Network reset for circuit changes (#3775)

* adds transactionHashToBlockHash chain index (#3761)

* adds transactionHashToBlockHash chain index

adds an index mapping transaction hash to block hash for all transactions on the
main chain. the index will support looking up transactions on the chain using
only the transaction hash. this lookup currently requires a block hash because
the transactions store is keyed by block hash.

the index is a datastore with a TransactionHash (i.e., Buffer) key and a
BlockHash (i.e., Buffer) value.

entries are inserted into the index for each transaction when a block is
connected to the main chain (in saveConnect). entries are deleted from the index
for each transaction when a block is disconnected from the main chain (in
saveDisconnect).

* modify tests

---------

Co-authored-by: danield9tqh <[email protected]>

* makes blockHash optional in chain/getTransaction requests (#3762)

* makes blockHash optional in chain/getTransaction requests

after adding an index from transaction hash to block hash in #3761 we no longer
need to include a block hash in requests to chain/getTransaction. instead we can
use the index to look up the hash of the block on the main chain that includes
that transaction, if any.

- defines 'getHashByTransactionHash' to look up a block hash in
  'transactionHashToBlockHash'
- changes 'blockHash' to an optional request parameter
- adds route tests for chain/getTransaction

* fixes lint

* changes method name to include 'Block' for clarity

* feat(ironfish,rust,rust-nodejs): Update asset derivation (#3744)

* Add nonce to Asset, use blake2s to get asset identifier

This moves away from using a pedersen hash for asset info -> asset
id, instead using a blake2s hash. The nonce is added because not every
blake2s hash maps to a valid point, so this allows the code to silently
retry until it finds a valid point for the given owner, name, metadata.

* Type refactoring

- Introduce AssetIdentifier as a distinct type rather than using it as
  an alias of [u8; 32]. This allows us to utilize the type system so
  that we know if we have an instance of an AssetIdentifier, it is valid
  as an id and that it derives to a valid generator. Requires a little
  more effort on instantiation, but makes the usage of it much cleaner.
- Change Asset Generator to ExtendedPoint. When we instantiate an Asset,
  we hash the asset info into the AssetIdentifier and check that this
  AssetIdentifier hashes to a valid point in the prime group. However,
  we continue utilizing it as an ExtendedPoint type to make validation
  of asset id to asset generator in the circuit easier.
- Introduce Value Commitment Generator. This is the SubgroupPoint
  version of the Asset Generator. This isn't used yet, but will be used
  for the value commitments and value balancing.
- Change Note to take AssetIdentifier instead of Asset Generator. This
  is because the encrypted note contents will contain the
  AssetIdentifier now, not the generator.

This commit ended up being a lot of things together that I would have
preferred to keep separate, but I started in the wrong place and
untangling it to be a useful commit while also keeping the compiler
happy ended up being a lot of work.

* Tweak length consts

* Move AssetIdentifier into its own file

* Start using Value Commitment Generators

We should be using the SubgroupPoint versions of the generators for
value balancing. This is incompatible with the circuits until those are
updated.

* add a quick unit test for Asset::new_with_nonce

* Update mint asset circuit

We use the blake2s hash instead of the pedersen hash, as outlined in the
Asset changes. We also added the nonce to the pre-image.

We are not explicitly checking that the asset id hashes to a valid
generator point in the circuit. This is unnecessary, because the mint
information is public. Since we introduced the AssetIdentifier struct,
which implicitly checks that any asset id instantiated is a valid
generator point, we get this for free when the transaction is serialized
into the Rust as part of calling `batch_verify_transactions`. This also
happens for the burn.

* Update spend circuit

We clear the cofactor and assert that the value commitment generator is
not small order. We're also using the ValueCommitment's Asset Generator
instead of passing it in seperately, which is unnecessary.

* Update output circuit

In addition to the checks added in the previous commit for spend, which
apply here since both circuits use the expose_value_commitment function,
we are also witnessing the asset id deriving the asset generator, and
proving that it is the same one that is being used in the value
commitment

* update temporary params

* Add asset.nonce for Typescript, regen NAPI bindings

* typescript asset store and test updates to handle nonce

* change temporary / dev genesis blocks

* update typescript test fixtures

* feat(rust,zkp): Update personalizations for PRF and value commitment (#3668)

* feat(rust,zkp): Update personalizations for PRF and value commitment

* fix(ironfish): Update fixtures

* feat(rust,zkp): Move asset id check from circuit to consensus (#3686)

* feat(rust,zkp): Move asset id check from circuit to consensus

* feat(rust,zkp): Add `GH_FIRST_BLOCK`

* test(ironfish): Update fixtures

* test(ironfish): Update createTransaction fixture

* test(ironfish): Fix fixtures after a rebuild

* feat(rust): Add `partial_verify` when building spends and outputs (#3687)

* feat(ironfish,rust): Update asset metadata length from 77 to 96 (#3703)

* fix(rust): Instantiating an asset only calls the hash to point function once (#3705)

When instantiating an asset, it was calling `asset_hash_to_point`, and
then converting the hash array into an `AssetIdentifier`, which also
calls `asset_hash_to_point`. Because of this, this function does not
need to call it anymore.

