, &[]); let from = account_id2; @@ -643,16 +642,13 @@ pub mod tests { #[test] fn transition_from_sequence_of_authenticated_transfer_program_invocations() { let key1 = PrivateKey::try_new([8; 32]).unwrap(); - let account_id1 = - AccountId::public_account_id(&PublicKey::new_from_private_key(&key1), None); + let account_id1 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key1)); let key2 = PrivateKey::try_new([2; 32]).unwrap(); - let account_id2 = - AccountId::public_account_id(&PublicKey::new_from_private_key(&key2), None); + let account_id2 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key2)); let initial_data = [(account_id1, 100)]; let mut state = V03State::new_with_genesis_accounts(&initial_data, &[]); let key3 = PrivateKey::try_new([3; 32]).unwrap(); - let account_id3 = - AccountId::public_account_id(&PublicKey::new_from_private_key(&key3), None); + let account_id3 = AccountId::public_account_id(&PublicKey::new_from_private_key(&key3)); let balance_to_move = 5; let tx = transfer_transaction( @@ -942,7 +938,7 @@ pub mod tests { TestPrivateKeys { nsk: [13; 32], vsk: [31; 32], - identifier: 12_u128, + identifier: Identifier(12_u128), } } @@ -950,7 +946,7 @@ pub mod tests { TestPrivateKeys { nsk: [38; 32], vsk: [83; 32], - identifier: 42_u128, + identifier: Identifier(42_u128), } } @@ -969,7 +965,7 @@ pub mod tests { let sender_nonce = sender.account.nonce; let recipient_id = - AccountId::private_account_id(&recipient_keys.npk(), Some(recipient_keys.identifier)); + AccountId::private_account_id(&recipient_keys.npk(), recipient_keys.identifier); let recipient = AccountWithMetadata::new(Account::default(), false, recipient_id); let esk = [3; 32]; @@ -982,7 +978,7 @@ pub mod tests { vec![0, 2], vec![(recipient_keys.npk(), shared_secret)], vec![], - vec![recipient_keys.identifier], // TODO check (Marvin) + vec![recipient_keys.identifier], vec![None], &Program::authenticated_transfer_program().into(), ) @@ -1008,10 +1004,9 @@ pub mod tests { state: &V03State, ) -> PrivacyPreservingTransaction { let program = Program::authenticated_transfer_program(); - let sender_id = - AccountId::private_account_id(&sender_keys.npk(), Some(sender_keys.identifier)); + let sender_id = AccountId::private_account_id(&sender_keys.npk(), sender_keys.identifier); let recipient_id = - AccountId::private_account_id(&recipient_keys.npk(), Some(recipient_keys.identifier)); + AccountId::private_account_id(&recipient_keys.npk(), recipient_keys.identifier); let sender_commitment = Commitment::new(&sender_id, sender_private_account); let sender_pre = AccountWithMetadata::new(sender_private_account.clone(), true, sender_id); let recipient_pre = AccountWithMetadata::new(Account::default(), false, recipient_id); @@ -1033,7 +1028,7 @@ pub mod tests { (recipient_keys.npk(), shared_secret_2), ], vec![sender_keys.nsk], - vec![sender_keys.identifier, recipient_keys.identifier], // TODO check (Marvin) + vec![sender_keys.identifier, recipient_keys.identifier], vec![state.get_proof_for_commitment(&sender_commitment), None], &program.into(), ) @@ -1050,7 +1045,7 @@ pub mod tests { ) .unwrap(); - let witness_set = WitnessSet::for_message(&message, proof, &[]); //TODO: (Marvin) why no private keys? + let witness_set = WitnessSet::for_message(&message, proof, &[]); PrivacyPreservingTransaction::new(message, witness_set) } @@ -1063,8 +1058,7 @@ pub mod tests { state: &V03State, ) -> PrivacyPreservingTransaction { let program = Program::authenticated_transfer_program(); - let sender_id = - AccountId::private_account_id(&sender_keys.npk(), Some(sender_keys.identifier)); + let sender_id = AccountId::private_account_id(&sender_keys.npk(), sender_keys.identifier); let sender_commitment = Commitment::new(&sender_id, sender_private_account); let sender_pre = AccountWithMetadata::new(sender_private_account.clone(), true, sender_id); let recipient_pre = AccountWithMetadata::new( @@ -1083,7 +1077,7 @@ pub mod tests { vec![1, 0], vec![(sender_keys.npk(), shared_secret)], vec![sender_keys.nsk], - vec![sender_keys.identifier], // TODO check (Marvin) + vec![sender_keys.identifier], vec![state.get_proof_for_commitment(&sender_commitment)], &program.into(), ) @@ -1169,10 +1163,9 @@ pub mod tests { &state, ); - let sender_id = - AccountId::private_account_id(&sender_keys.npk(), Some(sender_keys.identifier)); + let sender_id = AccountId::private_account_id(&sender_keys.npk(), sender_keys.identifier); let recipient_id = - AccountId::private_account_id(&recipient_keys.npk(), Some(recipient_keys.identifier)); + AccountId::private_account_id(&recipient_keys.npk(), recipient_keys.identifier); let