Expand description
Utilities to create out-of-round transactions using checkpoint transactions.
§Checkpoints keep users and the server safe
When an Ark transaction is spent out-of-round a new transaction is added on top of that. In the naive approach we just keep adding transactions and the chain becomes longer.
A first problem is that this can become unsafe for the server. If a client performs a partial exit attack the server will have to broadcast a long chain of transactions to get the forfeit published.
A second problem is that if one user exits it affects everyone. In their chunk of the tree. The server cannot sweep the funds anymore and all other users are forced to collect their funds from the chain (which can be expensive).
§How do they work
The core idea is that each out-of-round spent will go through
a checkpoint transaction. The checkpoint transaction has the policy
A + S or S after expiry.
Note, that the A+S path is fast and will always take priority.
Users will still be able to exit their funds at any time.
But if a partial exit occurs, the server can just broadcast
a single checkpoint transaction and continue like nothing happened.
Other users will be fully unaffected by this. Their Vtxo will now be anchored in the checkpoint which can be swept after expiry.
§Usage
This module creates a checkpoint transaction that originates from a single Vtxo. It is a low-level construct and the developer has to compute the paid amount, change and fees themselves.
The core construct is CheckpointedArkoorBuilder which can be used to build arkoor transactions. The struct is designed to be used by both the client and the server.
CheckpointedArkoorBuilder::new is a constructor that validates the intended transaction. At this point, all transactions that will be constructed are fully designed. You can use CheckpointedArkoorBuilder::build_unsigned_vtxos to construct the vtxos but they will still lack signatures.
Constructing the signatures is an interactive process in which the client signs first.
The client will call CheckpointedArkoorBuilder::generate_user_nonces which will update the builder-state to state::UserGeneratedNonces. The client will create a CosignRequest which contains the details about the arkoor payment including the user nonces. The server will respond with a CosignResponse which can be used to finalize all signatures. At the end the client can call CheckpointedArkoorBuilder::build_signed_vtxos to get their fully signed VTXOs.
The server will also use CheckpointedArkoorBuilder::from_cosign_request to construct a builder. The CheckpointedArkoorBuilder::server_cosign will construct the CosignResponse which is sent to the client.