csv-adapter-core 0.1.1

Chain-agnostic core traits and types for CSV (Client-Side Validation) adapters
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371

//! Seal and Anchor reference types
//!
//! Seals represent single-use rights to authorize state transitions.
//! Anchors represent on-chain references containing commitments.

use alloc::vec::Vec;
use serde::{Deserialize, Serialize};

/// Maximum allowed size for seal identifiers (1KB)
pub const MAX_SEAL_ID_SIZE: usize = 1024;

/// Maximum allowed size for anchor identifiers (1KB)
pub const MAX_ANCHOR_ID_SIZE: usize = 1024;

/// Maximum allowed size for anchor metadata (4KB)
pub const MAX_ANCHOR_METADATA_SIZE: usize = 4096;

/// A reference to a single-use seal
///
/// The concrete meaning is chain-specific:
/// - Bitcoin: UTXO OutPoint
/// - Ethereum: Contract address + storage slot
/// - Sui: Object ID
/// - Aptos: Resource address + key
#[derive(Clone, Debug, PartialEq, Eq, Hash, Serialize, Deserialize)]
pub struct SealRef {
    /// Chain-specific seal identifier
    pub seal_id: Vec<u8>,
    /// Optional nonce for replay resistance
    pub nonce: Option<u64>,
}

impl SealRef {
    /// Create a new SealRef from raw bytes
    ///
    /// # Arguments
    /// * `seal_id` - Chain-specific seal identifier (max 1KB)
    /// * `nonce` - Optional nonce for replay resistance
    ///
    /// # Errors
    /// Returns an error if the seal_id exceeds the maximum allowed size
    pub fn new(seal_id: Vec<u8>, nonce: Option<u64>) -> Result<Self, &'static str> {
        if seal_id.len() > MAX_SEAL_ID_SIZE {
            return Err("seal_id exceeds maximum allowed size (1KB)");
        }
        if seal_id.is_empty() {
            return Err("seal_id cannot be empty");
        }
        Ok(Self { seal_id, nonce })
    }

    /// Create a new SealRef without validation.
    ///
    /// # Safety
    /// This bypasses size validation. Use only for internal protocol conversions
    /// where the input is already known to be valid.
    pub fn new_unchecked(seal_id: Vec<u8>, nonce: Option<u64>) -> Self {
        Self { seal_id, nonce }
    }

    /// Serialize to bytes
    ///
    /// Format: `[nonce_flag(1) | nonce_bytes(8 if flag=1) | seal_id_len(varuint) | seal_id]`
    /// The nonce_flag is 1 for `Some(nonce)`, 0 for `None`.
    pub fn to_vec(&self) -> Vec<u8> {
        let mut out = Vec::with_capacity(9 + self.seal_id.len());
        if let Some(nonce) = self.nonce {
            out.push(1);
            out.extend_from_slice(&nonce.to_le_bytes());
        } else {
            out.push(0);
        }
        out.extend_from_slice(&(self.seal_id.len() as u32).to_le_bytes());
        out.extend_from_slice(&self.seal_id);
        out
    }

    /// Deserialize from bytes
    ///
    /// # Errors
    /// Returns an error if the bytes are malformed or seal_id exceeds the maximum allowed size.
    pub fn from_bytes(bytes: &[u8]) -> Result<Self, &'static str> {
        if bytes.is_empty() {
            return Err("empty bytes");
        }
        let mut pos = 0;

        let nonce = match bytes[pos] {
            0 => {
                pos += 1;
                None
            }
            1 => {
                pos += 1;
                if bytes.len() < pos + 8 {
                    return Err("truncated nonce");
                }
                let nonce_bytes: [u8; 8] = bytes[pos..pos + 8]
                    .try_into()
                    .map_err(|_| "truncated nonce")?;
                pos += 8;
                Some(u64::from_le_bytes(nonce_bytes))
            }
            _ => return Err("invalid nonce flag"),
        };

        if bytes.len() < pos + 4 {
            return Err("truncated seal_id length");
        }
        let seal_id_len = u32::from_le_bytes(
            bytes[pos..pos + 4]
                .try_into()
                .map_err(|_| "truncated seal_id length")?,
        ) as usize;
        pos += 4;

        if seal_id_len > MAX_SEAL_ID_SIZE {
            return Err("seal_id exceeds maximum allowed size (1KB)");
        }
        if seal_id_len == 0 {
            return Err("seal_id cannot be empty");
        }
        if bytes.len() < pos + seal_id_len {
            return Err("truncated seal_id");
        }
        let seal_id = bytes[pos..pos + seal_id_len].to_vec();