expected_new_commitment_1 = Commitment::new( &sender_id, @@ -1218,8 +1211,7 @@ pub mod tests { #[test] fn transition_from_privacy_preserving_transaction_deshielded() { let sender_keys = test_private_account_keys_1(); - let sender_id = - AccountId::private_account_id(&sender_keys.npk(), Some(sender_keys.identifier)); + let sender_id = AccountId::private_account_id(&sender_keys.npk(), sender_keys.identifier); let sender_nonce = Nonce(0xdead_beef); let sender_private_account = Account { @@ -1304,7 +1296,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1331,7 +1323,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1358,7 +1350,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1385,7 +1377,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1420,7 +1412,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1447,7 +1439,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1483,7 +1475,7 @@ pub mod tests { vec![0, 0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1510,7 +1502,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1547,7 +1539,7 @@ pub mod tests { vec![], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], &program.into(), ); @@ -1584,7 +1576,7 @@ pub mod tests { visibility_mask.to_vec(), vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1596,9 +1588,11 @@ pub mod tests { fn circuit_fails_if_insufficient_nonces_are_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1626,7 +1620,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -1638,7 +1632,8 @@ pub mod tests { fn circuit_fails_if_insufficient_keys_are_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1662,7 +1657,7 @@ pub mod tests { vec![1, 2], private_account_keys.to_vec(), vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -1674,9 +1669,11 @@ pub mod tests { fn circuit_fails_if_insufficient_commitment_proofs_are_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1706,7 +1703,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], private_account_membership_proofs.to_vec(), &program.into(), ); @@ -1718,9 +1715,11 @@ pub mod tests { fn circuit_fails_if_insufficient_auth_keys_are_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1750,7 +1749,7 @@ pub mod tests { ), ], private_account_nsks.to_vec(), - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -1762,9 +1761,11 @@ pub mod tests { fn circuit_fails_if_invalid_auth_keys_are_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1801,7 +1802,7 @@ pub mod tests { vec![1, 2], private_account_keys.to_vec(), private_account_nsks.to_vec(), - vec![], // TODO check (Marvin) + vec![], private_account_membership_proofs.to_vec(), &program.into(), ); @@ -1813,9 +1814,11 @@ pub mod tests { fn circuit_should_fail_if_new_private_account_with_non_default_balance_is_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1850,7 +1853,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -1862,9 +1865,11 @@ pub mod tests { fn circuit_should_fail_if_new_private_account_with_non_default_program_owner_is_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1899,7 +1904,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -1911,9 +1916,11 @@ pub mod tests { fn circuit_should_fail_if_new_private_account_with_non_default_data_is_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1948,7 +1955,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -1960,9 +1967,11 @@ pub mod tests { fn circuit_should_fail_if_new_private_account_with_non_default_nonce_is_provided() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -1997,7 +2006,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -2005,16 +2014,16 @@ pub mod tests { assert!(matches!(result, Err(NssaError::CircuitProvingError(_)))); } - // TODO: (Marvin) this test does not seem to do what it's supposed to. #[test] fn circuit_should_fail_if_new_private_account_is_provided_with_default_values_but_marked_as_authorized() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), Some(0_u128)); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); let recipient_account_id = - AccountId::private_account_id(&recipient_keys.npk(), Some(1_u128)); + AccountId::private_account_id(&recipient_keys.npk(), Identifier(1_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -2046,7 +2055,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![0_u128, 1_u128], // TODO check (Marvin) + vec![Identifier(0_u128), Identifier(1_u128)], vec![Some((0, vec![]))], &program.into(), ); @@ -2054,7 +2063,6 @@ pub mod tests { assert!(matches!