FindoraNetwork · weikengchen · Aug 22, 2023 · Mar 24, 2023 · Aug 13, 2023 · Aug 17, 2023
diff --git a/Cargo.toml b/Cargo.toml
@@ -36,22 +36,34 @@ members = [
 ]
 
 [profile.dev]
-incremental = false
+opt-level = 3
+lto = "thin"
+incremental = true
+debug-assertions = true
+debug = true
+panic = 'abort'
 overflow-checks = true
 
 [profile.release]
+opt-level = 3
+lto = "thin"
 incremental = false
 overflow-checks = true
+panic = 'abort'
 
 [profile.bench]
+opt-level = 3
+debug = false
+rpath = false
+lto = "thin"
 codegen-units = 1
+incremental = true
+debug-assertions = false
 overflow-checks = false
 
-[profile.dev.package.curve25519-dalek]
-opt-level = 1
-overflow-checks = false
-
-[patch.crates-io]
-ed25519-dalek = { git = "https://github.com/FindoraNetwork/ed25519-dalek", rev = "ad461f" }
-curve25519-dalek = { git = "https://github.com/FindoraNetwork/curve25519-dalek", rev = "a2df65" }
-x25519-dalek = { git = "https://github.com/FindoraNetwork/x25519-dalek", rev = "53bb1a" }
+[profile.test]
+opt-level = 2
+lto = "off"
+incremental = true
+debug-assertions = true
+debug = true
diff --git a/src/components/abciapp/src/abci/mod.rs b/src/components/abciapp/src/abci/mod.rs
@@ -94,7 +94,6 @@ pub fn run() -> Result<()> {
             "http://{}:{}",
             config.tendermint_host, config.tendermint_port
         );
-
         // keep them running in the background,
         // avoid being dropped by the jsonrpc crate.
         mem::forget(fc_rpc::start_web3_service(

diff --git a/src/components/abciapp/src/abci/server/callback/mod.rs b/src/components/abciapp/src/abci/server/callback/mod.rs
@@ -2,13 +2,6 @@
 //! # Impl function of tendermint ABCI
 //!
 
-use globutils::wallet;
-use ledger::{
-    data_model::ASSET_TYPE_FRA,
-    staking::{FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST},
-};
-use zei::noah_api::xfr::asset_record::AssetRecordType;
-
 mod utils;
 
 use {
@@ -32,11 +25,15 @@ use {
         STATE_UPDATE_LIST, TXS, WEB3_SERVICE_START_HEIGHT,
     },
     fp_storage::hash::{Sha256, StorageHasher},
+    globutils::wallet,
     lazy_static::lazy_static,
     ledger::{
         converter::is_convert_account,
-        data_model::Operation,
-        staking::{evm::EVM_STAKING, KEEP_HIST, VALIDATOR_UPDATE_BLOCK_ITV},
+        data_model::{Operation, Transaction, ASSET_TYPE_FRA},
+        staking::{
+            evm::EVM_STAKING, FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST, KEEP_HIST,
+            VALIDATOR_UPDATE_BLOCK_ITV,
+        },
         store::{
             api_cache,
             fbnc::{new_mapx, Mapx},
@@ -56,6 +53,7 @@ use {
         },
     },
     tracing::{error, info},
+    zei::noah_api::xfr::asset_record::AssetRecordType,
 };
 
 pub(crate) static TENDERMINT_BLOCK_HEIGHT: AtomicI64 = AtomicI64::new(0);
@@ -100,9 +98,15 @@ pub fn info(s: &mut ABCISubmissionServer, req: &RequestInfo) -> ResponseInfo {
             && h < CFG.checkpoint.enable_frc20_height
         {
             resp.set_last_block_app_hash(la_hash);
-        } else {
+        } else if h < CFG.checkpoint.enable_triple_masking_height {
             let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
             resp.set_last_block_app_hash(app_hash("info", h, la_hash, cs_hash));
+        } else {
+            let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
+            let tm_hash = state.get_anon_state_commitment().0;
+            resp.set_last_block_app_hash(app_hash_v2(
+                "info", h, la_hash, cs_hash, tm_hash,
+            ));
         }
     }
 
