commitment: make forward-compatible by parsing unknown odd types

guggero · guggero · commit 4e78fb20b5e7 · 2024-08-16T16:49:47.000+02:00
diff --git a/commitment/commitment_test.go b/commitment/commitment_test.go
@@ -1,6 +1,7 @@
 package commitment
 
 import (
+	"bytes"
 	"context"
 	"encoding/hex"
 	"math/rand"
@@ -16,6 +17,7 @@ import (
 	"github.com/lightninglabs/taproot-assets/internal/test"
 	"github.com/lightninglabs/taproot-assets/mssmt"
 	"github.com/lightningnetwork/lnd/keychain"
+	"github.com/lightningnetwork/lnd/tlv"
 	"github.com/stretchr/testify/require"
 )
 
@@ -1634,3 +1636,160 @@ func TestAssetCommitmentDeleteMaxVersion(t *testing.T) {
 
 	require.Equal(t, asset.V0, assetCommitment.Version)
 }
+
+// TestProofUnknownOddType tests that an unknown odd type is allowed in a
+// commitment proof and that we can still arrive at the correct root hash with
+// it.
+func TestProofUnknownOddType(t *testing.T) {
+	genesis := asset.RandGenesis(t, asset.Normal)
+	asset1 := randAsset(t, genesis, nil)
+
+	singleCommitment, err := FromAssets(nil, asset1)
+	require.NoError(t, err)
+
+	_, knownProof, err := singleCommitment.Proof(
+		asset1.TapCommitmentKey(), asset1.AssetCommitmentKey(),
+	)
+	require.NoError(t, err)
+
+	var knownProofBytes []byte
+	test.RunUnknownOddTypeTest(
+		t, knownProof, &asset.ErrUnknownType{},
+		func(buf *bytes.Buffer, proof *Proof) error {
+			err := proof.Encode(buf)
+
+			knownProofBytes = fn.CopySlice(buf.Bytes())
+
+			return err
+		},
+		func(buf *bytes.Buffer) (*Proof, error) {
+			var parsedProof Proof
+			return &parsedProof, parsedProof.Decode(buf)
+		},
+		func(parsedProof *Proof, unknownTypes tlv.TypeMap) {
+			require.Equal(
+				t, unknownTypes, parsedProof.UnknownOddTypes,
+			)
+
+			// The proof should've changed, to make sure the
+			// unknown value was taken into account when creating
+			// the serialized proof.
+			var newBuf bytes.Buffer
+			err = parsedProof.Encode(&newBuf)
+			require.NoError(t, err)
+
+			require.NotEqual(t, knownProofBytes, newBuf.Bytes())
+
+			parsedProof.UnknownOddTypes = nil
+			require.Equal(t, knownProof, parsedProof)
+		},
+	)
+}
+
+// TestAssetProofUnknownOddType tests that an unknown odd type is allowed in an
+// asset proof and that we can still arrive at the correct root hash with it.
+func TestAssetProofUnknownOddType(t *testing.T) {
+	genesis := asset.RandGenesis(t, asset.Normal)
+	asset1 := randAsset(t, genesis, nil)
+
+	singleCommitment, err := FromAssets(nil, asset1)
+	require.NoError(t, err)
+
+	_, commitmentProof, err := singleCommitment.Proof(
+		asset1.TapCommitmentKey(), asset1.AssetCommitmentKey(),
+	)
+	require.NoError(t, err)
+
+	require.NotNil(t, commitmentProof.AssetProof)
+	knownAssetProof := commitmentProof.AssetProof
+
+	var knownProofBytes []byte
+	test.RunUnknownOddTypeTest(
+		t, knownAssetProof, &asset.ErrUnknownType{},
+		func(buf *bytes.Buffer, proof *AssetProof) error {
+			err := AssetProofEncoder(buf, &proof, nil)
+
+			knownProofBytes = fn.CopySlice(buf.Bytes())
+
+			return err
+		},
+		func(buf *bytes.Buffer) (*AssetProof, error) {
+			parsedProof := &AssetProof{}
+			return parsedProof, AssetProofDecoder(
