Pass fee and crossover in execute to fix wrong transaction hash

Use the same exact rng provide when generating output notes
dusk-network · Oct 11, 2023 · c177269 · c177269
1 parent a925ead
commit c177269
Show file tree

Hide file tree

Showing 6 changed files with 106 additions and 51 deletions.
diff --git a/assets/dusk_wallet_core.wasm b/assets/dusk_wallet_core.wasm
diff --git a/assets/schema.json b/assets/schema.json
@@ -139,10 +139,45 @@
         }
       }
     },
+    "Crossover": {
+      "description": "The value of the Crossover and the blinder",
+      "type": "object",
+      "required": [
+        "crossover",
+        "blinder",
+        "value"
+      ],
+      "properties": {
+        "crossover": {
+          "description": "The rkyv serialized bytes of the crossover struct",
+          "type": "array",
+          "items": {
+            "type": "integer",
+            "format": "uint8",
+            "minimum": 0
+          }
+        },
+        "blinder": {
+          "description": "The rkyv serialized blinder of the crossover",
+          "type": "array",
+          "items": {
+            "type": "integer",
+            "format": "uint8",
+            "minimum": 0
+          }
+        },
+        "value": {
+          "description": "The value of the crossover",
+          "type": "integer",
+          "format": "uint64"
+        }
+      }
+    },
     "ExecuteArgs": {
       "description": "The arguments of the execute function",
       "type": "object",
       "required": [
+        "fee",
         "gas_limit",
         "gas_price",
         "inputs",
@@ -157,22 +192,27 @@
           "$ref": "#/definitions/ExecuteCall"
         },
         "crossover": {
-          "description": "The [phoenix_core::Crossover] value",
-          "type": "integer",
-          "format": "uint64",
-          "minimum": 0
+          "description": "The crossover value",
+          "$ref": "#/definitions/Crossover"
+        },
+        "fee": {
+          "description": "A rkyv serialized Fee",
+          "type": "array",
+          "items": {
+            "type": "integer",
+            "format": "uint8",
+            "minimum": 0
+          }
         },
         "gas_limit": {
           "description": "The gas limit of the transaction",
           "type": "integer",
-          "format": "uint64",
-          "minimum": 0
+          "format": "uint64"
         },
         "gas_price": {
           "description": "The gas price per unit for the transaction",
           "type": "integer",
-          "format": "uint64",
-          "minimum": 0
+          "format": "uint64"
         },
         "inputs": {
           "description": "A rkyv serialized [Vec<phoenix_core::Note>] to be used as inputs",
@@ -208,8 +248,8 @@
             "format": "uint8",
             "minimum": 0
           },
-          "maxItems": 64,
-          "minItems": 64
+          "maxItems": 32,
+          "minItems": 32
         },
         "seed": {
           "description": "Seed used to derive the keys of the wallet",

diff --git a/src/ffi.rs b/src/ffi.rs
@@ -10,7 +10,7 @@ use alloc::{vec, vec::Vec};
 use core::mem;
 
 use dusk_bytes::Serializable;
-use phoenix_core::Note;
+use phoenix_core::{Fee, Note};
 use sha2::{Digest, Sha512};
 
 use crate::{key, tx, types, utils, MAX_KEY, MAX_LEN};
@@ -132,11 +132,12 @@ pub fn execute(args: i32, len: i32) -> i64 {
     let types::ExecuteArgs {
         call,
         crossover,
-        gas_limit,
-        gas_price,
+        fee,
         inputs,
         openings,
         output,
+        gas_limit,
+        gas_price,
         refund,
         rng_seed,
         seed,
@@ -150,6 +151,11 @@ pub fn execute(args: i32, len: i32) -> i64 {
         Err(_) => return utils::fail(),
     };
 
+    let fee: Fee = match rkyv::from_bytes(&fee) {
+        Ok(n) => n,
+        Err(_) => return utils::fail(),
+    };
+
     let openings: Vec<tx::Opening> = match rkyv::from_bytes(&openings) {
         Ok(n) => n,
         Err(_) => return utils::fail(),
@@ -160,7 +166,7 @@ pub fn execute(args: i32, len: i32) -> i64 {
         None => return utils::fail(),
     };
 
-    let rng_seed = match utils::sanitize_seed(rng_seed) {
+    let rng_seed: [u8; 32] = match rng_seed.try_into().ok() {
         Some(s) => s,
         None => return utils::fail(),
     };
@@ -169,7 +175,7 @@ pub fn execute(args: i32, len: i32) -> i64 {
     let total_output = gas_limit
         .saturating_mul(gas_price)
         .saturating_add(value)
-        .saturating_add(crossover.unwrap_or_default());
+        .saturating_add(crossover.clone().map(|c| c.value).unwrap_or_default());
 
     let mut keys = unsafe { [mem::zeroed(); MAX_KEY + 1] };
     let mut keys_ssk = unsafe { [mem::zeroed(); MAX_KEY + 1] };
@@ -221,9 +227,6 @@ pub fn execute(args: i32, len: i32) -> i64 {
     let total_refund = total_input.saturating_sub(total_output);
 
     let mut outputs = Vec::with_capacity(2);
-    if let Some(o) = output {
-        outputs.push(o);
-    }
     if total_refund > 0 {
         outputs.push(types::ExecuteOutput {
             note_type: types::OutputType::Obfuscated,
@@ -232,10 +235,13 @@ pub fn execute(args: i32, len: i32) -> i64 {
             value: total_refund,
         });
     }
+    if let Some(o) = output {
+        outputs.push(o);
+    }
 
     let rng = &mut utils::rng(&rng_seed);
     let tx = tx::UnprovenTransaction::new(
-        rng, inputs, outputs, refund, gas_limit, gas_price, crossover, call,
+        rng, inputs, outputs, fee, crossover, call,
     );
     let tx = match tx {
         Some(t) => t,

diff --git a/src/tx.rs b/src/tx.rs
@@ -24,7 +24,7 @@ use rkyv::{Archive, Deserialize, Serialize};
 use rusk_abi::hash::Hasher;
 use rusk_abi::{ContractId, POSEIDON_TREE_DEPTH};
 
