ark/vtxo/
validation.rs

1
2use std::borrow::Cow;
3
4use bitcoin::{Amount, OutPoint, Transaction, TxOut};
5
6use crate::vtxo::{Full, Policy, Vtxo, VtxoPolicyKind};
7use crate::vtxo::genesis::{GenesisTransition, TransitionKind};
8
9#[derive(Debug, PartialEq, Eq, thiserror::Error)]
10#[error("VTXO validation error")]
11pub enum VtxoValidationError {
12	#[error("the VTXO is invalid: {0}")]
13	Invalid(&'static str),
14	#[error("the chain anchor output doesn't match the VTXO; expected: {expected:?}, got: {got:?}")]
15	IncorrectChainAnchor {
16		expected: TxOut,
17		got: TxOut,
18	},
19	#[error("Cosigned genesis transitions don't have any common pubkeys")]
20	InconsistentCosignPubkeys,
21	#[error("error verifying one of the genesis transitions \
22		(idx={genesis_idx}/{genesis_len} type={transition_kind}): {error}")]
23	GenesisTransition {
24		error: &'static str,
25		genesis_idx: usize,
26		genesis_len: usize,
27		// NB we use str here because we don't want to expose the kind enum
28		transition_kind: &'static str,
29	},
30	#[error("invalid arkoor policy of type {policy}: {msg}")]
31	InvalidArkoorPolicy {
32		policy: VtxoPolicyKind,
33		msg: &'static str,
34	},
35}
36
37impl VtxoValidationError {
38	/// Constructor for [VtxoValidationError::GenesisTransition].
39	fn transition(
40		genesis_idx: usize,
41		genesis_len: usize,
42		transition_kind: TransitionKind,
43		error: &'static str,
44	) -> Self {
45		let transition_kind = transition_kind.as_str();
46		VtxoValidationError::GenesisTransition { error, genesis_idx, genesis_len, transition_kind }
47	}
48}
49
50#[inline]
51#[allow(unused_variables)]
52fn verify_transition<P: Policy>(
53	vtxo: &Vtxo<Full, P>,
54	genesis_idx: usize,
55	prev_tx: &Transaction,
56	prev_vout: usize,
57	next_amount: Amount,
58	check_signatures: bool,
59) -> Result<Transaction, &'static str> {
60	let item = vtxo.genesis.items.get(genesis_idx).expect("genesis_idx out of range");
61
62	let prev_txout = prev_tx.output.get(prev_vout).ok_or_else(|| "output idx out of range")?;
63
64	let next_output = vtxo.genesis.items.get(genesis_idx + 1).map(|item| {
65		item.transition.input_txout(
66			next_amount, vtxo.server_pubkey, vtxo.expiry_height, vtxo.exit_delta,
67		)
68	}).unwrap_or_else(|| {
69		// when we reach the end of the chain, we take the eventual output of the vtxo
70		vtxo.policy.txout(vtxo.amount, vtxo.server_pubkey, vtxo.exit_delta, vtxo.expiry_height)
71	});
72
73	let prevout = OutPoint::new(prev_tx.compute_txid(), prev_vout as u32);
74	let tx = item.tx(prevout, next_output, vtxo.server_pubkey, vtxo.expiry_height);
75
76	if check_signatures {
77		match &item.transition {
78			GenesisTransition::Cosigned(inner) => {
79				inner.validate_sigs(&tx, 0, prev_txout, vtxo.server_pubkey, vtxo.expiry_height)?
80			}
81			GenesisTransition::Arkoor(inner) => {
82				inner.validate_sigs(&tx, 0, prev_txout, vtxo.server_pubkey())?
83			}
84			GenesisTransition::HashLockedCosigned(inner) => {
85				inner.validate_sigs(&tx, 0, prev_txout, vtxo.server_pubkey, vtxo.expiry_height)?
86			}
87		};
88
89		#[cfg(test)]
90		{
91			if let Err(e) = crate::test_util::verify_tx(&[prev_txout.clone()], 0, &tx) {
92				// just print error because this is unit test context
93				println!("TX VALIDATION FAILED: invalid tx in genesis of vtxo {}: idx={}: {}",
94					vtxo.id(), genesis_idx, e,
95				);
96				return Err("transaction validation failed");
97			}
98		}
99	}
100
101
102	Ok(tx)
103}
104
105fn validate_inner<P: Policy>(
106	vtxo: &Vtxo<Full, P>,
107	chain_anchor_tx: &Transaction,
108	check_signatures: bool,
109) -> Result<(), VtxoValidationError> {
110	// We start by validating the chain anchor output.
