yetanotherco
diff --git a/‎Makefile‎
Lines changed: 1 addition & 1 deletion b/‎Makefile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎batcher/aligned-sdk/src/sdk.rs‎
Lines changed: 37 additions & 3 deletions b/‎batcher/aligned-sdk/src/sdk.rs‎
Lines changed: 37 additions & 3 deletions
diff --git a/‎docs/architecture/1_fast_mode.md‎
Lines changed: 27 additions & 13 deletions b/‎docs/architecture/1_fast_mode.md‎
Lines changed: 27 additions & 13 deletions
diff --git a/‎docs/architecture/components/2_payment_service_contract.md‎
Lines changed: 61 additions & 12 deletions b/‎docs/architecture/components/2_payment_service_contract.md‎
Lines changed: 61 additions & 12 deletions
@@ -5,7 +5,7 @@ OS := $(shell uname -s)
 CONFIG_FILE?=config-files/config.yaml
 AGG_CONFIG_FILE?=config-files/config-aggregator.yaml
 
-OPERATOR_VERSION=v0.3.0
+OPERATOR_VERSION=v0.4.0
 
 ifeq ($(OS),Linux)
 	BUILD_ALL_FFI = $(MAKE) build_all_ffi_linux
 
@@ -39,7 +39,7 @@ use futures_util::{
 /// * `chain` - The chain on which the verification will be done.
 /// * `verification_data` - An array of verification data of each proof.
 /// * `wallet` - The wallet used to sign the proof.
-/// * `batcher_payment_service_addr` - The address of the batcher payment service.
+/// * `nonce` - The nonce to use.
 /// # Returns
 /// * An array of aligned verification data obtained when submitting the proof.
 /// # Errors
@@ -52,6 +52,12 @@ use futures_util::{
 /// * `EthereumProviderError` if there is an error in the connection with the RPC provider.
 /// * `HexDecodingError` if there is an error decoding the Aligned service manager contract address.
 /// * `BatchVerificationTimeout` if there is a timeout waiting for the batch verification.
+/// * `InvalidSignature` if the signature is invalid.
+/// * `InvalidNonce` if the nonce is invalid.
+/// * `InvalidProof` if the proof is invalid.
+/// * `ProofTooLarge` if the proof is too large.
+/// * `InsufficientBalance` if the sender balance is insufficient or unlocked
+/// * `ProofQueueFlushed` if there is an error in the batcher and the proof queue is flushed.
 /// * `GenericError` if the error doesn't match any of the previous ones.
 pub async fn submit_multiple_and_wait(
     batcher_addr: &str,
@@ -87,7 +93,7 @@ pub async fn submit_multiple_and_wait(
 /// * `eth_rpc_url` - The URL of the Ethereum RPC node.
 /// * `verification_data` - An array of verification data of each proof.
 /// * `wallet` - The wallet used to sign the proof.
-/// * `batcher_payment_service_addr` - The address of the batcher payment service.
+/// * `nonce` - The nonce to use.
 /// # Returns
 /// * An array of aligned verification data obtained when submitting the proof.
 /// # Errors
@@ -97,6 +103,12 @@ pub async fn submit_multiple_and_wait(
 /// * `SerializationError` if there is an error deserializing the message sent from the batcher.
 /// * `WebSocketConnectionError` if there is an error connecting to the batcher.
 /// * `WebSocketClosedUnexpectedlyError` if the connection with the batcher is closed unexpectedly.
+/// * `InvalidSignature` if the signature is invalid.
+/// * `InvalidNonce` if the nonce is invalid.
+/// * `InvalidProof` if the proof is invalid.
+/// * `ProofTooLarge` if the proof is too large.
+/// * `InsufficientBalance` if the sender balance is insufficient or unlocked.
+/// * `ProofQueueFlushed` if there is an error in the batcher and the proof queue is flushed.
 /// * `GenericError` if the error doesn't match any of the previous ones.
 pub async fn submit_multiple(
     batcher_addr: &str,
@@ -179,7 +191,7 @@ async fn _submit_multiple(
 /// * `chain` - The chain on which the verification will be done.
 /// * `verification_data` - The verification data of the proof.
 /// * `wallet` - The wallet used to sign the proof.
-/// * `batcher_payment_service_addr` - The address of the batcher payment service.
+/// * `nonce` - The nonce to use
 /// # Returns
 /// * The aligned verification data obtained when submitting the proof.
 /// # Errors
@@ -192,6 +204,12 @@ async fn _submit_multiple(
 /// * `EthereumProviderError` if there is an error in the connection with the RPC provider.
 /// * `HexDecodingError` if there is an error decoding the Aligned service manager contract address.
 /// * `BatchVerificationTimeout` if there is a timeout waiting for the batch verification.
+/// * `InvalidSignature` if the signature is invalid.
+/// * `InvalidNonce` if the nonce is invalid.
+/// * `InvalidProof` if the proof is invalid.
+/// * `ProofTooLarge` if the proof is too large.
+/// * `InsufficientBalance` if the sender balance is insufficient or unlocked
+/// * `ProofQueueFlushed` if there is an error in the batcher and the proof queue is flushed.
 /// * `GenericError` if the error doesn't match any of the previous ones.
 pub async fn submit_and_wait(
     batcher_addr: &str,
@@ -235,6 +253,12 @@ pub async fn submit_and_wait(
 /// * `SerializationError` if there is an error deserializing the message sent from the batcher.
 /// * `WebSocketConnectionError` if there is an error connecting to the batcher.
 /// * `WebSocketClosedUnexpectedlyError` if the connection with the batcher is closed unexpectedly.
+/// * `InvalidSignature` if the signature is invalid.
+/// * `InvalidNonce` if the nonce is invalid.
+/// * `InvalidProof` if the proof is invalid.
+/// * `ProofTooLarge` if the proof is too large.
+/// * `InsufficientBalance` if the sender balance is insufficient or unlocked
+/// * `ProofQueueFlushed` if there is an error in the batcher and the proof queue is flushed.
 /// * `GenericError` if the error doesn't match any of the previous ones.
 pub async fn submit(
     batcher_addr: &str,
@@ -333,6 +357,16 @@ pub fn get_commitment(content: &[u8]) -> [u8; 32] {
     hasher.finalize().into()
 }
 