-use crate::{types, utils};
+use crate::{types, types::Crossover as WasmCrossover, utils};
 
 /// Chosen arity for the Notes tree implementation.
 pub const POSEIDON_TREE_ARITY: usize = 4;
@@ -143,10 +143,8 @@ impl UnprovenTransaction {
         rng: &mut Rng,
         inputs: I,
         outputs: O,
-        refund: String,
-        gas_limit: u64,
-        gas_price: u64,
-        crossover: Option<u64>,
+        fee: Fee,
+        crossover: Option<WasmCrossover>,
         call: Option<types::ExecuteCall>,
     ) -> Option<Self>
     where
@@ -163,7 +161,6 @@ impl UnprovenTransaction {
             .unzip();
 
         let anchor = inputs.first().map(|i| i.opening.root().hash)?;
-        let refund = utils::bs58_to_psk(&refund)?;
 
         let mut output_notes = Vec::with_capacity(4);
         let mut outputs_values = Vec::with_capacity(4);
@@ -222,20 +219,25 @@ impl UnprovenTransaction {
             (c.contract.to_bytes(), c.method.clone(), c.payload.clone())
         });
 
-        let fee = Fee::new(rng, gas_limit, gas_price, &refund);
-
-        let crossover = crossover.map(|crossover| {
-            let blinder = JubJubScalar::random(rng);
-            let (_, crossover_note) =
-                Note::obfuscated(rng, &refund, crossover, blinder)
-                    .try_into()
-                    .expect("Obfuscated notes should always yield crossovers");
-            Crossover {
-                crossover: crossover_note,
-                value: crossover,
-                blinder,
-            }
-        });
+        let crossover = crossover.and_then(
+            |WasmCrossover {
+                 blinder,
+                 crossover,
+                 value,
+             }| {
+                Some({
+                    Crossover {
+                        crossover: rkyv::from_bytes::<PhoenixCrossover>(
+                            &crossover,
+                        )
+                        .ok()?,
+                        value,
+                        blinder: rkyv::from_bytes::<JubJubScalar>(&blinder)
+                            .ok()?,
+                    }
+                })
+            },
+        );
 
         let tx_hash = Transaction::hash_input_bytes_from_components(
             &nullifiers,

diff --git a/src/types.rs b/src/types.rs
@@ -31,18 +31,30 @@ pub struct BalanceResponse {
     #[doc = " Total computed balance"]
     pub value: u64,
 }
+#[doc = " The value of the Crossover and the blinder"]
+#[derive(Clone, PartialEq, Debug, Deserialize, Serialize)]
+pub struct Crossover {
+    #[doc = " The rkyv serialized blinder of the crossover"]
+    pub blinder: Vec<u8>,
+    #[doc = " The rkyv serialized bytes of the crossover struct"]
+    pub crossover: Vec<u8>,
+    #[doc = " The value of the crossover"]
+    pub value: u64,
+}
 #[doc = " The arguments of the execute function"]
 #[derive(Clone, PartialEq, Debug, Deserialize, Serialize)]
 pub struct ExecuteArgs {
     #[doc = " A call to a contract method"]
     #[serde(skip_serializing_if = "Option::is_none")]
     pub call: Option<ExecuteCall>,
-    #[doc = " The [phoenix_core::Crossover] value"]
+    #[doc = " The crossover value"]
     #[serde(skip_serializing_if = "Option::is_none")]
-    pub crossover: Option<u64>,
-    #[doc = " The gas limit of the transaction"]
+    pub crossover: Option<Crossover>,
+    #[doc = " A rkyv serialized Fee"]
+    pub fee: Vec<u8>,
+    #[doc = " gas_limit"]
     pub gas_limit: u64,
-    #[doc = " The gas price per unit for the transaction"]
+    #[doc = " gas_price"]
     pub gas_price: u64,
     #[doc = " A rkyv serialized [Vec<phoenix_core::Note>] to be used as inputs"]
     pub inputs: Vec<u8>,

diff --git a/src/utils.rs b/src/utils.rs
@@ -102,14 +102,9 @@ where
 }
 
 /// Creates a secure RNG from a seed.
-pub fn rng(seed: &[u8; RNG_SEED]) -> ChaCha12Rng {
-    let mut hash = Sha256::new();
-
-    hash.update(seed);
-    hash.update(b"RNG");
-
-    let hash = hash.finalize().into();
-    ChaCha12Rng::from_seed(hash)
+/// We should keep this above 64 to be secure
+pub fn rng(seed: &[u8; 32]) -> ChaCha12Rng {
+    ChaCha12Rng::from_seed(*seed)
 }
 
 /// Creates a secure RNG from a seed with embedded index.