* chore(zkp): Remove unused pedersen personalization (#3706)

* update circuits for trusted setup code

* chore(ironfish): Revert fixtures

---------

Co-authored-by: Mat <[email protected]>
Co-authored-by: mat-if <[email protected]>
Co-authored-by: danield9tqh <[email protected]>

* feat(cli,rust-nodejs,rust,ironfish): Convert keys into buffers (#3767)

* Revert "feat(cli,rust-nodejs,rust,ironfish): Convert keys into buffers (#3767)"

This reverts commit fb2e7f4.

* update fixtures and genesis blocks

* fix simulator import

---------

Co-authored-by: Hugh Cunningham <[email protected]>
Co-authored-by: Rohan Jadvani <[email protected]>
Co-authored-by: Mat <[email protected]>
Co-authored-by: mat-if <[email protected]>
Co-authored-by: Rohan Jadvani <[email protected]>

ironfish-mpc/src/bin/new.rs

@@ -3,6 +3,8 @@ extern crate pairing;
 use std::fs::File;
 use std::io::BufWriter;
 
+use ironfish_zkp::constants::ASSET_ID_LENGTH;
+
 fn main() {
     let params = File::create("params").unwrap();
     let mut params = BufWriter::with_capacity(1024 * 1024, params);
@@ -16,7 +18,6 @@ fn main() {
         ar: None,
         auth_path: vec![None; ironfish_zkp::constants::TREE_DEPTH],
         anchor: None,
-        asset_generator: None,
         sender_address: None,
     })
     .unwrap()
@@ -29,7 +30,7 @@ fn main() {
         payment_address: None,
         commitment_randomness: None,
         esk: None,
-        asset_generator: None,
+        asset_id: [0; ASSET_ID_LENGTH],
         ar: None,
         proof_generation_key: None,
     })
@@ -39,8 +40,6 @@ fn main() {
 
     // Sapling mint circuit
     ironfish_phase2::MPCParameters::new(ironfish_zkp::proofs::MintAsset {
-        name: [0u8; 32],
-        metadata: [0u8; 77],
         proof_generation_key: None,
         public_key_randomness: None,
     })

ironfish-mpc/src/bin/verify.rs

@@ -1,6 +1,7 @@
 extern crate pairing;
 
 use blake2::{Blake2b512, Digest};
+use ironfish_zkp::constants::ASSET_ID_LENGTH;
 use std::fs::File;
 use std::io::BufReader;
 
@@ -26,7 +27,6 @@ fn main() {
             ar: None,
             auth_path: vec![None; ironfish_zkp::constants::TREE_DEPTH],
             anchor: None,
-            asset_generator: None,
             sender_address: None,
         })
         .expect("parameters are invalid");
@@ -37,16 +37,14 @@ fn main() {
             payment_address: None,
             commitment_randomness: None,
             esk: None,
-            asset_generator: None,
+            asset_id: [0; ASSET_ID_LENGTH],
             ar: None,
             proof_generation_key: None,
         })
         .expect("parameters are invalid");
 
     let sapling_mint_contributions = sapling_mint
         .verify(ironfish_zkp::proofs::MintAsset {
-            name: [0u8; 32],
-            metadata: [0u8; 77],
             proof_generation_key: None,
             public_key_randomness: None,
         })

ironfish-rust-nodejs/index.d.ts

@@ -36,7 +36,6 @@ export const ENCRYPTED_NOTE_LENGTH: number
 export const PUBLIC_ADDRESS_LENGTH: number
 export const RANDOMNESS_LENGTH: number
 export const MEMO_LENGTH: number
-export const GENERATOR_LENGTH: number
 export const AMOUNT_VALUE_LENGTH: number
 export const DECRYPTED_NOTE_LENGTH: number
 export interface NativeSpendDescription {
@@ -91,6 +90,7 @@ export class Asset {
   constructor(ownerPrivateKey: string, name: string, metadata: string)
   metadata(): Buffer
   name(): Buffer
+  nonce(): number
   owner(): Buffer
   static nativeId(): Buffer
   id(): Buffer

ironfish-rust-nodejs/index.js

@@ -246,7 +246,7 @@ if (!nativeBinding) {
   throw new Error(`Failed to load native binding`)
 }
 
