core/go-blockchain
8
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions 2
go-blockchain/chain/ring.go

118 lines
4.3 KiB
Go
Raw Permalink Normal View History

feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
// Copyright (c) 2017-2026 Lethean (https://lt.hn)
//
// Licensed under the European Union Public Licence (EUPL) version 1.2.
// SPDX-License-Identifier: EUPL-1.2
package chain
import (
"fmt"
refactor: migrate module path to dappco.re/go/core/blockchain Update go.mod module line, all require/replace directives, and every .go import path from forge.lthn.ai/core/go-blockchain to dappco.re/go/core/blockchain. Add replace directives to bridge dappco.re paths to existing forge.lthn.ai registry during migration. Update CLAUDE.md, README, and docs to reflect the new module path. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-22 01:49:26 +00:00
coreerr "dappco.re/go/core/log"
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
refactor: migrate module path to dappco.re/go/core/blockchain Update go.mod module line, all require/replace directives, and every .go import path from forge.lthn.ai/core/go-blockchain to dappco.re/go/core/blockchain. Add replace directives to bridge dappco.re paths to existing forge.lthn.ai registry during migration. Update CLAUDE.md, README, and docs to reflect the new module path. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-22 01:49:26 +00:00
"dappco.re/go/core/blockchain/consensus"
"dappco.re/go/core/blockchain/types"
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
)
// GetRingOutputs fetches the public keys for the given global output indices
feat(chain): select HTLC ring keys by expiry Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 19:11:37 +00:00
// at the specified spending height and amount. This implements the
// consensus.RingOutputsFn signature for use during signature verification.
refactor(types,consensus,chain): apply AX design principles across public API Migrate types/asset.go from fmt.Errorf to coreerr.E() for consistency with the rest of the types package. Add usage-example comments (AX-2) to all key exported functions in consensus/, chain/, and types/ so agents can see concrete calling patterns without reading implementation details. Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-05 07:36:31 +01:00
//
// keys, err := blockchain.GetRingOutputs(blockHeight, inputAmount, []uint64{0, 5, 12, 30})
feat(chain): select HTLC ring keys by expiry Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 19:11:37 +00:00
func (c *Chain) GetRingOutputs(height, amount uint64, offsets []uint64) ([]types.PublicKey, error) {
refactor(ax): clarify ring and wallet names Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:36:16 +00:00
publicKeys := make([]types.PublicKey, len(offsets))
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
for i, gidx := range offsets {
txHash, outNo, err := c.GetOutput(amount, gidx)
if err != nil {
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetRingOutputs", fmt.Sprintf("ring output %d (amount=%d, gidx=%d)", i, amount, gidx), err)
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
}
tx, _, err := c.GetTransaction(txHash)
if err != nil {
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetRingOutputs", fmt.Sprintf("ring output %d: tx %s", i, txHash), err)
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
}
if int(outNo) >= len(tx.Vout) {
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetRingOutputs", fmt.Sprintf("ring output %d: tx %s has %d outputs, want index %d", i, txHash, len(tx.Vout), outNo), nil)
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
}
switch out := tx.Vout[outNo].(type) {
case types.TxOutputBare:
refactor(ax): clarify ring and wallet names Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:36:16 +00:00
spendKey, err := ringOutputSpendKey(height, out.Target)
feat(chain): support multisig and HTLC ring outputs Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 18:52:40 +00:00
if err != nil {
return nil, coreerr.E("Chain.GetRingOutputs", fmt.Sprintf("ring output %d: %v", i, err), nil)
refactor(types): change TxOutputBare.Target to TxOutTarget interface Prepares for HF1 output target types (TxOutMultisig, TxOutHTLC). All call sites updated to type-assert TxOutToKey where needed. Modified files: - types/transaction.go: TxOutputBare.Target is now TxOutTarget - wire/transaction.go: encode/decode use type switch on target - chain/ring.go: type-assert target to TxOutToKey for key extraction - wallet/scanner.go: type-assert target before key comparison - tui/explorer_model.go: type-assert target for display - wire/transaction_test.go: type-assert in assertions - wallet/builder_test.go: type-assert in assertions Co-Authored-By: Charon <charon@lethean.io>
2026-03-16 20:23:27 +00:00
}
refactor(ax): clarify ring and wallet names Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:36:16 +00:00
publicKeys[i] = spendKey
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
default:
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetRingOutputs", fmt.Sprintf("ring output %d: unsupported output type %T", i, out), nil)
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
}
}
refactor(ax): clarify ring and wallet names Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:36:16 +00:00
return publicKeys, nil
feat(chain): add GetRingOutputs callback for signature verification Implements consensus.RingOutputsFn by looking up output public keys from the chain's global output index and transaction store. Wired into the sync loop so VerifySignatures=true uses real crypto verification. Co-Authored-By: Charon <charon@lethean.io>
2026-02-21 20:28:54 +00:00
}
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
refactor(ax): clarify ring and wallet names Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:36:16 +00:00
// ringOutputSpendKey extracts the spend key for a transparent output target.
feat(chain): support multisig and HTLC ring outputs Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 18:52:40 +00:00
//
feat(chain): select HTLC ring keys by expiry Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 19:11:37 +00:00
// TxOutMultisig does not carry enough context here to select the exact spend
// path, so we return the first listed key as a deterministic fallback.
