package common
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/binary"
|
|
"fmt"
|
|
"math/big"
|
|
"strconv"
|
|
|
|
ethCommon "github.com/ethereum/go-ethereum/common"
|
|
"github.com/hermeznetwork/tracerr"
|
|
"github.com/iden3/go-iden3-crypto/babyjub"
|
|
"github.com/iden3/go-iden3-crypto/poseidon"
|
|
cryptoUtils "github.com/iden3/go-iden3-crypto/utils"
|
|
)
|
|
|
|
const (
|
|
// NLeafElems is the number of elements for a leaf
|
|
NLeafElems = 4
|
|
// maxNonceValue is the maximum value that the Account.Nonce can have
|
|
// (40 bits: maxNonceValue=2**40-1)
|
|
maxNonceValue = 0xffffffffff
|
|
// maxBalanceBytes is the maximum bytes that can use the
|
|
// Account.Balance *big.Int
|
|
maxBalanceBytes = 24
|
|
|
|
// IdxBytesLen idx bytes
|
|
IdxBytesLen = 6
|
|
// maxIdxValue is the maximum value that Idx can have (48 bits:
|
|
// maxIdxValue=2**48-1)
|
|
maxIdxValue = 0xffffffffffff
|
|
|
|
// UserThreshold determines the threshold from the User Idxs can be
|
|
UserThreshold = 256
|
|
// IdxUserThreshold is a Idx type value that determines the threshold
|
|
// from the User Idxs can be
|
|
IdxUserThreshold = Idx(UserThreshold)
|
|
)
|
|
|
|
var (
|
|
// FFAddr is used to check if an ethereum address is 0xff..ff
|
|
FFAddr = ethCommon.HexToAddress("0xffffffffffffffffffffffffffffffffffffffff")
|
|
// EmptyAddr is used to check if an ethereum address is 0
|
|
EmptyAddr = ethCommon.HexToAddress("0x0000000000000000000000000000000000000000")
|
|
)
|
|
|
|
// Idx represents the account Index in the MerkleTree
|
|
type Idx uint64
|
|
|
|
// String returns a string representation of the Idx
|
|
func (idx Idx) String() string {
|
|
return strconv.Itoa(int(idx))
|
|
}
|
|
|
|
// Bytes returns a byte array representing the Idx
|
|
func (idx Idx) Bytes() ([6]byte, error) {
|
|
if idx > maxIdxValue {
|
|
return [6]byte{}, tracerr.Wrap(ErrIdxOverflow)
|
|
}
|
|
var idxBytes [8]byte
|
|
binary.BigEndian.PutUint64(idxBytes[:], uint64(idx))
|
|
var b [6]byte
|
|
copy(b[:], idxBytes[2:])
|
|
return b, nil
|
|
}
|
|
|
|
// BigInt returns a *big.Int representing the Idx
|
|
func (idx Idx) BigInt() *big.Int {
|
|
return big.NewInt(int64(idx))
|
|
}
|
|
|
|
// IdxFromBytes returns Idx from a byte array
|
|
func IdxFromBytes(b []byte) (Idx, error) {
|
|
if len(b) != IdxBytesLen {
|
|
return 0, tracerr.Wrap(fmt.Errorf("can not parse Idx, bytes len %d, expected %d", len(b), IdxBytesLen))
|
|
}
|
|
var idxBytes [8]byte
|
|
copy(idxBytes[2:], b[:])
|
|
idx := binary.BigEndian.Uint64(idxBytes[:])
|
|
return Idx(idx), nil
|
|
}
|
|
|
|
// IdxFromBigInt converts a *big.Int to Idx type
|
|
func IdxFromBigInt(b *big.Int) (Idx, error) {
|
|
if b.Int64() > maxIdxValue {
|
|
return 0, tracerr.Wrap(ErrNumOverflow)
|
|
}
|
|
return Idx(uint64(b.Int64())), nil
|
|
}
|
|
|
|
// Nonce represents the nonce value in a uint64, which has the method Bytes
|
|
// that returns a byte array of length 5 (40 bits).
