Decommit and close with same snapshot

[ch1bo]

What

Ensure this scenario works correctly, such that the on-chain code ensures not more than the still active UTxO is distributed on fanout:

While this could be fixed by clearing the utxoToDecommit + having a new snapshot multi-signed after observing the decrementTx, the goal of this item is to ensure the same snapshot can be used to correctly fan out and any participant is forced to do it correctly.

How

• [ ] Update tests to assert fanned out utxo to not include utxoToDecommit / only the still active utxo
• [ ] Update on-chain code to not allow additional fanout of utxoToDecommit
• [ ] Update off-chain code to handle this correctly (clearing the utxo to decommit) and not try to fan it out

Rough algorithm:

• Add a state reference $\eta_{ref}$ to each snapshot
• Distinguish in close whether the decrement already happened or not using the state reference and close $\eta_\omega$ in closed state or not
• When $\eta_\omega$ is in closed state, the fanout validator ensures it is distributed correctly

[v0d1ch]

To further elaborate, if we want to close/fanout but decommit was already observed then we are closing using different off-chain version and version from the snapshot. In this case we want to verify snapshot signature using $\eta\omega$ from the close redeemer but alter close datum to remove $\eta\omega$ so that fanout is correct.

In the case snapshot version is the same as the off-chain state version then we can verify snapshot signature using $\eta\omega$ from the close datum and fanout $\eta\omega$ accordingly.