111	let anchor_txout = chain_anchor_tx.output.get(vtxo.chain_anchor().vout as usize)
112		.ok_or(VtxoValidationError::Invalid("chain anchor vout out of range"))?;
113
114	// For empty genesis, validate that the chain anchor output matches the policy's txout
115	if vtxo.genesis.items.is_empty() {
116		let expected_anchor_txout = vtxo.policy.txout(
117			vtxo.amount(),
118			vtxo.server_pubkey(),
119			vtxo.exit_delta(),
120			vtxo.expiry_height(),
121		);
122		if *anchor_txout != expected_anchor_txout {
123			return Err(VtxoValidationError::IncorrectChainAnchor {
124				expected: expected_anchor_txout,
125				got: anchor_txout.clone(),
126			});
127		}
128		return Ok(());
129	}
130
131	// For non-empty genesis, validate using the first genesis item's transition
132	let onchain_amount = vtxo.chain_anchor_amount()
133		.ok_or_else(|| VtxoValidationError::Invalid("onchain amount overflow"))?;
134	let expected_anchor_txout = vtxo.genesis.items.get(0).unwrap().transition.input_txout(
135		onchain_amount, vtxo.server_pubkey(), vtxo.expiry_height(), vtxo.exit_delta(),
136	);
137	if *anchor_txout != expected_anchor_txout {
138		return Err(VtxoValidationError::IncorrectChainAnchor {
139			expected: expected_anchor_txout,
140			got: anchor_txout.clone(),
141		});
142	}
143
144	let mut prev = (Cow::Borrowed(chain_anchor_tx), vtxo.chain_anchor().vout as usize, onchain_amount);
145	for (idx, item) in vtxo.genesis.items.iter().enumerate() {
146		let output_sum = item.other_output_sum()
147			.ok_or(VtxoValidationError::Invalid("output sum overflow"))?;
148		let next_amount = prev.2.checked_sub(output_sum)
149			.ok_or(VtxoValidationError::Invalid("insufficient onchain amount"))?;
150		let next_tx = verify_transition(&vtxo, idx, prev.0.as_ref(), prev.1, next_amount, check_signatures)
151			.map_err(|e| VtxoValidationError::transition(
152				idx, vtxo.genesis.items.len(), item.transition.kind(), e,
153			))?;
154		prev = (Cow::Owned(next_tx), item.output_idx as usize, next_amount);
155	}
156
157	// Verify the point field matches the computed exit outpoint
158	let expected_point = OutPoint::new(prev.0.compute_txid(), prev.1 as u32);
159	if vtxo.point != expected_point {
160		return Err(VtxoValidationError::Invalid("point doesn't match computed exit outpoint"));
161	}
162
163	Ok(())
164}
165
166/// Validate that the [Vtxo] is valid and can be constructed from its
167/// chain anchor.
168///
169/// General checks and chain-anchor related checks are performed first,
170/// transitions are checked last.
171pub fn validate<P: Policy>(
172	vtxo: &Vtxo<Full, P>,
173	chain_anchor_tx: &Transaction,
174) -> Result<(), VtxoValidationError> {
175	validate_inner(vtxo, chain_anchor_tx, true)
176}
177
178/// Validate VTXO structure without checking signatures.
179pub fn validate_unsigned<P: Policy>(
180	vtxo: &Vtxo<Full, P>,
181	chain_anchor_tx: &Transaction,
182) -> Result<(), VtxoValidationError> {
183	validate_inner(vtxo, chain_anchor_tx, false)
184}
185
186#[cfg(test)]
187mod test {
188	use crate::test_util::VTXO_VECTORS;
189
190	#[test]
191	pub fn validate_vtxos() {
192		let vtxos = &*VTXO_VECTORS;
193
194		assert!(vtxos.board_vtxo.is_standard());
195		let err = vtxos.board_vtxo.validate(&vtxos.anchor_tx).err();
196		assert!(err.is_none(), "err: {err:?}");
197
198		assert!(vtxos.arkoor_htlc_out_vtxo.is_standard());
199		let err = vtxos.arkoor_htlc_out_vtxo.validate(&vtxos.anchor_tx).err();
200		assert!(err.is_none(), "err: {err:?}");
201
202		assert!(vtxos.arkoor2_vtxo.is_standard());
203		let err = vtxos.arkoor2_vtxo.validate(&vtxos.anchor_tx).err();
204		assert!(err.is_none(), "err: {err:?}");
205
206		assert!(vtxos.round1_vtxo.is_standard());
207		let err = vtxos.round1_vtxo.validate(&vtxos.round_tx).err();
208		assert!(err.is_none(), "err: {err:?}");
209
210		assert!(vtxos.round2_vtxo.is_standard());
211		let err = vtxos.round2_vtxo.validate(&vtxos.round_tx).err();
212		assert!(err.is_none(), "err: {err:?}");
213
214		assert!(vtxos.arkoor3_vtxo.is_standard());
215		let err = vtxos.arkoor3_vtxo.validate(&vtxos.round_tx).err();
216		assert!(err.is_none(), "err: {err:?}");
217	}
218}
ark/vtxo/validation.rs

ark/vtxo/
validation.rs
