You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All input notes into the transaction must be unique (i.e., have unique note IDs). Currently, we are not checking this because we assume that if some transaction tries to consume the same not twice, it will output two identical nullifiers, and thus, we will catch this in the block kernel (where we update the nullifier tree). But, there are two important considerations:
By the time we get to the block kernel, we already would have done a bunch of work (e.g., including transaction into a batch), and ideally, we should catch and discard such transactions much sooner.
There are might be some nuances of how this works for notes with delayed authentication (I haven't thought through all potential implications).
There are couple of options to address this:
Check input note uniqueness in the transaction kernel. This has a nice guarantee that for every transaction, if the proof verifies, we know all input notes were unique. There is, of course, the cost associated with performing these checks and the question is whether we want the transaction kernel to bear this cost.
Check input note uniqueness in the batch kernel. The overhead of this in Miden VM would probably be the same, but we'd be pushing this complexity down the line expecting that batch kernels would usually be generated on more powerful machines. We can also update TransactionVerifier to perform these checks in Rust to filter out malicious notes.
a. As a side comment, the batch kernel will still need to deal with "cross-transaction" input note uniqueness - i.e., to avoid a situation when some transaction produces a note and two transactions try to consume the same note as unauthenticated note.
My preliminary thinking is that the first approach is better as it is more robust - but this requires more consideration.
The text was updated successfully, but these errors were encountered:
All input notes into the transaction must be unique (i.e., have unique note IDs). Currently, we are not checking this because we assume that if some transaction tries to consume the same not twice, it will output two identical nullifiers, and thus, we will catch this in the block kernel (where we update the nullifier tree). But, there are two important considerations:
There are couple of options to address this:
TransactionVerifier
to perform these checks in Rust to filter out malicious notes.a. As a side comment, the batch kernel will still need to deal with "cross-transaction" input note uniqueness - i.e., to avoid a situation when some transaction produces a note and two transactions try to consume the same note as unauthenticated note.
My preliminary thinking is that the first approach is better as it is more robust - but this requires more consideration.
The text was updated successfully, but these errors were encountered: