|
|
package common
import ( "encoding/binary" "errors" "fmt" "math/big" "time"
ethCommon "github.com/ethereum/go-ethereum/common" "github.com/hermeznetwork/tracerr" "github.com/iden3/go-iden3-crypto/babyjub" "github.com/iden3/go-iden3-crypto/poseidon" )
// EmptyBJJComp contains the 32 byte array of a empty BabyJubJub PublicKey
// Compressed. It is a valid point in the BabyJubJub curve, so does not give
// errors when being decompressed.
var EmptyBJJComp = babyjub.PublicKeyComp([32]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0})
// PoolL2Tx is a struct that represents a L2Tx sent by an account to the
// coordinator that is waiting to be forged
type PoolL2Tx struct { // Stored in DB: mandatory fileds
// TxID (12 bytes) for L2Tx is:
// bytes: | 1 | 6 | 5 |
// values: | type | FromIdx | Nonce |
TxID TxID `meddler:"tx_id"` FromIdx Idx `meddler:"from_idx"` ToIdx Idx `meddler:"to_idx,zeroisnull"` // AuxToIdx is only used internally at the StateDB to avoid repeated
// computation when processing transactions (from Synchronizer,
// TxSelector, BatchBuilder)
AuxToIdx Idx `meddler:"-"` ToEthAddr ethCommon.Address `meddler:"to_eth_addr,zeroisnull"` ToBJJ babyjub.PublicKeyComp `meddler:"to_bjj,zeroisnull"` TokenID TokenID `meddler:"token_id"` Amount *big.Int `meddler:"amount,bigint"` Fee FeeSelector `meddler:"fee"` Nonce Nonce `meddler:"nonce"` // effective 40 bits used
State PoolL2TxState `meddler:"state"` // Info contains information about the status & State of the
// transaction. As for example, if the Tx has not been selected in the
// last batch due not enough Balance at the Sender account, this reason
// would appear at this parameter.
Info string `meddler:"info,zeroisnull"` Signature babyjub.SignatureComp `meddler:"signature"` // tx signature
Timestamp time.Time `meddler:"timestamp,utctime"` // time when added to the tx pool
// Stored in DB: optional fileds, may be uninitialized
RqFromIdx Idx `meddler:"rq_from_idx,zeroisnull"` RqToIdx Idx `meddler:"rq_to_idx,zeroisnull"` RqToEthAddr ethCommon.Address `meddler:"rq_to_eth_addr,zeroisnull"` RqToBJJ babyjub.PublicKeyComp `meddler:"rq_to_bjj,zeroisnull"` RqTokenID TokenID `meddler:"rq_token_id,zeroisnull"` RqAmount *big.Int `meddler:"rq_amount,bigintnull"` RqFee FeeSelector `meddler:"rq_fee,zeroisnull"` RqNonce Nonce `meddler:"rq_nonce,zeroisnull"` // effective 48 bits used
AbsoluteFee float64 `meddler:"fee_usd,zeroisnull"` AbsoluteFeeUpdate time.Time `meddler:"usd_update,utctimez"` Type TxType `meddler:"tx_type"` // Extra metadata, may be uninitialized
RqTxCompressedData []byte `meddler:"-"` // 253 bits, optional for atomic txs
}
// NewPoolL2Tx returns the given L2Tx with the TxId & Type parameters calculated
// from the L2Tx values
func NewPoolL2Tx(tx *PoolL2Tx) (*PoolL2Tx, error) { txTypeOld := tx.Type if err := tx.SetType(); err != nil { return nil, tracerr.Wrap(err) } // If original Type doesn't match the correct one, return error
if txTypeOld != "" && txTypeOld != tx.Type { return nil, tracerr.Wrap(fmt.Errorf("L2Tx.Type: %s, should be: %s", txTypeOld, tx.Type)) }
txIDOld := tx.TxID if err := tx.SetID(); err != nil { return nil, tracerr.Wrap(err) } // If original TxID doesn't match the correct one, return error
if txIDOld != (TxID{}) && txIDOld != tx.TxID { return tx, tracerr.Wrap(fmt.Errorf("PoolL2Tx.TxID: %s, should be: %s", txIDOld.String(), tx.TxID.String())) }
return tx, nil }
// SetType sets the type of the transaction
func (tx *PoolL2Tx) SetType() error { if tx.ToIdx >= IdxUserThreshold { tx.Type = TxTypeTransfer } else if tx.ToIdx == 1 { tx.Type = TxTypeExit } else if tx.ToIdx == 0 { if tx.ToBJJ != EmptyBJJComp && tx.ToEthAddr == FFAddr { tx.Type = TxTypeTransferToBJJ } else if tx.ToEthAddr != FFAddr && tx.ToEthAddr != EmptyAddr { tx.Type = TxTypeTransferToEthAddr } } else { return tracerr.Wrap(errors.New("malformed transaction")) } return nil }
// SetID sets the ID of the transaction
func (tx *PoolL2Tx) SetID() error { txID, err := tx.L2Tx().CalculateTxID() if err != nil { return tracerr.Wrap(err) } tx.TxID = txID return nil }
// TxCompressedData spec:
// [ 1 bits ] toBJJSign // 1 byte
// [ 8 bits ] userFee // 1 byte
// [ 40 bits ] nonce // 5 bytes
// [ 32 bits ] tokenID // 4 bytes
