fix!: add validator mr to mining hash (tari-project#5615)

Description --- add validator mr to mining hash Re-ordered structs/hashes to match each other Motivation and Context --- This field is not covered by mining, making it mutable and changeable by any node. Reordering was done to make auditing easier now and in future so that the two match each other Audit Finding Number --- TARI-013
brianp · Aug 9, 2023 · 91db6fb · 91db6fb
1 parent 1087fa9
commit 91db6fb
Show file tree

Hide file tree

Showing 8 changed files with 28 additions and 27 deletions.
diff --git a/base_layer/core/src/blocks/block_header.rs b/base_layer/core/src/blocks/block_header.rs
@@ -94,6 +94,8 @@ pub struct BlockHeader {
     pub prev_hash: BlockHash,
     /// Timestamp at which the block was built.
     pub timestamp: EpochTime,
+    /// This is the Merkle root of the inputs in this block
+    pub input_mr: FixedHash,
     /// This is the UTXO merkle root of the outputs
     /// This is calculated as Hash (txo MMR root  || roaring bitmap hash of UTXO indices)
     pub output_mr: FixedHash,
@@ -103,18 +105,16 @@ pub struct BlockHeader {
     pub kernel_mr: FixedHash,
     /// The number of MMR leaves in the kernel MMR
     pub kernel_mmr_size: u64,
-    /// This is the Merkle root of the inputs in this block
-    pub input_mr: FixedHash,
     /// Sum of kernel offsets for all kernels in this block.
     pub total_kernel_offset: PrivateKey,
     /// Sum of script offsets for all kernels in this block.
     pub total_script_offset: PrivateKey,
-    /// Nonce increment used to mine this block.
-    pub nonce: u64,
-    /// Proof of work summary
-    pub pow: ProofOfWork,
     /// Merkle root of all active validator node.
     pub validator_node_mr: FixedHash,
+    /// Proof of work summary
+    pub pow: ProofOfWork,
+    /// Nonce increment used to mine this block.
+    pub nonce: u64,
 }
 
 impl BlockHeader {
@@ -228,6 +228,7 @@ impl BlockHeader {
             .chain(&self.kernel_mmr_size)
             .chain(&self.total_kernel_offset)
             .chain(&self.total_script_offset)
+            .chain(&self.validator_node_mr)
             .finalize()
             .into()
     }

diff --git a/base_layer/core/src/blocks/genesis_block.rs b/base_layer/core/src/blocks/genesis_block.rs
@@ -223,7 +223,7 @@ pub fn get_igor_genesis_block() -> ChainBlock {
         block.header.kernel_mr =
             FixedHash::from_hex("c71386fe8d30e1dbc5e9729ba6375630b78ae0fc8d1c26d6c4e02d250426d9a5").unwrap();
         block.header.output_mr =
-            FixedHash::from_hex("4d0e15c79d49c2cb4758cb7cb5a1d6ca28acf45ca87720ff2224e2340f171c1b").unwrap();
+            FixedHash::from_hex("2e828a1aaa2263cec1c25be053a63b021fddee3a32bdc28035134331d9c194de").unwrap();
         block.header.validator_node_mr =
             FixedHash::from_hex("277da65c40b2cf99db86baedb903a3f0a38540f3a94d40c826eecac7e27d5dfc").unwrap();
     }
@@ -277,7 +277,7 @@ pub fn get_esmeralda_genesis_block() -> ChainBlock {
         block.header.kernel_mr =
             FixedHash::from_hex("f81830934480825e9289e00e45de3ce8e21744e629a2b49e12f1963a8e53d542").unwrap();
         block.header.output_mr =
-            FixedHash::from_hex("9a2172068cedda92629111c0a76250900cba9b3c553943536f9e388df35effba").unwrap();
+            FixedHash::from_hex("877825d5f58127dd6319a9b852dc0d785e6a951f3fd62b6e3f7c306d65541c82").unwrap();
         block.header.validator_node_mr =
             FixedHash::from_hex("277da65c40b2cf99db86baedb903a3f0a38540f3a94d40c826eecac7e27d5dfc").unwrap();
     }

