2020-10-16 12:54:45 -07:00
|
|
|
use std::{
|
2020-11-20 19:47:30 -08:00
|
|
|
collections::HashMap,
|
2020-10-16 12:54:45 -07:00
|
|
|
future::Future,
|
|
|
|
pin::Pin,
|
|
|
|
sync::Arc,
|
|
|
|
task::{Context, Poll},
|
|
|
|
};
|
|
|
|
|
|
|
|
use futures::{
|
|
|
|
stream::{FuturesUnordered, StreamExt},
|
|
|
|
FutureExt,
|
|
|
|
};
|
|
|
|
use tower::{Service, ServiceExt};
|
2020-11-19 17:18:50 -08:00
|
|
|
use tracing::Instrument;
|
2020-10-16 12:54:45 -07:00
|
|
|
|
|
|
|
use zebra_chain::{
|
|
|
|
parameters::NetworkUpgrade,
|
|
|
|
transaction::{self, HashType, Transaction},
|
2020-11-20 19:47:30 -08:00
|
|
|
transparent,
|
2020-10-16 12:54:45 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
use zebra_state as zs;
|
|
|
|
|
2020-10-26 23:42:27 -07:00
|
|
|
use crate::{error::TransactionError, script, BoxError};
|
2020-10-16 12:54:45 -07:00
|
|
|
|
2020-10-16 14:40:00 -07:00
|
|
|
mod check;
|
|
|
|
|
2020-10-16 15:53:22 -07:00
|
|
|
/// Asynchronous transaction verification.
|
2020-10-16 15:14:19 -07:00
|
|
|
#[derive(Debug, Clone)]
|
|
|
|
pub struct Verifier<ZS> {
|
2020-10-16 12:54:45 -07:00
|
|
|
script_verifier: script::Verifier<ZS>,
|
|
|
|
// spend_verifier: groth16::Verifier,
|
|
|
|
// output_verifier: groth16::Verifier,
|
|
|
|
// joinsplit_verifier: groth16::Verifier,
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<ZS> Verifier<ZS>
|
|
|
|
where
|
|
|
|
ZS: Service<zs::Request, Response = zs::Response, Error = BoxError> + Send + Clone + 'static,
|
|
|
|
ZS::Future: Send + 'static,
|
|
|
|
{
|
|
|
|
// XXX: how should this struct be constructed?
|
|
|
|
pub fn new(script_verifier: script::Verifier<ZS>) -> Self {
|
|
|
|
Self { script_verifier }
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Specifies whether a transaction should be verified as part of a block or as
|
|
|
|
/// part of the mempool.
|
2020-06-09 04:17:50 -07:00
|
|
|
///
|
2020-10-16 12:54:45 -07:00
|
|
|
/// Transaction verification has slightly different consensus rules, depending on
|
|
|
|
/// whether the transaction is to be included in a block on in the mempool.
|
2020-10-16 21:21:44 -07:00
|
|
|
#[allow(dead_code)]
|
2020-10-16 12:54:45 -07:00
|
|
|
pub enum Request {
|
|
|
|
/// Verify the supplied transaction as part of a block.
|
2020-11-20 19:47:30 -08:00
|
|
|
Block {
|
|
|
|
transaction: Arc<Transaction>,
|
|
|
|
/// Additional UTXOs which are known at the time of verification.
|
2020-11-23 12:02:57 -08:00
|
|
|
known_utxos: Arc<HashMap<transparent::OutPoint, zs::Utxo>>,
|
2020-11-20 19:47:30 -08:00
|
|
|
},
|
2020-10-16 12:54:45 -07:00
|
|
|
/// Verify the supplied transaction as part of the mempool.
|
2020-11-20 19:47:30 -08:00
|
|
|
Mempool {
|
|
|
|
transaction: Arc<Transaction>,
|
|
|
|
/// Additional UTXOs which are known at the time of verification.
