ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2026-04-09 13:32:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ARCHIVE:ximinez/acquireAsyncDispatch
Branches Tags
ARCHIVE:develop ARCHIVE:kennyzlei/batch-attackathon ARCHIVE:legleux/linux-packages ARCHIVE:bthomee/picks2 ARCHIVE:ximinez/lending-transitive-amendments ARCHIVE:ximinez/online-delete-lastrotated ARCHIVE:ximinez/emptydirectoryinvariant ARCHIVE:ximinez/vault-test ARCHIVE:ximinez/directory ARCHIVE:ximinez/acquireAsyncDispatch ARCHIVE:ximinez/fix/validator-cache ARCHIVE:ximinez/fix-getledger ARCHIVE:ximinez/number-maxint-range ARCHIVE:ximinez/online-delete-gaps ARCHIVE:mvadari/rearch/account ARCHIVE:ripple/attackathon-april-2026 ARCHIVE:bthomee/bookoffers ARCHIVE:ximinez/revert-coroutine2 ARCHIVE:ripple/confidential-transfer ARCHIVE:bthomee/picks ARCHIVE:mvadari/refactor-tec-deletions ARCHIVE:mvadari/payment-fixes ARCHIVE:ripple/se/supported ARCHIVE:ripple/smart-escrow ARCHIVE:ripple/se/fees ARCHIVE:ripple/wasmi-host-functions ARCHIVE:ripple/wasmi ARCHIVE:copilot/apply-asfdisallowincomingtrustline ARCHIVE:ximinez/lending-sendmulti ARCHIVE:ximinez/lending-shortages ARCHIVE:bthomee/pick ARCHIVE:mvadari/move-more-helpers ARCHIVE:dangell7/batch-v1 ARCHIVE:ximinez/loanpay-assertion ARCHIVE:ripple/staging-313 ARCHIVE:xrplf/smart-contracts ARCHIVE:bthomee/iops ARCHIVE:copilot/add-augmented-submit-fields ARCHIVE:copilot/remove-non-canonical-fields ARCHIVE:mvadari/fix-bad-cast ARCHIVE:copilot/fix-5adea215-d850-4ab8-a595-b04e63e948a6 ARCHIVE:tapanito/vault-rounding-fix ARCHIVE:tapanito/invariant-bugfix ARCHIVE:tapanito/staging-fix-vault-clawback-clamp ARCHIVE:tapanito/staging-lending-assorted-fixes ARCHIVE:bthomee/node_depth ARCHIVE:copilot/add-ctid-to-ledger-response ARCHIVE:pratik/Fix-ubsan-flagged-issues ARCHIVE:a1q123456/new-jtx ARCHIVE:copilot/convert-boost-to-std-string-view ARCHIVE:copilot/fix-vetoed-type-error ARCHIVE:a1q123456/remove-const-cast-from-tagged-cache ARCHIVE:release-3.2 ARCHIVE:ximinez/assetsmaximum-wip ARCHIVE:a1q123456/minor-cleanup-for-network-ops ARCHIVE:pratik/otel-phase10-workload-validation ARCHIVE:pratik/otel-phase9-metric-gap-fill ARCHIVE:pratik/otel-phase8-log-correlation ARCHIVE:pratik/otel-phase7-native-metrics ARCHIVE:pratik/otel-phase6-statsd ARCHIVE:pratik/otel-phase5b-spans ARCHIVE:pratik/otel-phase5-docs-deployment ARCHIVE:pratik/otel-phase4-consensus-tracing ARCHIVE:pratik/otel-phase3-tx-tracing ARCHIVE:pratik/otel-phase2-rpc-tracing ARCHIVE:pratik/otel-phase1c-rpc-integration ARCHIVE:pratik/otel-phase1b-telemetry-infra ARCHIVE:pratik/otel-phase1a-plan-docs ARCHIVE:a1q123456/refactor-code-generation-process ARCHIVE:tapanito/vault-block-deposit ARCHIVE:tapanito/vault-donation ARCHIVE:tapanito/loan-broker-set ARCHIVE:tapanito/transaction-invariant ARCHIVE:tapanito/lending-impairment ARCHIVE:tapanito/vault-share-pricing ARCHIVE:tapanito/transactor-invariant-pt2 ARCHIVE:tapanito/lending-fix-amendment ARCHIVE:a1q123456/support-lending-in-batch ARCHIVE:a1q123456/default-cover-optimisation ARCHIVE:a1q123456/adding-perimissioned-domain-to-lending ARCHIVE:pratik/std-coro/cleanup-boost-coroutine ARCHIVE:pratik/std-coro/migrate-test-code ARCHIVE:pratik/std-coro/tsan-fixes ARCHIVE:pratik/std-coro/migrate-entry-points ARCHIVE:pratik/std-coro/add-coroutine-primitives ARCHIVE:pratik/Swtich-to-std-coroutines ARCHIVE:pratik/test-tsan-and-gcc14-asan ARCHIVE:mvadari/rearch/token-holder ARCHIVE:mvadari/rearch/token ARCHIVE:mvadari/rearch/token-refactor ARCHIVE:tapanito/vault-bugfixes ARCHIVE:vlntb/mem-leak-ledger-history-3 ARCHIVE:ripple/confidential-devnet ARCHIVE:tapanito/poc-vault-valuation ARCHIVE:mvadari/ammdeposit-blank ARCHIVE:release-3.1 ARCHIVE:legleux/fix-vkt-missing ARCHIVE:pratik/AutomatedHarness ARCHIVE:tapanito/invariant-architecture ARCHIVE:bthomee/ripplerpc ARCHIVE:legleux/debian ARCHIVE:tapanito/tx-restructure ARCHIVE:tapanito/vault-invariant-tests ARCHIVE:legleux/test_gl ARCHIVE:dangell7/add-claude ARCHIVE:legleux/trigger_runner ARCHIVE:copilot/fix-f350b804-905b-4a06-ab84-d0f12e5b0dd1 ARCHIVE:vlntb/grpc-fd-guard ARCHIVE:pratik/Add_checks_db_objects ARCHIVE:pratik/OpenTelemetry_and_DistributedTracing_planning ARCHIVE:ximinez/number_asan ARCHIVE:pratik/Fix_asan_lsan_flagged_issues ARCHIVE:pratik/use_boost_coroutine2 ARCHIVE:pratik/Reduce-recursion-to-iterative-loop ARCHIVE:vvysokikh1/fix-positive-balance-trustline-pay-no-reserve ARCHIVE:ripple/wasmi-perf-test ARCHIVE:legleux/build ARCHIVE:legleux/art_upload ARCHIVE:mlegleux/art_upload ARCHIVE:ripple/permission-delegation-devnet ARCHIVE:tapanito/lending-fix-data-field ARCHIVE:dangell7/fix-token-escrow ARCHIVE:a1q123456/fix-worker-memory-ordering-issue-on-arm ARCHIVE:a1q123456/fix-job-queue-stop ARCHIVE:vvysokikh1/simplify-apply-manifest ARCHIVE:vlntb/number-perf-experiments-3 ARCHIVE:copilot/sub-pr-5439 ARCHIVE:a1q123456/investigate-subcribe-test ARCHIVE:tapanito/lending-remove-liquidation-rate ARCHIVE:vlntb/number-perf-experiments-2 ARCHIVE:pratik/build_time_test ARCHIVE:pratik/Move-includes-to-cpp-files ARCHIVE:vlntb/number-perf-experiments-1 ARCHIVE:pratik/Migrate-Rippled-embedded-tests-to-doctest-format ARCHIVE:pratik/sanitizers-demo ARCHIVE:a1q123456/modularise-transactors ARCHIVE:vlntb/number-perf-experiments ARCHIVE:a1q123456/modularise-jtx ARCHIVE:bthomee/macos ARCHIVE:vlntb/RIPD-4257-fix-tecFROZEN ARCHIVE:dangell/smart-contracts ARCHIVE:bthomee/matrix ARCHIVE:ripple/smart-escrow-srlabs ARCHIVE:pratik/Fix_Sanitizer_flagged_issues ARCHIVE:pratik/Migrate-Rippled-Embedded-tests-to-DoCtests ARCHIVE:ximinez/lending-number-testci ARCHIVE:gregtatcam/bugs/ripd-4340 ARCHIVE:release-3.0 ARCHIVE:vlntb/RIPD-4307-fix-err-tecNOPERMISSION ARCHIVE:vlntb/shamap-structure-tracking ARCHIVE:ripple/smart-escrow2 ARCHIVE:vlntb/boundaries-from-murat ARCHIVE:ximinez/lending-number-fixapi ARCHIVE:release ARCHIVE:vlntb/taggedcache-lock-per-partition-v2 ARCHIVE:ximinez/lending-number-stnumber-deadend ARCHIVE:ximinez/lending-number-explicit-deadend ARCHIVE:gregtatcam/lending-protocol/refactor-payment ARCHIVE:ximinez/lending-rebased ARCHIVE:pratik/openssl_111_perf_test ARCHIVE:pratik/openssl-3.6.0-alpha-performance-test ARCHIVE:pratik/openssl_354_test ARCHIVE:ripple/wamr-host-functions ARCHIVE:ripple/wamr ARCHIVE:pratik/Retire_fixUniversalNumber_amendment ARCHIVE:pratik/Remove-fixRemoveNFTokenAutoTrustLine-amendment ARCHIVE:zhang/groth16 ARCHIVE:a1q123456/fix-crash-in-shamap ARCHIVE:bthomee/cmake_ci ARCHIVE:vlntb/RIPD-2536-taggedcache-expire-now ARCHIVE:a1q123456/fix-windows-runner-build-dep-speed-test ARCHIVE:vlntb/mem-leak-ledger-history ARCHIVE:master ARCHIVE:a1q123456/structured-logs-support-performance-test-final ARCHIVE:a1q123456/structured-logs-support ARCHIVE:a1q123456/strongly-typed-ledger-objects ARCHIVE:dangell7/canonical-tx-tests ARCHIVE:a1q123456/fix-job-queue-stop-2 ARCHIVE:a1q123456/structured-logs-support-performance-test-7 ARCHIVE:a1q123456/rust-integration ARCHIVE:dangell7/subscriptions ARCHIVE:a1q123456/structured-logs-support-performance-test-7-2 ARCHIVE:tapanito/refactor/peerimp-socket ARCHIVE:ximinez/mvadari/stpj-int-tests ARCHIVE:hotfix2.5.1 ARCHIVE:Bronek/add-build-selected-commit ARCHIVE:ximinez/treeol/nudbBlockSize ARCHIVE:tapanito/feature/shutdown-handshake ARCHIVE:a1q123456/structured-logs-support-performance-test-6 ARCHIVE:a1q123456/structured-logs-support-performance-test-4 ARCHIVE:a1q123456/structured-logs-support-performance-test-3 ARCHIVE:a1q123456/structured-logs-support-performance-test-2 ARCHIVE:a1q123456/structured-logs-support-performance-test ARCHIVE:ximinez/test-nudb ARCHIVE:vlntb/tagged-cache-stats ARCHIVE:vlntb/move-taggedcache-lock-base ARCHIVE:tapanito/feature/enhanced-squelching ARCHIVE:a1q123456/strongly-typed-ledger-objects-demo ARCHIVE:a1q123456/remove-const-cast-from-tagged-cache-2 ARCHIVE:vlntb/anotate-tagged-cache-sweeps ARCHIVE:tapanito/breaking-loan ARCHIVE:dangell/loans ARCHIVE:ci/a1q123456-attempt-to-fix-ci ARCHIVE:vlntb/inbound-ledgers-cache ARCHIVE:ci/use-new-macos-runners ARCHIVE:dangell/relay ARCHIVE:ci/a1q123456-test-ci ARCHIVE:a1q123456/use-new-macos-runners ARCHIVE:vlntb/refactore-barrier-semaphore ARCHIVE:revert-5510-a1q123456/add-new-macro ARCHIVE:a1q123456/migrate-some-tests ARCHIVE:vlntb/lock-contention-analysis ARCHIVE:a1q123456/test-blake3 ARCHIVE:vlntb/accounts-growth-combined ARCHIVE:a1q123456/test-xxhash-signle-shot-hash ARCHIVE:a1q123456/windows-test ARCHIVE:ci/windows-test ARCHIVE:tapanito/experiment/squelch ARCHIVE:vlntb/number-of-sweeps ARCHIVE:a1q123456/test-xxhash-original-hash ARCHIVE:vlntb/job-queue-latency ARCHIVE:vlntb/remove-node-hash ARCHIVE:ximinez/lending-XLS-66-archive-2 ARCHIVE:ximinez/lending-XLS-66-archive ARCHIVE:vlntb/transport-traces ARCHIVE:vlntb/fix-peer-disconnects-ping ARCHIVE:vlntb/RIPD-2525-taggedcache-single-threaded ARCHIVE:vlntb/RIPD-2446-getNodeFat-error ARCHIVE:ximinez/action-job-names ARCHIVE:q73zhao/release-2.4.0-perf-investigation ARCHIVE:hooks ARCHIVE:sidechain
ARCHIVE:3.2.0-b3 ARCHIVE:3.2.0-b2 ARCHIVE:3.2.0-b1 ARCHIVE:3.1.2 ARCHIVE:3.1.1 ARCHIVE:3.1.1-rc1 ARCHIVE:3.1.0 ARCHIVE:3.1.0-rc2 ARCHIVE:3.1.0-rc1 ARCHIVE:3.1.0-b1 ARCHIVE:3.0.0 ARCHIVE:3.0.0-rc2 ARCHIVE:2.6.2 ARCHIVE:3.1.0-b0 ARCHIVE:3.0.0-rc1 ARCHIVE:3.0.0-b1 ARCHIVE:2.6.1 ARCHIVE:2.6.1-rc2 ARCHIVE:2.6.1-rc1 ARCHIVE:2.5.1 ARCHIVE:2.6.0 ARCHIVE:2.6.0-rc3 ARCHIVE:2.6.0-rc2 ARCHIVE:2.6.0-rc1 ARCHIVE:smart-escrow-devnet4 ARCHIVE:2.5.0 ARCHIVE:2.5.0-rc2 ARCHIVE:2.5.0-rc1 ARCHIVE:smart-escrow-devnet3 ARCHIVE:2.5.0-b1 ARCHIVE:2.4.0 ARCHIVE:2.4.0-rc4 ARCHIVE:2.4.0-b3 ARCHIVE:2.3.1 ARCHIVE:2.3.1-rc1 ARCHIVE:2.3.0 ARCHIVE:2.3.0-rc2 ARCHIVE:2.3.0-rc1 ARCHIVE:2.3.0-b4 ARCHIVE:2.2.3 ARCHIVE:2.2.2 ARCHIVE:2.3.0-b2 ARCHIVE:2.2.1 ARCHIVE:2.3.0-b1 ARCHIVE:2.2.0 ARCHIVE:2.2.0-rc3 ARCHIVE:2.2.0-rc2 ARCHIVE:2.2.0-rc1 ARCHIVE:2.2.0-b3 ARCHIVE:2.2.0-b2 ARCHIVE:2.1.1 ARCHIVE:2.2.0-b1 ARCHIVE:2.1.0 ARCHIVE:2.1.0-rc1 ARCHIVE:2.0.1 ARCHIVE:2.0.1-rc1 ARCHIVE:2.0.1-b1 ARCHIVE:2.0.0 ARCHIVE:2.0.0-rc7 ARCHIVE:2.0.0-rc6 ARCHIVE:2.0.0-rc5 ARCHIVE:2.0.0-rc4 ARCHIVE:2.0.0-rc3 ARCHIVE:2.0.0-b4 ARCHIVE:2.0.0-b3 ARCHIVE:2.0.0-b2 ARCHIVE:2.0.0-b1 ARCHIVE:1.12.0 ARCHIVE:1.12 ARCHIVE:1.12.0-b2 ARCHIVE:1.12.0-b1 ARCHIVE:1.11.0 ARCHIVE:1.10.1 ARCHIVE:1.10.0 ARCHIVE:1.10.0-rc4 ARCHIVE:1.9.4 ARCHIVE:1.9.3 ARCHIVE:1.9.2 ARCHIVE:1.9.1 ARCHIVE:1.9.0 ARCHIVE:1.8.5 ARCHIVE:1.8.4 ARCHIVE:1.8.3 ARCHIVE:1.8.2 ARCHIVE:1.8.1 ARCHIVE:1.7.3 ARCHIVE:1.7.2 ARCHIVE:1.7.0 ARCHIVE:1.6.0 ARCHIVE:1.5.0 ARCHIVE:1.4.0 ARCHIVE:1.3.1 ARCHIVE:1.3.0 ARCHIVE:1.2.4 ARCHIVE:1.2.3 ARCHIVE:1.2.2 ARCHIVE:1.2.1 ARCHIVE:1.2.0 ARCHIVE:1.1.2 ARCHIVE:1.1.1 ARCHIVE:1.1.0 ARCHIVE:1.0.1 ARCHIVE:1.0.0 ARCHIVE:0.90.1 ARCHIVE:0.90.0 ARCHIVE:0.81.0 ARCHIVE:0.80.2 ARCHIVE:0.80.1 ARCHIVE:0.80.0 ARCHIVE:0.70.2 ARCHIVE:0.70.1 ARCHIVE:0.70.0 ARCHIVE:0.60.3 ARCHIVE:0.60.2 ARCHIVE:0.60.1 ARCHIVE:0.60.0 ARCHIVE:0.50.3 ARCHIVE:0.50.2 ARCHIVE:0.50.0 ARCHIVE:0.50.0-rc2 ARCHIVE:0.50.0-rc1 ARCHIVE:0.40.1 ARCHIVE:0.40.0 ARCHIVE:0.33.0-hf1 ARCHIVE:0.33.0 ARCHIVE:0.32.1 ARCHIVE:0.32.0 ARCHIVE:0.31.2 ARCHIVE:0.31.0 ARCHIVE:0.30.1-hf2 ARCHIVE:0.30.1-hf1 ARCHIVE:0.30.1 ARCHIVE:0.30.0-hf2 ARCHIVE:0.30.1-rc2 ARCHIVE:0.30.1-rc1 ARCHIVE:0.30.0-hf1 ARCHIVE:0.30.0 ARCHIVE:0.30.0-rc1 ARCHIVE:0.29.1-rc1 ARCHIVE:0.29.0-hf1 ARCHIVE:0.29.0 ARCHIVE:0.28.2 ARCHIVE:0.28.1 ARCHIVE:0.28.1-rc2 ARCHIVE:0.28.1-rc1 ARCHIVE:0.28.0 ARCHIVE:0.28.0-rc1 ARCHIVE:0.27.4 ARCHIVE:0.27.3-sp2 ARCHIVE:0.27.3-sp1 ARCHIVE:0.27.3 ARCHIVE:0.27.2 ARCHIVE:0.27.1 ARCHIVE:0.27.1-rc1 ARCHIVE:0.27.0 ARCHIVE:0.26.4-sp3 ARCHIVE:0.26.4-sp2 ARCHIVE:0.26.4-sp1 ARCHIVE:0.26.4 ARCHIVE:0.26.3-sp4 ARCHIVE:0.26.3-sp1 ARCHIVE:0.26.2 ARCHIVE:0.26.1 ARCHIVE:0.26.0 ARCHIVE:0.25.2 ARCHIVE:0.25.1 ARCHIVE:0.25.0 ARCHIVE:0.24.0 ARCHIVE:0.24.0-rc2 ARCHIVE:0.23.0 ARCHIVE:0.22.0 ARCHIVE:0.21.0 ARCHIVE:0.20.1 ARCHIVE:0.20.0 ARCHIVE:0.19.2 ARCHIVE:0.19.1 ARCHIVE:0.19.0 ARCHIVE:0.18.0 ARCHIVE:0.17.0 ARCHIVE:0.16.0 ARCHIVE:0.15.0 ARCHIVE:0.14.0 ARCHIVE:0.12.0
...
compare: ARCHIVE:ripple/attackathon-april-2026
Branches Tags
ARCHIVE:kennyzlei/batch-attackathon ARCHIVE:legleux/linux-packages ARCHIVE:bthomee/picks2 ARCHIVE:ximinez/lending-transitive-amendments ARCHIVE:ximinez/online-delete-lastrotated ARCHIVE:ximinez/emptydirectoryinvariant ARCHIVE:ximinez/vault-test ARCHIVE:ximinez/directory ARCHIVE:ximinez/acquireAsyncDispatch ARCHIVE:ximinez/fix/validator-cache ARCHIVE:ximinez/fix-getledger ARCHIVE:ximinez/number-maxint-range ARCHIVE:ximinez/online-delete-gaps ARCHIVE:develop ARCHIVE:mvadari/rearch/account ARCHIVE:ripple/attackathon-april-2026 ARCHIVE:bthomee/bookoffers ARCHIVE:ximinez/revert-coroutine2 ARCHIVE:ripple/confidential-transfer ARCHIVE:bthomee/picks ARCHIVE:mvadari/refactor-tec-deletions ARCHIVE:mvadari/payment-fixes ARCHIVE:ripple/se/supported ARCHIVE:ripple/smart-escrow ARCHIVE:ripple/se/fees ARCHIVE:ripple/wasmi-host-functions ARCHIVE:ripple/wasmi ARCHIVE:copilot/apply-asfdisallowincomingtrustline ARCHIVE:ximinez/lending-sendmulti ARCHIVE:ximinez/lending-shortages ARCHIVE:bthomee/pick ARCHIVE:mvadari/move-more-helpers ARCHIVE:dangell7/batch-v1 ARCHIVE:ximinez/loanpay-assertion ARCHIVE:ripple/staging-313 ARCHIVE:xrplf/smart-contracts ARCHIVE:bthomee/iops ARCHIVE:copilot/add-augmented-submit-fields ARCHIVE:copilot/remove-non-canonical-fields ARCHIVE:mvadari/fix-bad-cast ARCHIVE:copilot/fix-5adea215-d850-4ab8-a595-b04e63e948a6 ARCHIVE:tapanito/vault-rounding-fix ARCHIVE:tapanito/invariant-bugfix ARCHIVE:tapanito/staging-fix-vault-clawback-clamp ARCHIVE:tapanito/staging-lending-assorted-fixes ARCHIVE:bthomee/node_depth ARCHIVE:copilot/add-ctid-to-ledger-response ARCHIVE:pratik/Fix-ubsan-flagged-issues ARCHIVE:a1q123456/new-jtx ARCHIVE:copilot/convert-boost-to-std-string-view ARCHIVE:copilot/fix-vetoed-type-error ARCHIVE:a1q123456/remove-const-cast-from-tagged-cache ARCHIVE:release-3.2 ARCHIVE:ximinez/assetsmaximum-wip ARCHIVE:a1q123456/minor-cleanup-for-network-ops ARCHIVE:pratik/otel-phase10-workload-validation ARCHIVE:pratik/otel-phase9-metric-gap-fill ARCHIVE:pratik/otel-phase8-log-correlation ARCHIVE:pratik/otel-phase7-native-metrics ARCHIVE:pratik/otel-phase6-statsd ARCHIVE:pratik/otel-phase5b-spans ARCHIVE:pratik/otel-phase5-docs-deployment ARCHIVE:pratik/otel-phase4-consensus-tracing ARCHIVE:pratik/otel-phase3-tx-tracing ARCHIVE:pratik/otel-phase2-rpc-tracing ARCHIVE:pratik/otel-phase1c-rpc-integration ARCHIVE:pratik/otel-phase1b-telemetry-infra ARCHIVE:pratik/otel-phase1a-plan-docs ARCHIVE:a1q123456/refactor-code-generation-process ARCHIVE:tapanito/vault-block-deposit ARCHIVE:tapanito/vault-donation ARCHIVE:tapanito/loan-broker-set ARCHIVE:tapanito/transaction-invariant ARCHIVE:tapanito/lending-impairment ARCHIVE:tapanito/vault-share-pricing ARCHIVE:tapanito/transactor-invariant-pt2 ARCHIVE:tapanito/lending-fix-amendment ARCHIVE:a1q123456/support-lending-in-batch ARCHIVE:a1q123456/default-cover-optimisation ARCHIVE:a1q123456/adding-perimissioned-domain-to-lending ARCHIVE:pratik/std-coro/cleanup-boost-coroutine ARCHIVE:pratik/std-coro/migrate-test-code ARCHIVE:pratik/std-coro/tsan-fixes ARCHIVE:pratik/std-coro/migrate-entry-points ARCHIVE:pratik/std-coro/add-coroutine-primitives ARCHIVE:pratik/Swtich-to-std-coroutines ARCHIVE:pratik/test-tsan-and-gcc14-asan ARCHIVE:mvadari/rearch/token-holder ARCHIVE:mvadari/rearch/token ARCHIVE:mvadari/rearch/token-refactor ARCHIVE:tapanito/vault-bugfixes ARCHIVE:vlntb/mem-leak-ledger-history-3 ARCHIVE:ripple/confidential-devnet ARCHIVE:tapanito/poc-vault-valuation ARCHIVE:mvadari/ammdeposit-blank ARCHIVE:release-3.1 ARCHIVE:legleux/fix-vkt-missing ARCHIVE:pratik/AutomatedHarness ARCHIVE:tapanito/invariant-architecture ARCHIVE:bthomee/ripplerpc ARCHIVE:legleux/debian ARCHIVE:tapanito/tx-restructure ARCHIVE:tapanito/vault-invariant-tests ARCHIVE:legleux/test_gl ARCHIVE:dangell7/add-claude ARCHIVE:legleux/trigger_runner ARCHIVE:copilot/fix-f350b804-905b-4a06-ab84-d0f12e5b0dd1 ARCHIVE:vlntb/grpc-fd-guard ARCHIVE:pratik/Add_checks_db_objects ARCHIVE:pratik/OpenTelemetry_and_DistributedTracing_planning ARCHIVE:ximinez/number_asan ARCHIVE:pratik/Fix_asan_lsan_flagged_issues ARCHIVE:pratik/use_boost_coroutine2 ARCHIVE:pratik/Reduce-recursion-to-iterative-loop ARCHIVE:vvysokikh1/fix-positive-balance-trustline-pay-no-reserve ARCHIVE:ripple/wasmi-perf-test ARCHIVE:legleux/build ARCHIVE:legleux/art_upload ARCHIVE:mlegleux/art_upload ARCHIVE:ripple/permission-delegation-devnet ARCHIVE:tapanito/lending-fix-data-field ARCHIVE:dangell7/fix-token-escrow ARCHIVE:a1q123456/fix-worker-memory-ordering-issue-on-arm ARCHIVE:a1q123456/fix-job-queue-stop ARCHIVE:vvysokikh1/simplify-apply-manifest ARCHIVE:vlntb/number-perf-experiments-3 ARCHIVE:copilot/sub-pr-5439 ARCHIVE:a1q123456/investigate-subcribe-test ARCHIVE:tapanito/lending-remove-liquidation-rate ARCHIVE:vlntb/number-perf-experiments-2 ARCHIVE:pratik/build_time_test ARCHIVE:pratik/Move-includes-to-cpp-files ARCHIVE:vlntb/number-perf-experiments-1 ARCHIVE:pratik/Migrate-Rippled-embedded-tests-to-doctest-format ARCHIVE:pratik/sanitizers-demo ARCHIVE:a1q123456/modularise-transactors ARCHIVE:vlntb/number-perf-experiments ARCHIVE:a1q123456/modularise-jtx ARCHIVE:bthomee/macos ARCHIVE:vlntb/RIPD-4257-fix-tecFROZEN ARCHIVE:dangell/smart-contracts ARCHIVE:bthomee/matrix ARCHIVE:ripple/smart-escrow-srlabs ARCHIVE:pratik/Fix_Sanitizer_flagged_issues ARCHIVE:pratik/Migrate-Rippled-Embedded-tests-to-DoCtests ARCHIVE:ximinez/lending-number-testci ARCHIVE:gregtatcam/bugs/ripd-4340 ARCHIVE:release-3.0 ARCHIVE:vlntb/RIPD-4307-fix-err-tecNOPERMISSION ARCHIVE:vlntb/shamap-structure-tracking ARCHIVE:ripple/smart-escrow2 ARCHIVE:vlntb/boundaries-from-murat ARCHIVE:ximinez/lending-number-fixapi ARCHIVE:release ARCHIVE:vlntb/taggedcache-lock-per-partition-v2 ARCHIVE:ximinez/lending-number-stnumber-deadend ARCHIVE:ximinez/lending-number-explicit-deadend ARCHIVE:gregtatcam/lending-protocol/refactor-payment ARCHIVE:ximinez/lending-rebased ARCHIVE:pratik/openssl_111_perf_test ARCHIVE:pratik/openssl-3.6.0-alpha-performance-test ARCHIVE:pratik/openssl_354_test ARCHIVE:ripple/wamr-host-functions ARCHIVE:ripple/wamr ARCHIVE:pratik/Retire_fixUniversalNumber_amendment ARCHIVE:pratik/Remove-fixRemoveNFTokenAutoTrustLine-amendment ARCHIVE:zhang/groth16 ARCHIVE:a1q123456/fix-crash-in-shamap ARCHIVE:bthomee/cmake_ci ARCHIVE:vlntb/RIPD-2536-taggedcache-expire-now ARCHIVE:a1q123456/fix-windows-runner-build-dep-speed-test ARCHIVE:vlntb/mem-leak-ledger-history ARCHIVE:master ARCHIVE:a1q123456/structured-logs-support-performance-test-final ARCHIVE:a1q123456/structured-logs-support ARCHIVE:a1q123456/strongly-typed-ledger-objects ARCHIVE:dangell7/canonical-tx-tests ARCHIVE:a1q123456/fix-job-queue-stop-2 ARCHIVE:a1q123456/structured-logs-support-performance-test-7 ARCHIVE:a1q123456/rust-integration ARCHIVE:dangell7/subscriptions ARCHIVE:a1q123456/structured-logs-support-performance-test-7-2 ARCHIVE:tapanito/refactor/peerimp-socket ARCHIVE:ximinez/mvadari/stpj-int-tests ARCHIVE:hotfix2.5.1 ARCHIVE:Bronek/add-build-selected-commit ARCHIVE:ximinez/treeol/nudbBlockSize ARCHIVE:tapanito/feature/shutdown-handshake ARCHIVE:a1q123456/structured-logs-support-performance-test-6 ARCHIVE:a1q123456/structured-logs-support-performance-test-4 ARCHIVE:a1q123456/structured-logs-support-performance-test-3 ARCHIVE:a1q123456/structured-logs-support-performance-test-2 ARCHIVE:a1q123456/structured-logs-support-performance-test ARCHIVE:ximinez/test-nudb ARCHIVE:vlntb/tagged-cache-stats ARCHIVE:vlntb/move-taggedcache-lock-base ARCHIVE:tapanito/feature/enhanced-squelching ARCHIVE:a1q123456/strongly-typed-ledger-objects-demo ARCHIVE:a1q123456/remove-const-cast-from-tagged-cache-2 ARCHIVE:vlntb/anotate-tagged-cache-sweeps ARCHIVE:tapanito/breaking-loan ARCHIVE:dangell/loans ARCHIVE:ci/a1q123456-attempt-to-fix-ci ARCHIVE:vlntb/inbound-ledgers-cache ARCHIVE:ci/use-new-macos-runners ARCHIVE:dangell/relay ARCHIVE:ci/a1q123456-test-ci ARCHIVE:a1q123456/use-new-macos-runners ARCHIVE:vlntb/refactore-barrier-semaphore ARCHIVE:revert-5510-a1q123456/add-new-macro ARCHIVE:a1q123456/migrate-some-tests ARCHIVE:vlntb/lock-contention-analysis ARCHIVE:a1q123456/test-blake3 ARCHIVE:vlntb/accounts-growth-combined ARCHIVE:a1q123456/test-xxhash-signle-shot-hash ARCHIVE:a1q123456/windows-test ARCHIVE:ci/windows-test ARCHIVE:tapanito/experiment/squelch ARCHIVE:vlntb/number-of-sweeps ARCHIVE:a1q123456/test-xxhash-original-hash ARCHIVE:vlntb/job-queue-latency ARCHIVE:vlntb/remove-node-hash ARCHIVE:ximinez/lending-XLS-66-archive-2 ARCHIVE:ximinez/lending-XLS-66-archive ARCHIVE:vlntb/transport-traces ARCHIVE:vlntb/fix-peer-disconnects-ping ARCHIVE:vlntb/RIPD-2525-taggedcache-single-threaded ARCHIVE:vlntb/RIPD-2446-getNodeFat-error ARCHIVE:ximinez/action-job-names ARCHIVE:q73zhao/release-2.4.0-perf-investigation ARCHIVE:hooks ARCHIVE:sidechain
ARCHIVE:3.2.0-b3 ARCHIVE:3.2.0-b2 ARCHIVE:3.2.0-b1 ARCHIVE:3.1.2 ARCHIVE:3.1.1 ARCHIVE:3.1.1-rc1 ARCHIVE:3.1.0 ARCHIVE:3.1.0-rc2 ARCHIVE:3.1.0-rc1 ARCHIVE:3.1.0-b1 ARCHIVE:3.0.0 ARCHIVE:3.0.0-rc2 ARCHIVE:2.6.2 ARCHIVE:3.1.0-b0 ARCHIVE:3.0.0-rc1 ARCHIVE:3.0.0-b1 ARCHIVE:2.6.1 ARCHIVE:2.6.1-rc2 ARCHIVE:2.6.1-rc1 ARCHIVE:2.5.1 ARCHIVE:2.6.0 ARCHIVE:2.6.0-rc3 ARCHIVE:2.6.0-rc2 ARCHIVE:2.6.0-rc1 ARCHIVE:smart-escrow-devnet4 ARCHIVE:2.5.0 ARCHIVE:2.5.0-rc2 ARCHIVE:2.5.0-rc1 ARCHIVE:smart-escrow-devnet3 ARCHIVE:2.5.0-b1 ARCHIVE:2.4.0 ARCHIVE:2.4.0-rc4 ARCHIVE:2.4.0-b3 ARCHIVE:2.3.1 ARCHIVE:2.3.1-rc1 ARCHIVE:2.3.0 ARCHIVE:2.3.0-rc2 ARCHIVE:2.3.0-rc1 ARCHIVE:2.3.0-b4 ARCHIVE:2.2.3 ARCHIVE:2.2.2 ARCHIVE:2.3.0-b2 ARCHIVE:2.2.1 ARCHIVE:2.3.0-b1 ARCHIVE:2.2.0 ARCHIVE:2.2.0-rc3 ARCHIVE:2.2.0-rc2 ARCHIVE:2.2.0-rc1 ARCHIVE:2.2.0-b3 ARCHIVE:2.2.0-b2 ARCHIVE:2.1.1 ARCHIVE:2.2.0-b1 ARCHIVE:2.1.0 ARCHIVE:2.1.0-rc1 ARCHIVE:2.0.1 ARCHIVE:2.0.1-rc1 ARCHIVE:2.0.1-b1 ARCHIVE:2.0.0 ARCHIVE:2.0.0-rc7 ARCHIVE:2.0.0-rc6 ARCHIVE:2.0.0-rc5 ARCHIVE:2.0.0-rc4 ARCHIVE:2.0.0-rc3 ARCHIVE:2.0.0-b4 ARCHIVE:2.0.0-b3 ARCHIVE:2.0.0-b2 ARCHIVE:2.0.0-b1 ARCHIVE:1.12.0 ARCHIVE:1.12 ARCHIVE:1.12.0-b2 ARCHIVE:1.12.0-b1 ARCHIVE:1.11.0 ARCHIVE:1.10.1 ARCHIVE:1.10.0 ARCHIVE:1.10.0-rc4 ARCHIVE:1.9.4 ARCHIVE:1.9.3 ARCHIVE:1.9.2 ARCHIVE:1.9.1 ARCHIVE:1.9.0 ARCHIVE:1.8.5 ARCHIVE:1.8.4 ARCHIVE:1.8.3 ARCHIVE:1.8.2 ARCHIVE:1.8.1 ARCHIVE:1.7.3 ARCHIVE:1.7.2 ARCHIVE:1.7.0 ARCHIVE:1.6.0 ARCHIVE:1.5.0 ARCHIVE:1.4.0 ARCHIVE:1.3.1 ARCHIVE:1.3.0 ARCHIVE:1.2.4 ARCHIVE:1.2.3 ARCHIVE:1.2.2 ARCHIVE:1.2.1 ARCHIVE:1.2.0 ARCHIVE:1.1.2 ARCHIVE:1.1.1 ARCHIVE:1.1.0 ARCHIVE:1.0.1 ARCHIVE:1.0.0 ARCHIVE:0.90.1 ARCHIVE:0.90.0 ARCHIVE:0.81.0 ARCHIVE:0.80.2 ARCHIVE:0.80.1 ARCHIVE:0.80.0 ARCHIVE:0.70.2 ARCHIVE:0.70.1 ARCHIVE:0.70.0 ARCHIVE:0.60.3 ARCHIVE:0.60.2 ARCHIVE:0.60.1 ARCHIVE:0.60.0 ARCHIVE:0.50.3 ARCHIVE:0.50.2 ARCHIVE:0.50.0 ARCHIVE:0.50.0-rc2 ARCHIVE:0.50.0-rc1 ARCHIVE:0.40.1 ARCHIVE:0.40.0 ARCHIVE:0.33.0-hf1 ARCHIVE:0.33.0 ARCHIVE:0.32.1 ARCHIVE:0.32.0 ARCHIVE:0.31.2 ARCHIVE:0.31.0 ARCHIVE:0.30.1-hf2 ARCHIVE:0.30.1-hf1 ARCHIVE:0.30.1 ARCHIVE:0.30.0-hf2 ARCHIVE:0.30.1-rc2 ARCHIVE:0.30.1-rc1 ARCHIVE:0.30.0-hf1 ARCHIVE:0.30.0 ARCHIVE:0.30.0-rc1 ARCHIVE:0.29.1-rc1 ARCHIVE:0.29.0-hf1 ARCHIVE:0.29.0 ARCHIVE:0.28.2 ARCHIVE:0.28.1 ARCHIVE:0.28.1-rc2 ARCHIVE:0.28.1-rc1 ARCHIVE:0.28.0 ARCHIVE:0.28.0-rc1 ARCHIVE:0.27.4 ARCHIVE:0.27.3-sp2 ARCHIVE:0.27.3-sp1 ARCHIVE:0.27.3 ARCHIVE:0.27.2 ARCHIVE:0.27.1 ARCHIVE:0.27.1-rc1 ARCHIVE:0.27.0 ARCHIVE:0.26.4-sp3 ARCHIVE:0.26.4-sp2 ARCHIVE:0.26.4-sp1 ARCHIVE:0.26.4 ARCHIVE:0.26.3-sp4 ARCHIVE:0.26.3-sp1 ARCHIVE:0.26.2 ARCHIVE:0.26.1 ARCHIVE:0.26.0 ARCHIVE:0.25.2 ARCHIVE:0.25.1 ARCHIVE:0.25.0 ARCHIVE:0.24.0 ARCHIVE:0.24.0-rc2 ARCHIVE:0.23.0 ARCHIVE:0.22.0 ARCHIVE:0.21.0 ARCHIVE:0.20.1 ARCHIVE:0.20.0 ARCHIVE:0.19.2 ARCHIVE:0.19.1 ARCHIVE:0.19.0 ARCHIVE:0.18.0 ARCHIVE:0.17.0 ARCHIVE:0.16.0 ARCHIVE:0.15.0 ARCHIVE:0.14.0 ARCHIVE:0.12.0