(result, Err(NssaError::CircuitProvingError(_)))); } - // TODO: (Marvin) this test does not seem to do what it's supposed to. #[test] fn circuit_should_fail_with_invalid_visibility_mask_value() { let program = Program::simple_balance_transfer(); @@ -2078,7 +2086,7 @@ pub mod tests { vec![], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], &program.into(), ); @@ -2089,9 +2097,11 @@ pub mod tests { fn circuit_should_fail_with_too_many_nonces() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -2119,7 +2129,7 @@ pub mod tests { ), ], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -2131,9 +2141,11 @@ pub mod tests { fn circuit_should_fail_with_too_many_private_account_keys() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -2168,7 +2180,7 @@ pub mod tests { vec![1, 2], private_account_keys.to_vec(), vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -2180,9 +2192,11 @@ pub mod tests { fn circuit_should_fail_with_too_many_private_account_auth_keys() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let recipient_keys = test_private_account_keys_2(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -2215,7 +2229,7 @@ pub mod tests { ), ], private_account_nsks.to_vec(), - vec![], // TODO check (Marvin) + vec![], private_account_membership_proofs.to_vec(), &program.into(), ); @@ -2283,7 +2297,8 @@ pub mod tests { fn circuit_should_fail_if_there_are_repeated_ids() { let program = Program::simple_balance_transfer(); let sender_keys = test_private_account_keys_1(); - let sender_account_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_account_id = + AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let private_account_1 = AccountWithMetadata::new( Account { program_owner: program.id(), @@ -2307,7 +2322,7 @@ pub mod tests { (sender_keys.npk(), shared_secret), ], private_account_nsks.to_vec(), - vec![], // TODO check (Marvin) + vec![], private_account_membership_proofs.to_vec(), &program.into(), ); @@ -2319,13 +2334,13 @@ pub mod tests { fn claiming_mechanism() { let program = Program::authenticated_transfer_program(); let from_key = PrivateKey::try_new([1; 32]).unwrap(); - let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&from_key), None); + let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&from_key)); let initial_balance = 100; let initial_data = [(from, initial_balance)]; let mut state = V03State::new_with_genesis_accounts(&initial_data, &[]).with_test_programs(); let to_key = PrivateKey::try_new([2; 32]).unwrap(); - let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key), None); + let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key)); let amount: u128 = 37; // Check the recipient is an uninitialized account @@ -2361,7 +2376,7 @@ pub mod tests { let program = Program::authenticated_transfer_program(); let account_key = PrivateKey::try_new([9; 32]).unwrap(); let account_id = - AccountId::public_account_id(&PublicKey::new_from_private_key(&account_key), None); + AccountId::public_account_id(&PublicKey::new_from_private_key(&account_key)); let mut state = V03State::new_with_genesis_accounts(&[], &[]); assert_eq!(state.get_account_by_id(account_id), Account::default()); @@ -2383,7 +2398,7 @@ pub mod tests { let program = Program::authenticated_transfer_program(); let account_key = PrivateKey::try_new([10; 32]).unwrap(); let account_id = - AccountId::public_account_id(&PublicKey::new_from_private_key(&account_key), None); + AccountId::public_account_id(&PublicKey::new_from_private_key(&account_key)); let mut state = V03State::new_with_genesis_accounts(&[], &[]); assert_eq!(state.get_account_by_id(account_id), Account::default()); @@ -2414,7 +2429,7 @@ pub mod tests { fn public_chained_call() { let program = Program::chain_caller(); let key = PrivateKey::try_new([1; 32]).unwrap(); - let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&key), None); + let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&key)); let to = AccountId::new([2; 32]); let initial_balance = 1000; let initial_data = [(from, initial_balance), (to, 0)]; @@ -2459,7 +2474,7 @@ pub mod tests { fn execution_fails_if_chained_calls_exceeds_depth() { let program = Program::chain_caller(); let key = PrivateKey::try_new([1; 32]).unwrap(); - let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&key), None); + let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&key)); let to = AccountId::new([2; 32]); let initial_balance = 100; let initial_data = [(from, initial_balance), (to, 0)]; @@ -2544,13 +2559,13 @@ pub mod tests { let chain_caller = Program::chain_caller(); let