firo icon indicating copy to clipboard operation
firo copied to clipboard

Published 20 hours ago verified publisher icon firoorg

Spend transaction claims

Open AaronFeickert opened this issue 1 year ago • 4 comments

This PR is an initial draft of a design for spend transaction claims.

A claim is a proof against an existing spend transaction that asserts the prover knew the spend key used to authorize the transaction. It also binds an arbitrary message into the proof, which can be useful to avoid replay. It has the same structure as a ChaumProof, which is how it is internally represented (but it uses domain separation to ensure it can't be replayed for transaction authorization).

How this should be structured in the codebase is up for debate. Because a claim is structured like a Chaum authorizing proof, it uses the same ChaumProof data structure and serialization. It is generated and verified using the static SpendTransaction::proveClaim and SpendTransaction::verifyClaim functions.

The prover must provide the spend transaction, the (secret) input coin data representing the coins that were consumed in the spend transaction, its full view and spend keys, an arbitrary message, and an identifier that the verifier can use to obtain its own view of the spend transaction.

The verifier must provide the proof, spend transaction, arbitrary message, and identifier. It is very important that the verifier use its own view of the spend transaction! Otherwise, the prover could lie about its contents.

Once the prover produces the ChaumProof data structure representing the claim, it should be sent to the verifier in a serialized package containing:

  • the ChaumProof
  • the spend transaction identifier
  • the arbitrary message

The verifier then uses its view of the ledger to look up the spend transaction using the identifier. It checks that the message is as expected. Then, it verifies the claim by checking the ChaumProof while binding in the identifier and message.

Summary by CodeRabbit

  • New Features
    • Expanded the libspark library to include functionality for creating, proving, and verifying claims in cryptographic protocols.
    • Introduced new capabilities in spend transactions to generate and verify claims, enhancing security and control over transaction claims.

AaronFeickert avatar Jan 16 '24 20:01 AaronFeickert

It's likely a better idea to create a ClaimProof class that handles the (de)serialization.

AaronFeickert avatar Jan 16 '24 21:01 AaronFeickert

Added basic tests.

AaronFeickert avatar Feb 13 '24 18:02 AaronFeickert

@coderabbitai review

reubenyap avatar Mar 06 '24 18:03 reubenyap

[!IMPORTANT]

Auto Review Skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

The recent updates introduce a new Claim class within the libspark library, enhancing its cryptographic protocol capabilities. This class is pivotal for creating, proving, and verifying claims, particularly in the context of spend transactions. It encapsulates the necessary functionality for handling claims, including challenge generation, claim proof creation, and proof verification. These changes are spread across the Makefile, libspark, and test files, indicating a comprehensive integration of the new claim processing features.

Changes

Files Change Summaries
src/Makefile.am Added claim.h and claim.cpp to libspark sources.
src/libspark/claim.cpp, claim.h Introduced Claim class for creating, proving, and verifying claims.
src/libspark/spend_transaction.cpp, spend_transaction.h Added proveClaim and verifyClaim methods to SpendTransaction class for claim processing.
src/libspark/test/spend_transaction_test.cpp Enhanced testing for claim generation and verification in spend transactions.
src/libspark/util.h Added LABEL_TRANSCRIPT_CLAIM constant.

🐰✨
In the realm of code, where the bits align,
A new class emerges, its design so fine.
With claims to prove, and proofs to verify,
The libspark library, now soaring high.
Through tests and transactions, it weaves its tale,
A cryptographic journey, where none shall fail.
🌟🐾

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot] avatar Mar 06 '24 18:03 coderabbitai[bot]