@ottochain/sdk 2.2.5 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (222) hide show
  1. package/dist/cjs/apps/contracts/index.js +15 -8
  2. package/dist/cjs/apps/contracts/state-machines/contract-agreement.js +89 -46
  3. package/dist/cjs/apps/contracts/state-machines/contract-escrow.js +152 -45
  4. package/dist/cjs/apps/contracts/state-machines/contract-universal.js +40 -8
  5. package/dist/cjs/apps/corporate/index.js +2 -2
  6. package/dist/cjs/apps/corporate/state-machines/corp-board.js +169 -59
  7. package/dist/cjs/apps/corporate/state-machines/corp-entity.js +245 -47
  8. package/dist/cjs/apps/corporate/state-machines/corp-securities.js +407 -99
  9. package/dist/cjs/apps/corporate/state-machines/corp-shareholders.js +151 -37
  10. package/dist/cjs/apps/governance/index.js +14 -14
  11. package/dist/cjs/apps/governance/state-machines/dao-multisig.js +85 -43
  12. package/dist/cjs/apps/governance/state-machines/dao-reputation.js +73 -43
  13. package/dist/cjs/apps/governance/state-machines/dao-single.js +55 -14
  14. package/dist/cjs/apps/governance/state-machines/dao-token.js +103 -45
  15. package/dist/cjs/apps/governance/state-machines/governance-simple.js +129 -65
  16. package/dist/cjs/apps/governance/state-machines/governance-universal.js +29 -5
  17. package/dist/cjs/apps/identity/constants.js +55 -14
  18. package/dist/cjs/apps/identity/index.js +27 -11
  19. package/dist/cjs/apps/identity/state-machines/identity-agent.js +57 -9
  20. package/dist/cjs/apps/identity/state-machines/identity-oracle.js +70 -27
  21. package/dist/cjs/apps/identity/state-machines/identity-registry.js +288 -0
  22. package/dist/cjs/apps/identity/state-machines/identity-universal.js +30 -6
  23. package/dist/cjs/apps/identity/state-machines/index.js +3 -1
  24. package/dist/cjs/apps/index.js +19 -8
  25. package/dist/cjs/apps/lending/assets.js +223 -0
  26. package/dist/cjs/apps/lending/credit-scoring.js +87 -0
  27. package/dist/cjs/apps/lending/eligibility.js +121 -0
  28. package/dist/cjs/apps/lending/index.js +91 -0
  29. package/dist/cjs/apps/lending/state-machines/index.js +9 -0
  30. package/dist/cjs/apps/lending/state-machines/lending-zk-loan.js +412 -0
  31. package/dist/cjs/apps/markets/index.js +21 -11
  32. package/dist/cjs/apps/markets/state-machines/market-auction.js +44 -19
  33. package/dist/cjs/apps/markets/state-machines/market-crowdfund.js +54 -29
  34. package/dist/cjs/apps/markets/state-machines/market-group-buy.js +53 -31
  35. package/dist/cjs/apps/markets/state-machines/market-prediction.js +120 -61
  36. package/dist/cjs/apps/markets/state-machines/market-universal.js +50 -10
  37. package/dist/cjs/apps/oracles/index.js +2 -2
  38. package/dist/cjs/errors.js +3 -3
  39. package/dist/cjs/generated/google/protobuf/struct.js +4 -4
  40. package/dist/cjs/generated/index.js +11 -7
  41. package/dist/cjs/generated/openapi.js +6 -0
  42. package/dist/cjs/generated/ottochain/apps/contracts/v1/contract.js +50 -50
  43. package/dist/cjs/generated/ottochain/apps/corporate/v1/corporate.js +19 -20
  44. package/dist/cjs/generated/ottochain/apps/governance/v1/governance.js +13 -13
  45. package/dist/cjs/generated/ottochain/apps/identity/v1/attestation.js +4 -4
  46. package/dist/cjs/generated/ottochain/apps/identity/v1/identity.js +124 -130
  47. package/dist/cjs/generated/ottochain/apps/markets/v1/market.js +107 -107
  48. package/dist/cjs/generated/ottochain/v1/common.js +1722 -1
  49. package/dist/cjs/generated/ottochain/v1/fiber.js +355 -5
  50. package/dist/cjs/generated/ottochain/v1/messages.js +775 -3
  51. package/dist/cjs/generated/ottochain/v1/records.js +350 -3
  52. package/dist/cjs/index.js +45 -7
  53. package/dist/cjs/openapi.js +2 -0
  54. package/dist/cjs/ottochain/drop-nulls.js +1 -2
  55. package/dist/cjs/ottochain/genesis-manifest.js +193 -0
  56. package/dist/cjs/ottochain/index.js +27 -13
  57. package/dist/cjs/ottochain/metagraph-client.js +65 -8
  58. package/dist/cjs/ottochain/snapshot.js +11 -12
  59. package/dist/cjs/ottochain/transaction.js +57 -14
  60. package/dist/cjs/ottochain/types.js +19 -1
  61. package/dist/cjs/privacy/index.js +14 -0
  62. package/dist/cjs/privacy/sealed-bid.js +210 -0
  63. package/dist/cjs/privacy/shield-app.js +131 -0
  64. package/dist/cjs/schema/effects.js +40 -0
  65. package/dist/cjs/schema/fiber-app.js +19 -13
  66. package/dist/cjs/schema/guard-lint.js +352 -0
  67. package/dist/cjs/schema/guards.js +246 -0
  68. package/dist/cjs/signing.js +80 -0
  69. package/dist/cjs/types.js +2 -3
  70. package/dist/cjs/validation.js +8 -8
  71. package/dist/cjs/verify.js +9 -4
  72. package/dist/cjs/zk/commit.js +53 -0
  73. package/dist/cjs/zk/guard.js +107 -0
  74. package/dist/cjs/zk/index.js +48 -0
  75. package/dist/cjs/zk/preimage.js +37 -0
  76. package/dist/cjs/zk/prover.js +87 -0