auth_transfer = Program::authenticated_transfer_program(); let from_key = PrivateKey::try_new([1; 32]).unwrap(); - let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&from_key), None); + let from = AccountId::public_account_id(&PublicKey::new_from_private_key(&from_key)); let initial_balance = 100; let initial_data = [(from, initial_balance)]; let mut state = V03State::new_with_genesis_accounts(&initial_data, &[]).with_test_programs(); let to_key = PrivateKey::try_new([2; 32]).unwrap(); - let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key), None); + let to = AccountId::public_account_id(&PublicKey::new_from_private_key(&to_key)); let amount: u128 = 37; // Check the recipient is an uninitialized account @@ -2604,7 +2619,7 @@ pub mod tests { vec![0], vec![], vec![], - vec![], // TODO check (Marvin) + vec![], vec![], &program.into(), ); @@ -2618,7 +2633,7 @@ pub mod tests { let program_id = program.id(); let sender_keys = test_private_account_keys_1(); let sender_account_id = - AccountId::private_account_id(&sender_keys.npk(), Some(sender_keys.identifier)); + AccountId::private_account_id(&sender_keys.npk(), sender_keys.identifier); let sender_private_account = Account { program_owner: program_id, balance: 100, @@ -2629,10 +2644,8 @@ pub mod tests { V03State::new_with_genesis_accounts(&[], std::slice::from_ref(&sender_commitment)); let sender_pre = AccountWithMetadata::new(sender_private_account, true, sender_account_id); let recipient_private_key = PrivateKey::try_new([2; 32]).unwrap(); - let recipient_account_id = AccountId::public_account_id( - &PublicKey::new_from_private_key(&recipient_private_key), - None, - ); + let recipient_account_id = + AccountId::public_account_id(&PublicKey::new_from_private_key(&recipient_private_key)); let recipient_pre = AccountWithMetadata::new(Account::default(), true, recipient_account_id); @@ -2646,7 +2659,7 @@ pub mod tests { vec![1, 0], vec![(sender_keys.npk(), shared_secret)], vec![sender_keys.nsk], - vec![sender_keys.identifier], // TODO check (Marvin) + vec![sender_keys.identifier], vec![state.get_proof_for_commitment(&sender_commitment)], &program.into(), ) @@ -2681,125 +2694,127 @@ pub mod tests { ); } - // TODO: Marvin fix - // #[test_case::test_case(1; "single call")] - // #[test_case::test_case(2; "two calls")] - // fn private_chained_call(number_of_calls: u32) { - // Arrange - // let chain_caller = Program::chain_caller(); - // let auth_transfers = Program::authenticated_transfer_program(); - // let from_keys = test_private_account_keys_1(); - // let from_account_id = AccountId::private_account_id(&from_keys.npk()); - // let to_keys = test_private_account_keys_2(); - // let to_account_id = AccountId::private_account_id(&to_keys.npk()); - // let initial_balance = 100; - // let from_account = AccountWithMetadata::new( - // Account { - // program_owner: auth_transfers.id(), - // balance: initial_balance, - // ..Account::default() - // }, - // true, - // from_account_id, - // ); - // let to_account = AccountWithMetadata::new( - // Account { - // program_owner: auth_transfers.id(), - // ..Account::default() - // }, - // true, - // to_account_id, - // ); - // - // let from_commitment = Commitment::new(&from_account_id, &from_account.account); - // let to_commitment = Commitment::new(&to_account_id, &to_account.account); - // let mut state = V03State::new_with_genesis_accounts( - // &[], - // &[from_commitment.clone(), to_commitment.clone()], - // ) - // .with_test_programs(); - // let amount: u128 = 37; - // let instruction: (u128, ProgramId, u32, Option) = ( - // amount, - // Program::authenticated_transfer_program().id(), - // number_of_calls, - // None, - // ); - // - // let from_esk = [3; 32]; - // let from_ss = SharedSecretKey::new(&from_esk, &from_keys.vpk()); - // let from_epk = EphemeralPublicKey::from_scalar(from_esk); - // - // let to_esk = [3; 32]; - // let to_ss = SharedSecretKey::new(&to_esk, &to_keys.vpk()); - // let to_epk = EphemeralPublicKey::from_scalar(to_esk); - // - // let mut dependencies = HashMap::new(); - // - // dependencies.insert(auth_transfers.id(), auth_transfers); - // let program_with_deps = ProgramWithDependencies::new(chain_caller, dependencies); - // - // let from_new_nonce = Nonce::default().private_account_nonce_increment(&from_keys.nsk); - // let to_new_nonce = Nonce::default().private_account_nonce_increment(&to_keys.nsk); - // - // let from_expected_post = Account { - // balance: initial_balance - u128::from(number_of_calls) * amount, - // nonce: