triple_masking

* ledger add noah

* components add noah

* fix lint

* update keypair

* fix lint

* remove is_address_fra

* fix xfrboxy

* signature.verify

* update enable_triple_masking_height to
enable_ed25519_triple_masking_height

* fix OwnerMemo

* fix test

* update noah version

* fix anon transfer batch

---------

Co-authored-by: shaorongqiang <[email protected]>

triple_masking dependencies to develop (#926)

* dependencies to develop

* update wasm-bindgen

* remove noah

* strike build_record_and_get_blinds

---------

Co-authored-by: shaorongqiang <[email protected]>
Co-authored-by: weikengchen <[email protected]>

Renew #935 for merging develop with main. (#937)

* fix

* Upgrade noah to v0.4.6

* update

---------

Co-authored-by: weikeng <[email protected]>
Co-authored-by: Sun <[email protected]>
Co-authored-by: weikengchen <[email protected]>

Add noah init wasm (#941)

Fix abar_to_ar params (#950)

Let the Anemoi precompile use the platform-lib-noah library (#963)

fix build (#977)

Co-authored-by: Weikeng Chen <[email protected]>

Improve Noah secp support (#981)

* Improve Noah secp support

* update deps

* update platform-lib-utils for testing

* public key to bytes in data_model

* fix

* fix

* Avoid lint bug

* fix EVM XfrPublicKey deserialization

* edit the dependency

* fix error handling

---------

Co-authored-by: weikengchen <[email protected]>

EIP 1962 is undecided (#984)

Use BN254 Anemoi for asset ID mapping (#985)

* Improve Noah secp support

* update deps

* update platform-lib-utils for testing

* public key to bytes in data_model

* fix

* fix

* Avoid lint bug

* fix EVM XfrPublicKey deserialization

* edit the dependency

* fix error handling

* update the asset code

* fix

---------

Co-authored-by: Harshad Patil <[email protected]>

add validator_whitelist v1 (#972)

* fix timeout and checkpoint

* add validator_whitelist v1

* add validator_whitelist

add validator_whitelist_v2 (#976)

* add validator_whitelist_v2

* update timeout_commit 10s

* update validator_whitelist

* bug fix

* fix build

validator whitelist v3 (#980)

downgrade ctrlc (#973)

update timeout_propose 3s (#974)

update timeout_commit 10s (#975)

Fix Fn_Check Bug (#970)

android add execption (#979)

validator whitelist v3 (#980)

pr

Adding checkpoint condition to AnemoiJive381 upgrade

only use deprecated AnemoiJive381 for old precompiled contract

query server API to get derived asset code

fix build

remo0ve unneeded sign in tx build

fix Lint

fmt

fix build

CLI test file

test

disable eth address transfer from EVM

fix build

enable eth-address in CLI

fix lint

update lib-noah branch

update demo tests for triple masking

fix CLI eth-address

removed unrelated code changes

remove some unrelated code

review ledger package

fix wallet_mobile build

remove unneccesary refactoring

fix some refactoring

synced changes from platform-lib-noah

removed testing scripts

fmt & lint

fix import statements

remove unneeded refactoring

fix conflicts

Author: harshadptl

Cargo.toml

@@ -37,22 +37,34 @@ members = [
 ]
 
 [profile.dev]
-incremental = false
+opt-level = 3
+lto = "thin"
+incremental = true
+debug-assertions = true
+debug = true
+panic = 'abort'
 overflow-checks = true
 
 [profile.release]
+opt-level = 3
+lto = "thin"
 incremental = false
 overflow-checks = true
+panic = 'abort'
 
 [profile.bench]
+opt-level = 3
+debug = false
+rpath = false
+lto = "thin"
 codegen-units = 1
+incremental = true
+debug-assertions = false
 overflow-checks = false
 
