Implement Cobuild integration and Solana support #3
Conversation
migrate PR from: nervosnetwork/ckb-production-scripts#75 including * eos * tron * bitcoin(Support UniSat and OKX wallet) * dogecoin Special feature for btc/etc, now they can display meaningful messages. * BTC(UniSat/OKX) You're signing: CKB (Bitcoin Layer-2) transaction: 0x{sighash_all in hex} * ETH(Metamask) You're signing: CKB transaction: 0x{sighash_all in hex}
* The main implementation is in cobuild.c. * The lazy reader is implemented in cobuild.c. Other changes: * Add test cases for cobuild * Update ckb-* to 0.113.0 and rust-toolchain * Update ckb-c-stdlib * Add test vectors
* support message calculation flow in seal * Add testcase
* Change to 1st hardfork
Cobuild otx implementation and test cases. Other major changes: * Minimize secp256k1 precomputed table * Support llvm toolchain Other minor changes: * Update gcc toolchain * Update ckb-c-stdlib * Add rust format rules --------- Co-authored-by: Mohanson <mohanson@outlook.com> Co-authored-by: joii2020 <87224197+joii2020@users.noreply.github.com>
XuJiandong
requested review from
xxuejie and
jjyr
and removed request for
doitian
There was a problem hiding this comment.
I haven't finished checking the correctness part of the code.
But the more I look at this code, the more I think we failed to deliver a proper set of API in molecule-c2, and the accompanying Rust API at nervosnetwork/molecule#77.
Personally, I would picture 2 clearly defined, distinct eras of APIs where CKB smart contracts use:
- Initially, we had a bunch of APIs, like load_input, load_witness, load_cell, load_cell_by_field, etc. And you are expected to be experienced enough to mix the use of them to achieve validation
- With lazy loader, we should be able to reduce the effort to only a selected few APIs: load_script for loading current script, and load_transaction for accessing anything related to the enclosing transaction.
In the second era, I would expect a smart contract only needs to build a single data source containing the entire transaction, and in 99% of the case, CKB transaction will very small, meaning a single syscall can be used by the data source to load the whole transaction into a memory buffer owned by the data source. Later the smart contract only needs to deal with a single cursor built from the data source containing the full transaction. The smart contract can then slice the cursor into smaller cursors, like one cursor for an input cell, and another cursor for an output cell lock, and yet another cursor for a witness. A cursor representing a witness can be further reassembly into a cursor for a WitnessLayout structure, or a WitnessArgs structure for legacy layout.
To me, that would bring us a much cleaner and a much performant design.
However, in current omnilock, we are still mixing numerous APIs together, littered with different patterns. get_witness_layout and ckb_fetch_otx_start are 2 examples here. We are manually coding against many hidden jargons, making the code harder to read nor maintain. Combining with the fact that molecule-c2 does no verification on the data structure, I must say I wouldn't personally agree with the way this lock is organized now.
Yes there is a chance the lock script might still be correct mostly and secure, but to me this lock is moving into a uncertain direction, and I'm afraid it's gonna bite us one day.
So if I were doing this, I would go back to molecule-c2, if the API is not good enough for usage, we should alter molecule-c2 with better APIs. After that, omnilock should only need to construct a single cursor containing the full CKB transaction, and continue to validate from there.
A single data source is not working for following data structure:
|
Correct, those syscalls are just like But that does not void the reasoning here: there are simply too many code pieces in the implementation now to load a part of the data which indeed belong to the enclosing transaction, causing enough confusions and chaos. |
* Remove all "20210801". Include: submodules(ckb-c-stdlib, secp256k1), secp256k1_data * Remove clang makefile * Use compiled __builtin_ctzl
* Fix check_since * Add test cases for since
* Refactor to leverage molecule-c2 as much as possible
|
This can of course be a latter task, but I believe we can move |
Apply verify_WitnessLayout and verify_WitnessArgs on molecule data. --------- Co-authored-by: xjd <xjd@cryptape.com>
Add test cases: * The witnesses is none * The output data is big enough(700K) * Add a 700K witness * Args is big enough (700K)
* Test case Otx support header_dep
* Add test vectors for cobuild * Remove deps secp256k1_data on testcase
|
Hi there, it's Lumos. We're planning to integrate with the CoBuild protocol through Omnilock and would like to ask a few questions before proceeding:
|
issue 2: yes, it's stable. |
|
Hello, CKB SDK Rust is also planning to support CoBuild , it would be very helpful to have a synchronized PR for updating 0042-omnilock.md. |
| @@ -0,0 +1,8 @@ | |||
| import basic; | |||
There was a problem hiding this comment.
Contract usually only needs WitnessLayout, I would recommend spliting the schema into two files:
witness_layout.mol: ContainsWitnessLayoutand its dependenciesbuilding_packet.mol: This is for offchain, it importswitness_layoutand includes the definition forBuildingPacketas well as other dependencies.
|
I have a question regarding the script built by I remember that the I received the following output from the ckb-debugger, where the log another possibility is that the |
It is expected behavior. Will be removed when it's ready. It's very important for troubleshooting now. |
I see, it does helpful for debugging |
Reference C implementation: cryptape/omnilock#3 Changes: - add lazy reader support - API changed - add testing - add documents. make it ready for publishing - fix according to updated spec - add logs
* refactor cobuild into a standalone library * fix simulator bug on witness * cleanup comments * update clang-format docker
|
I noticed that during the scanning process, the contract checks for the presence of a WitnessLayout in witnesses to determine if CoBuild mode is activated. However, the current implementation seems incomplete in scenarios where an NFT can be minted while unlocking a long-term Nervos DAO. Such transactions may look like this: inputs:
- input#0:
lock: omnilock
type: dao
- input#1 # mint lock cell
lock: nft-mint-lock # to check if a Nervos DAO has been locked for a particular period
outputs:
- output#0:
lock: omnilock
type: dao-withdraw
- output#1 # mint lock cell
- output#2 # NFT cell
witnesses:
- witness#0: WitnessArgs # dao deposit header witness
- witness#1: WitnessLayout.SighashAll # with mint NFT action |
* Solana (phantom wallet) draft support * Check consumed cycles * Optimize get_witness_layout * Add macro DISABLE_MESSAGE_CALCULATION_FLOW
XuJiandong
changed the title
Add checking to generated binary
|
Pudge testnet deployment information:
|
* Add exec test case
XuJiandong
changed the title
For the detail of Solana support, please see XuJiandong#48
Comments for Cobuild reviewing: