// Creates n buckets from any resource.
// For confidential this creates 3 new commitments with 10 each (key by vault owner),
// 1 change commitment (internally tracked in vault DOWN->UP) and downs the input commitment(s)
let new_buckets = self.vault.split_by_amount(TARI_RESX, 3, Amount(10));
// Bucket split
// Takes 3x2 from bucket and creates 2 buckets with 3 each.
// equivalent to take(Amount(3)) twice
let buckets = bucket.split(2, Amount(3));
// For confidential, this creates 2 commitments of value 3 with key generated by owner
// and change commitment which is in the original bucket
We need to add an interface for commitment generation that the engine can use, implemented by the key manager
Each of these substates should prove balance is maintained with a range proof and signature, however they are treated as separate substates, so a verifier would need to know about $C_I$, $C_1$, $C_2$ and $C_c$. However $C_1$ could be deposited in vault $V_1$, $C_2$ in vault $V_2$ etc.
For non-confidential, VNs could just agree to inflate. With this in mind, we can draw some parallels to the base layer.
The base layer checks inputs are in the UTXO set, this is analogous to a commitment substate being UP.
The balance proof (kernel sig) proves (w/ bullet proof) that there was no inflation. This must be verified by the validators involved in the transaction who will have access to all commitments involved.
Either, the proof is available but cannot be validated from local information unless we fetch previous commitments (maybe downed so not available?)
or, is not kept at all in the substate because we assume that BFT nodes did the check and agreed. (A UTXO was in a block previously, therefore the kernel sig was validated)
We need to add an interface for commitment generation that the engine can use, implemented by the key manager
Open questions:
e.g $C_I$ is $k_i.G + 100.H$
split(2, Amount(3)) generates $C_1 = k_1.G + 3.H$, $C_2 = k_2.G + 3.H$ and change $C_c = kc.G + 94.H$ with sig $s = r{agg} + e.(k_1 + k_2 + k_c - k_i)$
Each of these substates should prove balance is maintained with a range proof and signature, however they are treated as separate substates, so a verifier would need to know about $C_I$, $C_1$, $C_2$ and $C_c$. However $C_1$ could be deposited in vault $V_1$, $C_2$ in vault $V_2$ etc.
For non-confidential, VNs could just agree to inflate. With this in mind, we can draw some parallels to the base layer.