@ottochain/sdk 2.3.0 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/apps/compute/index.js +33 -0
- package/dist/cjs/apps/compute/state-machines/compute-rule110.js +164 -0
- package/dist/cjs/apps/compute/state-machines/index.js +9 -0
- package/dist/cjs/apps/contracts/index.js +16 -9
- package/dist/cjs/apps/contracts/state-machines/contract-agreement.js +134 -161
- package/dist/cjs/apps/contracts/state-machines/contract-escrow.js +192 -170
- package/dist/cjs/apps/contracts/state-machines/contract-universal.js +46 -58
- package/dist/cjs/apps/corporate/index.js +2 -2
- package/dist/cjs/apps/corporate/state-machines/corp-board.js +500 -456
- package/dist/cjs/apps/corporate/state-machines/corp-entity.js +487 -361
- package/dist/cjs/apps/corporate/state-machines/corp-securities.js +769 -576
- package/dist/cjs/apps/corporate/state-machines/corp-shareholders.js +567 -557
- package/dist/cjs/apps/governance/index.js +21 -21
- package/dist/cjs/apps/governance/state-machines/dao-multisig.js +188 -209
- package/dist/cjs/apps/governance/state-machines/dao-reputation.js +181 -228
- package/dist/cjs/apps/governance/state-machines/dao-single.js +105 -88
- package/dist/cjs/apps/governance/state-machines/dao-token.js +199 -227
- package/dist/cjs/apps/governance/state-machines/governance-simple.js +231 -231
- package/dist/cjs/apps/governance/state-machines/governance-universal.js +64 -64
- package/dist/cjs/apps/identity/constants.js +55 -22
- package/dist/cjs/apps/identity/index.js +28 -12
- package/dist/cjs/apps/identity/state-machines/identity-agent.js +124 -158
- package/dist/cjs/apps/identity/state-machines/identity-oracle.js +158 -173
- package/dist/cjs/apps/identity/state-machines/identity-registry.js +262 -0
- package/dist/cjs/apps/identity/state-machines/identity-universal.js +51 -57
- package/dist/cjs/apps/identity/state-machines/index.js +3 -1
- package/dist/cjs/apps/index.js +22 -8
- package/dist/cjs/apps/lending/assets.js +247 -0
- package/dist/cjs/apps/lending/credit-scoring.js +87 -0
- package/dist/cjs/apps/lending/eligibility.js +105 -0
- package/dist/cjs/apps/lending/index.js +91 -0
- package/dist/cjs/apps/lending/state-machines/index.js +9 -0
- package/dist/cjs/apps/lending/state-machines/lending-zk-loan.js +433 -0
- package/dist/cjs/apps/markets/index.js +22 -12
- package/dist/cjs/apps/markets/state-machines/market-auction.js +116 -134
- package/dist/cjs/apps/markets/state-machines/market-crowdfund.js +131 -141
- package/dist/cjs/apps/markets/state-machines/market-group-buy.js +163 -184
- package/dist/cjs/apps/markets/state-machines/market-prediction.js +226 -233
- package/dist/cjs/apps/markets/state-machines/market-universal.js +65 -80
- package/dist/cjs/apps/oracles/index.js +3 -3
- package/dist/cjs/apps/privacy/index.js +67 -0
- package/dist/cjs/apps/privacy/state-machines/index.js +17 -0
- package/dist/cjs/apps/privacy/state-machines/mixer-ddhRing.js +286 -0
- package/dist/cjs/apps/privacy/state-machines/note-pool.js +476 -0
- package/dist/cjs/apps/staked-pool/assets.js +103 -0
- package/dist/cjs/apps/staked-pool/base.js +498 -0
- package/dist/cjs/apps/staked-pool/consumer.js +55 -0
- package/dist/cjs/apps/staked-pool/index.js +83 -0
- package/dist/cjs/apps/staked-pool/state-machines/index.js +12 -0
- package/dist/cjs/apps/staked-pool/state-machines/staked-pool-base.js +49 -0
- package/dist/cjs/apps/staked-pool/state-machines/staked-pool-oracle.js +131 -0
- package/dist/cjs/errors.js +3 -3
- package/dist/cjs/generated/google/protobuf/struct.js +5 -5
- package/dist/cjs/generated/google/protobuf/timestamp.js +1 -1
- package/dist/cjs/generated/index.js +11 -7
- package/dist/cjs/generated/openapi.js +6 -0
- package/dist/cjs/generated/ottochain/apps/contracts/v1/contract.js +51 -51
- package/dist/cjs/generated/ottochain/apps/corporate/v1/corporate.js +20 -21
- package/dist/cjs/generated/ottochain/apps/governance/v1/governance.js +14 -14
- package/dist/cjs/generated/ottochain/apps/identity/v1/attestation.js +5 -5
- package/dist/cjs/generated/ottochain/apps/identity/v1/identity.js +125 -131
- package/dist/cjs/generated/ottochain/apps/markets/v1/market.js +108 -108
- package/dist/cjs/generated/ottochain/v1/common.js +5 -5
- package/dist/cjs/generated/ottochain/v1/fiber.js +44 -6
- package/dist/cjs/generated/ottochain/v1/messages.js +1 -1
- package/dist/cjs/generated/ottochain/v1/records.js +1 -1
- package/dist/cjs/index.js +58 -7
- package/dist/cjs/openapi.js +2 -0
- package/dist/cjs/ottochain/drop-nulls.js +1 -2
- package/dist/cjs/ottochain/genesis-manifest.js +17 -11
- package/dist/cjs/ottochain/index.js +23 -13
- package/dist/cjs/ottochain/metagraph-client.js +81 -16
- package/dist/cjs/ottochain/snapshot.js +13 -16
- package/dist/cjs/ottochain/transaction.js +67 -14
- package/dist/cjs/ottochain/types.js +16 -2
- package/dist/cjs/privacy/index.js +14 -0
- package/dist/cjs/privacy/sealed-bid.js +213 -0
- package/dist/cjs/privacy/shield-app.js +131 -0
- package/dist/cjs/schema/effects.js +156 -0
- package/dist/cjs/schema/fiber-app.js +150 -15
- package/dist/cjs/schema/guard-lint.js +343 -0
- package/dist/cjs/schema/guards.js +246 -0
- package/dist/cjs/signing.js +80 -0
- package/dist/cjs/templates/asset-policy.js +190 -0
- package/dist/cjs/templates/index.js +86 -0
- package/dist/cjs/templates/machine.js +130 -0
- package/dist/cjs/templates/migration.js +39 -0
- package/dist/cjs/templates/state-shape.js +38 -0
- package/dist/cjs/types.js +2 -3
- package/dist/cjs/validation.js +9 -11
- package/dist/cjs/verify.js +9 -4
- package/dist/cjs/zk/commit.js +53 -0
- package/dist/cjs/zk/guard.js +107 -0
- package/dist/cjs/zk/index.js +48 -0
- package/dist/cjs/zk/preimage.js +37 -0
- package/dist/cjs/zk/prover.js +87 -0
- package/dist/cjs/zk/registry.js +62 -0
