taproot-assets icon indicating copy to clipboard operation
taproot-assets copied to clipboard

Published 20 hours ago verified publisher icon lightninglabs

[feature]: custom Group Key API for minting

Open jharveyb opened this issue 1 year ago • 7 comments

Related to #343 .

We have support for group keys that include tapscript trees, but no way for users to actually provide a tapscript tree root during the minting process. Specifically:

  • [x] Providing a specific internal key for a group key for an asset during minting.
  • [x] Providing a custom witness for group key membership in a batch when finalizing a batch.
  • [x] Storing the tapscript tree for future use (tracked in #343)

For the first point, we'll need to add a new field to the Seedling and MintAssetRequest structs for custom group keys. We likely also want to mark these seedlings as using a custom group key, so that we require an external witness when finalizing the batch.

For the second point, we'll need to extend the FinalizeBatch call to accept a list of witnesses for each seedling. Otherwise we shouldn't have many changes wrt. creating the minting proofs.

The last point is being tracked in #343.

jharveyb avatar Dec 05 '23 19:12 jharveyb

Depends on #768.

There are a few points in the minting flow where this feature could be exposed:

  • AddSeedling call, when providing other details about the asset that will become the group anchor
  • Finalize call, when specifying other batch-wide parameters like feerate
  • A new call, Sign, to provide a witness for a group key in the batch

I'm in favor of the first option, as otherwise we have to specify the mapping between the provided witness and the asset seedlings.

Separately, there is the option to mandate that a tapscript tree is stored with tapd before minting begins (or least, with an RPC unrelated to minting). Then the tree could be referenced by root hash in minting-related calls.

More generally, right now we don't support an externally-managed key as the internal key for an asset group key. However, we also can't create a group key without an anchor asset. So we likely want to expand the AddSeedling call to be able to specify a custom internal key.

We'll also need more validation logic around group witnesses, to fail early for incorrect user-provided witnesses, but also to reject batch finalization if tapd can't produce a group witness directly (because a group internal key is externally managed).

jharveyb avatar Feb 22 '24 20:02 jharveyb

During initial implementation investigation, @jharveyb uncovered, a few areas which necessary changes will need to be implemented. An corresponding issue to describe the necessary prerequisites before this issue is started is currently being written. Roughly the prerequisite are:

  • [ ] Reordering minter logic
  • [ ] Exposing group key creation phases

dstadulis avatar Mar 01 '24 19:03 dstadulis

We'll also need more validation logic around group witnesses, to fail early for incorrect user-provided witnesses, but also to reject batch finalization if tapd can't produce a group witness directly (because a group internal key is externally managed).

IIRC, we can only actually validate the group witness once we know the true asset/ID, which right now is when we go to finalize (do the coin selection, etc) and obtain the genesis prev out. As a result, I think we're forced to either just accept all the witnesses in finalize, or accept it in AddSeedling, then only validate later on once we've done the necessary in selection. With the latter option, we could start to lock that genesis prev out sooner in the process, but need to make sure the lease is properly renwed.

Roasbeef avatar Mar 01 '24 21:03 Roasbeef

Moved discussion on this requirement to #820.

jharveyb avatar Mar 01 '24 22:03 jharveyb

From discussion in #820, user flow would be:

  • Submit 1+ assets via MintAsset. Some assets may specify an internal key their asset group, or a tapscript root to be included in their asset group key.
  • Explicitly fund the batch via FundBatch, with an optional feerate and anchor tapscript tree sibling.
  • Call ListBatches to display the group virtual TXs associated with each seedling that will be a group anchor or grouped asset.
  • Select seedlings to produce custom witnesses for and generate tapscript leaves that satisfy the tapscript tree referenced in a seedling submitted earlier.
  • Construct the correct signing descriptor and pass that, along with the relevant script leaves, trees, and group virtual TXs, to an external signer that satisfies the lnd SignOutputRaw RPC (or equivalent).
  • Submit the produced witnesses, along with the assetID of the associated seedling, to the minter via SealBatch.
  • If all witnesses are validated successfully, call Finalize to finish the minting process.

jharveyb avatar Mar 25 '24 17:03 jharveyb

Construct the correct signing descriptor and pass that, along with the relevant script leaves, trees, and group virtual TXs, to an external signer that satisfies the lnd SignOutputRaw RPC (or equivalent).

https://github.com/lightninglabs/taproot-assets/issues/722#issuecomment-2018545094

https://github.com/lightninglabs/taproot-assets/blob/649425831ce5310ff2cca50a7ca85e5245000f4e/asset/asset.go#L1108-L1217 stipulates the properties of the fields that a user, who is creating an external group key, will need to satisfy. Previously this would have been handled by lnd but now user would need to ensure conformance.

dstadulis avatar Mar 25 '24 17:03 dstadulis

Implemented in #827 , being exposed in #866 .

#883 is related.

jharveyb avatar Apr 16 '24 17:04 jharveyb