1 Commits
ximinez/ac ... ripple/att

Author SHA1 Message Date
Kenny Lei
9f7b9983f0 Confidential Transfer for Attackathon (#6809) 2026-04-08 16:23:41 -04:00
59 changed files with 17287 additions and 152 deletions
Expand all files Collapse all files

2
CMakeLists.txt
View File

@@ -88,6 +88,7 @@ find_package(ed25519 REQUIRED)
find_package(gRPC REQUIRED)
find_package(LibArchive REQUIRED)
find_package(lz4 REQUIRED)
find_package(mpt-crypto REQUIRED)
find_package(nudb REQUIRED)
find_package(OpenSSL REQUIRED)
find_package(secp256k1 REQUIRED)
@@ -100,6 +101,7 @@ target_link_libraries(
INTERFACE
ed25519::ed25519
lz4::lz4
mpt-crypto::mpt-crypto
OpenSSL::Crypto
OpenSSL::SSL
secp256k1::secp256k1

8
conan.lock
View File

@@ -12,6 +12,7 @@
"protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
"openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139",
"nudb/2.0.9#11149c73f8f2baff9a0198fe25971fc7%1774883011.384",
"mpt-crypto/0.2.0-rc1#ed3f241f69d8b9ebf80069d1923d93a8%1773853481.755",
"lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
"libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
"libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
@@ -34,6 +35,7 @@
"msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
"m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
"cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1774439249.183",
"cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
"b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1774439233.447",
"automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
"autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
@@ -58,6 +60,12 @@
],
"lz4/[>=1.9.4 <2]": [
"lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504"
],
"openssl/3.5.5": [
"openssl/3.6.1"
],
"openssl/[>=3 <4]": [
"openssl/3.6.1"
]
},
"config_requires": []

2
conanfile.py
View File

@@ -31,6 +31,7 @@ class Xrpl(ConanFile):
"ed25519/2015.03",
"grpc/1.78.1",
"libarchive/3.8.1",
"mpt-crypto/0.2.0-rc1",
"nudb/2.0.9",
"openssl/3.6.1",
"secp256k1/0.7.1",
@@ -214,6 +215,7 @@ class Xrpl(ConanFile):
"grpc::grpc++",
"libarchive::libarchive",
"lz4::lz4",
"mpt-crypto::mpt-crypto",
"nudb::nudb",
"openssl::crypto",
"protobuf::libprotobuf",

7
cspell.config.yaml
View File

@@ -55,6 +55,7 @@ words:
- autobridging
- bimap
- bindir
- blindings
- bookdir
- Bougalis
- Britto
@@ -87,6 +88,7 @@ words:
- daria
- dcmake
- dearmor
- decryptor
- deleteme
- demultiplexer
- deserializaton
@@ -96,6 +98,7 @@ words:
- distro
- doxyfile
- dxrpl
- elgamal
- endmacro
- exceptioned
- Falco
@@ -105,6 +108,7 @@ words:
- fmtdur
- fsanitize
- funclets
- Gamal
- gcov
- gcovr
- ghead
@@ -191,6 +195,7 @@ words:
- partitioner
- paychan
- paychans
- Pedersen
- permdex
- perminute
- permissioned
@@ -227,6 +232,7 @@ words:
- sahyadri
- Satoshi
- scons
- Schnorr
- secp
- sendq
- seqit
@@ -254,6 +260,7 @@ words:
- stvar
- stvector
- stxchainattestations
- summands
- superpeer
- superpeers
- takergets

460
include/xrpl/protocol/ConfidentialTransfer.h Normal file
View File

@@ -0,0 +1,460 @@
#pragma once
#include <xrpl/basics/Slice.h>
#include <xrpl/protocol/Indexes.h>
#include <xrpl/protocol/MPTIssue.h>
#include <xrpl/protocol/Protocol.h>
#include <xrpl/protocol/Rate.h>
#include <xrpl/protocol/STLedgerEntry.h>
#include <xrpl/protocol/STObject.h>
#include <xrpl/protocol/Serializer.h>
#include <xrpl/protocol/TER.h>
#include <xrpl/protocol/TxFormats.h>
#include <xrpl/protocol/detail/secp256k1.h>
#include <secp256k1_mpt.h>
namespace xrpl {
/**
* @brief Bundles an ElGamal public key with its associated encrypted amount.
*
* Used to represent a recipient in confidential transfers, containing both
* the recipient's ElGamal public key and the ciphertext encrypting the
* transfer amount under that key.
*/
struct ConfidentialRecipient
{
Slice publicKey; ///< The recipient's ElGamal public key (size=xrpl::ecPubKeyLength).
Slice encryptedAmount; ///< The encrypted amount ciphertext
///< (size=xrpl::ecGamalEncryptedTotalLength).
};
/// Holds two secp256k1 public key components representing an ElGamal ciphertext (C1, C2).
struct EcPair
{
secp256k1_pubkey c1;
secp256k1_pubkey c2;
};
/**
* @brief Increments the confidential balance version counter on an MPToken.
*
* The version counter is used to prevent replay attacks by binding proofs
* to a specific state of the account's confidential balance. Wraps to 0
* on overflow (defined behavior for unsigned integers).
*
* @param mptoken The MPToken ledger entry to update.
*/
inline void
incrementConfidentialVersion(STObject& mptoken)
{
// Retrieve current version and increment.
// Unsigned integer overflow is defined behavior in C++ (wraps to 0),
// which is acceptable here.
mptoken[sfConfidentialBalanceVersion] =
mptoken[~sfConfidentialBalanceVersion].value_or(0u) + 1u;
}
/**
* @brief Generates the context hash for ConfidentialMPTSend transactions.
*
* Creates a unique 256-bit hash that binds the zero-knowledge proofs to
* this specific send transaction, preventing proof reuse across transactions.
*
* @param account The sender's account ID.
* @param issuanceID The MPToken Issuance ID.
* @param sequence The transaction sequence number or ticket number.
* @param destination The destination account ID.
* @param version The sender's confidential balance version.
* @return A 256-bit context hash unique to this transaction.
*/
uint256
getSendContextHash(
AccountID const& account,
uint192 const& issuanceID,
std::uint32_t sequence,
AccountID const& destination,
std::uint32_t version);
/**
* @brief Generates the context hash for ConfidentialMPTClawback transactions.
*
* Creates a unique 256-bit hash that binds the equality proof to this
* specific clawback transaction.
*
* @param account The issuer's account ID.
* @param issuanceID The MPToken Issuance ID.
* @param sequence The transaction sequence number or ticket number.
* @param holder The holder's account ID being clawed back from.
* @return A 256-bit context hash unique to this transaction.
*/
uint256
getClawbackContextHash(
AccountID const& account,
uint192 const& issuanceID,
std::uint32_t sequence,
AccountID const& holder);
/**
* @brief Generates the context hash for ConfidentialMPTConvert transactions.
*
* Creates a unique 256-bit hash that binds the Schnorr proof (for key
* registration) to this specific convert transaction.
*
* @param account The holder's account ID.
* @param issuanceID The MPToken Issuance ID.
* @param sequence The transaction sequence number or a ticket number.
* @return A 256-bit context hash unique to this transaction.
*/
uint256
getConvertContextHash(AccountID const& account, uint192 const& issuanceID, std::uint32_t sequence);
/**
* @brief Generates the context hash for ConfidentialMPTConvertBack transactions.
*
* Creates a unique 256-bit hash that binds the zero-knowledge proofs to
* this specific convert-back transaction.
*
* @param account The holder's account ID.
* @param issuanceID The MPToken Issuance ID.
* @param sequence The transaction sequence number or a ticket number.
* @param version The holder's confidential balance version.
* @return A 256-bit context hash unique to this transaction.
*/
uint256
getConvertBackContextHash(
AccountID const& account,
uint192 const& issuanceID,
std::uint32_t sequence,
std::uint32_t version);
/**
* @brief Parses an ElGamal ciphertext into two secp256k1 public key components.
*
* Breaks a 66-byte encrypted amount (two 33-byte compressed EC points) into
* a pair containing (C1, C2) for use in cryptographic operations.
*
* @param buffer The 66-byte buffer containing the compressed ciphertext.
* @return The parsed pair (c1, c2) if successful, std::nullopt if the buffer is invalid.
*/
std::optional<EcPair>
makeEcPair(Slice const& buffer);
/**
* @brief Serializes an EcPair into compressed form.
*
* Converts an EcPair (C1, C2) back into a 66-byte buffer containing
* two 33-byte compressed EC points.
*
* @param pair The EcPair to serialize.
* @return The 66-byte buffer, or std::nullopt if serialization fails.
*/
std::optional<Buffer>
serializeEcPair(EcPair const& pair);
/**
* @brief Verifies that a buffer contains two valid, parsable EC public keys.
*
* @param buffer The input buffer containing two concatenated components.
* @return true if both components can be parsed successfully, false otherwise.
*/
bool
isValidCiphertext(Slice const& buffer);
/**
* @brief Verifies that a buffer contains a valid, parsable compressed EC point.
*
* Can be used to validate both compressed public keys and Pedersen commitments.
* Fails early if the prefix byte is not 0x02 or 0x03.
*
* @param buffer The input buffer containing a compressed EC point (33 bytes).
* @return true if the point can be parsed successfully, false otherwise.
*/
bool
isValidCompressedECPoint(Slice const& buffer);
/**
* @brief Homomorphically adds two ElGamal ciphertexts.
*
* Uses the additive homomorphic property of ElGamal encryption to compute
* Enc(a + b) from Enc(a) and Enc(b) without decryption.
*
* @param a The first ciphertext (66 bytes).
* @param b The second ciphertext (66 bytes).
* @return The resulting ciphertext Enc(a + b), or std::nullopt on failure.
*/
std::optional<Buffer>
homomorphicAdd(Slice const& a, Slice const& b);
/**
* @brief Homomorphically subtracts two ElGamal ciphertexts.
*
* Uses the additive homomorphic property of ElGamal encryption to compute
* Enc(a - b) from Enc(a) and Enc(b) without decryption.
*
* @param a The minuend ciphertext (66 bytes).
* @param b The subtrahend ciphertext (66 bytes).
* @return The resulting ciphertext Enc(a - b), or std::nullopt on failure.
*/
std::optional<Buffer>
homomorphicSubtract(Slice const& a, Slice const& b);
/**
* @brief Encrypts an amount using ElGamal encryption.
*
* Produces a ciphertext C = (C1, C2) where C1 = r*G and C2 = m*G + r*Pk,
* using the provided blinding factor r.
*
* @param amt The plaintext amount to encrypt.
* @param pubKeySlice The recipient's ElGamal public key (size=xrpl::ecPubKeyLength).
* @param blindingFactor The randomness used as blinding factor r
* (size=xrpl::ecBlindingFactorLength).
* @return The ciphertext (size=xrpl::ecGamalEncryptedTotalLength), or std::nullopt on failure.
*/
std::optional<Buffer>
encryptAmount(uint64_t const amt, Slice const& pubKeySlice, Slice const& blindingFactor);
/**
* @brief Generates the canonical zero encryption for a specific MPToken.
*
* Creates a deterministic encryption of zero that is unique to the account
* and MPT issuance. Used to initialize confidential balance fields.
*
* @param pubKeySlice The holder's ElGamal public key (size=xrpl::ecPubKeyLength).
* @param account The account ID of the token holder.
* @param mptId The MPToken Issuance ID.
* @return The canonical zero ciphertext (size=xrpl::ecGamalEncryptedTotalLength), or std::nullopt
* on failure.
*/
std::optional<Buffer>
encryptCanonicalZeroAmount(Slice const& pubKeySlice, AccountID const& account, MPTID const& mptId);
/**
* @brief Verifies a Schnorr proof of knowledge of an ElGamal private key.
*
* Proves that the submitter knows the secret key corresponding to the
* provided public key, without revealing the secret key itself.
*
* @param pubKeySlice The ElGamal public key (size=xrpl::ecPubKeyLength).
* @param proofSlice The Schnorr proof (size=xrpl::ecSchnorrProofLength).
* @param contextHash The 256-bit context hash binding the proof.
* @return tesSUCCESS if valid, or an error code otherwise.
*/
TER
verifySchnorrProof(Slice const& pubKeySlice, Slice const& proofSlice, uint256 const& contextHash);
/**
* @brief Validates the format of encrypted amount fields in a transaction.
*
* Checks that all ciphertext fields in the transaction object have the
* correct length and contain valid EC points. This function is only used
* by ConfidentialMPTConvert and ConfidentialMPTConvertBack transactions.
*
* @param object The transaction object containing encrypted amount fields.
* @return tesSUCCESS if all formats are valid, temMALFORMED if required fields
* are missing, or temBAD_CIPHERTEXT if format validation fails.
*/
NotTEC
checkEncryptedAmountFormat(STObject const& object);
/**
* @brief Verifies revealed amount encryptions for all recipients.
*
* Validates that the same amount was correctly encrypted for the holder,
* issuer, and optionally the auditor using their respective public keys.
*
* @param amount The revealed plaintext amount.
* @param blindingFactor The blinding factor used in all encryptions
* (size=xrpl::ecBlindingFactorLength).
* @param holder The holder's public key and encrypted amount.
* @param issuer The issuer's public key and encrypted amount.
* @param auditor Optional auditor's public key and encrypted amount.
* @return tesSUCCESS if all encryptions are valid, or an error code otherwise.
*/
TER
verifyRevealedAmount(
uint64_t const amount,
Slice const& blindingFactor,
ConfidentialRecipient const& holder,
ConfidentialRecipient const& issuer,
std::optional<ConfidentialRecipient> const& auditor);
/**
* @brief Returns the number of recipients in a confidential transfer.
*
* Returns 4 if an auditor is present (sender, destination, issuer, auditor),
* or 3 if no auditor (sender, destination, issuer).
*
* @param hasAuditor Whether the issuance has an auditor configured.
* @return The number of recipients (3 or 4).
*/
constexpr std::size_t
getConfidentialRecipientCount(bool hasAuditor)
{
return hasAuditor ? 4 : 3;
}
/**
* @brief Returns the size of a multi-ciphertext equality proof.
*
* Computes the byte size required for a zero-knowledge proof that demonstrates
* multiple ciphertexts encrypt the same plaintext value. The size depends on
* the number of recipients.
*
* @param nRecipients The number of recipients (typically 3 or 4).
* @return The proof size in bytes.
*/
inline std::size_t
getEqualityProofSize(std::size_t nRecipients)
{
return secp256k1_mpt_proof_equality_shared_r_size(nRecipients);
}
/**
* @brief Verifies a clawback equality proof.
*
* Proves that the issuer knows the exact amount encrypted in the holder's
* balance ciphertext. Used in ConfidentialMPTClawback to verify the issuer
* can decrypt the balance using their private key.
*
* @param amount The revealed plaintext amount.
* @param proof The zero-knowledge proof bytes.
* @param pubKeySlice The issuer's ElGamal public key (64 bytes).
* @param ciphertext The issuer's encrypted balance on the holder's account (66 bytes).
* @param contextHash The 256-bit context hash binding the proof.
* @return tesSUCCESS if the proof is valid, or an error code otherwise.
*/
TER
verifyClawbackEqualityProof(
uint64_t const amount,
Slice const& proof,
Slice const& pubKeySlice,
Slice const& ciphertext,
uint256 const& contextHash);
/**
* @brief Generates a cryptographically secure 32-byte blinding factor.
*
* Produces random bytes suitable for use as an ElGamal blinding factor
* or Pedersen commitment randomness.
*
* @return A 32-byte buffer containing the random blinding factor.
*/
Buffer
generateBlindingFactor();
/**
* @brief Verifies all zero-knowledge proofs for a ConfidentialMPTSend transaction.
*
* This function calls mpt_verify_send_proof API in the mpt-crypto utility lib, which verifies the
* equality proof, amount linkage, balance linkage, and range proof.
* Equality proof: Proves the same value is encrypted for the sender, receiver, issuer, and auditor.
* Amount linkage: Proves the send amount matches the amount Pedersen commitment.
* Balance linkage: Proves the sender's balance matches the balance Pedersen
* commitment.
* Range proof: Proves the amount and the remaining balance are within range [0, 2^64-1].
*
* @param proof The full proof blob.
* @param sender The sender's public key and encrypted amount.
* @param destination The destination's public key and encrypted amount.
* @param issuer The issuer's public key and encrypted amount.
* @param auditor The auditor's public key and encrypted amount if present.
* @param spendingBalance The sender's current spending balance ciphertext.
* @param amountCommitment The Pedersen commitment to the send amount.
* @param balanceCommitment The Pedersen commitment to the sender's balance.
* @param contextHash The context hash binding the proof.
* @return tesSUCCESS if all proofs are valid, or an error code otherwise.
*/
TER
verifySendProof(
Slice const& proof,
ConfidentialRecipient const& sender,
ConfidentialRecipient const& destination,
ConfidentialRecipient const& issuer,
std::optional<ConfidentialRecipient> const& auditor,
Slice const& spendingBalance,
Slice const& amountCommitment,
Slice const& balanceCommitment,
uint256 const& contextHash);
/**
* @brief Verifies all zero-knowledge proofs for a ConfidentialMPTConvertBack transaction.
*
* This function calls mpt_verify_convert_back_proof API in the mpt-crypto utility lib, which
* verifies the balance linkage proof and range proof. Balance linkage proof: proves the balance
* commitment matches the spending ciphertext. Range proof: proves the remaining balance after
* convert back is within range [0, 2^64-1].
*
* @param proof The full proof blob.
* @param pubKeySlice The holder's public key.
* @param spendingBalance The holder's spending balance ciphertext.
* @param balanceCommitment The Pedersen commitment to the balance.
* @param amount The amount being converted back to public.
* @param contextHash The context hash binding the proof.
* @return tesSUCCESS if all proofs are valid, or an error code otherwise.
*/
TER
verifyConvertBackProof(
Slice const& proof,
Slice const& pubKeySlice,
Slice const& spendingBalance,
Slice const& balanceCommitment,
uint64_t amount,
uint256 const& contextHash);
/**
* @brief Sequential reader for extracting proof components from a ZKProof blob.
*
* Encapsulates the offset-based arithmetic for slicing a concatenated proof
* blob into its individual components (equality proofs, Pedersen linkage
* proofs, bulletproofs, etc.). Performs bounds checking on every read and
* tracks whether the entire blob has been consumed.
*
* Usage:
* @code
* ProofReader reader(tx[sfZKProof]);
* auto equalityProof = reader.read(sizeEquality);
* auto pedersenProof = reader.read(ecPedersenProofLength);
* if (!equalityProof || !pedersenProof || !reader.done())
* return tecINTERNAL;
* @endcode
*/
class ProofReader
{
Slice data_;
std::size_t offset_ = 0;
public:
explicit ProofReader(Slice data) : data_(data)
{
}
/**
* @brief Read the next @p length bytes from the proof blob.
*
* @param length Number of bytes to read.
* @return A Slice of the requested bytes, or std::nullopt if there are
* not enough remaining bytes.
*/
[[nodiscard]] std::optional<Slice>
read(std::size_t length)
{
if (offset_ + length > data_.size())
return std::nullopt;
auto result = data_.substr(offset_, length);
offset_ += length;
return result;
}
/**
* @brief Returns true when every byte has been consumed.
*/
[[nodiscard]] bool
done() const
{
return offset_ == data_.size();
}
};
} // namespace xrpl

6
include/xrpl/protocol/LedgerFormats.h
View File

@@ -173,7 +173,8 @@ enum LedgerEntryType : std::uint16_t {
LSF_FLAG(lsfMPTCanEscrow, 0x00000008) \
LSF_FLAG(lsfMPTCanTrade, 0x00000010) \
LSF_FLAG(lsfMPTCanTransfer, 0x00000020) \
LSF_FLAG(lsfMPTCanClawback, 0x00000040)) \
LSF_FLAG(lsfMPTCanClawback, 0x00000040) \
LSF_FLAG(lsfMPTCanConfidentialAmount, 0x00000080)) \
\
LEDGER_OBJECT(MPTokenIssuanceMutable, \
LSF_FLAG(lsmfMPTCanMutateCanLock, 0x00000002) \
@@ -183,7 +184,8 @@ enum LedgerEntryType : std::uint16_t {
LSF_FLAG(lsmfMPTCanMutateCanTransfer, 0x00000020) \
LSF_FLAG(lsmfMPTCanMutateCanClawback, 0x00000040) \
LSF_FLAG(lsmfMPTCanMutateMetadata, 0x00010000) \
LSF_FLAG(lsmfMPTCanMutateTransferFee, 0x00020000)) \
LSF_FLAG(lsmfMPTCanMutateTransferFee, 0x00020000) \
LSF_FLAG(lsmfMPTCannotMutateCanConfidentialAmount, 0x00040000)) \
\
LEDGER_OBJECT(MPToken, \
LSF_FLAG2(lsfMPTLocked, 0x00000001) \

42
include/xrpl/protocol/Protocol.h
View File

@@ -307,4 +307,46 @@ std::size_t constexpr permissionMaxSize = 10;
/** The maximum number of transactions that can be in a batch. */
std::size_t constexpr maxBatchTxCount = 8;
/** Length of one component of EC ElGamal ciphertext */
std::size_t constexpr ecGamalEncryptedLength = 33;
/** EC ElGamal ciphertext length: two 33-byte components concatenated */
std::size_t constexpr ecGamalEncryptedTotalLength = ecGamalEncryptedLength * 2;
/** Length of equality ZKProof in bytes */
std::size_t constexpr ecEqualityProofLength = 98;
/** Length of EC point (compressed) */
std::size_t constexpr compressedECPointLength = 33;
/** Length of EC public key (compressed) */
std::size_t constexpr ecPubKeyLength = compressedECPointLength;
/** Length of EC private key in bytes */
std::size_t constexpr ecPrivKeyLength = 32;
/** Length of the EC blinding factor in bytes */
std::size_t constexpr ecBlindingFactorLength = 32;
/** Length of Schnorr ZKProof for public key registration in bytes */
std::size_t constexpr ecSchnorrProofLength = 65;
/** Length of ElGamal Pedersen linkage proof in bytes */
std::size_t constexpr ecPedersenProofLength = 195;
/** Length of Pedersen Commitment (compressed) */
std::size_t constexpr ecPedersenCommitmentLength = compressedECPointLength;
/** Length of single bulletproof (range proof for 1 commitment) in bytes */
std::size_t constexpr ecSingleBulletproofLength = 688;
/** Length of double bulletproof (range proof for 2 commitments) in bytes */
std::size_t constexpr ecDoubleBulletproofLength = 754;
/** Compressed EC point prefix for even y-coordinate */
std::uint8_t constexpr ecCompressedPrefixEvenY = 0x02;
/** Compressed EC point prefix for odd y-coordinate */
std::uint8_t constexpr ecCompressedPrefixOddY = 0x03;
} // namespace xrpl

2
include/xrpl/protocol/TER.h
View File

@@ -121,6 +121,7 @@ enum TEMcodes : TERUnderlyingType {
temARRAY_TOO_LARGE,
temBAD_TRANSFER_FEE,
temINVALID_INNER_BATCH,
temBAD_CIPHERTEXT,
};
//------------------------------------------------------------------------------
@@ -346,6 +347,7 @@ enum TECcodes : TERUnderlyingType {
// backward compatibility with historical data on non-prod networks, can be
// reclaimed after those networks reset.
tecNO_DELEGATE_PERMISSION = 198,
tecBAD_PROOF = 199,
};
//------------------------------------------------------------------------------

24
include/xrpl/protocol/TxFlags.h
View File

@@ -138,7 +138,8 @@ inline constexpr FlagValue tfUniversalMask = ~tfUniversal;
TF_FLAG(tfMPTCanEscrow, lsfMPTCanEscrow) \
TF_FLAG(tfMPTCanTrade, lsfMPTCanTrade) \
TF_FLAG(tfMPTCanTransfer, lsfMPTCanTransfer) \
TF_FLAG(tfMPTCanClawback, lsfMPTCanClawback), \
TF_FLAG(tfMPTCanClawback, lsfMPTCanClawback) \
TF_FLAG(tfMPTCanConfidentialAmount, lsfMPTCanConfidentialAmount), \
MASK_ADJ(0)) \
\
TRANSACTION(MPTokenAuthorize, \
@@ -347,10 +348,12 @@ inline constexpr FlagValue tmfMPTCanMutateCanTransfer = lsmfMPTCanMutateCanTrans
inline constexpr FlagValue tmfMPTCanMutateCanClawback = lsmfMPTCanMutateCanClawback;
inline constexpr FlagValue tmfMPTCanMutateMetadata = lsmfMPTCanMutateMetadata;
inline constexpr FlagValue tmfMPTCanMutateTransferFee = lsmfMPTCanMutateTransferFee;
inline constexpr FlagValue tmfMPTokenIssuanceCreateMutableMask =
~(tmfMPTCanMutateCanLock | tmfMPTCanMutateRequireAuth | tmfMPTCanMutateCanEscrow |
tmfMPTCanMutateCanTrade | tmfMPTCanMutateCanTransfer | tmfMPTCanMutateCanClawback |
tmfMPTCanMutateMetadata | tmfMPTCanMutateTransferFee);
inline constexpr FlagValue tmfMPTCannotMutateCanConfidentialAmount =
lsmfMPTCannotMutateCanConfidentialAmount;
inline constexpr FlagValue tmfMPTokenIssuanceCreateMutableMask = ~(
tmfMPTCanMutateCanLock | tmfMPTCanMutateRequireAuth | tmfMPTCanMutateCanEscrow |
tmfMPTCanMutateCanTrade | tmfMPTCanMutateCanTransfer | tmfMPTCanMutateCanClawback |
tmfMPTCanMutateMetadata | tmfMPTCanMutateTransferFee | tmfMPTCannotMutateCanConfidentialAmount);
// MPTokenIssuanceSet MutableFlags:
// Set or Clear flags.
@@ -367,10 +370,13 @@ inline constexpr FlagValue tmfMPTSetCanTransfer = 0x00000100;
inline constexpr FlagValue tmfMPTClearCanTransfer = 0x00000200;
inline constexpr FlagValue tmfMPTSetCanClawback = 0x00000400;
inline constexpr FlagValue tmfMPTClearCanClawback = 0x00000800;
inline constexpr FlagValue tmfMPTokenIssuanceSetMutableMask = ~(
tmfMPTSetCanLock | tmfMPTClearCanLock | tmfMPTSetRequireAuth | tmfMPTClearRequireAuth |
tmfMPTSetCanEscrow | tmfMPTClearCanEscrow | tmfMPTSetCanTrade | tmfMPTClearCanTrade |
tmfMPTSetCanTransfer | tmfMPTClearCanTransfer | tmfMPTSetCanClawback | tmfMPTClearCanClawback);
inline constexpr FlagValue tmfMPTSetCanConfidentialAmount = 0x00001000;
inline constexpr FlagValue tmfMPTClearCanConfidentialAmount = 0x00002000;
inline constexpr FlagValue tmfMPTokenIssuanceSetMutableMask =
~(tmfMPTSetCanLock | tmfMPTClearCanLock | tmfMPTSetRequireAuth | tmfMPTClearRequireAuth |
tmfMPTSetCanEscrow | tmfMPTClearCanEscrow | tmfMPTSetCanTrade | tmfMPTClearCanTrade |
tmfMPTSetCanTransfer | tmfMPTClearCanTransfer | tmfMPTSetCanClawback |
tmfMPTClearCanClawback | tmfMPTSetCanConfidentialAmount | tmfMPTClearCanConfidentialAmount);
// Prior to fixRemoveNFTokenAutoTrustLine, transfer of an NFToken between accounts allowed a
// TrustLine to be added to the issuer of that token without explicit permission from that issuer.