|
2020-11-23 12:02:57 -08:00
|
|
|
known_utxos: Arc<HashMap<transparent::OutPoint, zs::Utxo>>,
|
2020-11-20 19:47:30 -08:00
|
|
|
},
|
2020-10-16 12:54:45 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
impl<ZS> Service<Request> for Verifier<ZS>
|
|
|
|
where
|
|
|
|
ZS: Service<zs::Request, Response = zs::Response, Error = BoxError> + Send + Clone + 'static,
|
|
|
|
ZS::Future: Send + 'static,
|
|
|
|
{
|
|
|
|
type Response = transaction::Hash;
|
2020-10-26 23:42:27 -07:00
|
|
|
type Error = TransactionError;
|
2020-10-16 12:54:45 -07:00
|
|
|
type Future =
|
|
|
|
Pin<Box<dyn Future<Output = Result<Self::Response, Self::Error>> + Send + 'static>>;
|
|
|
|
|
|
|
|
fn poll_ready(&mut self, _cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
|
|
|
|
Poll::Ready(Ok(()))
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: break up each chunk into its own method
|
|
|
|
fn call(&mut self, req: Request) -> Self::Future {
|
|
|
|
let is_mempool = match req {
|
2020-11-20 19:47:30 -08:00
|
|
|
Request::Block { .. } => false,
|
|
|
|
Request::Mempool { .. } => true,
|
2020-10-16 12:54:45 -07:00
|
|
|
};
|
|
|
|
if is_mempool {
|
|
|
|
// XXX determine exactly which rules apply to mempool transactions
|
|
|
|
unimplemented!();
|
|
|
|
}
|
|
|
|
|
2020-11-20 19:47:30 -08:00
|
|
|
let (tx, known_utxos) = match req {
|
|
|
|
Request::Block {
|
|
|
|
transaction,
|
|
|
|
known_utxos,
|
|
|
|
} => (transaction, known_utxos),
|
|
|
|
Request::Mempool {
|
|
|
|
transaction,
|
|
|
|
known_utxos,
|
|
|
|
} => (transaction, known_utxos),
|
2020-10-16 12:54:45 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
let mut redjubjub_verifier = crate::primitives::redjubjub::VERIFIER.clone();
|
2020-10-16 15:14:19 -07:00
|
|
|
let mut script_verifier = self.script_verifier.clone();
|
2020-11-20 19:52:44 -08:00
|
|
|
let span = tracing::debug_span!("tx", hash = %tx.hash());
|
2020-10-16 12:54:45 -07:00
|
|
|
async move {
|
2020-11-19 17:18:50 -08:00
|
|
|
tracing::trace!(?tx);
|
2020-10-16 12:54:45 -07:00
|
|
|
match &*tx {
|
|
|
|
Transaction::V1 { .. } | Transaction::V2 { .. } | Transaction::V3 { .. } => {
|
2020-11-19 19:25:25 -08:00
|
|
|
tracing::debug!(?tx, "got transaction with wrong version");
|
2020-10-26 23:42:27 -07:00
|
|
|
Err(TransactionError::WrongVersion)
|
2020-10-16 12:54:45 -07:00
|
|
|
}
|
|
|
|
Transaction::V4 {
|
2020-10-16 15:14:19 -07:00
|
|
|
inputs,
|
2020-10-16 12:54:45 -07:00
|
|
|
// outputs,
|
|
|
|
// lock_time,
|
|
|
|
// expiry_height,
|
|
|
|
value_balance,
|
|
|
|
joinsplit_data,
|
|
|
|
shielded_data,
|
|
|
|
..
|
|
|
|
} => {
|
|
|
|
// A set of asynchronous checks which must all succeed.
|
|
|
|
// We finish by waiting on these below.
|
|
|
|
let mut async_checks = FuturesUnordered::new();
|
|
|
|
|
|
|
|
// Handle transparent inputs and outputs.
|
|
|
|
if tx.is_coinbase() {
|
|
|
|
// do something special for coinbase transactions
|
2020-11-19 19:06:10 -08:00
|
|
|
check::coinbase_tx_no_joinsplit_or_spend(&tx)?;
|
2020-10-16 12:54:45 -07:00
|
|
|
} else {
|
|
|
|
// otherwise, check no coinbase inputs
|
|
|
|
// feed all of the inputs to the script verifier
|
2020-10-16 15:14:19 -07:00
|
|
|
for input_index in 0..inputs.len() {
|
|
|
|
let rsp = script_verifier.ready_and().await?.call(script::Request {
|
2020-11-20 19:47:30 -08:00
|
|
|
known_utxos: known_utxos.clone(),
|
2020-10-16 15:14:19 -07:00
|
|
|
transaction: tx.clone(),
|
|
|
|
input_index,
|
|
|
|
});
|
|
|
|
|
|
|
|
async_checks.push(rsp);
|
|
|
|
}
|
2020-10-16 12:54:45 -07:00
|
|
|
}
|
|
|
|
|
2020-11-19 19:13:52 -08:00
|
|
|
check::has_inputs_and_outputs(&tx)?;
|
2020-10-16 14:40:00 -07:00
|
|
|
|
2020-10-16 12:54:45 -07:00
|
|
|
let sighash = tx.sighash(
|
|
|
|
NetworkUpgrade::Sapling, // TODO: pass this in
|
|
|
|
HashType::ALL, // TODO: check these
|
|
|
|
None, // TODO: check these
|
|
|
|
);
|
|
|
|
|
2020-10-16 14:40:00 -07:00
|
|
|
if let Some(joinsplit_data) = joinsplit_data {
|
2020-10-16 12:54:45 -07:00
|
|
|
// XXX create a method on JoinSplitData
|
|
|
|
// that prepares groth16::Items with the correct proofs
|
|
|
|
// and proof inputs, handling interstitial treestates
|
|
|
|
// correctly.
