saplingscriptpubkeyman.h

Go to the documentation of this file.

// Copyright (c) 2020-2021 The PIVX Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
#ifndef PIVX_SAPLING_SAPLINGSCRIPTPUBKEYMAN_H
#define PIVX_SAPLING_SAPLINGSCRIPTPUBKEYMAN_H
 
#include "consensus/consensus.h"
#include "sapling/incrementalmerkletree.h"
#include "sapling/note.h"
#include "uint256.h"
#include "wallet/hdchain.h"
#include "wallet/scriptpubkeyman.h"
#include "wallet/wallet.h"
#include "wallet/walletdb.h"
#include <map>
 
//  Should be large enough that we can expect not to reorg beyond our cache
//  unless there is some exceptional network disruption.
static const unsigned int WITNESS_CACHE_SIZE = DEFAULT_MAX_REORG_DEPTH + 1;
 
class CBlock;
class CBlockIndex;
 
struct SaplingNoteEntry
{
    explicit SaplingNoteEntry(const SaplingOutPoint& _op,
                              const libzcash::SaplingPaymentAddress& _addr,
                              const libzcash::SaplingNote& _note,
                              const std::array<unsigned char, ZC_MEMO_SIZE>& _memo,
                              const int _conf) :
                              op(_op), address(_addr), note(_note), memo(_memo),
                              confirmations(_conf) { }
    SaplingOutPoint op;
    libzcash::SaplingPaymentAddress address;
    libzcash::SaplingNote note;
    std::array<unsigned char, ZC_MEMO_SIZE> memo;
    int confirmations;
};
 
class SaplingNoteData
{
public:
 
    SaplingNoteData() : nullifier() { }
    explicit SaplingNoteData(const libzcash::SaplingIncomingViewingKey& _ivk) : ivk {_ivk}, nullifier() { }
    SaplingNoteData(const libzcash::SaplingIncomingViewingKey& _ivk, const uint256& n) : ivk {_ivk}, nullifier(n) { }
 
    /* witnesses/ivk: only for own (received) outputs */
    std::list<SaplingWitness> witnesses;
 
    Optional<libzcash::SaplingIncomingViewingKey> ivk {nullopt};
    inline bool IsMyNote() const { return ivk != nullopt; }
 
    Optional<CAmount> amount{nullopt};
 
     Optional<libzcash::SaplingPaymentAddress> address{nullopt};
 
     Optional<std::array<unsigned char, ZC_MEMO_SIZE>> memo{nullopt};
 
    int witnessHeight{-1};
 
    Optional<uint256> nullifier;
 
    SERIALIZE_METHODS(SaplingNoteData, obj)
    {
        int nVersion = s.GetVersion();
        if (!(s.GetType() & SER_GETHASH)) {
            READWRITE(nVersion);
        }
        READWRITE(obj.ivk);
        READWRITE(obj.nullifier);
        READWRITE(obj.witnesses);
        READWRITE(obj.witnessHeight);
        READWRITE(obj.amount);
        READWRITE(obj.address);
        READWRITE(obj.memo);
    }
 
    friend bool operator==(const SaplingNoteData& a, const SaplingNoteData& b) {
        return (a.ivk == b.ivk &&
                a.nullifier == b.nullifier &&
                a.witnessHeight == b.witnessHeight &&
                a.amount == b.amount &&
                a.address == b.address &&
                a.memo == b.memo);
    }
 
    friend bool operator!=(const SaplingNoteData& a, const SaplingNoteData& b) {
        return !(a == b);
    }
};
 
enum KeyAddResult {
    SpendingKeyExists,
    KeyAlreadyExists,
    KeyAdded,
    KeyNotAdded,
};
 
typedef std::map<SaplingOutPoint, SaplingNoteData> mapSaplingNoteData_t;
 
/*
 * Sapling keys manager
 * A class implementing SaplingScriptPubKeyMan manages all sapling keys and Notes used in a wallet.
 * It is responsible for the decryption of notes and caching metadata.
 * A SaplingScriptPubKeyMan will be able to give out notes to be used, as well as marking
 * when a note has been used. It also handles when and how to store a sapling OutputDescription
 * and its related keys, including encryption.
 * A ScriptPubKeyMan will also update notes witnesses, and keep track of nullifiers.
 */
class SaplingScriptPubKeyMan {
 
public:
    explicit SaplingScriptPubKeyMan(CWallet *parent) : wallet(parent) {}
 
    ~SaplingScriptPubKeyMan() {};
 
    void AddToSaplingSpends(const uint256& nullifier, const uint256& wtxid);
    bool IsSaplingSpent(const SaplingOutPoint& op) const;
    bool IsSaplingSpent(const uint256& nullifier) const;
 