1
include/xrpl/protocol/detail/features.macro
View File

@@ -15,6 +15,7 @@
// Add new amendments to the top of this list.
// Keep it sorted in reverse chronological order.
XRPL_FEATURE(ConfidentialTransfer, Supported::no, VoteBehavior::DefaultNo)
XRPL_FIX (Security3_1_3, Supported::no, VoteBehavior::DefaultNo)
XRPL_FIX (PermissionedDomainInvariant, Supported::yes, VoteBehavior::DefaultNo)
XRPL_FIX (ExpiredNFTokenOfferRemoval, Supported::yes, VoteBehavior::DefaultNo)

49
include/xrpl/protocol/detail/ledger_entries.macro
View File

@@ -385,32 +385,41 @@ LEDGER_ENTRY(ltAMM, 0x0079, AMM, amm, ({
\sa keylet::mptIssuance
*/
LEDGER_ENTRY(ltMPTOKEN_ISSUANCE, 0x007e, MPTokenIssuance, mpt_issuance, ({
{sfIssuer, soeREQUIRED},
{sfSequence, soeREQUIRED},
{sfTransferFee, soeDEFAULT},
{sfOwnerNode, soeREQUIRED},
{sfAssetScale, soeDEFAULT},
{sfMaximumAmount, soeOPTIONAL},
{sfOutstandingAmount, soeREQUIRED},
{sfLockedAmount, soeOPTIONAL},
{sfMPTokenMetadata, soeOPTIONAL},
{sfPreviousTxnID, soeREQUIRED},
{sfPreviousTxnLgrSeq, soeREQUIRED},
{sfDomainID, soeOPTIONAL},
{sfMutableFlags, soeDEFAULT},
{sfIssuer, soeREQUIRED},
{sfSequence, soeREQUIRED},
{sfTransferFee, soeDEFAULT},
{sfOwnerNode, soeREQUIRED},
{sfAssetScale, soeDEFAULT},
{sfMaximumAmount, soeOPTIONAL},
{sfOutstandingAmount, soeREQUIRED},
{sfLockedAmount, soeOPTIONAL},
{sfMPTokenMetadata, soeOPTIONAL},
{sfPreviousTxnID, soeREQUIRED},
{sfPreviousTxnLgrSeq, soeREQUIRED},
{sfDomainID, soeOPTIONAL},
{sfMutableFlags, soeDEFAULT},
{sfIssuerEncryptionKey, soeOPTIONAL},
{sfAuditorEncryptionKey, soeOPTIONAL},
{sfConfidentialOutstandingAmount, soeDEFAULT},
}))
/** A ledger object which tracks MPToken
\sa keylet::mptoken
*/
LEDGER_ENTRY(ltMPTOKEN, 0x007f, MPToken, mptoken, ({
{sfAccount, soeREQUIRED},
{sfMPTokenIssuanceID, soeREQUIRED},
{sfMPTAmount, soeDEFAULT},
{sfLockedAmount, soeOPTIONAL},
{sfOwnerNode, soeREQUIRED},
{sfPreviousTxnID, soeREQUIRED},
{sfPreviousTxnLgrSeq, soeREQUIRED},
{sfAccount, soeREQUIRED},
{sfMPTokenIssuanceID, soeREQUIRED},
{sfMPTAmount, soeDEFAULT},
{sfLockedAmount, soeOPTIONAL},
{sfOwnerNode, soeREQUIRED},
{sfPreviousTxnID, soeREQUIRED},
{sfPreviousTxnLgrSeq, soeREQUIRED},
{sfConfidentialBalanceInbox, soeOPTIONAL},
{sfConfidentialBalanceSpending, soeOPTIONAL},
{sfConfidentialBalanceVersion, soeDEFAULT},
{sfIssuerEncryptedBalance, soeOPTIONAL},
{sfAuditorEncryptedBalance, soeOPTIONAL},
{sfHolderEncryptionKey, soeOPTIONAL},
}))
/** A ledger object which tracks Oracle

18
include/xrpl/protocol/detail/sfields.macro
View File

@@ -113,6 +113,7 @@ TYPED_SFIELD(sfInterestRate, UINT32, 65) // 1/10 basis points (bi
TYPED_SFIELD(sfLateInterestRate, UINT32, 66) // 1/10 basis points (bips)
TYPED_SFIELD(sfCloseInterestRate, UINT32, 67) // 1/10 basis points (bips)
TYPED_SFIELD(sfOverpaymentInterestRate, UINT32, 68) // 1/10 basis points (bips)
TYPED_SFIELD(sfConfidentialBalanceVersion, UINT32, 69)
// 64-bit integers (common)
TYPED_SFIELD(sfIndexNext, UINT64, 1)
@@ -146,6 +147,7 @@ TYPED_SFIELD(sfSubjectNode, UINT64, 28)
TYPED_SFIELD(sfLockedAmount, UINT64, 29, SField::sMD_BaseTen|SField::sMD_Default)
TYPED_SFIELD(sfVaultNode, UINT64, 30)
TYPED_SFIELD(sfLoanBrokerNode, UINT64, 31)
TYPED_SFIELD(sfConfidentialOutstandingAmount, UINT64, 32, SField::sMD_BaseTen|SField::sMD_Default)
// 128-bit
TYPED_SFIELD(sfEmailHash, UINT128, 1)
@@ -203,6 +205,7 @@ TYPED_SFIELD(sfParentBatchID, UINT256, 36)
TYPED_SFIELD(sfLoanBrokerID, UINT256, 37,
SField::sMD_PseudoAccount | SField::sMD_Default)
TYPED_SFIELD(sfLoanID, UINT256, 38)
TYPED_SFIELD(sfBlindingFactor, UINT256, 39)
// number (common)
TYPED_SFIELD(sfNumber, NUMBER, 1)
@@ -296,6 +299,21 @@ TYPED_SFIELD(sfAssetClass, VL, 28)
TYPED_SFIELD(sfProvider, VL, 29)
TYPED_SFIELD(sfMPTokenMetadata, VL, 30)
TYPED_SFIELD(sfCredentialType, VL, 31)
TYPED_SFIELD(sfConfidentialBalanceInbox, VL, 32)
TYPED_SFIELD(sfConfidentialBalanceSpending, VL, 33)
TYPED_SFIELD(sfIssuerEncryptedBalance, VL, 34)
TYPED_SFIELD(sfIssuerEncryptionKey, VL, 35)
TYPED_SFIELD(sfHolderEncryptionKey, VL, 36)
TYPED_SFIELD(sfZKProof, VL, 37)
TYPED_SFIELD(sfHolderEncryptedAmount, VL, 38)
TYPED_SFIELD(sfIssuerEncryptedAmount, VL, 39)
TYPED_SFIELD(sfSenderEncryptedAmount, VL, 40)
TYPED_SFIELD(sfDestinationEncryptedAmount, VL, 41)
TYPED_SFIELD(sfAuditorEncryptedBalance, VL, 42)
TYPED_SFIELD(sfAuditorEncryptedAmount, VL, 43)
TYPED_SFIELD(sfAuditorEncryptionKey, VL, 44)
TYPED_SFIELD(sfAmountCommitment, VL, 45)
TYPED_SFIELD(sfBalanceCommitment, VL, 46)
// account (common)
TYPED_SFIELD(sfAccount, ACCOUNT, 1)

86
include/xrpl/protocol/detail/transactions.macro
View File

@@ -734,6 +734,8 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
{sfMPTokenMetadata, soeOPTIONAL},
{sfTransferFee, soeOPTIONAL},
{sfMutableFlags, soeOPTIONAL},
{sfIssuerEncryptionKey, soeOPTIONAL},
{sfAuditorEncryptionKey, soeOPTIONAL},
}))
/** This transaction type authorizes a MPToken instance */
@@ -1076,6 +1078,90 @@ TRANSACTION(ttLOAN_PAY, 84, LoanPay,
{sfAmount, soeREQUIRED, soeMPTSupported},
}))
/** This transaction type converts into confidential MPT balance. */
#if TRANSACTION_INCLUDE
#include <xrpl/tx/transactors/token/ConfidentialMPTConvert.h>
#endif
TRANSACTION(ttCONFIDENTIAL_MPT_CONVERT, 85, ConfidentialMPTConvert,
Delegation::delegable,
featureConfidentialTransfer,
noPriv,
({
{sfMPTokenIssuanceID, soeREQUIRED},
{sfMPTAmount, soeREQUIRED},
{sfHolderEncryptionKey, soeOPTIONAL},
{sfHolderEncryptedAmount, soeREQUIRED},
{sfIssuerEncryptedAmount, soeREQUIRED},
{sfAuditorEncryptedAmount, soeOPTIONAL},
{sfBlindingFactor, soeREQUIRED},
{sfZKProof, soeOPTIONAL},
}))
/** This transaction type merges MPT inbox. */
#if TRANSACTION_INCLUDE
#include <xrpl/tx/transactors/token/ConfidentialMPTMergeInbox.h>
#endif
TRANSACTION(ttCONFIDENTIAL_MPT_MERGE_INBOX, 86, ConfidentialMPTMergeInbox,
Delegation::delegable,
featureConfidentialTransfer,
noPriv,
({
{sfMPTokenIssuanceID, soeREQUIRED},
}))
/** This transaction type converts back into public MPT balance. */
#if TRANSACTION_INCLUDE
#include <xrpl/tx/transactors/token/ConfidentialMPTConvertBack.h>
#endif
TRANSACTION(ttCONFIDENTIAL_MPT_CONVERT_BACK, 87, ConfidentialMPTConvertBack,
Delegation::delegable,
featureConfidentialTransfer,
noPriv,
({
{sfMPTokenIssuanceID, soeREQUIRED},
{sfMPTAmount, soeREQUIRED},
{sfHolderEncryptedAmount, soeREQUIRED},
{sfIssuerEncryptedAmount, soeREQUIRED},
{sfAuditorEncryptedAmount, soeOPTIONAL},
{sfBlindingFactor, soeREQUIRED},
{sfZKProof, soeREQUIRED},
{sfBalanceCommitment, soeREQUIRED},
}))
#if TRANSACTION_INCLUDE
#include <xrpl/tx/transactors/token/ConfidentialMPTSend.h>
#endif
TRANSACTION(ttCONFIDENTIAL_MPT_SEND, 88, ConfidentialMPTSend,
Delegation::delegable,
featureConfidentialTransfer,
noPriv,
({
{sfMPTokenIssuanceID, soeREQUIRED},
{sfDestination, soeREQUIRED},
{sfSenderEncryptedAmount, soeREQUIRED},
{sfDestinationEncryptedAmount, soeREQUIRED},
{sfIssuerEncryptedAmount, soeREQUIRED},
{sfAuditorEncryptedAmount, soeOPTIONAL},
{sfZKProof, soeREQUIRED},
{sfAmountCommitment, soeREQUIRED},
{sfBalanceCommitment, soeREQUIRED},
{sfCredentialIDs, soeOPTIONAL},
}))
#if TRANSACTION_INCLUDE
#include <xrpl/tx/transactors/token/ConfidentialMPTClawback.h>
#endif
TRANSACTION(ttCONFIDENTIAL_MPT_CLAWBACK, 89, ConfidentialMPTClawback,
Delegation::delegable,
featureConfidentialTransfer,
noPriv,
({
{sfMPTokenIssuanceID, soeREQUIRED},
{sfHolder, soeREQUIRED},
{sfMPTAmount, soeREQUIRED},
{sfZKProof, soeREQUIRED},
}))
/** This system-generated transaction type is used to update the status of the various amendments.
For details, see: https://xrpl.org/amendments.html

210
include/xrpl/protocol_autogen/ledger_entries/MPToken.h
View File

@@ -147,6 +147,150 @@ public:
{
return this->sle_->at(sfPreviousTxnLgrSeq);
}
/**
* @brief Get sfConfidentialBalanceInbox (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getConfidentialBalanceInbox() const
{
if (hasConfidentialBalanceInbox())
return this->sle_->at(sfConfidentialBalanceInbox);
return std::nullopt;
}
/**
* @brief Check if sfConfidentialBalanceInbox is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasConfidentialBalanceInbox() const
{
return this->sle_->isFieldPresent(sfConfidentialBalanceInbox);
}
/**
* @brief Get sfConfidentialBalanceSpending (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getConfidentialBalanceSpending() const
{
if (hasConfidentialBalanceSpending())
return this->sle_->at(sfConfidentialBalanceSpending);
return std::nullopt;
}
/**
* @brief Check if sfConfidentialBalanceSpending is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasConfidentialBalanceSpending() const
{
return this->sle_->isFieldPresent(sfConfidentialBalanceSpending);
}
/**
* @brief Get sfConfidentialBalanceVersion (soeDEFAULT)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_UINT32::type::value_type>
getConfidentialBalanceVersion() const
{
if (hasConfidentialBalanceVersion())
return this->sle_->at(sfConfidentialBalanceVersion);
return std::nullopt;
}
/**
* @brief Check if sfConfidentialBalanceVersion is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasConfidentialBalanceVersion() const
{
return this->sle_->isFieldPresent(sfConfidentialBalanceVersion);
}
/**
* @brief Get sfIssuerEncryptedBalance (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getIssuerEncryptedBalance() const
{
if (hasIssuerEncryptedBalance())
return this->sle_->at(sfIssuerEncryptedBalance);
return std::nullopt;
}
/**
* @brief Check if sfIssuerEncryptedBalance is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasIssuerEncryptedBalance() const
{
return this->sle_->isFieldPresent(sfIssuerEncryptedBalance);
}
/**
* @brief Get sfAuditorEncryptedBalance (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getAuditorEncryptedBalance() const
{
if (hasAuditorEncryptedBalance())
return this->sle_->at(sfAuditorEncryptedBalance);
return std::nullopt;
}
/**
* @brief Check if sfAuditorEncryptedBalance is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasAuditorEncryptedBalance() const
{
return this->sle_->isFieldPresent(sfAuditorEncryptedBalance);
}
/**
* @brief Get sfHolderEncryptionKey (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getHolderEncryptionKey() const
{
if (hasHolderEncryptionKey())
return this->sle_->at(sfHolderEncryptionKey);
return std::nullopt;
}
/**
* @brief Check if sfHolderEncryptionKey is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasHolderEncryptionKey() const
{
return this->sle_->isFieldPresent(sfHolderEncryptionKey);
}
};
/**
@@ -270,6 +414,72 @@ public:
return *this;
}
/**
* @brief Set sfConfidentialBalanceInbox (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenBuilder&
setConfidentialBalanceInbox(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfConfidentialBalanceInbox] = value;
return *this;
}
/**
* @brief Set sfConfidentialBalanceSpending (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenBuilder&
setConfidentialBalanceSpending(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfConfidentialBalanceSpending] = value;
return *this;
}
/**
* @brief Set sfConfidentialBalanceVersion (soeDEFAULT)
* @return Reference to this builder for method chaining.
*/
MPTokenBuilder&
setConfidentialBalanceVersion(std::decay_t<typename SF_UINT32::type::value_type> const& value)
{
object_[sfConfidentialBalanceVersion] = value;
return *this;
}
/**
* @brief Set sfIssuerEncryptedBalance (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenBuilder&
setIssuerEncryptedBalance(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfIssuerEncryptedBalance] = value;
return *this;
}
/**
* @brief Set sfAuditorEncryptedBalance (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenBuilder&
setAuditorEncryptedBalance(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAuditorEncryptedBalance] = value;
return *this;
}
/**
* @brief Set sfHolderEncryptionKey (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenBuilder&
setHolderEncryptionKey(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfHolderEncryptionKey] = value;
return *this;
}
/**
* @brief Build and return the completed MPToken wrapper.
* @param index The ledger entry index.

105
include/xrpl/protocol_autogen/ledger_entries/MPTokenIssuance.h
View File

@@ -278,6 +278,78 @@ public:
{
return this->sle_->isFieldPresent(sfMutableFlags);
}
/**
* @brief Get sfIssuerEncryptionKey (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getIssuerEncryptionKey() const
{
if (hasIssuerEncryptionKey())
return this->sle_->at(sfIssuerEncryptionKey);
return std::nullopt;
}
/**
* @brief Check if sfIssuerEncryptionKey is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasIssuerEncryptionKey() const
{
return this->sle_->isFieldPresent(sfIssuerEncryptionKey);
}
/**
* @brief Get sfAuditorEncryptionKey (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getAuditorEncryptionKey() const
{
if (hasAuditorEncryptionKey())
return this->sle_->at(sfAuditorEncryptionKey);
return std::nullopt;
}
/**
* @brief Check if sfAuditorEncryptionKey is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasAuditorEncryptionKey() const
{
return this->sle_->isFieldPresent(sfAuditorEncryptionKey);
}
/**
* @brief Get sfConfidentialOutstandingAmount (soeDEFAULT)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_UINT64::type::value_type>
getConfidentialOutstandingAmount() const
{
if (hasConfidentialOutstandingAmount())
return this->sle_->at(sfConfidentialOutstandingAmount);
return std::nullopt;
}
/**
* @brief Check if sfConfidentialOutstandingAmount is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasConfidentialOutstandingAmount() const
{
return this->sle_->isFieldPresent(sfConfidentialOutstandingAmount);
}
};
/**
@@ -469,6 +541,39 @@ public:
return *this;
}
/**
* @brief Set sfIssuerEncryptionKey (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenIssuanceBuilder&
setIssuerEncryptionKey(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfIssuerEncryptionKey] = value;
return *this;
}
/**
* @brief Set sfAuditorEncryptionKey (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenIssuanceBuilder&
setAuditorEncryptionKey(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAuditorEncryptionKey] = value;
return *this;
}
/**
* @brief Set sfConfidentialOutstandingAmount (soeDEFAULT)
* @return Reference to this builder for method chaining.
*/
MPTokenIssuanceBuilder&
setConfidentialOutstandingAmount(std::decay_t<typename SF_UINT64::type::value_type> const& value)
{
object_[sfConfidentialOutstandingAmount] = value;
return *this;
}
/**
* @brief Build and return the completed MPTokenIssuance wrapper.
* @param index The ledger entry index.

201
include/xrpl/protocol_autogen/transactions/ConfidentialMPTClawback.h Normal file
View File

@@ -0,0 +1,201 @@
// This file is auto-generated. Do not edit.
#pragma once
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol/STParsedJSON.h>
#include <xrpl/protocol/jss.h>
#include <xrpl/protocol_autogen/TransactionBase.h>
#include <xrpl/protocol_autogen/TransactionBuilderBase.h>
#include <xrpl/json/json_value.h>
#include <stdexcept>
#include <optional>
namespace xrpl::transactions {
class ConfidentialMPTClawbackBuilder;
/**
* @brief Transaction: ConfidentialMPTClawback
*
* Type: ttCONFIDENTIAL_MPT_CLAWBACK (89)
* Delegable: Delegation::delegable
* Amendment: featureConfidentialTransfer
* Privileges: noPriv
*
* Immutable wrapper around STTx providing type-safe field access.
* Use ConfidentialMPTClawbackBuilder to construct new transactions.
*/
class ConfidentialMPTClawback : public TransactionBase
{
public:
static constexpr xrpl::TxType txType = ttCONFIDENTIAL_MPT_CLAWBACK;
/**
* @brief Construct a ConfidentialMPTClawback transaction wrapper from an existing STTx object.
* @throws std::runtime_error if the transaction type doesn't match.
*/
explicit ConfidentialMPTClawback(std::shared_ptr<STTx const> tx)
: TransactionBase(std::move(tx))
{
// Verify transaction type
if (tx_->getTxnType() != txType)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTClawback");
}
}
// Transaction-specific field getters
/**
* @brief Get sfMPTokenIssuanceID (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT192::type::value_type
getMPTokenIssuanceID() const
{
return this->tx_->at(sfMPTokenIssuanceID);
}
/**
* @brief Get sfHolder (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_ACCOUNT::type::value_type
getHolder() const
{
return this->tx_->at(sfHolder);
}
/**
* @brief Get sfMPTAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT64::type::value_type
getMPTAmount() const
{
return this->tx_->at(sfMPTAmount);
}
/**
* @brief Get sfZKProof (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getZKProof() const
{
return this->tx_->at(sfZKProof);
}
};
/**
* @brief Builder for ConfidentialMPTClawback transactions.
*
* Provides a fluent interface for constructing transactions with method chaining.
* Uses Json::Value internally for flexible transaction construction.
* Inherits common field setters from TransactionBuilderBase.
*/
class ConfidentialMPTClawbackBuilder : public TransactionBuilderBase<ConfidentialMPTClawbackBuilder>
{
public:
/**
* @brief Construct a new ConfidentialMPTClawbackBuilder with required fields.
* @param account The account initiating the transaction.
* @param mPTokenIssuanceID The sfMPTokenIssuanceID field value.
* @param holder The sfHolder field value.
* @param mPTAmount The sfMPTAmount field value.
* @param zKProof The sfZKProof field value.
* @param sequence Optional sequence number for the transaction.
* @param fee Optional fee for the transaction.
*/
ConfidentialMPTClawbackBuilder(SF_ACCOUNT::type::value_type account,
std::decay_t<typename SF_UINT192::type::value_type> const& mPTokenIssuanceID, std::decay_t<typename SF_ACCOUNT::type::value_type> const& holder, std::decay_t<typename SF_UINT64::type::value_type> const& mPTAmount, std::decay_t<typename SF_VL::type::value_type> const& zKProof, std::optional<SF_UINT32::type::value_type> sequence = std::nullopt,
std::optional<SF_AMOUNT::type::value_type> fee = std::nullopt
)
: TransactionBuilderBase<ConfidentialMPTClawbackBuilder>(ttCONFIDENTIAL_MPT_CLAWBACK, account, sequence, fee)
{
setMPTokenIssuanceID(mPTokenIssuanceID);
setHolder(holder);
setMPTAmount(mPTAmount);
setZKProof(zKProof);
}
/**
* @brief Construct a ConfidentialMPTClawbackBuilder from an existing STTx object.
* @param tx The existing transaction to copy from.
* @throws std::runtime_error if the transaction type doesn't match.
*/
ConfidentialMPTClawbackBuilder(std::shared_ptr<STTx const> tx)
{
if (tx->getTxnType() != ttCONFIDENTIAL_MPT_CLAWBACK)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTClawbackBuilder");
}
object_ = *tx;
}
/** @brief Transaction-specific field setters */
/**
* @brief Set sfMPTokenIssuanceID (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTClawbackBuilder&
setMPTokenIssuanceID(std::decay_t<typename SF_UINT192::type::value_type> const& value)
{
object_[sfMPTokenIssuanceID] = value;
return *this;
}
/**
* @brief Set sfHolder (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTClawbackBuilder&
setHolder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
{
object_[sfHolder] = value;
return *this;
}
/**
* @brief Set sfMPTAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTClawbackBuilder&
setMPTAmount(std::decay_t<typename SF_UINT64::type::value_type> const& value)
{
object_[sfMPTAmount] = value;
return *this;
}
/**
* @brief Set sfZKProof (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTClawbackBuilder&
setZKProof(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfZKProof] = value;
return *this;
}
/**
* @brief Build and return the ConfidentialMPTClawback wrapper.
* @param publicKey The public key for signing.
* @param secretKey The secret key for signing.
* @return The constructed transaction wrapper.
*/
ConfidentialMPTClawback
build(PublicKey const& publicKey, SecretKey const& secretKey)
{
sign(publicKey, secretKey);
return ConfidentialMPTClawback{std::make_shared<STTx>(std::move(object_))};
}
};
} // namespace xrpl::transactions

336
include/xrpl/protocol_autogen/transactions/ConfidentialMPTConvert.h Normal file
View File

@@ -0,0 +1,336 @@
// This file is auto-generated. Do not edit.
#pragma once
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol/STParsedJSON.h>
#include <xrpl/protocol/jss.h>
#include <xrpl/protocol_autogen/TransactionBase.h>
#include <xrpl/protocol_autogen/TransactionBuilderBase.h>
#include <xrpl/json/json_value.h>
#include <stdexcept>
#include <optional>
namespace xrpl::transactions {
class ConfidentialMPTConvertBuilder;
/**
* @brief Transaction: ConfidentialMPTConvert
*
* Type: ttCONFIDENTIAL_MPT_CONVERT (85)
* Delegable: Delegation::delegable
* Amendment: featureConfidentialTransfer
* Privileges: noPriv
*
* Immutable wrapper around STTx providing type-safe field access.
* Use ConfidentialMPTConvertBuilder to construct new transactions.
*/
class ConfidentialMPTConvert : public TransactionBase
{
public:
static constexpr xrpl::TxType txType = ttCONFIDENTIAL_MPT_CONVERT;
/**
* @brief Construct a ConfidentialMPTConvert transaction wrapper from an existing STTx object.
* @throws std::runtime_error if the transaction type doesn't match.
*/
explicit ConfidentialMPTConvert(std::shared_ptr<STTx const> tx)
: TransactionBase(std::move(tx))
{
// Verify transaction type
if (tx_->getTxnType() != txType)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTConvert");
}
}
// Transaction-specific field getters
/**
* @brief Get sfMPTokenIssuanceID (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT192::type::value_type
getMPTokenIssuanceID() const
{
return this->tx_->at(sfMPTokenIssuanceID);
}
/**
* @brief Get sfMPTAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT64::type::value_type
getMPTAmount() const
{
return this->tx_->at(sfMPTAmount);
}
/**
* @brief Get sfHolderEncryptionKey (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getHolderEncryptionKey() const
{
if (hasHolderEncryptionKey())
{
return this->tx_->at(sfHolderEncryptionKey);
}
return std::nullopt;
}
/**
* @brief Check if sfHolderEncryptionKey is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasHolderEncryptionKey() const
{
return this->tx_->isFieldPresent(sfHolderEncryptionKey);
}
/**
* @brief Get sfHolderEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getHolderEncryptedAmount() const
{
return this->tx_->at(sfHolderEncryptedAmount);
}
/**
* @brief Get sfIssuerEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getIssuerEncryptedAmount() const
{
return this->tx_->at(sfIssuerEncryptedAmount);
}
/**
* @brief Get sfAuditorEncryptedAmount (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getAuditorEncryptedAmount() const
{
if (hasAuditorEncryptedAmount())
{
return this->tx_->at(sfAuditorEncryptedAmount);
}
return std::nullopt;
}
/**
* @brief Check if sfAuditorEncryptedAmount is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasAuditorEncryptedAmount() const
{
return this->tx_->isFieldPresent(sfAuditorEncryptedAmount);
}
/**
* @brief Get sfBlindingFactor (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT256::type::value_type
getBlindingFactor() const
{
return this->tx_->at(sfBlindingFactor);
}
/**
* @brief Get sfZKProof (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getZKProof() const
{
if (hasZKProof())
{
return this->tx_->at(sfZKProof);
}
return std::nullopt;
}
/**
* @brief Check if sfZKProof is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasZKProof() const
{
return this->tx_->isFieldPresent(sfZKProof);
}
};
/**
* @brief Builder for ConfidentialMPTConvert transactions.
*
* Provides a fluent interface for constructing transactions with method chaining.
* Uses Json::Value internally for flexible transaction construction.
* Inherits common field setters from TransactionBuilderBase.
*/
class ConfidentialMPTConvertBuilder : public TransactionBuilderBase<ConfidentialMPTConvertBuilder>
{
public:
/**
* @brief Construct a new ConfidentialMPTConvertBuilder with required fields.
* @param account The account initiating the transaction.
* @param mPTokenIssuanceID The sfMPTokenIssuanceID field value.
* @param mPTAmount The sfMPTAmount field value.
* @param holderEncryptedAmount The sfHolderEncryptedAmount field value.
* @param issuerEncryptedAmount The sfIssuerEncryptedAmount field value.
* @param blindingFactor The sfBlindingFactor field value.
* @param sequence Optional sequence number for the transaction.
* @param fee Optional fee for the transaction.
*/
ConfidentialMPTConvertBuilder(SF_ACCOUNT::type::value_type account,
std::decay_t<typename SF_UINT192::type::value_type> const& mPTokenIssuanceID, std::decay_t<typename SF_UINT64::type::value_type> const& mPTAmount, std::decay_t<typename SF_VL::type::value_type> const& holderEncryptedAmount, std::decay_t<typename SF_VL::type::value_type> const& issuerEncryptedAmount, std::decay_t<typename SF_UINT256::type::value_type> const& blindingFactor, std::optional<SF_UINT32::type::value_type> sequence = std::nullopt,
std::optional<SF_AMOUNT::type::value_type> fee = std::nullopt
)
: TransactionBuilderBase<ConfidentialMPTConvertBuilder>(ttCONFIDENTIAL_MPT_CONVERT, account, sequence, fee)
{
setMPTokenIssuanceID(mPTokenIssuanceID);
setMPTAmount(mPTAmount);
setHolderEncryptedAmount(holderEncryptedAmount);
setIssuerEncryptedAmount(issuerEncryptedAmount);
setBlindingFactor(blindingFactor);
}
/**
* @brief Construct a ConfidentialMPTConvertBuilder from an existing STTx object.
* @param tx The existing transaction to copy from.
* @throws std::runtime_error if the transaction type doesn't match.
*/
ConfidentialMPTConvertBuilder(std::shared_ptr<STTx const> tx)
{
if (tx->getTxnType() != ttCONFIDENTIAL_MPT_CONVERT)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTConvertBuilder");
}
object_ = *tx;
}
/** @brief Transaction-specific field setters */
/**
* @brief Set sfMPTokenIssuanceID (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setMPTokenIssuanceID(std::decay_t<typename SF_UINT192::type::value_type> const& value)
{
object_[sfMPTokenIssuanceID] = value;
return *this;
}
/**
* @brief Set sfMPTAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setMPTAmount(std::decay_t<typename SF_UINT64::type::value_type> const& value)
{
object_[sfMPTAmount] = value;
return *this;
}
/**
* @brief Set sfHolderEncryptionKey (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setHolderEncryptionKey(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfHolderEncryptionKey] = value;
return *this;
}
/**
* @brief Set sfHolderEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setHolderEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfHolderEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfIssuerEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setIssuerEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfIssuerEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfAuditorEncryptedAmount (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setAuditorEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAuditorEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfBlindingFactor (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setBlindingFactor(std::decay_t<typename SF_UINT256::type::value_type> const& value)
{
object_[sfBlindingFactor] = value;
return *this;
}
/**
* @brief Set sfZKProof (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBuilder&
setZKProof(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfZKProof] = value;
return *this;
}
/**
* @brief Build and return the ConfidentialMPTConvert wrapper.
* @param publicKey The public key for signing.
* @param secretKey The secret key for signing.
* @return The constructed transaction wrapper.
*/
ConfidentialMPTConvert
build(PublicKey const& publicKey, SecretKey const& secretKey)
{
sign(publicKey, secretKey);
return ConfidentialMPTConvert{std::make_shared<STTx>(std::move(object_))};
}
};
} // namespace xrpl::transactions

310
include/xrpl/protocol_autogen/transactions/ConfidentialMPTConvertBack.h Normal file
View File

@@ -0,0 +1,310 @@
// This file is auto-generated. Do not edit.
#pragma once
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol/STParsedJSON.h>
#include <xrpl/protocol/jss.h>
#include <xrpl/protocol_autogen/TransactionBase.h>
#include <xrpl/protocol_autogen/TransactionBuilderBase.h>
#include <xrpl/json/json_value.h>
#include <stdexcept>
#include <optional>
namespace xrpl::transactions {
class ConfidentialMPTConvertBackBuilder;
/**
* @brief Transaction: ConfidentialMPTConvertBack
*
* Type: ttCONFIDENTIAL_MPT_CONVERT_BACK (87)
* Delegable: Delegation::delegable
* Amendment: featureConfidentialTransfer
* Privileges: noPriv
*
* Immutable wrapper around STTx providing type-safe field access.
* Use ConfidentialMPTConvertBackBuilder to construct new transactions.
*/
class ConfidentialMPTConvertBack : public TransactionBase
{
public:
static constexpr xrpl::TxType txType = ttCONFIDENTIAL_MPT_CONVERT_BACK;
/**
* @brief Construct a ConfidentialMPTConvertBack transaction wrapper from an existing STTx object.
* @throws std::runtime_error if the transaction type doesn't match.
*/
explicit ConfidentialMPTConvertBack(std::shared_ptr<STTx const> tx)
: TransactionBase(std::move(tx))
{
// Verify transaction type
if (tx_->getTxnType() != txType)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTConvertBack");
}
}
// Transaction-specific field getters
/**
* @brief Get sfMPTokenIssuanceID (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT192::type::value_type
getMPTokenIssuanceID() const
{
return this->tx_->at(sfMPTokenIssuanceID);
}
/**
* @brief Get sfMPTAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT64::type::value_type
getMPTAmount() const
{
return this->tx_->at(sfMPTAmount);
}
/**
* @brief Get sfHolderEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getHolderEncryptedAmount() const
{
return this->tx_->at(sfHolderEncryptedAmount);
}
/**
* @brief Get sfIssuerEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getIssuerEncryptedAmount() const
{
return this->tx_->at(sfIssuerEncryptedAmount);
}
/**
* @brief Get sfAuditorEncryptedAmount (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getAuditorEncryptedAmount() const
{
if (hasAuditorEncryptedAmount())
{
return this->tx_->at(sfAuditorEncryptedAmount);
}
return std::nullopt;
}
/**
* @brief Check if sfAuditorEncryptedAmount is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasAuditorEncryptedAmount() const
{
return this->tx_->isFieldPresent(sfAuditorEncryptedAmount);
}
/**
* @brief Get sfBlindingFactor (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT256::type::value_type
getBlindingFactor() const
{
return this->tx_->at(sfBlindingFactor);
}
/**
* @brief Get sfZKProof (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getZKProof() const
{
return this->tx_->at(sfZKProof);
}
/**
* @brief Get sfBalanceCommitment (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getBalanceCommitment() const
{
return this->tx_->at(sfBalanceCommitment);
}
};
/**
* @brief Builder for ConfidentialMPTConvertBack transactions.
*
* Provides a fluent interface for constructing transactions with method chaining.
* Uses Json::Value internally for flexible transaction construction.
* Inherits common field setters from TransactionBuilderBase.
*/
class ConfidentialMPTConvertBackBuilder : public TransactionBuilderBase<ConfidentialMPTConvertBackBuilder>
{
public:
/**
* @brief Construct a new ConfidentialMPTConvertBackBuilder with required fields.
* @param account The account initiating the transaction.
* @param mPTokenIssuanceID The sfMPTokenIssuanceID field value.
* @param mPTAmount The sfMPTAmount field value.
* @param holderEncryptedAmount The sfHolderEncryptedAmount field value.
* @param issuerEncryptedAmount The sfIssuerEncryptedAmount field value.
* @param blindingFactor The sfBlindingFactor field value.
* @param zKProof The sfZKProof field value.
* @param balanceCommitment The sfBalanceCommitment field value.
* @param sequence Optional sequence number for the transaction.
* @param fee Optional fee for the transaction.
*/
ConfidentialMPTConvertBackBuilder(SF_ACCOUNT::type::value_type account,
std::decay_t<typename SF_UINT192::type::value_type> const& mPTokenIssuanceID, std::decay_t<typename SF_UINT64::type::value_type> const& mPTAmount, std::decay_t<typename SF_VL::type::value_type> const& holderEncryptedAmount, std::decay_t<typename SF_VL::type::value_type> const& issuerEncryptedAmount, std::decay_t<typename SF_UINT256::type::value_type> const& blindingFactor, std::decay_t<typename SF_VL::type::value_type> const& zKProof, std::decay_t<typename SF_VL::type::value_type> const& balanceCommitment, std::optional<SF_UINT32::type::value_type> sequence = std::nullopt,
std::optional<SF_AMOUNT::type::value_type> fee = std::nullopt
)
: TransactionBuilderBase<ConfidentialMPTConvertBackBuilder>(ttCONFIDENTIAL_MPT_CONVERT_BACK, account, sequence, fee)
{
setMPTokenIssuanceID(mPTokenIssuanceID);
setMPTAmount(mPTAmount);
setHolderEncryptedAmount(holderEncryptedAmount);
setIssuerEncryptedAmount(issuerEncryptedAmount);
setBlindingFactor(blindingFactor);
setZKProof(zKProof);
setBalanceCommitment(balanceCommitment);
}
/**
* @brief Construct a ConfidentialMPTConvertBackBuilder from an existing STTx object.
* @param tx The existing transaction to copy from.
* @throws std::runtime_error if the transaction type doesn't match.
*/
ConfidentialMPTConvertBackBuilder(std::shared_ptr<STTx const> tx)
{
if (tx->getTxnType() != ttCONFIDENTIAL_MPT_CONVERT_BACK)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTConvertBackBuilder");
}
object_ = *tx;
}
/** @brief Transaction-specific field setters */
/**
* @brief Set sfMPTokenIssuanceID (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setMPTokenIssuanceID(std::decay_t<typename SF_UINT192::type::value_type> const& value)
{
object_[sfMPTokenIssuanceID] = value;
return *this;
}
/**
* @brief Set sfMPTAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setMPTAmount(std::decay_t<typename SF_UINT64::type::value_type> const& value)
{
object_[sfMPTAmount] = value;
return *this;
}
/**
* @brief Set sfHolderEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setHolderEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfHolderEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfIssuerEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setIssuerEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfIssuerEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfAuditorEncryptedAmount (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setAuditorEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAuditorEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfBlindingFactor (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setBlindingFactor(std::decay_t<typename SF_UINT256::type::value_type> const& value)
{
object_[sfBlindingFactor] = value;
return *this;
}
/**
* @brief Set sfZKProof (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setZKProof(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfZKProof] = value;
return *this;
}
/**
* @brief Set sfBalanceCommitment (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTConvertBackBuilder&
setBalanceCommitment(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfBalanceCommitment] = value;
return *this;
}
/**
* @brief Build and return the ConfidentialMPTConvertBack wrapper.
* @param publicKey The public key for signing.
* @param secretKey The secret key for signing.
* @return The constructed transaction wrapper.
*/
ConfidentialMPTConvertBack
build(PublicKey const& publicKey, SecretKey const& secretKey)
{
sign(publicKey, secretKey);
return ConfidentialMPTConvertBack{std::make_shared<STTx>(std::move(object_))};
}
};
} // namespace xrpl::transactions

129
include/xrpl/protocol_autogen/transactions/ConfidentialMPTMergeInbox.h Normal file
View File

