Addresses the following review comments from @Arjentix:
- "I think there are too many internal implementation information
exposed here. This structure is used by our users, program devs. And
they should not care about distinction between private or public pda
or different masks"
(on ChainedCall.pda_seeds, same feedback repeated on Claim::Pda)
I rewrote both docstrings to drop internal details (visibility masks,
per-form derivation names, npk handling). Program devs see only that
they emit a seed and the `AccountId` is derived from
`(program_id, seed)` regardless of whether the account is public or
private.
- "Let's reflect the new nuance in the name"
(on compute_authorized_pdas returning public-form derivations only)
I renamed the function to `compute_public_authorized_pdas`. After
the PR #446 rework the function only returns public-form
derivations, the private-form authorization lives in the circuit
guest. Updated the call site in nssa/src/validated_state_diff.rs
and the two unit tests.
Addresses the following review comment:
- "I think this should be a constructor `AccountId::for_private_pda`.
Consider also removing the existing `impl From<(ProgramId, Seed)> for
AccountId` for public pdas in favor of a `AccountId::for_public_pda`
to have a unified way of constructing pdas"
I replaced `impl From<(&ProgramId, &PdaSeed)> for AccountId` with
`AccountId::for_public_pda(program_id: &ProgramId, seed: &PdaSeed) ->
Self` and replaced the free function `private_pda_account_id(...)`
with `AccountId::for_private_pda(program_id: &ProgramId, seed:
&PdaSeed, npk: &NullifierPublicKey) -> Self`. Both live in an inherent
`impl AccountId` block in nssa/core/src/program.rs next to the PDA
derivation logic. Migrated all call sites across nssa/core,
nssa/src/state.rs, nssa/src/validated_state_diff.rs,
program_methods/guest/src/bin/privacy_preserving_circuit.rs,
programs/amm/core, programs/associated_token_account/core, the example
tail-call binary, and the ATA tutorial doc. Test function names that
referenced the old free function were also renamed
(private_pda_account_id_* to for_private_pda_*).
Addresses the following review comments:
- "I'd keep this crate independent of wallet references"
I replaced all with "supplied npk".
- Rename request on locals attested_keys/wallet_keys
In mask_3_wallet_npk_mismatch_panics the two key sets play distinct
roles, one produces the pre_state's account_id (the registered pair)
and the other is supplied in private_account_keys as the mismatched
npk. Collapsing both to `keys` would be misleading. I renamed to
keys_a and keys_b with an inline comment noting which one is the
registered one and which one is mismatched.
