From 8a82517fdd7080390d2672edd4336a077037d5aa Mon Sep 17 00:00:00 2001
From: Giacomo Pasini <21265557+zeegomo@users.noreply.github.com>
Date: Tue, 6 Feb 2024 16:37:49 +0100
Subject: [PATCH] Add nonce specification (#64)

* Add nonce specification

* tweak nonce definition
---
 cryptarchia/cryptarchia.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cryptarchia/cryptarchia.py b/cryptarchia/cryptarchia.py
index 2df0958..1a0e42c 100644
--- a/cryptarchia/cryptarchia.py
+++ b/cryptarchia/cryptarchia.py
@@ -187,6 +187,9 @@ class LedgerState:
     """
 
     block: Id = None
+    # This nonce is used to derive the seed for the slot leader lottery
+    # It's updated at every block by hashing the previous nonce with the nullifier
+    # Note that this does not prevent nonce grinding at the last slot before the nonce snapshot
     nonce: Id = None
     total_stake: int = None
     commitments: set[Id] = field(default_factory=set)  # set of commitments
@@ -209,6 +212,13 @@ class LedgerState:
 
     def apply(self, block: BlockHeader):
         assert block.parent == self.block
+
+        h = blake2b(digest_size=32)
+        h.update("epoch-nonce".encode(encoding="utf-8"))
+        h.update(self.nonce)
+        h.update(block.leader_proof.nullifier)
+
+        self.nonce = h.digest()
         self.block = block.id()
         self.nullifiers.add(block.leader_proof.nullifier)