  77. package/dist/cjs/zk/registry.js +62 -0
  78. package/dist/cjs/zk/types.js +28 -0
  79. package/dist/cjs/zk/witness.js +19 -0
  80. package/dist/esm/apps/contracts/index.js +7 -3
  81. package/dist/esm/apps/contracts/state-machines/contract-agreement.js +89 -46
  82. package/dist/esm/apps/contracts/state-machines/contract-escrow.js +152 -45
  83. package/dist/esm/apps/contracts/state-machines/contract-universal.js +40 -8
  84. package/dist/esm/apps/corporate/state-machines/corp-board.js +169 -59
  85. package/dist/esm/apps/corporate/state-machines/corp-entity.js +245 -47
  86. package/dist/esm/apps/corporate/state-machines/corp-securities.js +407 -99
  87. package/dist/esm/apps/corporate/state-machines/corp-shareholders.js +151 -37
  88. package/dist/esm/apps/governance/state-machines/dao-multisig.js +85 -43
  89. package/dist/esm/apps/governance/state-machines/dao-reputation.js +73 -43
  90. package/dist/esm/apps/governance/state-machines/dao-single.js +55 -14
  91. package/dist/esm/apps/governance/state-machines/dao-token.js +103 -45
  92. package/dist/esm/apps/governance/state-machines/governance-simple.js +129 -65
  93. package/dist/esm/apps/governance/state-machines/governance-universal.js +29 -5
  94. package/dist/esm/apps/identity/constants.js +51 -12
  95. package/dist/esm/apps/identity/index.js +12 -7
  96. package/dist/esm/apps/identity/state-machines/identity-agent.js +57 -9
  97. package/dist/esm/apps/identity/state-machines/identity-oracle.js +70 -27
  98. package/dist/esm/apps/identity/state-machines/identity-registry.js +285 -0
  99. package/dist/esm/apps/identity/state-machines/identity-universal.js +30 -6
  100. package/dist/esm/apps/identity/state-machines/index.js +1 -0
  101. package/dist/esm/apps/index.js +1 -0
  102. package/dist/esm/apps/lending/assets.js +207 -0
  103. package/dist/esm/apps/lending/credit-scoring.js +81 -0
  104. package/dist/esm/apps/lending/eligibility.js +115 -0
  105. package/dist/esm/apps/lending/index.js +69 -0
  106. package/dist/esm/apps/lending/state-machines/index.js +5 -0
  107. package/dist/esm/apps/lending/state-machines/lending-zk-loan.js +409 -0
  108. package/dist/esm/apps/markets/index.js +8 -4
  109. package/dist/esm/apps/markets/state-machines/market-auction.js +44 -19
  110. package/dist/esm/apps/markets/state-machines/market-crowdfund.js +54 -29
  111. package/dist/esm/apps/markets/state-machines/market-group-buy.js +53 -31
  112. package/dist/esm/apps/markets/state-machines/market-prediction.js +120 -61
  113. package/dist/esm/apps/markets/state-machines/market-universal.js +50 -10
  114. package/dist/esm/generated/index.js +9 -5
  115. package/dist/esm/generated/openapi.js +5 -0
  116. package/dist/esm/generated/ottochain/apps/contracts/v1/contract.js +46 -46
  117. package/dist/esm/generated/ottochain/apps/identity/v1/identity.js +114 -120
  118. package/dist/esm/generated/ottochain/apps/markets/v1/market.js +100 -100
  119. package/dist/esm/generated/ottochain/v1/common.js +1718 -0
  120. package/dist/esm/generated/ottochain/v1/fiber.js +351 -1
  121. package/dist/esm/generated/ottochain/v1/messages.js +774 -2
  122. package/dist/esm/generated/ottochain/v1/records.js +349 -2
  123. package/dist/esm/index.js +23 -2
  124. package/dist/esm/openapi.js +1 -0
  125. package/dist/esm/ottochain/genesis-manifest.js +189 -0
  126. package/dist/esm/ottochain/index.js +4 -3
  127. package/dist/esm/ottochain/metagraph-client.js +65 -8
  128. package/dist/esm/ottochain/snapshot.js +4 -4
  129. package/dist/esm/ottochain/transaction.js +43 -3
  130. package/dist/esm/ottochain/types.js +18 -0
  131. package/dist/esm/privacy/index.js +6 -0
  132. package/dist/esm/privacy/sealed-bid.js +206 -0
  133. package/dist/esm/privacy/shield-app.js +127 -0
  134. package/dist/esm/schema/effects.js +35 -0
  135. package/dist/esm/schema/fiber-app.js +13 -6
  136. package/dist/esm/schema/guard-lint.js +346 -0
  137. package/dist/esm/schema/guards.js +229 -0
  138. package/dist/esm/signing.js +74 -0
  139. package/dist/esm/verify.js +8 -2
  140. package/dist/esm/zk/commit.js +44 -0
  141. package/dist/esm/zk/guard.js +99 -0
  142. package/dist/esm/zk/index.js +19 -0
  143. package/dist/esm/zk/preimage.js +30 -0
  144. package/dist/esm/zk/prover.js +82 -0
  145. package/dist/esm/zk/registry.js +55 -0
  146. package/dist/esm/zk/types.js +25 -0
  147. package/dist/esm/zk/witness.js +15 -0
  148. package/dist/types/apps/contracts/index.d.ts +159 -227
  149. package/dist/types/apps/contracts/state-machines/contract-agreement.d.ts +50 -101
  150. package/dist/types/apps/contracts/state-machines/contract-escrow.d.ts +86 -120
  151. package/dist/types/apps/contracts/state-machines/contract-universal.d.ts +20 -4
  152. package/dist/types/apps/corporate/index.d.ts +1040 -304