- package/dist/cjs/zk/types.js +28 -0
- package/dist/cjs/zk/witness.js +19 -0
- package/dist/esm/apps/compute/index.js +29 -0
- package/dist/esm/apps/compute/state-machines/compute-rule110.js +161 -0
- package/dist/esm/apps/compute/state-machines/index.js +5 -0
- package/dist/esm/apps/contracts/index.js +9 -5
- package/dist/esm/apps/contracts/state-machines/contract-agreement.js +135 -162
- package/dist/esm/apps/contracts/state-machines/contract-escrow.js +193 -171
- package/dist/esm/apps/contracts/state-machines/contract-universal.js +47 -59
- package/dist/esm/apps/corporate/index.js +2 -2
- package/dist/esm/apps/corporate/state-machines/corp-board.js +501 -457
- package/dist/esm/apps/corporate/state-machines/corp-entity.js +488 -362
- package/dist/esm/apps/corporate/state-machines/corp-securities.js +770 -577
- package/dist/esm/apps/corporate/state-machines/corp-shareholders.js +568 -558
- package/dist/esm/apps/governance/index.js +10 -10
- package/dist/esm/apps/governance/state-machines/dao-multisig.js +189 -210
- package/dist/esm/apps/governance/state-machines/dao-reputation.js +182 -229
- package/dist/esm/apps/governance/state-machines/dao-single.js +106 -89
- package/dist/esm/apps/governance/state-machines/dao-token.js +200 -228
- package/dist/esm/apps/governance/state-machines/governance-simple.js +232 -232
- package/dist/esm/apps/governance/state-machines/governance-universal.js +65 -65
- package/dist/esm/apps/identity/constants.js +52 -21
- package/dist/esm/apps/identity/index.js +14 -9
- package/dist/esm/apps/identity/state-machines/identity-agent.js +125 -159
- package/dist/esm/apps/identity/state-machines/identity-oracle.js +159 -174
- package/dist/esm/apps/identity/state-machines/identity-registry.js +259 -0
- package/dist/esm/apps/identity/state-machines/identity-universal.js +52 -58
- package/dist/esm/apps/identity/state-machines/index.js +1 -0
- package/dist/esm/apps/index.js +9 -5
- package/dist/esm/apps/lending/assets.js +231 -0
- package/dist/esm/apps/lending/credit-scoring.js +81 -0
- package/dist/esm/apps/lending/eligibility.js +99 -0
- package/dist/esm/apps/lending/index.js +69 -0
- package/dist/esm/apps/lending/state-machines/index.js +5 -0
- package/dist/esm/apps/lending/state-machines/lending-zk-loan.js +430 -0
- package/dist/esm/apps/markets/index.js +11 -7
- package/dist/esm/apps/markets/state-machines/market-auction.js +117 -135
- package/dist/esm/apps/markets/state-machines/market-crowdfund.js +132 -142
- package/dist/esm/apps/markets/state-machines/market-group-buy.js +164 -185
- package/dist/esm/apps/markets/state-machines/market-prediction.js +227 -234
- package/dist/esm/apps/markets/state-machines/market-universal.js +66 -81
- package/dist/esm/apps/oracles/index.js +3 -3
- package/dist/esm/apps/privacy/index.js +56 -0
- package/dist/esm/apps/privacy/state-machines/index.js +6 -0
- package/dist/esm/apps/privacy/state-machines/mixer-ddhRing.js +282 -0
- package/dist/esm/apps/privacy/state-machines/note-pool.js +470 -0
- package/dist/esm/apps/staked-pool/assets.js +91 -0
- package/dist/esm/apps/staked-pool/base.js +493 -0
- package/dist/esm/apps/staked-pool/consumer.js +49 -0
- package/dist/esm/apps/staked-pool/index.js +60 -0
- package/dist/esm/apps/staked-pool/state-machines/index.js +6 -0
- package/dist/esm/apps/staked-pool/state-machines/staked-pool-base.js +46 -0
- package/dist/esm/apps/staked-pool/state-machines/staked-pool-oracle.js +127 -0
- package/dist/esm/generated/google/protobuf/struct.js +1 -1
- package/dist/esm/generated/google/protobuf/timestamp.js +1 -1
- package/dist/esm/generated/index.js +9 -5
- package/dist/esm/generated/openapi.js +5 -0
- package/dist/esm/generated/ottochain/apps/contracts/v1/contract.js +47 -47
- package/dist/esm/generated/ottochain/apps/corporate/v1/corporate.js +1 -1
- package/dist/esm/generated/ottochain/apps/governance/v1/governance.js +1 -1
- package/dist/esm/generated/ottochain/apps/identity/v1/attestation.js +1 -1
- package/dist/esm/generated/ottochain/apps/identity/v1/identity.js +115 -121
- package/dist/esm/generated/ottochain/apps/markets/v1/market.js +101 -101
- package/dist/esm/generated/ottochain/v1/common.js +1 -1
- package/dist/esm/generated/ottochain/v1/fiber.js +40 -2
- package/dist/esm/generated/ottochain/v1/messages.js +1 -1
- package/dist/esm/generated/ottochain/v1/records.js +1 -1
- package/dist/esm/index.js +28 -3
- package/dist/esm/openapi.js +1 -0
- package/dist/esm/ottochain/genesis-manifest.js +15 -9
- package/dist/esm/ottochain/index.js +2 -3
- package/dist/esm/ottochain/metagraph-client.js +81 -16
- package/dist/esm/ottochain/snapshot.js +6 -8
- package/dist/esm/ottochain/transaction.js +51 -3
- package/dist/esm/ottochain/types.js +15 -1
- package/dist/esm/privacy/index.js +6 -0
- package/dist/esm/privacy/sealed-bid.js +209 -0
- package/dist/esm/privacy/shield-app.js +127 -0
- package/dist/esm/schema/effects.js +145 -0
- package/dist/esm/schema/fiber-app.js +139 -8
- package/dist/esm/schema/guard-lint.js +337 -0
- package/dist/esm/schema/guards.js +228 -0
- package/dist/esm/signing.js +74 -0
- package/dist/esm/templates/asset-policy.js +182 -0
- package/dist/esm/templates/index.js +41 -0
- package/dist/esm/templates/machine.js +125 -0
- package/dist/esm/templates/migration.js +34 -0
- package/dist/esm/templates/state-shape.js +34 -0
- package/dist/esm/validation.js +1 -3
- package/dist/esm/verify.js +8 -2
- package/dist/esm/zk/commit.js +44 -0
- package/dist/esm/zk/guard.js +99 -0
- package/dist/esm/zk/index.js +19 -0
- package/dist/esm/zk/preimage.js +30 -0
- package/dist/esm/zk/prover.js +82 -0
- package/dist/esm/zk/registry.js +55 -0
- package/dist/esm/zk/types.js +25 -0
- package/dist/esm/zk/witness.js +15 -0
- package/dist/types/apps/compute/index.d.ts +176 -0