// [ 48 bits ] toIdx // 6 bytes
// [ 48 bits ] fromIdx // 6 bytes
// [ 16 bits ] chainId // 2 bytes
// [ 32 bits ] signatureConstant // 4 bytes
// Total bits compressed data: 225 bits // 29 bytes in *big.Int representation
func (tx *PoolL2Tx) TxCompressedData(chainID uint16) (*big.Int, error) { var b [29]byte
toBJJSign := byte(0) pkSign, _ := babyjub.UnpackSignY(tx.ToBJJ) if pkSign { toBJJSign = byte(1) }
b[0] = toBJJSign b[1] = byte(tx.Fee) nonceBytes, err := tx.Nonce.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[2:7], nonceBytes[:]) copy(b[7:11], tx.TokenID.Bytes()) toIdxBytes, err := tx.ToIdx.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[11:17], toIdxBytes[:]) fromIdxBytes, err := tx.FromIdx.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[17:23], fromIdxBytes[:]) binary.BigEndian.PutUint16(b[23:25], chainID) copy(b[25:29], SignatureConstantBytes[:])
bi := new(big.Int).SetBytes(b[:]) return bi, nil }
// TxCompressedDataEmpty calculates the TxCompressedData of an empty
// transaction
func TxCompressedDataEmpty(chainID uint16) *big.Int { var b [29]byte binary.BigEndian.PutUint16(b[23:25], chainID) copy(b[25:29], SignatureConstantBytes[:]) bi := new(big.Int).SetBytes(b[:]) return bi }
// TxCompressedDataV2 spec:
// [ 1 bits ] toBJJSign // 1 byte
// [ 8 bits ] userFee // 1 byte
// [ 40 bits ] nonce // 5 bytes
// [ 32 bits ] tokenID // 4 bytes
// [ 40 bits ] amountFloat40 // 5 bytes
// [ 48 bits ] toIdx // 6 bytes
// [ 48 bits ] fromIdx // 6 bytes
// Total bits compressed data: 217 bits // 28 bytes in *big.Int representation
func (tx *PoolL2Tx) TxCompressedDataV2() (*big.Int, error) { if tx.Amount == nil { tx.Amount = big.NewInt(0) } amountFloat40, err := NewFloat40(tx.Amount) if err != nil { return nil, tracerr.Wrap(err) } amountFloat40Bytes, err := amountFloat40.Bytes() if err != nil { return nil, tracerr.Wrap(err) }
var b [28]byte toBJJSign := byte(0) if tx.ToBJJ != EmptyBJJComp { sign, _ := babyjub.UnpackSignY(tx.ToBJJ) if sign { toBJJSign = byte(1) } } b[0] = toBJJSign b[1] = byte(tx.Fee) nonceBytes, err := tx.Nonce.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[2:7], nonceBytes[:]) copy(b[7:11], tx.TokenID.Bytes()) copy(b[11:16], amountFloat40Bytes) toIdxBytes, err := tx.ToIdx.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[16:22], toIdxBytes[:]) fromIdxBytes, err := tx.FromIdx.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[22:28], fromIdxBytes[:])
bi := new(big.Int).SetBytes(b[:]) return bi, nil }
// RqTxCompressedDataV2 is like the TxCompressedDataV2 but using the 'Rq'
// parameters. In a future iteration of the hermez-node, the 'Rq' parameters
// can be inside a struct, which contains the 'Rq' transaction grouped inside,
// so then computing the 'RqTxCompressedDataV2' would be just calling
// 'tx.Rq.TxCompressedDataV2()'.
// RqTxCompressedDataV2 spec:
// [ 1 bits ] rqToBJJSign // 1 byte
// [ 8 bits ] rqUserFee // 1 byte
// [ 40 bits ] rqNonce // 5 bytes
// [ 32 bits ] rqTokenID // 4 bytes
// [ 40 bits ] rqAmountFloat40 // 5 bytes
// [ 48 bits ] rqToIdx // 6 bytes
// [ 48 bits ] rqFromIdx // 6 bytes
// Total bits compressed data: 217 bits // 28 bytes in *big.Int representation
func (tx *PoolL2Tx) RqTxCompressedDataV2() (*big.Int, error) { if tx.RqAmount == nil { tx.RqAmount = big.NewInt(0) } amountFloat40, err := NewFloat40(tx.RqAmount) if err != nil { return nil, tracerr.Wrap(err) } amountFloat40Bytes, err := amountFloat40.Bytes() if err != nil { return nil, tracerr.Wrap(err) }
var b [28]byte rqToBJJSign := byte(0) if tx.RqToBJJ != EmptyBJJComp { sign, _ := babyjub.UnpackSignY(tx.RqToBJJ) if sign { rqToBJJSign = byte(1) } } b[0] = rqToBJJSign b[1] = byte(tx.RqFee) nonceBytes, err := tx.RqNonce.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[2:7], nonceBytes[:]) copy(b[7:11], tx.RqTokenID.Bytes()) copy(b[11:16], amountFloat40Bytes) toIdxBytes, err := tx.RqToIdx.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[16:22], toIdxBytes[:]) fromIdxBytes, err := tx.RqFromIdx.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(b[22:28], fromIdxBytes[:])
bi := new(big.Int).SetBytes(b[:]) return bi, nil }
// HashToSign returns the computed Poseidon hash from the *PoolL2Tx that will
// be signed by the sender.