  153. package/dist/types/apps/corporate/state-machines/corp-board.d.ts +188 -52
  154. package/dist/types/apps/corporate/state-machines/corp-entity.d.ts +267 -62
  155. package/dist/types/apps/corporate/state-machines/corp-securities.d.ts +355 -131
  156. package/dist/types/apps/corporate/state-machines/corp-shareholders.d.ts +225 -53
  157. package/dist/types/apps/governance/index.d.ts +396 -417
  158. package/dist/types/apps/governance/state-machines/dao-multisig.d.ts +92 -95
  159. package/dist/types/apps/governance/state-machines/dao-reputation.d.ts +57 -69
  160. package/dist/types/apps/governance/state-machines/dao-single.d.ts +40 -50
  161. package/dist/types/apps/governance/state-machines/dao-token.d.ts +80 -53
  162. package/dist/types/apps/governance/state-machines/governance-simple.d.ts +107 -121
  163. package/dist/types/apps/governance/state-machines/governance-universal.d.ts +17 -5
  164. package/dist/types/apps/identity/constants.d.ts +32 -4
  165. package/dist/types/apps/identity/index.d.ts +449 -100
  166. package/dist/types/apps/identity/state-machines/identity-agent.d.ts +30 -0
  167. package/dist/types/apps/identity/state-machines/identity-oracle.d.ts +41 -87
  168. package/dist/types/apps/identity/state-machines/identity-registry.d.ts +379 -0
  169. package/dist/types/apps/identity/state-machines/identity-universal.d.ts +15 -0
  170. package/dist/types/apps/identity/state-machines/index.d.ts +1 -0
  171. package/dist/types/apps/index.d.ts +1 -0
  172. package/dist/types/apps/lending/assets.d.ts +258 -0
  173. package/dist/types/apps/lending/credit-scoring.d.ts +80 -0
  174. package/dist/types/apps/lending/eligibility.d.ts +83 -0
  175. package/dist/types/apps/lending/index.d.ts +548 -0
  176. package/dist/types/apps/lending/state-machines/index.d.ts +5 -0
  177. package/dist/types/apps/lending/state-machines/lending-zk-loan.d.ts +528 -0
  178. package/dist/types/apps/markets/index.d.ts +184 -204
  179. package/dist/types/apps/markets/state-machines/market-auction.d.ts +25 -37
  180. package/dist/types/apps/markets/state-machines/market-crowdfund.d.ts +26 -34
  181. package/dist/types/apps/markets/state-machines/market-group-buy.d.ts +31 -43
  182. package/dist/types/apps/markets/state-machines/market-prediction.d.ts +67 -72
  183. package/dist/types/apps/markets/state-machines/market-universal.d.ts +30 -10
  184. package/dist/types/generated/index.d.ts +5 -5
  185. package/dist/types/generated/openapi.d.ts +1257 -0
  186. package/dist/types/generated/ottochain/apps/contracts/v1/contract.d.ts +5 -5
  187. package/dist/types/generated/ottochain/apps/identity/v1/identity.d.ts +12 -12
  188. package/dist/types/generated/ottochain/apps/markets/v1/market.d.ts +11 -11
  189. package/dist/types/generated/ottochain/v1/common.d.ts +228 -0
  190. package/dist/types/generated/ottochain/v1/fiber.d.ts +32 -1
  191. package/dist/types/generated/ottochain/v1/messages.d.ts +84 -0
  192. package/dist/types/generated/ottochain/v1/records.d.ts +34 -0
  193. package/dist/types/index.d.ts +8 -2
  194. package/dist/types/openapi.d.ts +22 -0
  195. package/dist/types/ottochain/genesis-manifest.d.ts +130 -0
  196. package/dist/types/ottochain/index.d.ts +6 -5
  197. package/dist/types/ottochain/metagraph-client.d.ts +49 -7
  198. package/dist/types/ottochain/snapshot.d.ts +6 -6
  199. package/dist/types/ottochain/transaction.d.ts +33 -1
  200. package/dist/types/ottochain/types.d.ts +602 -11
  201. package/dist/types/privacy/index.d.ts +6 -0
  202. package/dist/types/privacy/sealed-bid.d.ts +348 -0
  203. package/dist/types/privacy/shield-app.d.ts +48 -0
  204. package/dist/types/schema/effects.d.ts +34 -0
  205. package/dist/types/schema/fiber-app.d.ts +41 -3
  206. package/dist/types/schema/guard-lint.d.ts +111 -0
  207. package/dist/types/schema/guards.d.ts +134 -0
  208. package/dist/types/signing.d.ts +45 -0
  209. package/dist/types/validation.d.ts +22 -217
  210. package/dist/types/verify.d.ts +4 -0
  211. package/dist/types/zk/commit.d.ts +28 -0
  212. package/dist/types/zk/guard.d.ts +46 -0
  213. package/dist/types/zk/index.d.ts +19 -0
  214. package/dist/types/zk/preimage.d.ts +10 -0
  215. package/dist/types/zk/prover.d.ts +34 -0
  216. package/dist/types/zk/registry.d.ts +34 -0
  217. package/dist/types/zk/types.d.ts +33 -0
  218. package/dist/types/zk/witness.d.ts +40 -0
  219. package/package.json +52 -35
  220. package/dist/cjs/ottochain/normalize.js +0 -186
  221. package/dist/esm/ottochain/normalize.js +0 -179
  222. package/dist/types/ottochain/normalize.d.ts +0 -79
@@ -0,0 +1,14 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.vickreyAuctionDef = exports.shieldedSealedBidDef = exports.sealedBidAccountDef = exports.SHIELDED_POOL_STATE = exports.shieldApp = void 0;
4
+ /**
5
+ * Privacy: shield any fiber app into a zk-jlvm-shielded private-state pool.
