feat: implement CLAIM note nullifier tracking#2610
Open
partylikeits1983 wants to merge 3 commits intoajl-reorient-claim-note-flowfrom
Open
feat: implement CLAIM note nullifier tracking#2610partylikeits1983 wants to merge 3 commits intoajl-reorient-claim-note-flowfrom
partylikeits1983 wants to merge 3 commits intoajl-reorient-claim-note-flowfrom
Conversation
partylikeits1983
added
no changelog
Comment on lines
+376
to
+377
| #! This is analogous to the multisig's `assert_new_tx` procedure which tracks executed | ||
| #! transactions. Here we track consumed CLAIM notes via their PROOF_DATA_KEY. |
Contributor
Author
There was a problem hiding this comment.
Can remove this comment since it might not make sense to someone not familiar with the multisig.
Contributor
There was a problem hiding this comment.
Pull request overview
Implements replay protection for CLAIM notes in the AggLayer bridge account by tracking spent claims via a nullifier map keyed by PROOF_DATA_KEY, and adds an integration test to ensure duplicate claims are rejected.
Changes:
- Added a new bridge storage slot (
claim_nullifiers) to persist spentCLAIMnullifiers. - Updated
bridge_in.masmto check-and-set the nullifier (mirroring the multisigassert_new_txpattern) and introduced a dedicated MASM error. - Added a test that executes a
CLAIMtwice with identicalPROOF_DATAand asserts the second execution fails with the expected error code.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| crates/miden-testing/tests/agglayer/bridge_in.rs | Adds a regression test to ensure a second CLAIM with the same PROOF_DATA_KEY is rejected. |
| crates/miden-agglayer/src/errors/agglayer.rs | Adds generated error constant for “claim note has already been spent”. |
| crates/miden-agglayer/src/bridge.rs | Introduces the new claim_nullifiers storage slot in the bridge component layout and exposes its slot name. |
| crates/miden-agglayer/asm/agglayer/bridge/bridge_in.masm | Adds nullifier tracking logic via native_account::set_map_item and a new error constant. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR implements
CLAIMnote nullifier tracking inside the agglayer bridge account. Additionally, this PR adds a test which attempts to consume two differentCLAIMnotes with the samePROOF_DATA.The nullifier of the
CLAIMnote is defined as theRPOhash ofleaf_index(last 32 bits ofglobal_index) andsource_bridge_network. Will update to useposeidon2once the latest VM version is used in the protocol agglayer branch.Resolves: #2594
Note: Wait until #2528 is merged since this PR is based on
ajl-reorient-claim-note-flowbranch.