fix(standards): rework SWAP to support public payback notes#2949
Open
JereSalo wants to merge 13 commits into
Open
fix(standards): rework SWAP to support public payback notes#2949JereSalo wants to merge 13 commits into
JereSalo wants to merge 13 commits into
Conversation
Public payback notes were unrecoverable from on-chain data: the previous SWAP precomputed the payback recipient off-line and embedded only the resulting hash, so the consuming script had no preimage to register with the advice provider. Build the payback P2ID recipient at consume time from data available in SWAP storage so the on-chain script can call p2id::new (which also registers the recipient preimage in the advice map): - Embed the creator account ID in storage (hybrid embed, mirroring PSWAP) so the consumer reads it directly instead of going through active_note::get_sender. - Derive the payback serial as swap_serial[0] + 1. - Derive the payback tag from the creator account ID prefix via note_tag::create_account_target. Storage shrinks from 14 to 11 items: the precomputed recipient and tag are no longer stored. The Rust constructor sets creator_id = sender by convention.
JereSalo
added
no changelog
# Conflicts: # crates/miden-standards/src/note/swap.rs
Branch SWAP MASM on payback note type so private paybacks store an opaque precomputed recipient digest (and tag) instead of the creator id. Public paybacks keep the creator id in plaintext since the consumer needs it to reconstruct the recipient via p2id::new. The unified 16-felt storage asserts zero on the slots unused by each branch, making the privacy guarantee structural rather than convention-based.
Centralize the rationale for the SwapPayback::Private vs Public storage shape on the enum itself and drop the repeated explanations from SwapNote::create, SwapNoteStorage, and the constructors. Also remove a stale comment from swap.masm.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Public payback wasn't possible on SWAP notes: the on-chain script lacked the data needed to construct the payback recipient. This PR embeds the creator account ID in SWAP storage so the consumer can derive the payback P2ID recipient at consume time.
Related Issues:
0xMiden/miden-client#1739 - after this PR we'll be able to tackle this on the client side.
#2950 - Partially solves this issue just for SWAP and for the
target_account_idscenario, which we don't send if the payback is private to preserve privacy of the target account (that in the future may be different from the creator account, that's why it makes sense not to reveal that info). We don't change theserial_numlogic here nor we solve it for thePSWAP.