objects: update account id scheme #672
Conversation
Change "In this second" to "In this "section"
* feat: adding account storage maps
…h tested code (#615) * tests: unified test mods * tests: moved account_id tests to its mod * tests: moved account_code tests to its mod * tests: using utils to test account data * tests: using utils to test account * tests: added serde tests for account and account delta * add empty constructor for account storage delta * added serde tests for storage delta * tests using existing constants
* feat: add benchmark for default transaction * refactor: use trace instead of emit, create wrapper for host * refactor: improve cycles print * refactor: add inline comments, change trace ids * chore: ignore the test untill it become a binary * refactor: organise cycles storing, add traces for each note * feat: create a simple cli for benchmark binary package * feat: create cargo-make script for benchmarking, move benchmarks back to the miden-tx * refactor: move TransactionProgress to the TransactionHost * feat: implement bench for P2ID note, add NoteId to the output * refactor: move last note id obtaining to the separate function * refactor: fix no-std build * refactor: update comments in main.masm file to be consistent with api.masm * feat: write benchmark results to the json file * refactor: move benchmarks to their own crate * refactor: add ability to run all benches * refactor: update bin name, dependencies; remove benches except all * chore: fix no-std build * refactor: rework TransactionProgress serialization * refactor: exclude bench-tx from no-std build, update dependencies * refactor: improve imports formatting * refactor: rework writing to json * chore: change visibility of miden-tx MockDataStore * chore: update CHANGELOG, create README for bench-tx
* process_input_note: simplified advice stack params names * kernel: using stdlib utility to extract digest * prologue: added details about nullifier * tests: explain why Send/Sync is being enforced * removed contraints on the struct definition The type constraints should be added into the `impl`s blocks, because the constraints on the `struct`s propagate up and makes composition very verbose. This also renamed the mod data to data_store to better represent its content.
- Remove network execution, since currently this concept is not really used and resulted in a mismatch among the Rust and MASM code - Changed the conversions to the NoteTag to include validation - Fixed the NoteTag validation - Fixed the tag validation in the `create_note` kernel code - Fixed the tests to create valid note tags
Derive `Ord` and `PartialOrd` for `NoteTag`
* feat: Serialize auth secret key * Remove nls * Address reviews * Remove allocation * Rename var
* feat: optional initial hash for new accounts fix: use `core::ops::Not` instead of `std::ops::Not` fix: address review comments refactor: rename function docs: update changelog tests: add checking proven transaction id for cases when account creation was involved * refactor: move `init_account_hash` function back to `Account` * fix: no-std build * fix: address review comments
* refactor: move event emitting after validation In this commit refactoring was made for account procedures and incr_nonce procedure. set_item and set_map_item will be reworked in future commits. * refactor: move emit in the incr_nonce
* Rename NoteEnvelope into NoteHeader * Change Note struct to be based on header and details
* feat: return NoteDetails for payback note from SWAP note constructor * feat: properly construct tag for SWAP notes
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
2 times, most recently
from
89d9ef4
to
c836688
Compare
|
I pushed the latest version of the code. The tests are still not passing, I just realized that I'm computing the digest in the kernel using account id instead of account config, I also have to update the masm patching. Will follow up and hopefully fish this tomorrow. |
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
from
c836688
to
f767d18
Compare
* feat: implement support for full private notes * docs: update CHANGELOG.md * fix: address review comments
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
5 times, most recently
from
a00e013
to
1f3364b
Compare
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
from
1f3364b
to
6685279
Compare
| #! - Account creation is not free, this introduces a small cost to account creation which as a small | ||
| #! spam proteciton. | ||
| #! | ||
| #! Stack: [CODE_ROOT, SEED, STORAGE_ROOT, acc_id] |
There was a problem hiding this comment.
Changed the procedure to receive the data over the stack, so that it can be tested. This only has the cost of two additional instrucitons swapw and a movdnw.2
| } | ||
| } | ||
|
|
||
| impl TryFrom<u64> for AccountPoW { |
There was a problem hiding this comment.
Note: These types are using u64 conversion to and from their mask position! This is confusing at times, I had a few instances that tried to PoW 80bits because I used u64::from(pow) instead of pow.as_int()
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
3 times, most recently
from
f12ff3c
to
5702fd3
Compare
|
humm, it seems the tests are timing out in the CI, they are also taking longer time for me locally, around 1min to complete. |
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
3 times, most recently
from
fcac270
to
838f2c8
Compare
- the account id now includes a configuration for the PoW, so users can increase its total PoW up to 64 bits. (Note: The total PoW required by an attacker includes the random bits of an account_id, so an additional 50 bits) - the faucet and regular account ids are the same - the lower to bitw of the account id are force to zero - the storage and type configuration are in the 4 highest bits
hackaugusto
force-pushed
the
hacka-account-id-issue-140
branch
from
838f2c8
to
d586df9
Compare
bobbinth
force-pushed
the
next
branch
2 times, most recently
from
af32706
to
7e2a164
Compare
|
The schemes that we have been discussing (including the one implemented here) have a very serious flaw: the attacker could build a "rainbow table" of all (or many) account IDs and then as soon as a public note directed to a specific account appears on chain, they would use one of their pre-computed accounts to highjack the note. Assuming there are Building such a rainbow table (assuming some efficient GPU-based implementation) could cost anywhere between $1B and $10B USD. It is probably not something we'd worry about for the next couple of years, but beyond that, this would be a real problem. Taken the above into account, I think ~64 bits for account ID is too little. So, one of the decisions we should make is what should be the ID size. A few preliminary thoughts:
Increasing the size of the ID would have the following implications:
|
|
closing this PR following the comment above |
closes #140
Opened the PR because the tests are green, but there is still some changes that are needed, namely the kernel is not checking the total PoW.
edit: well ... the tests that run with
cargo test, turns out some tests are gated by the testing feature flag, which is great, because I thought we had no tests for the new accounts