feat(ledger): validate metadata during rule checks

Signed-off-by: Chris Gianelloni <[email protected]>

Author: wolf31o2

ledger/allegra/allegra.go

@@ -259,6 +259,7 @@ type AllegraTransaction struct {
 	Body       AllegraTransactionBody
 	WitnessSet shelley.ShelleyTransactionWitnessSet
 	TxMetadata common.TransactionMetadatum
+	RawAuxData []byte // Raw auxiliary data bytes (includes scripts)
 }
 
 func (t *AllegraTransaction) UnmarshalCBOR(cborData []byte) error {
@@ -282,8 +283,10 @@ func (t *AllegraTransaction) UnmarshalCBOR(cborData []byte) error {
 		return fmt.Errorf("failed to decode transaction witness set: %w", err)
 	}
 	// Handle metadata (component 3, index 2) - always present, but may be CBOR nil
-	// DecodeAuxiliaryDataToMetadata already preserves raw bytes via DecodeMetadatumRaw
-	if len(txArray) > 2 && len(txArray[2]) > 0 {
+	// Store raw auxiliary data bytes (including any scripts)
+	if len(txArray) > 2 && len(txArray[2]) > 0 && txArray[2][0] != 0xF6 { // 0xF6 is CBOR null
+		t.RawAuxData = []byte(txArray[2])
+		// Also extract metadata
 		metadata, err := common.DecodeAuxiliaryDataToMetadata(txArray[2])
 		if err == nil && metadata != nil {
 			t.TxMetadata = metadata
@@ -393,6 +396,10 @@ func (t *AllegraTransaction) Metadata() common.TransactionMetadatum {
 	return t.TxMetadata
 }
 
+func (t *AllegraTransaction) RawAuxiliaryData() []byte {
+	return t.RawAuxData
+}
+
 func (t AllegraTransaction) IsValid() bool {
 	return true
 }

ledger/allegra/errors.go

@@ -16,6 +16,8 @@ package allegra
 
 import (
 	"fmt"
+
+	"github.com/blinklabs-io/gouroboros/ledger/common"
 )
 
 type OutsideValidityIntervalUtxoError struct {
@@ -30,3 +32,38 @@ func (e OutsideValidityIntervalUtxoError) Error() string {
 		e.Slot,
 	)
 }
+
+type MissingTransactionMetadataError struct {
+	Hash common.Blake2b256
+}
+
+func (e MissingTransactionMetadataError) Error() string {
+	return fmt.Sprintf(
+		"missing transaction metadata: body declares hash %x but no metadata provided",
+		e.Hash,
+	)
+}
+
+type MissingTransactionAuxiliaryDataHashError struct {
+	Hash common.Blake2b256
+}
+
+func (e MissingTransactionAuxiliaryDataHashError) Error() string {
+	return fmt.Sprintf(
+		"missing transaction auxiliary data hash: metadata provided with hash %x but body has no hash",
+		e.Hash,
+	)
+}
+
+type ConflictingMetadataHashError struct {
+	Supplied common.Blake2b256
+	Expected common.Blake2b256
+}
+
+func (e ConflictingMetadataHashError) Error() string {
+	return fmt.Sprintf(
+		"conflicting metadata hash: body declares %x, actual metadata hash is %x",
+		e.Supplied,
+		e.Expected,
+	)
+}

ledger/allegra/rules.go

@@ -22,6 +22,7 @@ import (
 )
 
 var UtxoValidationRules = []common.UtxoValidationRuleFunc{
+	UtxoValidateMetadata,
 	UtxoValidateOutsideValidityIntervalUtxo,
 	UtxoValidateInputSetEmptyUtxo,
 	UtxoValidateFeeTooSmallUtxo,
@@ -167,3 +168,50 @@ func UtxoValidateMaxTxSizeUtxo(
 		tmpPparams,
 	)
 }
+
+// UtxoValidateMetadata validates that auxiliary data (metadata) matches the hash in transaction body
+// This is a cheap structural check that should run before expensive ledger lookups
+func UtxoValidateMetadata(
+	tx common.Transaction,
+	slot uint64,
+	ls common.LedgerState,
+	pp common.ProtocolParameters,
+) error {
+	bodyAuxDataHash := tx.AuxDataHash()
+	txAuxData := tx.Metadata()
+	rawAuxData := tx.RawAuxiliaryData()
+
+	// Case 1: Neither body hash nor aux data present - OK
+	if bodyAuxDataHash == nil && txAuxData == nil && len(rawAuxData) == 0 {
+		return nil
+	}
+
+	// Case 2: Body has hash but no aux data provided - error
+	if bodyAuxDataHash != nil && txAuxData == nil && len(rawAuxData) == 0 {
+		return MissingTransactionMetadataError{
+			Hash: *bodyAuxDataHash,
+		}
+	}
+
+	// Case 3: Aux data provided but body has no hash - error
+	if bodyAuxDataHash == nil && len(rawAuxData) > 0 {
+		actualHash := common.Blake2b256Hash(rawAuxData)
+		return MissingTransactionAuxiliaryDataHashError{
+			Hash: actualHash,
+		}
+	}
+
+	// Case 4: Both present - verify hash matches
+	// Use raw auxiliary data (includes scripts) for hashing, not just metadata
+	if bodyAuxDataHash != nil && len(rawAuxData) > 0 {
+		actualHash := common.Blake2b256Hash(rawAuxData)
+		if *bodyAuxDataHash != actualHash {
+			return ConflictingMetadataHashError{
+				Supplied: *bodyAuxDataHash,
+				Expected: actualHash,
+			}
+		}
+	}
+
+	return nil
+}

ledger/alonzo/alonzo.go

@@ -655,6 +655,7 @@ type AlonzoTransaction struct {
 	WitnessSet AlonzoTransactionWitnessSet
 	TxIsValid  bool
 	TxMetadata common.TransactionMetadatum
+	RawAuxData []byte // Raw auxiliary data bytes (includes scripts)
 }
 
 func (t *AlonzoTransaction) UnmarshalCBOR(cborData []byte) error {
@@ -688,8 +689,8 @@ func (t *AlonzoTransaction) UnmarshalCBOR(cborData []byte) error {
 	}
 
 	// Handle metadata (component 4, always present - either data or CBOR nil)
-	// DecodeAuxiliaryDataToMetadata already preserves raw bytes via DecodeMetadatumRaw
-	if len(txArray) > 3 && len(txArray[3]) > 0 {
+	if len(txArray) > 3 && len(txArray[3]) > 0 && txArray[3][0] != 0xF6 { // 0xF6 is CBOR null
+		t.RawAuxData = []byte(txArray[3])
 		metadata, err := common.DecodeAuxiliaryDataToMetadata(txArray[3])
 		if err == nil && metadata != nil {
 			t.TxMetadata = metadata
@@ -704,6 +705,10 @@ func (t *AlonzoTransaction) Metadata() common.TransactionMetadatum {
 	return t.TxMetadata
 }
 
+func (t *AlonzoTransaction) RawAuxiliaryData() []byte {
+	return t.RawAuxData
+}
+
 func (AlonzoTransaction) Type() int {
 	return TxTypeAlonzo
 }

ledger/alonzo/errors.go

@@ -64,3 +64,38 @@ type NoCollateralInputsError struct{}
 func (NoCollateralInputsError) Error() string {
 	return "no collateral inputs"
 }
+
+type MissingTransactionMetadataError struct {
+	Hash common.Blake2b256
+}
+
+func (e MissingTransactionMetadataError) Error() string {
+	return fmt.Sprintf(
+		"missing transaction metadata: body declares hash %x but no metadata provided",
+		e.Hash,
+	)
+}
+
+type MissingTransactionAuxiliaryDataHashError struct {
+	Hash common.Blake2b256
+}
+
+func (e MissingTransactionAuxiliaryDataHashError) Error() string {
+	return fmt.Sprintf(
+		"missing transaction auxiliary data hash: metadata provided with hash %x but body has no hash",
+		e.Hash,
+	)
+}
+
+type ConflictingMetadataHashError struct {
+	Supplied common.Blake2b256
+	Expected common.Blake2b256
+}
+
+func (e ConflictingMetadataHashError) Error() string {
+	return fmt.Sprintf(
+		"conflicting metadata hash: body declares %x, actual metadata hash is %x",
+		e.Supplied,
+		e.Expected,
+	)
+}

