From 23f69e9b15e6fc6df79006d95bc3ce517778a906 Mon Sep 17 00:00:00 2001
From: Dr Maxim Orlovsky <orlovsky@lnp-bp.org>
Date: Mon, 14 Oct 2024 12:48:34 +0200
Subject: [PATCH] mpc: add merklization method information

to be used in a future for more zk-friendly merkjlization hash functions
---
 commit_verify/src/mpc/atoms.rs |  17 +++++++++++
 commit_verify/src/mpc/block.rs |  14 ++++++++-
 commit_verify/src/mpc/mod.rs   |   2 +-
 commit_verify/src/mpc/tree.rs  |   7 ++++-
 commit_verify/src/stl.rs       |   2 +-
 stl/CommitVerify@0.1.0.sta     |  50 +++++++++++++++++----------------
 stl/CommitVerify@0.1.0.stl     | Bin 1550 -> 1688 bytes
 stl/CommitVerify@0.1.0.sty     |  21 +++++++++-----
 stl/Merkle.vesper              |   2 ++
 9 files changed, 80 insertions(+), 35 deletions(-)

diff --git a/commit_verify/src/mpc/atoms.rs b/commit_verify/src/mpc/atoms.rs
index 00c03448..43a6745a 100644
--- a/commit_verify/src/mpc/atoms.rs
+++ b/commit_verify/src/mpc/atoms.rs
@@ -30,6 +30,21 @@ use crate::{CommitmentId, DigestExt};
 
 pub const MPC_MINIMAL_DEPTH: u5 = u5::with(3);
 
+#[derive(Copy, Clone, Ord, PartialOrd, Eq, PartialEq, Hash, Debug, Display, Default)]
+#[display(lowercase)]
+#[derive(StrictType, StrictEncode, StrictDecode)]
+#[strict_type(lib = crate::LIB_NAME_COMMIT_VERIFY, tags = repr, try_from_u8, into_u8)]
+#[cfg_attr(
+    feature = "serde",
+    derive(Serialize, Deserialize),
+    serde(crate = "serde_crate", rename_all = "camelCase")
+)]
+#[repr(u8)]
+pub enum Method {
+    #[default]
+    Sha256t = 0,
+}
+
 /// Map from protocol ids to commitment messages.
 pub type MessageMap = MediumOrdMap<ProtocolId, Message>;
 
@@ -149,6 +164,7 @@ impl From<Sha256> for Commitment {
 /// Structured source multi-message data for commitment creation
 #[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Hash, Debug)]
 pub struct MultiSource {
+    pub method: Method,
     /// Minimal depth of the created LNPBP-4 commitment tree
     pub min_depth: u5,
     /// Map of the messages by their respective protocol ids
@@ -160,6 +176,7 @@ impl Default for MultiSource {
     #[inline]
     fn default() -> Self {
         MultiSource {
+            method: Default::default(),
             min_depth: MPC_MINIMAL_DEPTH,
             messages: Default::default(),
             static_entropy: None,
diff --git a/commit_verify/src/mpc/block.rs b/commit_verify/src/mpc/block.rs
index 229d364e..962ef6aa 100644
--- a/commit_verify/src/mpc/block.rs
+++ b/commit_verify/src/mpc/block.rs
@@ -32,7 +32,7 @@ use crate::id::CommitId;
 use crate::merkle::{MerkleBuoy, MerkleHash};
 use crate::mpc::atoms::Leaf;
 use crate::mpc::tree::protocol_id_pos;
-use crate::mpc::{Commitment, MerkleTree, Message, MessageMap, Proof, ProtocolId};
+use crate::mpc::{Commitment, MerkleTree, Message, MessageMap, Method, Proof, ProtocolId};
 use crate::{Conceal, LIB_NAME_COMMIT_VERIFY};
 
 /// commitment under protocol id {0} is absent from the known part of a given
@@ -165,6 +165,10 @@ impl Conceal for MerkleConcealed {
 #[commit_encode(crate = crate, strategy = conceal, id = Commitment)]
 #[cfg_attr(feature = "serde", derive(Serialize, Deserialize), serde(crate = "serde_crate"))]
 pub struct MerkleBlock {
+    /// Method used to construct MPC proof (hash function, merklization).
+    #[getter(as_copy)]
+    method: Method,
+
     /// Tree depth (up to 16).
     #[getter(as_copy)]
     depth: u5,
@@ -187,6 +191,7 @@ pub struct MerkleBlock {
 impl StrictDumb for MerkleBlock {
     fn strict_dumb() -> Self {
         MerkleBlock {
+            method: Method::Sha256t,
             depth: u5::ONE,
             cofactor: 0,
             cross_section: NonEmptyVec::with(TreeNode::strict_dumb()),
@@ -221,6 +226,7 @@ impl From<&MerkleTree> for MerkleBlock {
             NonEmptyVec::try_from_iter(iter).expect("tree width guarantees are broken");
 
         MerkleBlock {
+            method: tree.method,
             depth: tree.depth,
             cofactor: tree.cofactor,
             cross_section,
@@ -281,6 +287,7 @@ impl MerkleBlock {
             NonEmptyVec::try_from(cross_section).expect("tree width guarantees are broken");
 
         Ok(MerkleBlock {
+            method: proof.method,
             depth: u5::with(path.len() as u8),
             cofactor: proof.cofactor,
             cross_section,
@@ -576,6 +583,7 @@ Changed commitment id: {}",
             "MerkleBlock conceal procedure is broken"
         );
         Ok(MerkleProof {
+            method: self.method,
             pos: self.protocol_id_pos(protocol_id),
             cofactor: self.cofactor,
             path: Confined::try_from_iter(map.into_values())
@@ -650,6 +658,10 @@ impl Conceal for MerkleBlock {
 #[strict_type(lib = LIB_NAME_COMMIT_VERIFY)]
 #[cfg_attr(feature = "serde", derive(Serialize, Deserialize), serde(crate = "serde_crate"))]
 pub struct MerkleProof {
+    /// Method used to construct MPC proof (hash function, merklization).
+    #[getter(as_copy)]
+    method: Method,
+
     /// Position of the leaf in the tree.
     ///
     /// Used to determine chirality of the node hashing partners on each step
diff --git a/commit_verify/src/mpc/mod.rs b/commit_verify/src/mpc/mod.rs
index c733263f..3044e0bd 100644
--- a/commit_verify/src/mpc/mod.rs
+++ b/commit_verify/src/mpc/mod.rs
@@ -28,7 +28,7 @@ mod tree;
 mod block;
 
 pub use atoms::{
-    Commitment, Leaf, Message, MessageMap, MultiSource, ProtocolId, MPC_MINIMAL_DEPTH,
+    Commitment, Leaf, Message, MessageMap, Method, MultiSource, ProtocolId, MPC_MINIMAL_DEPTH,
 };
 pub use block::{
     InvalidProof, LeafNotKnown, MergeError, MerkleBlock, MerkleConcealed, MerkleProof,
diff --git a/commit_verify/src/mpc/tree.rs b/commit_verify/src/mpc/tree.rs
index 26c6d267..3a7debda 100644
--- a/commit_verify/src/mpc/tree.rs
+++ b/commit_verify/src/mpc/tree.rs
@@ -27,7 +27,7 @@ pub use self::commit::Error;
 use crate::merkle::MerkleHash;
 use crate::mpc::atoms::Leaf;
 use crate::mpc::{
-    Commitment, MerkleBlock, MerkleConcealed, Message, MessageMap, Proof, ProtocolId,
+    Commitment, MerkleBlock, MerkleConcealed, Message, MessageMap, Method, Proof, ProtocolId,
 };
 use crate::{CommitId, Conceal, LIB_NAME_COMMIT_VERIFY};
 
@@ -44,6 +44,9 @@ type OrderedMap = MediumOrdMap<u32, (ProtocolId, Message)>;
 #[derive(CommitEncode)]
 #[commit_encode(crate = crate, strategy = conceal, id = Commitment)]
 pub struct MerkleTree {
+    /// Method used to construct MPC proof (hash function, merklization).
+    pub(super) method: Method,
+
     /// Tree depth (up to 32).
     pub(super) depth: u5,
 
@@ -155,6 +158,7 @@ mod commit {
                             map.insert(pos, (*protocol, *message)).is_none()
                         }) {
                             return Ok(MerkleTree {
+                                method: source.method,
                                 depth,
                                 entropy,
                                 cofactor,
@@ -244,6 +248,7 @@ pub(crate) mod test_helpers {
 
     pub fn make_random_tree(msgs: &BTreeMap<ProtocolId, Message>) -> MerkleTree {
         let src = MultiSource {
+            method: Method::Sha256t,
             min_depth: u5::ZERO,
             messages: Confined::try_from_iter(msgs.iter().map(|(a, b)| (*a, *b))).unwrap(),
             static_entropy: None,
diff --git a/commit_verify/src/stl.rs b/commit_verify/src/stl.rs
index 4fcd398e..17a3a492 100644
--- a/commit_verify/src/stl.rs
+++ b/commit_verify/src/stl.rs
@@ -24,7 +24,7 @@ use strict_types::{CompileError, LibBuilder, TypeLib};
 use crate::{mpc, MerkleHash, MerkleNode, ReservedBytes, StrictHash, LIB_NAME_COMMIT_VERIFY};
 
 pub const LIB_ID_COMMIT_VERIFY: &str =
-    "stl:egMd32l9-y$Kod0o-$FRcNAV-Q4U$O5h-pskW9YM-$irF0yY#miller-pancake-elastic";
+    "stl:t1xwwwIz-fgj0c!P-$Kh8oaL-qrthWrM-dxqldh6-qLoQ4Pk#escort-between-doctor";
 
 fn _commit_verify_stl() -> Result<TypeLib, CompileError> {
     LibBuilder::new(libname!(LIB_NAME_COMMIT_VERIFY), tiny_bset! {
diff --git a/stl/CommitVerify@0.1.0.sta b/stl/CommitVerify@0.1.0.sta
index 5af897f2..45d9439f 100644
--- a/stl/CommitVerify@0.1.0.sta
+++ b/stl/CommitVerify@0.1.0.sta
@@ -1,34 +1,36 @@
 -----BEGIN STRICT TYPE LIB-----
-Id: stl:egMd32l9-y$Kod0o-$FRcNAV-Q4U$O5h-pskW9YM-$irF0yY#miller-pancake-elastic
+Id: stl:t1xwwwIz-fgj0c!P-$Kh8oaL-qrthWrM-dxqldh6-qLoQ4Pk#escort-between-doctor
 Name: CommitVerify
 Dependencies: Std#ralph-blue-lucky
-Check-SHA256: ce5ec3f773efffb6535247e84c9da1bfc1656c1a35c616832abf5eecaa5feb44
+Check-SHA256: 4ec05430ba720c208d7a88e5bf0e66cd3660dbd2fd7695c6209acb19591e3a7d
 