|
|
|
|
|
|
|
|
// Then, pass those items to self.joinsplit to verify them.
|
|
|
|
|
2020-10-16 14:40:00 -07:00
|
|
|
check::validate_joinsplit_sig(joinsplit_data, sighash.as_bytes())?;
|
2020-10-16 12:54:45 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(shielded_data) = shielded_data {
|
2020-10-16 13:54:14 -07:00
|
|
|
check::shielded_balances_match(&shielded_data, *value_balance)?;
|
2020-10-16 12:54:45 -07:00
|
|
|
for spend in shielded_data.spends() {
|
|
|
|
// TODO: check that spend.cv and spend.rk are NOT of small
|
|
|
|
// order.
|
2020-10-28 08:14:32 -07:00
|
|
|
// https://zips.z.cash/protocol/protocol.pdf#spenddesc
|
2020-10-16 12:54:45 -07:00
|
|
|
|
|
|
|
// Queue the validation of the RedJubjub spend
|
|
|
|
// authorization signature for each Spend
|
|
|
|
// description while adding the resulting future to
|
|
|
|
// our collection of async checks that (at a
|
|
|
|
// minimum) must pass for the transaction to verify.
|
|
|
|
let rsp = redjubjub_verifier
|
|
|
|
.ready_and()
|
|
|
|
.await?
|
|
|
|
.call((spend.rk, spend.spend_auth_sig, &sighash).into());
|
|
|
|
|
|
|
|
async_checks.push(rsp.boxed());
|
|
|
|
|
|
|
|
// TODO: prepare public inputs for spends, then create
|
|
|
|
// a groth16::Item and pass to self.spend
|
|
|
|
|
|
|
|
// Queue the verification of the Groth16 spend proof
|
|
|
|
// for each Spend description while adding the
|
|
|
|
// resulting future to our collection of async
|
|
|
|
// checks that (at a minimum) must pass for the
|
|
|
|
// transaction to verify.
|
|
|
|
}
|
|
|
|
|
|
|
|
shielded_data.outputs().for_each(|_output| {
|
|
|
|
// TODO: check that output.cv and output.epk are NOT of small
|
|
|
|
// order.
|
2020-10-28 08:14:32 -07:00
|
|
|
// https://zips.z.cash/protocol/protocol.pdf#outputdesc
|
2020-10-16 12:54:45 -07:00
|
|
|
|
|
|
|
// TODO: prepare public inputs for outputs, then create
|
|
|
|
// a groth16::Item and pass to self.output
|
|
|
|
|
|
|
|
// Queue the verification of the Groth16 output
|
|
|
|
// proof for each Output description while adding
|
|
|
|
// the resulting future to our collection of async
|
|
|
|
// checks that (at a minimum) must pass for the
|
|
|
|
// transaction to verify.
|
|
|
|
});
|
|
|
|
|
|
|
|
let bvk = shielded_data.binding_verification_key(*value_balance);
|
|
|
|
let rsp = redjubjub_verifier
|
|
|
|
.ready_and()
|
|
|
|
.await?
|
|
|
|
.call((bvk, shielded_data.binding_sig, &sighash).into())
|
|
|
|
.boxed();
|
|
|
|
async_checks.push(rsp);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Finally, wait for all asynchronous checks to complete
|
|
|
|
// successfully, or fail verification if they error.
|
|
|
|
while let Some(check) = async_checks.next().await {
|
2020-11-20 22:48:21 -08:00
|
|
|
tracing::trace!(?check, remaining = async_checks.len());
|
2020-10-16 12:54:45 -07:00
|
|
|
check?;
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(tx.hash())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-11-19 17:18:50 -08:00
|
|
|
.instrument(span)
|
2020-10-16 12:54:45 -07:00
|
|
|
.boxed()
|
|
|
|
}
|
|
|
|
}
|