from_new_nonce, - // ..from_account.account.clone() - // }; - // let from_expected_commitment = Commitment::new(&from_account_id, &from_expected_post); - // - // let to_expected_post = Account { - // balance: u128::from(number_of_calls) * amount, - // nonce: to_new_nonce, - // ..to_account.account.clone() - // }; - // let to_expected_commitment = Commitment::new(&to_account_id, &to_expected_post); - // - // Act - // let (output, proof) = execute_and_prove( - // vec![to_account, from_account], - // Program::serialize_instruction(instruction).unwrap(), - // vec![1, 1], - // vec![(from_keys.npk(), to_ss), (to_keys.npk(), from_ss)], - // vec![from_keys.nsk, to_keys.nsk], - // vec![ - // state.get_proof_for_commitment(&from_commitment), - // state.get_proof_for_commitment(&to_commitment), - // ], - // &program_with_deps, - // ) - // .unwrap(); - // - // let message = Message::try_from_circuit_output( - // vec![], - // vec![], - // vec![ - // (to_account_id, to_keys.vpk(), to_epk), - // (from_account_id, from_keys.vpk(), from_epk), - // ], - // output, - // ) - // .unwrap(); - // let witness_set = WitnessSet::for_message(&message, proof, &[]); - // let transaction = PrivacyPreservingTransaction::new(message, witness_set); - // - // state - // .transition_from_privacy_preserving_transaction(&transaction, 1, 0) - // .unwrap(); - // - // Assert - // assert!( - // state - // .get_proof_for_commitment(&from_expected_commitment) - // .is_some() - // ); - // assert!( - // state - // .get_proof_for_commitment(&to_expected_commitment) - // .is_some() - // ); - // } + // TODO: Marvin check this + #[test_case::test_case(1; "single call")] + #[test_case::test_case(2; "two calls")] + fn private_chained_call(number_of_calls: u32) { + // Arrange + let chain_caller = Program::chain_caller(); + let auth_transfers = Program::authenticated_transfer_program(); + let from_keys = test_private_account_keys_1(); + let to_keys = test_private_account_keys_2(); + let initial_balance = 100; + let from_account_id = AccountId::private_account_id(&from_keys.npk(), from_keys.identifier); + let from_account = AccountWithMetadata::new( + Account { + program_owner: auth_transfers.id(), + balance: initial_balance, + ..Account::default() + }, + true, + from_account_id, + ); + let to_account_id = AccountId::private_account_id(&to_keys.npk(), to_keys.identifier); + let to_account = AccountWithMetadata::new( + Account { + program_owner: auth_transfers.id(), + ..Account::default() + }, + true, + to_account_id, + ); + + let from_commitment = Commitment::new(&from_account_id, &from_account.account); + let to_commitment = Commitment::new(&to_account_id, &to_account.account); + let mut state = V03State::new_with_genesis_accounts( + &[], + &[from_commitment.clone(), to_commitment.clone()], + ) + .with_test_programs(); + let amount: u128 = 37; + let instruction: (u128, ProgramId, u32, Option) = ( + amount, + Program::authenticated_transfer_program().id(), + number_of_calls, + None, + ); + + let from_esk = [3; 32]; + let from_ss = SharedSecretKey::new(&from_esk, &from_keys.vpk()); + let from_epk = EphemeralPublicKey::from_scalar(from_esk); + + let to_esk = [3; 32]; + let to_ss = SharedSecretKey::new(&to_esk, &to_keys.vpk()); + let to_epk = EphemeralPublicKey::from_scalar(to_esk); + + let mut dependencies = HashMap::new(); + + dependencies.insert(auth_transfers.id(), auth_transfers); + let program_with_deps = ProgramWithDependencies::new(chain_caller, dependencies); + + let from_new_nonce = Nonce::default().private_account_nonce_increment(&from_keys.nsk); + let to_new_nonce = Nonce::default().private_account_nonce_increment(&to_keys.nsk); + + let from_expected_post = Account { + balance: initial_balance - u128::from(number_of_calls) * amount, + nonce: from_new_nonce, + ..from_account.account.clone() + }; + let from_expected_commitment = Commitment::new(&from_account_id, &from_expected_post); + + let to_expected_post = Account { + balance: u128::from(number_of_calls) * amount, + nonce: to_new_nonce, + ..to_account.account.clone() + }; + let to_expected_commitment = Commitment::new(&to_account_id, &to_expected_post); + + // Act + let (output, proof) = execute_and_prove( + vec![to_account, from_account], + Program::serialize_instruction(instruction).unwrap(), + vec![1, 1], + vec![(from_keys.npk(), to_ss), (to_keys.npk(), from_ss)], + vec![from_keys.nsk, to_keys.nsk], + vec![from_keys.identifier, to_keys.identifier], + vec![ + state.get_proof_for_commitment(&from_commitment), + state.get_proof_for_commitment(&to_commitment), + ], + &program_with_deps, + ) + .unwrap(); + + let message = Message::try_from_circuit_output( + vec![], + vec![], + vec![ + (to_account_id, to_keys.vpk(), to_epk), + (from_account_id, from_keys.vpk(), from_epk), + ], + output, + ) + .unwrap(); + let witness_set = WitnessSet::for_message(&message, proof, &[]); + let transaction = PrivacyPreservingTransaction::new(message, witness_set); + + state + .transition_from_privacy_preserving_transaction(&transaction, 1, 0) + .unwrap(); + + // Assert + assert!