6
+ * See docs/design/zk-private-contract-state-rfc.md.
7
+ */
8
+ var shield_app_js_1 = require("./shield-app.js");
9
+ Object.defineProperty(exports, "shieldApp", { enumerable: true, get: function () { return shield_app_js_1.shieldApp; } });
10
+ Object.defineProperty(exports, "SHIELDED_POOL_STATE", { enumerable: true, get: function () { return shield_app_js_1.SHIELDED_POOL_STATE; } });
11
+ var sealed_bid_js_1 = require("./sealed-bid.js");
12
+ Object.defineProperty(exports, "sealedBidAccountDef", { enumerable: true, get: function () { return sealed_bid_js_1.sealedBidAccountDef; } });
13
+ Object.defineProperty(exports, "shieldedSealedBidDef", { enumerable: true, get: function () { return sealed_bid_js_1.shieldedSealedBidDef; } });
14
+ Object.defineProperty(exports, "vickreyAuctionDef", { enumerable: true, get: function () { return sealed_bid_js_1.vickreyAuctionDef; } });
@@ -0,0 +1,210 @@
1
+ "use strict";
2
+ /**
3
+ * Sealed-bid (Vickrey) auction — the worked example for the privacy stack.
4
+ *
5
+ * Two pieces (RFC §4):
6
+ * 1. `sealedBidAccountDef` — the PRIVATE per-bidder bid. `shieldApp` turns it into a shielded
7
+ * pool (`shieldedSealedBidDef`): a bidder commits a bid note and proves it well-formed with a
8
+ * zk-jlvm-shielded Groth16 proof, so the amount stays sealed *until the deadline*. This is the
9
+ * mechanical per-instance / single-owner case.
10
+ * 2. `vickreyAuctionDef` — the PUBLIC settlement (reveal-then-tally). After the deadline bidders
11
+ * open their notes; the combine computes winner = argmax and clearingPrice = second-highest
12
+ * (the Vickrey price). This is the one shared-state step, kept simple for v1; a zk settlement
13
+ * proof that seals losers' amounts forever is the deferred upgrade (RFC §10).
14
+ */
15
+ Object.defineProperty(exports, "__esModule", { value: true });
16
+ exports.vickreyAuctionDef = exports.sealedBidAccountDef = void 0;
17
+ exports.shieldedSealedBidDef = shieldedSealedBidDef;
18
+ const fiber_app_js_1 = require("../schema/fiber-app.js");
19
+ const shield_app_js_1 = require("./shield-app.js");
20
+ // ── 1. The private bid (base app, shielded by shieldApp) ──────────────────────
21
+ /** The per-bidder PRIVATE state: a bid note `{ amount, bidder, nonce }`. */
22
+ exports.sealedBidAccountDef = (0, fiber_app_js_1.defineFiberApp)({
23
+ metadata: {
24
+ name: "SealedBidAccount",
25
+ app: "markets",
26
+ type: "sealed-bid-account",
27
+ version: "1.0.0",
28
+ description: "A single bidder's sealed bid (private amount). Shielded via shieldApp.",
29
+ },
30
+ stateSchema: {
31
+ properties: {
32
+ amount: { type: "number", description: "the (private) bid amount" },
33
+ bidder: { type: "address" },
34
+ nonce: { type: "number", description: "per-note randomness; keeps the commitment hiding" },
35
+ },
36
+ },
37
+ eventSchemas: {
38
+ place_bid: {
39
+ description: "Set the sealed bid amount",
40
+ required: ["amount"],
41
+ properties: { amount: { type: "number", minimum: 1 } },
42
+ },
43
+ },
44
+ states: {
45
+ OPEN: { id: "OPEN", isFinal: false, metadata: { label: "Open", description: "No bid yet", category: "initial" } },
46
+ BID: { id: "BID", isFinal: false, metadata: { label: "Bid", description: "Bid committed", category: "active" } },
47
+ },
48
+ initialState: "OPEN",
49
+ transitions: [
50
+ {
51
+ // This effect is what the zk-jlvm-shielded circuit runs in-zkVM; `exprHash` pins it.