// TxOutHTLC selects redeem vs refund based on whether the spending height is
test(chain): pin HTLC expiration boundary Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 21:30:53 +00:00
// before or after the contract expiration. The refund path only opens after
// the expiration height has passed.
refactor(ax): clarify ring and wallet names Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:36:16 +00:00
func ringOutputSpendKey(height uint64, target types.TxOutTarget) (types.PublicKey, error) {
refactor(types): centralise transparent spend-key lookup Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 22:00:07 +00:00
if key, ok := (types.TxOutputBare{Target: target}).SpendKey(); ok {
return key, nil
refactor(types): centralise to-key target extraction Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 20:50:54 +00:00
}
switch t := target.(type) {
feat(chain): support multisig and HTLC ring outputs Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 18:52:40 +00:00
case types.TxOutMultisig:
if len(t.Keys) == 0 {
fix(crypto): restore vendored boost compat Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-04 21:56:32 +00:00
return types.PublicKey{}, coreerr.E("ringOutputSpendKey", "multisig target has no keys", nil)
feat(chain): support multisig and HTLC ring outputs Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 18:52:40 +00:00
}
return t.Keys[0], nil
case types.TxOutHTLC:
feat(chain): select HTLC ring keys by expiry Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 19:11:37 +00:00
if height > t.Expiration {
return t.PKRefund, nil
}
feat(chain): support multisig and HTLC ring outputs Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 18:52:40 +00:00
return t.PKRedeem, nil
default:
fix(crypto): restore vendored boost compat Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-04 21:56:32 +00:00
return types.PublicKey{}, coreerr.E("ringOutputSpendKey", fmt.Sprintf("unsupported target type %T", target), nil)
feat(chain): support multisig and HTLC ring outputs Co-Authored-By: Charon <charon@lethean.io>
2026-04-04 18:52:40 +00:00
}
}
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
// GetZCRingOutputs fetches ZC ring members (stealth address, amount commitment,
// blinded asset ID) for the given global output indices. This implements the
// consensus.ZCRingOutputsFn signature for post-HF4 CLSAG GGX verification.
//
// ZC outputs are indexed at amount=0 (confidential amounts).
refactor(types,consensus,chain): apply AX design principles across public API Migrate types/asset.go from fmt.Errorf to coreerr.E() for consistency with the rest of the types package. Add usage-example comments (AX-2) to all key exported functions in consensus/, chain/, and types/ so agents can see concrete calling patterns without reading implementation details. Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-05 07:36:31 +01:00
//
// members, err := blockchain.GetZCRingOutputs([]uint64{100, 200, 300})
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
func (c *Chain) GetZCRingOutputs(offsets []uint64) ([]consensus.ZCRingMember, error) {
members := make([]consensus.ZCRingMember, len(offsets))
for i, gidx := range offsets {
txHash, outNo, err := c.GetOutput(0, gidx)
if err != nil {
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetZCRingOutputs", fmt.Sprintf("ZC ring output %d (gidx=%d)", i, gidx), err)
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
}
tx, _, err := c.GetTransaction(txHash)
if err != nil {
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetZCRingOutputs", fmt.Sprintf("ZC ring output %d: tx %s", i, txHash), err)
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
}
if int(outNo) >= len(tx.Vout) {
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetZCRingOutputs", fmt.Sprintf("ZC ring output %d: tx %s has %d outputs, want index %d", i, txHash, len(tx.Vout), outNo), nil)
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
}
switch out := tx.Vout[outNo].(type) {
case types.TxOutputZarcanum:
members[i] = consensus.ZCRingMember{
StealthAddress: [32]byte(out.StealthAddress),
AmountCommitment: [32]byte(out.AmountCommitment),
BlindedAssetID: [32]byte(out.BlindedAssetID),
}
default:
refactor: replace fmt.Errorf/os.* with go-io/go-log conventions Replace all fmt.Errorf and errors.New in production code with coreerr.E("Caller.Method", "message", err) from go-log. Replace os.MkdirAll with coreio.Local.EnsureDir from go-io. Sentinel errors (consensus/errors.go, wire/varint.go) intentionally kept as errors.New for errors.Is compatibility. 270 error call sites converted across 38 files. Test files untouched. crypto/ directory (CGO) untouched. Co-Authored-By: Virgil <virgil@lethean.io>
2026-03-16 21:16:34 +00:00
return nil, coreerr.E("Chain.GetZCRingOutputs", fmt.Sprintf("ZC ring output %d: expected TxOutputZarcanum, got %T", i, out), nil)
feat(consensus): V2 Zarcanum signature and proof verification Add full V2 transaction verification pipeline: parse SignaturesRaw variant vector into structured ZC signature data, verify CLSAG GGX ring signatures per ZC input, verify BPP range proofs, and verify BGE asset surjection proofs with correct ring construction (mul8 point arithmetic). Fix three wire format bugs that caused V2 parsing failures: - RefTypeGlobalIndex (tag 0x1A) uses 8-byte LE, not varint - Raw uint64_t variant (tagUint64) uses 8-byte LE, not varint - zarcanum_tx_data_v1 fee uses FIELD() → 8-byte LE, not VARINT_FIELD() Add cn_point_sub to C++ bridge and Go wrapper for BGE ring construction. Add GetZCRingOutputs to chain for fetching ZC ring member data. Co-Authored-By: Charon <charon@lethean.io>
2026-02-22 00:06:10 +00:00
}
}
return members, nil
}
Reference in a new issue Copy permalink