@@ -140,6 +144,18 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
         TxCatalog::FindoraTx => {
             if matches!(req.field_type, CheckTxType::New) {
                 if let Ok(tx) = convert_tx(req.get_tx()) {
+                    for op in tx.body.operations.iter() {
+                        if let Operation::TransferAnonAsset(op) = op {
+                            let mut inputs = op.note.body.inputs.clone();
+                            inputs.sort();
+                            inputs.dedup();
+                            if inputs.len() != op.note.body.inputs.len() {
+                                resp.log = "anon transfer input error".to_owned();
+                                resp.code = 1;
+                                return resp;
+                            }
+                        }
+                    }
                     if td_height > CFG.checkpoint.check_signatures_num {
                         for op in tx.body.operations.iter() {
                             if let Operation::TransferAsset(op) = op {
@@ -171,6 +187,12 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
                     } else if TX_HISTORY.read().contains_key(&tx.hash_tm_rawbytes()) {
                         resp.log = "Historical transaction".to_owned();
                         resp.code = 1;
+                    } else if is_tm_transaction(&tx)
+                        && td_height
+                            < CFG.checkpoint.enable_triple_masking_height
+                    {
+                        resp.code = 1;
+                        resp.log = "Triple Masking is disabled".to_owned();
                     }
                 } else {
                     resp.log = "Invalid format".to_owned();
@@ -272,6 +294,18 @@ pub fn deliver_tx(
     match tx_catalog {
         TxCatalog::FindoraTx => {
             if let Ok(tx) = convert_tx(req.get_tx()) {
+                for op in tx.body.operations.iter() {
+                    if let Operation::TransferAnonAsset(op) = op {
+                        let mut inputs = op.note.body.inputs.clone();
+                        inputs.sort();
+                        inputs.dedup();
+                        if inputs.len() != op.note.body.inputs.len() {
+                            resp.log = "anon Transfer input error".to_owned();
+                            resp.code = 1;
+                            return resp;
+                        }
+                    }
+                }
                 if td_height > CFG.checkpoint.check_signatures_num {
                     for op in tx.body.operations.iter() {
                         if let Operation::TransferAsset(op) = op {
@@ -336,7 +370,7 @@ pub fn deliver_tx(
                         if let Err(err) =
                             s.account_base_app.write().deliver_findora_tx(&tx, &hash.0)
                         {
-                            info!(target: "abciapp", "deliver convert account tx failed: {err:?}");
+                            error!(target: "abciapp", "deliver convert account tx failed: {err:?}");
 
                             resp.code = 1;
                             resp.log =
@@ -375,6 +409,17 @@ pub fn deliver_tx(
                             .db
                             .write()
                             .discard_session();
+                    } else if is_tm_transaction(&tx)
+                        && td_height
+                            < CFG.checkpoint.enable_triple_masking_height
+                    {
+                        info!(target: "abciapp",
+                            "Triple Masking transaction(FindoraTx) detected at early height {}: {:?}",
+                            td_height, tx
+                        );
+                        resp.code = 2;
+                        resp.log = "Triple Masking is disabled".to_owned();
+                        return resp;
                     } else if CFG.checkpoint.utxo_checktx_height < td_height {
                         match tx.check_tx() {
                             Ok(_) => {
@@ -597,8 +642,11 @@ pub fn commit(s: &mut ABCISubmissionServer, req: &RequestCommit) -> ResponseComm
         && td_height < CFG.checkpoint.enable_frc20_height
     {
         r.set_data(la_hash);
-    } else {
+    } else if td_height < CFG.checkpoint.enable_triple_masking_height {
         r.set_data(app_hash("commit", td_height, la_hash, cs_hash));
+    } else {
+        let tm_hash = state.get_anon_state_commitment().0;
+        r.set_data(app_hash_v2("commit", td_height, la_hash, cs_hash, tm_hash));
     }
 
     IN_SAFE_ITV.store(false, Ordering::Release);
@@ -728,3 +776,45 @@ fn app_hash(
         la_hash
     }
 }
+
+/// Combines ledger state hash and EVM chain state hash
+/// and print app hashes for debugging
+fn app_hash_v2(
+    when: &str,
+    height: i64,
+    mut la_hash: Vec<u8>,
+    mut cs_hash: Vec<u8>,
+    mut tm_hash: Vec<u8>,
+) -> Vec<u8> {
+    info!(target: "abciapp",
+        "app_hash_{}: {}_{}_{}, height: {}",
+        when,
+        hex::encode(la_hash.clone()),
+        hex::encode(cs_hash.clone()),
+        hex::encode(tm_hash.clone()),
+        height
+    );
+
+    // append ONLY non-empty EVM chain state hash
+    if !tm_hash.is_empty() || !cs_hash.is_empty() {
+        la_hash.append(&mut cs_hash);
+        la_hash.append(&mut tm_hash);
+
+        Sha256::hash(la_hash.as_slice()).to_vec()
+    } else {
+        la_hash
+    }
+}
+
+fn is_tm_transaction(tx: &Transaction) -> bool {
+    tx.body
+        .operations
+        .iter()
+        .try_for_each(|op| match op {
+            Operation::BarToAbar(_a) => None,
+            Operation::AbarToBar(_a) => None,
+            Operation::TransferAnonAsset(_a) => None,
+            _ => Some(()),
+        })
+        .is_none()
+}
diff --git a/src/components/abciapp/src/abci/server/callback/utils.rs b/src/components/abciapp/src/abci/server/callback/utils.rs
@@ -39,8 +39,13 @@ pub fn gen_tendermint_attr(tx: &Transaction) -> RepeatedField<Event> {
     res.push(ev);
 