 3`1{iZE18?WpZg|c>&5S9&dx0-7pM3Z=O*v*GCA9fL-<|HrZsA`NnJlR3`&dbYuYoQ*>kj0A^Tl*p6J$
-36SYb7g#;qpQBTpwL(~+!(f@;t~vt?k^)sV5C958Z*6U9bZupBbOiwb2LJ#-AOHkRWnpFn0uTvlZfId*
+36SYb7g#;qpQBTpwL(~+!(f@;t~vt?k^)sV5daE9Z*6U9bZupBbOiwb2LJ#-AOHkRWnpFn0uTvlZfId*
 X>?^|00sgGaB^>SZ)0z40Wg(*<{e=)S-S-Y<l(P9Y9YVY`}-X+f~R@qMRed+u?KBsb8}&5WdSuesZkZk
 >V@1=_p5>Oab-~jCR3C`SFec^=zG+gvC|O;Wo~qGZ*X}41_B3VZgg^QaCra#2m^3$a{vGY3r%HmYiwmg
-Y;R+01_T9UWpH$80?I5NZ-bfLFbqC#o>4E?M+l67UG^w8*<_XZ#%uyqCuUf1*p6J$36SYb7g#;qpQBTp
-wL(~+!(f@;t~vt?k_cmOW?^G=Z*l+t0t{nvZ*y}~Wn*+{Z*Bkx0ob*<mh)A>-9G+(AKhLw+s!eDmlO2>
-&}_PPHjCBJR{;P3000000RR90{{R3000(7mbaHQSc>n|g00eGtZe;)f009JZZ*64&1pxp62oFtVa%*g5
-LvL<lWnpY(WCjBTWMy!4XadSC9&dx0-7pM3Z=O*v*GCA9fL-<|HrZsA`NnJlR3~OwaM+Gq(Fu_0Ocz)^
-+@GUUoV7w&pu=F9->y0X3z7(9Z)Ra*bZ>G100IhaWpZn5Wm0c%bOAV?Lxv|61vo|<S$`kJ6oIZx{|tq&
-1{dNqe!iO(;xh_OWpZn5Wk_LjXaxZP2LJ#-AOH$YWpZn5WlnEoWd;QaVsc?_V`yn^X92rRZVMaW&~7|@
-gsWfrZu6=j^mo<V(`CxWoOXX=OTq<YWpH$800036cWGpFXaE2p1#WL-WibIbo<oKw6$Lm(8(DuJ#T0?A
-O#cjpum%_6G=9FD72-1mZf|5|G66WALxv|61vo|<S$`kJ6oIZx{|tq&1{dNqe!iO(;xh|PWpZn5Wl(Z&
-Z)OGq18{G1000CCV{c|*V{~tF00066aA9<400;p%o<oKw6$Lm(8(DuJ#T0?AO#cjpum%_6G=9FD72-1h
-000000000W000000000AO=WUxY-Ln(Wn~5h1!QG#bZ7#~EFN!zncXl9K5w2;FV{y1jDTJCC^p$-mHEbO
-0#qkvSa8^mT+s=T=}Z?`J=~w8Q=GLzSfImTncuED0}GM|Wo~qGZ*X}400;<UZ)Ra*bZ>G100IbYWpi_3
-XJvB$3IQ;ce&!uvG+Da^2;||fJ!&Dp*8BS%F@mRg<wbPhR<Qv!H>pt-$m)gMQunKY@^NKR1twFJLRYVe
-6X<)?o3YaX0000000030|Nj6000003ZDDW#3IG5E00ja8FqMAh9bq(Cy9Eg3;jcYvA-~r9`yDZYr+MW?
-bl_I80W~+NQ5DGQh1^p2tAX-yWl;qtQ<OqiuZa`rd(@k;(*OVf000000RR900000000&KFb8}&5Wd#8M
-2LJ#-AOH<cZ)9aca$#;`XlZU|0|NwhZ)s!z26Jg{XKZBw24ZqyZewTy3Q%%ybZ=vCY)NDV0RRU806-uB
-4pL=vWpZ|9WI}m#WpgnF0RRU806+l%4pL=vWpZ|9WI}m#WpgqG0RRU806+o&4pL=vWpZ|9WI}m#WpgwI
-0RRU806+u)3R84)X=8LqVRL8&0RRU806-uB2vl-qWlnEoWds5M4P$R^V`X7%Wn@loWMu#b0tIAcaCB$_
-$}AplgPGkh3_fq3Q7_j=2#kPT_9!;lWR>~GYywm#W>|38j$F|Rkm*bpSUudIqf?x<LRg@~V42^pIs*%m
-1ZZJ%XaP8$Lxv|61vo|<S$`kJ6oIZx{|tq&1{dNqe!iO(;xhpbV{dJ3X>@I6Zgfm#VP*gZ0t#?)Z**^C