( + state + .get_proof_for_commitment(&from_expected_commitment) + .is_some() + ); + assert!( + state + .get_proof_for_commitment(&to_expected_commitment) + .is_some() + ); + } + #[test] fn pda_mechanism_with_pinata_token_program() { let pinata_token = Program::pinata_token(); @@ -2921,13 +2936,12 @@ pub mod tests { #[test] fn malicious_program_cannot_break_balance_validation() { let sender_key = PrivateKey::try_new([37; 32]).unwrap(); - let sender_id = - AccountId::public_account_id(&PublicKey::new_from_private_key(&sender_key), None); + let sender_id = AccountId::public_account_id(&PublicKey::new_from_private_key(&sender_key)); let sender_init_balance: u128 = 10; let recipient_key = PrivateKey::try_new([42; 32]).unwrap(); let recipient_id = - AccountId::public_account_id(&PublicKey::new_from_private_key(&recipient_key), None); + AccountId::public_account_id(&PublicKey::new_from_private_key(&recipient_key)); let recipient_init_balance: u128 = 10; let mut state = V03State::new_with_genesis_accounts( @@ -2990,7 +3004,7 @@ pub mod tests { // Set up keys for the authorized private account let private_keys = test_private_account_keys_1(); let account_id = - AccountId::private_account_id(&private_keys.npk(), Some(private_keys.identifier)); + AccountId::private_account_id(&private_keys.npk(), private_keys.identifier); // Create an authorized private account with default values (new account being initialized) let authorized_account = AccountWithMetadata::new(Account::default(), true, account_id); @@ -3012,7 +3026,7 @@ pub mod tests { vec![1], vec![(private_keys.npk(), shared_secret)], vec![private_keys.nsk], - vec![private_keys.identifier], // TODO check (Marvin) + vec![private_keys.identifier], vec![None], &program.into(), ) @@ -3043,7 +3057,7 @@ pub mod tests { let private_keys = test_private_account_keys_1(); let account_id = - AccountId::private_account_id(&private_keys.npk(), Some(private_keys.identifier)); + AccountId::private_account_id(&private_keys.npk(), private_keys.identifier); // This is intentional: claim authorization was introduced to protect public accounts, // especially PDAs. Private PDAs are not useful in practice because there is no way to // operate them without the corresponding private keys, so unauthorized private claiming @@ -3061,7 +3075,7 @@ pub mod tests { vec![2], vec![(private_keys.npk(), shared_secret)], vec![], - vec![private_keys.identifier], // TODO check (Marvin) + vec![private_keys.identifier], vec![None], &program.into(), ) @@ -3093,7 +3107,7 @@ pub mod tests { // Set up keys for the private account let private_keys = test_private_account_keys_1(); let account_id = - AccountId::private_account_id(&private_keys.npk(), Some(private_keys.identifier)); + AccountId::private_account_id(&private_keys.npk(), private_keys.identifier); // Step 1: Create a new private account with authorization let authorized_account = AccountWithMetadata::new(Account::default(), true, account_id); @@ -3114,7 +3128,7 @@ pub mod tests { vec![1], vec![(private_keys.npk(), shared_secret)], vec![private_keys.nsk], - vec![private_keys.identifier], // TODO check (Marvin) + vec![private_keys.identifier], vec![None], &claimer_program.into(), ) @@ -3160,7 +3174,7 @@ pub mod tests { vec![1], vec![(private_keys.npk(), shared_secret2)], vec![private_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![None], &noop_program.into(), ); @@ -3219,8 +3233,7 @@ pub mod tests { fn private_changer_claimer_no_data_change_no_claim_succeeds() { let program = Program::changer_claimer(); let sender_keys = test_private_account_keys_1(); - let sender_id = - AccountId::private_account_id(&sender_keys.npk(), Some(sender_keys.identifier)); + let sender_id = AccountId::private_account_id(&sender_keys.npk(), sender_keys.identifier); let private_account = AccountWithMetadata::new(Account::default(), true, sender_id); // Don't change data (None) and don't claim (false) let instruction: (Option>, bool) = (None, false); @@ -3234,7 +3247,7 @@ pub mod tests { SharedSecretKey::new(&[3; 