- package/dist/types/apps/compute/state-machines/compute-rule110.d.ts +157 -0
- package/dist/types/apps/compute/state-machines/index.d.ts +5 -0
- package/dist/types/apps/contracts/index.d.ts +81 -221
- package/dist/types/apps/contracts/state-machines/contract-agreement.d.ts +23 -98
- package/dist/types/apps/contracts/state-machines/contract-escrow.d.ts +49 -115
- package/dist/types/apps/contracts/state-machines/contract-universal.d.ts +4 -4
- package/dist/types/apps/corporate/index.d.ts +1176 -440
- package/dist/types/apps/corporate/state-machines/corp-board.d.ts +271 -135
- package/dist/types/apps/corporate/state-machines/corp-entity.d.ts +279 -74
- package/dist/types/apps/corporate/state-machines/corp-securities.d.ts +373 -149
- package/dist/types/apps/corporate/state-machines/corp-shareholders.d.ts +252 -80
- package/dist/types/apps/governance/index.d.ts +368 -470
- package/dist/types/apps/governance/state-machines/dao-multisig.d.ts +92 -107
- package/dist/types/apps/governance/state-machines/dao-reputation.d.ts +61 -85
- package/dist/types/apps/governance/state-machines/dao-single.d.ts +25 -47
- package/dist/types/apps/governance/state-machines/dao-token.d.ts +79 -68
- package/dist/types/apps/governance/state-machines/governance-simple.d.ts +95 -125
- package/dist/types/apps/governance/state-machines/governance-universal.d.ts +6 -6
- package/dist/types/apps/identity/constants.d.ts +33 -5
- package/dist/types/apps/identity/index.d.ts +415 -131
- package/dist/types/apps/identity/state-machines/identity-agent.d.ts +23 -23
- package/dist/types/apps/identity/state-machines/identity-oracle.d.ts +27 -98
- package/dist/types/apps/identity/state-machines/identity-registry.d.ts +379 -0
- package/dist/types/apps/identity/state-machines/identity-universal.d.ts +4 -4
- package/dist/types/apps/identity/state-machines/index.d.ts +1 -0
- package/dist/types/apps/index.d.ts +9 -5
- package/dist/types/apps/lending/assets.d.ts +258 -0
- package/dist/types/apps/lending/credit-scoring.d.ts +80 -0
- package/dist/types/apps/lending/eligibility.d.ts +83 -0
- package/dist/types/apps/lending/index.d.ts +556 -0
- package/dist/types/apps/lending/state-machines/index.d.ts +5 -0
- package/dist/types/apps/lending/state-machines/lending-zk-loan.d.ts +536 -0
- package/dist/types/apps/markets/index.d.ts +181 -276
- package/dist/types/apps/markets/state-machines/market-auction.d.ts +25 -49
- package/dist/types/apps/markets/state-machines/market-crowdfund.d.ts +35 -53
- package/dist/types/apps/markets/state-machines/market-group-buy.d.ts +35 -61
- package/dist/types/apps/markets/state-machines/market-prediction.d.ts +65 -86
- package/dist/types/apps/markets/state-machines/market-universal.d.ts +12 -12
- package/dist/types/apps/oracles/index.d.ts +1 -1
- package/dist/types/apps/privacy/index.d.ts +328 -0
- package/dist/types/apps/privacy/state-machines/index.d.ts +6 -0
- package/dist/types/apps/privacy/state-machines/mixer-ddhRing.d.ts +337 -0
- package/dist/types/apps/privacy/state-machines/note-pool.d.ts +196 -0
- package/dist/types/apps/staked-pool/assets.d.ts +53 -0
- package/dist/types/apps/staked-pool/base.d.ts +80 -0
- package/dist/types/apps/staked-pool/consumer.d.ts +29 -0
- package/dist/types/apps/staked-pool/index.d.ts +51 -0
- package/dist/types/apps/staked-pool/state-machines/index.d.ts +6 -0
- package/dist/types/apps/staked-pool/state-machines/staked-pool-base.d.ts +8 -0
- package/dist/types/apps/staked-pool/state-machines/staked-pool-oracle.d.ts +34 -0
- package/dist/types/generated/index.d.ts +5 -5
- package/dist/types/generated/openapi.d.ts +1270 -0
- package/dist/types/generated/ottochain/apps/contracts/v1/contract.d.ts +5 -5
- package/dist/types/generated/ottochain/apps/identity/v1/identity.d.ts +12 -12
- package/dist/types/generated/ottochain/apps/markets/v1/market.d.ts +11 -11
- package/dist/types/generated/ottochain/v1/fiber.d.ts +7 -0
- package/dist/types/index.d.ts +7 -3
- package/dist/types/openapi.d.ts +24 -0
- package/dist/types/ottochain/genesis-manifest.d.ts +11 -5
- package/dist/types/ottochain/index.d.ts +5 -6
- package/dist/types/ottochain/metagraph-client.d.ts +49 -7
- package/dist/types/ottochain/snapshot.d.ts +6 -6
- package/dist/types/ottochain/transaction.d.ts +41 -1
- package/dist/types/ottochain/types.d.ts +336 -31
- package/dist/types/privacy/index.d.ts +6 -0
- package/dist/types/privacy/sealed-bid.d.ts +348 -0
- package/dist/types/privacy/shield-app.d.ts +48 -0
- package/dist/types/schema/effects.d.ts +141 -0
- package/dist/types/schema/fiber-app.d.ts +282 -2
- package/dist/types/schema/guard-lint.d.ts +111 -0
- package/dist/types/schema/guards.d.ts +146 -0
- package/dist/types/signing.d.ts +45 -0
- package/dist/types/templates/asset-policy.d.ts +119 -0
- package/dist/types/templates/index.d.ts +26 -0
- package/dist/types/templates/machine.d.ts +139 -0
- package/dist/types/templates/migration.d.ts +34 -0
- package/dist/types/templates/state-shape.d.ts +30 -0
- package/dist/types/validation.d.ts +22 -217
- package/dist/types/verify.d.ts +4 -0
- package/dist/types/zk/commit.d.ts +28 -0
- package/dist/types/zk/guard.d.ts +46 -0
- package/dist/types/zk/index.d.ts +19 -0
- package/dist/types/zk/preimage.d.ts +10 -0
- package/dist/types/zk/prover.d.ts +34 -0
- package/dist/types/zk/registry.d.ts +34 -0
- package/dist/types/zk/types.d.ts +33 -0
- package/dist/types/zk/witness.d.ts +40 -0
- package/package.json +47 -15
- package/dist/cjs/ottochain/normalize.js +0 -186
- package/dist/esm/ottochain/normalize.js +0 -179
- package/dist/types/ottochain/normalize.d.ts +0 -79
|
@@ -6,11 +6,33 @@
|
|
|
6
6
|
* self-signed mode, where clients sign their own transactions.
|
|
7
7
|
*/
|
|
8
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
-
exports.
