itest: add test for invalid input proof rejection

[jtobin]

(N.b., I cribbed this one together while reviewing #1884 -- might be worth adding?)

Add a new icase, 'testPsbtInvalidInputProofRejection', that tests that pre-anchored send packages with corrupted input proofs are rejected as expected during the SendStateVerifyPreBroadcast state.

[gemini-code-assist]

Summary of Changes

Hello @jtobin, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a crucial integration test to ensure the integrity of asset transfers. The test simulates a scenario where an asset's input proof is intentionally corrupted and verifies that the system's ChainPorter component correctly identifies and rejects such invalid proofs before broadcast. This addition strengthens the system's security by guaranteeing that only transfers with valid and verifiable proof chains are processed, preventing potential vulnerabilities arising from malformed or tampered proofs.

Highlights

• New Integration Test: A new integration test, testPsbtInvalidInputProofRejection, has been added to verify the system's handling of invalid input proofs.
• Proof Rejection Logic: The test specifically confirms that pre-anchored send packages with corrupted input proofs are correctly rejected during the SendStateVerifyPreBroadcast state, preventing the broadcast of transactions with unverifiable proofs.
• Security Invariant Validation: This new test validates a core security invariant: that invalid input proofs cannot be successfully broadcast, thereby enhancing the robustness of asset transfers.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new integration test to verify that send packages with corrupted input proofs are correctly rejected. The test is well-structured, clear, and effectively covers the intended failure scenario. The implementation aligns with the existing codebase's style and practices. I have one minor suggestion to improve code conciseness.

[gemini-code-assist]

For conciseness, you can use fn.ToArray to convert the assetID slice to a 32-byte array directly during initialization. This avoids the separate copy call and makes the variable declaration more compact.

        id          = fn.ToArray[[32]byte](assetID)
		chainParams = &address.RegressionNetTap
	)