tapgarden: enforce matching anchor meta

With this commit we make sure that a new seedling that attempts to mint
into the same group as a previous mint has the same meta fields.

Author: guggero

tapgarden/batch.go

@@ -146,19 +146,7 @@ func (m *MintingBatch) validateGroupAnchor(s *Seedling) error {
 			*s.GroupAnchor)
 	}
 
-	// The decimal display of the seedling must match that of the group
-	// anchor. We already validated the seedling metadata, so we don't care
-	// if the value is explicit or if the metadata is JSON, but we must
-	// compute the same value for both assets.
-	_, seedlingDecDisplay, _ := s.Meta.GetDecDisplay()
-	_, anchorDecDisplay, _ := anchor.Meta.GetDecDisplay()
-	if seedlingDecDisplay != anchorDecDisplay {
-		return fmt.Errorf("seedling decimal display does not match "+
-			"group anchor: %d, %d", seedlingDecDisplay,
-			anchorDecDisplay)
-	}
-
-	return nil
+	return validateAnchorMeta(s.Meta, anchor.Meta)
 }
 
 // MintingOutputKey derives the output key that once mined, will commit to the

tapgarden/seedling.go

@@ -181,6 +181,14 @@ func (c Seedling) validateGroupKey(group asset.AssetGroup,
 			"group asset type %v", group.Genesis.Type)
 	}
 
+	return validateAnchorMeta(c.Meta, anchorMeta)
+}
+
+// validateAnchorMeta checks that the metadata of the seedling matches that of
+// the group anchor, if there is a group anchor.
+func validateAnchorMeta(seedlingMeta *proof.MetaReveal,
+	anchorMeta *proof.MetaReveal) error {
+
 	// The decimal display of the seedling must match that of the group
 	// anchor. We already validated the seedling metadata, so we don't care
 	// if the value is explicit or if the metadata is JSON, but we must
@@ -189,11 +197,9 @@ func (c Seedling) validateGroupKey(group asset.AssetGroup,
 		seedlingDecDisplay uint32
 		anchorDecDisplay   uint32
 	)
-
-	if c.Meta != nil {
-		_, seedlingDecDisplay, _ = c.Meta.GetDecDisplay()
+	if seedlingMeta != nil {
+		_, seedlingDecDisplay, _ = seedlingMeta.GetDecDisplay()
 	}
-
 	if anchorMeta != nil {
 		_, anchorDecDisplay, _ = anchorMeta.GetDecDisplay()
 	}
@@ -204,6 +210,33 @@ func (c Seedling) validateGroupKey(group asset.AssetGroup,
 			anchorDecDisplay)
 	}
 
+	// If the anchor asset had universe commitments turned on, then the
+	// seedling must also have them.
+	var (
+		seedlingUniverseCommitments bool
+		anchorUniverseCommitments   bool
+	)
+	if seedlingMeta != nil && seedlingMeta.UniverseCommitments {
+		seedlingUniverseCommitments = true
+	}
+	if anchorMeta != nil && anchorMeta.UniverseCommitments {
+		anchorUniverseCommitments = true
+	}
+
+	if seedlingUniverseCommitments != anchorUniverseCommitments {
+		return fmt.Errorf("seedling universe commitments flag does "+
+			"not match group anchor: %v, %v",
+			seedlingUniverseCommitments, anchorUniverseCommitments)
+	}
+
+	// For now, we simply require a delegation key to be set when universe
+	// commitments are turned on. In the future, we could allow this to be
+	// empty and the group internal key to be used for signing.
+	if seedlingUniverseCommitments && seedlingMeta.DelegationKey.IsNone() {
+		return fmt.Errorf("delegation key must be set for universe " +
+			"commitments flag")
+	}
+
 	return nil
 }