-const { contribute, verifyTransform, KEY_LENGTH, NONCE_LENGTH, BoxKeyPair, randomBytes, boxMessage, unboxMessage, RollingFilter, initSignalHandler, triggerSegfault, ASSET_ID_LENGTH, ASSET_METADATA_LENGTH, ASSET_NAME_LENGTH, ASSET_OWNER_LENGTH, ASSET_LENGTH, Asset, NOTE_ENCRYPTION_KEY_LENGTH, MAC_LENGTH, ENCRYPTED_NOTE_PLAINTEXT_LENGTH, ENCRYPTED_NOTE_LENGTH, NoteEncrypted, PUBLIC_ADDRESS_LENGTH, RANDOMNESS_LENGTH, MEMO_LENGTH, GENERATOR_LENGTH, AMOUNT_VALUE_LENGTH, DECRYPTED_NOTE_LENGTH, Note, TransactionPosted, PROOF_LENGTH, TRANSACTION_SIGNATURE_LENGTH, TRANSACTION_PUBLIC_KEY_RANDOMNESS_LENGTH, TRANSACTION_EXPIRATION_LENGTH, TRANSACTION_FEE_LENGTH, TRANSACTION_VERSION, Transaction, verifyTransactions, LanguageCode, generateKey, spendingKeyToWords, wordsToSpendingKey, generateKeyFromPrivateKey, initializeSapling, FoundBlockResult, ThreadPoolHandler, isValidPublicAddress } = nativeBinding
+const { contribute, verifyTransform, KEY_LENGTH, NONCE_LENGTH, BoxKeyPair, randomBytes, boxMessage, unboxMessage, RollingFilter, initSignalHandler, triggerSegfault, ASSET_ID_LENGTH, ASSET_METADATA_LENGTH, ASSET_NAME_LENGTH, ASSET_OWNER_LENGTH, ASSET_LENGTH, Asset, NOTE_ENCRYPTION_KEY_LENGTH, MAC_LENGTH, ENCRYPTED_NOTE_PLAINTEXT_LENGTH, ENCRYPTED_NOTE_LENGTH, NoteEncrypted, PUBLIC_ADDRESS_LENGTH, RANDOMNESS_LENGTH, MEMO_LENGTH, AMOUNT_VALUE_LENGTH, DECRYPTED_NOTE_LENGTH, Note, TransactionPosted, PROOF_LENGTH, TRANSACTION_SIGNATURE_LENGTH, TRANSACTION_PUBLIC_KEY_RANDOMNESS_LENGTH, TRANSACTION_EXPIRATION_LENGTH, TRANSACTION_FEE_LENGTH, TRANSACTION_VERSION, Transaction, verifyTransactions, LanguageCode, generateKey, spendingKeyToWords, wordsToSpendingKey, generateKeyFromPrivateKey, initializeSapling, FoundBlockResult, ThreadPoolHandler, isValidPublicAddress } = nativeBinding
 
 module.exports.contribute = contribute
 module.exports.verifyTransform = verifyTransform
@@ -273,7 +273,6 @@ module.exports.NoteEncrypted = NoteEncrypted
 module.exports.PUBLIC_ADDRESS_LENGTH = PUBLIC_ADDRESS_LENGTH
 module.exports.RANDOMNESS_LENGTH = RANDOMNESS_LENGTH
 module.exports.MEMO_LENGTH = MEMO_LENGTH
-module.exports.GENERATOR_LENGTH = GENERATOR_LENGTH
 module.exports.AMOUNT_VALUE_LENGTH = AMOUNT_VALUE_LENGTH
 module.exports.DECRYPTED_NOTE_LENGTH = DECRYPTED_NOTE_LENGTH
 module.exports.Note = Note

ironfish-rust-nodejs/src/structs/asset.rs

@@ -3,9 +3,11 @@
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
 
 use ironfish_rust::{
-    assets::asset::{
-        Asset, ASSET_LENGTH as SERIALIZED_ASSET_LENGTH, ID_LENGTH, METADATA_LENGTH, NAME_LENGTH,
-        NATIVE_ASSET,
+    assets::{
+        asset::{
+            Asset, ASSET_LENGTH as SERIALIZED_ASSET_LENGTH, ID_LENGTH, METADATA_LENGTH, NAME_LENGTH,
+        },
+        asset_identifier::NATIVE_ASSET,
     },
     keys::PUBLIC_ADDRESS_SIZE,
     SaplingKey,
@@ -60,19 +62,24 @@ impl NativeAsset {
         Buffer::from(self.asset.name())
     }
 