        Ok(Self { seal_id, nonce })
    }
}

/// A reference to an on-chain anchor containing a commitment
///
/// The concrete meaning is chain-specific:
/// - Bitcoin: Transaction ID + output index
/// - Ethereum: Transaction hash + log index
/// - Sui: Object ID + version
#[derive(Clone, Debug, PartialEq, Eq, Hash, Serialize, Deserialize)]
pub struct AnchorRef {
    /// Chain-specific anchor identifier
    pub anchor_id: Vec<u8>,
    /// Block height or equivalent ordering
    pub block_height: u64,
    /// Optional chain-specific metadata
    pub metadata: Vec<u8>,
}

impl AnchorRef {
    /// Create a new AnchorRef
    ///
    /// # Arguments
    /// * `anchor_id` - Chain-specific anchor identifier (max 1KB)
    /// * `block_height` - Block height or equivalent ordering
    /// * `metadata` - Optional chain-specific metadata (max 4KB)
    ///
    /// # Errors
    /// Returns an error if anchor_id or metadata exceeds the maximum allowed size
    pub fn new(
        anchor_id: Vec<u8>,
        block_height: u64,
        metadata: Vec<u8>,
    ) -> Result<Self, &'static str> {
        if anchor_id.len() > MAX_ANCHOR_ID_SIZE {
            return Err("anchor_id exceeds maximum allowed size (1KB)");
        }
        if anchor_id.is_empty() {
            return Err("anchor_id cannot be empty");
        }
        if metadata.len() > MAX_ANCHOR_METADATA_SIZE {
            return Err("metadata exceeds maximum allowed size (4KB)");
        }
        Ok(Self {
            anchor_id,
            block_height,
            metadata,
        })
    }

    /// Create a new $1 without validation.
    ///
    /// # Safety
    /// This bypasses validation. Use only for internal protocol conversions.
    ///
    /// # Safety
    /// This bypasses size validation and should only be used when
    /// the input is already known to be valid.
    pub fn new_unchecked(anchor_id: Vec<u8>, block_height: u64, metadata: Vec<u8>) -> Self {
        Self {
            anchor_id,
            block_height,
            metadata,
        }
    }

    /// Serialize to bytes
    pub fn to_vec(&self) -> Vec<u8> {
        let mut out = Vec::with_capacity(8 + self.anchor_id.len() + self.metadata.len());
        out.extend_from_slice(&self.block_height.to_le_bytes());
        out.extend_from_slice(&self.anchor_id);
        out.extend_from_slice(&self.metadata);
        out
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_seal_ref_creation() {
        let seal = SealRef::new(vec![1, 2, 3], Some(42)).unwrap();
        assert_eq!(seal.seal_id, vec![1, 2, 3]);
        assert_eq!(seal.nonce, Some(42));
    }

    #[test]
    fn test_anchor_ref_creation() {
        let anchor = AnchorRef::new(vec![4, 5, 6], 100, vec![7, 8]).unwrap();
        assert_eq!(anchor.anchor_id, vec![4, 5, 6]);
        assert_eq!(anchor.block_height, 100);
        assert_eq!(anchor.metadata, vec![7, 8]);
    }

    #[test]
    fn test_seal_ref_serialization() {
        let seal = SealRef::new(vec![1, 2, 3], Some(42)).unwrap();
        let bytes = seal.to_vec();
        assert!(!bytes.is_empty());
    }

    #[test]
    fn test_seal_ref_roundtrip() {
        // Test with Some(nonce)
        let seal1 = SealRef::new(vec![1, 2, 3], Some(42)).unwrap();
        let bytes1 = seal1.to_vec();
        let restored1 = SealRef::from_bytes(&bytes1).unwrap();
        assert_eq!(restored1.seal_id, vec![1, 2, 3]);
        assert_eq!(restored1.nonce, Some(42));

        // Test with None nonce
        let seal2 = SealRef::new(vec![4, 5, 6], None).unwrap();
        let bytes2 = seal2.to_vec();
        let restored2 = SealRef::from_bytes(&bytes2).unwrap();
        assert_eq!(restored2.seal_id, vec![4, 5, 6]);
        assert_eq!(restored2.nonce, None);

        // Verify that None and Some(0) produce different bytes
        let seal_none = SealRef::new(vec![1, 2, 3], None).unwrap();
        let seal_zero = SealRef::new(vec![1, 2, 3], Some(0)).unwrap();
        assert_ne!(seal_none.to_vec(), seal_zero.to_vec());
    }