@@ -0,0 +1,129 @@
// This file is auto-generated. Do not edit.
#pragma once
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol/STParsedJSON.h>
#include <xrpl/protocol/jss.h>
#include <xrpl/protocol_autogen/TransactionBase.h>
#include <xrpl/protocol_autogen/TransactionBuilderBase.h>
#include <xrpl/json/json_value.h>
#include <stdexcept>
#include <optional>
namespace xrpl::transactions {
class ConfidentialMPTMergeInboxBuilder;
/**
* @brief Transaction: ConfidentialMPTMergeInbox
*
* Type: ttCONFIDENTIAL_MPT_MERGE_INBOX (86)
* Delegable: Delegation::delegable
* Amendment: featureConfidentialTransfer
* Privileges: noPriv
*
* Immutable wrapper around STTx providing type-safe field access.
* Use ConfidentialMPTMergeInboxBuilder to construct new transactions.
*/
class ConfidentialMPTMergeInbox : public TransactionBase
{
public:
static constexpr xrpl::TxType txType = ttCONFIDENTIAL_MPT_MERGE_INBOX;
/**
* @brief Construct a ConfidentialMPTMergeInbox transaction wrapper from an existing STTx object.
* @throws std::runtime_error if the transaction type doesn't match.
*/
explicit ConfidentialMPTMergeInbox(std::shared_ptr<STTx const> tx)
: TransactionBase(std::move(tx))
{
// Verify transaction type
if (tx_->getTxnType() != txType)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTMergeInbox");
}
}
// Transaction-specific field getters
/**
* @brief Get sfMPTokenIssuanceID (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT192::type::value_type
getMPTokenIssuanceID() const
{
return this->tx_->at(sfMPTokenIssuanceID);
}
};
/**
* @brief Builder for ConfidentialMPTMergeInbox transactions.
*
* Provides a fluent interface for constructing transactions with method chaining.
* Uses Json::Value internally for flexible transaction construction.
* Inherits common field setters from TransactionBuilderBase.
*/
class ConfidentialMPTMergeInboxBuilder : public TransactionBuilderBase<ConfidentialMPTMergeInboxBuilder>
{
public:
/**
* @brief Construct a new ConfidentialMPTMergeInboxBuilder with required fields.
* @param account The account initiating the transaction.
* @param mPTokenIssuanceID The sfMPTokenIssuanceID field value.
* @param sequence Optional sequence number for the transaction.
* @param fee Optional fee for the transaction.
*/
ConfidentialMPTMergeInboxBuilder(SF_ACCOUNT::type::value_type account,
std::decay_t<typename SF_UINT192::type::value_type> const& mPTokenIssuanceID, std::optional<SF_UINT32::type::value_type> sequence = std::nullopt,
std::optional<SF_AMOUNT::type::value_type> fee = std::nullopt
)
: TransactionBuilderBase<ConfidentialMPTMergeInboxBuilder>(ttCONFIDENTIAL_MPT_MERGE_INBOX, account, sequence, fee)
{
setMPTokenIssuanceID(mPTokenIssuanceID);
}
/**
* @brief Construct a ConfidentialMPTMergeInboxBuilder from an existing STTx object.
* @param tx The existing transaction to copy from.
* @throws std::runtime_error if the transaction type doesn't match.
*/
ConfidentialMPTMergeInboxBuilder(std::shared_ptr<STTx const> tx)
{
if (tx->getTxnType() != ttCONFIDENTIAL_MPT_MERGE_INBOX)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTMergeInboxBuilder");
}
object_ = *tx;
}
/** @brief Transaction-specific field setters */
/**
* @brief Set sfMPTokenIssuanceID (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTMergeInboxBuilder&
setMPTokenIssuanceID(std::decay_t<typename SF_UINT192::type::value_type> const& value)
{
object_[sfMPTokenIssuanceID] = value;
return *this;
}
/**
* @brief Build and return the ConfidentialMPTMergeInbox wrapper.
* @param publicKey The public key for signing.
* @param secretKey The secret key for signing.
* @return The constructed transaction wrapper.
*/
ConfidentialMPTMergeInbox
build(PublicKey const& publicKey, SecretKey const& secretKey)
{
sign(publicKey, secretKey);
return ConfidentialMPTMergeInbox{std::make_shared<STTx>(std::move(object_))};
}
};
} // namespace xrpl::transactions

371
include/xrpl/protocol_autogen/transactions/ConfidentialMPTSend.h Normal file
View File

@@ -0,0 +1,371 @@
// This file is auto-generated. Do not edit.
#pragma once
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol/STParsedJSON.h>
#include <xrpl/protocol/jss.h>
#include <xrpl/protocol_autogen/TransactionBase.h>
#include <xrpl/protocol_autogen/TransactionBuilderBase.h>
#include <xrpl/json/json_value.h>
#include <stdexcept>
#include <optional>
namespace xrpl::transactions {
class ConfidentialMPTSendBuilder;
/**
* @brief Transaction: ConfidentialMPTSend
*
* Type: ttCONFIDENTIAL_MPT_SEND (88)
* Delegable: Delegation::delegable
* Amendment: featureConfidentialTransfer
* Privileges: noPriv
*
* Immutable wrapper around STTx providing type-safe field access.
* Use ConfidentialMPTSendBuilder to construct new transactions.
*/
class ConfidentialMPTSend : public TransactionBase
{
public:
static constexpr xrpl::TxType txType = ttCONFIDENTIAL_MPT_SEND;
/**
* @brief Construct a ConfidentialMPTSend transaction wrapper from an existing STTx object.
* @throws std::runtime_error if the transaction type doesn't match.
*/
explicit ConfidentialMPTSend(std::shared_ptr<STTx const> tx)
: TransactionBase(std::move(tx))
{
// Verify transaction type
if (tx_->getTxnType() != txType)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTSend");
}
}
// Transaction-specific field getters
/**
* @brief Get sfMPTokenIssuanceID (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_UINT192::type::value_type
getMPTokenIssuanceID() const
{
return this->tx_->at(sfMPTokenIssuanceID);
}
/**
* @brief Get sfDestination (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_ACCOUNT::type::value_type
getDestination() const
{
return this->tx_->at(sfDestination);
}
/**
* @brief Get sfSenderEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getSenderEncryptedAmount() const
{
return this->tx_->at(sfSenderEncryptedAmount);
}
/**
* @brief Get sfDestinationEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getDestinationEncryptedAmount() const
{
return this->tx_->at(sfDestinationEncryptedAmount);
}
/**
* @brief Get sfIssuerEncryptedAmount (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getIssuerEncryptedAmount() const
{
return this->tx_->at(sfIssuerEncryptedAmount);
}
/**
* @brief Get sfAuditorEncryptedAmount (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getAuditorEncryptedAmount() const
{
if (hasAuditorEncryptedAmount())
{
return this->tx_->at(sfAuditorEncryptedAmount);
}
return std::nullopt;
}
/**
* @brief Check if sfAuditorEncryptedAmount is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasAuditorEncryptedAmount() const
{
return this->tx_->isFieldPresent(sfAuditorEncryptedAmount);
}
/**
* @brief Get sfZKProof (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getZKProof() const
{
return this->tx_->at(sfZKProof);
}
/**
* @brief Get sfAmountCommitment (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getAmountCommitment() const
{
return this->tx_->at(sfAmountCommitment);
}
/**
* @brief Get sfBalanceCommitment (soeREQUIRED)
* @return The field value.
*/
[[nodiscard]]
SF_VL::type::value_type
getBalanceCommitment() const
{
return this->tx_->at(sfBalanceCommitment);
}
/**
* @brief Get sfCredentialIDs (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VECTOR256::type::value_type>
getCredentialIDs() const
{
if (hasCredentialIDs())
{
return this->tx_->at(sfCredentialIDs);
}
return std::nullopt;
}
/**
* @brief Check if sfCredentialIDs is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasCredentialIDs() const
{
return this->tx_->isFieldPresent(sfCredentialIDs);
}
};
/**
* @brief Builder for ConfidentialMPTSend transactions.
*
* Provides a fluent interface for constructing transactions with method chaining.
* Uses Json::Value internally for flexible transaction construction.
* Inherits common field setters from TransactionBuilderBase.
*/
class ConfidentialMPTSendBuilder : public TransactionBuilderBase<ConfidentialMPTSendBuilder>
{
public:
/**
* @brief Construct a new ConfidentialMPTSendBuilder with required fields.
* @param account The account initiating the transaction.
* @param mPTokenIssuanceID The sfMPTokenIssuanceID field value.
* @param destination The sfDestination field value.
* @param senderEncryptedAmount The sfSenderEncryptedAmount field value.
* @param destinationEncryptedAmount The sfDestinationEncryptedAmount field value.
* @param issuerEncryptedAmount The sfIssuerEncryptedAmount field value.
* @param zKProof The sfZKProof field value.
* @param amountCommitment The sfAmountCommitment field value.
* @param balanceCommitment The sfBalanceCommitment field value.
* @param sequence Optional sequence number for the transaction.
* @param fee Optional fee for the transaction.
*/
ConfidentialMPTSendBuilder(SF_ACCOUNT::type::value_type account,
std::decay_t<typename SF_UINT192::type::value_type> const& mPTokenIssuanceID, std::decay_t<typename SF_ACCOUNT::type::value_type> const& destination, std::decay_t<typename SF_VL::type::value_type> const& senderEncryptedAmount, std::decay_t<typename SF_VL::type::value_type> const& destinationEncryptedAmount, std::decay_t<typename SF_VL::type::value_type> const& issuerEncryptedAmount, std::decay_t<typename SF_VL::type::value_type> const& zKProof, std::decay_t<typename SF_VL::type::value_type> const& amountCommitment, std::decay_t<typename SF_VL::type::value_type> const& balanceCommitment, std::optional<SF_UINT32::type::value_type> sequence = std::nullopt,
std::optional<SF_AMOUNT::type::value_type> fee = std::nullopt
)
: TransactionBuilderBase<ConfidentialMPTSendBuilder>(ttCONFIDENTIAL_MPT_SEND, account, sequence, fee)
{
setMPTokenIssuanceID(mPTokenIssuanceID);
setDestination(destination);
setSenderEncryptedAmount(senderEncryptedAmount);
setDestinationEncryptedAmount(destinationEncryptedAmount);
setIssuerEncryptedAmount(issuerEncryptedAmount);
setZKProof(zKProof);
setAmountCommitment(amountCommitment);
setBalanceCommitment(balanceCommitment);
}
/**
* @brief Construct a ConfidentialMPTSendBuilder from an existing STTx object.
* @param tx The existing transaction to copy from.
* @throws std::runtime_error if the transaction type doesn't match.
*/
ConfidentialMPTSendBuilder(std::shared_ptr<STTx const> tx)
{
if (tx->getTxnType() != ttCONFIDENTIAL_MPT_SEND)
{
throw std::runtime_error("Invalid transaction type for ConfidentialMPTSendBuilder");
}
object_ = *tx;
}
/** @brief Transaction-specific field setters */
/**
* @brief Set sfMPTokenIssuanceID (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setMPTokenIssuanceID(std::decay_t<typename SF_UINT192::type::value_type> const& value)
{
object_[sfMPTokenIssuanceID] = value;
return *this;
}
/**
* @brief Set sfDestination (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setDestination(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
{
object_[sfDestination] = value;
return *this;
}
/**
* @brief Set sfSenderEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setSenderEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfSenderEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfDestinationEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setDestinationEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfDestinationEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfIssuerEncryptedAmount (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setIssuerEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfIssuerEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfAuditorEncryptedAmount (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setAuditorEncryptedAmount(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAuditorEncryptedAmount] = value;
return *this;
}
/**
* @brief Set sfZKProof (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setZKProof(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfZKProof] = value;
return *this;
}
/**
* @brief Set sfAmountCommitment (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setAmountCommitment(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAmountCommitment] = value;
return *this;
}
/**
* @brief Set sfBalanceCommitment (soeREQUIRED)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setBalanceCommitment(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfBalanceCommitment] = value;
return *this;
}
/**
* @brief Set sfCredentialIDs (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
ConfidentialMPTSendBuilder&
setCredentialIDs(std::decay_t<typename SF_VECTOR256::type::value_type> const& value)
{
object_[sfCredentialIDs] = value;
return *this;
}
/**
* @brief Build and return the ConfidentialMPTSend wrapper.
* @param publicKey The public key for signing.
* @param secretKey The secret key for signing.
* @return The constructed transaction wrapper.
*/
ConfidentialMPTSend
build(PublicKey const& publicKey, SecretKey const& secretKey)
{
sign(publicKey, secretKey);
return ConfidentialMPTSend{std::make_shared<STTx>(std::move(object_))};
}
};
} // namespace xrpl::transactions

74
include/xrpl/protocol_autogen/transactions/MPTokenIssuanceSet.h
View File

@@ -187,6 +187,58 @@ public:
{
return this->tx_->isFieldPresent(sfMutableFlags);
}
/**
* @brief Get sfIssuerEncryptionKey (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getIssuerEncryptionKey() const
{
if (hasIssuerEncryptionKey())
{
return this->tx_->at(sfIssuerEncryptionKey);
}
return std::nullopt;
}
/**
* @brief Check if sfIssuerEncryptionKey is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasIssuerEncryptionKey() const
{
return this->tx_->isFieldPresent(sfIssuerEncryptionKey);
}
/**
* @brief Get sfAuditorEncryptionKey (soeOPTIONAL)
* @return The field value, or std::nullopt if not present.
*/
[[nodiscard]]
protocol_autogen::Optional<SF_VL::type::value_type>
getAuditorEncryptionKey() const
{
if (hasAuditorEncryptionKey())
{
return this->tx_->at(sfAuditorEncryptionKey);
}
return std::nullopt;
}
/**
* @brief Check if sfAuditorEncryptionKey is present.
* @return True if the field is present, false otherwise.
*/
[[nodiscard]]
bool
hasAuditorEncryptionKey() const
{
return this->tx_->isFieldPresent(sfAuditorEncryptionKey);
}
};
/**
@@ -297,6 +349,28 @@ public:
return *this;
}
/**
* @brief Set sfIssuerEncryptionKey (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenIssuanceSetBuilder&
setIssuerEncryptionKey(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfIssuerEncryptionKey] = value;
return *this;
}
/**
* @brief Set sfAuditorEncryptionKey (soeOPTIONAL)
* @return Reference to this builder for method chaining.
*/
MPTokenIssuanceSetBuilder&
setAuditorEncryptionKey(std::decay_t<typename SF_VL::type::value_type> const& value)
{
object_[sfAuditorEncryptionKey] = value;
return *this;
}
/**
* @brief Build and return the MPTokenIssuanceSet wrapper.
* @param publicKey The public key for signing.

3
include/xrpl/tx/invariants/InvariantCheck.h
View File

@@ -398,7 +398,8 @@ using InvariantChecks = std::tuple<
ValidPseudoAccounts,
ValidLoanBroker,
ValidLoan,
ValidVault>;
ValidVault,
ValidConfidentialMPToken>;
/**
* @brief get a tuple of all invariant checks

43
include/xrpl/tx/invariants/MPTInvariant.h
View File

@@ -28,4 +28,47 @@ public:
finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&) const;
};
/**
* @brief Invariants: Confidential MPToken consistency
*
* - Convert/ConvertBack symmetry:
* Regular MPToken balance change (±X) == COA (Confidential Outstanding Amount) change (∓X)
* - Cannot delete MPToken with non-zero confidential state:
* Cannot delete if sfIssuerEncryptedBalance exists
* Cannot delete if sfConfidentialBalanceInbox and sfConfidentialBalanceSpending exist
* - Privacy flag consistency:
* MPToken can only have encrypted fields if lsfMPTCanConfidentialAmount is set on
* issuance.
* - Encrypted field existence consistency:
* If sfConfidentialBalanceSpending/sfConfidentialBalanceInbox exists, then
* sfIssuerEncryptedBalance must also exist (and vice versa).
* - COA <= OutstandingAmount:
* Confidential outstanding balance cannot exceed total outstanding.
* - Verifies sfConfidentialBalanceVersion is changed whenever sfConfidentialBalanceSpending is
* modified on an MPToken.
*/
class ValidConfidentialMPToken
{
struct Changes
{
std::int64_t mptAmountDelta = 0;
std::int64_t coaDelta = 0;
std::int64_t outstandingDelta = 0;
SLE::const_pointer issuance;
bool deletedWithEncrypted = false;
bool badConsistency = false;
bool badCOA = false;
bool requiresPrivacyFlag = false;
bool badVersion = false;
};
std::map<uint192, Changes> changes_;
public:
void
visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
bool
finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
};
} // namespace xrpl

2
include/xrpl/tx/paths/detail/StrandFlow.h
View File

@@ -246,7 +246,7 @@ flow(
EitherAmount stepIn(*strand[0]->cachedIn());
for (auto i = 0; i < s; ++i)
{
bool valid;
bool valid = false;
std::tie(valid, stepIn) = strand[i]->validFwd(checkSB, checkAfView, stepIn);
if (!valid)
{

33
include/xrpl/tx/transactors/system/Batch.h
View File

@@ -33,23 +33,22 @@ public:
TER
doApply() override;
static constexpr auto disabledTxTypes = std::to_array<TxType>({
ttVAULT_CREATE,
ttVAULT_SET,
ttVAULT_DELETE,
ttVAULT_DEPOSIT,
ttVAULT_WITHDRAW,
ttVAULT_CLAWBACK,
ttLOAN_BROKER_SET,
ttLOAN_BROKER_DELETE,
ttLOAN_BROKER_COVER_DEPOSIT,
ttLOAN_BROKER_COVER_WITHDRAW,
ttLOAN_BROKER_COVER_CLAWBACK,
ttLOAN_SET,
ttLOAN_DELETE,
ttLOAN_MANAGE,
ttLOAN_PAY,
});
static constexpr auto disabledTxTypes = std::to_array<TxType>(
{ttVAULT_CREATE,
ttVAULT_SET,
ttVAULT_DELETE,
ttVAULT_DEPOSIT,
ttVAULT_WITHDRAW,
ttVAULT_CLAWBACK,
ttLOAN_BROKER_SET,
ttLOAN_BROKER_DELETE,
ttLOAN_BROKER_COVER_DEPOSIT,
ttLOAN_BROKER_COVER_WITHDRAW,
ttLOAN_BROKER_COVER_CLAWBACK,
ttLOAN_SET,
ttLOAN_DELETE,
ttLOAN_MANAGE,
ttLOAN_PAY});
};
} // namespace xrpl

42
include/xrpl/tx/transactors/token/ConfidentialMPTClawback.h Normal file
View File

@@ -0,0 +1,42 @@
#pragma once
#include <xrpl/tx/Transactor.h>
namespace xrpl {
/**
* @brief Allows an MPT issuer to clawback confidential balances from a holder.
*
* This transaction enables the issuer of an MPToken Issuance (with clawback
* enabled) to reclaim confidential tokens from a holder's account. Unlike
* regular clawback, the issuer cannot see the holder's balance directly.
* Instead, the issuer must provide a zero-knowledge proof that demonstrates
* they know the exact encrypted balance amount.
*
* @par Cryptographic Operations:
* - **Equality Proof Verification**: Verifies that the issuer's revealed
* amount matches the holder's encrypted balance using the issuer's
* ElGamal private key.
*
* @see ConfidentialMPTSend, ConfidentialMPTConvert
*/
class ConfidentialMPTClawback : public Transactor
{
public:
static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
explicit ConfidentialMPTClawback(ApplyContext& ctx) : Transactor(ctx)
{
}
static NotTEC
preflight(PreflightContext const& ctx);
static TER
preclaim(PreclaimContext const& ctx);
TER
doApply() override;
};
} // namespace xrpl

44
include/xrpl/tx/transactors/token/ConfidentialMPTConvert.h Normal file
View File

@@ -0,0 +1,44 @@
#pragma once
#include <xrpl/tx/Transactor.h>
namespace xrpl {
/**
* @brief Converts public (plaintext) MPT balance to confidential (encrypted)
* balance.
*
* This transaction allows a token holder to convert their publicly visible
* MPToken balance into an encrypted confidential balance. Once converted,
* the balance can only be spent using ConfidentialMPTSend transactions and
* remains hidden from public view on the ledger.
*
* @par Cryptographic Operations:
* - **Schnorr Proof Verification**: When registering a new ElGamal public key,
* verifies proof of knowledge of the corresponding private key.
* - **Revealed Amount Verification**: Verifies that the provided encrypted
* amounts (for holder, issuer, and optionally auditor) all encrypt the
* same plaintext amount using the provided blinding factor.
*
* @see ConfidentialMPTConvertBack, ConfidentialMPTSend
*/
class ConfidentialMPTConvert : public Transactor
{
public:
static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
explicit ConfidentialMPTConvert(ApplyContext& ctx) : Transactor(ctx)
{
}
static NotTEC
preflight(PreflightContext const& ctx);
static TER
preclaim(PreclaimContext const& ctx);
TER
doApply() override;
};
} // namespace xrpl

45
include/xrpl/tx/transactors/token/ConfidentialMPTConvertBack.h Normal file
View File

@@ -0,0 +1,45 @@
#pragma once
#include <xrpl/tx/Transactor.h>
namespace xrpl {
/**
* @brief Converts confidential (encrypted) MPT balance back to public
* (plaintext) balance.
*
* This transaction allows a token holder to convert their encrypted
* confidential balance back into a publicly visible MPToken balance. The
* holder must prove they have sufficient confidential balance without
* revealing the actual balance amount.
*
* @par Cryptographic Operations:
* - **Revealed Amount Verification**: Verifies that the provided encrypted
* amounts correctly encrypt the conversion amount.
* - **Pedersen Linkage Proof**: Verifies that the provided balance commitment
* correctly links to the holder's encrypted spending balance.
* - **Bulletproof Range Proof**: Verifies that the remaining balance (after
* conversion) is non-negative, ensuring the holder has sufficient funds.
*
* @see ConfidentialMPTConvert, ConfidentialMPTSend
*/
class ConfidentialMPTConvertBack : public Transactor
{
public:
static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
explicit ConfidentialMPTConvertBack(ApplyContext& ctx) : Transactor(ctx)
{
}
static NotTEC
preflight(PreflightContext const& ctx);
static TER
preclaim(PreclaimContext const& ctx);
TER
doApply() override;
};
} // namespace xrpl

46
include/xrpl/tx/transactors/token/ConfidentialMPTMergeInbox.h Normal file
View File

@@ -0,0 +1,46 @@
#pragma once
#include <xrpl/tx/Transactor.h>
namespace xrpl {
/**
* @brief Merges the confidential inbox balance into the spending balance.
*
* In the confidential transfer system, incoming funds are deposited into an
* "inbox" balance that the recipient cannot immediately spend. This prevents
* front-running attacks where an attacker could invalidate a pending
* transaction by sending funds to the sender. This transaction merges the
* inbox into the spending balance, making those funds available for spending.
*
* @par Cryptographic Operations:
* - **Homomorphic Addition**: Adds the encrypted inbox balance to the
* encrypted spending balance using ElGamal homomorphic properties.
* - **Zero Encryption**: Resets the inbox to an encryption of zero.
*
* @note This transaction requires no zero-knowledge proofs because it only
* combines encrypted values that the holder already owns. The
* homomorphic properties of ElGamal encryption ensure correctness.
*
* @see ConfidentialMPTSend, ConfidentialMPTConvert
*/
class ConfidentialMPTMergeInbox : public Transactor
{
public:
static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
explicit ConfidentialMPTMergeInbox(ApplyContext& ctx) : Transactor(ctx)
{
}
static NotTEC
preflight(PreflightContext const& ctx);
static TER
preclaim(PreclaimContext const& ctx);
TER
doApply() override;
};
} // namespace xrpl

55
include/xrpl/tx/transactors/token/ConfidentialMPTSend.h Normal file
View File

@@ -0,0 +1,55 @@
#pragma once
#include <xrpl/tx/Transactor.h>
namespace xrpl {
/**
* @brief Transfers confidential MPT tokens between holders privately.
*
* This transaction enables private token transfers where the transfer amount
* is hidden from public view. Both sender and recipient must have initialized
* confidential balances. The transaction provides encrypted amounts for all
* parties (sender, destination, issuer, and optionally auditor) along with
* zero-knowledge proofs that verify correctness without revealing the amount.
*
* @par Cryptographic Operations:
* - **Multi-Ciphertext Equality Proof**: Verifies that all encrypted amounts
* (sender, destination, issuer, auditor) encrypt the same plaintext value.
* - **Amount Pedersen Linkage Proof**: Verifies that the amount commitment
* correctly links to the sender's encrypted amount.
* - **Balance Pedersen Linkage Proof**: Verifies that the balance commitment
* correctly links to the sender's encrypted spending balance.
* - **Bulletproof Range Proof**: Verifies remaining balance and
* transfer amount are non-negative.
*
* @note Funds are deposited into the destination's inbox, not spending
* balance. The recipient must call ConfidentialMPTMergeInbox to make
* received funds spendable.
*
* @see ConfidentialMPTMergeInbox, ConfidentialMPTConvert,
* ConfidentialMPTConvertBack
*/
class ConfidentialMPTSend : public Transactor
{
/// Size of two Pedersen linkage proofs (amount + balance)
static constexpr std::size_t doublePedersenProofLength = 2 * ecPedersenProofLength;
public:
static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
explicit ConfidentialMPTSend(ApplyContext& ctx) : Transactor(ctx)
{
}
static NotTEC
preflight(PreflightContext const& ctx);
static TER
preclaim(PreclaimContext const& ctx);
TER
doApply() override;
};
} // namespace xrpl

3
src/libxrpl/basics/Log.cpp
View File

@@ -59,7 +59,8 @@ Logs::File::open(boost::filesystem::path const& path)
bool wasOpened = false;
// VFALCO TODO Make this work with Unicode file paths
std::unique_ptr<std::ofstream> stream(new std::ofstream(path.c_str(), std::fstream::app));
std::unique_ptr<std::ofstream> stream =
std::make_unique<std::ofstream>(path.c_str(), std::fstream::app);
if (stream->good())
{

7
src/libxrpl/ledger/helpers/MPTokenHelpers.cpp
View File

@@ -255,6 +255,13 @@ removeEmptyHolding(
if (mptoken->at(sfMPTAmount) != 0)
return tecHAS_OBLIGATIONS;
// Don't delete if the token still has confidential balances
if (mptoken->isFieldPresent(sfConfidentialBalanceInbox) ||
mptoken->isFieldPresent(sfConfidentialBalanceSpending))
{
return tecHAS_OBLIGATIONS;
}
return authorizeMPToken(
view,
{}, // priorBalance

3
src/libxrpl/ledger/helpers/TokenHelpers.cpp
View File

@@ -334,7 +334,8 @@ accountHolds(
// Only if auth check is needed, as it needs to do an additional read
// operation. Note featureSingleAssetVault will affect error codes.
if (zeroIfUnauthorized == ahZERO_IF_UNAUTHORIZED &&
view.rules().enabled(featureSingleAssetVault))
(view.rules().enabled(featureSingleAssetVault) ||
view.rules().enabled(featureConfidentialTransfer)))
{
if (auto const err = requireAuth(view, mptIssue, account, AuthType::StrongAuth);
!isTesSuccess(err))

445
src/libxrpl/protocol/ConfidentialTransfer.cpp Normal file
View File

@@ -0,0 +1,445 @@
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Protocol.h>
#include <openssl/rand.h>
#include <utility/mpt_utility.h>
namespace xrpl {
/**
* @brief Converts an XRPL AccountID to mpt-crypto lib C struct.
*
* @param account The AccountID.
* @return The equivalent mpt-crypto lib account_id struct.
*/
account_id
toAccountId(AccountID const& account)
{
account_id res;
std::memcpy(res.bytes, account.data(), kMPT_ACCOUNT_ID_SIZE);
return res;
}
/**
* @brief Converts an XRPL uint192 to mpt-crypto lib C struct.
*
* @param i The XRPL MPTokenIssuance ID.
* @return The equivalent mpt-crypto lib mpt_issuance_id struct.
*/
mpt_issuance_id
toIssuanceId(uint192 const& issuance)
{
mpt_issuance_id res;
std::memcpy(res.bytes, issuance.data(), kMPT_ISSUANCE_ID_SIZE);
return res;
}
uint256
getSendContextHash(
AccountID const& account,
uint192 const& issuanceID,
std::uint32_t sequence,
AccountID const& destination,
std::uint32_t version)
{
uint256 result;
mpt_get_send_context_hash(
toAccountId(account),
toIssuanceId(issuanceID),
sequence,
toAccountId(destination),
version,
result.data());
return result;
}
uint256
getClawbackContextHash(
AccountID const& account,
uint192 const& issuanceID,
std::uint32_t sequence,
AccountID const& holder)
{
uint256 result;
mpt_get_clawback_context_hash(
toAccountId(account),
toIssuanceId(issuanceID),
sequence,
toAccountId(holder),
result.data());
return result;
}
uint256
getConvertContextHash(AccountID const& account, uint192 const& issuanceID, std::uint32_t sequence)
{
uint256 result;
mpt_get_convert_context_hash(
toAccountId(account), toIssuanceId(issuanceID), sequence, result.data());
return result;
}
uint256
getConvertBackContextHash(
AccountID const& account,
uint192 const& issuanceID,
std::uint32_t sequence,
std::uint32_t version)
{
uint256 result;
mpt_get_convert_back_context_hash(
toAccountId(account), toIssuanceId(issuanceID), sequence, version, result.data());
return result;
}
std::optional<EcPair>
makeEcPair(Slice const& buffer)
{
if (buffer.length() != 2 * ecGamalEncryptedLength)
return std::nullopt; // LCOV_EXCL_LINE
auto parsePubKey = [](Slice const& slice, secp256k1_pubkey& out) {
return secp256k1_ec_pubkey_parse(
secp256k1Context(),
&out,
reinterpret_cast<unsigned char const*>(slice.data()),
slice.length());
};
Slice const s1{buffer.data(), ecGamalEncryptedLength};
Slice const s2{buffer.data() + ecGamalEncryptedLength, ecGamalEncryptedLength};
EcPair pair{};
if (parsePubKey(s1, pair.c1) != 1 || parsePubKey(s2, pair.c2) != 1)
return std::nullopt;
return pair;
}
std::optional<Buffer>
serializeEcPair(EcPair const& pair)
{
auto serializePubKey = [](secp256k1_pubkey const& pub, unsigned char* out) {
size_t outLen = ecGamalEncryptedLength; // 33 bytes
int const ret = secp256k1_ec_pubkey_serialize(
secp256k1Context(), out, &outLen, &pub, SECP256K1_EC_COMPRESSED);
return ret == 1 && outLen == ecGamalEncryptedLength;
};
Buffer buffer(ecGamalEncryptedTotalLength);
unsigned char* ptr = buffer.data();
bool const res1 = serializePubKey(pair.c1, ptr);
bool const res2 = serializePubKey(pair.c2, ptr + ecGamalEncryptedLength);
if (!res1 || !res2)
return std::nullopt;
return buffer;
}
bool
isValidCiphertext(Slice const& buffer)
{
return makeEcPair(buffer).has_value();
}
bool
isValidCompressedECPoint(Slice const& buffer)
{
if (buffer.size() != compressedECPointLength)
return false;
// Compressed EC points must start with 0x02 or 0x03
if (buffer[0] != ecCompressedPrefixEvenY && buffer[0] != ecCompressedPrefixOddY)
return false;
secp256k1_pubkey point;
return secp256k1_ec_pubkey_parse(secp256k1Context(), &point, buffer.data(), buffer.size()) == 1;
}
std::optional<Buffer>
homomorphicAdd(Slice const& a, Slice const& b)
{
if (a.length() != ecGamalEncryptedTotalLength || b.length() != ecGamalEncryptedTotalLength)
return std::nullopt;
auto const pairA = makeEcPair(a);
auto const pairB = makeEcPair(b);
if (!pairA || !pairB)
return std::nullopt;
EcPair sum{};
if (auto res = secp256k1_elgamal_add(
secp256k1Context(), &sum.c1, &sum.c2, &pairA->c1, &pairA->c2, &pairB->c1, &pairB->c2);
res != 1)
{
return std::nullopt;
}
return serializeEcPair(sum);
}
std::optional<Buffer>
homomorphicSubtract(Slice const& a, Slice const& b)
{
if (a.length() != ecGamalEncryptedTotalLength || b.length() != ecGamalEncryptedTotalLength)
return std::nullopt;
auto const pairA = makeEcPair(a);
auto const pairB = makeEcPair(b);
if (!pairA || !pairB)
return std::nullopt;
EcPair diff{};
if (auto res = secp256k1_elgamal_subtract(
secp256k1Context(), &diff.c1, &diff.c2, &pairA->c1, &pairA->c2, &pairB->c1, &pairB->c2);
res != 1)
{
return std::nullopt;
}
return serializeEcPair(diff);
}
Buffer
generateBlindingFactor()
{
unsigned char blindingFactor[ecBlindingFactorLength];
// todo: might need to be updated using another RNG
if (RAND_bytes(blindingFactor, ecBlindingFactorLength) != 1)
Throw<std::runtime_error>("Failed to generate random number");
return Buffer(blindingFactor, ecBlindingFactorLength);
}
std::optional<Buffer>
encryptAmount(uint64_t const amt, Slice const& pubKeySlice, Slice const& blindingFactor)
{
if (blindingFactor.size() != ecBlindingFactorLength || pubKeySlice.size() != ecPubKeyLength)
return std::nullopt;
Buffer out(ecGamalEncryptedTotalLength);
if (mpt_encrypt_amount(amt, pubKeySlice.data(), blindingFactor.data(), out.data()) != 0)
return std::nullopt;
return out;
}
std::optional<Buffer>
encryptCanonicalZeroAmount(Slice const& pubKeySlice, AccountID const& account, MPTID const& mptId)
{
if (pubKeySlice.size() != ecPubKeyLength)
return std::nullopt; // LCOV_EXCL_LINE
EcPair pair{};
secp256k1_pubkey pubKey;
if (auto res = secp256k1_ec_pubkey_parse(
secp256k1Context(), &pubKey, pubKeySlice.data(), ecPubKeyLength);
res != 1)
{
return std::nullopt; // LCOV_EXCL_LINE
}
if (auto res = generate_canonical_encrypted_zero(
secp256k1Context(), &pair.c1, &pair.c2, &pubKey, account.data(), mptId.data());
res != 1)
{
return std::nullopt; // LCOV_EXCL_LINE
}
return serializeEcPair(pair);
}
TER
verifyRevealedAmount(
uint64_t const amount,
Slice const& blindingFactor,
ConfidentialRecipient const& holder,
ConfidentialRecipient const& issuer,
std::optional<ConfidentialRecipient> const& auditor)
{
if (blindingFactor.size() != ecBlindingFactorLength ||
holder.publicKey.size() != ecPubKeyLength ||
holder.encryptedAmount.size() != ecGamalEncryptedTotalLength ||
issuer.publicKey.size() != ecPubKeyLength ||
issuer.encryptedAmount.size() != ecGamalEncryptedTotalLength)
return tecINTERNAL; // LCOV_EXCL_LINE
auto toParticipant = [](ConfidentialRecipient const& r) {
mpt_confidential_participant p;
std::memcpy(p.pubkey, r.publicKey.data(), kMPT_PUBKEY_SIZE);
std::memcpy(p.ciphertext, r.encryptedAmount.data(), kMPT_ELGAMAL_TOTAL_SIZE);
return p;
};
auto const holderP = toParticipant(holder);
auto const issuerP = toParticipant(issuer);
mpt_confidential_participant auditorP;
mpt_confidential_participant const* auditorPtr = nullptr;
if (auditor)
{
if (auditor->publicKey.size() != ecPubKeyLength ||
auditor->encryptedAmount.size() != ecGamalEncryptedTotalLength)
return tecINTERNAL; // LCOV_EXCL_LINE
auditorP = toParticipant(*auditor);
auditorPtr = &auditorP;
}
if (mpt_verify_revealed_amount(amount, blindingFactor.data(), &holderP, &issuerP, auditorPtr) !=
0)
return tecBAD_PROOF;
return tesSUCCESS;
}
NotTEC
checkEncryptedAmountFormat(STObject const& object)
{
// Current usage of this function is only for ConfidentialMPTConvert and
// ConfidentialMPTConvertBack transactions, which already enforce that these fields
// are present.
if (!object.isFieldPresent(sfHolderEncryptedAmount) ||
!object.isFieldPresent(sfIssuerEncryptedAmount))
return temMALFORMED; // LCOV_EXCL_LINE
if (object[sfHolderEncryptedAmount].length() != ecGamalEncryptedTotalLength ||
object[sfIssuerEncryptedAmount].length() != ecGamalEncryptedTotalLength)
return temBAD_CIPHERTEXT;
bool const hasAuditor = object.isFieldPresent(sfAuditorEncryptedAmount);
if (hasAuditor && object[sfAuditorEncryptedAmount].length() != ecGamalEncryptedTotalLength)
return temBAD_CIPHERTEXT;
if (!isValidCiphertext(object[sfHolderEncryptedAmount]) ||
!isValidCiphertext(object[sfIssuerEncryptedAmount]))
return temBAD_CIPHERTEXT;
if (hasAuditor && !isValidCiphertext(object[sfAuditorEncryptedAmount]))
return temBAD_CIPHERTEXT;
return tesSUCCESS;
}
TER
verifySchnorrProof(Slice const& pubKeySlice, Slice const& proofSlice, uint256 const& contextHash)
{
if (proofSlice.size() != ecSchnorrProofLength || pubKeySlice.size() != ecPubKeyLength)
return tecINTERNAL; // LCOV_EXCL_LINE
if (mpt_verify_convert_proof(proofSlice.data(), pubKeySlice.data(), contextHash.data()) != 0)
return tecBAD_PROOF;
return tesSUCCESS;
}
TER
verifyClawbackEqualityProof(
uint64_t const amount,
Slice const& proof,
Slice const& pubKeySlice,
Slice const& ciphertext,
uint256 const& contextHash)
{
if (ciphertext.size() != ecGamalEncryptedTotalLength || pubKeySlice.size() != ecPubKeyLength ||
proof.size() != ecEqualityProofLength)
return tecINTERNAL; // LCOV_EXCL_LINE
if (mpt_verify_clawback_proof(
proof.data(), amount, pubKeySlice.data(), ciphertext.data(), contextHash.data()) != 0)
return tecBAD_PROOF;
return tesSUCCESS;
}
TER
verifySendProof(
Slice const& proof,
ConfidentialRecipient const& sender,
ConfidentialRecipient const& destination,
ConfidentialRecipient const& issuer,
std::optional<ConfidentialRecipient> const& auditor,
Slice const& spendingBalance,
Slice const& amountCommitment,
Slice const& balanceCommitment,
uint256 const& contextHash)
{
auto const recipientCount = getConfidentialRecipientCount(auditor.has_value());
auto const expectedProofSize = getEqualityProofSize(recipientCount) +
2 * ecPedersenProofLength + ecDoubleBulletproofLength;
if (proof.size() != expectedProofSize || sender.publicKey.size() != ecPubKeyLength ||
sender.encryptedAmount.size() != ecGamalEncryptedTotalLength ||
destination.publicKey.size() != ecPubKeyLength ||
destination.encryptedAmount.size() != ecGamalEncryptedTotalLength ||
issuer.publicKey.size() != ecPubKeyLength ||
issuer.encryptedAmount.size() != ecGamalEncryptedTotalLength ||
spendingBalance.size() != ecGamalEncryptedTotalLength ||
amountCommitment.size() != ecPedersenCommitmentLength ||
balanceCommitment.size() != ecPedersenCommitmentLength)
return tecINTERNAL; // LCOV_EXCL_LINE
auto makeParticipant = [](ConfidentialRecipient const& r) {
mpt_confidential_participant p;
std::memcpy(p.pubkey, r.publicKey.data(), kMPT_PUBKEY_SIZE);
std::memcpy(p.ciphertext, r.encryptedAmount.data(), kMPT_ELGAMAL_TOTAL_SIZE);
return p;
};
std::vector<mpt_confidential_participant> participants(recipientCount);
participants[0] = makeParticipant(sender);
participants[1] = makeParticipant(destination);
participants[2] = makeParticipant(issuer);
if (auditor)
{
if (auditor->publicKey.size() != ecPubKeyLength ||
auditor->encryptedAmount.size() != ecGamalEncryptedTotalLength)
return tecINTERNAL;
participants[3] = makeParticipant(*auditor);
}
if (mpt_verify_send_proof(
proof.data(),
proof.size(),
participants.data(),
static_cast<uint8_t>(recipientCount),
spendingBalance.data(),
amountCommitment.data(),
balanceCommitment.data(),
contextHash.data()) != 0)
return tecBAD_PROOF;
return tesSUCCESS;
}
TER
verifyConvertBackProof(
Slice const& proof,
Slice const& pubKeySlice,
Slice const& spendingBalance,
Slice const& balanceCommitment,
uint64_t amount,
uint256 const& contextHash)
{
if (proof.size() != ecPedersenProofLength + ecSingleBulletproofLength ||
pubKeySlice.size() != ecPubKeyLength ||
spendingBalance.size() != ecGamalEncryptedTotalLength ||
balanceCommitment.size() != ecPedersenCommitmentLength)
return tecINTERNAL; // LCOV_EXCL_LINE
if (mpt_verify_convert_back_proof(
proof.data(),
pubKeySlice.data(),
spendingBalance.data(),
balanceCommitment.data(),
amount,
contextHash.data()) != 0)
return tecBAD_PROOF;
return tesSUCCESS;
}
} // namespace xrpl