|
|
9
|
+
exports.createStateMachinePayload = createStateMachinePayload;
|
|
10
|
+
exports.createTransitionPayload = createTransitionPayload;
|
|
11
|
+
exports.createArchivePayload = createArchivePayload;
|
|
12
|
+
exports.createScriptPayload = createScriptPayload;
|
|
13
|
+
exports.createInvokeScriptPayload = createInvokeScriptPayload;
|
|
14
|
+
exports.createAssetPolicyPayload = createAssetPolicyPayload;
|
|
15
|
+
exports.createMintAssetPayload = createMintAssetPayload;
|
|
16
|
+
exports.createApplyMorphismPayload = createApplyMorphismPayload;
|
|
17
|
+
exports.createAuthorizeComposePayload = createAuthorizeComposePayload;
|
|
18
|
+
exports.createPublishMachineVersionPayload = createPublishMachineVersionPayload;
|
|
19
|
+
exports.createUpgradeFiberPayload = createUpgradeFiberPayload;
|
|
20
|
+
exports.signTransaction = signTransaction;
|
|
21
|
+
exports.createDataTransactionRequest = createDataTransactionRequest;
|
|
22
|
+
exports.addTransactionSignature = addTransactionSignature;
|
|
23
|
+
exports.getPublicKeyForRegistration = getPublicKeyForRegistration;
|
|
10
24
|
const metagraph_sdk_1 = require("@constellation-network/metagraph-sdk");
|
|
25
|
+
const signing_js_1 = require("../signing.js");
|
|
11
26
|
/**
|
|
12
27
|
* Create a new state machine fiber payload.
|
|
13
28
|
*
|
|
29
|
+
* @remarks
|
|
30
|
+
* `params.definition` is signed VERBATIM. Pass the output of `toProtoDefinition(def)` (the
|
|
31
|
+
* allowlisted wire shape) — NOT a raw `FiberAppDefinition`: extra authoring fields
|
|
32
|
+
* (`createSchema` / `stateSchema` / `eventSchemas` / per-transition `emits`) would be signed
|
|
33
|
+
* but re-encoded away by the chain, diverging the canonical → opaque `InvalidSignature`.
|
|
34
|
+
* See `tests/ottochain/signing-parity.test.ts`.
|
|
35
|
+
*
|
|
14
36
|
* @param params - State machine creation parameters
|
|
15
37
|
* @returns A CreateStateMachine message ready for signing
|
|
16
38
|
*
|
|
@@ -37,7 +59,6 @@ function createStateMachinePayload(params) {
|
|
|
37
59
|
},
|
|
38
60
|
};
|
|
39
61
|
}
|
|
40
|
-
exports.createStateMachinePayload = createStateMachinePayload;
|
|
41
62
|
/**
|
|
42
63
|
* Create a transition payload ready for signing.
|
|
43
64
|
*
|
|
@@ -66,7 +87,6 @@ function createTransitionPayload(params) {
|
|
|
66
87
|
},
|
|
67
88
|
};
|
|
68
89
|
}
|
|
69
|
-
exports.createTransitionPayload = createTransitionPayload;
|
|
70
90
|
/**
|
|
71
91
|
* Create an archive payload ready for signing.
|
|
72
92
|
*
|
|
@@ -81,7 +101,6 @@ function createArchivePayload(params) {
|
|
|
81
101
|
},
|
|
82
102
|
};
|
|
83
103
|
}
|
|
84
|
-
exports.createArchivePayload = createArchivePayload;
|
|
85
104
|
/**
|
|
86
105
|
* Create a new script fiber payload.
|
|
87
106
|
*
|
|
@@ -100,7 +119,7 @@ exports.createArchivePayload = createArchivePayload;
|
|
|
100
119
|
* },
|
|
101
120
|
* },
|
|
102
121
|
* initialState: { value: 0 },
|
|
103
|
-
* accessControl: {
|
|
122
|
+
* accessControl: { Public: {} },
|
|
104
123
|
* });
|
|
105
124
|
* const signed = await signTransaction(script, privateKey);
|
|
106
125
|
* ```
|
|
@@ -111,11 +130,10 @@ function createScriptPayload(params) {
|
|
|
111
130
|
fiberId: params.fiberId,
|
|
112
131
|
scriptProgram: params.scriptProgram,
|
|
113
132
|
initialState: params.initialState ?? null,
|
|
114
|
-
accessControl: params.accessControl ?? {
|
|
133
|
+
accessControl: params.accessControl ?? { Public: {} },
|
|
115
134
|
},
|
|
116
135
|
};
|
|
117
136
|
}
|
|
118
|
-
exports.createScriptPayload = createScriptPayload;
|
|
119
137
|
/**
|
|
120
138
|
* Create an invoke script payload ready for signing.
|
|
121
139
|
*
|
|
@@ -132,13 +150,49 @@ function createInvokeScriptPayload(params) {
|
|
|
132
150
|
},
|
|
133
151
|
};
|
|
134
152
|
}
|
|
135
|
-
|
|
153
|
+
// ============================================================================
|
|
154
|
+
// Asset Operations (asset-model.md §7)
|
|
155
|
+
// ============================================================================
|
|
156
|
+
//
|
|
157
|
+
// Thin typed wrappers: the chain message types ({@link CreateAssetPolicy}, etc.) already model
|
|
158
|
+
// every field (required vs `Option`), so these builders just apply the `{ MessageName: ... }`
|
|
159
|
+
// envelope, for API parity with the state-machine/script `create*Payload` helpers. Sign the result
|
|
160
|
+
// with {@link signTransaction} (the canonical `JCS(dropNulls)` path drops any omitted optionals).
|
|
161
|
+
/** Wrap a {@link CreateAssetPolicy} (publish an asset-policy package version). */
|
|
162
|
+
function createAssetPolicyPayload(params) {
|
|
163
|
+
return { CreateAssetPolicy: params };
|
|
164
|
+
}
|
|
165
|
+
/** Wrap a {@link MintAsset} (mint a new asset instance against a resolved policy version). */
|
|
166
|
+
function createMintAssetPayload(params) {
|
|
167
|
+
return { MintAsset: params };
|
|
168
|
+
}
|
|
169
|
+
/** Wrap an {@link ApplyMorphism} (apply a typed morphism to an asset instance). */
|
|
170
|
+
function createApplyMorphismPayload(params) {
|
|
171
|
+
return { ApplyMorphism: params };
|
|
172
|
+
}
|
|
173
|
+
/** Wrap an {@link AuthorizeCompose} (commit half of the symmetric-compose handshake). */
|
|
174
|
+
function createAuthorizeComposePayload(params) {
|
|
175
|
+
return { AuthorizeCompose: params };
|
|
176
|
+
}
|
|
177
|
+
/** Wrap a {@link PublishMachineVersion} (create-or-append a STATE-MACHINE registry version). */
|
|
178
|
+
function createPublishMachineVersionPayload(params) {
|
|
179
|
+
return { PublishMachineVersion: params };
|
|
180
|
+
}
|
|
181
|
+
/** Wrap an {@link UpgradeFiber} (re-pin a fiber to another registered version of the SAME package). */
|
|
182
|
+
function createUpgradeFiberPayload(params) {
|
|
183
|
+
return { UpgradeFiber: params };
|
|
184
|
+
}
|
|
136
185
|
/**
|
|
137
186
|
* Sign a transaction payload for self-signed mode.
|
|
138
187
|
*
|
|
139
188
|
* This creates a Signed<T> object with the exact format expected by the bridge's
|
|
140
189
|
* `/agent/transition` endpoint when using self-signed mode.
|
|
141
190
|
*
|
|
191
|
+
* The signature is computed over the null-dropped canonical bytes (null
|
|
192
|
+
* object fields removed recursively, array nulls preserved, then RFC 8785),
|
|
193
|
+
* matching metakit's content-hash rule. Explicit-null and absent optional
|
|
194
|
+
* fields therefore produce identical signatures.