32], &sender_keys.vpk()), )], vec![sender_keys.nsk], - vec![sender_keys.identifier], // TODO check (Marvin) + vec![sender_keys.identifier], vec![Some((0, vec![]))], &program.into(), ); @@ -3247,7 +3260,7 @@ pub mod tests { fn private_changer_claimer_data_change_no_claim_fails() { let program = Program::changer_claimer(); let sender_keys = test_private_account_keys_1(); - let sender_id = AccountId::private_account_id(&sender_keys.npk(), None); + let sender_id = AccountId::private_account_id(&sender_keys.npk(), Identifier(0_u128)); let private_account = AccountWithMetadata::new(Account::default(), true, sender_id); // Change data but don't claim (false) - should fail let new_data = vec![1, 2, 3, 4, 5]; @@ -3262,7 +3275,7 @@ pub mod tests { SharedSecretKey::new(&[3; 32], &sender_keys.vpk()), )], vec![sender_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![Some((0, vec![]))], &program.into(), ); @@ -3278,7 +3291,8 @@ pub mod tests { let auth_transfers = Program::authenticated_transfer_program(); let sender_keys = test_public_account_keys_1(); let recipient_keys = test_private_account_keys_1(); - let recipient_account_id = AccountId::private_account_id(&recipient_keys.npk(), None); + let recipient_account_id = + AccountId::private_account_id(&recipient_keys.npk(), Identifier(0_u128)); let sender_account = AccountWithMetadata::new( Account { @@ -3316,7 +3330,7 @@ pub mod tests { vec![0, 1], vec![(recipient_keys.npk(), recipient)], vec![recipient_keys.nsk], - vec![], // TODO check (Marvin) + vec![], vec![state.get_proof_for_commitment(&recipient_commitment)], &program_with_deps, ); @@ -3450,7 +3464,8 @@ pub mod tests { let block_validity_window: BlockValidityWindow = validity_window.try_into().unwrap(); let validity_window_program = Program::validity_window(); let account_keys = test_private_account_keys_1(); - let account_id = AccountId::private_account_id(&account_keys.npk(), Some(account_keys.identifier)); + let account_id = + AccountId::private_account_id(&account_keys.npk(), account_keys.identifier); let pre = AccountWithMetadata::new(Account::default(), false, account_id); let mut state = V03State::new_with_genesis_accounts(&[], &[]).with_test_programs(); let tx = { @@ -3473,7 +3488,7 @@ pub mod tests { &validity_window_program.into(), ) .unwrap(); - + let message = Message::try_from_circuit_output( vec![], vec![], @@ -3521,7 +3536,8 @@ pub mod tests { validity_window.try_into().unwrap(); let validity_window_program = Program::validity_window(); let account_keys = test_private_account_keys_1(); - let account_id = AccountId::private_account_id(&account_keys.npk(), Some(account_keys.identifier)); + let account_id = + AccountId::private_account_id(&account_keys.npk(), account_keys.identifier); let pre = AccountWithMetadata::new(Account::default(), false, account_id); let mut state = V03State::new_with_genesis_accounts(&[], &[]).with_test_programs(); let tx = { diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit.rs b/program_methods/guest/src/bin/privacy_preserving_circuit.rs index f6e974ff..72673587 100644 --- a/program_methods/guest/src/bin/privacy_preserving_circuit.rs +++ b/program_methods/guest/src/bin/privacy_preserving_circuit.rs @@ -7,7 +7,7 @@ use nssa_core::{ Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, MembershipProof, Nullifier, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput, SharedSecretKey, - account::{Account, AccountId, AccountWithMetadata, Nonce}, + account::{Account, AccountId, AccountWithMetadata, Identifier, Nonce}, compute_digest_for_path, program::{ AccountPostState, BlockValidityWindow, ChainedCall, Claim, DEFAULT_PROGRAM_ID, @@ -295,7 +295,7 @@ fn compute_circuit_output( visibility_mask: &[u8], private_account_keys: &[(NullifierPublicKey, SharedSecretKey)], private_account_nsks: &[NullifierSecretKey], - private_account_identifiers: &[u128], + private_account_identifiers: &[Identifier], private_account_membership_proofs: &[Option], ) -> PrivacyPreservingCircuitOutput { let mut output = PrivacyPreservingCircuitOutput { @@ -335,15 +335,12 @@ fn compute_circuit_output( panic!("Missing private account key"); }; - // TODO: (Marvin) double check let Some(identifier) = private_identifiers_iter.next() else { panic!("Missing private account identifier"); }; - // TODO: (Marvin) identifier used here) - // Relevant here as this applies for both cases (authenicated and not authenicated). assert_eq!