    #[test]
    fn test_seal_ref_from_bytes_errors() {
        // Empty bytes
        assert_eq!(SealRef::from_bytes(&[]), Err("empty bytes"));

        // Invalid nonce flag
        assert_eq!(SealRef::from_bytes(&[5]), Err("invalid nonce flag"));

        // Truncated nonce
        assert_eq!(SealRef::from_bytes(&[1, 0, 0]), Err("truncated nonce"));

        // Truncated seal_id length
        assert_eq!(SealRef::from_bytes(&[0]), Err("truncated seal_id length"));

        // Truncated seal_id data
        assert_eq!(
            SealRef::from_bytes(&[0, 3, 0, 0, 0, 1]),
            Err("truncated seal_id")
        );

        // Seal_id too large
        let mut large = vec![0, 0x01, 0x04, 0x00, 0x00]; // length 1025
        large.extend(vec![0u8; 1025]);
        assert_eq!(
            SealRef::from_bytes(&large),
            Err("seal_id exceeds maximum allowed size (1KB)")
        );

        // Empty seal_id
        assert_eq!(
            SealRef::from_bytes(&[0, 0, 0, 0, 0]),
            Err("seal_id cannot be empty")
        );
    }

    #[test]
    fn test_anchor_ref_serialization() {
        let anchor = AnchorRef::new(vec![4, 5, 6], 100, vec![7, 8]).unwrap();
        let bytes = anchor.to_vec();
        assert!(!bytes.is_empty());
    }

    #[test]
    fn test_seal_ref_empty_id() {
        let result = SealRef::new(vec![], Some(42));
        assert!(result.is_err());
        assert_eq!(result.unwrap_err(), "seal_id cannot be empty");
    }

    #[test]
    fn test_seal_ref_too_large() {
        let large_id = vec![0u8; MAX_SEAL_ID_SIZE + 1];
        let result = SealRef::new(large_id, Some(42));
        assert!(result.is_err());
        assert_eq!(
            result.unwrap_err(),
            "seal_id exceeds maximum allowed size (1KB)"
        );
    }

    #[test]
    fn test_seal_ref_at_max_size() {
        let max_id = vec![0u8; MAX_SEAL_ID_SIZE];
        let result = SealRef::new(max_id, Some(42));
        assert!(result.is_ok());
    }

    #[test]
    fn test_anchor_ref_empty_id() {
        let result = AnchorRef::new(vec![], 100, vec![7, 8]);
        assert!(result.is_err());
        assert_eq!(result.unwrap_err(), "anchor_id cannot be empty");
    }

    #[test]
    fn test_anchor_ref_id_too_large() {
        let large_id = vec![0u8; MAX_ANCHOR_ID_SIZE + 1];
        let result = AnchorRef::new(large_id, 100, vec![7, 8]);
        assert!(result.is_err());
        assert_eq!(
            result.unwrap_err(),
            "anchor_id exceeds maximum allowed size (1KB)"
        );
    }

    #[test]
    fn test_anchor_ref_metadata_too_large() {
        let large_metadata = vec![0u8; MAX_ANCHOR_METADATA_SIZE + 1];
        let result = AnchorRef::new(vec![1, 2, 3], 100, large_metadata);
        assert!(result.is_err());
        assert_eq!(
            result.unwrap_err(),
            "metadata exceeds maximum allowed size (4KB)"
        );
    }

    #[test]
    fn test_anchor_ref_at_max_sizes() {
        let max_id = vec![0u8; MAX_ANCHOR_ID_SIZE];
        let max_metadata = vec![0u8; MAX_ANCHOR_METADATA_SIZE];
        let result = AnchorRef::new(max_id, 100, max_metadata);
        assert!(result.is_ok());
    }

    #[test]
    fn test_seal_ref_new_unchecked() {
        let seal = SealRef::new_unchecked(vec![1, 2, 3], Some(42));
        assert_eq!(seal.seal_id, vec![1, 2, 3]);
        assert_eq!(seal.nonce, Some(42));
    }

    #[test]
    fn test_anchor_ref_new_unchecked() {
        let anchor = AnchorRef::new_unchecked(vec![4, 5, 6], 100, vec![7, 8]);
        assert_eq!(anchor.anchor_id, vec![4, 5, 6]);
        assert_eq!(anchor.block_height, 100);
        assert_eq!(anchor.metadata, vec![7, 8]);
    }
}