|
|
195
|
+
*
|
|
142
196
|
* @param message - The message to sign (e.g., from createTransitionPayload)
|
|
143
197
|
* @param privateKey - The private key in hex format (64 characters)
|
|
144
198
|
* @returns A signed object ready for submission to the bridge
|
|
@@ -171,13 +225,12 @@ exports.createInvokeScriptPayload = createInvokeScriptPayload;
|
|
|
171
225
|
* ```
|
|
172
226
|
*/
|
|
173
227
|
async function signTransaction(message, privateKey) {
|
|
174
|
-
const proof = await (0,
|
|
228
|
+
const proof = await (0, signing_js_1.signDataUpdate)(message, privateKey);
|
|
175
229
|
return {
|
|
176
230
|
value: message,
|
|
177
231
|
proofs: [proof],
|
|
178
232
|
};
|
|
179
233
|
}
|
|
180
|
-
exports.signTransaction = signTransaction;
|
|
181
234
|
/**
|
|
182
235
|
* Wrap a signed transaction in the DataTransactionRequest format
|
|
183
236
|
* expected by tessellation's DL1 `/data` endpoint.
|
|
@@ -202,25 +255,26 @@ exports.signTransaction = signTransaction;
|
|
|
202
255
|
function createDataTransactionRequest(signed) {
|
|
203
256
|
return { data: signed, fee: null };
|
|
204
257
|
}
|
|
205
|
-
exports.createDataTransactionRequest = createDataTransactionRequest;
|
|
206
258
|
/**
|
|
207
259
|
* Add an additional signature to a signed transaction.
|
|
208
260
|
*
|
|
209
261
|
* Use this for multi-signature scenarios where multiple parties
|
|
210
262
|
* need to sign the same transaction.
|
|
211
263
|
*
|
|
264
|
+
* The new signature is computed over the null-dropped canonical bytes,
|
|
265
|
+
* matching metakit's content-hash rule (see {@link signTransaction}).
|
|
266
|
+
*
|
|
212
267
|
* @param signed - The already-signed transaction
|
|
213
268
|
* @param privateKey - Additional signer's private key
|
|
214
269
|
* @returns Transaction with additional signature
|
|
215
270
|
*/
|
|
216
271
|
async function addTransactionSignature(signed, privateKey) {
|
|
217
|
-
const newProof = await (0,
|
|
272
|
+
const newProof = await (0, signing_js_1.signDataUpdate)(signed.value, privateKey);
|
|
218
273
|
return {
|
|
219
274
|
value: signed.value,
|
|
220
275
|
proofs: [...signed.proofs, newProof],
|
|
221
276
|
};
|
|
222
277
|
}
|
|
223
|
-
exports.addTransactionSignature = addTransactionSignature;
|
|
224
278
|
/**
|
|
225
279
|
* Get the public key ID from a private key in the format expected by registration.
|
|
226
280
|
*
|
|
@@ -248,4 +302,3 @@ exports.addTransactionSignature = addTransactionSignature;
|
|
|
248
302
|
function getPublicKeyForRegistration(privateKey) {
|
|
249
303
|
return (0, metagraph_sdk_1.getPublicKeyId)(privateKey);
|
|
250
304
|
}
|
|
251
|
-
exports.getPublicKeyForRegistration = getPublicKeyForRegistration;
|
|
@@ -9,7 +9,15 @@
|
|
|
9
9
|
* @packageDocumentation
|
|
10
10
|
*/
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.OTTOCHAIN_MESSAGE_TYPES = void 0;
|
|
12
|
+
exports.OTTOCHAIN_MESSAGE_TYPES = exports.TOKEN_BEHAVIOR_BITS = void 0;
|
|
13
|
+
/** Bit weights for {@link TokenBehavior} (T=16, S=8, C=4, E=2, G=1). */
|
|
14
|
+
exports.TOKEN_BEHAVIOR_BITS = {
|
|
15
|
+
transferable: 16,
|
|
16
|
+
splittable: 8,
|
|
17
|
+
combinable: 4,
|
|
18
|
+
expirable: 2,
|
|
19
|
+
governable: 1,
|
|
20
|
+
};
|
|
13
21
|
/**
|
|
14
22
|
* Names of all valid OttochainMessage types.
|
|
15
23
|
* Use this for runtime validation (e.g., in API routes).
|
|
@@ -21,7 +29,13 @@ exports.OTTOCHAIN_MESSAGE_TYPES = [
|
|
|
21
29
|
'UpgradeFiber',
|
|
22
30
|
'CreateScript',
|
|
23
31
|
'InvokeScript',
|
|
24
|
-
'
|
|
32
|
+
'UpgradeScript',
|
|
33
|
+
'PublishMachineVersion',
|
|
34
|
+
'PublishScriptVersion',
|
|
25
35
|
'SetVersionStatus',
|
|
26
36
|
'RegisterAlias',
|
|
37
|
+
'CreateAssetPolicy',
|
|
38
|
+
'MintAsset',
|
|
39
|
+
'ApplyMorphism',
|
|
40
|
+
'AuthorizeCompose',
|
|
27
41
|
];
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.vickreyAuctionDef = exports.shieldedSealedBidDef = exports.sealedBidAccountDef = exports.SHIELDED_POOL_STATE = exports.shieldApp = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* Privacy: shield any fiber app into a zk-jlvm-shielded private-state pool.
|
|
6
|
+
* See docs/design/zk-private-contract-state-rfc.md.
|
|
7
|
+
*/
|
|
8
|
+
var shield_app_js_1 = require("./shield-app.js");
|
|
9
|
+
Object.defineProperty(exports, "shieldApp", { enumerable: true, get: function () { return shield_app_js_1.shieldApp; } });
|
|
10
|
+
Object.defineProperty(exports, "SHIELDED_POOL_STATE", { enumerable: true, get: function () { return shield_app_js_1.SHIELDED_POOL_STATE; } });
|
|
11
|
+
var sealed_bid_js_1 = require("./sealed-bid.js");
|
|
12
|
+
Object.defineProperty(exports, "sealedBidAccountDef", { enumerable: true, get: function () { return sealed_bid_js_1.sealedBidAccountDef; } });
|
|
13
|
+
Object.defineProperty(exports, "shieldedSealedBidDef", { enumerable: true, get: function () { return sealed_bid_js_1.shieldedSealedBidDef; } });
|
|
14
|
+
Object.defineProperty(exports, "vickreyAuctionDef", { enumerable: true, get: function () { return sealed_bid_js_1.vickreyAuctionDef; } });
|
|
@@ -0,0 +1,213 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Sealed-bid (Vickrey) auction — the worked example for the privacy stack.
|
|
4
|
+
*
|
|
5
|
+
* Two pieces (RFC §4):
|
|
6
|
+
* 1. `sealedBidAccountDef` — the PRIVATE per-bidder bid. `shieldApp` turns it into a shielded
|
|
7
|
+
* pool (`shieldedSealedBidDef`): a bidder commits a bid note and proves it well-formed with a
|
|
8
|
+
* zk-jlvm-shielded Groth16 proof, so the amount stays sealed *until the deadline*. This is the
|
|
9
|
+
* mechanical per-instance / single-owner case.