-Z){0q0Wg(*<{e=)S-S-Y<l(P9Y9YVY`}-X+f~R@qMRed+u?KBsb8}&5WdSuesZkZk>V@1=_p5>Oab-~j
-CR3C`SFec^=zG+gvC{
+Y;R+01_cIfWprq7WB~(WnmCQUKfIKMdeaUn;%i1on4VMq8@@As0m&QqLVg8gWpH$80?I5NZ-bfLFbqC#
+o>4E?M+l67UG^w8*<_XZ#%uyqCuUf1*p6J$36SYb7g#;qpQBTpwL(~+!(f@;t~vt?k_cmOW?^G=Z*l+t
+0t{nvZ*y}~Wn*+{Z*Bkx0ob*<mh)A>-9G+(AKhLw+s!eDmlO2>&}_PPHjCBJR{;P3000000RR90{{R30
+00(7mbaHQSc>n|g00eGtZe;)f009JZZ*64&1pxp62oFtVa%*g5LvL<lWnpY(WCjBTWMy!4XadSC9&dx0
+-7pM3Z=O*v*GCA9fL-<|HrZsA`NnJlR3~OwaM+Gq(Fu_0Ocz)^+@GUUoV7w&pu=F9->y0X3z7(9Z)Ra*
+bZ>G100IhaWpZn5Wm0c%bOAV?Lxv|61vo|<S$`kJ6oIZx{|tq&1{dNqe!iO(;xh_OWpZn5Wk_LjXaxZP
+2LJ#-AOH$YWpZn5WlnEoWd;QaVsc?_V`yn^X92rRZVMaW&~7|@gsWfrZu6=j^mo<V(`CxWoOXX=OTq<Y
+WpH$800036cWGpFXaE2p1#WL-WibIbo<oKw6$Lm(8(DuJ#T0?AO#cjpum%_6G=9FD72-1mZf|5|G66WA
+Lxv|61vo|<S$`kJ6oIZx{|tq&1{dNqe!iO(;xh|PWpZn5Wl(Z&Z)OGr25n_@Xm4Zz17eyujlDm-l!bcJ
+4l3enMo5^RQ~n#iGkyWd8~8$g18{G1000CCV{c|*V{~tF00066aA9<400;p%o<oKw6$Lm(8(DuJ#T0?A
+O#cjpum%_6G=9FD72-1h000000000W000000000AO=WUxY-Ln(Wn~5i25n_@Xm4Zz17eyujlDm-l!bcJ
+4l3enMo5^RQ~n#iGkyWd8~8$g1!QG#bZ7#~EFN!zncXl9K5w2;FV{y1jDTJCC^p$-mHEbO0#qkvSa8^m
+T+s=T=}Z?`J=~w8Q=GLzSfImTncuED0}GM|Wo~qGZ*X}400;<UZ)Ra*bZ>G100IbYWpi_3XJvB$3IQ;c
+e&!uvG+Da^2;||fJ!&Dp*8BS%F@mRg<wbPhR<Qv!H>pt-$m)gMQunKY@^NKR1twFJLRYVe6X<)?o3YaX
+0000000030|Nj6000003ZDDW#3IG5E00ja8FqMAh9bq(Cy9Eg3;jcYvA-~r9`yDZYr+MW?bl_I80W~+N
+Q5DGQh1^p2tAX-yWl;qtQ<OqiuZa`rd(@k;(*OVf000000RR900000000&KFb8}&5Wd#8M2LJ#-AOHqU
+Wprq7WCH;Qb7)~QH8ykr4Nh-lWkPacZewU^Zf64n1a@y}WB>+pX>Mn1WdR0aa$#;`XaWjQa&L5RV{dFp
+WCZ~L2LJ#-AOH?hWpib6c4cHjd30rSF$Dnt2LJ#-0RRqCWpib6c4cHjd30rSG6ewu2LJ#-0sszDWpib6
+c4cHjd30rSGz9?w2LJ#-1ON(CbaH89bVy-yXaxZP2LJ#-AOHwda%E*sZ)9Zz0sswTZ*F5{VQgh&PH$vo
+00sgDWMy!4XadSC9&dx0-7pM3Z=O*v*GCA9fL-<|HrZsA`NnJlR3~OwaM+Gq(Fu_0Ocz)^+@GUUoV7w&
+pu=F9->y0X3z7tAVRL8!IG#g>Clv)aMjKgwAH@`bu1x<7g|G$};xvA~n-$_S0S;qtZEb0EZDnqBOl4ta
+00sgIaB^>SZ)0z4Nn`;qm44<OVKiC01qkHfuRUrZzt;Qv9WjEZdF4fP;8w8*ZDn(FVP|ClH8-hI70Bv^
++*0?ef%0)>Q3WPbltNdpi4*91)SI!>
 
