refactor: reorient CLAIM note consumption flow#2528
refactor: reorient CLAIM note consumption flow#2528partylikeits1983 wants to merge 31 commits intoagglayerfrom
CLAIM note consumption flow#2528Conversation
partylikeits1983
added
agglayer
partylikeits1983
force-pushed
the
ajl-reorient-claim-note-flow
branch
from
55ee9fb to
57cfbb5
Compare
partylikeits1983
added
the
no changelog
Fumuran
left a comment
Fumuran
left a comment
There was a problem hiding this comment.
Looks great, thank you! I left some nits and questions inline.
This is partial review, I only looked through the MASM code (but mostly in a way of code optimization, not the algorithm correctness).
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
partylikeits1983
force-pushed
the
ajl-reorient-claim-note-flow
branch
from
ee64a9b to
6a602df
Compare
Co-authored-by: Andrey Khmuro <andrey@polygon.technology>
| /// | ||
| /// This note is used to register a faucet in the bridge's faucet registry. | ||
| /// It carries the faucet account ID and is always public. | ||
| /// This note is used to register a faucet in the bridge's faucet and token registries. |
There was a problem hiding this comment.
It's a bit strange that we have two registries now. I would at least document this better somewhere.
It seems that one is used for bridging out (we have Miden address, we check what's the eth equivalent), while the other is for bridging in (we have eth address, we query the Miden faucet addresss)
There was a problem hiding this comment.
actually this could go right into the spec document. We can merge that PR into the agglayer branch, and have any further PRs against this branch update the spec
| mem_store.MINT_NOTE_STORAGE_NATIVE_AMOUNT | ||
| # => [pad(16)] | ||
|
|
||
| # Write attachment_kind = 0 [2] |
There was a problem hiding this comment.
we should add constants for those, similar to https://github.com/0xMiden/miden-base/blob/a1f3b48a2bf384c522fe175fd24ccb82af81b0b2/crates/miden-standards/asm/standards/attachments/network_account_target.masm#L19
There was a problem hiding this comment.
now that we've re-oriented the flow, we could reconsider where the conversion data is stored (i.e. re-consider #2172), but we can do it separately
| const CLAIM_PROOF_DATA_WORD_LEN = 134 | ||
| const CLAIM_LEAF_DATA_WORD_LEN = 8 |
There was a problem hiding this comment.
while this might be refactored later (TBD on how #2535 progresses), they are currently referring to the same underlying data, let's not duplicate
| const OUTPUT_NOTE_TYPE_PUBLIC = 1 | ||
|
|
||
| # P2ID attachment constants (the P2ID note created by the faucet has no attachment) | ||
| const P2ID_ATTACHMENT_KIND_NONE = 0 |
There was a problem hiding this comment.
we have a constant for this: https://github.com/0xMiden/miden-base/blob/be6ea54f3d7d7e1245906ae19dfcb7602fc4e69f/crates/miden-protocol/asm/shared_utils/util/note.masm#L8
ATTACHMENT_SCHEME_NONE should probably also be added there.
| loc_store.CLAIM_PREFIX_MEM_LOC loc_store.CLAIM_SUFFIX_MEM_LOC | ||
| # => [pad(7)] | ||
|
|
||
| exec.get_raw_claim_amount |
There was a problem hiding this comment.
if this is unused, we should remove the proc
There was a problem hiding this comment.
ah, but this introduces a critical vulnerability - now we just use the miden_claim_amount that is passed in ClaimNoteStorage while completely disregarding the amount that is part of LeafData.
So the proof verifies, and then we forget about EthAmount there and can just mint however many tokens we wish 😁
(PoC here, all tests still pass when minting 10x the amount)
3 participants
This PR reorients the flow in which the
CLAIMnote is consumed.This PR reorients the flow from:
CLAIM note is consumed by AggFaucet account, which does an FPI call to bridge to verify merkle proof, if valid creates P2ID note
to:
CLAIM note is consumed by AggBridge account which verifies the merkle proof, if valid creates a MINT note, which is then consumed by AggFaucet account in separate tx, which creates P2ID note.
This PR adds a mapping to the AggBridge which stores the
bytes20origin token address in the faucet registry ashash(bytes20)->AccountId.This is so that when creating the
MINTnote, the correct network note attachment target can be set. Storing the hash of the destination address as the key in a mapping, where the value is the aggfaucetAccountIdis essential, as previously we only stored registered AggFaucets in a mapping like this:AccountId->bool.Note: Both the
MINTnote &P2IDnote which created by the consumption of theMINTnote, both use thePROOF_DATA_KEY(hash of proof data) as their serial numbers.Resolves #2506