    bool BuildWitnessChain(const CBlockIndex* pTargetBlock, const Consensus::Params& params, std::string& errorStr);
 
    void IncrementNoteWitnesses(const CBlockIndex* pindex,
                                const CBlock* pblock,
                                SaplingMerkleTree& saplingTree);
    void DecrementNoteWitnesses(const CBlockIndex* pindex);
 
    void UpdateNullifierNoteMapWithTx(const CWalletTx& wtx);
 
    void UpdateSaplingNullifierNoteMap(SaplingNoteData& nd, const SaplingOutPoint& op, const Optional<uint256>& nullifier);
 
    void UpdateSaplingNullifierNoteMapWithTx(CWalletTx& wtx);
 
    void UpdateSaplingNullifierNoteMapForBlock(const CBlock* pblock);
 
    bool SetupGeneration(const CKeyID& keyID, bool force = false, bool memonly = false);
    bool IsEnabled() const { return !hdChain.IsNull(); };
 
    /* Set the current HD seed (will reset the chain child index counters)
      Sets the seed's version based on the current wallet version (so the
      caller must ensure the current wallet version is correct before calling
      this function). */
    void SetHDSeed(const CPubKey& key, bool force = false, bool memonly = false);
    void SetHDSeed(const CKeyID& keyID, bool force = false, bool memonly = false);
 
    /* Set the HD chain model (chain child index counters) */
    void SetHDChain(CHDChain& chain, bool memonly);
    const CHDChain& GetHDChain() const { return hdChain; }
 
    /* Get cached sapling commonOVK
     * If nullopt, read it from the database, and save it.
     * If not found in the database, create a new one from the HD seed (throw
     * if the wallet is locked), write it to database, and save it.
     */
    uint256 getCommonOVK();
    void setCommonOVK(const uint256& ovk) { commonOVK = ovk; }
 
    /* Encrypt Sapling keys */
    bool EncryptSaplingKeys(CKeyingMaterial& vMasterKeyIn);
 
    void GetConflicts(const CWalletTx& wtx, std::set<uint256>& result) const;
 
    // Get the ivk creation time (we are only using the ivk's default address)
    int64_t GetKeyCreationTime(const libzcash::SaplingIncomingViewingKey& ivk);
 
    // Add full viewing key if it's not already in the wallet
    KeyAddResult AddViewingKeyToWallet(const libzcash::SaplingExtendedFullViewingKey &extfvk) const;
 
    // Add spending key if it's not already in the wallet
    KeyAddResult AddSpendingKeyToWallet(
            const Consensus::Params &params,
            const libzcash::SaplingExtendedSpendingKey &sk,
            int64_t nTime);
 
    libzcash::SaplingPaymentAddress GenerateNewSaplingZKey();
    bool AddSaplingZKey(const libzcash::SaplingExtendedSpendingKey &key);
    bool AddSaplingIncomingViewingKey(
            const libzcash::SaplingIncomingViewingKey &ivk,
            const libzcash::SaplingPaymentAddress &addr);
    bool AddCryptedSaplingSpendingKeyDB(
            const libzcash::SaplingExtendedFullViewingKey &extfvk,
            const std::vector<unsigned char> &vchCryptedSecret);
    bool HaveSpendingKeyForPaymentAddress(const libzcash::SaplingPaymentAddress &zaddr) const;
    bool PaymentAddressBelongsToWallet(const libzcash::SaplingPaymentAddress &zaddr) const;
 
    bool LoadSaplingZKey(const libzcash::SaplingExtendedSpendingKey &key);
    bool LoadSaplingZKeyMetadata(const libzcash::SaplingIncomingViewingKey &ivk, const CKeyMetadata &meta);
    bool LoadCryptedSaplingZKey(const libzcash::SaplingExtendedFullViewingKey &extfvk,
                                const std::vector<unsigned char> &vchCryptedSecret);
    bool LoadSaplingPaymentAddress(
            const libzcash::SaplingPaymentAddress &addr,
            const libzcash::SaplingIncomingViewingKey &ivk);
    bool AddSaplingSpendingKey(const libzcash::SaplingExtendedSpendingKey &sk);
 
    Optional<libzcash::SaplingExtendedFullViewingKey> GetViewingKeyForPaymentAddress(
            const libzcash::SaplingPaymentAddress &addr) const;
 
    Optional<libzcash::SaplingExtendedSpendingKey> GetSpendingKeyForPaymentAddress(const libzcash::SaplingPaymentAddress &addr) const;
 
    std::pair<mapSaplingNoteData_t, SaplingIncomingViewingKeyMap> FindMySaplingNotes(const CTransaction& tx) const;
 
    std::vector<libzcash::SaplingPaymentAddress> FindMySaplingAddresses(const CTransaction& tx) const;
 
    void GetNotes(const std::vector<SaplingOutPoint>& saplingOutpoints,
                  std::vector<SaplingNoteEntry>& saplingEntriesRet) const;
 