 -----END STRICT TYPE LIB-----
 
diff --git a/stl/CommitVerify@0.1.0.stl b/stl/CommitVerify@0.1.0.stl
index 6f83b3629b8871b2098e8ede1d13f5e8a235c548..452409e09198de3a7db513b83bb8febcb5761cdc 100644
GIT binary patch
delta 178
zcmeC<nZY|DhEZ^0><Ud*w%pW`jQkWv=A>B`y?gEVOlhsU%%}Az+s$Lfyx@P*`;6-t
zPfGuAs+%0c?7rETaT}v13(;Cwn8P*Mh*iBghFObIkj)qD9A-xL;*3NiQ?ruItt_34
E00mM*lmGw#

delta 39
vcmbQi+s88@hEZT*><UJf&3cS~85x-;hcJgTvQE}xbe}BE@_4fVYX>6$;_wRc

diff --git a/stl/CommitVerify@0.1.0.sty b/stl/CommitVerify@0.1.0.sty
index ab2f6ba6..d8d99ff3 100644
--- a/stl/CommitVerify@0.1.0.sty
+++ b/stl/CommitVerify@0.1.0.sty
@@ -1,5 +1,5 @@
 {-
-  Id: stl:egMd32l9-y$Kod0o-$FRcNAV-Q4U$O5h-pskW9YM-$irF0yY#miller-pancake-elastic
+  Id: stl:t1xwwwIz-fgj0c!P-$Kh8oaL-qrthWrM-dxqldh6-qLoQ4Pk#escort-between-doctor
   Name: CommitVerify
   Version: 0.1.0
   Description: Client-side-validation deterministic commitments
@@ -22,8 +22,9 @@ data Commitment        : [Byte ^ 32]
 data Leaf              : inhabited#16 (protocol ProtocolId, message Message)
                        | entropy (entropy U64, pos U32)
 
-@mnemonic(snake-kitchen-june)
-data MerkleBlock       : depth Std.U5
+@mnemonic(gong-elite-seminar)
+data MerkleBlock       : method Method
+                       , depth Std.U5
                        , cofactor U16
                        , crossSection [TreeNode ^ 1..0xffffffff]
                        , entropy U64?
@@ -43,13 +44,15 @@ data MerkleNode        : branching NodeBranching
                        , node1 MerkleHash
                        , node2 MerkleHash
 
-@mnemonic(potato-rubber-hobby)
-data MerkleProof       : pos U32
+@mnemonic(edison-pablo-orinoco)
+data MerkleProof       : method Method
+                       , pos U32
                        , cofactor U16
                        , path [MerkleHash ^ ..0x20]
 
-@mnemonic(horizon-pigment-dialog)
-data MerkleTree        : depth Std.U5
+@mnemonic(jump-respond-panda)
+data MerkleTree        : method Method
+                       , depth Std.U5
                        , entropy U64
                        , cofactor U16
                        , messages {ProtocolId -> ^ ..0xffffff Message}
@@ -58,6 +61,10 @@ data MerkleTree        : depth Std.U5
 @mnemonic(druid-blitz-rover)
 data Message           : [Byte ^ 32]
 
+@mnemonic(subject-justin-cowboy)
+data Method            : sha256t
+
+
 @mnemonic(member-dexter-price)
 data NodeBranching     : void | single | branch
 
diff --git a/stl/Merkle.vesper b/stl/Merkle.vesper
index c4ee87a0..b8b7ea2e 100644
--- a/stl/Merkle.vesper
+++ b/stl/Merkle.vesper
@@ -52,6 +52,7 @@ Commitment commitment hasher=SHA256 tagged=urn:ubideco:mpc:commitment#2024-01-31
   MerkleConcealed concealed concealed=MerkleConcealed
 
 MerkleBlock rec
+  method enum Method sha256t=0
   depth enum {
     U5 _0=0 _1=1 _2=2 _3=3 _4=4 _5=5 _6=6 _7=7
     _8=8 _9=9 _10=10 _11=11 _12=12 _13=13 _14=14 _15=15
@@ -80,6 +81,7 @@ Commitment commitment hasher=SHA256 tagged=urn:ubideco:mpc:commitment#2024-01-31
   MerkleConcealed concealed concealed=MerkleConcealed
 
 MerkleTree rec
+  method enum Method sha256t=0
   depth enum {
     U5 _0=0 _1=1 _2=2 _3=3 _4=4 _5=5 _6=6 _7=7
     _8=8 _9=9 _10=10 _11=11 _12=12 _13=13 _14=14 _15=15