This PR closes #128, defining a blanket double satisfaction attack. In order to achieve this, I had to change the implementation of the attack language. There should be no changes in the user-facing behaviour of anything that existed previously, though.
All substantial changes stem from the fact that we now have
type Attack = MockChainSt -> TxSkel -> [TxSkel]
with the intended meaning that an attack looks at the current state of the MockChain and the transaction to be validated, returning a (possibly empty) list of modified transactions. This necessary for the double satisfaction attack, because that attack needs to look at the currently available UTxOs belonging to the script we want to attack and then try to reddem each of these, each possibly with a number of different redeemers.
A few remarks:
The Monoid instance for Attack is now such that the f <> g returns all modified transactions obtained by concatMapping f over all transactions returned by g (here is the relevant test case). This is analogous to how LtlAnd is interpreted, and that's my justification for doing it that way.
Given that attacks can return multiple modified transactions and given that we construct them using optics with potentially many foci, the question arises how to combine modified and unmodified foci into one of the returned TxSkels. The function mkSplittingAttack proposes a flexible solution.
I refactored each attack into its own module.
I think that this PR still needs some more explanatory comments and tests, but nonetheless wanted to open the discussion before nailing things down too hard.
This PR closes #128, defining a blanket double satisfaction attack. In order to achieve this, I had to change the implementation of the attack language. There should be no changes in the user-facing behaviour of anything that existed previously, though.
All substantial changes stem from the fact that we now have
with the intended meaning that an attack looks at the current state of the MockChain and the transaction to be validated, returning a (possibly empty) list of modified transactions. This necessary for the double satisfaction attack, because that attack needs to look at the currently available UTxOs belonging to the script we want to attack and then try to reddem each of these, each possibly with a number of different redeemers.
A few remarks:
Monoidinstance forAttackis now such that thef <> greturns all modified transactions obtained byconcatMappingfover all transactions returned byg(here is the relevant test case). This is analogous to howLtlAndis interpreted, and that's my justification for doing it that way.TxSkels. The functionmkSplittingAttackproposes a flexible solution.I think that this PR still needs some more explanatory comments and tests, but nonetheless wanted to open the discussion before nailing things down too hard.