implement zkapp permission fallback for access

glyh · glyh · commit 3350797e17a9 · 2025-12-03T18:04:11.000+08:00
diff --git a/src/lib/mina_base/permissions.ml b/src/lib/mina_base/permissions.ml
@@ -72,6 +72,12 @@ module Auth_required = struct
     | t ->
         t
 
+  let access_perm_fallback_to_signature_with_older_version = function
+    | Proof ->
+        Signature
+    | t ->
+        t
+
   (* permissions such that [check permission (Proof _)] is true *)
   let gen_for_proof_authorization : t Quickcheck.Generator.t =
     Quickcheck.Generator.of_list [ None; Either; Proof ]
@@ -294,11 +300,21 @@ module Auth_required = struct
          that the proof should verify. *)
       (result, `proof_must_verify (didn't_fail_yet &&& not signature_sufficient))
 
+    (* proof/either/impossible -> signature *)
     let verification_key_perm_fallback_to_signature_with_older_version
         ({ signature_sufficient; _ } as t : t) =
       if_
         Pickles.Impls.Step.Boolean.(not signature_sufficient)
         ~then_:(constant Signature) ~else_:t
+
+    (* proof/either -> signature *)
+    let access_perm_fallback_to_signature_with_older_version
+        ({ signature_sufficient; constant = signature_is_constant; _ } as t : t)
+        =
+      if_
+        Pickles.Impls.Step.Boolean.(
+          (not signature_sufficient) && not signature_is_constant)
+        ~then_:(constant Signature) ~else_:t
   end
 
   let typ =
diff --git a/src/lib/mina_base/permissions.mli b/src/lib/mina_base/permissions.mli
@@ -27,6 +27,8 @@ module Auth_required : sig
 
   val verification_key_perm_fallback_to_signature_with_older_version : t -> t
 
+  val access_perm_fallback_to_signature_with_older_version : t -> t
+
   module Checked : sig
     type t
 
@@ -44,6 +46,8 @@ module Auth_required : sig
       -> Boolean.var * [ `proof_must_verify of Boolean.var ]
 
     val verification_key_perm_fallback_to_signature_with_older_version : t -> t
+
+    val access_perm_fallback_to_signature_with_older_version : t -> t
   end
 
   val typ : (Checked.t, t) Typ.t
diff --git a/src/lib/transaction_logic/mina_transaction_logic.ml b/src/lib/transaction_logic/mina_transaction_logic.ml
@@ -1006,6 +1006,10 @@ module Make (L : Ledger_intf.S) :
       let verification_key_perm_fallback_to_signature_with_older_version =
         Permissions.Auth_required
         .verification_key_perm_fallback_to_signature_with_older_version
+
+      let access_perm_fallback_to_signature_with_older_version =
+        Permissions.Auth_required
+        .access_perm_fallback_to_signature_with_older_version
     end
 
     module Txn_version = struct
diff --git a/src/lib/transaction_logic/zkapp_command_logic.ml b/src/lib/transaction_logic/zkapp_command_logic.ml
@@ -550,6 +550,8 @@ module type Controller_intf = sig
   val check : proof_verifies:bool -> signature_verifies:bool -> t -> bool
 
   val verification_key_perm_fallback_to_signature_with_older_version : t -> t
+
+  val access_perm_fallback_to_signature_with_older_version : t -> t
 end
 
 module type Txn_version_intf = sig
@@ -1546,11 +1548,19 @@ module Make (Inputs : Inputs_intf) = struct
        This must be done before updating zkApp fields!
     *)
     let a = Account.make_zkapp a in
+    let auth_with_fallback ~fallback_logic auth =
+      Account.Permissions.set_verification_key_txn_version a
+      |> Txn_version.older_than_current
+      |> Controller.if_ ~then_:(fallback_logic auth) ~else_:auth
+    in
     (* Check that the account can be accessed with the given authorization. *)
     let local_state =
       let has_permission =
-        Controller.check ~proof_verifies ~signature_verifies
-          (Account.Permissions.access a)
+        Account.Permissions.access a
+        |> auth_with_fallback
+             ~fallback_logic:
+               Controller.access_perm_fallback_to_signature_with_older_version
+        |> Controller.check ~proof_verifies ~signature_verifies
       in
       Local_state.add_check local_state Update_not_permitted_access
         has_permission
@@ -1614,21 +1624,13 @@ module Make (Inputs : Inputs_intf) = struct
       let verification_key =
         Account_update.Update.verification_key account_update
       in
-      let older_than_current_version =
-        Txn_version.older_than_current
-          (Account.Permissions.set_verification_key_txn_version a)
-      in
-      let original_auth = Account.Permissions.set_verification_key_auth a in
-      let auth =
-        Controller.if_ older_than_current_version
-          ~then_:
-            (Controller
-             .verification_key_perm_fallback_to_signature_with_older_version
-               original_auth )
-          ~else_:original_auth
-      in
       let has_permission =
-        Controller.check ~proof_verifies ~signature_verifies auth
+        Account.Permissions.set_verification_key_auth a
+        |> auth_with_fallback
+             ~fallback_logic:
+               Controller
+               .verification_key_perm_fallback_to_signature_with_older_version
+        |> Controller.check ~proof_verifies ~signature_verifies
       in
       let local_state =
         Local_state.add_check local_state Update_not_permitted_verification_key
diff --git a/src/lib/transaction_snark/transaction_snark.ml b/src/lib/transaction_snark/transaction_snark.ml
@@ -1473,6 +1473,10 @@ module Make_str (A : Wire_types.Concrete) = struct
             let verification_key_perm_fallback_to_signature_with_older_version =
               Permissions.Auth_required.Checked
               .verification_key_perm_fallback_to_signature_with_older_version
+
+            let access_perm_fallback_to_signature_with_older_version =
+              Permissions.Auth_required.Checked
+              .access_perm_fallback_to_signature_with_older_version
           end
 
           module Txn_version = struct