+    #[napi]
+    pub fn nonce(&self) -> u8 {
+        self.asset.nonce()
+    }
+
     #[napi]
     pub fn owner(&self) -> Buffer {
         Buffer::from(&self.asset.owner()[..])
     }
 
     #[napi]
     pub fn native_id() -> Buffer {
-        Buffer::from(&NATIVE_ASSET[..])
+        Buffer::from(&NATIVE_ASSET.as_bytes()[..])
     }
 
     #[napi]
     pub fn id(&self) -> Buffer {
-        Buffer::from(&self.asset.id()[..])
+        Buffer::from(&self.asset.id().as_bytes()[..])
     }
 
     #[napi]

ironfish-rust-nodejs/src/structs/note.rs

@@ -3,8 +3,8 @@
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
 
 use ironfish_rust::{
-    assets::asset::{asset_generator_from_id, ID_LENGTH as ASSET_ID_LENGTH},
-    note::{AMOUNT_VALUE_SIZE, GENERATOR_SIZE, MEMO_SIZE, SCALAR_SIZE},
+    assets::asset::ID_LENGTH as ASSET_ID_LENGTH,
+    note::{AMOUNT_VALUE_SIZE, MEMO_SIZE, SCALAR_SIZE},
     ViewKey,
 };
 use napi::{bindgen_prelude::*, JsBuffer};
@@ -25,23 +25,20 @@ pub const RANDOMNESS_LENGTH: u32 = SCALAR_SIZE as u32;
 #[napi]
 pub const MEMO_LENGTH: u32 = MEMO_SIZE as u32;
 
-#[napi]
-pub const GENERATOR_LENGTH: u32 = GENERATOR_SIZE as u32;
-
 #[napi]
 pub const AMOUNT_VALUE_LENGTH: u32 = AMOUNT_VALUE_SIZE as u32;
 
 #[napi]
 pub const DECRYPTED_NOTE_LENGTH: u32 = RANDOMNESS_LENGTH
     + MEMO_LENGTH
-    + GENERATOR_LENGTH
+    + ASSET_ID_LENGTH as u32
     + PUBLIC_ADDRESS_LENGTH
     + AMOUNT_VALUE_LENGTH
     + PUBLIC_ADDRESS_LENGTH;
 //  32 randomness
 //+ 32 memo
 //+ 32 public address
-//+ 32 asset generator
+//+ 32 asset id
 //+ 8  value
 //+ 32 sender address
 //= 168 bytes
@@ -70,16 +67,10 @@ impl NativeNote {
         let asset_id_vec = buffer.as_ref();
         let mut asset_id_bytes = [0; ASSET_ID_LENGTH];
         asset_id_bytes.clone_from_slice(&asset_id_vec[0..ASSET_ID_LENGTH]);
-        let asset_generator = asset_generator_from_id(&asset_id_bytes);
+        let asset_id = asset_id_bytes.try_into().map_err(to_napi_err)?;
 
         Ok(NativeNote {
-            note: Note::new(
-                owner_address,
-                value_u64,
-                memo,
-                asset_generator,
-                sender_address,
-            ),
+            note: Note::new(owner_address, value_u64, memo, asset_id, sender_address),
         })
     }
 
@@ -125,7 +116,7 @@ impl NativeNote {
     /// Asset identifier associated with this note
     #[napi]
     pub fn asset_id(&self) -> Buffer {
-        Buffer::from(&self.note.asset_id()[..])
+        Buffer::from(&self.note.asset_id().as_bytes()[..])
     }
 
     /// Sender of the note

ironfish-rust-nodejs/src/structs/transaction.rs

@@ -5,7 +5,7 @@
 use std::cell::RefCell;
 use std::convert::TryInto;
 
-use ironfish_rust::assets::asset::AssetIdentifier;
+use ironfish_rust::assets::asset_identifier::AssetIdentifier;
 use ironfish_rust::transaction::{
     batch_verify_transactions, TRANSACTION_EXPIRATION_SIZE, TRANSACTION_FEE_SIZE,
     TRANSACTION_PUBLIC_KEY_SIZE, TRANSACTION_SIGNATURE_SIZE,
@@ -222,7 +222,8 @@ impl NativeTransaction {
     #[napi]
     pub fn burn(&mut self, asset_id_js_bytes: JsBuffer, value: BigInt) -> Result<()> {
         let asset_id_bytes = asset_id_js_bytes.into_value()?;
-        let asset_id: AssetIdentifier = asset_id_bytes.as_ref().try_into().map_err(to_napi_err)?;
+        let asset_id = AssetIdentifier::new(asset_id_bytes.as_ref().try_into().unwrap())
+            .map_err(to_napi_err)?;
         let value_u64 = value.get_u64().1;
         self.transaction
             .add_burn(asset_id, value_u64)