From 712f66d3ee091249240e747cd5e42ec0137720d2 Mon Sep 17 00:00:00 2001
From: sowle <crypto.sowle@gmail.com>
Date: Fri, 26 Jul 2024 02:22:21 +0200
Subject: [PATCH] set formal limit on tx input count to 256 (because of the
 asset surjection proof limits)

---
 src/crypto/one_out_of_many_proofs.cpp       | 7 +++++--
 src/currency_core/currency_config.h         | 1 +
 src/currency_core/currency_format_utils.cpp | 3 ++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/crypto/one_out_of_many_proofs.cpp b/src/crypto/one_out_of_many_proofs.cpp
index a30374c1..ab921f44 100644
--- a/src/crypto/one_out_of_many_proofs.cpp
+++ b/src/crypto/one_out_of_many_proofs.cpp
@@ -1,10 +1,11 @@
-// Copyright (c) 2023 Zano Project
-// Copyright (c) 2023 sowle (val@zano.org, crypto.sowle@gmail.com)
+// Copyright (c) 2023-2024 Zano Project
+// Copyright (c) 2023-2024 sowle (val@zano.org, crypto.sowle@gmail.com)
 // Distributed under the MIT/X11 software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 //
 #include "one_out_of_many_proofs.h"
 #include "../currency_core/crypto_config.h"
+#include "../currency_core/currency_config.h" // for static asset checks
 #include "epee/include/misc_log_ex.h"
 
 //DISABLE_GCC_AND_CLANG_WARNING(unused-function)
@@ -22,6 +23,8 @@ namespace crypto
   static const size_t N_max = 256;
   static const size_t mn_max = 16;
 
+  static_assert(CURRENCY_TX_MAX_ALLOWED_INPUTS <= N_max, "CURRENCY_TX_MAX_ALLOWED_INPUTS is inconsistent with one-out-of-many proof limits"); // TODO: consider moving this check out -- sowle
+
   const point_t& get_BGE_generator(size_t index, bool& ok)
   {
     static std::vector<point_t> precalculated_generators;
diff --git a/src/currency_core/currency_config.h b/src/currency_core/currency_config.h
index c7384510..d2bc4fa7 100644
--- a/src/currency_core/currency_config.h
+++ b/src/currency_core/currency_config.h
@@ -19,6 +19,7 @@
                                                         
 #define CURRENCY_MAX_BLOCK_NUMBER                       500000000
 #define CURRENCY_MAX_BLOCK_SIZE                         500000000  // block header blob limit, never used!
+#define CURRENCY_TX_MAX_ALLOWED_INPUTS                  256        // limited primarily by asset surjection proof
 #define CURRENCY_TX_MAX_ALLOWED_OUTS                    2000
 #define CURRENCY_TX_MIN_ALLOWED_OUTS                    2      // effective starting HF4 Zarcanum
 #define CURRENCY_PUBLIC_ADDRESS_BASE58_PREFIX           0xc5   // addresses start with 'Zx'
diff --git a/src/currency_core/currency_format_utils.cpp b/src/currency_core/currency_format_utils.cpp
index afd632d7..2e068644 100644
--- a/src/currency_core/currency_format_utils.cpp
+++ b/src/currency_core/currency_format_utils.cpp
@@ -2374,7 +2374,8 @@ namespace currency
     crypto::secret_key& one_time_tx_secret_key = result.one_time_key;
 
     result.ftp = ftp;
-    CHECK_AND_ASSERT_MES(destinations.size() <= CURRENCY_TX_MAX_ALLOWED_OUTS, false, "Too many outs (" << destinations.size() << ")! Tx can't be constructed.");
+    CHECK_AND_ASSERT_MES(sources.size() <= CURRENCY_TX_MAX_ALLOWED_INPUTS,    false, "Too many inputs: "  << sources.size()      << ", max allowed: " << CURRENCY_TX_MAX_ALLOWED_INPUTS << ". Tx cannot be constructed.");
+    CHECK_AND_ASSERT_MES(destinations.size() <= CURRENCY_TX_MAX_ALLOWED_OUTS, false, "Too many outputs: " << destinations.size() << ", max allowed: " << CURRENCY_TX_MAX_ALLOWED_OUTS   << ". Tx cannot be constructed.");
 
     bool append_mode = false;
     if (flags&TX_FLAG_SIGNATURE_MODE_SEPARATE && tx.vin.size())