|
|
10
|
+
* 2. `vickreyAuctionDef` — the PUBLIC settlement (reveal-then-tally). After the deadline bidders
|
|
11
|
+
* open their notes; the combine computes winner = argmax and clearingPrice = second-highest
|
|
12
|
+
* (the Vickrey price). This is the one shared-state step, kept simple for v1; a zk settlement
|
|
13
|
+
* proof that seals losers' amounts forever is the deferred upgrade (RFC §10).
|
|
14
|
+
*/
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.vickreyAuctionDef = exports.sealedBidAccountDef = void 0;
|
|
17
|
+
exports.shieldedSealedBidDef = shieldedSealedBidDef;
|
|
18
|
+
const fiber_app_js_1 = require("../schema/fiber-app.js");
|
|
19
|
+
const shield_app_js_1 = require("./shield-app.js");
|
|
20
|
+
// ── 1. The private bid (base app, shielded by shieldApp) ──────────────────────
|
|
21
|
+
/** The per-bidder PRIVATE state: a bid note `{ amount, bidder, nonce }`. */
|
|
22
|
+
exports.sealedBidAccountDef = (0, fiber_app_js_1.defineFiberApp)({
|
|
23
|
+
metadata: {
|
|
24
|
+
name: 'SealedBidAccount',
|
|
25
|
+
app: 'markets',
|
|
26
|
+
type: 'sealed-bid-account',
|
|
27
|
+
version: '1.0.0',
|
|
28
|
+
description: "A single bidder's sealed bid (private amount). Shielded via shieldApp.",
|
|
29
|
+
},
|
|
30
|
+
stateSchema: {
|
|
31
|
+
properties: {
|
|
32
|
+
amount: { type: 'number', description: 'the (private) bid amount' },
|
|
33
|
+
bidder: { type: 'address' },
|
|
34
|
+
nonce: { type: 'number', description: 'per-note randomness; keeps the commitment hiding' },
|
|
35
|
+
},
|
|
36
|
+
},
|
|
37
|
+
eventSchemas: {
|
|
38
|
+
place_bid: {
|
|
39
|
+
description: 'Set the sealed bid amount',
|
|
40
|
+
required: ['amount'],
|
|
41
|
+
properties: { amount: { type: 'number', minimum: 1 } },
|
|
42
|
+
},
|
|
43
|
+
},
|
|
44
|
+
states: {
|
|
45
|
+
OPEN: { id: 'OPEN', isFinal: false, metadata: { label: 'Open', description: 'No bid yet', category: 'initial' } },
|
|
46
|
+
BID: { id: 'BID', isFinal: false, metadata: { label: 'Bid', description: 'Bid committed', category: 'active' } },
|
|
47
|
+
},
|
|
48
|
+
initialState: 'OPEN',
|
|
49
|
+
transitions: [
|
|
50
|
+
{
|
|
51
|
+
// This effect is what the zk-jlvm-shielded circuit runs in-zkVM; `exprHash` pins it.
|
|
52
|
+
from: 'OPEN',
|
|
53
|
+
to: 'BID',
|
|
54
|
+
eventName: 'place_bid',
|
|
55
|
+
guard: { '>': [{ var: 'event.amount' }, 0] },
|
|
56
|
+
effect: { merge: [{ var: 'state' }, { amount: { var: 'event.amount' } }] },
|
|
57
|
+
dependencies: [],
|
|
58
|
+
},
|
|
59
|
+
],
|
|
60
|
+
});
|
|
61
|
+
/**
|
|
62
|
+
* The shielded sealed-bid pool. `vkey`/`exprHash` come from the built zk-jlvm-shielded circuit
|
|
63
|
+
* (these are placeholders until the circuit's program vkey + the keccak of the `place_bid` effect
|
|
64
|
+
* are wired in by the genesis/build step).
|
|
65
|
+
*/
|
|
66
|
+
function shieldedSealedBidDef(opts) {
|
|
67
|
+
return (0, shield_app_js_1.shieldApp)(exports.sealedBidAccountDef, opts);
|
|
68
|
+
}
|
|
69
|
+
// ── 2. The public Vickrey settlement ──────────────────────────────────────────
|
|
70
|
+
/**
|
|
71
|
+
* Public reveal-then-tally settlement. `reveal` appends an opened bid (in a full build the opening
|
|
72
|
+
* is checked against the recorded commitment in the shielded pool); `settle` computes the winner
|
|
73
|
+
* and the Vickrey (second-price) clearing price over the revealed bids in one reduce.
|
|
74
|
+
*/
|
|
75
|
+
exports.vickreyAuctionDef = (0, fiber_app_js_1.defineFiberApp)({
|
|
76
|
+
metadata: {
|
|
77
|
+
name: 'VickreyAuction',
|
|
78
|
+
app: 'markets',
|
|
79
|
+
type: 'vickrey-auction',
|
|
80
|
+
version: '1.0.0',
|
|
81
|
+
description: 'Sealed-bid second-price auction: public reveal-then-tally over shielded bids.',
|
|
82
|
+
crossReferences: { bidPool: 'the ShieldedSealedBidAccount pool holding the sealed bids' },
|
|
83
|
+
},
|
|
84
|
+
createSchema: {
|
|
85
|
+
required: ['seller', 'deadline'],
|
|
86
|
+
properties: {
|
|
87
|
+
seller: { type: 'address', immutable: true },
|
|
88
|
+
deadline: { type: 'timestamp', immutable: true },
|
|
89
|
+
},
|
|
90
|
+
},
|
|
91
|
+
stateSchema: {
|
|
92
|
+
properties: {
|
|
93
|
+
seller: { type: 'address', immutable: true },
|
|
94
|
+
deadline: { type: 'timestamp', immutable: true },
|
|
95
|
+
status: { type: 'string', computed: true },
|
|
96
|
+
revealed: { type: 'array', computed: true, description: 'opened bids [{bidder, amount}]' },
|
|
97
|
+
winner: { type: 'address', computed: true },
|
|
98
|
+
clearingPrice: { type: 'number', computed: true, description: 'second-highest bid (Vickrey)' },
|
|
99
|
+
},
|
|
100
|
+
},
|
|
101
|
+
eventSchemas: {
|
|
102
|
+
reveal: {
|
|
103
|
+
description: 'Open a sealed bid after the deadline',
|
|
104
|
+
required: ['bidder', 'amount'],
|
|
105
|
+
properties: { bidder: { type: 'address' }, amount: { type: 'number', minimum: 1 } },
|
|
106
|
+
},
|
|
107
|
+
settle: { description: 'Tally the revealed bids (winner + second price)' },
|
|
108
|
+
},
|
|
109
|
+
states: {
|
|
110
|
+
OPEN: {
|
|
111
|
+
id: 'OPEN',
|
|
112
|
+
isFinal: false,
|
|
113
|
+
metadata: { label: 'Open', description: 'Bidding (sealed)', category: 'initial' },
