From 546340826974989dc57c37e7a54cffc0ed49321c Mon Sep 17 00:00:00 2001
From: glyh <lyhokia@gmail.com>
Date: Wed, 19 Nov 2025 16:50:57 +0800
Subject: [PATCH 1/2] Zkapp_command_logic: apply fallback for
 Account.Permissions.set_permissions just like for set_verification_key

---
 .../transaction_logic/zkapp_command_logic.ml  | 37 +++++++++++--------
 1 file changed, 21 insertions(+), 16 deletions(-)

diff --git a/src/lib/transaction_logic/zkapp_command_logic.ml b/src/lib/transaction_logic/zkapp_command_logic.ml
index 0b24f9c9f8a6..8f67f63e7afa 100644
--- a/src/lib/transaction_logic/zkapp_command_logic.ml
+++ b/src/lib/transaction_logic/zkapp_command_logic.ml
@@ -549,6 +549,7 @@ module type Controller_intf = sig
 
   val check : proof_verifies:bool -> signature_verifies:bool -> t -> bool
 
+  (* This is used for fallbacking for Permissions.{set_verification_key, set_permissions}. *)
   val verification_key_perm_fallback_to_signature_with_older_version : t -> t
 end
 
@@ -1609,26 +1610,29 @@ module Make (Inputs : Inputs_intf) = struct
       let a = Account.set_app_state app_state a in
       (a, local_state)
     in
+    let older_than_current_version =
+      Txn_version.older_than_current
+        (Account.Permissions.set_verification_key_txn_version a)
+    in
+    (* Generic helper that deals with fallback when the permissions are set for
+       a old protocol version for setting vk/perm *)
+    let auth_with_fallback_set_vk_or_perm original_auth =
+      Controller.if_ older_than_current_version
+        ~then_:
+          (Controller
+           .verification_key_perm_fallback_to_signature_with_older_version
+             original_auth )
+        ~else_:original_auth
+    in
     (* Set verification key. *)
     let a, local_state =
       let verification_key =
         Account_update.Update.verification_key account_update
       in
-      let older_than_current_version =
-        Txn_version.older_than_current
-          (Account.Permissions.set_verification_key_txn_version a)
-      in
-      let original_auth = Account.Permissions.set_verification_key_auth a in
-      let auth =
-        Controller.if_ older_than_current_version
-          ~then_:
-            (Controller
-             .verification_key_perm_fallback_to_signature_with_older_version
-               original_auth )
-          ~else_:original_auth
-      in
       let has_permission =
-        Controller.check ~proof_verifies ~signature_verifies auth
+        Account.Permissions.set_verification_key_auth a
+        |> auth_with_fallback_set_vk_or_perm
+        |> Controller.check ~proof_verifies ~signature_verifies
       in
       let local_state =
         Local_state.add_check local_state Update_not_permitted_verification_key
@@ -1795,8 +1799,9 @@ module Make (Inputs : Inputs_intf) = struct
     let a, local_state =
       let permissions = Account_update.Update.permissions account_update in
       let has_permission =
-        Controller.check ~proof_verifies ~signature_verifies
-          (Account.Permissions.set_permissions a)
+        Account.Permissions.set_permissions a
+        |> auth_with_fallback_set_vk_or_perm
+        |> Controller.check ~proof_verifies ~signature_verifies
       in
       let local_state =
         Local_state.add_check local_state Update_not_permitted_permissions

From 80c11ac70233d752137ed9cbcbbc79084e4e59f7 Mon Sep 17 00:00:00 2001
From: glyh <lyhokia@gmail.com>
Date: Wed, 19 Nov 2025 17:10:54 +0800
Subject: [PATCH 2/2] implement zkapp permission fallback for access

---
 src/lib/mina_base/permissions.ml              | 16 ++++++++++++++
 src/lib/mina_base/permissions.mli             |  4 ++++
 .../mina_transaction_logic.ml                 |  4 ++++
 .../transaction_logic/zkapp_command_logic.ml  | 22 ++++++++++++++-----
 .../transaction_snark/transaction_snark.ml    |  4 ++++
 5 files changed, 44 insertions(+), 6 deletions(-)

diff --git a/src/lib/mina_base/permissions.ml b/src/lib/mina_base/permissions.ml
index 43ef84cb02ee..155ab1186ddb 100644
--- a/src/lib/mina_base/permissions.ml
+++ b/src/lib/mina_base/permissions.ml
@@ -72,6 +72,12 @@ module Auth_required = struct
     | t ->
         t
 
+  let access_perm_fallback_to_signature_with_older_version = function
+    | Proof ->
+        Signature
+    | t ->
+        t
+
   (* permissions such that [check permission (Proof _)] is true *)
   let gen_for_proof_authorization : t Quickcheck.Generator.t =
     Quickcheck.Generator.of_list [ None; Either; Proof ]
@@ -294,11 +300,21 @@ module Auth_required = struct
          that the proof should verify. *)
       (result, `proof_must_verify (didn't_fail_yet &&& not signature_sufficient))
 
