Compliance proof¶
Compliance proofs are created by ComplianceProvingSystem
and computed over compliance units. Compliance proofs ensure that the provided state transition complies with the resource machine definitions.
Compliance inputs¶
Instance¶
Name | Type | Description |
---|---|---|
consumed |
List (NullifierRef, RootRef, LogicRefHash) |
Includes nullifiers' references of all consumed resources in the compliance unit, root references, and commitments to logicRef resource components (used for referencing the logicRef without explicitly using the component value) for consumed resources |
created |
List (CommitmentRef, LogicRefHash) |
Commitments' references of all created resources in the compliance unit |
unitDelta |
DeltaHash |
Unit delta |
Witness¶
-
for consumed resources:
1. resource object
r
2.
nullifierKey
3.
CMtree
path4. resource commitment
cm
5. opening of
logicRefHash
(implicitly includeslogicRef
, which is already part of the resource object, and other data used to derivelogicRefHash
, such as randomness) -
for created resources:
-
resource object
r
-
opening of
logicRefHash
-
Note
The instance and witness values are expected to correspond to each other: the first tag in the instance corresponds to the first resource object in the witness, and so on. Note that in the compliance proof, the tag is recomputed from the object to verify that the tag is correct
Compliance constraints¶
Each resource machine compliance proof must check the following:
- Merkle path validity (for non-ephemeral resources only):
CMTree::Verify(cm, path, root) = True
for each resource associated with a nullifier from theconsumedResourceTagSet
-
for each consumed resource
r
:- Nullifier integrity:
r.nullifier(nullifierKey) is in consumedResourceTagSet
- Consumed commitment integrity:
r.commitment() = cm
- Logic integrity:
logicRefHash = hash(r.logicRef, ...)
- Nullifier integrity:
-
for each created resource
r
:- Commitment integrity:
r.commitment() is in createdResourceTagSet
- Logic integrity:
logicRefHash = hash(r.logicRef, ...)
- Delta integrity:
unitDelta = sum(r.delta() for r in consumed) - sum(r.delta() for r in created)
- Commitment integrity:
Note
Kind integrity is checked implicitly in delta checks
Note
[2.3, 3.2]: Combined with checking the logic proofs, logic integrity checks allow to ensure that the logics associated with the resources are satisfied
Note
[2.1, 3.1]: To ensure correct computation of a commitment/nullifier, they have to be recomputed from the raw parameters (resource object and possibly nullifierKey
) and compared to what is provided in the public tag set.
Compliance proofs must be composition-independent: composing two actions, the compliance proof sets can be simply united to provide a valid composed action compliance proof set.