-
Notifications
You must be signed in to change notification settings - Fork 117
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add multiverse RPC proof courier #473
Conversation
9d2cd98
to
e5ef9bd
Compare
d4462b5
to
6590830
Compare
The integration test changes reveal that the proof insertion into the new universe RPC courier is failing. I think it would still be worth getting a first review on this PR given the team's schedule. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks very good! I dig how small the diff turned out to be in the end 🎉
15d2cfe
to
ab506bb
Compare
Should still be ready for review. Merge is waiting for rebase on #484 to double check that the itest still pass. |
I think this is failing during proof verification. The proof courier's VM is trying to verify that the asset associated with the proof was correctly split from its input asset. But I don't think that the input asset snapshot is available in the proof. In a separate part of the codebase we perform proof verification on a complete proof file. And in this way we have the previous asset snapshot at any given transition proof. See https://github.com/ffranr/taproot-assets/blob/main/proof/verifier.go#L433-L450 When inserting a proof into the universe RPC courier we insert every proof in turn starting at the issuance proof. So we could reform the proof file before verification. But this strategy would entail reforming the proof file every time a transition proof is inserted into the courier. @guggero any thoughts on this? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Took another look, looking really good. The issue with the empty PrevID
is the split commitment as suspected. Should be very easy to fix.
fc55f2c
to
ee04e76
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work! Gotta love it when a design plan comes together neatly 😎
Main thing that popped out is to ensure that we're handling cases of merged inputs for an asset properly.
// PrevOut is the previous on-chain outpoint of the asset. | ||
// PrevOut is the previous on-chain outpoint of the asset. This outpoint | ||
// is that of the first on-chain input. Outpoints which correspond to | ||
// the other inputs can be found in AdditionalInputs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure this is a clarification: this is the outpoint where the asset currently resides (or previously).
taproot-assets/proof/verifier.go
Lines 310 to 313 in f37f45f
} | |
if !txSpendsPrevOut(&p.AnchorTx, &p.PrevOut) { | |
return nil, commitment.ErrInvalidTaprootProof // TODO | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The existence of PrevOut
as a field was/is confusing to me. Because in the context of a multi input spend (merge) we seem to make an arbitrary choice of "the asset" that we're spending, is that correct?
this is the outpoint where the asset currently resides (or previously).
In the context of a multi input spend, what do you mean by "the asset" here?
It's this confusion/uncertainty that motivated me to add more to the comment to make sure I understand what's going on. I think by "the asset" we mean the first input, and that's what I've tried to capture in the comment.
return nil, err | ||
} | ||
|
||
revProofs = append(revProofs, transitionProof) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Re this and above, what about the additional inputs? So the case where you have an asset, but it was created by merging 3 change UTXOs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Each individual (transition) Proof
contains a field called AdditionalInputs []File
. The entire proof file for each additional inputs is included in that field. At least, that's my current understanding after speaking with Oli.
We noticed that this is a memory inefficiency within the universe tree (on the courier server side). Each leaf of the universe tree contains a proof and each one of those proofs may contain entire proof files for additional inputs. Those proof files may already exist in the universe as other leaves.
However, from a tapd peer sending/receiving perspective, this setup makes things simpler. I'll add an issue to talk about the potential optimisation here. It will help me get a clear picture of what's going on.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Issue here: #503
// previous (input) asset. We know that it was already verified | ||
// as it was present in the multiverse/universe archive. | ||
return &proof.AssetSnapshot{ | ||
Asset: &prevProof.Asset, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about the other set of assets in the case of inputs merged to create this new asset?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this relies on the additional inputs field, see https://github.com/ffranr/taproot-assets/blob/main/proof/verifier.go#L206-L213
And my answer here: #473 (comment)
Also I think we can use the |
Where are you referring to please @Roasbeef ? |
This refactor allows us to avoid an import cycle when the RPC proof courier marshals an asset.
This commit adds a method to the Asset structure which returns the asset's primary PrevID and takes account of the fact that the asset may correspond to a split output.
ab506bb
to
147af79
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🐊
Reviewed 6 of 10 files at r7, 7 of 7 files at r8, all commit messages.
Reviewable status: 13 of 17 files reviewed, 34 unresolved discussions (waiting on @ffranr and @guggero)
tapgarden/custodian.go
line 391 at r8 (raw file):
// Sleep to give the sender an opportunity to transfer // the proof to the proof courier service. time.Sleep(defaultProofRetrievalDelay)
I think let's endeavor to remove this in a follow up PR. IMO the backoff should just handle this, and it can speed up our itests with it gone as well.
This PR adds a new multiverse RPC proof service handle for use in the chain porter.
This PR should close these issues when merged:
InsertProof
and retrieved using RPC endpointQueryProof
. #467This change is