-[profile.dev.package.curve25519-dalek]
-opt-level = 1
-overflow-checks = false
-
-[patch.crates-io]
-ed25519-dalek = { git = "https://github.com/FindoraNetwork/ed25519-dalek", rev = "ad461f" }
-curve25519-dalek = { git = "https://github.com/FindoraNetwork/curve25519-dalek", rev = "a2df65" }
-x25519-dalek = { git = "https://github.com/FindoraNetwork/x25519-dalek", rev = "53bb1a" }
+[profile.test]
+opt-level = 2
+lto = "off"
+incremental = true
+debug-assertions = true
+debug = true

src/components/abciapp/src/abci/mod.rs

@@ -12,6 +12,7 @@ use {
     crate::api::{
         query_server::query_api, submission_server::submission_api::SubmissionApi,
     },
+    baseapp::tm_events::init_url,
     config::abci::{global_cfg::CFG, ABCIConfig},
     futures::executor::ThreadPool,
     lazy_static::lazy_static,
@@ -94,7 +95,7 @@ pub fn run() -> Result<()> {
             "http://{}:{}",
             config.tendermint_host, config.tendermint_port
         );
-
+        pnk!(init_url(tendermint_rpc.as_str()));
         // keep them running in the background,
         // avoid being dropped by the jsonrpc crate.
         mem::forget(fc_rpc::start_web3_service(

src/components/abciapp/src/abci/server/callback/mod.rs

@@ -2,13 +2,6 @@
 //! # Impl function of tendermint ABCI
 //!
 
-use globutils::wallet;
-use ledger::{
-    data_model::ASSET_TYPE_FRA,
-    staking::{FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST},
-};
-use zei::noah_api::xfr::asset_record::AssetRecordType;
-
 mod utils;
 
 use {
@@ -32,11 +25,15 @@ use {
         STATE_UPDATE_LIST, TXS, WEB3_SERVICE_START_HEIGHT,
     },
     fp_storage::hash::{Sha256, StorageHasher},
+    globutils::wallet,
     lazy_static::lazy_static,
     ledger::{
         converter::is_convert_account,
-        data_model::Operation,
-        staking::{evm::EVM_STAKING, KEEP_HIST, VALIDATOR_UPDATE_BLOCK_ITV},
+        data_model::{Operation, Transaction, ASSET_TYPE_FRA},
+        staking::{
+            evm::EVM_STAKING, FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST, KEEP_HIST,
+            VALIDATOR_UPDATE_BLOCK_ITV,
+        },
         store::{
             api_cache,
             fbnc::{new_mapx, Mapx},
@@ -56,6 +53,7 @@ use {
         },
     },
     tracing::{error, info},
+    zei::noah_api::xfr::asset_record::AssetRecordType,
 };
 
 pub(crate) static TENDERMINT_BLOCK_HEIGHT: AtomicI64 = AtomicI64::new(0);
@@ -100,9 +98,15 @@ pub fn info(s: &mut ABCISubmissionServer, req: &RequestInfo) -> ResponseInfo {
             && h < CFG.checkpoint.enable_frc20_height
         {
             resp.set_last_block_app_hash(la_hash);
-        } else {
+        } else if h < CFG.checkpoint.enable_ed25519_triple_masking_height {
             let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
             resp.set_last_block_app_hash(app_hash("info", h, la_hash, cs_hash));
+        } else {
+            let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
+            let tm_hash = state.get_anon_state_commitment().0;
+            resp.set_last_block_app_hash(app_hash_v2(
+                "info", h, la_hash, cs_hash, tm_hash,
+            ));
         }
     }
 
