feat(ledger): stake pool validation (#1315)

Signed-off-by: Chris Gianelloni <[email protected]>

Author: wolf31o2

ledger/common/rules_test.go

@@ -0,0 +1,149 @@
+// Copyright 2025 Blink Labs Software
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package common
+
+import (
+	"errors"
+	"testing"
+	"time"
+
+	"github.com/utxorpc/go-codegen/utxorpc/v1alpha/cardano"
+)
+
+func TestVerifyTransaction(t *testing.T) {
+	// Mock transaction - we don't need a real one for this test
+	var tx Transaction
+
+	slot := uint64(1000)
+	ledgerState := &mockLedgerStateRules{}
+	protocolParams := &mockProtocolParamsRules{}
+
+	t.Run("all_rules_pass", func(t *testing.T) {
+		rules := []UtxoValidationRuleFunc{
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+		}
+
+		err := VerifyTransaction(tx, slot, ledgerState, protocolParams, rules)
+		if err != nil {
+			t.Errorf("expected no error, got %v", err)
+		}
+	})
+
+	t.Run("first_rule_fails", func(t *testing.T) {
+		expectedErr := errors.New("first rule failed")
+		rules := []UtxoValidationRuleFunc{
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return expectedErr },
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+		}
+
+		err := VerifyTransaction(tx, slot, ledgerState, protocolParams, rules)
+		if err != expectedErr {
+			t.Errorf("expected error %v, got %v", expectedErr, err)
+		}
+	})
+
+	t.Run("middle_rule_fails", func(t *testing.T) {
+		expectedErr := errors.New("middle rule failed")
+		rules := []UtxoValidationRuleFunc{
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return expectedErr },
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+		}
+
+		err := VerifyTransaction(tx, slot, ledgerState, protocolParams, rules)
+		if err != expectedErr {
+			t.Errorf("expected error %v, got %v", expectedErr, err)
+		}
+	})
+
+	t.Run("last_rule_fails", func(t *testing.T) {
+		expectedErr := errors.New("last rule failed")
+		rules := []UtxoValidationRuleFunc{
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return nil },
+			func(Transaction, uint64, LedgerState, ProtocolParameters) error { return expectedErr },
+		}
+
+		err := VerifyTransaction(tx, slot, ledgerState, protocolParams, rules)
+		if err != expectedErr {
+			t.Errorf("expected error %v, got %v", expectedErr, err)
+		}
+	})
+
+	t.Run("empty_rules", func(t *testing.T) {
+		rules := []UtxoValidationRuleFunc{}
+
+		err := VerifyTransaction(tx, slot, ledgerState, protocolParams, rules)
+		if err != nil {
+			t.Errorf("expected no error with empty rules, got %v", err)
+		}
+	})
+}
+
+// Mock types for testing
+type mockLedgerStateRules struct{}
+
+func (m *mockLedgerStateRules) UtxoById(
+	input TransactionInput,
+) (Utxo, error) {
+	return Utxo{}, nil
+}
+
+func (m *mockLedgerStateRules) StakeRegistration(
+	key []byte,
+) ([]StakeRegistrationCertificate, error) {
+	return nil, nil
+}
+
+func (m *mockLedgerStateRules) SlotToTime(
+	slot uint64,
+) (time.Time, error) {
+	return time.Time{}, nil
+}
+
+func (m *mockLedgerStateRules) TimeToSlot(
+	t time.Time,
+) (uint64, error) {
+	return 0, nil
+}
+
+func (m *mockLedgerStateRules) PoolCurrentState(
+	poolKeyHash PoolKeyHash,
+) (*PoolRegistrationCertificate, *uint64, error) {
+	return nil, nil, nil
+}
+
+func (m *mockLedgerStateRules) CalculateRewards(
+	pots AdaPots,
+	snapshot RewardSnapshot,
+	params RewardParameters,
+) (*RewardCalculationResult, error) {
+	return nil, errors.New("not implemented")
+}
+
+func (m *mockLedgerStateRules) GetAdaPots() AdaPots              { return AdaPots{} }
+func (m *mockLedgerStateRules) UpdateAdaPots(pots AdaPots) error { return nil }
+
+func (m *mockLedgerStateRules) GetRewardSnapshot(
+	epoch uint64,
+) (RewardSnapshot, error) {
+	return RewardSnapshot{}, nil
+}
+func (m *mockLedgerStateRules) NetworkId() uint { return 0 }
+
+type mockProtocolParamsRules struct{}
+
+func (m *mockProtocolParamsRules) Utxorpc() (*cardano.PParams, error) { return nil, nil }

ledger/common/verify_config.go

@@ -26,13 +26,17 @@ import (
 // Default values favor safety; tests or specific flows can opt out.
 type VerifyConfig struct {
 	// SkipBodyHashValidation disables body hash verification in VerifyBlock().
+	// When false (default), full block CBOR must be available for validation.
 	// Useful for scenarios where full block CBOR is unavailable.
 	SkipBodyHashValidation bool
 	// SkipTransactionValidation disables transaction validation in VerifyBlock().
 	// When false (default), LedgerState and ProtocolParameters must be set.
 	SkipTransactionValidation bool
+	// SkipStakePoolValidation disables stake pool registration validation in VerifyBlock().
+	// When false (default), LedgerState must be set.
+	SkipStakePoolValidation bool
 	// LedgerState provides the current ledger state for transaction validation.
-	// Required if SkipTransactionValidation is false.
+	// Required if SkipTransactionValidation or SkipStakePoolValidation is false.
 	LedgerState LedgerState
 	// ProtocolParameters provides the current protocol parameters for transaction validation.
 	// Required if SkipTransactionValidation is false.

ledger/verify_block.go

@@ -337,7 +337,9 @@ func VerifyBlock(
 			)
 		}
 		if config.LedgerState == nil || config.ProtocolParameters == nil {
-			return false, "", 0, 0, errors.New("VerifyBlock: missing required config field: LedgerState and ProtocolParameters must be set")
+			return false, "", 0, 0, errors.New(
+				"VerifyBlock: missing required config field: LedgerState and ProtocolParameters must be set",
+			)
 		}
 		for _, tx := range block.Transactions() {
 			if err := common.VerifyTransaction(tx, slot, config.LedgerState, config.ProtocolParameters, validationRules); err != nil {
@@ -349,6 +351,83 @@ func VerifyBlock(
 		}
 	}
 
+	// Verify stake pool registration (can be skipped via config)
+	// Requires LedgerState in config if enabled.
+	if block.Era() != byron.EraByron && !config.SkipStakePoolValidation {
+		if config.LedgerState == nil {
+			return false, "", 0, 0, errors.New(
+				"VerifyBlock: missing required config field: LedgerState must be set for stake pool validation",
+			)
+		}
+
+		// Extract pool key hash from issuer vkey
+		var issuerVkey []byte
+		switch h := block.Header().(type) {
+		case *shelley.ShelleyBlockHeader:
+			issuerVkey = h.Body.IssuerVkey[:]
+		case *allegra.AllegraBlockHeader:
+			issuerVkey = h.Body.IssuerVkey[:]
+		case *mary.MaryBlockHeader:
+			issuerVkey = h.Body.IssuerVkey[:]
+		case *alonzo.AlonzoBlockHeader:
+			issuerVkey = h.Body.IssuerVkey[:]
+		case *babbage.BabbageBlockHeader:
+			issuerVkey = h.Body.IssuerVkey[:]
+		case *conway.ConwayBlockHeader:
+			issuerVkey = h.Body.IssuerVkey[:]
+		default:
+			return false, "", 0, 0, fmt.Errorf(
+				"VerifyBlock: unsupported block type for stake pool validation %T",
+				block.Header(),
+			)
+		}
+
+		poolKeyHash := common.Blake2b224Hash(issuerVkey)
+
+		// Check if pool is registered
+		poolCert, _, err := config.LedgerState.PoolCurrentState(poolKeyHash)
+		if err != nil {
+			return false, "", 0, 0, fmt.Errorf(
+				"VerifyBlock: failed to query pool state: %w",
+				err,
+			)
+		}
+		if poolCert == nil {
+			return false, "", 0, 0, fmt.Errorf(
+				"VerifyBlock: pool %s is not registered",
+				poolKeyHash.String(),
+			)
+		}
+
+		// Check if VRF key matches registered pool's VRF key
+		var blockVrfKey []byte
+		switch h := block.Header().(type) {
+		case *shelley.ShelleyBlockHeader:
+			blockVrfKey = h.Body.VrfKey
+		case *allegra.AllegraBlockHeader:
+			blockVrfKey = h.Body.VrfKey
+		case *mary.MaryBlockHeader:
+			blockVrfKey = h.Body.VrfKey
+		case *alonzo.AlonzoBlockHeader:
+			blockVrfKey = h.Body.VrfKey
+		case *babbage.BabbageBlockHeader:
+			blockVrfKey = h.Body.VrfKey
+		case *conway.ConwayBlockHeader:
+			blockVrfKey = h.Body.VrfKey
+		}
+
+		registeredVrfKeyHash := poolCert.VrfKeyHash
+		expectedVrfKeyHash := common.Blake2b256Hash(blockVrfKey)
+		if registeredVrfKeyHash != expectedVrfKeyHash {
+			return false, "", 0, 0, fmt.Errorf(
+				"VerifyBlock: VRF key mismatch for pool %s: expected %s, got %s",
+				poolKeyHash.String(),
+				registeredVrfKeyHash.String(),
+				expectedVrfKeyHash.String(),
+			)
+		}
+	}
+
 	isValid = isBodyValid && vrfValid && kesValid
 	slotNo := slot
 	return isValid, vrfHex, blockNo, slotNo, nil

ledger/verify_block_test.go

@@ -26,12 +26,13 @@ var eraNameMap = map[uint]string{
 	BlockTypeConway:  conway.EraNameConway,
 }
 
-// testSkipAllValidationConfig returns a VerifyConfig that skips both body hash and transaction validation.
+// testSkipAllValidationConfig returns a VerifyConfig that skips body hash, stake pool, and transaction validation.
 // Useful for tests that don't provide full CBOR or ledger state.
 func testSkipAllValidationConfig() common.VerifyConfig {
 	return common.VerifyConfig{
 		SkipBodyHashValidation:    true,
 		SkipTransactionValidation: true,
+		SkipStakePoolValidation:   true,
 	}
 }