Spend transaction claims

AaronFeickert commented 10 months ago

This PR is an initial draft of a design for spend transaction claims.

A claim is a proof against an existing spend transaction that asserts the prover knew the spend key used to authorize the transaction. It also binds an arbitrary message into the proof, which can be useful to avoid replay. It has the same structure as a ChaumProof, which is how it is internally represented (but it uses domain separation to ensure it can't be replayed for transaction authorization).

How this should be structured in the codebase is up for debate. Because a claim is structured like a Chaum authorizing proof, it uses the same ChaumProof data structure and serialization. It is generated and verified using the static SpendTransaction::proveClaim and SpendTransaction::verifyClaim functions.

The prover must provide the spend transaction, the (secret) input coin data representing the coins that were consumed in the spend transaction, its full view and spend keys, an arbitrary message, and an identifier that the verifier can use to obtain its own view of the spend transaction.

The verifier must provide the proof, spend transaction, arbitrary message, and identifier. It is very important that the verifier use its own view of the spend transaction! Otherwise, the prover could lie about its contents.

Once the prover produces the ChaumProof data structure representing the claim, it should be sent to the verifier in a serialized package containing:

the ChaumProof
the spend transaction identifier
the arbitrary message

The verifier then uses its view of the ledger to look up the spend transaction using the identifier. It checks that the message is as expected. Then, it verifies the claim by checking the ChaumProof while binding in the identifier and message.

Summary by CodeRabbit

New Features
- Expanded the libspark library to include functionality for creating, proving, and verifying claims in cryptographic protocols.
- Introduced new capabilities in spend transactions to generate and verify claims, enhancing security and control over transaction claims.

AaronFeickert commented 10 months ago

It's likely a better idea to create a ClaimProof class that handles the (de)serialization.

AaronFeickert commented 9 months ago

Added basic tests.

reubenyap commented 8 months ago

@coderabbitai review

coderabbitai[bot] commented 8 months ago

[!IMPORTANT]

Auto Review Skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

The recent updates introduce a new Claim class within the libspark library, enhancing its cryptographic protocol capabilities. This class is pivotal for creating, proving, and verifying claims, particularly in the context of spend transactions. It encapsulates the necessary functionality for handling claims, including challenge generation, claim proof creation, and proof verification. These changes are spread across the Makefile, libspark, and test files, indicating a comprehensive integration of the new claim processing features.

Changes

Files	Change Summaries
`src/Makefile.am`	Added `claim.h` and `claim.cpp` to `libspark` sources.
`src/libspark/claim.cpp`, `claim.h`	Introduced `Claim` class for creating, proving, and verifying claims.
`src/libspark/spend_transaction.cpp`, `spend_transaction.h`	Added `proveClaim` and `verifyClaim` methods to `SpendTransaction` class for claim processing.
`src/libspark/test/spend_transaction_test.cpp`	Enhanced testing for claim generation and verification in spend transactions.
`src/libspark/util.h`	Added `LABEL_TRANSCRIPT_CLAIM` constant.

🐰✨
In the realm of code, where the bits align,
A new class emerges, its design so fine.
With claims to prove, and proofs to verify,
The libspark library, now soaring high.
Through tests and transactions, it weaves its tale,
A cryptographic journey, where none shall fail.
🌟🐾

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger a review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

firoorg / firo