52
+ from: "OPEN",
53
+ to: "BID",
54
+ eventName: "place_bid",
55
+ guard: { ">": [{ var: "event.amount" }, 0] },
56
+ effect: { merge: [{ var: "state" }, { amount: { var: "event.amount" } }] },
57
+ dependencies: [],
58
+ },
59
+ ],
60
+ });
61
+ /**
62
+ * The shielded sealed-bid pool. `vkey`/`exprHash` come from the built zk-jlvm-shielded circuit
63
+ * (these are placeholders until the circuit's program vkey + the keccak of the `place_bid` effect
64
+ * are wired in by the genesis/build step).
65
+ */
66
+ function shieldedSealedBidDef(opts) {
67
+ return (0, shield_app_js_1.shieldApp)(exports.sealedBidAccountDef, opts);
68
+ }
69
+ // ── 2. The public Vickrey settlement ──────────────────────────────────────────
70
+ /**
71
+ * Public reveal-then-tally settlement. `reveal` appends an opened bid (in a full build the opening
72
+ * is checked against the recorded commitment in the shielded pool); `settle` computes the winner
73
+ * and the Vickrey (second-price) clearing price over the revealed bids in one reduce.
74
+ */
75
+ exports.vickreyAuctionDef = (0, fiber_app_js_1.defineFiberApp)({
76
+ metadata: {
77
+ name: "VickreyAuction",
78
+ app: "markets",
79
+ type: "vickrey-auction",
80
+ version: "1.0.0",
81
+ description: "Sealed-bid second-price auction: public reveal-then-tally over shielded bids.",
82
+ crossReferences: { bidPool: "the ShieldedSealedBidAccount pool holding the sealed bids" },
83
+ },
84
+ createSchema: {
85
+ required: ["seller", "deadline"],
86
+ properties: {
87
+ seller: { type: "address", immutable: true },
88
+ deadline: { type: "timestamp", immutable: true },
89
+ },
90
+ },
91
+ stateSchema: {
92
+ properties: {
93
+ seller: { type: "address", immutable: true },
94
+ deadline: { type: "timestamp", immutable: true },
95
+ status: { type: "string", computed: true },
96
+ revealed: { type: "array", computed: true, description: "opened bids [{bidder, amount}]" },
97
+ winner: { type: "address", computed: true },
98
+ clearingPrice: { type: "number", computed: true, description: "second-highest bid (Vickrey)" },
99
+ },
100
+ },
101
+ eventSchemas: {
102
+ reveal: {
103
+ description: "Open a sealed bid after the deadline",
104
+ required: ["bidder", "amount"],
105
+ properties: { bidder: { type: "address" }, amount: { type: "number", minimum: 1 } },
106
+ },
107
+ settle: { description: "Tally the revealed bids (winner + second price)" },
108
+ },
109
+ states: {
110
+ OPEN: { id: "OPEN", isFinal: false, metadata: { label: "Open", description: "Bidding (sealed)", category: "initial" } },
111
+ REVEAL: { id: "REVEAL", isFinal: false, metadata: { label: "Reveal", description: "Opening bids", category: "active" } },
112
+ SETTLED: { id: "SETTLED", isFinal: true, metadata: { label: "Settled", description: "Winner + price set", category: "terminal" } },
113
+ },
114
+ initialState: "OPEN",
115
+ transitions: [
116
+ {
117
+ from: "OPEN",
118
+ to: "REVEAL",
119
+ eventName: "reveal",
120
+ guard: { ">=": [{ var: "$timestamp" }, { var: "state.deadline" }] },
121
+ effect: {
122
+ merge: [
123
+ { var: "state" },
124
+ {
125
+ status: "REVEAL",
126
+ revealed: {
127
+ cat: [
128
+ { var: "state.revealed" },
129
+ [{ bidder: { var: "event.bidder" }, amount: { var: "event.amount" } }],
130
+ ],
131
+ },
132
+ },
133
+ ],
134
+ },
135
+ dependencies: [],
136
+ },
137
+ {
138
+ from: "REVEAL",
139
+ to: "REVEAL",
140
+ eventName: "reveal",
141
+ guard: { ">=": [{ var: "$timestamp" }, { var: "state.deadline" }] },
142
+ effect: {
143
+ merge: [
144
+ { var: "state" },
145
+ {
146
+ revealed: {
147
+ cat: [
148
+ { var: "state.revealed" },
149
+ [{ bidder: { var: "event.bidder" }, amount: { var: "event.amount" } }],
150
+ ],
151
+ },
152
+ },
153
+ ],
154
+ },
155
+ dependencies: [],
156
+ },
157
+ {
158
+ // Vickrey tally: fold the revealed bids tracking (max, second, winner).