+				buf, &parsedProof, nil, uint64(buf.Len()),
+			)
+		},
+		func(parsedProof *AssetProof, unknownTypes tlv.TypeMap) {
+			require.Equal(
+				t, unknownTypes, parsedProof.UnknownOddTypes,
+			)
+
+			// The proof should've changed, to make sure the unknown
+			// value was taken into account when creating the
+			// serialized proof.
+			var newBuf bytes.Buffer
+			err = AssetProofEncoder(&newBuf, &parsedProof, nil)
+			require.NoError(t, err)
+
+			require.NotEqual(t, knownProofBytes, newBuf.Bytes())
+
+			parsedProof.UnknownOddTypes = nil
+			require.Equal(t, knownAssetProof, parsedProof)
+		},
+	)
+}
+
+// TestTaprootAssetProofUnknownOddType tests that an unknown odd type is allowed
+// in a Taproot asset proof and that we can still arrive at the correct root
+// hash with it.
+func TestTaprootAssetProofUnknownOddType(t *testing.T) {
+	genesis := asset.RandGenesis(t, asset.Normal)
+	asset1 := randAsset(t, genesis, nil)
+
+	singleCommitment, err := FromAssets(nil, asset1)
+	require.NoError(t, err)
+
+	_, commitmentProof, err := singleCommitment.Proof(
+		asset1.TapCommitmentKey(), asset1.AssetCommitmentKey(),
+	)
+	require.NoError(t, err)
+
+	knownTaprootAssetProof := commitmentProof.TaprootAssetProof
+
+	var knownProofBytes []byte
+	test.RunUnknownOddTypeTest(
+		t, knownTaprootAssetProof, &asset.ErrUnknownType{},
+		func(buf *bytes.Buffer, proof TaprootAssetProof) error {
+			err := TaprootAssetProofEncoder(buf, &proof, nil)
+
+			knownProofBytes = fn.CopySlice(buf.Bytes())
+
+			return err
+		},
+		func(buf *bytes.Buffer) (TaprootAssetProof, error) {
+			var parsedProof TaprootAssetProof
+			return parsedProof, TaprootAssetProofDecoder(
+				buf, &parsedProof, nil, uint64(buf.Len()),
+			)
+		},
+		func(parsedProof TaprootAssetProof, unknownTypes tlv.TypeMap) {
+			require.Equal(
+				t, unknownTypes, parsedProof.UnknownOddTypes,
+			)
+
+			// The proof should've changed, to make sure the unknown
+			// value was taken into account when creating the
+			// serialized proof.
+			var newBuf bytes.Buffer
+			err = TaprootAssetProofEncoder(
+				&newBuf, &parsedProof, nil,
+			)
+			require.NoError(t, err)
+
+			require.NotEqual(t, knownProofBytes, newBuf.Bytes())
+
+			parsedProof.UnknownOddTypes = nil
+			require.Equal(t, knownTaprootAssetProof, parsedProof)
+		},
+	)
+}
diff --git a/commitment/encoding.go b/commitment/encoding.go
@@ -32,7 +32,10 @@ func TapCommitmentVersionDecoder(r io.Reader, val any, buf *[8]byte,
 
 func AssetProofEncoder(w io.Writer, val any, buf *[8]byte) error {
 	if t, ok := val.(**AssetProof); ok {
-		stream, err := tlv.NewStream((*t).Records()...)
+		records := asset.CombineRecords(
+			(*t).Records(), (*t).UnknownOddTypes,
+		)
+		stream, err := tlv.NewStream(records...)
 		if err != nil {
 			return err
 		}
@@ -59,15 +62,16 @@ func AssetProofDecoder(r io.Reader, val any, buf *[8]byte, l uint64) error {
 			return err
 		}
 
-		// TODO(guggero): Store unknown types (next commits).
-		_, err = asset.TlvStrictDecodeP2P(
+		unknownOddTypes, err := asset.TlvStrictDecodeP2P(
 			stream, bytes.NewReader(streamBytes),
 			KnownAssetProofTypes,
 		)
 		if err != nil {
 			return err
 		}
 