3
src/libxrpl/protocol/PublicKey.cpp
View File

@@ -3,6 +3,7 @@
#include <xrpl/basics/contract.h>
#include <xrpl/basics/strHex.h>
#include <xrpl/protocol/KeyType.h>
#include <xrpl/protocol/Protocol.h>
#include <xrpl/protocol/PublicKey.h>
#include <xrpl/protocol/UintTypes.h>
#include <xrpl/protocol/detail/secp256k1.h>
@@ -208,7 +209,7 @@ publicKeyType(Slice const& slice)
if (slice[0] == 0xED)
return KeyType::ed25519;
if (slice[0] == 0x02 || slice[0] == 0x03)
if (slice[0] == ecCompressedPrefixEvenY || slice[0] == ecCompressedPrefixOddY)
return KeyType::secp256k1;
}

2
src/libxrpl/protocol/TER.cpp
View File

@@ -106,6 +106,7 @@ transResults()
MAKE_ERROR(tecLIMIT_EXCEEDED, "Limit exceeded."),
MAKE_ERROR(tecPSEUDO_ACCOUNT, "This operation is not allowed against a pseudo-account."),
MAKE_ERROR(tecPRECISION_LOSS, "The amounts used by the transaction cannot interact."),
MAKE_ERROR(tecBAD_PROOF, "Proof cannot be verified"),
MAKE_ERROR(tefALREADY, "The exact transaction was already in this ledger."),
MAKE_ERROR(tefBAD_ADD_AUTH, "Not authorized to add account."),
@@ -198,6 +199,7 @@ transResults()
MAKE_ERROR(temARRAY_TOO_LARGE, "Malformed: Array is too large."),
MAKE_ERROR(temBAD_TRANSFER_FEE, "Malformed: Transfer fee is outside valid range."),
MAKE_ERROR(temINVALID_INNER_BATCH, "Malformed: Invalid inner batch transaction."),
MAKE_ERROR(temBAD_CIPHERTEXT, "Malformed: Invalid ciphertext."),
MAKE_ERROR(terRETRY, "Retry transaction."),
MAKE_ERROR(terFUNDS_SPENT, "DEPRECATED."),

204
src/libxrpl/tx/invariants/MPTInvariant.cpp
View File

@@ -194,4 +194,208 @@ ValidMPTIssuance::finalize(
mptokensDeleted_ == 0;
}
void
ValidConfidentialMPToken::visitEntry(
bool isDelete,
std::shared_ptr<SLE const> const& before,
std::shared_ptr<SLE const> const& after)
{
// Helper to get MPToken Issuance ID safely
auto const getMptID = [](std::shared_ptr<SLE const> const& sle) -> uint192 {
if (!sle)
return beast::zero;
if (sle->getType() == ltMPTOKEN)
return sle->getFieldH192(sfMPTokenIssuanceID);
if (sle->getType() == ltMPTOKEN_ISSUANCE)
return makeMptID(sle->getFieldU32(sfSequence), sle->getAccountID(sfIssuer));
return beast::zero;
};
if (before && before->getType() == ltMPTOKEN)
{
uint192 const id = getMptID(before);
changes_[id].mptAmountDelta -= before->getFieldU64(sfMPTAmount);
// Cannot delete MPToken with non-zero confidential state or non-zero public amount
if (isDelete)
{
bool const hasPublicBalance = before->getFieldU64(sfMPTAmount) > 0;
bool const hasEncryptedFields = before->isFieldPresent(sfConfidentialBalanceSpending) ||
before->isFieldPresent(sfConfidentialBalanceInbox) ||
before->isFieldPresent(sfIssuerEncryptedBalance);
if (hasPublicBalance || hasEncryptedFields)
changes_[id].deletedWithEncrypted = true;
}
}
if (after && after->getType() == ltMPTOKEN)
{
uint192 const id = getMptID(after);
changes_[id].mptAmountDelta += after->getFieldU64(sfMPTAmount);
// Encrypted field existence consistency
bool const hasIssuerBalance = after->isFieldPresent(sfIssuerEncryptedBalance);
bool const hasHolderInbox = after->isFieldPresent(sfConfidentialBalanceInbox);
bool const hasHolderSpending = after->isFieldPresent(sfConfidentialBalanceSpending);
bool const hasAnyHolder = hasHolderInbox || hasHolderSpending;
if (hasAnyHolder != hasIssuerBalance)
{
changes_[id].badConsistency = true;
}
// Privacy flag consistency
bool const hasEncrypted = hasAnyHolder || hasIssuerBalance;
if (hasEncrypted)
changes_[id].requiresPrivacyFlag = true;
}
if (before && before->getType() == ltMPTOKEN_ISSUANCE)
{
uint192 const id = getMptID(before);
if (before->isFieldPresent(sfConfidentialOutstandingAmount))
changes_[id].coaDelta -= before->getFieldU64(sfConfidentialOutstandingAmount);
changes_[id].outstandingDelta -= before->getFieldU64(sfOutstandingAmount);
}
if (after && after->getType() == ltMPTOKEN_ISSUANCE)
{
uint192 const id = getMptID(after);
auto& change = changes_[id];
bool const hasCOA = after->isFieldPresent(sfConfidentialOutstandingAmount);
std::uint64_t const coa = (*after)[~sfConfidentialOutstandingAmount].value_or(0);
std::uint64_t const oa = after->getFieldU64(sfOutstandingAmount);
if (hasCOA)
change.coaDelta += coa;
change.outstandingDelta += oa;
change.issuance = after;
// COA <= OutstandingAmount
if (coa > oa)
change.badCOA = true;
}
if (before && after && before->getType() == ltMPTOKEN && after->getType() == ltMPTOKEN)
{
uint192 const id = getMptID(after);
// sfConfidentialBalanceVersion must change when spending changes
auto const spendingBefore = (*before)[~sfConfidentialBalanceSpending];
auto const spendingAfter = (*after)[~sfConfidentialBalanceSpending];
auto const versionBefore = (*before)[~sfConfidentialBalanceVersion];
auto const versionAfter = (*after)[~sfConfidentialBalanceVersion];
if (spendingBefore.has_value() && spendingBefore != spendingAfter)
{
if (versionBefore == versionAfter)
{
changes_[id].badVersion = true;
}
}
}
}
bool
ValidConfidentialMPToken::finalize(
STTx const& tx,
TER const result,
XRPAmount const,
ReadView const& view,
beast::Journal const& j)
{
if (result != tesSUCCESS)
return true;
for (auto const& [id, checks] : changes_)
{
// Find the MPTokenIssuance
auto const issuance = [&]() -> std::shared_ptr<SLE const> {
if (checks.issuance)
return checks.issuance;
return view.read(keylet::mptIssuance(id));
}();
// Skip all invariance checks if issuance doesn't exist because that means the MPT has been
// deleted
if (!issuance)
continue;
// Cannot delete MPToken with non-zero confidential state
if (checks.deletedWithEncrypted)
{
if ((*issuance)[~sfConfidentialOutstandingAmount].value_or(0) > 0)
{
JLOG(j.fatal())
<< "Invariant failed: MPToken deleted with encrypted fields while COA > 0";
return false;
}
}
// Encrypted field existence consistency
if (checks.badConsistency)
{
JLOG(j.fatal()) << "Invariant failed: MPToken encrypted field "
"existence inconsistency";
return false;
}
// COA <= OutstandingAmount
if (checks.badCOA)
{
JLOG(j.fatal()) << "Invariant failed: Confidential outstanding amount "
"exceeds total outstanding amount";
return false;
}
// Privacy flag consistency
if (checks.requiresPrivacyFlag)
{
if (!issuance->isFlag(lsfMPTCanConfidentialAmount))
{
JLOG(j.fatal()) << "Invariant failed: MPToken has encrypted "
"fields but Issuance does not have "
"lsfMPTCanConfidentialAmount set";
return false;
}
}
// We only enforce this when Confidential Outstanding Amount changes (Convert, ConvertBack,
// ConfidentialClawback). This avoids falsely failing on Escrow or AMM operations that lock
// public tokens outside of ltMPTOKEN. Convert / ConvertBack:
// - COA and MPTAmount must have opposite deltas, which cancel each other out to zero.
// - OA remains unchanged.
// - Therefore, the net delta on both sides of the equation is zero.
//
// Clawback:
// - MPTAmount remains unchanged.
// - COA and OA must have identical deltas (mirrored on each side).
// - The equation remains balanced as both sides have equal offsets.
if (checks.coaDelta != 0)
{
if (checks.mptAmountDelta + checks.coaDelta != checks.outstandingDelta)
{
JLOG(j.fatal()) << "Invariant failed: Token conservation "
"violation for MPT "
<< to_string(id);
return false;
}
}
if (checks.badVersion)
{
JLOG(j.fatal())
<< "Invariant failed: MPToken sfConfidentialBalanceVersion not updated when "
"sfConfidentialBalanceSpending changed";
return false;
}
}
return true;
}
} // namespace xrpl

168
src/libxrpl/tx/transactors/token/ConfidentialMPTClawback.cpp Normal file
View File

@@ -0,0 +1,168 @@
#include <xrpl/ledger/View.h>
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Feature.h>
#include <xrpl/protocol/Indexes.h>
#include <xrpl/protocol/LedgerFormats.h>
#include <xrpl/protocol/TER.h>
#include <xrpl/protocol/TxFlags.h>
#include <xrpl/tx/transactors/token/ConfidentialMPTClawback.h>
namespace xrpl {
NotTEC
ConfidentialMPTClawback::preflight(PreflightContext const& ctx)
{
if (!ctx.rules.enabled(featureConfidentialTransfer))
return temDISABLED;
auto const account = ctx.tx[sfAccount];
// Only issuer can clawback
if (account != MPTIssue(ctx.tx[sfMPTokenIssuanceID]).getIssuer())
return temMALFORMED;
// Cannot clawback from self
if (account == ctx.tx[sfHolder])
return temMALFORMED;
// Check invalid claw amount
auto const clawAmount = ctx.tx[sfMPTAmount];
if (clawAmount == 0 || clawAmount > maxMPTokenAmount)
return temBAD_AMOUNT;
// Verify proof length
if (ctx.tx[sfZKProof].length() != ecEqualityProofLength)
return temMALFORMED;
return tesSUCCESS;
}
TER
ConfidentialMPTClawback::preclaim(PreclaimContext const& ctx)
{
// Check if sender account exists
auto const account = ctx.tx[sfAccount];
if (!ctx.view.exists(keylet::account(account)))
return terNO_ACCOUNT;
// Check if holder account exists
auto const holder = ctx.tx[sfHolder];
if (!ctx.view.exists(keylet::account(holder)))
return tecNO_TARGET;
// Check if MPT issuance exists
auto const mptIssuanceID = ctx.tx[sfMPTokenIssuanceID];
auto const sleIssuance = ctx.view.read(keylet::mptIssuance(mptIssuanceID));
if (!sleIssuance)
return tecOBJECT_NOT_FOUND;
// Sanity check: account must be the same as issuer
if (sleIssuance->getAccountID(sfIssuer) != account)
return tefINTERNAL; // LCOV_EXCL_LINE
// Check if issuance has issuer ElGamal public key
if (!sleIssuance->isFieldPresent(sfIssuerEncryptionKey))
return tecNO_PERMISSION;
// Check if clawback is allowed
if (!sleIssuance->isFlag(lsfMPTCanClawback))
return tecNO_PERMISSION;
// Check if issuance allows confidential transfer
if (!sleIssuance->isFlag(lsfMPTCanConfidentialAmount))
return tecNO_PERMISSION; // LCOV_EXCL_LINE
// Check holder's MPToken
auto const sleHolderMPToken = ctx.view.read(keylet::mptoken(mptIssuanceID, holder));
if (!sleHolderMPToken)
return tecOBJECT_NOT_FOUND;
// Check if holder has confidential balances to claw back
if (!sleHolderMPToken->isFieldPresent(sfIssuerEncryptedBalance))
return tecNO_PERMISSION; // LCOV_EXCL_LINE
// Check if Holder has ElGamal public Key
if (!sleHolderMPToken->isFieldPresent(sfHolderEncryptionKey))
return tecNO_PERMISSION; // LCOV_EXCL_LINE
// Sanity check: claw amount can not exceed confidential outstanding amount
auto const amount = ctx.tx[sfMPTAmount];
if (amount > (*sleIssuance)[~sfConfidentialOutstandingAmount].value_or(0))
return tecINSUFFICIENT_FUNDS;
auto const contextHash =
getClawbackContextHash(account, mptIssuanceID, ctx.tx.getSeqProxy().value(), holder);
// Verify the revealed confidential amount by the issuer matches the exact
// confidential balance of the holder.
return verifyClawbackEqualityProof(
amount,
ctx.tx[sfZKProof],
(*sleIssuance)[sfIssuerEncryptionKey],
(*sleHolderMPToken)[sfIssuerEncryptedBalance],
contextHash);
}
TER
ConfidentialMPTClawback::doApply()
{
auto const mptIssuanceID = ctx_.tx[sfMPTokenIssuanceID];
auto const holder = ctx_.tx[sfHolder];
auto sleIssuance = view().peek(keylet::mptIssuance(mptIssuanceID));
auto sleHolderMPToken = view().peek(keylet::mptoken(mptIssuanceID, holder));
if (!sleIssuance || !sleHolderMPToken)
return tecINTERNAL; // LCOV_EXCL_LINE
auto const clawAmount = ctx_.tx[sfMPTAmount];
Slice const holderPubKey = (*sleHolderMPToken)[sfHolderEncryptionKey];
Slice const issuerPubKey = (*sleIssuance)[sfIssuerEncryptionKey];
// After clawback, the balance should be encrypted zero.
auto const encZeroForHolder = encryptCanonicalZeroAmount(holderPubKey, holder, mptIssuanceID);
if (!encZeroForHolder)
return tecINTERNAL; // LCOV_EXCL_LINE
auto encZeroForIssuer = encryptCanonicalZeroAmount(issuerPubKey, holder, mptIssuanceID);
if (!encZeroForIssuer)
return tecINTERNAL; // LCOV_EXCL_LINE
// Set holder's confidential balances to encrypted zero
(*sleHolderMPToken)[sfConfidentialBalanceInbox] = *encZeroForHolder;
(*sleHolderMPToken)[sfConfidentialBalanceSpending] = *encZeroForHolder;
(*sleHolderMPToken)[sfIssuerEncryptedBalance] = std::move(*encZeroForIssuer);
incrementConfidentialVersion(*sleHolderMPToken);
if (sleHolderMPToken->isFieldPresent(sfAuditorEncryptedBalance))
{
// Sanity check: the issuance must have an auditor public key if
// auditing is enabled.
if (!sleIssuance->isFieldPresent(sfAuditorEncryptionKey))
return tecINTERNAL; // LCOV_EXCL_LINE
Slice const auditorPubKey = (*sleIssuance)[sfAuditorEncryptionKey];
auto encZeroForAuditor = encryptCanonicalZeroAmount(auditorPubKey, holder, mptIssuanceID);
if (!encZeroForAuditor)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleHolderMPToken)[sfAuditorEncryptedBalance] = std::move(*encZeroForAuditor);
}
// Decrease Global Confidential Outstanding Amount
auto const oldCOA = (*sleIssuance)[sfConfidentialOutstandingAmount];
(*sleIssuance)[sfConfidentialOutstandingAmount] = oldCOA - clawAmount;
// Decrease Global Total Outstanding Amount
auto const oldOA = (*sleIssuance)[sfOutstandingAmount];
(*sleIssuance)[sfOutstandingAmount] = oldOA - clawAmount;
view().update(sleHolderMPToken);
view().update(sleIssuance);
return tesSUCCESS;
}
} // namespace xrpl

281
src/libxrpl/tx/transactors/token/ConfidentialMPTConvert.cpp Normal file
View File

@@ -0,0 +1,281 @@
#include <xrpl/ledger/View.h>
#include <xrpl/ledger/helpers/TokenHelpers.h>
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Feature.h>
#include <xrpl/protocol/Indexes.h>
#include <xrpl/protocol/LedgerFormats.h>
#include <xrpl/protocol/TER.h>
#include <xrpl/protocol/TxFlags.h>
#include <xrpl/tx/transactors/token/ConfidentialMPTConvert.h>
namespace xrpl {
NotTEC
ConfidentialMPTConvert::preflight(PreflightContext const& ctx)
{
if (!ctx.rules.enabled(featureConfidentialTransfer))
return temDISABLED;
// issuer cannot convert
if (MPTIssue(ctx.tx[sfMPTokenIssuanceID]).getIssuer() == ctx.tx[sfAccount])
return temMALFORMED;
if (ctx.tx[sfMPTAmount] > maxMPTokenAmount)
return temBAD_AMOUNT;
if (ctx.tx.isFieldPresent(sfHolderEncryptionKey))
{
if (!isValidCompressedECPoint(ctx.tx[sfHolderEncryptionKey]))
return temMALFORMED;
// proof of knowledge of the secret key corresponding to the provided
// public key is needed when holder ec public key is being set.
if (!ctx.tx.isFieldPresent(sfZKProof))
return temMALFORMED;
// verify schnorr proof length when registering holder ec public key
if (ctx.tx[sfZKProof].size() != ecSchnorrProofLength)
return temMALFORMED;
}
else
{
// Either both sfHolderEncryptionKey and sfZKProof should be present, or both should be
// absent.
if (ctx.tx.isFieldPresent(sfZKProof))
return temMALFORMED;
}
// check encrypted amount format after the above basic checks
// this check is more expensive so put it at the end
if (auto const res = checkEncryptedAmountFormat(ctx.tx); !isTesSuccess(res))
return res;
return tesSUCCESS;
}
TER
ConfidentialMPTConvert::preclaim(PreclaimContext const& ctx)
{
auto const account = ctx.tx[sfAccount];
auto const issuanceID = ctx.tx[sfMPTokenIssuanceID];
auto const amount = ctx.tx[sfMPTAmount];
// ensure that issuance exists
auto const sleIssuance = ctx.view.read(keylet::mptIssuance(issuanceID));
if (!sleIssuance)
return tecOBJECT_NOT_FOUND;
if (!sleIssuance->isFlag(lsfMPTCanConfidentialAmount) ||
!sleIssuance->isFieldPresent(sfIssuerEncryptionKey))
return tecNO_PERMISSION;
// already checked in preflight, but should also check that issuer on the
// issuance isn't the account either
if (sleIssuance->getAccountID(sfIssuer) == account)
return tefINTERNAL; // LCOV_EXCL_LINE
bool const hasAuditor = ctx.tx.isFieldPresent(sfAuditorEncryptedAmount);
bool const requiresAuditor = sleIssuance->isFieldPresent(sfAuditorEncryptionKey);
// tx must include auditor ciphertext if the issuance has enabled
// auditing, and must not include it if auditing is not enabled
if (requiresAuditor != hasAuditor)
return tecNO_PERMISSION;
auto const sleMptoken = ctx.view.read(keylet::mptoken(issuanceID, account));
if (!sleMptoken)
return tecOBJECT_NOT_FOUND;
auto const mptIssue = MPTIssue{issuanceID};
// Explicit freeze and auth checks are required because accountHolds
// with fhZERO_IF_FROZEN/ahZERO_IF_UNAUTHORIZED only implicitly rejects
// non-zero amounts. A zero-amount convert would bypass those implicit
// checks, allowing frozen or unauthorized accounts to register ElGamal
// keys and initialize confidential balance fields.
// Check lock
if (auto const ter = checkFrozen(ctx.view, account, mptIssue); !isTesSuccess(ter))
return ter;
// Check auth
if (auto const ter = requireAuth(ctx.view, mptIssue, account); !isTesSuccess(ter))
return ter;
STAmount const mptAmount =
STAmount(MPTAmount{static_cast<MPTAmount::value_type>(amount)}, mptIssue);
if (accountHolds(
ctx.view,
account,
mptIssue,
FreezeHandling::fhZERO_IF_FROZEN,
AuthHandling::ahZERO_IF_UNAUTHORIZED,
ctx.j) < mptAmount)
{
return tecINSUFFICIENT_FUNDS;
}
auto const hasHolderKeyOnLedger = sleMptoken->isFieldPresent(sfHolderEncryptionKey);
auto const hasHolderKeyInTx = ctx.tx.isFieldPresent(sfHolderEncryptionKey);
// must have pk to convert
if (!hasHolderKeyOnLedger && !hasHolderKeyInTx)
return tecNO_PERMISSION;
// can't update if there's already a pk
if (hasHolderKeyOnLedger && hasHolderKeyInTx)
return tecDUPLICATE;
// Run all verifications before returning any error to prevent timing attacks
// that could reveal which proof failed.
bool valid = true;
Slice holderPubKey;
if (hasHolderKeyInTx)
{
holderPubKey = ctx.tx[sfHolderEncryptionKey];
auto const contextHash =
getConvertContextHash(account, issuanceID, ctx.tx.getSeqProxy().value());
if (auto const ter = verifySchnorrProof(holderPubKey, ctx.tx[sfZKProof], contextHash);
!isTesSuccess(ter))
{
valid = false;
}
}
else
{
holderPubKey = (*sleMptoken)[sfHolderEncryptionKey];
}
std::optional<ConfidentialRecipient> auditor;
if (hasAuditor)
{
auditor.emplace(
ConfidentialRecipient{
(*sleIssuance)[sfAuditorEncryptionKey], ctx.tx[sfAuditorEncryptedAmount]});
}
auto const blindingFactor = ctx.tx[sfBlindingFactor];
if (auto const ter = verifyRevealedAmount(
amount,
Slice(blindingFactor.data(), blindingFactor.size()),
{holderPubKey, ctx.tx[sfHolderEncryptedAmount]},
{(*sleIssuance)[sfIssuerEncryptionKey], ctx.tx[sfIssuerEncryptedAmount]},
auditor);
!isTesSuccess(ter))
{
valid = false;
}
if (!valid)
return tecBAD_PROOF;
return tesSUCCESS;
}
TER
ConfidentialMPTConvert::doApply()
{
auto const mptIssuanceID = ctx_.tx[sfMPTokenIssuanceID];
auto sleMptoken = view().peek(keylet::mptoken(mptIssuanceID, account_));
if (!sleMptoken)
return tecINTERNAL; // LCOV_EXCL_LINE
auto sleIssuance = view().peek(keylet::mptIssuance(mptIssuanceID));
if (!sleIssuance)
return tecINTERNAL; // LCOV_EXCL_LINE
auto const amtToConvert = ctx_.tx[sfMPTAmount];
auto const amt = (*sleMptoken)[~sfMPTAmount].value_or(0);
if (ctx_.tx.isFieldPresent(sfHolderEncryptionKey))
(*sleMptoken)[sfHolderEncryptionKey] = ctx_.tx[sfHolderEncryptionKey];
// Converting decreases regular balance and increases confidential outstanding.
// The confidential outstanding tracks total tokens in confidential form globally.
auto const currentCOA = (*sleIssuance)[~sfConfidentialOutstandingAmount].value_or(0);
if (amtToConvert > maxMPTokenAmount - currentCOA)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfMPTAmount] = amt - amtToConvert;
(*sleIssuance)[sfConfidentialOutstandingAmount] = currentCOA + amtToConvert;
Slice const holderEc = ctx_.tx[sfHolderEncryptedAmount];
Slice const issuerEc = ctx_.tx[sfIssuerEncryptedAmount];
auto const auditorEc = ctx_.tx[~sfAuditorEncryptedAmount];
// Two cases for Convert:
// 1. Holder already has confidential balances -> homomorphically add to inbox
// 2. First-time convert -> initialize all confidential balance fields
if (sleMptoken->isFieldPresent(sfIssuerEncryptedBalance) &&
sleMptoken->isFieldPresent(sfConfidentialBalanceInbox) &&
sleMptoken->isFieldPresent(sfConfidentialBalanceSpending))
{
// Case 1: Add to existing inbox balance (holder will merge later)
{
auto sum = homomorphicAdd(holderEc, (*sleMptoken)[sfConfidentialBalanceInbox]);
if (!sum)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfConfidentialBalanceInbox] = std::move(*sum);
}
// homomorphically add issuer's encrypted balance
{
auto sum = homomorphicAdd(issuerEc, (*sleMptoken)[sfIssuerEncryptedBalance]);
if (!sum)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfIssuerEncryptedBalance] = std::move(*sum);
}
// homomorphically add auditor's encrypted balance
if (auditorEc)
{
auto sum = homomorphicAdd(*auditorEc, (*sleMptoken)[sfAuditorEncryptedBalance]);
if (!sum)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfAuditorEncryptedBalance] = std::move(*sum);
}
}
else if (
!sleMptoken->isFieldPresent(sfIssuerEncryptedBalance) &&
!sleMptoken->isFieldPresent(sfConfidentialBalanceInbox) &&
!sleMptoken->isFieldPresent(sfConfidentialBalanceSpending))
{
// Case 2: First-time convert - initialize all confidential fields
(*sleMptoken)[sfConfidentialBalanceInbox] = holderEc;
(*sleMptoken)[sfIssuerEncryptedBalance] = issuerEc;
(*sleMptoken)[sfConfidentialBalanceVersion] = 0;
if (auditorEc)
(*sleMptoken)[sfAuditorEncryptedBalance] = *auditorEc;
// Spending balance starts at zero. Must use canonical zero encryption
// (deterministic ciphertext) so the ledger state is reproducible.
auto zeroBalance = encryptCanonicalZeroAmount(
(*sleMptoken)[sfHolderEncryptionKey], account_, mptIssuanceID);
if (!zeroBalance)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfConfidentialBalanceSpending] = std::move(*zeroBalance);
}
else
{
// both sfIssuerEncryptedBalance and sfConfidentialBalanceInbox should
// exist together
return tecINTERNAL; // LCOV_EXCL_LINE
}
view().update(sleIssuance);
view().update(sleMptoken);
return tesSUCCESS;
}
} // namespace xrpl

247
src/libxrpl/tx/transactors/token/ConfidentialMPTConvertBack.cpp Normal file
View File

@@ -0,0 +1,247 @@
#include <xrpl/ledger/View.h>
#include <xrpl/ledger/helpers/TokenHelpers.h>
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Feature.h>
#include <xrpl/protocol/Indexes.h>
#include <xrpl/protocol/LedgerFormats.h>
#include <xrpl/protocol/TER.h>
#include <xrpl/protocol/TxFlags.h>
#include <xrpl/tx/transactors/token/ConfidentialMPTConvertBack.h>
#include <cstddef>
namespace xrpl {
NotTEC
ConfidentialMPTConvertBack::preflight(PreflightContext const& ctx)
{
if (!ctx.rules.enabled(featureConfidentialTransfer))
return temDISABLED;
// issuer cannot convert back
if (MPTIssue(ctx.tx[sfMPTokenIssuanceID]).getIssuer() == ctx.tx[sfAccount])
return temMALFORMED;
if (ctx.tx[sfMPTAmount] == 0 || ctx.tx[sfMPTAmount] > maxMPTokenAmount)
return temBAD_AMOUNT;
if (!isValidCompressedECPoint(ctx.tx[sfBalanceCommitment]))
return temMALFORMED;
// check encrypted amount format after the above basic checks
// this check is more expensive so put it at the end
if (auto const res = checkEncryptedAmountFormat(ctx.tx); !isTesSuccess(res))
return res;
// ConvertBack proof = pedersen linkage proof + single bulletproof
if (ctx.tx[sfZKProof].size() != ecPedersenProofLength + ecSingleBulletproofLength)
return temMALFORMED;
return tesSUCCESS;
}
/**
* Verifies the cryptographic proofs for a ConvertBack transaction.
*
* This function verifies three proofs:
* 1. Revealed amount proof: verifies the encrypted amounts (holder, issuer,
* auditor) all encrypt the same revealed amount using the blinding factor.
* 2. Pedersen linkage proof: verifies the balance commitment is derived from
* the holder's encrypted spending balance.
* 3. Bulletproof (range proof): verifies the remaining balance (balance - amount)
* is non-negative, preventing overdrafts.
*
* All proofs are verified before returning any error to prevent timing attacks.
*/
static TER
verifyProofs(
STTx const& tx,
std::shared_ptr<SLE const> const& issuance,
std::shared_ptr<SLE const> const& mptoken)
{
if (!mptoken->isFieldPresent(sfHolderEncryptionKey))
return tecINTERNAL; // LCOV_EXCL_LINE
auto const mptIssuanceID = tx[sfMPTokenIssuanceID];
auto const account = tx[sfAccount];
auto const amount = tx[sfMPTAmount];
auto const blindingFactor = tx[sfBlindingFactor];
auto const holderPubKey = (*mptoken)[sfHolderEncryptionKey];
auto const contextHash = getConvertBackContextHash(
account,
mptIssuanceID,
tx.getSeqProxy().value(),
(*mptoken)[~sfConfidentialBalanceVersion].value_or(0));
// Prepare Auditor Info
std::optional<ConfidentialRecipient> auditor;
bool const hasAuditor = issuance->isFieldPresent(sfAuditorEncryptionKey);
if (hasAuditor)
{
auditor.emplace(
ConfidentialRecipient{
(*issuance)[sfAuditorEncryptionKey], tx[sfAuditorEncryptedAmount]});
}
// Run all verifications before returning any error to prevent timing attacks
// that could reveal which proof failed.
bool valid = true;
if (auto const ter = verifyRevealedAmount(
amount,
Slice(blindingFactor.data(), blindingFactor.size()),
{holderPubKey, tx[sfHolderEncryptedAmount]},
{(*issuance)[sfIssuerEncryptionKey], tx[sfIssuerEncryptedAmount]},
auditor);
!isTesSuccess(ter))
{
valid = false;
}
if (auto const ter = verifyConvertBackProof(
tx[sfZKProof],
holderPubKey,
(*mptoken)[sfConfidentialBalanceSpending],
tx[sfBalanceCommitment],
amount,
contextHash);
!isTesSuccess(ter))
{
valid = false;
}
if (!valid)
return tecBAD_PROOF;
return tesSUCCESS;
}
TER
ConfidentialMPTConvertBack::preclaim(PreclaimContext const& ctx)
{
auto const mptIssuanceID = ctx.tx[sfMPTokenIssuanceID];
auto const account = ctx.tx[sfAccount];
auto const amount = ctx.tx[sfMPTAmount];
// ensure that issuance exists
auto const sleIssuance = ctx.view.read(keylet::mptIssuance(mptIssuanceID));
if (!sleIssuance)
return tecOBJECT_NOT_FOUND;
if (!sleIssuance->isFlag(lsfMPTCanConfidentialAmount))
return tecNO_PERMISSION;
bool const hasAuditor = ctx.tx.isFieldPresent(sfAuditorEncryptedAmount);
bool const requiresAuditor = sleIssuance->isFieldPresent(sfAuditorEncryptionKey);
// tx must include auditor ciphertext if the issuance has enabled
// auditing
if (requiresAuditor && !hasAuditor)
return tecNO_PERMISSION;
// if auditing is not supported then user should not upload auditor
// ciphertext
if (!requiresAuditor && hasAuditor)
return tecNO_PERMISSION;
// already checked in preflight, but should also check that issuer on
// the issuance isn't the account either
if (sleIssuance->getAccountID(sfIssuer) == account)
return tefINTERNAL; // LCOV_EXCL_LINE
auto const sleMptoken = ctx.view.read(keylet::mptoken(mptIssuanceID, account));
if (!sleMptoken)
return tecOBJECT_NOT_FOUND;
if (!sleMptoken->isFieldPresent(sfConfidentialBalanceSpending) ||
!sleMptoken->isFieldPresent(sfHolderEncryptionKey))
{
return tecNO_PERMISSION;
}
// if the total circulating confidential balance is smaller than what the
// holder is trying to convert back, we know for sure this txn should
// fail
if ((*sleIssuance)[~sfConfidentialOutstandingAmount].value_or(0) < amount)
{
return tecINSUFFICIENT_FUNDS;
}
// Check lock
MPTIssue const mptIssue(mptIssuanceID);
if (auto const ter = checkFrozen(ctx.view, account, mptIssue); !isTesSuccess(ter))
return ter;
// Check auth
if (auto const ter = requireAuth(ctx.view, mptIssue, account); !isTesSuccess(ter))
return ter;
if (TER const res = verifyProofs(ctx.tx, sleIssuance, sleMptoken); !isTesSuccess(res))
return res;
return tesSUCCESS;
}
TER
ConfidentialMPTConvertBack::doApply()
{
auto const mptIssuanceID = ctx_.tx[sfMPTokenIssuanceID];
auto sleMptoken = view().peek(keylet::mptoken(mptIssuanceID, account_));
if (!sleMptoken)
return tecINTERNAL; // LCOV_EXCL_LINE
auto sleIssuance = view().peek(keylet::mptIssuance(mptIssuanceID));
if (!sleIssuance)
return tecINTERNAL; // LCOV_EXCL_LINE
auto const amtToConvertBack = ctx_.tx[sfMPTAmount];
auto const amt = (*sleMptoken)[~sfMPTAmount].value_or(0);
// Converting back increases regular balance and decreases confidential
// outstanding. This is the inverse of Convert.
(*sleMptoken)[sfMPTAmount] = amt + amtToConvertBack;
(*sleIssuance)[sfConfidentialOutstandingAmount] =
(*sleIssuance)[sfConfidentialOutstandingAmount] - amtToConvertBack;
std::optional<Slice> const auditorEc = ctx_.tx[~sfAuditorEncryptedAmount];
// homomorphically subtract holder's encrypted balance
{
auto res = homomorphicSubtract(
(*sleMptoken)[sfConfidentialBalanceSpending], ctx_.tx[sfHolderEncryptedAmount]);
if (!res)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfConfidentialBalanceSpending] = std::move(*res);
}
// homomorphically subtract issuer's encrypted balance
{
auto res = homomorphicSubtract(
(*sleMptoken)[sfIssuerEncryptedBalance], ctx_.tx[sfIssuerEncryptedAmount]);
if (!res)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfIssuerEncryptedBalance] = std::move(*res);
}
if (auditorEc)
{
auto res = homomorphicSubtract(
(*sleMptoken)[sfAuditorEncryptedBalance], ctx_.tx[sfAuditorEncryptedAmount]);
if (!res)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfAuditorEncryptedBalance] = std::move(*res);
}
incrementConfidentialVersion(*sleMptoken);
view().update(sleIssuance);
view().update(sleMptoken);
return tesSUCCESS;
}
} // namespace xrpl