|
|
114
|
+
},
|
|
115
|
+
REVEAL: {
|
|
116
|
+
id: 'REVEAL',
|
|
117
|
+
isFinal: false,
|
|
118
|
+
metadata: { label: 'Reveal', description: 'Opening bids', category: 'active' },
|
|
119
|
+
},
|
|
120
|
+
SETTLED: {
|
|
121
|
+
id: 'SETTLED',
|
|
122
|
+
isFinal: true,
|
|
123
|
+
metadata: { label: 'Settled', description: 'Winner + price set', category: 'terminal' },
|
|
124
|
+
},
|
|
125
|
+
},
|
|
126
|
+
initialState: 'OPEN',
|
|
127
|
+
transitions: [
|
|
128
|
+
{
|
|
129
|
+
from: 'OPEN',
|
|
130
|
+
to: 'REVEAL',
|
|
131
|
+
eventName: 'reveal',
|
|
132
|
+
guard: { '>=': [{ var: '$timestamp' }, { var: 'state.deadline' }] },
|
|
133
|
+
effect: {
|
|
134
|
+
merge: [
|
|
135
|
+
{ var: 'state' },
|
|
136
|
+
{
|
|
137
|
+
status: 'REVEAL',
|
|
138
|
+
revealed: {
|
|
139
|
+
cat: [{ var: 'state.revealed' }, [{ bidder: { var: 'event.bidder' }, amount: { var: 'event.amount' } }]],
|
|
140
|
+
},
|
|
141
|
+
},
|
|
142
|
+
],
|
|
143
|
+
},
|
|
144
|
+
dependencies: [],
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
from: 'REVEAL',
|
|
148
|
+
to: 'REVEAL',
|
|
149
|
+
eventName: 'reveal',
|
|
150
|
+
guard: { '>=': [{ var: '$timestamp' }, { var: 'state.deadline' }] },
|
|
151
|
+
effect: {
|
|
152
|
+
merge: [
|
|
153
|
+
{ var: 'state' },
|
|
154
|
+
{
|
|
155
|
+
revealed: {
|
|
156
|
+
cat: [{ var: 'state.revealed' }, [{ bidder: { var: 'event.bidder' }, amount: { var: 'event.amount' } }]],
|
|
157
|
+
},
|
|
158
|
+
},
|
|
159
|
+
],
|
|
160
|
+
},
|
|
161
|
+
dependencies: [],
|
|
162
|
+
},
|
|
163
|
+
{
|
|
164
|
+
// Vickrey tally: fold the revealed bids tracking (max, second, winner).
|
|
165
|
+
from: 'REVEAL',
|
|
166
|
+
to: 'SETTLED',
|
|
167
|
+
eventName: 'settle',
|
|
168
|
+
guard: { '>': [{ reduce: [{ var: 'state.revealed' }, { '+': [{ var: 'accumulator' }, 1] }, 0] }, 0] },
|
|
169
|
+
effect: {
|
|
170
|
+
merge: [
|
|
171
|
+
{ var: 'state' },
|
|
172
|
+
{
|
|
173
|
+
status: 'SETTLED',
|
|
174
|
+
settledAt: { var: '$timestamp' },
|
|
175
|
+
winner: {
|
|
176
|
+
var: ['tally.winner', null],
|
|
177
|
+
},
|
|
178
|
+
clearingPrice: { var: ['tally.second', 0] },
|
|
179
|
+
// compute the tally once and expose it for the two fields above
|
|
180
|
+
tally: {
|
|
181
|
+
reduce: [
|
|
182
|
+
{ var: 'state.revealed' },
|
|
183
|
+
{
|
|
184
|
+
if: [
|
|
185
|
+
{ '>': [{ var: 'current.amount' }, { var: 'accumulator.max' }] },
|
|
186
|
+
{
|
|
187
|
+
max: { var: 'current.amount' },
|
|
188
|
+
second: { var: 'accumulator.max' },
|
|
189
|
+
winner: { var: 'current.bidder' },
|
|
190
|
+
},
|
|
191
|
+
{
|
|
192
|
+
if: [
|
|
193
|
+
{ '>': [{ var: 'current.amount' }, { var: 'accumulator.second' }] },
|
|
194
|
+
{
|
|
195
|
+
max: { var: 'accumulator.max' },
|
|
196
|
+
second: { var: 'current.amount' },
|
|
197
|
+
winner: { var: 'accumulator.winner' },
|
|
198
|
+
},
|
|
199
|
+
{ var: 'accumulator' },
|
|
200
|
+
],
|
|
201
|
+
},
|
|
202
|
+
],
|
|
203
|
+
},
|
|
204
|
+
{ max: 0, second: 0, winner: null },
|
|
205
|
+
],
|
|
206
|
+
},
|
|
207
|
+
},
|
|
208
|
+
],
|
|
209
|
+
},
|
|
210
|
+
dependencies: [],
|
|
211
|
+
},
|
|
212
|
+
],
|
|
213
|
+
});
|
|
@@ -0,0 +1,131 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* shieldApp — turn a fiber app into a PRIVATE-state pool.
|
|
4
|
+
*
|
|
5
|
+
* Given a base {@link FiberAppDefinition} (the app whose state + transition you want to keep
|
|
6
|
+
* private), `shieldApp` returns a new `FiberAppDefinition` for a "shielded pool" Machine fiber.
|
|
7
|
+
* The pool's state is PUBLIC scaffolding only — the spent-nullifier set, the commitment log, and
|
|
8
|
+
* the set of valid anchors — while the app's real state lives off-chain in a note committed to
|
|
9
|
+
* the tree. Each app transition is carried out off-chain and attested by a single
|
|
10
|
+
* `zk-jlvm-shielded` Groth16 proof; the on-chain combine just verifies the proof, rejects an
|
|
11
|
+
* already-spent nullifier, and records the new commitment.
|
|
12
|
+
*
|
|
13
|
+
* Division of labour (see ottochain-sdk RFC docs/design/zk-private-contract-state-rfc.md):
|
|
14
|
+
* - the CIRCUIT proves membership ∧ authorization ∧ `jlvm-core` effect ∧ new commitment;
|
|
15
|
+
* - this GUARD (combine) verifies the proof, pins which app logic ran (`exprHash`), checks the
|
|
16
|
+
* anchor is recent, and checks the nullifier is fresh — all combiner-only (CLAUDE.md);
|
|
17
|
+
* - block-validity stays structural (proof / publicValues present + hex).
|
|
18
|
+
*
|
|
19
|
+
* It uses NO new metakit opcode: `groth16_verify` verifies the proof, and the four-`bytes32`
|
|
20
|
+
* public values (`anchor`, `nullifier`, `newCommitment`, `exprHash`) are extracted from the
|
|
21
|
+
* VERIFIED `publicValues` string with fixed-offset `substr` — slicing the verified bytes IS the
|
|
22
|
+
* binding (§8.1).
|
|
23
|
+
*
|
|
24
|
+
* NOTE on cost: the note model rehashes the whole state each transition, so proving cost is
|
|
25
|
+
* O(state size) (RFC §8). Keep shielded note state small (a few KB); for large keyed state use
|
|
26
|
+
* the auth-DB variant (RFC §3.1.1).