+		proof.UnknownOddTypes = unknownOddTypes
+
 		*typ = &proof
 		return nil
 	}
@@ -76,7 +80,10 @@ func AssetProofDecoder(r io.Reader, val any, buf *[8]byte, l uint64) error {
 
 func TaprootAssetProofEncoder(w io.Writer, val any, buf *[8]byte) error {
 	if t, ok := val.(*TaprootAssetProof); ok {
-		stream, err := tlv.NewStream((*t).Records()...)
+		records := asset.CombineRecords(
+			(*t).Records(), (*t).UnknownOddTypes,
+		)
+		stream, err := tlv.NewStream(records...)
 		if err != nil {
 			return err
 		}
@@ -105,15 +112,16 @@ func TaprootAssetProofDecoder(r io.Reader, val any, buf *[8]byte,
 			return err
 		}
 
-		// TODO(guggero): Store unknown types (next commits).
-		_, err = asset.TlvStrictDecodeP2P(
+		unknownOddTypes, err := asset.TlvStrictDecodeP2P(
 			stream, bytes.NewReader(streamBytes),
 			KnownTaprootAssetProofTypes,
 		)
 		if err != nil {
 			return err
 		}
 
+		proof.UnknownOddTypes = unknownOddTypes
+
 		*typ = proof
 		return nil
 	}
diff --git a/commitment/mock.go b/commitment/mock.go
@@ -11,6 +11,7 @@ import (
 	"github.com/lightninglabs/taproot-assets/asset"
 	"github.com/lightninglabs/taproot-assets/internal/test"
 	"github.com/lightninglabs/taproot-assets/mssmt"
+	"github.com/lightningnetwork/lnd/tlv"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/exp/maps"
 )
@@ -75,15 +76,21 @@ func NewTestFromProof(t testing.TB, p *Proof) *TestProof {
 
 	tp := &TestProof{
 		TaprootAssetProof: &TestTaprootAssetProof{
-			Proof:   mssmt.HexProof(t, &p.TaprootAssetProof.Proof),
-			Version: uint8(p.TaprootAssetProof.Version),
+			Proof: mssmt.HexProof(
+				t, &p.TaprootAssetProof.Proof,
+			),
+			Version:         uint8(p.TaprootAssetProof.Version),
+			UnknownOddTypes: p.UnknownOddTypes,
 		},
 	}
 	if p.AssetProof != nil {
 		tp.AssetProof = &TestAssetProof{
 			Proof:   mssmt.HexProof(t, &p.AssetProof.Proof),
 			Version: uint8(p.AssetProof.Version),
-			TapKey:  hex.EncodeToString(p.AssetProof.TapKey[:]),
+			TapKey: hex.EncodeToString(
+				p.AssetProof.TapKey[:],
+			),
+			UnknownOddTypes: p.UnknownOddTypes,
 		}
 	}
 
@@ -93,6 +100,7 @@ func NewTestFromProof(t testing.TB, p *Proof) *TestProof {
 type TestProof struct {
 	AssetProof        *TestAssetProof        `json:"asset_proof"`
 	TaprootAssetProof *TestTaprootAssetProof `json:"taproot_asset_proof"`
+	UnknownOddTypes   tlv.TypeMap            `json:"unknown_odd_types"`
 }
 
 func (tp *TestProof) ToProof(t testing.TB) *Proof {
@@ -106,12 +114,17 @@ func (tp *TestProof) ToProof(t testing.TB) *Proof {
 			Version: TapCommitmentVersion(
 				tp.TaprootAssetProof.Version,
 			),
+			UnknownOddTypes: tp.TaprootAssetProof.UnknownOddTypes,
 		},
+		UnknownOddTypes: tp.UnknownOddTypes,
 	}
 	if tp.AssetProof != nil {
 		p.AssetProof = &AssetProof{
-			Proof:   mssmt.ParseProof(t, tp.AssetProof.Proof),
-			Version: asset.Version(tp.AssetProof.Version),
+			Proof: mssmt.ParseProof(
+				t, tp.AssetProof.Proof,
+			),
+			Version:         asset.Version(tp.AssetProof.Version),
+			UnknownOddTypes: tp.AssetProof.UnknownOddTypes,
 		}
 		assetID, err := hex.DecodeString(tp.AssetProof.TapKey)
 		require.NoError(t, err)
@@ -122,14 +135,16 @@ func (tp *TestProof) ToProof(t testing.TB) *Proof {
 }
 
