search

keep-starknet-strange / raito

Bitcoin ZK client written in Cairo.
https://raito.wtf
MIT License
40 stars 35 forks source link

[feat] Utreexo: inclusion proof verification #177

Closed m-kus closed 1 month ago

m-kus commented 1 month ago

Context

How can we check that the outpoints we attach to the transaction inputs are legit? They are not part of the encoded transaction hence do not contribute to the merkle root. Currently all validations that use data from the outpoints are underconstrained.

The most straightforward way to address that is to maintain the so-called UTXO set:

But UTXO set can be pretty large and it is very expensive to do that in a Cairo program. Instead we can do the following:

So the workflow would look like the following:

We will use the Utreexo accumulator to implement this scheme.

Task

In this task we are going to implement another primitive required for Utreexo integration: verifying inclusion proof for a particular UTXO.

Implementation hints

You'd need to implement UtreexoAccumulator::verify for UtreexoState.
Utreexo leaves are Poseidon hashes of outpoints.
There will likely to be some common Merkle hashing utils shared with #167

References

m-kus commented 1 month ago

@bloomingpeach wanna give it a try?

ShantelPeters commented 1 month ago

@m-kus can I take this on ?

onlydustapp[bot] commented 1 month ago

Hey @ShantelPeters! Thanks for showing interest. We've created an application for you to contribute to Raito - Bitcoin ZK Client. Go check it out on OnlyDust!

PavitraAgarwal21 commented 1 month ago

Hey @b-j-roberts want to take this up

bloomingpeach commented 1 month ago

yes @m-kus I'd like to work on this issue.

onlydustapp[bot] commented 1 month ago

Hey @bloomingpeach! Thanks for showing interest. We've created an application for you to contribute to Raito - Bitcoin ZK Client. Go check it out on OnlyDust!