106
src/libxrpl/tx/transactors/token/ConfidentialMPTMergeInbox.cpp Normal file
View File

@@ -0,0 +1,106 @@
#include <xrpl/ledger/View.h>
#include <xrpl/ledger/helpers/TokenHelpers.h>
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Feature.h>
#include <xrpl/protocol/Indexes.h>
#include <xrpl/protocol/LedgerFormats.h>
#include <xrpl/protocol/TER.h>
#include <xrpl/protocol/TxFlags.h>
#include <xrpl/tx/transactors/token/ConfidentialMPTMergeInbox.h>
namespace xrpl {
NotTEC
ConfidentialMPTMergeInbox::preflight(PreflightContext const& ctx)
{
if (!ctx.rules.enabled(featureConfidentialTransfer))
return temDISABLED;
// issuer cannot merge
if (MPTIssue(ctx.tx[sfMPTokenIssuanceID]).getIssuer() == ctx.tx[sfAccount])
return temMALFORMED;
return tesSUCCESS;
}
TER
ConfidentialMPTMergeInbox::preclaim(PreclaimContext const& ctx)
{
auto const sleIssuance = ctx.view.read(keylet::mptIssuance(ctx.tx[sfMPTokenIssuanceID]));
if (!sleIssuance)
return tecOBJECT_NOT_FOUND;
if (!sleIssuance->isFlag(lsfMPTCanConfidentialAmount))
return tecNO_PERMISSION;
// already checked in preflight, but should also check that issuer on the
// issuance isn't the account either
if (sleIssuance->getAccountID(sfIssuer) == ctx.tx[sfAccount])
return tefINTERNAL; // LCOV_EXCL_LINE
auto const sleMptoken =
ctx.view.read(keylet::mptoken(ctx.tx[sfMPTokenIssuanceID], ctx.tx[sfAccount]));
if (!sleMptoken)
return tecOBJECT_NOT_FOUND;
if (!sleMptoken->isFieldPresent(sfConfidentialBalanceInbox) ||
!sleMptoken->isFieldPresent(sfConfidentialBalanceSpending) ||
!sleMptoken->isFieldPresent(sfHolderEncryptionKey))
return tecNO_PERMISSION;
// Check lock
auto const account = ctx.tx[sfAccount];
MPTIssue const mptIssue(ctx.tx[sfMPTokenIssuanceID]);
if (auto const ter = checkFrozen(ctx.view, account, mptIssue); !isTesSuccess(ter))
return ter;
// Check auth
if (auto const ter = requireAuth(ctx.view, mptIssue, account); !isTesSuccess(ter))
return ter;
return tesSUCCESS;
}
TER
ConfidentialMPTMergeInbox::doApply()
{
auto const mptIssuanceID = ctx_.tx[sfMPTokenIssuanceID];
auto sleMptoken = view().peek(keylet::mptoken(mptIssuanceID, account_));
if (!sleMptoken)
return tecINTERNAL; // LCOV_EXCL_LINE
// sanity check
if (!sleMptoken->isFieldPresent(sfConfidentialBalanceSpending) ||
!sleMptoken->isFieldPresent(sfConfidentialBalanceInbox) ||
!sleMptoken->isFieldPresent(sfHolderEncryptionKey))
{
return tecINTERNAL; // LCOV_EXCL_LINE
}
// Merge inbox into spending: spending = spending + inbox
// This allows holder to use received funds. Without merging, incoming
// transfers sit in inbox and cannot be spent or converted back.
auto sum = homomorphicAdd(
(*sleMptoken)[sfConfidentialBalanceSpending], (*sleMptoken)[sfConfidentialBalanceInbox]);
if (!sum)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfConfidentialBalanceSpending] = std::move(*sum);
// Reset inbox to encrypted zero. Must use canonical zero encryption
// (deterministic ciphertext) so the ledger state is reproducible.
auto zeroEncryption =
encryptCanonicalZeroAmount((*sleMptoken)[sfHolderEncryptionKey], account_, mptIssuanceID);
if (!zeroEncryption)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleMptoken)[sfConfidentialBalanceInbox] = std::move(*zeroEncryption);
incrementConfidentialVersion(*sleMptoken);
view().update(sleMptoken);
return tesSUCCESS;
}
} // namespace xrpl

298
src/libxrpl/tx/transactors/token/ConfidentialMPTSend.cpp Normal file
View File

@@ -0,0 +1,298 @@
#include <xrpl/ledger/View.h>
#include <xrpl/ledger/helpers/CredentialHelpers.h>
#include <xrpl/ledger/helpers/TokenHelpers.h>
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Feature.h>
#include <xrpl/protocol/Indexes.h>
#include <xrpl/protocol/LedgerFormats.h>
#include <xrpl/protocol/TER.h>
#include <xrpl/protocol/TxFlags.h>
#include <xrpl/tx/transactors/token/ConfidentialMPTSend.h>
namespace xrpl {
NotTEC
ConfidentialMPTSend::preflight(PreflightContext const& ctx)
{
if (!ctx.rules.enabled(featureConfidentialTransfer))
return temDISABLED;
auto const account = ctx.tx[sfAccount];
auto const issuer = MPTIssue(ctx.tx[sfMPTokenIssuanceID]).getIssuer();
// ConfidentialMPTSend only allows holder to holder, holder to second account,
// and second account to holder transfers. So issuer cannot be the sender.
if (account == issuer)
return temMALFORMED;
// Can not send to self
if (account == ctx.tx[sfDestination])
return temMALFORMED;
// Check the length of the encrypted amounts
if (ctx.tx[sfSenderEncryptedAmount].length() != ecGamalEncryptedTotalLength ||
ctx.tx[sfDestinationEncryptedAmount].length() != ecGamalEncryptedTotalLength ||
ctx.tx[sfIssuerEncryptedAmount].length() != ecGamalEncryptedTotalLength)
return temBAD_CIPHERTEXT;
bool const hasAuditor = ctx.tx.isFieldPresent(sfAuditorEncryptedAmount);
if (hasAuditor && ctx.tx[sfAuditorEncryptedAmount].length() != ecGamalEncryptedTotalLength)
return temBAD_CIPHERTEXT;
// Check the length of the ZKProof
auto const recipientCount = getConfidentialRecipientCount(hasAuditor);
auto const sizeEquality = getEqualityProofSize(recipientCount);
if (ctx.tx[sfZKProof].length() !=
sizeEquality + doublePedersenProofLength + ecDoubleBulletproofLength)
return temMALFORMED;
// Check the Pedersen commitments are valid
if (!isValidCompressedECPoint(ctx.tx[sfBalanceCommitment]) ||
!isValidCompressedECPoint(ctx.tx[sfAmountCommitment]))
return temMALFORMED;
// Check the encrypted amount formats, this is more expensive so put it at
// the end
if (!isValidCiphertext(ctx.tx[sfSenderEncryptedAmount]) ||
!isValidCiphertext(ctx.tx[sfDestinationEncryptedAmount]) ||
!isValidCiphertext(ctx.tx[sfIssuerEncryptedAmount]))
return temBAD_CIPHERTEXT;
if (hasAuditor && !isValidCiphertext(ctx.tx[sfAuditorEncryptedAmount]))
return temBAD_CIPHERTEXT;
if (auto const err = credentials::checkFields(ctx.tx, ctx.j); !isTesSuccess(err))
return err;
return tesSUCCESS;
}
TER
verifySendProofs(
PreclaimContext const& ctx,
std::shared_ptr<SLE const> const& sleSenderMPToken,
std::shared_ptr<SLE const> const& sleDestinationMPToken,
std::shared_ptr<SLE const> const& sleIssuance)
{
// Sanity check
if (!sleSenderMPToken || !sleDestinationMPToken || !sleIssuance)
return tecINTERNAL; // LCOV_EXCL_LINE
auto const hasAuditor = ctx.tx.isFieldPresent(sfAuditorEncryptedAmount);
std::optional<ConfidentialRecipient> auditor;
if (hasAuditor)
auditor.emplace(
ConfidentialRecipient{
(*sleIssuance)[sfAuditorEncryptionKey], ctx.tx[sfAuditorEncryptedAmount]});
auto const contextHash = getSendContextHash(
ctx.tx[sfAccount],
ctx.tx[sfMPTokenIssuanceID],
ctx.tx.getSeqProxy().value(),
ctx.tx[sfDestination],
(*sleSenderMPToken)[~sfConfidentialBalanceVersion].value_or(0));
return verifySendProof(
ctx.tx[sfZKProof],
{(*sleSenderMPToken)[sfHolderEncryptionKey], ctx.tx[sfSenderEncryptedAmount]},
{(*sleDestinationMPToken)[sfHolderEncryptionKey], ctx.tx[sfDestinationEncryptedAmount]},
{(*sleIssuance)[sfIssuerEncryptionKey], ctx.tx[sfIssuerEncryptedAmount]},
auditor,
(*sleSenderMPToken)[sfConfidentialBalanceSpending],
ctx.tx[sfAmountCommitment],
ctx.tx[sfBalanceCommitment],
contextHash);
}
TER
ConfidentialMPTSend::preclaim(PreclaimContext const& ctx)
{
// Check if sender account exists
auto const account = ctx.tx[sfAccount];
if (!ctx.view.exists(keylet::account(account)))
return terNO_ACCOUNT;
// Check if destination account exists
auto const destination = ctx.tx[sfDestination];
if (!ctx.view.exists(keylet::account(destination)))
return tecNO_TARGET;
// Check if MPT issuance exists
auto const mptIssuanceID = ctx.tx[sfMPTokenIssuanceID];
auto const sleIssuance = ctx.view.read(keylet::mptIssuance(mptIssuanceID));
if (!sleIssuance)
return tecOBJECT_NOT_FOUND;
// Check if the issuance allows transfer
if (!sleIssuance->isFlag(lsfMPTCanTransfer))
return tecNO_AUTH;
// Check if issuance allows confidential transfer
if (!sleIssuance->isFlag(lsfMPTCanConfidentialAmount))
return tecNO_PERMISSION;
// Check if issuance has issuer ElGamal public key
if (!sleIssuance->isFieldPresent(sfIssuerEncryptionKey))
return tecNO_PERMISSION;
bool const hasAuditor = ctx.tx.isFieldPresent(sfAuditorEncryptedAmount);
bool const requiresAuditor = sleIssuance->isFieldPresent(sfAuditorEncryptionKey);
// Tx must include auditor ciphertext if the issuance has enabled
// auditing, and must not include it if auditing is not enabled
if (requiresAuditor != hasAuditor)
return tecNO_PERMISSION;
// Sanity check: issuer isn't the sender
if (sleIssuance->getAccountID(sfIssuer) == ctx.tx[sfAccount])
return tefINTERNAL; // LCOV_EXCL_LINE
// Check sender's MPToken existence
auto const sleSenderMPToken = ctx.view.read(keylet::mptoken(mptIssuanceID, account));
if (!sleSenderMPToken)
return tecOBJECT_NOT_FOUND;
// Check sender's MPToken has necessary fields for confidential send
if (!sleSenderMPToken->isFieldPresent(sfHolderEncryptionKey) ||
!sleSenderMPToken->isFieldPresent(sfConfidentialBalanceSpending) ||
!sleSenderMPToken->isFieldPresent(sfIssuerEncryptedBalance))
return tecNO_PERMISSION;
// Check destination's MPToken existence
auto const sleDestinationMPToken = ctx.view.read(keylet::mptoken(mptIssuanceID, destination));
if (!sleDestinationMPToken)
return tecOBJECT_NOT_FOUND;
// Check destination's MPToken has necessary fields for confidential send
if (!sleDestinationMPToken->isFieldPresent(sfHolderEncryptionKey) ||
!sleDestinationMPToken->isFieldPresent(sfConfidentialBalanceInbox) ||
!sleDestinationMPToken->isFieldPresent(sfIssuerEncryptedBalance))
return tecNO_PERMISSION;
// Sanity check: Both MPTokens' auditor fields must be present if auditing
// is enabled
if (requiresAuditor &&
(!sleSenderMPToken->isFieldPresent(sfAuditorEncryptedBalance) ||
!sleDestinationMPToken->isFieldPresent(sfAuditorEncryptedBalance)))
return tefINTERNAL; // LCOV_EXCL_LINE
// Check lock
MPTIssue const mptIssue(mptIssuanceID);
if (auto const ter = checkFrozen(ctx.view, account, mptIssue); !isTesSuccess(ter))
return ter;
if (auto const ter = checkFrozen(ctx.view, destination, mptIssue); !isTesSuccess(ter))
return ter;
// Check auth
if (auto const ter = requireAuth(ctx.view, mptIssue, account); !isTesSuccess(ter))
return ter;
if (auto const ter = requireAuth(ctx.view, mptIssue, destination); !isTesSuccess(ter))
return ter;
if (auto const err = credentials::valid(ctx.tx, ctx.view, ctx.tx[sfAccount], ctx.j);
!isTesSuccess(err))
return err;
return verifySendProofs(ctx, sleSenderMPToken, sleDestinationMPToken, sleIssuance);
}
TER
ConfidentialMPTSend::doApply()
{
auto const mptIssuanceID = ctx_.tx[sfMPTokenIssuanceID];
auto const destination = ctx_.tx[sfDestination];
auto sleSenderMPToken = view().peek(keylet::mptoken(mptIssuanceID, account_));
auto sleDestinationMPToken = view().peek(keylet::mptoken(mptIssuanceID, destination));
auto sleDestAcct = view().peek(keylet::account(destination));
if (!sleSenderMPToken || !sleDestinationMPToken || !sleDestAcct)
return tecINTERNAL; // LCOV_EXCL_LINE
if (auto err = verifyDepositPreauth(
ctx_.tx, ctx_.view(), account_, destination, sleDestAcct, ctx_.journal);
!isTesSuccess(err))
return err;
Slice const senderEc = ctx_.tx[sfSenderEncryptedAmount];
Slice const destEc = ctx_.tx[sfDestinationEncryptedAmount];
Slice const issuerEc = ctx_.tx[sfIssuerEncryptedAmount];
auto const auditorEc = ctx_.tx[~sfAuditorEncryptedAmount];
// Subtract from sender's spending balance
{
Slice const curSpending = (*sleSenderMPToken)[sfConfidentialBalanceSpending];
auto newSpending = homomorphicSubtract(curSpending, senderEc);
if (!newSpending)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleSenderMPToken)[sfConfidentialBalanceSpending] = std::move(*newSpending);
}
// Subtract from issuer's balance
{
Slice const curIssuerEnc = (*sleSenderMPToken)[sfIssuerEncryptedBalance];
auto newIssuerEnc = homomorphicSubtract(curIssuerEnc, issuerEc);
if (!newIssuerEnc)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleSenderMPToken)[sfIssuerEncryptedBalance] = std::move(*newIssuerEnc);
}
// Subtract from auditor's balance if present
if (auditorEc)
{
Slice const curAuditorEnc = (*sleSenderMPToken)[sfAuditorEncryptedBalance];
auto newAuditorEnc = homomorphicSubtract(curAuditorEnc, *auditorEc);
if (!newAuditorEnc)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleSenderMPToken)[sfAuditorEncryptedBalance] = std::move(*newAuditorEnc);
}
// Add to destination's inbox balance
{
Slice const curInbox = (*sleDestinationMPToken)[sfConfidentialBalanceInbox];
auto newInbox = homomorphicAdd(curInbox, destEc);
if (!newInbox)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleDestinationMPToken)[sfConfidentialBalanceInbox] = std::move(*newInbox);
}
// Add to issuer's balance
{
Slice const curIssuerEnc = (*sleDestinationMPToken)[sfIssuerEncryptedBalance];
auto newIssuerEnc = homomorphicAdd(curIssuerEnc, issuerEc);
if (!newIssuerEnc)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleDestinationMPToken)[sfIssuerEncryptedBalance] = std::move(*newIssuerEnc);
}
// Add to auditor's balance if present
if (auditorEc)
{
Slice const curAuditorEnc = (*sleDestinationMPToken)[sfAuditorEncryptedBalance];
auto newAuditorEnc = homomorphicAdd(curAuditorEnc, *auditorEc);
if (!newAuditorEnc)
return tecINTERNAL; // LCOV_EXCL_LINE
(*sleDestinationMPToken)[sfAuditorEncryptedBalance] = std::move(*newAuditorEnc);
}
// increment sender version only; receiver version is not modified by incoming sends
incrementConfidentialVersion(*sleSenderMPToken);
view().update(sleSenderMPToken);
view().update(sleDestinationMPToken);
return tesSUCCESS;
}
} // namespace xrpl

19
src/libxrpl/tx/transactors/token/MPTokenAuthorize.cpp
View File

@@ -75,6 +75,25 @@ MPTokenAuthorize::preclaim(PreclaimContext const& ctx)
if (ctx.view.rules().enabled(featureSingleAssetVault) && sleMpt->isFlag(lsfMPTLocked))
return tecNO_PERMISSION;
if (ctx.view.rules().enabled(featureConfidentialTransfer))
{
auto const sleMptIssuance =
ctx.view.read(keylet::mptIssuance(ctx.tx[sfMPTokenIssuanceID]));
// if there still existing encrypted balances of MPT in
// circulation
if (sleMptIssuance &&
(*sleMptIssuance)[~sfConfidentialOutstandingAmount].value_or(0) != 0)
{
// this MPT still has encrypted balance, since we don't know
// if it's non-zero or not, we won't allow deletion of
// MPToken
if (sleMpt->isFieldPresent(sfConfidentialBalanceInbox) ||
sleMpt->isFieldPresent(sfConfidentialBalanceSpending))
return tecHAS_OBLIGATIONS;
}
}
return tesSUCCESS;
}

10
src/libxrpl/tx/transactors/token/MPTokenIssuanceCreate.cpp
View File

@@ -18,6 +18,16 @@ MPTokenIssuanceCreate::checkExtraFeatures(PreflightContext const& ctx)
if (ctx.tx.isFieldPresent(sfMutableFlags) && !ctx.rules.enabled(featureDynamicMPT))
return false;
if (ctx.tx.isFlag(tfMPTCanConfidentialAmount) &&
!ctx.rules.enabled(featureConfidentialTransfer))
return false;
// can not set tmfMPTCannotMutateCanConfidentialAmount without featureConfidentialTransfer
auto const mutableFlags = ctx.tx[~sfMutableFlags];
if (mutableFlags && (*mutableFlags & tmfMPTCannotMutateCanConfidentialAmount) &&
!ctx.rules.enabled(featureConfidentialTransfer))
return false;
return true;
}

149
src/libxrpl/tx/transactors/token/MPTokenIssuanceSet.cpp
View File

@@ -1,3 +1,4 @@
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/Feature.h>
#include <xrpl/protocol/LedgerFormats.h>
#include <xrpl/protocol/TxFlags.h>
@@ -27,16 +28,23 @@ struct MPTMutabilityFlags
{
std::uint32_t setFlag;
std::uint32_t clearFlag;
std::uint32_t canMutateFlag;
std::uint32_t mutabilityFlag;
std::uint32_t targetFlag;
bool isCannotMutate = false; // if true, cannot mutate by default.
};
static constexpr std::array<MPTMutabilityFlags, 6> mptMutabilityFlags = {
{{tmfMPTSetCanLock, tmfMPTClearCanLock, lsmfMPTCanMutateCanLock},
{tmfMPTSetRequireAuth, tmfMPTClearRequireAuth, lsmfMPTCanMutateRequireAuth},
{tmfMPTSetCanEscrow, tmfMPTClearCanEscrow, lsmfMPTCanMutateCanEscrow},
{tmfMPTSetCanTrade, tmfMPTClearCanTrade, lsmfMPTCanMutateCanTrade},
{tmfMPTSetCanTransfer, tmfMPTClearCanTransfer, lsmfMPTCanMutateCanTransfer},
{tmfMPTSetCanClawback, tmfMPTClearCanClawback, lsmfMPTCanMutateCanClawback}}};
static constexpr std::array<MPTMutabilityFlags, 7> mptMutabilityFlags = {
{{tmfMPTSetCanLock, tmfMPTClearCanLock, lsmfMPTCanMutateCanLock, lsfMPTCanLock},
{tmfMPTSetRequireAuth, tmfMPTClearRequireAuth, lsmfMPTCanMutateRequireAuth, lsfMPTRequireAuth},
{tmfMPTSetCanEscrow, tmfMPTClearCanEscrow, lsmfMPTCanMutateCanEscrow, lsfMPTCanEscrow},
{tmfMPTSetCanTrade, tmfMPTClearCanTrade, lsmfMPTCanMutateCanTrade, lsfMPTCanTrade},
{tmfMPTSetCanTransfer, tmfMPTClearCanTransfer, lsmfMPTCanMutateCanTransfer, lsfMPTCanTransfer},
{tmfMPTSetCanClawback, tmfMPTClearCanClawback, lsmfMPTCanMutateCanClawback, lsfMPTCanClawback},
{tmfMPTSetCanConfidentialAmount,
tmfMPTClearCanConfidentialAmount,
lsmfMPTCannotMutateCanConfidentialAmount,
lsfMPTCanConfidentialAmount,
true}}};
NotTEC
MPTokenIssuanceSet::preflight(PreflightContext const& ctx)
@@ -45,14 +53,28 @@ MPTokenIssuanceSet::preflight(PreflightContext const& ctx)
auto const metadata = ctx.tx[~sfMPTokenMetadata];
auto const transferFee = ctx.tx[~sfTransferFee];
auto const isMutate = mutableFlags || metadata || transferFee;
auto const hasIssuerElGamalKey = ctx.tx.isFieldPresent(sfIssuerEncryptionKey);
auto const hasAuditorElGamalKey = ctx.tx.isFieldPresent(sfAuditorEncryptionKey);
auto const txFlags = ctx.tx.getFlags();
auto const mutatePrivacy = mutableFlags &&
((*mutableFlags & (tmfMPTSetCanConfidentialAmount | tmfMPTClearCanConfidentialAmount)));
auto const hasDomain = ctx.tx.isFieldPresent(sfDomainID);
auto const hasHolder = ctx.tx.isFieldPresent(sfHolder);
if (isMutate && !ctx.rules.enabled(featureDynamicMPT))
return temDISABLED;
if (ctx.tx.isFieldPresent(sfDomainID) && ctx.tx.isFieldPresent(sfHolder))
if ((hasIssuerElGamalKey || hasAuditorElGamalKey || mutatePrivacy) &&
!ctx.rules.enabled(featureConfidentialTransfer))
return temDISABLED;
if (hasDomain && hasHolder)
return temMALFORMED;
auto const txFlags = ctx.tx.getFlags();
if (mutatePrivacy && hasHolder)
return temMALFORMED;
// fails if both flags are set
if (((txFlags & tfMPTLock) != 0u) && ((txFlags & tfMPTUnlock) != 0u))
@@ -63,10 +85,12 @@ MPTokenIssuanceSet::preflight(PreflightContext const& ctx)
if (holderID && accountID == holderID)
return temMALFORMED;
if (ctx.rules.enabled(featureSingleAssetVault) || ctx.rules.enabled(featureDynamicMPT))
if (ctx.rules.enabled(featureSingleAssetVault) || ctx.rules.enabled(featureDynamicMPT) ||
ctx.rules.enabled(featureConfidentialTransfer))
{
// Is this transaction actually changing anything ?
if (txFlags == 0 && !ctx.tx.isFieldPresent(sfDomainID) && !isMutate)
if (txFlags == 0 && !hasDomain && !hasIssuerElGamalKey && !hasAuditorElGamalKey &&
!isMutate)
return temMALFORMED;
}
@@ -107,6 +131,23 @@ MPTokenIssuanceSet::preflight(PreflightContext const& ctx)
}
}
if (hasHolder && (hasIssuerElGamalKey || hasAuditorElGamalKey))
return temMALFORMED;
if (hasAuditorElGamalKey && !hasIssuerElGamalKey)
return temMALFORMED;
// Cannot set keys while clearing confidential amount
if ((hasIssuerElGamalKey || hasAuditorElGamalKey) && mutableFlags &&
(*mutableFlags & tmfMPTClearCanConfidentialAmount))
return temINVALID_FLAG;
if (hasIssuerElGamalKey && !isValidCompressedECPoint(ctx.tx[sfIssuerEncryptionKey]))
return temMALFORMED;
if (hasAuditorElGamalKey && !isValidCompressedECPoint(ctx.tx[sfAuditorEncryptionKey]))
return temMALFORMED;
return tesSUCCESS;
}
@@ -203,16 +244,30 @@ MPTokenIssuanceSet::preclaim(PreclaimContext const& ctx)
return currentMutableFlags & mutableFlag;
};
if (auto const mutableFlags = ctx.tx[~sfMutableFlags])
auto const mutableFlags = ctx.tx[~sfMutableFlags];
if (mutableFlags)
{
if (std::any_of(
mptMutabilityFlags.begin(),
mptMutabilityFlags.end(),
[mutableFlags, &isMutableFlag](auto const& f) {
return !isMutableFlag(f.canMutateFlag) &&
((*mutableFlags & (f.setFlag | f.clearFlag)));
bool const canMutate = f.isCannotMutate ? isMutableFlag(f.mutabilityFlag)
: !isMutableFlag(f.mutabilityFlag);
return canMutate && (*mutableFlags & (f.setFlag | f.clearFlag));
}))
return tecNO_PERMISSION;
if ((*mutableFlags & tmfMPTSetCanConfidentialAmount) ||
(*mutableFlags & tmfMPTClearCanConfidentialAmount))
{
std::uint64_t const confidentialOA =
(*sleMptIssuance)[~sfConfidentialOutstandingAmount].value_or(0);
// If there's any confidential outstanding amount, disallow toggling
// the lsfMPTCanConfidentialAmount flag
if (confidentialOA > 0)
return tecNO_PERMISSION;
}
}
if (!isMutableFlag(lsmfMPTCanMutateMetadata) && ctx.tx.isFieldPresent(sfMPTokenMetadata))
@@ -231,6 +286,46 @@ MPTokenIssuanceSet::preclaim(PreclaimContext const& ctx)
return tecNO_PERMISSION;
}
// cannot update issuer public key
if (ctx.tx.isFieldPresent(sfIssuerEncryptionKey) &&
sleMptIssuance->isFieldPresent(sfIssuerEncryptionKey))
{
return tecNO_PERMISSION;
}
// cannot update auditor public key
if (ctx.tx.isFieldPresent(sfAuditorEncryptionKey) &&
sleMptIssuance->isFieldPresent(sfAuditorEncryptionKey))
{
return tecNO_PERMISSION; // LCOV_EXCL_LINE
}
// Check if the transaction is enabling confidential amounts
bool const enablesConfidentialAmount =
mutableFlags && (*mutableFlags & tmfMPTSetCanConfidentialAmount);
// Encryption keys can only be set if confidential amounts are already
// enabled on the issuance OR if the transaction is enabling it
if (ctx.tx.isFieldPresent(sfIssuerEncryptionKey) &&
!sleMptIssuance->isFlag(lsfMPTCanConfidentialAmount) && !enablesConfidentialAmount)
{
return tecNO_PERMISSION;
}
if (ctx.tx.isFieldPresent(sfAuditorEncryptionKey) &&
!sleMptIssuance->isFlag(lsfMPTCanConfidentialAmount) && !enablesConfidentialAmount)
{
return tecNO_PERMISSION;
}
// cannot upload key if there's circulating supply of COA
if ((ctx.tx.isFieldPresent(sfIssuerEncryptionKey) ||
ctx.tx.isFieldPresent(sfAuditorEncryptionKey)) &&
sleMptIssuance->isFieldPresent(sfConfidentialOutstandingAmount))
{
return tecNO_PERMISSION; // LCOV_EXCL_LINE
}
return tesSUCCESS;
}
@@ -273,11 +368,11 @@ MPTokenIssuanceSet::doApply()
{
if ((mutableFlags & f.setFlag) != 0u)
{
flagsOut |= f.canMutateFlag;
flagsOut |= f.targetFlag;
}
else if ((mutableFlags & f.clearFlag) != 0u)
{
flagsOut &= ~f.canMutateFlag;
flagsOut &= ~f.targetFlag;
}
}
@@ -338,6 +433,26 @@ MPTokenIssuanceSet::doApply()
}
}
if (auto const pubKey = ctx_.tx[~sfIssuerEncryptionKey])
{
// This is enforced in preflight.
XRPL_ASSERT(
sle->getType() == ltMPTOKEN_ISSUANCE,
"MPTokenIssuanceSet::doApply : modifying MPTokenIssuance");
sle->setFieldVL(sfIssuerEncryptionKey, *pubKey);
}
if (auto const pubKey = ctx_.tx[~sfAuditorEncryptionKey])
{
// This is enforced in preflight.
XRPL_ASSERT(
sle->getType() == ltMPTOKEN_ISSUANCE,
"MPTokenIssuanceSet::doApply : modifying MPTokenIssuance");
sle->setFieldVL(sfAuditorEncryptionKey, *pubKey);
}
view().update(sle);
return tesSUCCESS;

8784
src/test/app/ConfidentialTransfer_test.cpp Normal file
View File

File diff suppressed because it is too large Load Diff

2
src/test/app/Delegate_test.cpp
View File

@@ -1845,7 +1845,7 @@ class Delegate_test : public beast::unit_test::suite
// DO NOT modify expectedDelegableCount unless all scenarios, including
// edge cases, have been fully tested and verified.
// ====================================================================
std::size_t const expectedDelegableCount = 75;
std::size_t const expectedDelegableCount = 80;
BEAST_EXPECTS(
delegableCount == expectedDelegableCount,