 type TestAssetProof struct {
-	Proof   string `json:"proof"`
-	Version uint8  `json:"version"`
-	TapKey  string `json:"tap_key"`
+	Proof           string      `json:"proof"`
+	Version         uint8       `json:"version"`
+	TapKey          string      `json:"tap_key"`
+	UnknownOddTypes tlv.TypeMap `json:"unknown_odd_types"`
 }
 
 type TestTaprootAssetProof struct {
-	Proof   string `json:"proof"`
-	Version uint8  `json:"version"`
+	Proof           string      `json:"proof"`
+	Version         uint8       `json:"version"`
+	UnknownOddTypes tlv.TypeMap `json:"unknown_odd_types"`
 }
 
 func NewTestFromSplitSet(t testing.TB, s SplitSet) TestSplitSet {
diff --git a/commitment/proof.go b/commitment/proof.go
@@ -29,6 +29,14 @@ type AssetProof struct {
 	// committed asset must match, otherwise an asset.GroupKey which every
 	// committed asset must match.
 	TapKey [32]byte
+
+	// UnknownOddTypes is a map of unknown odd types that were encountered
+	// during decoding. This map is used to preserve unknown types that we
+	// don't know of yet, so we can still encode them back when serializing.
+	// This enables forward compatibility with future versions of the
+	// protocol as it allows new odd (optional) types to be added without
+	// breaking old clients that don't yet fully understand them.
+	UnknownOddTypes tlv.TypeMap
 }
 
 // Records returns the encoding/decoding records for the AssetProof.
@@ -47,6 +55,14 @@ type TaprootAssetProof struct {
 
 	// Version is the version of the TapCommitment used to create the proof.
 	Version TapCommitmentVersion
+
+	// UnknownOddTypes is a map of unknown odd types that were encountered
+	// during decoding. This map is used to preserve unknown types that we
+	// don't know of yet, so we can still encode them back when serializing.
+	// This enables forward compatibility with future versions of the
+	// protocol as it allows new odd (optional) types to be added without
+	// breaking old clients that don't yet fully understand them.
+	UnknownOddTypes tlv.TypeMap
 }
 
 // Records returns the encoding/decoding records for the TaprootAssetProof.
@@ -72,6 +88,14 @@ type Proof struct {
 	// TaprootAssetProof is the proof used along with the asset commitment
 	// to arrive at the root of the TapCommitment MS-SMT.
 	TaprootAssetProof TaprootAssetProof
+
+	// UnknownOddTypes is a map of unknown odd types that were encountered
+	// during decoding. This map is used to preserve unknown types that we
+	// don't know of yet, so we can still encode them back when serializing.
+	// This enables forward compatibility with future versions of the
+	// protocol as it allows new odd (optional) types to be added without
+	// breaking old clients that don't yet fully understand them.
+	UnknownOddTypes tlv.TypeMap
 }
 
 // EncodeRecords returns the encoding records for the Proof.
@@ -83,7 +107,9 @@ func (p Proof) EncodeRecords() []tlv.Record {
 	records = append(
 		records, ProofTaprootAssetProofRecord(&p.TaprootAssetProof),
 	)
-	return records
+
+	// Add any unknown odd types that were encountered during decoding.
+	return asset.CombineRecords(records, p.UnknownOddTypes)
 }
 
 // DecodeRecords returns the decoding records for the CommitmentProof.
@@ -110,9 +136,16 @@ func (p *Proof) Decode(r io.Reader) error {
 		return err
 	}
 