diff --git a/base_layer/core/src/proof_of_work/sha3x_pow.rs b/base_layer/core/src/proof_of_work/sha3x_pow.rs
@@ -98,8 +98,8 @@ pub mod test {
     #[test]
     fn validate_max_target() {
         let mut header = get_header();
-        header.nonce = 6;
+        header.nonce = 154;
         println!("{:?}", header);
-        assert_eq!(sha3x_difficulty(&header).unwrap(), Difficulty::from_u64(899).unwrap());
+        assert_eq!(sha3x_difficulty(&header).unwrap(), Difficulty::from_u64(6564).unwrap());
     }
 }
diff --git a/base_layer/core/src/transactions/transaction_components/mod.rs b/base_layer/core/src/transactions/transaction_components/mod.rs
@@ -101,24 +101,24 @@ pub(super) fn hash_output(
     version: TransactionOutputVersion,
     features: &OutputFeatures,
     commitment: &Commitment,
+    rangeproof_hash: &FixedHash,
     script: &TariScript,
-    covenant: &Covenant,
-    encrypted_data: &EncryptedData,
     sender_offset_public_key: &PublicKey,
     metadata_signature: &ComAndPubSignature,
-    rangeproof_hash: &FixedHash,
+    covenant: &Covenant,
+    encrypted_data: &EncryptedData,
     minimum_value_promise: MicroMinotari,
 ) -> FixedHash {
     let common_hash = DomainSeparatedConsensusHasher::<TransactionHashDomain>::new("transaction_output")
         .chain(&version)
         .chain(features)
         .chain(commitment)
+        .chain(rangeproof_hash)
         .chain(script)
-        .chain(covenant)
-        .chain(encrypted_data)
         .chain(sender_offset_public_key)
-        .chain(rangeproof_hash)
         .chain(metadata_signature)
+        .chain(covenant)
+        .chain(encrypted_data)
         .chain(&minimum_value_promise);
 
     match version {

diff --git a/base_layer/core/src/transactions/transaction_components/transaction_input.rs b/base_layer/core/src/transactions/transaction_components/transaction_input.rs
@@ -430,12 +430,12 @@ impl TransactionInput {
                 *version,
                 features,
                 commitment,
+                rangeproof_hash,
                 script,
-                covenant,
-                encrypted_data,
                 sender_offset_public_key,
                 metadata_signature,
-                rangeproof_hash,
+                covenant,
+                encrypted_data,
                 *minimum_value_promise,
             ),
         }

diff --git a/base_layer/core/src/transactions/transaction_components/transaction_output.rs b/base_layer/core/src/transactions/transaction_components/transaction_output.rs
@@ -209,12 +209,12 @@ impl TransactionOutput {
             self.version,
             &self.features,
             &self.commitment,
+            &rp_hash,
             &self.script,
-            &self.covenant,
-            &self.encrypted_data,
             &self.sender_offset_public_key,
             &self.metadata_signature,
-            &rp_hash,
+            &self.covenant,
+            &self.encrypted_data,
             self.minimum_value_promise,
         )
     }

diff --git a/base_layer/core/src/transactions/transaction_components/wallet_output.rs b/base_layer/core/src/transactions/transaction_components/wallet_output.rs
@@ -296,12 +296,12 @@ impl WalletOutput {
             self.version,
             &self.features,
             &output.commitment,
+            &rp_hash,
             &self.script,
-            &self.covenant,
-            &self.encrypted_data,
             &self.sender_offset_public_key,
             &self.metadata_signature,
-            &rp_hash,
+            &self.covenant,
+            &self.encrypted_data,
             self.minimum_value_promise,
         ))
     }

diff --git a/base_layer/tari_mining_helper_ffi/src/lib.rs b/base_layer/tari_mining_helper_ffi/src/lib.rs
@@ -386,8 +386,8 @@ mod tests {
 
     #[test]
     fn detect_change_in_consensus_encoding() {
-        const NONCE: u64 = 17490136304365714239;
-        let difficulty = Difficulty::from_u64(1913).expect("Failed to create difficulty");
+        const NONCE: u64 = 15177346899007969885;
+        let difficulty = Difficulty::from_u64(10695).expect("Failed to create difficulty");
         unsafe {
             let mut error = -1;
             let error_ptr = &mut error as *mut c_int;