190
src/test/app/Invariants_test.cpp
View File

@@ -3855,6 +3855,195 @@ class Invariants_test : public beast::unit_test::suite
precloseMpt);
}
void
testConfidentialMPTTransfer()
{
using namespace test::jtx;
testcase << "ValidConfidentialMPToken";
MPTID mptID;
// Generate an MPT with privacy, issue 100 tokens to A2.
// Perform a confidential conversion to populate encrypted state.
auto const precloseConfidential =
[&mptID](Account const& A1, Account const& A2, Env& env) -> bool {
MPTTester mpt(env, A1, {.holders = {A2}, .fund = false});
mpt.create({.flags = tfMPTCanTransfer | tfMPTCanConfidentialAmount});
mptID = mpt.issuanceID();
mpt.authorize({.account = A2});
mpt.pay(A1, A2, 100);
mpt.generateKeyPair(A1);
mpt.set({.account = A1, .issuerPubKey = mpt.getPubKey(A1)});
mpt.generateKeyPair(A2);
mpt.convert({
.account = A2,
.amt = 100,
.holderPubKey = mpt.getPubKey(A2),
});
return true;
};
// badDelete
doInvariantCheck(
{"MPToken deleted with encrypted fields while COA > 0"},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleToken = ac.view().peek(keylet::mptoken(mptID, A2.id()));
if (!sleToken)
return false;
// Force an erase of the object while the COA remains 100
ac.view().erase(sleToken);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_AUTHORIZE, [](STObject&) {}},
{tecINVARIANT_FAILED, tefINVARIANT_FAILED},
precloseConfidential);
// badConsistency
doInvariantCheck(
{"MPToken encrypted field existence inconsistency"},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleToken = ac.view().peek(keylet::mptoken(mptID, A2.id()));
if (!sleToken)
return false;
// Remove one of the required encrypted fields to create a mismatch
sleToken->makeFieldAbsent(sfIssuerEncryptedBalance);
ac.view().update(sleToken);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_AUTHORIZE, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED},
precloseConfidential);
// requiresPrivacyFlag
auto const precloseNoPrivacy = [&mptID](
Account const& A1, Account const& A2, Env& env) -> bool {
MPTTester mpt(env, A1, {.holders = {A2}, .fund = false});
// completely omitted the tfMPTCanConfidentialAmount flag here.
mpt.create({.flags = tfMPTCanTransfer});
mptID = mpt.issuanceID();
mpt.authorize({.account = A2});
mpt.pay(A1, A2, 100);
return true;
};
doInvariantCheck(
{"MPToken has encrypted fields but Issuance does not have lsfMPTCanConfidentialAmount "
"set"},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleToken = ac.view().peek(keylet::mptoken(mptID, A2.id()));
if (!sleToken)
return false;
// Inject fields correctly, but the Issuance was built without the privacy flag.
sleToken->setFieldVL(sfConfidentialBalanceInbox, Blob{0x00});
sleToken->setFieldVL(sfIssuerEncryptedBalance, Blob{0x00});
ac.view().update(sleToken);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_AUTHORIZE, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED},
precloseNoPrivacy);
// badCOA
doInvariantCheck(
{"Confidential outstanding amount exceeds total outstanding amount"},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleIssuance = ac.view().peek(keylet::mptIssuance(mptID));
if (!sleIssuance)
return false;
// Total outstanding is natively 100; bloat the COA over 100
sleIssuance->setFieldU64(sfConfidentialOutstandingAmount, 200);
ac.view().update(sleIssuance);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_ISSUANCE_SET, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED},
precloseConfidential);
// Conservation Violation
doInvariantCheck(
{"Token conservation violation for MPT"},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleIssuance = ac.view().peek(keylet::mptIssuance(mptID));
if (!sleIssuance)
return false;
sleIssuance->setFieldU64(
sfConfidentialOutstandingAmount,
sleIssuance->getFieldU64(sfConfidentialOutstandingAmount) - 10);
ac.view().update(sleIssuance);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_AUTHORIZE, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED},
precloseConfidential);
// badVersion
doInvariantCheck(
{"MPToken sfConfidentialBalanceVersion not updated when sfConfidentialBalanceSpending "
"changed"},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleToken = ac.view().peek(keylet::mptoken(mptID, A2.id()));
if (!sleToken)
return false;
sleToken->setFieldVL(sfConfidentialBalanceSpending, Blob{0xBA, 0xDD});
// DO NOT update sfConfidentialBalanceVersion
ac.view().update(sleToken);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_AUTHORIZE, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED},
precloseConfidential);
// Skipping Deleted MPTs (Issuance deleted)
auto const precloseOrphan = [&mptID](
Account const& A1, Account const& A2, Env& env) -> bool {
MPTTester mpt(env, A1, {.holders = {A2}, .fund = false});
mpt.create({.flags = tfMPTCanTransfer | tfMPTCanConfidentialAmount});
mptID = mpt.issuanceID();
mpt.authorize({.account = A2});
// Generate privacy keys and convert 0 amount so Bob has the encrypted fields
mpt.generateKeyPair(A1);
mpt.set({.account = A1, .issuerPubKey = mpt.getPubKey(A1)});
mpt.generateKeyPair(A2);
mpt.convert({
.account = A2,
.amt = 0,
.holderPubKey = mpt.getPubKey(A2),
});
// Immediately destroy the issuance. A2's empty, encrypted token object lives on.
mpt.destroy();
return true;
};
doInvariantCheck(
{},
[&mptID](Account const& A1, Account const& A2, ApplyContext& ac) {
auto sleToken = ac.view().peek(keylet::mptoken(mptID, A2.id()));
if (!sleToken)
return false;
// Safely able to erase the deleted token.
ac.view().erase(sleToken);
return true;
},
XRPAmount{},
STTx{ttMPTOKEN_AUTHORIZE, [](STObject&) {}},
{tesSUCCESS, tesSUCCESS},
precloseOrphan);
}
public:
void
run() override
@@ -3880,6 +4069,7 @@ public:
testValidPseudoAccounts();
testValidLoanBroker();
testVault();
testConfidentialMPTTransfer();
}
};

4
src/test/app/MPToken_test.cpp
View File

@@ -538,7 +538,8 @@ class MPToken_test : public beast::unit_test::suite
// (2)
mptAlice.set({.account = alice, .flags = 0x00000008, .err = temINVALID_FLAG});
if (!features[featureSingleAssetVault] && !features[featureDynamicMPT])
if (!features[featureSingleAssetVault] && !features[featureDynamicMPT] &&
!features[featureConfidentialTransfer])
{
// test invalid flags - nothing is being changed
mptAlice.set({.account = alice, .flags = 0x00000000, .err = tecNO_PERMISSION});
@@ -2680,6 +2681,7 @@ class MPToken_test : public beast::unit_test::suite
tmfMPTSetCanTrade | tmfMPTClearCanTrade,
tmfMPTSetCanTransfer | tmfMPTClearCanTransfer,
tmfMPTSetCanClawback | tmfMPTClearCanClawback,
tmfMPTSetCanConfidentialAmount | tmfMPTClearCanConfidentialAmount,
tmfMPTSetCanLock | tmfMPTClearCanLock | tmfMPTClearCanTrade,
tmfMPTSetCanTransfer | tmfMPTClearCanTransfer | tmfMPTSetCanEscrow |
tmfMPTClearCanClawback};

1814
src/test/jtx/impl/mpt.cpp
View File

File diff suppressed because it is too large Load Diff

365
src/test/jtx/mpt.h
View File

@@ -3,10 +3,14 @@
#include <test/jtx/Account.h>
#include <test/jtx/Env.h>
#include <test/jtx/ter.h>
#include <test/jtx/ticket.h>
#include <test/jtx/txflags.h>
#include <xrpl/protocol/ConfidentialTransfer.h>
#include <xrpl/protocol/UintTypes.h>
#include <cstdint>
namespace xrpl {
namespace test {
namespace jtx {
@@ -15,6 +19,22 @@ class MPTTester;
auto const MPTDEXFlags = tfMPTCanTrade | tfMPTCanTransfer;
/*Helper lambda to create a zero-initialized buffer.
WHY THIS IS NEEDED: In C++, xrpl::Buffer(size) allocates uninitialized heap memory.
Because CI runs unit tests sequentially in the same process, uninitialized memory
often recycles "ghost data" (like valid SECP256k1 keys or Pedersen commitments)
left over from previously executed tests.
When testing malformed cryptography paths, passing uninitialized memory might
accidentally supply a valid curve point, causing the ledger's preflight checks
to falsely succeed and return tecBAD_PROOF instead of the expected temMALFORMED.
Explicitly zeroing the buffer guarantees it fails structural validation. */
static auto makeZeroBuffer = [](size_t size) {
Buffer b(size);
if (size > 0)
std::memset(b.data(), 0, size);
return b;
};
// Check flags settings on MPT create
class mptflags
{
@@ -96,6 +116,7 @@ struct MPTCreate
struct MPTInit
{
Holders holders = {};
std::optional<Account> auditor = std::nullopt;
PrettyAmount const xrp = XRP(10'000);
PrettyAmount const xrpHolders = XRP(10'000);
bool fund = true;
@@ -110,6 +131,7 @@ struct MPTInitDef
Env& env;
Account issuer;
Holders holders = {};
std::optional<Account> auditor = std::nullopt;
std::uint16_t transferFee = 0;
std::optional<std::uint64_t> pay = std::nullopt;
std::uint32_t flags = MPTDEXFlags;
@@ -154,18 +176,182 @@ struct MPTSet
std::optional<std::string> metadata = std::nullopt;
std::optional<Account> delegate = std::nullopt;
std::optional<uint256> domainID = std::nullopt;
std::optional<Buffer> issuerPubKey = std::nullopt;
std::optional<Buffer> auditorPubKey = std::nullopt;
std::optional<std::uint32_t> ticketSeq = std::nullopt;
std::optional<TER> err = std::nullopt;
};
struct MPTConvert
{
std::optional<Account> account = std::nullopt;
std::optional<MPTID> id = std::nullopt;
std::optional<std::uint64_t> amt = std::nullopt;
std::optional<std::string> proof = std::nullopt;
std::optional<bool> fillAuditorEncryptedAmt = true;
// indicates whether to autofill schnorr proof.
// default : auto generate proof if holderPubKey is present.
// true: force proof generation.
// false: force proof omission.
std::optional<bool> fillSchnorrProof = std::nullopt;
std::optional<Buffer> holderPubKey = std::nullopt;
std::optional<Buffer> holderEncryptedAmt = std::nullopt;
std::optional<Buffer> issuerEncryptedAmt = std::nullopt;
std::optional<Buffer> auditorEncryptedAmt = std::nullopt;
std::optional<Buffer> blindingFactor = std::nullopt;
std::optional<Account> delegate = std::nullopt;
std::optional<std::uint32_t> ticketSeq = std::nullopt;
std::optional<std::uint32_t> ownerCount = std::nullopt;
std::optional<std::uint32_t> holderCount = std::nullopt;
std::optional<std::uint32_t> flags = std::nullopt;
std::optional<TER> err = std::nullopt;
};
struct MPTMergeInbox
{
std::optional<Account> account = std::nullopt;
std::optional<MPTID> id = std::nullopt;
std::optional<Account> delegate = std::nullopt;
std::optional<std::uint32_t> ticketSeq = std::nullopt;
std::optional<std::uint32_t> ownerCount = std::nullopt;
std::optional<std::uint32_t> holderCount = std::nullopt;
std::optional<std::uint32_t> flags = std::nullopt;
std::optional<TER> err = std::nullopt;
};
struct MPTConfidentialSend
{
std::optional<Account> account = std::nullopt;
std::optional<Account> dest = std::nullopt;
std::optional<MPTID> id = std::nullopt;
// amt is to generate encrypted amounts for testing purposes
std::optional<std::uint64_t> amt = std::nullopt;
std::optional<std::string> proof = std::nullopt;
std::optional<Buffer> senderEncryptedAmt = std::nullopt;
std::optional<Buffer> destEncryptedAmt = std::nullopt;
std::optional<Buffer> issuerEncryptedAmt = std::nullopt;
std::optional<Buffer> auditorEncryptedAmt = std::nullopt;
std::optional<bool> fillAuditorEncryptedAmt = true;
std::optional<std::vector<std::string>> credentials = std::nullopt;
// not an txn param, only used for autofilling
std::optional<Buffer> blindingFactor = std::nullopt;
std::optional<Buffer> amountCommitment = std::nullopt;
std::optional<Buffer> balanceCommitment = std::nullopt;
std::optional<Account> delegate = std::nullopt;
std::optional<std::uint32_t> ticketSeq = std::nullopt;
std::optional<std::uint32_t> ownerCount = std::nullopt;
std::optional<std::uint32_t> holderCount = std::nullopt;
std::optional<std::uint32_t> flags = std::nullopt;
std::optional<TER> err = std::nullopt;
};
struct MPTConvertBack
{
std::optional<Account> account = std::nullopt;
std::optional<MPTID> id = std::nullopt;
std::optional<std::uint64_t> amt = std::nullopt;
std::optional<Buffer> proof = std::nullopt;
std::optional<Buffer> holderEncryptedAmt = std::nullopt;
std::optional<Buffer> issuerEncryptedAmt = std::nullopt;
std::optional<Buffer> auditorEncryptedAmt = std::nullopt;
std::optional<bool> fillAuditorEncryptedAmt = true;
// not an txn param, only used for autofilling
std::optional<Buffer> blindingFactor = std::nullopt;
std::optional<Buffer> pedersenCommitment = std::nullopt;
std::optional<Account> delegate = std::nullopt;
std::optional<std::uint32_t> ticketSeq = std::nullopt;
std::optional<std::uint32_t> ownerCount = std::nullopt;
std::optional<std::uint32_t> holderCount = std::nullopt;
std::optional<std::uint32_t> flags = std::nullopt;
std::optional<TER> err = std::nullopt;
};
struct MPTConfidentialClawback
{
std::optional<Account> account = std::nullopt;
std::optional<Account> holder = std::nullopt;
std::optional<MPTID> id = std::nullopt;
std::optional<std::uint64_t> amt = std::nullopt;
std::optional<std::string> proof = std::nullopt;
std::optional<Account> delegate = std::nullopt;
std::optional<std::uint32_t> ticketSeq = std::nullopt;
std::optional<std::uint32_t> ownerCount = std::nullopt;
std::optional<std::uint32_t> holderCount = std::nullopt;
std::optional<std::uint32_t> flags = std::nullopt;
std::optional<TER> err = std::nullopt;
};
/**
* @brief Stores the parameters that are exclusively used to generate a
* pedersen linkage proof
*/
struct PedersenProofParams
{
Buffer const pedersenCommitment;
uint64_t const amt; // either spending balance or value to be transferred
Buffer const encryptedAmt;
Buffer const blindingFactor;
};
/**
* @brief When building multiple confidential sends from the same account inside a
* single batch transaction, pass this state to the transaction builder for
* each subsequent send so that its proof references the post previous-send
* encrypted balance rather than the stale pre-send ledger state.
*
* The fields mirror what the ledger will contain after the preceding send's
* doApply() completes:
* encSpending = homomorphicSubtract(prevEncSpending, senderEncAmt)
* version = prevVersion + 1
*/
struct ConfidentialSendChainState
{
std::uint64_t spending; // Decrypted spending balance after the previous send.
Buffer encSpending; // Encrypted spending balance after the previous send.
std::uint32_t version; // sfConfidentialBalanceVersion after the previous send.
};
/**
* @brief Use this when building a second (or later) confidential send from the same
* account in the same batch. Pass the state to the chain aware
* transaction builder so that the next proof is constructed against the
* correct post-send encrypted balance and version.
*
* @param currentSpending Decrypted spending balance before the send.
* @param currentEncSpending sfConfidentialBalanceSpending before the send.
* @param currentVersion sfConfidentialBalanceVersion before the send.
* @param sendAmt Plaintext amount being sent.
* @param senderEncAmt sfSenderEncryptedAmount from the send transaction.
* @return The predicted chain state, or std::nullopt if homomorphic subtraction fails
*/
std::optional<ConfidentialSendChainState>
computeNextSendChainState(
std::uint64_t currentSpending,
Slice const& currentEncSpending,
std::uint32_t currentVersion,
std::uint64_t sendAmt,
Slice const& senderEncAmt);
class MPTTester
{
Env& env_;
Account const issuer_;
std::unordered_map<std::string, Account> const holders_;
std::optional<Account> const auditor_;
std::optional<MPTID> id_;
bool close_;
std::unordered_map<AccountID, Buffer> pubKeys;
std::unordered_map<AccountID, Buffer> privKeys;
public:
enum EncryptedBalanceType {
ISSUER_ENCRYPTED_BALANCE,
HOLDER_ENCRYPTED_INBOX,
HOLDER_ENCRYPTED_SPENDING,
AUDITOR_ENCRYPTED_BALANCE,
};
MPTTester(Env& env, Account const& issuer, MPTInit const& constr = {});
MPTTester(MPTInitDef const& constr);
MPTTester(
@@ -203,6 +389,60 @@ public:
static Json::Value
setJV(MPTSet const& set = {});
void
convert(MPTConvert const& arg = MPTConvert{});
// Build a confidential convert JV without submitting. 'seq' is the inner
// transaction sequence used in the Schnorr proof context hash.
Json::Value
convertJV(MPTConvert const& arg, std::uint32_t seq);
void
mergeInbox(MPTMergeInbox const& arg = MPTMergeInbox{});
Json::Value
mergeInboxJV(MPTMergeInbox const& arg = MPTMergeInbox{}) const;
void
send(MPTConfidentialSend const& arg = MPTConfidentialSend{});
// Build a confidential send JV. When 'chain' is provided the sender's
// proof parameters are taken from it instead of the ledger, enabling
// correct proof generation for a second (or later) send from the same
// account inside a single batch.
Json::Value
sendJV(
MPTConfidentialSend const& arg,
std::uint32_t seq,
std::optional<ConfidentialSendChainState> chain = std::nullopt);
// Compute the projected sender state after a confidential send in a batch.
//
// Each confidential send requires a ZK proof that the sender's spending
// balance covers the transfer. In a batch, if there are more than one
// Confidential Send, the 2nd onwards send requires a proof that includes the
// updated spending balance.
//
// Example: Bob has 200, batches send 100 to Carol then 50 to Dave:
// jv1 = sendJV({bob->carol, 100}, seq1)
// chain = chainAfterSend(bob, 100, jv1) // projected balance after jv1 = 100
// jv2 = sendJV({bob->dave, 50}, seq2, chain)
ConfidentialSendChainState
chainAfterSend(Account const& sender, std::uint64_t sendAmt, Json::Value const& jv) const;
void
convertBack(MPTConvertBack const& arg = MPTConvertBack{});
// Build a confidential convertBack JV without submitting. 'seq' is the
// inner transaction sequence used in the proof context hash. Reads the
// current encrypted spending balance and version from the ledger, so call
// this before the batch is submitted.
Json::Value
convertBackJV(MPTConvertBack const& arg, std::uint32_t seq);
void
confidentialClaw(MPTConfidentialClawback const& arg = MPTConfidentialClawback{});
[[nodiscard]] bool
checkDomainID(std::optional<uint256> expected) const;
@@ -212,6 +452,9 @@ public:
[[nodiscard]] bool
checkMPTokenOutstandingAmount(std::int64_t expectedAmount) const;
[[nodiscard]] bool
checkIssuanceConfidentialBalance(std::int64_t expectedAmount) const;
[[nodiscard]] bool
checkFlags(uint32_t const expectedFlags, std::optional<Account> const& holder = std::nullopt)
const;
@@ -233,6 +476,7 @@ public:
{
return issuer_;
}
Account const&
holder(std::string const& h) const;
@@ -264,6 +508,14 @@ public:
std::int64_t
getBalance(Account const& account) const;
std::int64_t
getIssuanceConfidentialBalance() const;
std::optional<Buffer>
getEncryptedBalance(
Account const& account,
EncryptedBalanceType option = HOLDER_ENCRYPTED_INBOX) const;
MPT
operator[](std::string const& name) const;
@@ -272,6 +524,84 @@ public:
operator Asset() const;
bool
printMPT(Account const& holder_) const;
void
generateKeyPair(Account const& account);
std::optional<Buffer>
getPubKey(Account const& account) const;
std::optional<Buffer>
getPrivKey(Account const& account) const;
Buffer
encryptAmount(Account const& account, uint64_t const amt, Buffer const& blindingFactor) const;
std::optional<uint64_t>
decryptAmount(Account const& account, Buffer const& amt) const;
std::optional<uint64_t>
getDecryptedBalance(Account const& account, EncryptedBalanceType balanceType) const;
std::int64_t
getIssuanceOutstandingBalance() const;
std::optional<Buffer>
getClawbackProof(
Account const& holder,
std::uint64_t amount,
Buffer const& privateKey,
uint256 const& txHash) const;
std::optional<Buffer>
getSchnorrProof(Account const& account, uint256 const& ctxHash) const;
std::optional<Buffer>
getConfidentialSendProof(
Account const& sender,
std::uint64_t const amount,
std::vector<ConfidentialRecipient> const& recipients,
Slice const& blindingFactor,
std::size_t const nRecipients,
uint256 const& contextHash,
PedersenProofParams const& amountParams,
PedersenProofParams const& balanceParams) const;
Buffer
getConvertBackProof(
Account const& holder,
std::uint64_t const amount,
uint256 const& contextHash,
PedersenProofParams const& pcParams) const;
std::uint32_t
getMPTokenVersion(Account const account) const;
Buffer
getAmountLinkageProof(
Buffer const& pubKey,
Buffer const& blindingFactor,
uint256 const& contextHash,
PedersenProofParams const& params) const;
Buffer
getBalanceLinkageProof(
Account const& account,
uint256 const& contextHash,
Buffer const& pubKey,
PedersenProofParams const& params) const;
Buffer
getBulletproof(
std::vector<std::uint64_t> const& values,
std::vector<Buffer> const& blindingFactors,
uint256 const& contextHash) const;
Buffer
getPedersenCommitment(std::uint64_t const amount, Buffer const& pedersenBlindingFactor);
private:
using SLEP = SLE::const_pointer;
bool
@@ -283,7 +613,30 @@ private:
TER
submit(A const& arg, Json::Value const& jv)
{
env_(jv, txflags(arg.flags.value_or(0)), ter(arg.err.value_or(tesSUCCESS)));
auto const expectedFlags = txflags(arg.flags.value_or(0));
auto const expectedTer = ter(arg.err.value_or(tesSUCCESS));
std::optional<std::uint32_t> ticketSeq;
if constexpr (requires { arg.ticketSeq; })
ticketSeq = arg.ticketSeq;
std::optional<Account> delegateAcct;
if constexpr (requires { arg.delegate; })
delegateAcct = arg.delegate;
if (ticketSeq && delegateAcct)
env_(
jv,
expectedFlags,
expectedTer,
ticket::use(*ticketSeq),
delegate::as(*delegateAcct));
else if (ticketSeq)
env_(jv, expectedFlags, expectedTer, ticket::use(*ticketSeq));
else if (delegateAcct)
env_(jv, expectedFlags, expectedTer, delegate::as(*delegateAcct));
else
env_(jv, expectedFlags, expectedTer);
auto const err = env_.ter();
if (close_)
env_.close();
@@ -302,6 +655,16 @@ private:
std::uint32_t
getFlags(std::optional<Account> const& holder) const;
template <typename T>
void
fillConversionCiphertexts(
T const& arg,
Json::Value& jv,
Buffer& holderCiphertext,
Buffer& issuerCiphertext,
std::optional<Buffer>& auditorCiphertext,
Buffer& blindingFactor) const;
};
} // namespace jtx

81
src/tests/libxrpl/protocol_autogen/ledger_entries/MPTokenIssuanceTests.cpp
View File

@@ -33,6 +33,9 @@ TEST(MPTokenIssuanceTests, BuilderSettersRoundTrip)
auto const previousTxnLgrSeqValue = canonical_UINT32();
auto const domainIDValue = canonical_UINT256();
auto const mutableFlagsValue = canonical_UINT32();
auto const issuerEncryptionKeyValue = canonical_VL();
auto const auditorEncryptionKeyValue = canonical_VL();
auto const confidentialOutstandingAmountValue = canonical_UINT64();
MPTokenIssuanceBuilder builder{
issuerValue,
@@ -50,6 +53,9 @@ TEST(MPTokenIssuanceTests, BuilderSettersRoundTrip)
builder.setMPTokenMetadata(mPTokenMetadataValue);
builder.setDomainID(domainIDValue);
builder.setMutableFlags(mutableFlagsValue);
builder.setIssuerEncryptionKey(issuerEncryptionKeyValue);
builder.setAuditorEncryptionKey(auditorEncryptionKeyValue);
builder.setConfidentialOutstandingAmount(confidentialOutstandingAmountValue);
builder.setLedgerIndex(index);
builder.setFlags(0x1u);
@@ -152,6 +158,30 @@ TEST(MPTokenIssuanceTests, BuilderSettersRoundTrip)
EXPECT_TRUE(entry.hasMutableFlags());
}
{
auto const& expected = issuerEncryptionKeyValue;
auto const actualOpt = entry.getIssuerEncryptionKey();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfIssuerEncryptionKey");
EXPECT_TRUE(entry.hasIssuerEncryptionKey());
}
{
auto const& expected = auditorEncryptionKeyValue;
auto const actualOpt = entry.getAuditorEncryptionKey();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfAuditorEncryptionKey");
EXPECT_TRUE(entry.hasAuditorEncryptionKey());
}
{
auto const& expected = confidentialOutstandingAmountValue;
auto const actualOpt = entry.getConfidentialOutstandingAmount();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfConfidentialOutstandingAmount");
EXPECT_TRUE(entry.hasConfidentialOutstandingAmount());
}
EXPECT_TRUE(entry.hasLedgerIndex());
auto const ledgerIndex = entry.getLedgerIndex();
ASSERT_TRUE(ledgerIndex.has_value());
@@ -178,6 +208,9 @@ TEST(MPTokenIssuanceTests, BuilderFromSleRoundTrip)
auto const previousTxnLgrSeqValue = canonical_UINT32();
auto const domainIDValue = canonical_UINT256();
auto const mutableFlagsValue = canonical_UINT32();
auto const issuerEncryptionKeyValue = canonical_VL();
auto const auditorEncryptionKeyValue = canonical_VL();
auto const confidentialOutstandingAmountValue = canonical_UINT64();
auto sle = std::make_shared<SLE>(MPTokenIssuance::entryType, index);
@@ -194,6 +227,9 @@ TEST(MPTokenIssuanceTests, BuilderFromSleRoundTrip)
sle->at(sfPreviousTxnLgrSeq) = previousTxnLgrSeqValue;
sle->at(sfDomainID) = domainIDValue;
sle->at(sfMutableFlags) = mutableFlagsValue;
sle->at(sfIssuerEncryptionKey) = issuerEncryptionKeyValue;
sle->at(sfAuditorEncryptionKey) = auditorEncryptionKeyValue;
sle->at(sfConfidentialOutstandingAmount) = confidentialOutstandingAmountValue;
MPTokenIssuanceBuilder builderFromSle{sle};
EXPECT_TRUE(builderFromSle.validate());
@@ -355,6 +391,45 @@ TEST(MPTokenIssuanceTests, BuilderFromSleRoundTrip)
expectEqualField(expected, *fromBuilderOpt, "sfMutableFlags");
}
{
auto const& expected = issuerEncryptionKeyValue;
auto const fromSleOpt = entryFromSle.getIssuerEncryptionKey();
auto const fromBuilderOpt = entryFromBuilder.getIssuerEncryptionKey();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfIssuerEncryptionKey");
expectEqualField(expected, *fromBuilderOpt, "sfIssuerEncryptionKey");
}
{
auto const& expected = auditorEncryptionKeyValue;
auto const fromSleOpt = entryFromSle.getAuditorEncryptionKey();
auto const fromBuilderOpt = entryFromBuilder.getAuditorEncryptionKey();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfAuditorEncryptionKey");
expectEqualField(expected, *fromBuilderOpt, "sfAuditorEncryptionKey");
}
{
auto const& expected = confidentialOutstandingAmountValue;
auto const fromSleOpt = entryFromSle.getConfidentialOutstandingAmount();
auto const fromBuilderOpt = entryFromBuilder.getConfidentialOutstandingAmount();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfConfidentialOutstandingAmount");
expectEqualField(expected, *fromBuilderOpt, "sfConfidentialOutstandingAmount");
}
EXPECT_EQ(entryFromSle.getKey(), index);
EXPECT_EQ(entryFromBuilder.getKey(), index);
}
@@ -433,5 +508,11 @@ TEST(MPTokenIssuanceTests, OptionalFieldsReturnNullopt)
EXPECT_FALSE(entry.getDomainID().has_value());
EXPECT_FALSE(entry.hasMutableFlags());
EXPECT_FALSE(entry.getMutableFlags().has_value());
EXPECT_FALSE(entry.hasIssuerEncryptionKey());
EXPECT_FALSE(entry.getIssuerEncryptionKey().has_value());
EXPECT_FALSE(entry.hasAuditorEncryptionKey());
EXPECT_FALSE(entry.getAuditorEncryptionKey().has_value());
EXPECT_FALSE(entry.hasConfidentialOutstandingAmount());
EXPECT_FALSE(entry.getConfidentialOutstandingAmount().has_value());
}
}

162
src/tests/libxrpl/protocol_autogen/ledger_entries/MPTokenTests.cpp
View File

@@ -27,6 +27,12 @@ TEST(MPTokenTests, BuilderSettersRoundTrip)
auto const ownerNodeValue = canonical_UINT64();
auto const previousTxnIDValue = canonical_UINT256();
auto const previousTxnLgrSeqValue = canonical_UINT32();
auto const confidentialBalanceInboxValue = canonical_VL();
auto const confidentialBalanceSpendingValue = canonical_VL();
auto const confidentialBalanceVersionValue = canonical_UINT32();
auto const issuerEncryptedBalanceValue = canonical_VL();
auto const auditorEncryptedBalanceValue = canonical_VL();
auto const holderEncryptionKeyValue = canonical_VL();
MPTokenBuilder builder{
accountValue,
@@ -38,6 +44,12 @@ TEST(MPTokenTests, BuilderSettersRoundTrip)
builder.setMPTAmount(mPTAmountValue);
builder.setLockedAmount(lockedAmountValue);
builder.setConfidentialBalanceInbox(confidentialBalanceInboxValue);
builder.setConfidentialBalanceSpending(confidentialBalanceSpendingValue);
builder.setConfidentialBalanceVersion(confidentialBalanceVersionValue);
builder.setIssuerEncryptedBalance(issuerEncryptedBalanceValue);
builder.setAuditorEncryptedBalance(auditorEncryptedBalanceValue);
builder.setHolderEncryptionKey(holderEncryptionKeyValue);
builder.setLedgerIndex(index);
builder.setFlags(0x1u);
@@ -94,6 +106,54 @@ TEST(MPTokenTests, BuilderSettersRoundTrip)
EXPECT_TRUE(entry.hasLockedAmount());
}
{
auto const& expected = confidentialBalanceInboxValue;
auto const actualOpt = entry.getConfidentialBalanceInbox();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfConfidentialBalanceInbox");
EXPECT_TRUE(entry.hasConfidentialBalanceInbox());
}
{
auto const& expected = confidentialBalanceSpendingValue;
auto const actualOpt = entry.getConfidentialBalanceSpending();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfConfidentialBalanceSpending");
EXPECT_TRUE(entry.hasConfidentialBalanceSpending());
}
{
auto const& expected = confidentialBalanceVersionValue;
auto const actualOpt = entry.getConfidentialBalanceVersion();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfConfidentialBalanceVersion");
EXPECT_TRUE(entry.hasConfidentialBalanceVersion());
}
{
auto const& expected = issuerEncryptedBalanceValue;
auto const actualOpt = entry.getIssuerEncryptedBalance();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfIssuerEncryptedBalance");
EXPECT_TRUE(entry.hasIssuerEncryptedBalance());
}
{
auto const& expected = auditorEncryptedBalanceValue;
auto const actualOpt = entry.getAuditorEncryptedBalance();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedBalance");
EXPECT_TRUE(entry.hasAuditorEncryptedBalance());
}
{
auto const& expected = holderEncryptionKeyValue;
auto const actualOpt = entry.getHolderEncryptionKey();
ASSERT_TRUE(actualOpt.has_value());
expectEqualField(expected, *actualOpt, "sfHolderEncryptionKey");
EXPECT_TRUE(entry.hasHolderEncryptionKey());
}
EXPECT_TRUE(entry.hasLedgerIndex());
auto const ledgerIndex = entry.getLedgerIndex();
ASSERT_TRUE(ledgerIndex.has_value());
@@ -114,6 +174,12 @@ TEST(MPTokenTests, BuilderFromSleRoundTrip)
auto const ownerNodeValue = canonical_UINT64();
auto const previousTxnIDValue = canonical_UINT256();
auto const previousTxnLgrSeqValue = canonical_UINT32();
auto const confidentialBalanceInboxValue = canonical_VL();
auto const confidentialBalanceSpendingValue = canonical_VL();
auto const confidentialBalanceVersionValue = canonical_UINT32();
auto const issuerEncryptedBalanceValue = canonical_VL();
auto const auditorEncryptedBalanceValue = canonical_VL();
auto const holderEncryptionKeyValue = canonical_VL();
auto sle = std::make_shared<SLE>(MPToken::entryType, index);
@@ -124,6 +190,12 @@ TEST(MPTokenTests, BuilderFromSleRoundTrip)
sle->at(sfOwnerNode) = ownerNodeValue;
sle->at(sfPreviousTxnID) = previousTxnIDValue;
sle->at(sfPreviousTxnLgrSeq) = previousTxnLgrSeqValue;
sle->at(sfConfidentialBalanceInbox) = confidentialBalanceInboxValue;
sle->at(sfConfidentialBalanceSpending) = confidentialBalanceSpendingValue;
sle->at(sfConfidentialBalanceVersion) = confidentialBalanceVersionValue;
sle->at(sfIssuerEncryptedBalance) = issuerEncryptedBalanceValue;
sle->at(sfAuditorEncryptedBalance) = auditorEncryptedBalanceValue;
sle->at(sfHolderEncryptionKey) = holderEncryptionKeyValue;
MPTokenBuilder builderFromSle{sle};
EXPECT_TRUE(builderFromSle.validate());
@@ -210,6 +282,84 @@ TEST(MPTokenTests, BuilderFromSleRoundTrip)
expectEqualField(expected, *fromBuilderOpt, "sfLockedAmount");
}
{
auto const& expected = confidentialBalanceInboxValue;
auto const fromSleOpt = entryFromSle.getConfidentialBalanceInbox();
auto const fromBuilderOpt = entryFromBuilder.getConfidentialBalanceInbox();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfConfidentialBalanceInbox");
expectEqualField(expected, *fromBuilderOpt, "sfConfidentialBalanceInbox");
}
{
auto const& expected = confidentialBalanceSpendingValue;
auto const fromSleOpt = entryFromSle.getConfidentialBalanceSpending();
auto const fromBuilderOpt = entryFromBuilder.getConfidentialBalanceSpending();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfConfidentialBalanceSpending");
expectEqualField(expected, *fromBuilderOpt, "sfConfidentialBalanceSpending");
}
{
auto const& expected = confidentialBalanceVersionValue;
auto const fromSleOpt = entryFromSle.getConfidentialBalanceVersion();
auto const fromBuilderOpt = entryFromBuilder.getConfidentialBalanceVersion();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfConfidentialBalanceVersion");
expectEqualField(expected, *fromBuilderOpt, "sfConfidentialBalanceVersion");
}
{
auto const& expected = issuerEncryptedBalanceValue;
auto const fromSleOpt = entryFromSle.getIssuerEncryptedBalance();
auto const fromBuilderOpt = entryFromBuilder.getIssuerEncryptedBalance();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfIssuerEncryptedBalance");
expectEqualField(expected, *fromBuilderOpt, "sfIssuerEncryptedBalance");
}
{
auto const& expected = auditorEncryptedBalanceValue;
auto const fromSleOpt = entryFromSle.getAuditorEncryptedBalance();
auto const fromBuilderOpt = entryFromBuilder.getAuditorEncryptedBalance();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfAuditorEncryptedBalance");
expectEqualField(expected, *fromBuilderOpt, "sfAuditorEncryptedBalance");
}
{
auto const& expected = holderEncryptionKeyValue;
auto const fromSleOpt = entryFromSle.getHolderEncryptionKey();
auto const fromBuilderOpt = entryFromBuilder.getHolderEncryptionKey();
ASSERT_TRUE(fromSleOpt.has_value());
ASSERT_TRUE(fromBuilderOpt.has_value());
expectEqualField(expected, *fromSleOpt, "sfHolderEncryptionKey");
expectEqualField(expected, *fromBuilderOpt, "sfHolderEncryptionKey");
}
EXPECT_EQ(entryFromSle.getKey(), index);
EXPECT_EQ(entryFromBuilder.getKey(), index);
}
@@ -276,5 +426,17 @@ TEST(MPTokenTests, OptionalFieldsReturnNullopt)
EXPECT_FALSE(entry.getMPTAmount().has_value());
EXPECT_FALSE(entry.hasLockedAmount());
EXPECT_FALSE(entry.getLockedAmount().has_value());
EXPECT_FALSE(entry.hasConfidentialBalanceInbox());
EXPECT_FALSE(entry.getConfidentialBalanceInbox().has_value());
EXPECT_FALSE(entry.hasConfidentialBalanceSpending());
EXPECT_FALSE(entry.getConfidentialBalanceSpending().has_value());
EXPECT_FALSE(entry.hasConfidentialBalanceVersion());
EXPECT_FALSE(entry.getConfidentialBalanceVersion().has_value());
EXPECT_FALSE(entry.hasIssuerEncryptedBalance());
EXPECT_FALSE(entry.getIssuerEncryptedBalance().has_value());
EXPECT_FALSE(entry.hasAuditorEncryptedBalance());
EXPECT_FALSE(entry.getAuditorEncryptedBalance().has_value());
EXPECT_FALSE(entry.hasHolderEncryptionKey());
EXPECT_FALSE(entry.getHolderEncryptionKey().has_value());
}
}

