Adding a ptx type flag to solve the potential information leakage when allowing the shielded and transparent mixing

[XuyangSong]

Problem: when allowing the shielded and transparent mixing, a transparent partial transaction could consume the shielded notes(intents). The private information of shielded notes(intents) could be deduced from the transparent ptx since they are balanced finally. And the owner of shielded notes(intents) can not perceive how the ptx will be matched and the potential information leakage.

Exposing some private information is unavoidable in the face of shielded and transparent interaction. But the decision should be made by the user(owner), not the ptx matcher(solver).

Solution: Adding a type flag in the partial transaction to specify whether the ptx is shielded or transparent. The flag could be constrained in the predicate if needed and be checked publicly out of the predicate. This way, the owner could explicitly prevent the shielded notes(intents) from being consumed by transparent partial transactions. Without explicit constraints on the flag, a transparent partial transaction could consume the shielded notes(intents) by default.