( - AccountId::private_account_id(npk, Some(*identifier)), + AccountId::private_account_id(npk, *identifier), pre_state.account_id, "AccountId mismatch" ); @@ -406,9 +403,7 @@ fn compute_circuit_output( "Membership proof must be None for unauthorized accounts" ); - // TODO: (Marvin) need to add a Vec as input. - // TODO: use here - let account_id = AccountId::private_account_id(npk, Some(*identifier)); + let account_id = AccountId::private_account_id(npk, *identifier); let nullifier = Nullifier::for_account_initialization(&account_id); let new_nonce = Nonce::private_account_nonce_init(npk); @@ -466,11 +461,11 @@ fn compute_nullifier_and_set_digest( pre_account: &Account, npk: &NullifierPublicKey, nsk: &NullifierSecretKey, - identifier: u128, + identifier: Identifier, ) -> (Nullifier, CommitmentSetDigest) { // TODO: consider rewriting the function to receive account id instead of npk. // NOTE: this does not use the identifier at all. - let account_id = AccountId::private_account_id(npk, Some(identifier)); + let account_id = AccountId::private_account_id(npk, identifier); membership_proof_opt.as_ref().map_or_else( || { assert_eq!( diff --git a/programs/amm/src/tests.rs b/programs/amm/src/tests.rs index ec4f733c..fb1f9c22 100644 --- a/programs/amm/src/tests.rs +++ b/programs/amm/src/tests.rs @@ -1313,24 +1313,21 @@ impl IdForExeTests { } fn user_token_a_id() -> AccountId { - AccountId::public_account_id( - &PublicKey::new_from_private_key(&PrivateKeysForTests::user_token_a_key()), - None, - ) + AccountId::public_account_id(&PublicKey::new_from_private_key( + &PrivateKeysForTests::user_token_a_key(), + )) } fn user_token_b_id() -> AccountId { - AccountId::public_account_id( - &PublicKey::new_from_private_key(&PrivateKeysForTests::user_token_b_key()), - None, - ) + AccountId::public_account_id(&PublicKey::new_from_private_key( + &PrivateKeysForTests::user_token_b_key(), + )) } fn user_token_lp_id() -> AccountId { - AccountId::public_account_id( - &PublicKey::new_from_private_key(&PrivateKeysForTests::user_token_lp_key()), - None, - ) + AccountId::public_account_id(&PublicKey::new_from_private_key( + &PrivateKeysForTests::user_token_lp_key(), + )) } fn vault_a_id() -> AccountId { diff --git a/storage/src/indexer/mod.rs b/storage/src/indexer/mod.rs index c883bf81..8375b3a3 100644 --- a/storage/src/indexer/mod.rs +++ b/storage/src/indexer/mod.rs @@ -243,11 +243,11 @@ mod tests { } fn acc1() -> AccountId { - AccountId::public_account_id(&PublicKey::new_from_private_key(&acc1_sign_key()), None) + AccountId::public_account_id(&PublicKey::new_from_private_key(&acc1_sign_key())) } fn acc2() -> AccountId { - AccountId::public_account_id(&PublicKey::new_from_private_key(&acc2_sign_key()), None) + AccountId::public_account_id(&PublicKey::new_from_private_key(&acc2_sign_key())) } #[test] diff --git a/testnet_initial_state/src/lib.rs b/testnet_initial_state/src/lib.rs index a86ca5d0..b734ab21 100644 --- a/testnet_initial_state/src/lib.rs +++ b/testnet_initial_state/src/lib.rs @@ -5,7 +5,8 @@ use key_protocol::key_management::{ }; use nssa::{Account, AccountId, Data, V03State}; use nssa_core::{ - NullifierPublicKey, PrivateKey, PublicKey, encryption::shared_key_derivation::Secp256k1Point, + NullifierPublicKey, PrivateKey, PublicKey, account::Identifier, + encryption::shared_key_derivation::Secp256k1Point, }; use serde::{Deserialize, Serialize}; @@ -110,17 +111,15 @@ pub fn initial_pub_accounts_private_keys() -> Vec Vec Vec V03State { .iter() .map(|init_comm_data| { let npk = &init_comm_data.npk; - let acc_id = &AccountId::private_account_id(npk, None); + let acc_id = &AccountId::private_account_id(npk, Identifier(0_u128)); let mut acc = init_comm_data.account.clone(); diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index 828d6fa8..ab914a8d 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -396,7 +396,7 @@ impl WalletCore { .map(|keys| (keys.npk.clone(), keys.ssk)) .collect::>(), acc_manager.private_account_auth(), - vec![], // TODO check (Marvin) + vec![], acc_manager.private_account_membership_proofs(), &program.to_owned(), ) @@ -410,7 +410,7 @@ impl WalletCore { .iter() .map(|keys| { ( - AccountId::private_account_id(&keys.npk.clone(), None), + AccountId::private_account_id(&keys.npk.clone(), Identifier(0_u128)), keys.vpk.clone(), keys.epk.clone(), ) @@ -505,7 +505,10 @@ impl WalletCore { let affected_accounts = private_account_key_chains .flat_map(|(acc_account_id, key_chain, index)| { let view_tag = EncryptedAccountData::compute_view_tag( - &AccountId::private_account_id(&key_chain.nullifier_public_key, None), + &AccountId::private_account_id( + &key_chain.nullifier_public_key, + Identifier(0_u128), + ), &key_chain.viewing_public_key, );