159
+ from: "REVEAL",
160
+ to: "SETTLED",
161
+ eventName: "settle",
162
+ guard: { ">": [{ reduce: [{ var: "state.revealed" }, { "+": [{ var: "accumulator" }, 1] }, 0] }, 0] },
163
+ effect: {
164
+ merge: [
165
+ { var: "state" },
166
+ {
167
+ status: "SETTLED",
168
+ settledAt: { var: "$timestamp" },
169
+ winner: {
170
+ var: [
171
+ "tally.winner",
172
+ null,
173
+ ],
174
+ },
175
+ clearingPrice: { var: ["tally.second", 0] },
176
+ // compute the tally once and expose it for the two fields above
177
+ tally: {
178
+ reduce: [
179
+ { var: "state.revealed" },
180
+ {
181
+ if: [
182
+ { ">": [{ var: "current.amount" }, { var: "accumulator.max" }] },
183
+ {
184
+ max: { var: "current.amount" },
185
+ second: { var: "accumulator.max" },
186
+ winner: { var: "current.bidder" },
187
+ },
188
+ {
189
+ if: [
190
+ { ">": [{ var: "current.amount" }, { var: "accumulator.second" }] },
191
+ {
192
+ max: { var: "accumulator.max" },
193
+ second: { var: "current.amount" },
194
+ winner: { var: "accumulator.winner" },
195
+ },
196
+ { var: "accumulator" },
197
+ ],
198
+ },
199
+ ],
200
+ },
201
+ { max: 0, second: 0, winner: null },
202
+ ],
203
+ },
204
+ },
205
+ ],
206
+ },
207
+ dependencies: [],
208
+ },
209
+ ],
210
+ });
@@ -0,0 +1,131 @@
1
+ "use strict";
2
+ /**
3
+ * shieldApp — turn a fiber app into a PRIVATE-state pool.
4
+ *
5
+ * Given a base {@link FiberAppDefinition} (the app whose state + transition you want to keep
6
+ * private), `shieldApp` returns a new `FiberAppDefinition` for a "shielded pool" Machine fiber.
7
+ * The pool's state is PUBLIC scaffolding only — the spent-nullifier set, the commitment log, and
8
+ * the set of valid anchors — while the app's real state lives off-chain in a note committed to
9
+ * the tree. Each app transition is carried out off-chain and attested by a single
10
+ * `zk-jlvm-shielded` Groth16 proof; the on-chain combine just verifies the proof, rejects an
11
+ * already-spent nullifier, and records the new commitment.
12
+ *
13
+ * Division of labour (see ottochain-sdk RFC docs/design/zk-private-contract-state-rfc.md):
14
+ * - the CIRCUIT proves membership ∧ authorization ∧ `jlvm-core` effect ∧ new commitment;
15
+ * - this GUARD (combine) verifies the proof, pins which app logic ran (`exprHash`), checks the
16
+ * anchor is recent, and checks the nullifier is fresh — all combiner-only (CLAUDE.md);
17
+ * - block-validity stays structural (proof / publicValues present + hex).
18
+ *
19
+ * It uses NO new metakit opcode: `groth16_verify` verifies the proof, and the four-`bytes32`
20
+ * public values (`anchor`, `nullifier`, `newCommitment`, `exprHash`) are extracted from the
21
+ * VERIFIED `publicValues` string with fixed-offset `substr` — slicing the verified bytes IS the
22
+ * binding (§8.1).
23
+ *
24
+ * NOTE on cost: the note model rehashes the whole state each transition, so proving cost is
25
+ * O(state size) (RFC §8). Keep shielded note state small (a few KB); for large keyed state use
26
+ * the auth-DB variant (RFC §3.1.1).
27
+ */
28
+ Object.defineProperty(exports, "__esModule", { value: true });
29
+ exports.SHIELDED_POOL_STATE = void 0;
30
+ exports.shieldApp = shieldApp;
31
+ const fiber_app_js_1 = require("../schema/fiber-app.js");
32
+ /**
33
+ * Field extractors over the abi-encoded `JlvmTransitionPublicValues` — four static `bytes32`
34
+ * `[anchor | nullifier | newCommitment | exprHash]`, a fixed 128-byte (256 hex char) layout with
35
+ * NO dynamic arrays. `publicValues` is the 0x-prefixed hex from the prover, so each field is 64
36
+ * hex chars starting at: anchor=2, nullifier=66, newCommitment=130, exprHash=194.
37
+ */
38
+ const pvField = (publicValues, hexOffset) => ({
39
+ substr: [publicValues, hexOffset, 64],
40
+ });
41
+ /** Standard public state every shielded pool carries (the rest of the app state is private/off-chain). */
42
+ exports.SHIELDED_POOL_STATE = {
43
+ vkey: { type: "hash", immutable: true },
44
+ exprHash: { type: "hash", immutable: true },
45
+ rootWindow: { type: "integer", immutable: true },
46
+ currentRoot: { type: "hash", computed: true },
47
+ knownRoots: { type: "array", computed: true, description: "rolling window of valid anchors (hex)" },
48
+ nullifiers: { type: "array", computed: true, description: "spent set (hex); monotonic — see RFC §5.3" },
49
+ commitments: { type: "array", computed: true, description: "append-only log of output commitments (hex)" },
50
+ leafCount: { type: "integer", computed: true, default: 0 },
51
+ transitions: { type: "integer", computed: true, default: 0 },
52
+ };
53
+ /**
54
+ * Build the shielded-pool variant of `base`.
55
+ *
56
+ * @param base the app being shielded (used for naming + to document the pinned logic).