func (tx *PoolL2Tx) HashToSign(chainID uint16) (*big.Int, error) { toCompressedData, err := tx.TxCompressedData(chainID) if err != nil { return nil, tracerr.Wrap(err) }
// e1: [5 bytes AmountFloat40 | 20 bytes ToEthAddr]
var e1B [25]byte amountFloat40, err := NewFloat40(tx.Amount) if err != nil { return nil, tracerr.Wrap(err) } amountFloat40Bytes, err := amountFloat40.Bytes() if err != nil { return nil, tracerr.Wrap(err) } copy(e1B[0:5], amountFloat40Bytes) toEthAddr := EthAddrToBigInt(tx.ToEthAddr) copy(e1B[5:25], toEthAddr.Bytes()) e1 := new(big.Int).SetBytes(e1B[:])
rqToEthAddr := EthAddrToBigInt(tx.RqToEthAddr)
_, toBJJY := babyjub.UnpackSignY(tx.ToBJJ)
rqTxCompressedDataV2, err := tx.RqTxCompressedDataV2() if err != nil { return nil, tracerr.Wrap(err) }
_, rqToBJJY := babyjub.UnpackSignY(tx.RqToBJJ)
return poseidon.Hash([]*big.Int{toCompressedData, e1, toBJJY, rqTxCompressedDataV2, rqToEthAddr, rqToBJJY}) }
// VerifySignature returns true if the signature verification is correct for the given PublicKeyComp
func (tx *PoolL2Tx) VerifySignature(chainID uint16, pkComp babyjub.PublicKeyComp) bool { h, err := tx.HashToSign(chainID) if err != nil { return false } s, err := tx.Signature.Decompress() if err != nil { return false } pk, err := pkComp.Decompress() if err != nil { return false } return pk.VerifyPoseidon(h, s) }
// L2Tx returns a *L2Tx from the PoolL2Tx
func (tx PoolL2Tx) L2Tx() L2Tx { var toIdx Idx if tx.ToIdx == Idx(0) { toIdx = tx.AuxToIdx } else { toIdx = tx.ToIdx } return L2Tx{ TxID: tx.TxID, FromIdx: tx.FromIdx, ToIdx: toIdx, TokenID: tx.TokenID, Amount: tx.Amount, Fee: tx.Fee, Nonce: tx.Nonce, Type: tx.Type, } }
// Tx returns a *Tx from the PoolL2Tx
func (tx PoolL2Tx) Tx() Tx { return Tx{ TxID: tx.TxID, FromIdx: tx.FromIdx, ToIdx: tx.ToIdx, Amount: tx.Amount, TokenID: tx.TokenID, Nonce: &tx.Nonce, Fee: &tx.Fee, Type: tx.Type, } }
// PoolL2TxsToL2Txs returns an array of []L2Tx from an array of []PoolL2Tx
func PoolL2TxsToL2Txs(txs []PoolL2Tx) ([]L2Tx, error) { l2Txs := make([]L2Tx, len(txs)) for i, poolTx := range txs { l2Txs[i] = poolTx.L2Tx() } return l2Txs, nil }
// TxIDsFromPoolL2Txs returns an array of TxID from the []PoolL2Tx
func TxIDsFromPoolL2Txs(txs []PoolL2Tx) []TxID { txIDs := make([]TxID, len(txs)) for i, tx := range txs { txIDs[i] = tx.TxID } return txIDs }
// PoolL2TxState is a string that represents the status of a L2 transaction
type PoolL2TxState string
const ( // PoolL2TxStatePending represents a valid L2Tx that hasn't started the
// forging process
PoolL2TxStatePending PoolL2TxState = "pend" // PoolL2TxStateForging represents a valid L2Tx that has started the
// forging process
PoolL2TxStateForging PoolL2TxState = "fing" // PoolL2TxStateForged represents a L2Tx that has already been forged
PoolL2TxStateForged PoolL2TxState = "fged" // PoolL2TxStateInvalid represents a L2Tx that has been invalidated
PoolL2TxStateInvalid PoolL2TxState = "invl" )
|