-	// TODO(guggero): Store unknown types (next commits).
-	_, err = asset.TlvStrictDecodeP2P(stream, r, KnownProofTypes)
-	return err
+	unknownOddTypes, err := asset.TlvStrictDecodeP2P(
+		stream, r, KnownProofTypes,
+	)
+	if err != nil {
+		return err
+	}
+
+	p.UnknownOddTypes = unknownOddTypes
+
+	return nil
 }
 
 // DeriveByAssetInclusion derives the Taproot Asset commitment containing the
diff --git a/proof/testdata/proof_tlv_encoding_generated.json b/proof/testdata/proof_tlv_encoding_generated.json
diff --git a/tappsbt/testdata/psbt_encoding_generated.json b/tappsbt/testdata/psbt_encoding_generated.json

Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,10 @@ func TapCommitmentVersionDecoder(r io.Reader, val any, buf *[8]byte,`
`32`	`32`
`33`	`33`	`func AssetProofEncoder(w io.Writer, val any, buf *[8]byte) error {`
`34`	`34`	`if t, ok := val.(**AssetProof); ok {`
`35`		`- stream, err := tlv.NewStream((*t).Records()...)`
	`35`	`+ records := asset.CombineRecords(`
	`36`	`+ (t).Records(), (t).UnknownOddTypes,`
	`37`	`+ )`
	`38`	`+ stream, err := tlv.NewStream(records...)`
`36`	`39`	`if err != nil {`
`37`	`40`	`return err`
`38`	`41`	`}`
`@@ -59,15 +62,16 @@ func AssetProofDecoder(r io.Reader, val any, buf *[8]byte, l uint64) error {`
`59`	`62`	`return err`
`60`	`63`	`}`
`61`	`64`
`62`		`- // TODO(guggero): Store unknown types (next commits).`
`63`		`- _, err = asset.TlvStrictDecodeP2P(`
	`65`	`+ unknownOddTypes, err := asset.TlvStrictDecodeP2P(`
`64`	`66`	`stream, bytes.NewReader(streamBytes),`
`65`	`67`	`KnownAssetProofTypes,`
`66`	`68`	`)`
`67`	`69`	`if err != nil {`
`68`	`70`	`return err`
`69`	`71`	`}`
`70`	`72`
	`73`	`+ proof.UnknownOddTypes = unknownOddTypes`
	`74`	`+`
`71`	`75`	`*typ = &proof`
`72`	`76`	`return nil`
`73`	`77`	`}`
`@@ -76,7 +80,10 @@ func AssetProofDecoder(r io.Reader, val any, buf *[8]byte, l uint64) error {`
`76`	`80`
`77`	`81`	`func TaprootAssetProofEncoder(w io.Writer, val any, buf *[8]byte) error {`
`78`	`82`	`if t, ok := val.(*TaprootAssetProof); ok {`
`79`		`- stream, err := tlv.NewStream((*t).Records()...)`
	`83`	`+ records := asset.CombineRecords(`
	`84`	`+ (t).Records(), (t).UnknownOddTypes,`
	`85`	`+ )`
	`86`	`+ stream, err := tlv.NewStream(records...)`
`80`	`87`	`if err != nil {`
`81`	`88`	`return err`
`82`	`89`	`}`
`@@ -105,15 +112,16 @@ func TaprootAssetProofDecoder(r io.Reader, val any, buf *[8]byte,`
`105`	`112`	`return err`
`106`	`113`	`}`
`107`	`114`
`108`		`- // TODO(guggero): Store unknown types (next commits).`
`109`		`- _, err = asset.TlvStrictDecodeP2P(`
	`115`	`+ unknownOddTypes, err := asset.TlvStrictDecodeP2P(`
`110`	`116`	`stream, bytes.NewReader(streamBytes),`
`111`	`117`	`KnownTaprootAssetProofTypes,`
`112`	`118`	`)`
`113`	`119`	`if err != nil {`
`114`	`120`	`return err`
`115`	`121`	`}`
`116`	`122`
	`123`	`+ proof.UnknownOddTypes = unknownOddTypes`
	`124`	`+`
`117`	`125`	`*typ = proof`
`118`	`126`	`return nil`
`119`	`127`	`}`