This crate provides an implementation of the Proof-Carrying-Data predicate TransactionChainProof, which was first described in the paper NFT Trade in Bitcoin with Off-chain Receipts, Kiraz, M, Larraia, E., Vaughan, O., Application Intelligence and Blockchain Security Workshop (AIBlock) in conjunction with ACNS 2023.
A transaction chain at indices (input_index, output_index) is a sequence (Tx0, .., Txn) of Bitcoin transactions such that for every 0 <= i <= n-1
Tx(i+1).inputs[input_index] = (Txi.txid(), output_index)
Namely, the input of Tx(i+1) at position input_index is the output of Txi at position output_index.
The crate implements two PCD predicates using the Arkworks PCD crate:1
Both predicates are used to prove the following statement:
"The UTXO
(Txn, input_index)is part of a transaction chain at indices(input_index, output_index)starting at the transaction with TxIDgenesis_txid"
the difference is that in TransactionChainProofPredicate the prover only shows to the verifier (Txn, input_index) (the genesis_txid is assumed to have been agreed upon), while in UniversalTransactionChainProofPredicate the prover shows the verifier (Txn, input_index) and genesis_txid.
In a nutshell, this difference means that when using TransactionChainProofPredicate in a SNARK genesis_txid is hard-coded in the verifying key, while when using UniversalTransactionChainProofPredicate genesis_txid is passed as a public input.
The library compiles on the nightly toolchain of the Rust compiler. To install the latest version of Rust, first install rustup by following the instructions here, or via your platform's package manager. Once rustup is installed, install the Rust toolchain by invoking:
rustup install nightlyAfter that, you can clone and test the library by using cargo
git clone https://github.com/nchain-innovation/transaction_chain_proof
cd transaction_chain_proof
cargo testFor further documentation on the structures and function implemented in the library, use cargo
cargo doc --openThe code and resources within this repository are intended for research and educational purposes only.
Please note:
- No guarantees are provided regarding the security or the performance of the code.
- Users are responsible for validating the code and understanding its implications before using it in any capacity.
- There may be edge cases causing bugs or unexpected behaviours. Please contact us if you find any bug.
The code is released under the attached LICENSE.
[1]: We forked the original ark_pcd crate and modified it so that it works with elliptic curves in Short Weierstrass form. You can find the fork here.