     let (from, to) = gen_tendermint_attr_addr(tx);
+    let (nullifiers, commitments) = gen_tendermint_attr_anon(tx);
 
-    if !from.is_empty() || !to.is_empty() {
+    if !from.is_empty()
+        || !to.is_empty()
+        || !nullifiers.is_empty()
+        || !commitments.is_empty()
+    {
         let mut ev = Event::new();
         ev.set_field_type("addr".to_owned());
 
@@ -76,6 +81,8 @@ pub fn gen_tendermint_attr(tx: &Transaction) -> RepeatedField<Event> {
 
         index_addr!(from, "addr.from");
         index_addr!(to, "addr.to");
+        index_addr!(nullifiers, "nullifier.used");
+        index_addr!(commitments, "commitment.created");
     }
 
     RepeatedField::from_vec(res)
@@ -126,6 +133,59 @@ fn gen_tendermint_attr_addr(tx: &Transaction) -> (Vec<TagAttr>, Vec<TagAttr>) {
                 Operation::UpdateMemo(d) => {
                     append_attr!(d);
                 }
+                Operation::BarToAbar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr = globutils::wallet::public_key_to_bech32(
+                        &d.input_record().public_key,
+                    );
+                    base.0.push(attr);
+                }
+                Operation::AbarToBar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr = globutils::wallet::public_key_to_bech32(
+                        &d.note.get_public_key(),
+                    );
+                    base.1.push(attr);
+                }
+                _ => {}
+            }
+
+            base
+        })
+}
+
+fn gen_tendermint_attr_anon(tx: &Transaction) -> (Vec<TagAttr>, Vec<TagAttr>) {
+    tx.body
+        .operations
+        .iter()
+        .fold((vec![], vec![]), |mut base, op| {
+            match op {
+                Operation::BarToAbar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr = globutils::wallet::commitment_to_base58(
+                        &d.output_record().commitment,
+                    );
+                    base.1.push(attr);
+                }
+                Operation::AbarToBar(d) => {
+                    let mut attr = TagAttr::default();
+                    attr.addr =
+                        globutils::wallet::nullifier_to_base58(&d.note.get_input());
+                    base.0.push(attr);
+                }
+                Operation::TransferAnonAsset(d) => {
+                    for ix in &d.note.body.inputs {
+                        let mut attr = TagAttr::default();
+                        attr.addr = globutils::wallet::nullifier_to_base58(ix);
+                        base.0.push(attr);
+                    }
+                    for ox in &d.note.body.outputs {
+                        let mut attr = TagAttr::default();
+                        attr.addr =
+                            globutils::wallet::commitment_to_base58(&ox.commitment);
+                        base.1.push(attr);
+                    }
+                }
                 _ => {}
             }
 

diff --git a/src/components/abciapp/src/abci/staking/test.rs b/src/components/abciapp/src/abci/staking/test.rs
@@ -19,7 +19,7 @@ use {
             asset_record::{open_blind_asset_record, AssetRecordType},
             structs::{AssetRecordTemplate, XfrAmount},
         },
-        {XfrKeyPair, XfrPublicKey},
+        XfrKeyPair, XfrPublicKey,
     },
 };
 
@@ -126,12 +126,12 @@ fn gen_transfer_tx(
             &owner_memo.map(|o| o.into_noah()),
             &owner_kp.into_noah(),
         )
-            .c(d!())
-            .and_then(|ob| {
-                trans_builder
-                    .add_input(TxoRef::Absolute(sid), ob, None, None, i_am)
-                    .c(d!())
-            })?;
+        .c(d!())
+        .and_then(|ob| {
+            trans_builder
+                .add_input(TxoRef::Absolute(sid), ob, None, None, i_am)
+                .c(d!())
+        })?;
 
         alt!(0 == am, break);
     }
@@ -166,5 +166,5 @@ fn gen_transfer_tx(
         .c(d!())?;
 
     tx_builder.add_operation(op);
-    Ok(tx_builder.take_transaction())
+    tx_builder.build_and_take_transaction()
 }