|
|
type Nonce uint64
|
|
|
|
// Bytes returns a byte array of length 5 representing the Nonce
|
|
func (n Nonce) Bytes() ([5]byte, error) {
|
|
if n > maxNonceValue {
|
|
return [5]byte{}, tracerr.Wrap(ErrNonceOverflow)
|
|
}
|
|
var nonceBytes [8]byte
|
|
binary.BigEndian.PutUint64(nonceBytes[:], uint64(n))
|
|
var b [5]byte
|
|
copy(b[:], nonceBytes[3:])
|
|
return b, nil
|
|
}
|
|
|
|
// BigInt returns the *big.Int representation of the Nonce value
|
|
func (n Nonce) BigInt() *big.Int {
|
|
return big.NewInt(int64(n))
|
|
}
|
|
|
|
// NonceFromBytes returns Nonce from a [5]byte
|
|
func NonceFromBytes(b [5]byte) Nonce {
|
|
var nonceBytes [8]byte
|
|
copy(nonceBytes[3:], b[:])
|
|
nonce := binary.BigEndian.Uint64(nonceBytes[:])
|
|
return Nonce(nonce)
|
|
}
|
|
|
|
// Account is a struct that gives information of the holdings of an address and
|
|
// a specific token. Is the data structure that generates the Value stored in
|
|
// the leaf of the MerkleTree
|
|
type Account struct {
|
|
Idx Idx `meddler:"idx"`
|
|
TokenID TokenID `meddler:"token_id"`
|
|
BatchNum BatchNum `meddler:"batch_num"`
|
|
BJJ babyjub.PublicKeyComp `meddler:"bjj"`
|
|
EthAddr ethCommon.Address `meddler:"eth_addr"`
|
|
Nonce Nonce `meddler:"-"` // max of 40 bits used
|
|
Balance *big.Int `meddler:"-"` // max of 192 bits used
|
|
}
|
|
|
|
func (a *Account) String() string {
|
|
buf := bytes.NewBufferString("")
|
|
fmt.Fprintf(buf, "Idx: %v, ", a.Idx)
|
|
fmt.Fprintf(buf, "BJJ: %s..., ", a.BJJ.String()[:10])
|
|
fmt.Fprintf(buf, "EthAddr: %s..., ", a.EthAddr.String()[:10])
|
|
fmt.Fprintf(buf, "TokenID: %v, ", a.TokenID)
|
|
fmt.Fprintf(buf, "Nonce: %d, ", a.Nonce)
|
|
fmt.Fprintf(buf, "Balance: %s, ", a.Balance.String())
|
|
fmt.Fprintf(buf, "BatchNum: %v, ", a.BatchNum)
|
|
return buf.String()
|
|
}
|
|
|
|
// Bytes returns the bytes representing the Account, in a way that each BigInt
|
|
// is represented by 32 bytes, in spite of the BigInt could be represented in
|
|
// less bytes (due a small big.Int), so in this way each BigInt is always 32
|
|
// bytes and can be automatically parsed from a byte array.
|
|
func (a *Account) Bytes() ([32 * NLeafElems]byte, error) {
|
|
var b [32 * NLeafElems]byte
|
|
|
|
if a.Nonce > maxNonceValue {
|
|
return b, tracerr.Wrap(fmt.Errorf("%s Nonce", ErrNumOverflow))
|
|
}
|
|
if len(a.Balance.Bytes()) > maxBalanceBytes {
|
|
return b, tracerr.Wrap(fmt.Errorf("%s Balance", ErrNumOverflow))
|
|
}
|
|
|
|
nonceBytes, err := a.Nonce.Bytes()
|
|
if err != nil {
|
|
return b, tracerr.Wrap(err)
|
|
}
|
|
|
|
copy(b[28:32], a.TokenID.Bytes())
|
|
copy(b[23:28], nonceBytes[:])
|
|
|
|
pkSign, pkY := babyjub.UnpackSignY(a.BJJ)
|
|
if pkSign {
|
|
b[22] = 1
|
|
}
|
|
balanceBytes := a.Balance.Bytes()
|
|
