Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Locking by spending and creating UTXOs #121

Open
wants to merge 24 commits into
base: main
Choose a base branch
from
Open

Locking by spending and creating UTXOs #121

wants to merge 24 commits into from
+4,527 −3,508

Conversation

jimthematrix
Copy link
Contributor

@jimthematrix jimthematrix commented Jan 14, 2025
edited
Loading

per discussions in #119, re-implementing state locking with the following functions:

  • lock(inputs, outputs, lockedOutputs, delegate) will spend the unlocked inputs and create a combination of unlocked inputs and locked inputs. Locked UTXOs must be spent by submitting the proper proof from the delegate account. The delegate account with be an EOA or a contract
  • delegateLock(utxos, newDelegate) allows the current delegate to move the lock to a new delegate
  • transfer(inputs, outputs, proof) is updated to spend only unlocked UTXOs
  • transferLocked(inputs, outputs, proof) is added to spend locked UTXOs

Note: to allow time to test out the new locking design, and avoid unnecessary re-implementation in the future, we only implement locking for the following token varieties, the remaining token implementations will be enhanced with locking after we have successfully proven the new locking mechanism:

  • Zeto_Anon
  • Zeto_AnonNullifier
  • Zeto_NfAnon
  • Zeto_NfAnonNullifier

@jimthematrix
spend inputs for locking
97f3894 
Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix
Squashed commit of the following:
0e3de1a 
commit 97a67ac88dba76eabb78f844be83a94d147939bf
Author: Jim Zhang <[email protected]>
Date:   Wed Jan 8 16:46:48 2025 -0500

    update locking for nullifier based tokens

    Signed-off-by: Jim Zhang <[email protected]>

commit dc5de95cc538736fbb2d4156ad952f51020a60a2
Author: Jim Zhang <[email protected]>
Date:   Wed Jan 8 16:45:38 2025 -0500

    spend inputs when locking

    Signed-off-by: Jim Zhang <[email protected]>

commit 07b42e72db8c94c81ec87c11c1b419507b858550
Merge: 7751a58 cb39891
Author: Jim Zhang <[email protected]>
Date:   Mon Jan 6 11:18:22 2025 -0500

    Merge branch 'main' into locking

commit 7751a5808ddcbf54db643d9f8c969d86b84677a3
Author: Jim Zhang <[email protected]>
Date:   Sun Jan 5 21:50:45 2025 -0500

    --amend

commit 5d1314b1262531a8cc4af9d084e5016e0984d2a8
Author: Jim Zhang <[email protected]>
Date:   Fri Jan 3 17:17:31 2025 -0500

    enhance locking with outputs

    Signed-off-by: Jim Zhang <[email protected]>

Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix
zeto lock with nullifiers
5a8e9f2 
Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix
remove lock verifiers
ac8c0f9 
Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix
transfer() and transferLocked() with new circuits
4725fba 
Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix jimthematrix marked this pull request as draft January 15, 2025 14:19
awrichar
awrichar reviewed Jan 22, 2025
View reviewed changes
solidity/contracts/lib/zeto_base.sol
) {
revert UTXOAlreadyLocked(sortedInputs[i]);
}
if (
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feels like all these "if" statements could be nested into a big if (inputsLocked) {} else {} block. It's almost entirely different checks for locked inputs vs unlocked ones.

awrichar
awrichar reviewed Jan 22, 2025
View reviewed changes
solidity/contracts/lib/zeto_base.sol Outdated
@@ -118,4 +190,67 @@ abstract contract ZetoBase is IZetoBase, ZetoCommon {
}
emit UTXOMint(utxos, msg.sender, data);
}
// Locks the UTXOs so that they can only be spent by submitting the appropriate
// proof from the Eth account designated as the "delegate". This function
// should be called by escrow contracts that will use uploaded proofs
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small note, but "lock" wouldn't actually be called by the escrow contract - it would have to be called by the account owner establishing the the escrow contract.

awrichar
awrichar reviewed Jan 22, 2025
View reviewed changes
solidity/contracts/lib/zeto_base.sol Outdated
delegates[lockedOutputs[i]] != address(0) &&
delegates[lockedOutputs[i]] != msg.sender
) {
revert UTXOAlreadyLocked(lockedOutputs[i]);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be NotLockDelegate?

awrichar
awrichar reviewed Jan 22, 2025
View reviewed changes
solidity/contracts/lib/zeto_base.sol
) {
revert UTXOAlreadyLocked(lockedOutputs[i]);
}
delegates[lockedOutputs[i]] = delegate;
Copy link
Contributor

@awrichar awrichar Jan 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where do we set _lockedUtxos?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK I see that it's in another method, processInputsAndOutputs. It's slightly confusing that the setup of the locked states is split up. Maybe this method just needs a different name?

awrichar
awrichar reviewed Jan 22, 2025
View reviewed changes
solidity/contracts/lib/zeto_nullifier.sol Outdated
@@ -59,6 +69,8 @@ abstract contract ZetoNullifier is IZetoBase, ZetoCommon {
revert UTXODuplicate(sortedInputs[i]);
}
if (_nullifiers[sortedInputs[i]] == true) {
console.log("nullifier");
console.log(sortedInputs[i]);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should these stay here?

awrichar
awrichar reviewed Jan 22, 2025
View reviewed changes
solidity/contracts/test/escrow2.sol Outdated

/// @title A sample on-chain implementation of an escrow contract using Zeto tokens
/// @author Kaleido, Inc.
/// @dev Implements escrow based payment flows with Zeto_Anon tokens
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is with Zeto_AnonNullifier

@awrichar
Copy link
Contributor

I like the direction here, and I think it makes sense. Since it's in draft state, I've mainly reviewed the documentation and looked through the contracts at a high level. I haven't yet done a detailed review of the contracts and circuits.

@jimthematrix
fix tests
1a5a3a9 
Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix
fix circuit tests
eb8723f 
Signed-off-by: Jim Zhang <[email protected]>
@jimthematrix jimthematrix marked this pull request as ready for review January 22, 2025 02:37
@jimthematrix jimthematrix mentioned this pull request Jan 23, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@awrichar awrichar awrichar left review comments

@Chengxuan Chengxuan Awaiting requested review from Chengxuan

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jimthematrix @awrichar