    /* Find notes filtered by payment address, min depth, ability to spend and if they are locked */
    void GetFilteredNotes(std::vector<SaplingNoteEntry>& saplingEntries,
        Optional<libzcash::SaplingPaymentAddress>& address,
        int minDepth = 1,
        bool ignoreSpent = true,
        bool requireSpendingKey = true,
        bool ignoreLocked = true) const;
 
    /* Find notes filtered by payment addresses, min depth, max depth, if they are spent,
       if a spending key is required, and if they are locked */
    void GetFilteredNotes(std::vector<SaplingNoteEntry>& saplingEntries,
                          std::set<libzcash::PaymentAddress>& filterAddresses,
                          int minDepth=1,
                          int maxDepth=INT_MAX,
                          bool ignoreSpent=true,
                          bool requireSpendingKey=true,
                          bool ignoreLocked=true) const;
 
    /* Return list of available notes grouped by sapling address. */
    std::map<libzcash::SaplingPaymentAddress, std::vector<SaplingNoteEntry>> ListNotes() const;
 
    Optional<libzcash::SaplingPaymentAddress> GetAddressFromInputIfPossible(const CWalletTx* wtx, int index) const;
    Optional<libzcash::SaplingPaymentAddress> GetAddressFromInputIfPossible(const uint256& txHash, int index) const;
 
    bool IsSaplingNullifierFromMe(const uint256& nullifier) const;
 
    void GetSaplingNoteWitnesses(
            const std::vector<SaplingOutPoint>& notes,
            std::vector<Optional<SaplingWitness>>& witnesses,
            uint256& final_anchor) const;
 
    std::set<std::pair<libzcash::PaymentAddress, uint256>> GetNullifiersForAddresses(const std::set<libzcash::PaymentAddress> & addresses) const;
    bool IsNoteSaplingChange(const std::set<std::pair<libzcash::PaymentAddress, uint256>>& nullifierSet, const libzcash::PaymentAddress& address, const SaplingOutPoint& entry) const;
 
    Optional<std::pair<
            libzcash::SaplingNotePlaintext,
            libzcash::SaplingPaymentAddress>> TryToRecoverNote(const CWalletTx& tx, const SaplingOutPoint& op);
 
    isminetype IsMine(const CWalletTx& wtx, const SaplingOutPoint& op) const;
    Optional<libzcash::SaplingPaymentAddress> GetOutPointAddress(const CWalletTx& tx, const SaplingOutPoint& op) const;
    CAmount GetOutPointValue(const CWalletTx& tx, const SaplingOutPoint& op) const;
    Optional<std::string> GetOutPointMemo(const CWalletTx& tx, const SaplingOutPoint& op) const;
    CAmount GetCredit(const CWalletTx& tx, const isminefilter& filter, const bool fUnspent = false) const;
    CAmount GetDebit(const CTransaction& tx, const isminefilter& filter) const;
    CAmount GetShieldedChange(const CWalletTx& wtx) const;
 
    bool IsNoteSaplingChange(const SaplingOutPoint& op, libzcash::SaplingPaymentAddress address) const;
 
    bool UpdatedNoteData(const CWalletTx& wtxIn, CWalletTx& wtx);
 
    void ClearNoteWitnessCache();
 
    // Sapling metadata
    std::map<libzcash::SaplingIncomingViewingKey, CKeyMetadata> mapSaplingZKeyMetadata;
 
    /*
     * Size of the incremental witness cache for the notes in our wallet.
     * This will always be greater than or equal to the size of the largest
     * incremental witness cache in any transaction in mapWallet.
     */
    int64_t nWitnessCacheSize{0};
    bool nWitnessCacheNeedsUpdate{false};
 
    std::map<uint256, SaplingOutPoint> mapSaplingNullifiersToNotes;
 
private:
    /* Map hash nullifiers, list Sapling Witness*/
    std::map<uint256, std::list<SaplingWitness>> cachedWitnessMap;
    int rollbackTargetHeight = -1;
    /* Parent wallet */
    CWallet* wallet{nullptr};
    /* the HD chain data model (external/internal chain counters) */
    CHDChain hdChain;
    /* cached common OVK for sapling spends from t addresses */
    Optional<uint256> commonOVK;
    uint256 getCommonOVKFromSeed() const;
 
 
    typedef std::multimap<uint256, uint256> TxNullifiers;
    TxNullifiers mapTxSaplingNullifiers;
};
 
#endif // PIVX_SAPLING_SAPLINGSCRIPTPUBKEYMAN_H