copy(b[64-len(balanceBytes):64], balanceBytes)
|
|
ayBytes := pkY.Bytes()
|
|
copy(b[96-len(ayBytes):96], ayBytes)
|
|
copy(b[108:128], a.EthAddr.Bytes())
|
|
|
|
return b, nil
|
|
}
|
|
|
|
// BigInts returns the [5]*big.Int, where each *big.Int is inside the Finite Field
|
|
func (a *Account) BigInts() ([NLeafElems]*big.Int, error) {
|
|
e := [NLeafElems]*big.Int{}
|
|
|
|
b, err := a.Bytes()
|
|
if err != nil {
|
|
return e, tracerr.Wrap(err)
|
|
}
|
|
|
|
e[0] = new(big.Int).SetBytes(b[0:32])
|
|
e[1] = new(big.Int).SetBytes(b[32:64])
|
|
e[2] = new(big.Int).SetBytes(b[64:96])
|
|
e[3] = new(big.Int).SetBytes(b[96:128])
|
|
|
|
return e, nil
|
|
}
|
|
|
|
// HashValue returns the value of the Account, which is the Poseidon hash of its *big.Int representation
|
|
func (a *Account) HashValue() (*big.Int, error) {
|
|
bi, err := a.BigInts()
|
|
if err != nil {
|
|
return nil, tracerr.Wrap(err)
|
|
}
|
|
return poseidon.Hash(bi[:])
|
|
}
|
|
|
|
// AccountFromBigInts returns a Account from a [5]*big.Int
|
|
func AccountFromBigInts(e [NLeafElems]*big.Int) (*Account, error) {
|
|
if !cryptoUtils.CheckBigIntArrayInField(e[:]) {
|
|
return nil, tracerr.Wrap(ErrNotInFF)
|
|
}
|
|
e0B := e[0].Bytes()
|
|
e1B := e[1].Bytes()
|
|
e2B := e[2].Bytes()
|
|
e3B := e[3].Bytes()
|
|
var b [32 * NLeafElems]byte
|
|
copy(b[32-len(e0B):32], e0B)
|
|
copy(b[64-len(e1B):64], e1B)
|
|
copy(b[96-len(e2B):96], e2B)
|
|
copy(b[128-len(e3B):128], e3B)
|
|
|
|
return AccountFromBytes(b)
|
|
}
|
|
|
|
// AccountFromBytes returns a Account from a byte array
|
|
func AccountFromBytes(b [32 * NLeafElems]byte) (*Account, error) {
|
|
tokenID, err := TokenIDFromBytes(b[28:32])
|
|
if err != nil {
|
|
return nil, tracerr.Wrap(err)
|
|
}
|
|
var nonceBytes5 [5]byte
|
|
copy(nonceBytes5[:], b[23:28])
|
|
nonce := NonceFromBytes(nonceBytes5)
|
|
sign := b[22] == 1
|
|
|
|
balance := new(big.Int).SetBytes(b[40:64])
|
|
// Balance is max of 192 bits (24 bytes)
|
|
if !bytes.Equal(b[32:40], []byte{0, 0, 0, 0, 0, 0, 0, 0}) {
|
|
return nil, tracerr.Wrap(fmt.Errorf("%s Balance", ErrNumOverflow))
|
|
}
|
|
ay := new(big.Int).SetBytes(b[64:96])
|
|
publicKeyComp := babyjub.PackSignY(sign, ay)
|
|
ethAddr := ethCommon.BytesToAddress(b[108:128])
|
|
|
|
if !cryptoUtils.CheckBigIntInField(balance) {
|
|
return nil, tracerr.Wrap(ErrNotInFF)
|
|
}
|
|
if !cryptoUtils.CheckBigIntInField(ay) {
|
|
return nil, tracerr.Wrap(ErrNotInFF)
|
|
}
|
|
|
|
a := Account{
|
|
TokenID: TokenID(tokenID),
|
|
Nonce: nonce,
|
|
Balance: balance,
|
|
BJJ: publicKeyComp,
|
|
EthAddr: ethAddr,
|
|
}
|
|
return &a, nil
|
|
}
|
|
|
|
// IdxNonce is a pair of Idx and Nonce representing an account
|
|
type IdxNonce struct {
|
|
Idx Idx `db:"idx"`
|
|
Nonce Nonce `db:"nonce"`
|
|
}
|