57
+ * @param opts the circuit vkey + the pinned `exprHash` + the anchor window.
58
+ */
59
+ function shieldApp(base, opts) {
60
+ const publicValues = { var: "event.publicValues" };
61
+ const anchor = pvField(publicValues, 2);
62
+ const nullifier = pvField(publicValues, 66);
63
+ const newCommitment = pvField(publicValues, 130);
64
+ const exprHash = pvField(publicValues, 194);
65
+ // GUARD (combine): all stateful, combiner-only.
66
+ const guard = {
67
+ and: [
68
+ // 1. the proof verifies against the pool's pinned vkey over EXACTLY these public bytes
69
+ { groth16_verify: [{ var: "state.vkey" }, publicValues, { var: "event.proof" }] },
70
+ // 2. it ran the app logic this pool pins (binds which effect produced the transition)
71
+ { "===": [exprHash, { var: "state.exprHash" }] },
72
+ // 3. the spent note was proven under an anchor we still honor
73
+ { in: [anchor, { var: "state.knownRoots" }] },
74
+ // 4. inter-transfer double-spend guard: the nullifier is not already spent
75
+ { none: [{ var: "state.nullifiers" }, { "===": [{ var: "" }, nullifier] }] },
76
+ ],
77
+ };
78
+ // EFFECT (combine): spend the nullifier, record the new commitment, advance counters.
79
+ // Root advancement (turning the appended commitment into the next anchor) is wallet/Bridge-side
80
+ // per RFC §6.2 / §10; the chain records the commitment + nullifier here.
81
+ const effect = {
82
+ merge: [
83
+ { var: "state" },
84
+ {
85
+ nullifiers: { cat: [{ var: "state.nullifiers" }, [nullifier]] },
86
+ commitments: { cat: [{ var: "state.commitments" }, [newCommitment]] },
87
+ leafCount: { "+": [{ var: "state.leafCount" }, 1] },
88
+ transitions: { "+": [{ var: "state.transitions" }, 1] },
89
+ lastTransitionAt: { var: "$ordinal" },
90
+ },
91
+ ],
92
+ };
93
+ return (0, fiber_app_js_1.defineFiberApp)({
94
+ metadata: {
95
+ name: `Shielded${base.metadata.name}`,
96
+ app: "privacy",
97
+ type: `shielded-${base.metadata.type}`,
98
+ version: base.metadata.version,
99
+ description: `Shielded (zk-jlvm-shielded) variant of ${base.metadata.name}: private state transitions ` +
100
+ `verified by a Groth16 proof; the nullifier set + anchors are public pool state.`,
101
+ },
102
+ createSchema: {
103
+ required: ["vkey", "exprHash"],
104
+ properties: {
105
+ vkey: { type: "hash", immutable: true, default: opts.vkey },
106
+ exprHash: { type: "hash", immutable: true, default: opts.exprHash },
107
+ rootWindow: { type: "integer", immutable: true, default: opts.rootWindow ?? 64 },
108
+ },
109
+ },
110
+ stateSchema: { properties: { ...exports.SHIELDED_POOL_STATE } },
111
+ eventSchemas: {
112
+ transition: {
113
+ description: `A private state transition of ${base.metadata.name}, attested by a zk-jlvm-shielded Groth16 proof.`,
114
+ required: ["proof", "publicValues"],
115
+ properties: {
116
+ proof: { type: "string", description: "Groth16 proof bytes (0x hex)" },
117
+ publicValues: { type: "string", description: "abi-encoded JlvmTransitionPublicValues (4×bytes32, 0x hex)" },
118
+ },
119
+ },
120
+ },
121
+ states: {
122
+ ACTIVE: {
123
+ id: "ACTIVE",
124
+ isFinal: false,
125
+ metadata: { label: "Active", description: "Pool accepts shielded transitions", category: "active" },
126
+ },
127
+ },
128
+ initialState: "ACTIVE",
129
+ transitions: [{ from: "ACTIVE", to: "ACTIVE", eventName: "transition", guard, effect, dependencies: [] }],
130
+ });
131
+ }
@@ -0,0 +1,40 @@
1
+ "use strict";
2
+ /**
3
+ * Builders for the fiber-engine reserved EFFECT directives — the `_`-prefixed keys the chain extracts
4
+ * from an evaluated effect result and applies as side effects (then strips from the merged state).
5
+ *
6
+ * Place the returned fragment INSIDE the state-update map of a `merge` effect, so the directive rides in
7
+ * the evaluated result map (EffectExtractor reads it; StateMerger drops `_`-prefixed keys from state):
8
+ *
9
+ * ```ts
10
+ * effect: {
11
+ * merge: [
12
+ * { var: "state" },
13
+ * { boundAt: { var: "$ordinal" }, ...addDependency({ var: "event.registryId" }) },
14
+ * ],
15
+ * }
16
+ * ```
17
+ */
18
+ Object.defineProperty(exports, "__esModule", { value: true });
19
+ exports.setDependencyActive = exports.addDependency = void 0;
20
+ /**
21
+ * `_addDependency` (#24): add — or re-activate — a runtime DYNAMIC dependency on `fiberId`, so that
22
+ * fiber's state appears in `machines.<fiberId>` for SUBSEQUENT transitions of this fiber. `fiberId` may
23
+ * be a literal UUID string or an expression (e.g. `{ var: "event.registryId" }`, `{ var: "state.registryId" }`).
