Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,17 @@ concurrency:

jobs:
vk-history:
name: Verify TOKEN_TRANSFER_ID is documented in VK_HISTORY.md
name: Verify TOKEN_TRANSFER_ID(s) are documented in VK_HISTORY.md
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Check VK history
- name: Check VK history (v1)
run: ./scripts/check-vk-history.sh

- name: Check VK history (v2)
run: ./scripts/check-vk-history-v2.sh

fmt:
name: Format checks
runs-on: ubuntu-latest
Expand All @@ -39,6 +42,10 @@ jobs:
working-directory: transfer_circuit
run: cargo fmt --all --check

- name: cargo fmt (transfer_circuit_v2)
working-directory: transfer_circuit_v2
run: cargo fmt --all --check

- name: Install taplo
uses: taiki-e/install-action@v2
with:
Expand Down
44 changes: 41 additions & 3 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 11 additions & 3 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
[workspace]
exclude = ["transfer_circuit"]
members = ["transfer_witness", "transfer_library"]
exclude = ["transfer_circuit", "transfer_circuit_v2"]
members = [
"transfer_witness",
"transfer_witness_v2",
"transfer_library",
"transfer_library_v2",
]
resolver = "3"

[workspace.package]
Expand All @@ -15,7 +20,7 @@ version = "1.0.0"
# `default-features = false`: only the dep-free `external_call` wire types are
# used. Dropping the default `solana-program`/`anchor-lang` features keeps that
# stack out of the RISC Zero guest, which can't cross-compile it.
anoma-pa-solana-client = { git = "https://github.com/anoma/anoma-pa-solana-client", rev = "2c42023e6608431f1f0036ff4ffa2a23c5457471", default-features = false }
anoma-pa-solana-client = { git = "https://github.com/anoma/anoma-pa-solana-client", rev = "937553929595d13c6a49d77552b3ee89b33929a3", default-features = false }
anoma-rm-risc0 = { git = "https://github.com/anoma/arm-risc0", tag = "solana-v1.2.0", default-features = false }
anoma-rm-risc0-gadgets = { git = "https://github.com/anoma/arm-risc0", tag = "solana-v1.2.0" }
bincode = "1.3.3"
Expand All @@ -25,8 +30,11 @@ lazy_static = "1.5.0"
rand = "0.9.2"
serde = { version = "1.0", features = ["derive"] }
serde_with = { version = "3.0", features = ["hex", "base64"] }
sha3 = "0.10"
transfer_library = { path = "transfer_library" }
transfer_library_v2 = { path = "transfer_library_v2" }
transfer_witness = { path = "transfer_witness" }
transfer_witness_v2 = { path = "transfer_witness_v2" }

# Always optimize; building and running the guest takes much longer without optimization.
[profile.dev]
Expand Down
14 changes: 11 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,19 @@ not share the host workspace's lockfile or profile.

```
.
├── transfer_witness/ # witness data + resource-logic constraints
├── transfer_library/ # host API: TransferLogic, embedded guest ELF + ImageID
└── transfer_circuit/ # RISC Zero guest program (excluded workspace)
├── transfer_witness/ # witness data + resource-logic constraints
├── transfer_witness_v2/ # v2 witness: adds migration support
├── transfer_library/ # host API: TransferLogic, embedded guest ELF + ImageID
├── transfer_library_v2/ # v2 host API: TransferLogicV2 + migration tx builder
├── transfer_circuit/ # RISC Zero guest program (excluded workspace)
└── transfer_circuit_v2/ # v2 RISC Zero guest program (excluded workspace)
```

The `*_v2` crates mirror their v1 counterparts and add **migration** support for
moving a v1 resource to v2. They reuse the v1 building blocks directly, so v2 only
adds what changes: the `Migrate` call type and the migration constraint/forwarder
call. See [`transfer_witness_v2`](transfer_witness_v2) for details.

### Dependency graph

```
Expand Down
54 changes: 54 additions & 0 deletions scripts/check-vk-history-v2.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
#!/usr/bin/env bash
#
# Refuse to ship a TOKEN_TRANSFER_V2_ID change without a matching entry in
# transfer_library_v2/VK_HISTORY.md.
#
# Run from repo root: ./scripts/check-vk-history-v2.sh
#
# The check is deliberately simple — it does not look at git diffs or base
# refs, just confirms that whatever VK is currently in lib.rs appears in
# the history file. That makes it robust to PR vs. push events, to merges,
# and to local runs. The author's commitment is the *entry*; CI just
# enforces that the entry exists.
set -euo pipefail

LIB_RS="transfer_library_v2/src/lib.rs"
HISTORY="transfer_library_v2/VK_HISTORY.md"

if [[ ! -f "$LIB_RS" ]]; then
echo "❌ $LIB_RS not found. Run from repo root." >&2
exit 1
fi
if [[ ! -f "$HISTORY" ]]; then
echo "❌ $HISTORY not found." >&2
exit 1
fi

# Extract the 64-hex VK passed to Digest::from_hex(...) on the
# TOKEN_TRANSFER_V2_ID line. The line we expect looks like:
# Digest::from_hex("e76734b0...defa65")
current_vk="$(grep -oE '"[0-9a-f]{64}"' "$LIB_RS" | head -1 | tr -d '"')"
if [[ -z "$current_vk" ]]; then
echo "❌ Could not find a 64-hex VK literal in $LIB_RS." >&2
echo " Expected pattern: Digest::from_hex(\"<64 hex chars>\")" >&2
exit 1
fi

# History entries embed the VK in backtick-fenced code spans:
# | `<64-hex>` | ... |
if ! grep -qE "\`${current_vk}\`" "$HISTORY"; then
echo "❌ TOKEN_TRANSFER_V2_ID in $LIB_RS does not appear in $HISTORY." >&2
echo "" >&2
echo " Current VK: $current_vk" >&2
echo "" >&2
echo " Every change to TOKEN_TRANSFER_V2_ID orphans persistent shielded" >&2
echo " resources minted under the prior VK. Add an entry to" >&2
echo " $HISTORY documenting why this rotation is happening and how" >&2
echo " holders of pre-bump resources will spend or recover them." >&2
echo "" >&2
echo " See the 'Process for adding a new VK' section at the bottom" >&2
echo " of $HISTORY for the expected format." >&2
exit 1
fi

echo "✅ TOKEN_TRANSFER_V2_ID is documented in $HISTORY: $current_vk"
7 changes: 6 additions & 1 deletion taplo.toml
Original file line number Diff line number Diff line change
@@ -1,10 +1,15 @@
include = [
"Cargo.toml",
"transfer_witness/Cargo.toml",
"transfer_witness_v2/Cargo.toml",
"transfer_library/Cargo.toml",
"transfer_library_v2/Cargo.toml",
"transfer_circuit/Cargo.toml",
"transfer_circuit/methods/Cargo.toml",
"transfer_circuit/methods/guest/Cargo.toml"
"transfer_circuit/methods/guest/Cargo.toml",
"transfer_circuit_v2/Cargo.toml",
"transfer_circuit_v2/methods/Cargo.toml",
"transfer_circuit_v2/methods/guest/Cargo.toml"
]

[formatting]
Expand Down
Loading
Loading