@@ -140,6 +144,18 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
         TxCatalog::FindoraTx => {
             if matches!(req.field_type, CheckTxType::New) {
                 if let Ok(tx) = convert_tx(req.get_tx()) {
+                    for op in tx.body.operations.iter() {
+                        if let Operation::TransferAnonAsset(op) = op {
+                            let mut inputs = op.note.body.inputs.clone();
+                            inputs.sort();
+                            inputs.dedup();
+                            if inputs.len() != op.note.body.inputs.len() {
+                                resp.log = "anon Transfer input error".to_owned();
+                                resp.code = 1;
+                                return resp;
+                            }
+                        }
+                    }
                     if td_height > CFG.checkpoint.check_signatures_num {
                         for op in tx.body.operations.iter() {
                             if let Operation::TransferAsset(op) = op {
@@ -171,6 +187,12 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
                     } else if TX_HISTORY.read().contains_key(&tx.hash_tm_rawbytes()) {
                         resp.log = "Historical transaction".to_owned();
                         resp.code = 1;
+                    } else if is_tm_transaction(&tx)
+                        && td_height
+                            < CFG.checkpoint.enable_ed25519_triple_masking_height
+                    {
+                        resp.code = 1;
+                        resp.log = "Triple Masking is disabled".to_owned();
                     }
                 } else {
                     resp.log = "Invalid format".to_owned();
@@ -272,6 +294,18 @@ pub fn deliver_tx(
     match tx_catalog {
         TxCatalog::FindoraTx => {
             if let Ok(tx) = convert_tx(req.get_tx()) {
+                for op in tx.body.operations.iter() {
+                    if let Operation::TransferAnonAsset(op) = op {
+                        let mut inputs = op.note.body.inputs.clone();
+                        inputs.sort();
+                        inputs.dedup();
+                        if inputs.len() != op.note.body.inputs.len() {
+                            resp.log = "anon Transfer input error".to_owned();
+                            resp.code = 1;
+                            return resp;
+                        }
+                    }
+                }
                 if td_height > CFG.checkpoint.check_signatures_num {
                     for op in tx.body.operations.iter() {
                         if let Operation::TransferAsset(op) = op {
@@ -336,7 +370,7 @@ pub fn deliver_tx(
                         if let Err(err) =
                             s.account_base_app.write().deliver_findora_tx(&tx, &hash.0)
                         {
-                            info!(target: "abciapp", "deliver convert account tx failed: {err:?}");
+                            error!(target: "abciapp", "deliver convert account tx failed: {err:?}");
 
                             resp.code = 1;
                             resp.log =
@@ -375,6 +409,17 @@ pub fn deliver_tx(
                             .db
                             .write()
                             .discard_session();
+                    } else if is_tm_transaction(&tx)
+                        && td_height
+                            < CFG.checkpoint.enable_ed25519_triple_masking_height
+                    {
+                        info!(target: "abciapp",
+                            "Triple Masking transaction(FindoraTx) detected at early height {}: {:?}",
+                            td_height, tx
+                        );
+                        resp.code = 2;
+                        resp.log = "Triple Masking is disabled".to_owned();
+                        return resp;
                     } else if CFG.checkpoint.utxo_checktx_height < td_height {
                         match tx.check_tx() {
                             Ok(_) => {
@@ -597,8 +642,11 @@ pub fn commit(s: &mut ABCISubmissionServer, req: &RequestCommit) -> ResponseComm
         && td_height < CFG.checkpoint.enable_frc20_height
     {
         r.set_data(la_hash);
-    } else {
+    } else if td_height < CFG.checkpoint.enable_ed25519_triple_masking_height {
         r.set_data(app_hash("commit", td_height, la_hash, cs_hash));
+    } else {
+        let tm_hash = state.get_anon_state_commitment().0;
+        r.set_data(app_hash_v2("commit", td_height, la_hash, cs_hash, tm_hash));
     }
 
     IN_SAFE_ITV.store(false, Ordering::Release);
@@ -728,3 +776,45 @@ fn app_hash(
         la_hash
     }
 }
+
+/// Combines ledger state hash and EVM chain state hash
+/// and print app hashes for debugging
+fn app_hash_v2(
+    when: &str,
+    height: i64,
+    mut la_hash: Vec<u8>,
+    mut cs_hash: Vec<u8>,
+    mut tm_hash: Vec<u8>,
+) -> Vec<u8> {
+    info!(target: "abciapp",
+        "app_hash_{}: {}_{}_{}, height: {}",
+        when,
+        hex::encode(la_hash.clone()),
+        hex::encode(cs_hash.clone()),
+        hex::encode(tm_hash.clone()),
+        height
+    );
+
+    // append ONLY non-empty EVM chain state hash
+    if !tm_hash.is_empty() || !cs_hash.is_empty() {
+        la_hash.append(&mut cs_hash);
+        la_hash.append(&mut tm_hash);
+
+        Sha256::hash(la_hash.as_slice()).to_vec()
+    } else {
+        la_hash
+    }
+}
+
+fn is_tm_transaction(tx: &Transaction) -> bool {
+    tx.body
+        .operations
+        .iter()
+        .try_for_each(|op| match op {
+            Operation::BarToAbar(_a) => None,
+            Operation::AbarToBar(_a) => None,
+            Operation::TransferAnonAsset(_a) => None,
+            _ => Some(()),
+        })
+        .is_none()
+}

src/components/abciapp/src/abci/server/callback/utils.rs

@@ -39,8 +39,13 @@ pub fn gen_tendermint_attr(tx: &Transaction) -> RepeatedField<Event> {
     res.push(ev);
 
     let (from, to) = gen_tendermint_attr_addr(tx);
+    let (nullifiers, commitments) = gen_tendermint_attr_anon(tx);
 