24
+ * The ledger is append-only, idempotent (one entry per fiber), and engine-bounded (active + ledger caps).
25
+ * Because the `machines` context is built BEFORE the effect runs, the bound dependency is readable only
26
+ * from the NEXT transition onward (two-phase: bind, then read).
27
+ */
28
+ const addDependency = (fiberId) => ({
29
+ _addDependency: [{ fiberId }],
30
+ });
31
+ exports.addDependency = addDependency;
32
+ /**
33
+ * `_setDependencyActive` (#24): toggle a dynamic dependency's `active` flag. The entry is NEVER removed —
34
+ * deactivation simply drops it from the `machines` context (and it can be cheaply re-activated). `fiberId`
35
+ * may be a literal or an expression.
36
+ */
37
+ const setDependencyActive = (fiberId, active) => ({
38
+ _setDependencyActive: [{ fiberId, active }],
39
+ });
40
+ exports.setDependencyActive = setDependencyActive;
@@ -6,7 +6,12 @@
6
6
  * no JSON, no code generation. Import types directly.
7
7
  */
8
8
  Object.defineProperty(exports, "__esModule", { value: true });
9
- exports.toProtoDefinition = exports.toJSON = exports.isFinalState = exports.getEventsFrom = exports.getTransitionsFrom = exports.defineFiberApp = void 0;
9
+ exports.defineFiberApp = defineFiberApp;
10
+ exports.getTransitionsFrom = getTransitionsFrom;
11
+ exports.getEventsFrom = getEventsFrom;
12
+ exports.isFinalState = isFinalState;
13
+ exports.toJSON = toJSON;
14
+ exports.toProtoDefinition = toProtoDefinition;
10
15
  // =============================================================================
11
16
  // Helper: defineFiberApp
12
17
  // =============================================================================
@@ -32,27 +37,22 @@ function defineFiberApp(definition) {
32
37
  // Runtime validation could go here
33
38
  return definition;
34
39
  }
35
- exports.defineFiberApp = defineFiberApp;
36
40
  /** Get valid transitions from a given state */
37
41
  function getTransitionsFrom(def, state) {
38
42
  return def.transitions.filter(t => t.from === state);
39
43
  }
40
- exports.getTransitionsFrom = getTransitionsFrom;
41
44
  /** Get valid event names from a given state */
42
45
  function getEventsFrom(def, state) {
43
46
  return getTransitionsFrom(def, state).map(t => t.eventName);
44
47
  }
45
- exports.getEventsFrom = getEventsFrom;
46
48
  /** Check if a state is final */
47
49
  function isFinalState(def, state) {
48
50
  return def.states[state]?.isFinal ?? false;
49
51
  }
50
- exports.isFinalState = isFinalState;
51
52
  /** Convert definition to plain JSON (for serialization) */
52
53
  function toJSON(def) {
53
54
  return JSON.parse(JSON.stringify(def));
54
55
  }
55
- exports.toJSON = toJSON;
56
56
  /**
57
57
  * Extract proto-compatible StateMachineDefinition from a FiberAppDefinition.
58
58
  * Use this when submitting to the metagraph.
@@ -76,8 +76,13 @@ function toProtoDefinition(def) {
76
76
  eventName: t.eventName,
77
77
  guard: t.guard, // Required - Scala has no default
78
78
  effect: t.effect, // Required - Scala has no default
79
- // dependencies has default Set.empty in Scala, so omit if empty
80
- ...(t.dependencies?.length && { dependencies: [...t.dependencies] }),
79
+ // Chain `Transition.dependencies: Set[UUID]` is REQUIRED (no Scala default), and each
80
+ // element must be a fiber UUID string. A `DependencySpec` object is a build-time-only
81
+ // authoring affordance with no wire representation (concrete dependency UUIDs are per
82
+ // instance, not part of the definition template), so drop non-string entries. Always
83
+ // emit the array — omitting a no-default field diverges the canonical and the chain
84
+ // rejects the whole update (InvalidSignature / decode failure).
85
+ dependencies: (t.dependencies ?? []).filter((d) => typeof d === 'string'),
81
86
  })),
82
87
  };
83
88
  // Copy states (only id and isFinal)
@@ -87,10 +92,11 @@ function toProtoDefinition(def) {
87
92
  isFinal: state.isFinal,
88
93
  };
89
94
  }
90
- // Pass metadata through unchanged - it's an optional unstructured object
91
- if (def.metadata) {
92
- protoDef.metadata = def.metadata;
93
- }
95
+ // NOTE: `def.metadata` is the SDK's FiberAppMetadata (name/app/type/version app-routing
96
+ // packaging info), NOT chain metadata. Projecting it onto the wire would make the on-chain
97
+ // canonical + the registry `logicHash` depend on packaging fields (changing `description` would
98
+ // change the signed digest of an otherwise-identical machine), so it is deliberately NOT emitted
99
+ // (the chain's `StateMachineDefinition.metadata` stays absent → `None`). A caller that genuinely
100
+ // needs on-chain metadata sets `ProtoStateMachineDefinition.metadata` explicitly after conversion.
94
101
  return protoDef;
95
102
  }
96
- exports.toProtoDefinition = toProtoDefinition;