194
src/tests/libxrpl/protocol_autogen/transactions/ConfidentialMPTClawbackTests.cpp Normal file
View File

@@ -0,0 +1,194 @@
// Auto-generated unit tests for transaction ConfidentialMPTClawback
#include <gtest/gtest.h>
#include <protocol_autogen/TestHelpers.h>
#include <xrpl/protocol/SecretKey.h>
#include <xrpl/protocol/Seed.h>
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol_autogen/transactions/ConfidentialMPTClawback.h>
#include <xrpl/protocol_autogen/transactions/AccountSet.h>
#include <string>
namespace xrpl::transactions {
// 1 & 4) Set fields via builder setters, build, then read them back via
// wrapper getters. After build(), validate() should succeed.
TEST(TransactionsConfidentialMPTClawbackTests, BuilderSettersRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTClawback"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 1;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const holderValue = canonical_ACCOUNT();
auto const mPTAmountValue = canonical_UINT64();
auto const zKProofValue = canonical_VL();
ConfidentialMPTClawbackBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
holderValue,
mPTAmountValue,
zKProofValue,
sequenceValue,
feeValue
};
// Set optional fields
auto tx = builder.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(tx.validate(reason)) << reason;
// Verify signing was applied
EXPECT_FALSE(tx.getSigningPubKey().empty());
EXPECT_TRUE(tx.hasTxnSignature());
// Verify common fields
EXPECT_EQ(tx.getAccount(), accountValue);
EXPECT_EQ(tx.getSequence(), sequenceValue);
EXPECT_EQ(tx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = tx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = holderValue;
auto const actual = tx.getHolder();
expectEqualField(expected, actual, "sfHolder");
}
{
auto const& expected = mPTAmountValue;
auto const actual = tx.getMPTAmount();
expectEqualField(expected, actual, "sfMPTAmount");
}
{
auto const& expected = zKProofValue;
auto const actual = tx.getZKProof();
expectEqualField(expected, actual, "sfZKProof");
}
// Verify optional fields
}
// 2 & 4) Start from an STTx, construct a builder from it, build a new wrapper,
// and verify all fields match.
TEST(TransactionsConfidentialMPTClawbackTests, BuilderFromStTxRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTClawbackFromTx"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 2;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const holderValue = canonical_ACCOUNT();
auto const mPTAmountValue = canonical_UINT64();
auto const zKProofValue = canonical_VL();
// Build an initial transaction
ConfidentialMPTClawbackBuilder initialBuilder{
accountValue,
mPTokenIssuanceIDValue,
holderValue,
mPTAmountValue,
zKProofValue,
sequenceValue,
feeValue
};
auto initialTx = initialBuilder.build(publicKey, secretKey);
// Create builder from existing STTx
ConfidentialMPTClawbackBuilder builderFromTx{initialTx.getSTTx()};
auto rebuiltTx = builderFromTx.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(rebuiltTx.validate(reason)) << reason;
// Verify common fields
EXPECT_EQ(rebuiltTx.getAccount(), accountValue);
EXPECT_EQ(rebuiltTx.getSequence(), sequenceValue);
EXPECT_EQ(rebuiltTx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = rebuiltTx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = holderValue;
auto const actual = rebuiltTx.getHolder();
expectEqualField(expected, actual, "sfHolder");
}
{
auto const& expected = mPTAmountValue;
auto const actual = rebuiltTx.getMPTAmount();
expectEqualField(expected, actual, "sfMPTAmount");
}
{
auto const& expected = zKProofValue;
auto const actual = rebuiltTx.getZKProof();
expectEqualField(expected, actual, "sfZKProof");
}
// Verify optional fields
}
// 3) Verify wrapper throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTClawbackTests, WrapperThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongType"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTClawback{wrongTx.getSTTx()}, std::runtime_error);
}
// 4) Verify builder throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTClawbackTests, BuilderThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongTypeBuilder"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTClawbackBuilder{wrongTx.getSTTx()}, std::runtime_error);
}
}

303
src/tests/libxrpl/protocol_autogen/transactions/ConfidentialMPTConvertBackTests.cpp Normal file
View File

@@ -0,0 +1,303 @@
// Auto-generated unit tests for transaction ConfidentialMPTConvertBack
#include <gtest/gtest.h>
#include <protocol_autogen/TestHelpers.h>
#include <xrpl/protocol/SecretKey.h>
#include <xrpl/protocol/Seed.h>
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol_autogen/transactions/ConfidentialMPTConvertBack.h>
#include <xrpl/protocol_autogen/transactions/AccountSet.h>
#include <string>
namespace xrpl::transactions {
// 1 & 4) Set fields via builder setters, build, then read them back via
// wrapper getters. After build(), validate() should succeed.
TEST(TransactionsConfidentialMPTConvertBackTests, BuilderSettersRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTConvertBack"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 1;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const mPTAmountValue = canonical_UINT64();
auto const holderEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const auditorEncryptedAmountValue = canonical_VL();
auto const blindingFactorValue = canonical_UINT256();
auto const zKProofValue = canonical_VL();
auto const balanceCommitmentValue = canonical_VL();
ConfidentialMPTConvertBackBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
mPTAmountValue,
holderEncryptedAmountValue,
issuerEncryptedAmountValue,
blindingFactorValue,
zKProofValue,
balanceCommitmentValue,
sequenceValue,
feeValue
};
// Set optional fields
builder.setAuditorEncryptedAmount(auditorEncryptedAmountValue);
auto tx = builder.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(tx.validate(reason)) << reason;
// Verify signing was applied
EXPECT_FALSE(tx.getSigningPubKey().empty());
EXPECT_TRUE(tx.hasTxnSignature());
// Verify common fields
EXPECT_EQ(tx.getAccount(), accountValue);
EXPECT_EQ(tx.getSequence(), sequenceValue);
EXPECT_EQ(tx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = tx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = mPTAmountValue;
auto const actual = tx.getMPTAmount();
expectEqualField(expected, actual, "sfMPTAmount");
}
{
auto const& expected = holderEncryptedAmountValue;
auto const actual = tx.getHolderEncryptedAmount();
expectEqualField(expected, actual, "sfHolderEncryptedAmount");
}
{
auto const& expected = issuerEncryptedAmountValue;
auto const actual = tx.getIssuerEncryptedAmount();
expectEqualField(expected, actual, "sfIssuerEncryptedAmount");
}
{
auto const& expected = blindingFactorValue;
auto const actual = tx.getBlindingFactor();
expectEqualField(expected, actual, "sfBlindingFactor");
}
{
auto const& expected = zKProofValue;
auto const actual = tx.getZKProof();
expectEqualField(expected, actual, "sfZKProof");
}
{
auto const& expected = balanceCommitmentValue;
auto const actual = tx.getBalanceCommitment();
expectEqualField(expected, actual, "sfBalanceCommitment");
}
// Verify optional fields
{
auto const& expected = auditorEncryptedAmountValue;
auto const actualOpt = tx.getAuditorEncryptedAmount();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptedAmount should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedAmount");
EXPECT_TRUE(tx.hasAuditorEncryptedAmount());
}
}
// 2 & 4) Start from an STTx, construct a builder from it, build a new wrapper,
// and verify all fields match.
TEST(TransactionsConfidentialMPTConvertBackTests, BuilderFromStTxRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTConvertBackFromTx"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 2;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const mPTAmountValue = canonical_UINT64();
auto const holderEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const auditorEncryptedAmountValue = canonical_VL();
auto const blindingFactorValue = canonical_UINT256();
auto const zKProofValue = canonical_VL();
auto const balanceCommitmentValue = canonical_VL();
// Build an initial transaction
ConfidentialMPTConvertBackBuilder initialBuilder{
accountValue,
mPTokenIssuanceIDValue,
mPTAmountValue,
holderEncryptedAmountValue,
issuerEncryptedAmountValue,
blindingFactorValue,
zKProofValue,
balanceCommitmentValue,
sequenceValue,
feeValue
};
initialBuilder.setAuditorEncryptedAmount(auditorEncryptedAmountValue);
auto initialTx = initialBuilder.build(publicKey, secretKey);
// Create builder from existing STTx
ConfidentialMPTConvertBackBuilder builderFromTx{initialTx.getSTTx()};
auto rebuiltTx = builderFromTx.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(rebuiltTx.validate(reason)) << reason;
// Verify common fields
EXPECT_EQ(rebuiltTx.getAccount(), accountValue);
EXPECT_EQ(rebuiltTx.getSequence(), sequenceValue);
EXPECT_EQ(rebuiltTx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = rebuiltTx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = mPTAmountValue;
auto const actual = rebuiltTx.getMPTAmount();
expectEqualField(expected, actual, "sfMPTAmount");
}
{
auto const& expected = holderEncryptedAmountValue;
auto const actual = rebuiltTx.getHolderEncryptedAmount();
expectEqualField(expected, actual, "sfHolderEncryptedAmount");
}
{
auto const& expected = issuerEncryptedAmountValue;
auto const actual = rebuiltTx.getIssuerEncryptedAmount();
expectEqualField(expected, actual, "sfIssuerEncryptedAmount");
}
{
auto const& expected = blindingFactorValue;
auto const actual = rebuiltTx.getBlindingFactor();
expectEqualField(expected, actual, "sfBlindingFactor");
}
{
auto const& expected = zKProofValue;
auto const actual = rebuiltTx.getZKProof();
expectEqualField(expected, actual, "sfZKProof");
}
{
auto const& expected = balanceCommitmentValue;
auto const actual = rebuiltTx.getBalanceCommitment();
expectEqualField(expected, actual, "sfBalanceCommitment");
}
// Verify optional fields
{
auto const& expected = auditorEncryptedAmountValue;
auto const actualOpt = rebuiltTx.getAuditorEncryptedAmount();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptedAmount should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedAmount");
}
}
// 3) Verify wrapper throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTConvertBackTests, WrapperThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongType"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTConvertBack{wrongTx.getSTTx()}, std::runtime_error);
}
// 4) Verify builder throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTConvertBackTests, BuilderThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongTypeBuilder"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTConvertBackBuilder{wrongTx.getSTTx()}, std::runtime_error);
}
// 5) Build with only required fields and verify optional fields return nullopt.
TEST(TransactionsConfidentialMPTConvertBackTests, OptionalFieldsReturnNullopt)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTConvertBackNullopt"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 3;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific required field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const mPTAmountValue = canonical_UINT64();
auto const holderEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const blindingFactorValue = canonical_UINT256();
auto const zKProofValue = canonical_VL();
auto const balanceCommitmentValue = canonical_VL();
ConfidentialMPTConvertBackBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
mPTAmountValue,
holderEncryptedAmountValue,
issuerEncryptedAmountValue,
blindingFactorValue,
zKProofValue,
balanceCommitmentValue,
sequenceValue,
feeValue
};
// Do NOT set optional fields
auto tx = builder.build(publicKey, secretKey);
// Verify optional fields are not present
EXPECT_FALSE(tx.hasAuditorEncryptedAmount());
EXPECT_FALSE(tx.getAuditorEncryptedAmount().has_value());
}
}

309
src/tests/libxrpl/protocol_autogen/transactions/ConfidentialMPTConvertTests.cpp Normal file
View File

@@ -0,0 +1,309 @@
// Auto-generated unit tests for transaction ConfidentialMPTConvert
#include <gtest/gtest.h>
#include <protocol_autogen/TestHelpers.h>
#include <xrpl/protocol/SecretKey.h>
#include <xrpl/protocol/Seed.h>
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol_autogen/transactions/ConfidentialMPTConvert.h>
#include <xrpl/protocol_autogen/transactions/AccountSet.h>
#include <string>
namespace xrpl::transactions {
// 1 & 4) Set fields via builder setters, build, then read them back via
// wrapper getters. After build(), validate() should succeed.
TEST(TransactionsConfidentialMPTConvertTests, BuilderSettersRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTConvert"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 1;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const mPTAmountValue = canonical_UINT64();
auto const holderEncryptionKeyValue = canonical_VL();
auto const holderEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const auditorEncryptedAmountValue = canonical_VL();
auto const blindingFactorValue = canonical_UINT256();
auto const zKProofValue = canonical_VL();
ConfidentialMPTConvertBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
mPTAmountValue,
holderEncryptedAmountValue,
issuerEncryptedAmountValue,
blindingFactorValue,
sequenceValue,
feeValue
};
// Set optional fields
builder.setHolderEncryptionKey(holderEncryptionKeyValue);
builder.setAuditorEncryptedAmount(auditorEncryptedAmountValue);
builder.setZKProof(zKProofValue);
auto tx = builder.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(tx.validate(reason)) << reason;
// Verify signing was applied
EXPECT_FALSE(tx.getSigningPubKey().empty());
EXPECT_TRUE(tx.hasTxnSignature());
// Verify common fields
EXPECT_EQ(tx.getAccount(), accountValue);
EXPECT_EQ(tx.getSequence(), sequenceValue);
EXPECT_EQ(tx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = tx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = mPTAmountValue;
auto const actual = tx.getMPTAmount();
expectEqualField(expected, actual, "sfMPTAmount");
}
{
auto const& expected = holderEncryptedAmountValue;
auto const actual = tx.getHolderEncryptedAmount();
expectEqualField(expected, actual, "sfHolderEncryptedAmount");
}
{
auto const& expected = issuerEncryptedAmountValue;
auto const actual = tx.getIssuerEncryptedAmount();
expectEqualField(expected, actual, "sfIssuerEncryptedAmount");
}
{
auto const& expected = blindingFactorValue;
auto const actual = tx.getBlindingFactor();
expectEqualField(expected, actual, "sfBlindingFactor");
}
// Verify optional fields
{
auto const& expected = holderEncryptionKeyValue;
auto const actualOpt = tx.getHolderEncryptionKey();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfHolderEncryptionKey should be present";
expectEqualField(expected, *actualOpt, "sfHolderEncryptionKey");
EXPECT_TRUE(tx.hasHolderEncryptionKey());
}
{
auto const& expected = auditorEncryptedAmountValue;
auto const actualOpt = tx.getAuditorEncryptedAmount();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptedAmount should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedAmount");
EXPECT_TRUE(tx.hasAuditorEncryptedAmount());
}
{
auto const& expected = zKProofValue;
auto const actualOpt = tx.getZKProof();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfZKProof should be present";
expectEqualField(expected, *actualOpt, "sfZKProof");
EXPECT_TRUE(tx.hasZKProof());
}
}
// 2 & 4) Start from an STTx, construct a builder from it, build a new wrapper,
// and verify all fields match.
TEST(TransactionsConfidentialMPTConvertTests, BuilderFromStTxRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTConvertFromTx"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 2;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const mPTAmountValue = canonical_UINT64();
auto const holderEncryptionKeyValue = canonical_VL();
auto const holderEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const auditorEncryptedAmountValue = canonical_VL();
auto const blindingFactorValue = canonical_UINT256();
auto const zKProofValue = canonical_VL();
// Build an initial transaction
ConfidentialMPTConvertBuilder initialBuilder{
accountValue,
mPTokenIssuanceIDValue,
mPTAmountValue,
holderEncryptedAmountValue,
issuerEncryptedAmountValue,
blindingFactorValue,
sequenceValue,
feeValue
};
initialBuilder.setHolderEncryptionKey(holderEncryptionKeyValue);
initialBuilder.setAuditorEncryptedAmount(auditorEncryptedAmountValue);
initialBuilder.setZKProof(zKProofValue);
auto initialTx = initialBuilder.build(publicKey, secretKey);
// Create builder from existing STTx
ConfidentialMPTConvertBuilder builderFromTx{initialTx.getSTTx()};
auto rebuiltTx = builderFromTx.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(rebuiltTx.validate(reason)) << reason;
// Verify common fields
EXPECT_EQ(rebuiltTx.getAccount(), accountValue);
EXPECT_EQ(rebuiltTx.getSequence(), sequenceValue);
EXPECT_EQ(rebuiltTx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = rebuiltTx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = mPTAmountValue;
auto const actual = rebuiltTx.getMPTAmount();
expectEqualField(expected, actual, "sfMPTAmount");
}
{
auto const& expected = holderEncryptedAmountValue;
auto const actual = rebuiltTx.getHolderEncryptedAmount();
expectEqualField(expected, actual, "sfHolderEncryptedAmount");
}
{
auto const& expected = issuerEncryptedAmountValue;
auto const actual = rebuiltTx.getIssuerEncryptedAmount();
expectEqualField(expected, actual, "sfIssuerEncryptedAmount");
}
{
auto const& expected = blindingFactorValue;
auto const actual = rebuiltTx.getBlindingFactor();
expectEqualField(expected, actual, "sfBlindingFactor");
}
// Verify optional fields
{
auto const& expected = holderEncryptionKeyValue;
auto const actualOpt = rebuiltTx.getHolderEncryptionKey();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfHolderEncryptionKey should be present";
expectEqualField(expected, *actualOpt, "sfHolderEncryptionKey");
}
{
auto const& expected = auditorEncryptedAmountValue;
auto const actualOpt = rebuiltTx.getAuditorEncryptedAmount();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptedAmount should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedAmount");
}
{
auto const& expected = zKProofValue;
auto const actualOpt = rebuiltTx.getZKProof();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfZKProof should be present";
expectEqualField(expected, *actualOpt, "sfZKProof");
}
}
// 3) Verify wrapper throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTConvertTests, WrapperThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongType"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTConvert{wrongTx.getSTTx()}, std::runtime_error);
}
// 4) Verify builder throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTConvertTests, BuilderThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongTypeBuilder"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTConvertBuilder{wrongTx.getSTTx()}, std::runtime_error);
}
// 5) Build with only required fields and verify optional fields return nullopt.
TEST(TransactionsConfidentialMPTConvertTests, OptionalFieldsReturnNullopt)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTConvertNullopt"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 3;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific required field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const mPTAmountValue = canonical_UINT64();
auto const holderEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const blindingFactorValue = canonical_UINT256();
ConfidentialMPTConvertBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
mPTAmountValue,
holderEncryptedAmountValue,
issuerEncryptedAmountValue,
blindingFactorValue,
sequenceValue,
feeValue
};
// Do NOT set optional fields
auto tx = builder.build(publicKey, secretKey);
// Verify optional fields are not present
EXPECT_FALSE(tx.hasHolderEncryptionKey());
EXPECT_FALSE(tx.getHolderEncryptionKey().has_value());
EXPECT_FALSE(tx.hasAuditorEncryptedAmount());
EXPECT_FALSE(tx.getAuditorEncryptedAmount().has_value());
EXPECT_FALSE(tx.hasZKProof());
EXPECT_FALSE(tx.getZKProof().has_value());
}
}

146
src/tests/libxrpl/protocol_autogen/transactions/ConfidentialMPTMergeInboxTests.cpp Normal file
View File

@@ -0,0 +1,146 @@
// Auto-generated unit tests for transaction ConfidentialMPTMergeInbox
#include <gtest/gtest.h>
#include <protocol_autogen/TestHelpers.h>
#include <xrpl/protocol/SecretKey.h>
#include <xrpl/protocol/Seed.h>
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol_autogen/transactions/ConfidentialMPTMergeInbox.h>
#include <xrpl/protocol_autogen/transactions/AccountSet.h>
#include <string>
namespace xrpl::transactions {
// 1 & 4) Set fields via builder setters, build, then read them back via
// wrapper getters. After build(), validate() should succeed.
TEST(TransactionsConfidentialMPTMergeInboxTests, BuilderSettersRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTMergeInbox"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 1;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
ConfidentialMPTMergeInboxBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
sequenceValue,
feeValue
};
// Set optional fields
auto tx = builder.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(tx.validate(reason)) << reason;
// Verify signing was applied
EXPECT_FALSE(tx.getSigningPubKey().empty());
EXPECT_TRUE(tx.hasTxnSignature());
// Verify common fields
EXPECT_EQ(tx.getAccount(), accountValue);
EXPECT_EQ(tx.getSequence(), sequenceValue);
EXPECT_EQ(tx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = tx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
// Verify optional fields
}
// 2 & 4) Start from an STTx, construct a builder from it, build a new wrapper,
// and verify all fields match.
TEST(TransactionsConfidentialMPTMergeInboxTests, BuilderFromStTxRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTMergeInboxFromTx"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 2;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
// Build an initial transaction
ConfidentialMPTMergeInboxBuilder initialBuilder{
accountValue,
mPTokenIssuanceIDValue,
sequenceValue,
feeValue
};
auto initialTx = initialBuilder.build(publicKey, secretKey);
// Create builder from existing STTx
ConfidentialMPTMergeInboxBuilder builderFromTx{initialTx.getSTTx()};
auto rebuiltTx = builderFromTx.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(rebuiltTx.validate(reason)) << reason;
// Verify common fields
EXPECT_EQ(rebuiltTx.getAccount(), accountValue);
EXPECT_EQ(rebuiltTx.getSequence(), sequenceValue);
EXPECT_EQ(rebuiltTx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = rebuiltTx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
// Verify optional fields
}
// 3) Verify wrapper throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTMergeInboxTests, WrapperThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongType"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTMergeInbox{wrongTx.getSTTx()}, std::runtime_error);
}
// 4) Verify builder throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTMergeInboxTests, BuilderThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongTypeBuilder"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTMergeInboxBuilder{wrongTx.getSTTx()}, std::runtime_error);
}
}

342
src/tests/libxrpl/protocol_autogen/transactions/ConfidentialMPTSendTests.cpp Normal file
View File

@@ -0,0 +1,342 @@
// Auto-generated unit tests for transaction ConfidentialMPTSend
#include <gtest/gtest.h>
#include <protocol_autogen/TestHelpers.h>
#include <xrpl/protocol/SecretKey.h>
#include <xrpl/protocol/Seed.h>
#include <xrpl/protocol/STTx.h>
#include <xrpl/protocol_autogen/transactions/ConfidentialMPTSend.h>
#include <xrpl/protocol_autogen/transactions/AccountSet.h>
#include <string>
namespace xrpl::transactions {
// 1 & 4) Set fields via builder setters, build, then read them back via
// wrapper getters. After build(), validate() should succeed.
TEST(TransactionsConfidentialMPTSendTests, BuilderSettersRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTSend"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 1;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const destinationValue = canonical_ACCOUNT();
auto const senderEncryptedAmountValue = canonical_VL();
auto const destinationEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const auditorEncryptedAmountValue = canonical_VL();
auto const zKProofValue = canonical_VL();
auto const amountCommitmentValue = canonical_VL();
auto const balanceCommitmentValue = canonical_VL();
auto const credentialIDsValue = canonical_VECTOR256();
ConfidentialMPTSendBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
destinationValue,
senderEncryptedAmountValue,
destinationEncryptedAmountValue,
issuerEncryptedAmountValue,
zKProofValue,
amountCommitmentValue,
balanceCommitmentValue,
sequenceValue,
feeValue
};
// Set optional fields
builder.setAuditorEncryptedAmount(auditorEncryptedAmountValue);
builder.setCredentialIDs(credentialIDsValue);
auto tx = builder.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(tx.validate(reason)) << reason;
// Verify signing was applied
EXPECT_FALSE(tx.getSigningPubKey().empty());
EXPECT_TRUE(tx.hasTxnSignature());
// Verify common fields
EXPECT_EQ(tx.getAccount(), accountValue);
EXPECT_EQ(tx.getSequence(), sequenceValue);
EXPECT_EQ(tx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = tx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = destinationValue;
auto const actual = tx.getDestination();
expectEqualField(expected, actual, "sfDestination");
}
{
auto const& expected = senderEncryptedAmountValue;
auto const actual = tx.getSenderEncryptedAmount();
expectEqualField(expected, actual, "sfSenderEncryptedAmount");
}
{
auto const& expected = destinationEncryptedAmountValue;
auto const actual = tx.getDestinationEncryptedAmount();
expectEqualField(expected, actual, "sfDestinationEncryptedAmount");
}
{
auto const& expected = issuerEncryptedAmountValue;
auto const actual = tx.getIssuerEncryptedAmount();
expectEqualField(expected, actual, "sfIssuerEncryptedAmount");
}
{
auto const& expected = zKProofValue;
auto const actual = tx.getZKProof();
expectEqualField(expected, actual, "sfZKProof");
}
{
auto const& expected = amountCommitmentValue;
auto const actual = tx.getAmountCommitment();
expectEqualField(expected, actual, "sfAmountCommitment");
}
{
auto const& expected = balanceCommitmentValue;
auto const actual = tx.getBalanceCommitment();
expectEqualField(expected, actual, "sfBalanceCommitment");
}
// Verify optional fields
{
auto const& expected = auditorEncryptedAmountValue;
auto const actualOpt = tx.getAuditorEncryptedAmount();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptedAmount should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedAmount");
EXPECT_TRUE(tx.hasAuditorEncryptedAmount());
}
{
auto const& expected = credentialIDsValue;
auto const actualOpt = tx.getCredentialIDs();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfCredentialIDs should be present";
expectEqualField(expected, *actualOpt, "sfCredentialIDs");
EXPECT_TRUE(tx.hasCredentialIDs());
}
}
// 2 & 4) Start from an STTx, construct a builder from it, build a new wrapper,
// and verify all fields match.
TEST(TransactionsConfidentialMPTSendTests, BuilderFromStTxRoundTrip)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTSendFromTx"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 2;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const destinationValue = canonical_ACCOUNT();
auto const senderEncryptedAmountValue = canonical_VL();
auto const destinationEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const auditorEncryptedAmountValue = canonical_VL();
auto const zKProofValue = canonical_VL();
auto const amountCommitmentValue = canonical_VL();
auto const balanceCommitmentValue = canonical_VL();
auto const credentialIDsValue = canonical_VECTOR256();
// Build an initial transaction
ConfidentialMPTSendBuilder initialBuilder{
accountValue,
mPTokenIssuanceIDValue,
destinationValue,
senderEncryptedAmountValue,
destinationEncryptedAmountValue,
issuerEncryptedAmountValue,
zKProofValue,
amountCommitmentValue,
balanceCommitmentValue,
sequenceValue,
feeValue
};
initialBuilder.setAuditorEncryptedAmount(auditorEncryptedAmountValue);
initialBuilder.setCredentialIDs(credentialIDsValue);
auto initialTx = initialBuilder.build(publicKey, secretKey);
// Create builder from existing STTx
ConfidentialMPTSendBuilder builderFromTx{initialTx.getSTTx()};
auto rebuiltTx = builderFromTx.build(publicKey, secretKey);
std::string reason;
EXPECT_TRUE(rebuiltTx.validate(reason)) << reason;
// Verify common fields
EXPECT_EQ(rebuiltTx.getAccount(), accountValue);
EXPECT_EQ(rebuiltTx.getSequence(), sequenceValue);
EXPECT_EQ(rebuiltTx.getFee(), feeValue);
// Verify required fields
{
auto const& expected = mPTokenIssuanceIDValue;
auto const actual = rebuiltTx.getMPTokenIssuanceID();
expectEqualField(expected, actual, "sfMPTokenIssuanceID");
}
{
auto const& expected = destinationValue;
auto const actual = rebuiltTx.getDestination();
expectEqualField(expected, actual, "sfDestination");
}
{
auto const& expected = senderEncryptedAmountValue;
auto const actual = rebuiltTx.getSenderEncryptedAmount();
expectEqualField(expected, actual, "sfSenderEncryptedAmount");
}
{
auto const& expected = destinationEncryptedAmountValue;
auto const actual = rebuiltTx.getDestinationEncryptedAmount();
expectEqualField(expected, actual, "sfDestinationEncryptedAmount");
}
{
auto const& expected = issuerEncryptedAmountValue;
auto const actual = rebuiltTx.getIssuerEncryptedAmount();
expectEqualField(expected, actual, "sfIssuerEncryptedAmount");
}
{
auto const& expected = zKProofValue;
auto const actual = rebuiltTx.getZKProof();
expectEqualField(expected, actual, "sfZKProof");
}
{
auto const& expected = amountCommitmentValue;
auto const actual = rebuiltTx.getAmountCommitment();
expectEqualField(expected, actual, "sfAmountCommitment");
}
{
auto const& expected = balanceCommitmentValue;
auto const actual = rebuiltTx.getBalanceCommitment();
expectEqualField(expected, actual, "sfBalanceCommitment");
}
// Verify optional fields
{
auto const& expected = auditorEncryptedAmountValue;
auto const actualOpt = rebuiltTx.getAuditorEncryptedAmount();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptedAmount should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptedAmount");
}
{
auto const& expected = credentialIDsValue;
auto const actualOpt = rebuiltTx.getCredentialIDs();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfCredentialIDs should be present";
expectEqualField(expected, *actualOpt, "sfCredentialIDs");
}
}
// 3) Verify wrapper throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTSendTests, WrapperThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongType"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTSend{wrongTx.getSTTx()}, std::runtime_error);
}
// 4) Verify builder throws when constructed from wrong transaction type.
TEST(TransactionsConfidentialMPTSendTests, BuilderThrowsOnWrongTxType)
{
// Build a valid transaction of a different type
auto const [pk, sk] =
generateKeyPair(KeyType::secp256k1, generateSeed("testWrongTypeBuilder"));
auto const account = calcAccountID(pk);
AccountSetBuilder wrongBuilder{account, 1, canonical_AMOUNT()};
auto wrongTx = wrongBuilder.build(pk, sk);
EXPECT_THROW(ConfidentialMPTSendBuilder{wrongTx.getSTTx()}, std::runtime_error);
}
// 5) Build with only required fields and verify optional fields return nullopt.
TEST(TransactionsConfidentialMPTSendTests, OptionalFieldsReturnNullopt)
{
// Generate a deterministic keypair for signing
auto const [publicKey, secretKey] =
generateKeyPair(KeyType::secp256k1, generateSeed("testConfidentialMPTSendNullopt"));
// Common transaction fields
auto const accountValue = calcAccountID(publicKey);
std::uint32_t const sequenceValue = 3;
auto const feeValue = canonical_AMOUNT();
// Transaction-specific required field values
auto const mPTokenIssuanceIDValue = canonical_UINT192();
auto const destinationValue = canonical_ACCOUNT();
auto const senderEncryptedAmountValue = canonical_VL();
auto const destinationEncryptedAmountValue = canonical_VL();
auto const issuerEncryptedAmountValue = canonical_VL();
auto const zKProofValue = canonical_VL();
auto const amountCommitmentValue = canonical_VL();
auto const balanceCommitmentValue = canonical_VL();
ConfidentialMPTSendBuilder builder{
accountValue,
mPTokenIssuanceIDValue,
destinationValue,
senderEncryptedAmountValue,
destinationEncryptedAmountValue,
issuerEncryptedAmountValue,
zKProofValue,
amountCommitmentValue,
balanceCommitmentValue,
sequenceValue,
feeValue
};
// Do NOT set optional fields
auto tx = builder.build(publicKey, secretKey);
// Verify optional fields are not present
EXPECT_FALSE(tx.hasAuditorEncryptedAmount());
EXPECT_FALSE(tx.getAuditorEncryptedAmount().has_value());
EXPECT_FALSE(tx.hasCredentialIDs());
EXPECT_FALSE(tx.getCredentialIDs().has_value());
}
}

42
src/tests/libxrpl/protocol_autogen/transactions/MPTokenIssuanceSetTests.cpp
View File

@@ -35,6 +35,8 @@ TEST(TransactionsMPTokenIssuanceSetTests, BuilderSettersRoundTrip)
auto const mPTokenMetadataValue = canonical_VL();
auto const transferFeeValue = canonical_UINT16();
auto const mutableFlagsValue = canonical_UINT32();
auto const issuerEncryptionKeyValue = canonical_VL();
auto const auditorEncryptionKeyValue = canonical_VL();
MPTokenIssuanceSetBuilder builder{
accountValue,
@@ -49,6 +51,8 @@ TEST(TransactionsMPTokenIssuanceSetTests, BuilderSettersRoundTrip)
builder.setMPTokenMetadata(mPTokenMetadataValue);
builder.setTransferFee(transferFeeValue);
builder.setMutableFlags(mutableFlagsValue);
builder.setIssuerEncryptionKey(issuerEncryptionKeyValue);
builder.setAuditorEncryptionKey(auditorEncryptionKeyValue);
auto tx = builder.build(publicKey, secretKey);
@@ -112,6 +116,22 @@ TEST(TransactionsMPTokenIssuanceSetTests, BuilderSettersRoundTrip)
EXPECT_TRUE(tx.hasMutableFlags());
}
{
auto const& expected = issuerEncryptionKeyValue;
auto const actualOpt = tx.getIssuerEncryptionKey();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfIssuerEncryptionKey should be present";
expectEqualField(expected, *actualOpt, "sfIssuerEncryptionKey");
EXPECT_TRUE(tx.hasIssuerEncryptionKey());
}
{
auto const& expected = auditorEncryptionKeyValue;
auto const actualOpt = tx.getAuditorEncryptionKey();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptionKey should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptionKey");
EXPECT_TRUE(tx.hasAuditorEncryptionKey());
}
}
// 2 & 4) Start from an STTx, construct a builder from it, build a new wrapper,
@@ -134,6 +154,8 @@ TEST(TransactionsMPTokenIssuanceSetTests, BuilderFromStTxRoundTrip)
auto const mPTokenMetadataValue = canonical_VL();
auto const transferFeeValue = canonical_UINT16();
auto const mutableFlagsValue = canonical_UINT32();
auto const issuerEncryptionKeyValue = canonical_VL();
auto const auditorEncryptionKeyValue = canonical_VL();
// Build an initial transaction
MPTokenIssuanceSetBuilder initialBuilder{
@@ -148,6 +170,8 @@ TEST(TransactionsMPTokenIssuanceSetTests, BuilderFromStTxRoundTrip)
initialBuilder.setMPTokenMetadata(mPTokenMetadataValue);
initialBuilder.setTransferFee(transferFeeValue);
initialBuilder.setMutableFlags(mutableFlagsValue);
initialBuilder.setIssuerEncryptionKey(issuerEncryptionKeyValue);
initialBuilder.setAuditorEncryptionKey(auditorEncryptionKeyValue);
auto initialTx = initialBuilder.build(publicKey, secretKey);
@@ -207,6 +231,20 @@ TEST(TransactionsMPTokenIssuanceSetTests, BuilderFromStTxRoundTrip)
expectEqualField(expected, *actualOpt, "sfMutableFlags");
}
{
auto const& expected = issuerEncryptionKeyValue;
auto const actualOpt = rebuiltTx.getIssuerEncryptionKey();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfIssuerEncryptionKey should be present";
expectEqualField(expected, *actualOpt, "sfIssuerEncryptionKey");
}
{
auto const& expected = auditorEncryptionKeyValue;
auto const actualOpt = rebuiltTx.getAuditorEncryptionKey();
ASSERT_TRUE(actualOpt.has_value()) << "Optional field sfAuditorEncryptionKey should be present";
expectEqualField(expected, *actualOpt, "sfAuditorEncryptionKey");
}
}
// 3) Verify wrapper throws when constructed from wrong transaction type.
@@ -274,6 +312,10 @@ TEST(TransactionsMPTokenIssuanceSetTests, OptionalFieldsReturnNullopt)
EXPECT_FALSE(tx.getTransferFee().has_value());
EXPECT_FALSE(tx.hasMutableFlags());
EXPECT_FALSE(tx.getMutableFlags().has_value());
EXPECT_FALSE(tx.hasIssuerEncryptionKey());
EXPECT_FALSE(tx.getIssuerEncryptionKey().has_value());
EXPECT_FALSE(tx.hasAuditorEncryptionKey());
EXPECT_FALSE(tx.getAuditorEncryptionKey().has_value());
}
}