namada
namada copied to clipboard
Murisi+grarco/multi tx masp vp rebased
Describe your changes
Tried to increase the readability, strength, and generality of the MASP validity predicate whilst decreasing its verbosity. The changes are as follows:
-
Transaction
inputs and outputs that exceed pre-balances and post-balances respectively are no longer allowed. - Now use the Sapling value balance in order to verify that movement in and out of the shielded pool is correct
- Now handle all
AssetType
decoding in one place before starting to check the transparent bundles - The VP should now support
Transaction
s and unrelatedTransfer
s touching the same addresses/tokens - Tried to remove the code that gave IBC minting transactions special treatment now that Sapling value balance is used
- Reduced dependency on the multitoken VP by directly checking the correctness of MASP VP balance changes
- Now check that all
Transaction
s and the balancing transaction are sufficiently authorized; prevents malleability
What would still need to be handled/fixed if this code turns out to be relevant:
- Add integration tests. Like checking that an unshielding
Transaction
to Bertha is embeddable inside aTransfer
to Christel only if Bertha has signed the entire transaction (in addition to the usual MASP checks).
Indicate on which release or other PRs this topic is based on
Namada 0.34.0 https://github.com/anoma/masp/pull/79
Checklist before merging to draft
- [x] I have added a changelog
- [x] Git history is in acceptable state