|
|
27
|
+
*/
|
|
28
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
29
|
+
exports.SHIELDED_POOL_STATE = void 0;
|
|
30
|
+
exports.shieldApp = shieldApp;
|
|
31
|
+
const fiber_app_js_1 = require("../schema/fiber-app.js");
|
|
32
|
+
/**
|
|
33
|
+
* Field extractors over the abi-encoded `JlvmTransitionPublicValues` — four static `bytes32`
|
|
34
|
+
* `[anchor | nullifier | newCommitment | exprHash]`, a fixed 128-byte (256 hex char) layout with
|
|
35
|
+
* NO dynamic arrays. `publicValues` is the 0x-prefixed hex from the prover, so each field is 64
|
|
36
|
+
* hex chars starting at: anchor=2, nullifier=66, newCommitment=130, exprHash=194.
|
|
37
|
+
*/
|
|
38
|
+
const pvField = (publicValues, hexOffset) => ({
|
|
39
|
+
substr: [publicValues, hexOffset, 64],
|
|
40
|
+
});
|
|
41
|
+
/** Standard public state every shielded pool carries (the rest of the app state is private/off-chain). */
|
|
42
|
+
exports.SHIELDED_POOL_STATE = {
|
|
43
|
+
vkey: { type: 'hash', immutable: true },
|
|
44
|
+
exprHash: { type: 'hash', immutable: true },
|
|
45
|
+
rootWindow: { type: 'integer', immutable: true },
|
|
46
|
+
currentRoot: { type: 'hash', computed: true },
|
|
47
|
+
knownRoots: { type: 'array', computed: true, description: 'rolling window of valid anchors (hex)' },
|
|
48
|
+
nullifiers: { type: 'array', computed: true, description: 'spent set (hex); monotonic — see RFC §5.3' },
|
|
49
|
+
commitments: { type: 'array', computed: true, description: 'append-only log of output commitments (hex)' },
|
|
50
|
+
leafCount: { type: 'integer', computed: true, default: 0 },
|
|
51
|
+
transitions: { type: 'integer', computed: true, default: 0 },
|
|
52
|
+
};
|
|
53
|
+
/**
|
|
54
|
+
* Build the shielded-pool variant of `base`.
|
|
55
|
+
*
|
|
56
|
+
* @param base the app being shielded (used for naming + to document the pinned logic).
|
|
57
|
+
* @param opts the circuit vkey + the pinned `exprHash` + the anchor window.
|
|
58
|
+
*/
|
|
59
|
+
function shieldApp(base, opts) {
|
|
60
|
+
const publicValues = { var: 'event.publicValues' };
|
|
61
|
+
const anchor = pvField(publicValues, 2);
|
|
62
|
+
const nullifier = pvField(publicValues, 66);
|
|
63
|
+
const newCommitment = pvField(publicValues, 130);
|
|
64
|
+
const exprHash = pvField(publicValues, 194);
|
|
65
|
+
// GUARD (combine): all stateful, combiner-only.
|
|
66
|
+
const guard = {
|
|
67
|
+
and: [
|
|
68
|
+
// 1. the proof verifies against the pool's pinned vkey over EXACTLY these public bytes
|
|
69
|
+
{ groth16_verify: [{ var: 'state.vkey' }, publicValues, { var: 'event.proof' }] },
|
|
70
|
+
// 2. it ran the app logic this pool pins (binds which effect produced the transition)
|
|
71
|
+
{ '===': [exprHash, { var: 'state.exprHash' }] },
|
|
72
|
+
// 3. the spent note was proven under an anchor we still honor
|
|
73
|
+
{ in: [anchor, { var: 'state.knownRoots' }] },
|
|
74
|
+
// 4. inter-transfer double-spend guard: the nullifier is not already spent
|
|
75
|
+
{ none: [{ var: 'state.nullifiers' }, { '===': [{ var: '' }, nullifier] }] },
|
|
76
|
+
],
|
|
77
|
+
};
|
|
78
|
+
// EFFECT (combine): spend the nullifier, record the new commitment, advance counters.
|
|
79
|
+
// Root advancement (turning the appended commitment into the next anchor) is wallet/Bridge-side
|
|
80
|
+
// per RFC §6.2 / §10; the chain records the commitment + nullifier here.
|
|
81
|
+
const effect = {
|
|
82
|
+
merge: [
|
|
83
|
+
{ var: 'state' },
|
|
84
|
+
{
|
|
85
|
+
nullifiers: { cat: [{ var: 'state.nullifiers' }, [nullifier]] },
|
|
86
|
+
commitments: { cat: [{ var: 'state.commitments' }, [newCommitment]] },
|
|
87
|
+
leafCount: { '+': [{ var: 'state.leafCount' }, 1] },
|
|
88
|
+
transitions: { '+': [{ var: 'state.transitions' }, 1] },
|
|
89
|
+
lastTransitionAt: { var: '$ordinal' },
|
|
90
|
+
},
|
|
91
|
+
],
|
|
92
|
+
};
|
|
93
|
+
return (0, fiber_app_js_1.defineFiberApp)({
|
|
94
|
+
metadata: {
|
|
95
|
+
name: `Shielded${base.metadata.name}`,
|
|
96
|
+
app: 'privacy',
|
|
97
|
+
type: `shielded-${base.metadata.type}`,
|
|
98
|
+
version: base.metadata.version,
|
|
99
|
+
description: `Shielded (zk-jlvm-shielded) variant of ${base.metadata.name}: private state transitions ` +
|
|
100
|
+
`verified by a Groth16 proof; the nullifier set + anchors are public pool state.`,
|
|
101
|
+
},
|
|
102
|
+
createSchema: {
|
|
103
|
+
required: ['vkey', 'exprHash'],
|
|
104
|
+
properties: {
|
|
105
|
+
vkey: { type: 'hash', immutable: true, default: opts.vkey },
|
|
106
|
+
exprHash: { type: 'hash', immutable: true, default: opts.exprHash },
|
|
107
|
+
rootWindow: { type: 'integer', immutable: true, default: opts.rootWindow ?? 64 },
|
|
108
|
+
},
|
|
109
|
+
},
|
|
110
|
+
stateSchema: { properties: { ...exports.SHIELDED_POOL_STATE } },
|
|
111
|
+
eventSchemas: {
|
|
112
|
+
transition: {
|
|
113
|
+
description: `A private state transition of ${base.metadata.name}, attested by a zk-jlvm-shielded Groth16 proof.`,
|
|
114
|
+
required: ['proof', 'publicValues'],
|
|
115
|
+
properties: {
|
|
116
|
+
proof: { type: 'string', description: 'Groth16 proof bytes (0x hex)' },
|
|
117
|
+
publicValues: { type: 'string', description: 'abi-encoded JlvmTransitionPublicValues (4×bytes32, 0x hex)' },
|
|
118
|
+
},
|
|
119
|
+
},
|
|
120
|
+
},
|
|
121
|
+
states: {
|
|
122
|
+
ACTIVE: {
|
|
123
|
+
id: 'ACTIVE',
|
|
124
|
+
isFinal: false,
|
|
125
|
+
metadata: { label: 'Active', description: 'Pool accepts shielded transitions', category: 'active' },
|
|
126
|
+
},
|
|
127
|
+
},
|
|
128
|
+
initialState: 'ACTIVE',
|
|
129
|
+
transitions: [{ from: 'ACTIVE', to: 'ACTIVE', eventName: 'transition', guard, effect, dependencies: [] }],
|
|
130
|
+
});
|
|
131
|
+
}
|