-    if !from.is_empty() || !to.is_empty() {
+    if !from.is_empty()
+        || !to.is_empty()
+        || !nullifiers.is_empty()
+        || !commitments.is_empty()
+    {
         let mut ev = Event::new();
         ev.set_field_type("addr".to_owned());
 
@@ -76,6 +81,8 @@ pub fn gen_tendermint_attr(tx: &Transaction) -> RepeatedField<Event> {
 
         index_addr!(from, "addr.from");
         index_addr!(to, "addr.to");
+        index_addr!(nullifiers, "nullifier.used");
+        index_addr!(commitments, "commitment.created");
     }
 
     RepeatedField::from_vec(res)
@@ -126,6 +133,59 @@ fn gen_tendermint_attr_addr(tx: &Transaction) -> (Vec<TagAttr>, Vec<TagAttr>) {
                 Operation::UpdateMemo(d) => {
                     append_attr!(d);
                 }
+                Operation::BarToAbar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr = globutils::wallet::public_key_to_bech32(
+                        &d.input_record().public_key,
+                    );
+                    base.0.push(attr);
+                }
+                Operation::AbarToBar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr = globutils::wallet::public_key_to_bech32(
+                        &d.note.get_public_key(),
+                    );
+                    base.1.push(attr);
+                }
+                _ => {}
+            }
+
+            base
+        })
+}
+
+fn gen_tendermint_attr_anon(tx: &Transaction) -> (Vec<TagAttr>, Vec<TagAttr>) {
+    tx.body
+        .operations
+        .iter()
+        .fold((vec![], vec![]), |mut base, op| {
+            match op {
+                Operation::BarToAbar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr = globutils::wallet::commitment_to_base58(
+                        &d.output_record().commitment,
+                    );
+                    base.1.push(attr);
+                }
+                Operation::AbarToBar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr =
+                        globutils::wallet::nullifier_to_base58(&d.note.get_input());
+                    base.0.push(attr);
+                }
+                Operation::TransferAnonAsset(d) => {
+                    for ix in &d.note.body.inputs {
+                        let mut attr = TagAttr::default();
+                        attr.addr = globutils::wallet::nullifier_to_base58(ix);
+                        base.0.push(attr);
+                    }
+                    for ox in &d.note.body.outputs {
+                        let mut attr = TagAttr::default();
+                        attr.addr =
+                            globutils::wallet::commitment_to_base58(&ox.commitment);
+                        base.1.push(attr);
+                    }
+                }
                 _ => {}
             }
 

src/components/abciapp/src/abci/staking/test.rs

@@ -19,7 +19,7 @@ use {
             asset_record::{open_blind_asset_record, AssetRecordType},
             structs::{AssetRecordTemplate, XfrAmount},
         },
-        {XfrKeyPair, XfrPublicKey},
+        XfrKeyPair, XfrPublicKey,
     },
 };
 
@@ -126,12 +126,12 @@ fn gen_transfer_tx(
             &owner_memo.map(|o| o.into_noah()),
             &owner_kp.into_noah(),
         )
-            .c(d!())
-            .and_then(|ob| {
-                trans_builder
-                    .add_input(TxoRef::Absolute(sid), ob, None, None, i_am)
-                    .c(d!())
-            })?;
+        .c(d!())
+        .and_then(|ob| {
+            trans_builder
+                .add_input(TxoRef::Absolute(sid), ob, None, None, i_am)
+                .c(d!())
+        })?;
 
         alt!(0 == am, break);
     }
@@ -166,5 +166,5 @@ fn gen_transfer_tx(
         .c(d!())?;
 
     tx_builder.add_operation(op);
-    Ok(tx_builder.take_transaction())
+    tx_builder.build_and_take_transaction()
 }