+    (* proof/either/impossible -> signature *)
     let verification_key_perm_fallback_to_signature_with_older_version
         ({ signature_sufficient; _ } as t : t) =
       if_
         Pickles.Impls.Step.Boolean.(not signature_sufficient)
         ~then_:(constant Signature) ~else_:t
+
+    (* proof/either -> signature *)
+    let access_perm_fallback_to_signature_with_older_version
+        ({ signature_sufficient; constant = signature_is_constant; _ } as t : t)
+        =
+      if_
+        Pickles.Impls.Step.Boolean.(
+          (not signature_sufficient) && not signature_is_constant)
+        ~then_:(constant Signature) ~else_:t
   end
 
   let typ =
diff --git a/src/lib/mina_base/permissions.mli b/src/lib/mina_base/permissions.mli
index e74ccfd18abe..2e0ecfbc5335 100644
--- a/src/lib/mina_base/permissions.mli
+++ b/src/lib/mina_base/permissions.mli
@@ -27,6 +27,8 @@ module Auth_required : sig
 
   val verification_key_perm_fallback_to_signature_with_older_version : t -> t
 
+  val access_perm_fallback_to_signature_with_older_version : t -> t
+
   module Checked : sig
     type t
 
@@ -44,6 +46,8 @@ module Auth_required : sig
       -> Boolean.var * [ `proof_must_verify of Boolean.var ]
 
     val verification_key_perm_fallback_to_signature_with_older_version : t -> t
+
+    val access_perm_fallback_to_signature_with_older_version : t -> t
   end
 
   val typ : (Checked.t, t) Typ.t
diff --git a/src/lib/transaction_logic/mina_transaction_logic.ml b/src/lib/transaction_logic/mina_transaction_logic.ml
index f6b5f0617ced..57c0bb1e8e7d 100644
--- a/src/lib/transaction_logic/mina_transaction_logic.ml
+++ b/src/lib/transaction_logic/mina_transaction_logic.ml
@@ -1006,6 +1006,10 @@ module Make (L : Ledger_intf.S) :
       let verification_key_perm_fallback_to_signature_with_older_version =
         Permissions.Auth_required
         .verification_key_perm_fallback_to_signature_with_older_version
+
+      let access_perm_fallback_to_signature_with_older_version =
+        Permissions.Auth_required
+        .access_perm_fallback_to_signature_with_older_version
     end
 
     module Txn_version = struct
diff --git a/src/lib/transaction_logic/zkapp_command_logic.ml b/src/lib/transaction_logic/zkapp_command_logic.ml
index 8f67f63e7afa..5158957d4010 100644
--- a/src/lib/transaction_logic/zkapp_command_logic.ml
+++ b/src/lib/transaction_logic/zkapp_command_logic.ml
@@ -551,6 +551,8 @@ module type Controller_intf = sig
 
   (* This is used for fallbacking for Permissions.{set_verification_key, set_permissions}. *)
   val verification_key_perm_fallback_to_signature_with_older_version : t -> t
+
+  val access_perm_fallback_to_signature_with_older_version : t -> t
 end
 
 module type Txn_version_intf = sig
@@ -1547,11 +1549,23 @@ module Make (Inputs : Inputs_intf) = struct
        This must be done before updating zkApp fields!
     *)
     let a = Account.make_zkapp a in
+    let older_than_current_version =
+      Txn_version.older_than_current
+        (Account.Permissions.set_verification_key_txn_version a)
+    in
+    let auth_with_fallback_access original_auth =
+      Controller.if_ older_than_current_version
+        ~then_:
+          (Controller.access_perm_fallback_to_signature_with_older_version
+             original_auth )
+        ~else_:original_auth
+    in
     (* Check that the account can be accessed with the given authorization. *)
     let local_state =
       let has_permission =
-        Controller.check ~proof_verifies ~signature_verifies
-          (Account.Permissions.access a)
+        Account.Permissions.access a
+        |> auth_with_fallback_access
+        |> Controller.check ~proof_verifies ~signature_verifies
       in
       Local_state.add_check local_state Update_not_permitted_access
         has_permission
@@ -1610,10 +1624,6 @@ module Make (Inputs : Inputs_intf) = struct
       let a = Account.set_app_state app_state a in
       (a, local_state)
     in
-    let older_than_current_version =
-      Txn_version.older_than_current
-        (Account.Permissions.set_verification_key_txn_version a)
-    in
     (* Generic helper that deals with fallback when the permissions are set for
        a old protocol version for setting vk/perm *)
     let auth_with_fallback_set_vk_or_perm original_auth =
diff --git a/src/lib/transaction_snark/transaction_snark.ml b/src/lib/transaction_snark/transaction_snark.ml
index 7ee65f8663db..9541b896e94a 100644
--- a/src/lib/transaction_snark/transaction_snark.ml
+++ b/src/lib/transaction_snark/transaction_snark.ml
@@ -1473,6 +1473,10 @@ module Make_str (A : Wire_types.Concrete) = struct
             let verification_key_perm_fallback_to_signature_with_older_version =
               Permissions.Auth_required.Checked
               .verification_key_perm_fallback_to_signature_with_older_version
+
+            let access_perm_fallback_to_signature_with_older_version =
+              Permissions.Auth_required.Checked
+              .access_perm_fallback_to_signature_with_older_version
           end
 
           module Txn_version = struct