ledger/alonzo/rules.go

@@ -25,6 +25,7 @@ import (
 )
 
 var UtxoValidationRules = []common.UtxoValidationRuleFunc{
+	UtxoValidateMetadata,
 	UtxoValidateOutsideValidityIntervalUtxo,
 	UtxoValidateInputSetEmptyUtxo,
 	UtxoValidateFeeTooSmallUtxo,
@@ -428,3 +429,48 @@ func MinCoinTxOut(
 	minCoinTxOut := uint64(tmpPparams.MinUtxoValue)
 	return minCoinTxOut, nil
 }
+
+// UtxoValidateMetadata validates that auxiliary data (metadata) matches the hash in transaction body
+// This is a cheap structural check that should run before expensive ledger lookups
+func UtxoValidateMetadata(
+	tx common.Transaction,
+	slot uint64,
+	ls common.LedgerState,
+	pp common.ProtocolParameters,
+) error {
+	bodyAuxDataHash := tx.AuxDataHash()
+	txAuxData := tx.Metadata()
+
+	// Case 1: Neither body hash nor aux data present - OK
+	if bodyAuxDataHash == nil && txAuxData == nil {
+		return nil
+	}
+
+	// Case 2: Body has hash but no aux data provided - error
+	if bodyAuxDataHash != nil && txAuxData == nil {
+		return MissingTransactionMetadataError{
+			Hash: *bodyAuxDataHash,
+		}
+	}
+
+	// Case 3: Aux data provided but body has no hash - error
+	if bodyAuxDataHash == nil && txAuxData != nil {
+		actualHash := common.Blake2b256Hash(txAuxData.Cbor())
+		return MissingTransactionAuxiliaryDataHashError{
+			Hash: actualHash,
+		}
+	}
+
+	// Case 4: Both present - verify hash matches
+	if bodyAuxDataHash != nil && txAuxData != nil {
+		actualHash := common.Blake2b256Hash(txAuxData.Cbor())
+		if *bodyAuxDataHash != actualHash {
+			return ConflictingMetadataHashError{
+				Supplied: *bodyAuxDataHash,
+				Expected: actualHash,
+			}
+		}
+	}
+
+	return nil
+}

ledger/babbage/babbage.go

@@ -886,6 +886,7 @@ type BabbageTransaction struct {
 	WitnessSet BabbageTransactionWitnessSet
 	TxIsValid  bool
 	TxMetadata common.TransactionMetadatum
+	RawAuxData []byte // Raw auxiliary data bytes (includes scripts)
 }
 
 func (t *BabbageTransaction) UnmarshalCBOR(cborData []byte) error {
@@ -919,8 +920,8 @@ func (t *BabbageTransaction) UnmarshalCBOR(cborData []byte) error {
 	}
 
 	// Handle metadata (component 4, always present - either data or CBOR nil)
-	// DecodeAuxiliaryDataToMetadata already preserves raw bytes via DecodeMetadatumRaw
-	if len(txArray[3]) > 0 {
+	if len(txArray[3]) > 0 && txArray[3][0] != 0xF6 { // 0xF6 is CBOR null
+		t.RawAuxData = []byte(txArray[3])
 		metadata, err := common.DecodeAuxiliaryDataToMetadata(txArray[3])
 		if err == nil && metadata != nil {
 			t.TxMetadata = metadata
@@ -935,6 +936,10 @@ func (t *BabbageTransaction) Metadata() common.TransactionMetadatum {
 	return t.TxMetadata
 }
 
+func (t *BabbageTransaction) RawAuxiliaryData() []byte {
+	return t.RawAuxData
+}
+
 func (BabbageTransaction) Type() int {
 	return TxTypeBabbage
 }

ledger/babbage/errors.go

@@ -16,6 +16,8 @@ package babbage
 
 import (
 	"fmt"
+
+	"github.com/blinklabs-io/gouroboros/ledger/common"
 )
 
 type TooManyCollateralInputsError struct {
@@ -43,3 +45,38 @@ func (e IncorrectTotalCollateralFieldError) Error() string {
 		e.TotalCollateral,
 	)
 }
+
+type MissingTransactionMetadataError struct {
+	Hash common.Blake2b256
+}
+
+func (e MissingTransactionMetadataError) Error() string {
+	return fmt.Sprintf(
+		"missing transaction metadata: body declares hash %x but no metadata provided",
+		e.Hash,
+	)
+}
+
+type MissingTransactionAuxiliaryDataHashError struct {
+	Hash common.Blake2b256
+}
+
+func (e MissingTransactionAuxiliaryDataHashError) Error() string {
+	return fmt.Sprintf(
+		"missing transaction auxiliary data hash: metadata provided with hash %x but body has no hash",
+		e.Hash,
+	)
+}
+
+type ConflictingMetadataHashError struct {
+	Supplied common.Blake2b256
+	Expected common.Blake2b256
+}
+
+func (e ConflictingMetadataHashError) Error() string {
+	return fmt.Sprintf(
+		"conflicting metadata hash: body declares %x, actual metadata hash is %x",
+		e.Supplied,
+		e.Expected,
+	)
+}

ledger/babbage/rules.go

@@ -26,6 +26,7 @@ import (
 )
 
 var UtxoValidationRules = []common.UtxoValidationRuleFunc{
+	UtxoValidateMetadata,
 	UtxoValidateOutsideValidityIntervalUtxo,
 	UtxoValidateInputSetEmptyUtxo,
 	UtxoValidateFeeTooSmallUtxo,
@@ -499,3 +500,48 @@ func MinCoinTxOut(
 	minCoinTxOut := tmpPparams.AdaPerUtxoByte * uint64(len(txOutBytes))
 	return minCoinTxOut, nil
 }
+
+// UtxoValidateMetadata validates that auxiliary data (metadata) matches the hash in transaction body
+// This is a cheap structural check that should run before expensive ledger lookups
+func UtxoValidateMetadata(
+	tx common.Transaction,
+	slot uint64,
+	ls common.LedgerState,
+	pp common.ProtocolParameters,
+) error {
+	bodyAuxDataHash := tx.AuxDataHash()
+	txAuxData := tx.Metadata()
+
+	// Case 1: Neither body hash nor aux data present - OK
+	if bodyAuxDataHash == nil && txAuxData == nil {
+		return nil
+	}
+
+	// Case 2: Body has hash but no aux data provided - error
+	if bodyAuxDataHash != nil && txAuxData == nil {
+		return MissingTransactionMetadataError{
+			Hash: *bodyAuxDataHash,
+		}
+	}
+
+	// Case 3: Aux data provided but body has no hash - error
+	if bodyAuxDataHash == nil && txAuxData != nil {
+		actualHash := common.Blake2b256Hash(txAuxData.Cbor())
+		return MissingTransactionAuxiliaryDataHashError{
+			Hash: actualHash,
+		}
+	}
+
+	// Case 4: Both present - verify hash matches
+	if bodyAuxDataHash != nil && txAuxData != nil {
+		actualHash := common.Blake2b256Hash(txAuxData.Cbor())
+		if *bodyAuxDataHash != actualHash {
+			return ConflictingMetadataHashError{
+				Supplied: *bodyAuxDataHash,
+				Expected: actualHash,
+			}
+		}
+	}
+
+	return nil
+}