+/// Returns the next nonce for a given address.
+/// # Arguments
+/// * `eth_rpc_url` - The URL of the Ethereum RPC node.
+/// * `address` - The address for which the nonce will be retrieved.
+/// * `batcher_contract_address` - The address of the batcher payment service contract.
+/// # Returns
+/// * The next nonce.
+/// # Errors
+/// * `EthereumProviderError` if there is an error in the connection with the RPC provider.
+/// * `EthereumCallError` if there is an error in the Ethereum call.
 pub async fn get_next_nonce(
     eth_rpc_url: &str,
     address: Address,
 
@@ -1,25 +1,39 @@
 ## Fast mode in a nutshell
 
 ## Architecture
+
 Aligned’s architecture is shown in the figure below:
 
 ![Figure 1: Architecture fast mode](../images/aligned_architecture.png)
 
-Here, the validators/AVS operators are the ones responsible for proof verification. They fetch the proof data from the data service and verify it using the different proving systems supported by Aligned.
+Here, the validators/AVS operators are the ones responsible for proof verification.
+They fetch the proof data from the data service and verify it using the different proving systems supported by Aligned.
+
+### What happens when sending a proof and publishing the result on Ethereum?
 
-### Flow for sending a proof and publishing the result on Ethereum
 The flow for sending a proof and having the results on Ethereum is as follows:
-1. The user uses a provided CLI or SDK to send one proof or many to the batcher, and waits.
-2. The batcher answers with a BatchInclusionData for each proof.
-3. The user invokes the VerifyBatchInclusion function in the ServiceManager contract with this data to check that the proof has been verified in Aligned and is included in the batch.
-4. Then, it is checked that the commitment of the proven program matches the expected one.
+
+1. The user uses a provided CLI or SDK to send one or many proofs to the batcher, and waits.
+2. The batcher answers with a ValidityResponse for each proof (if proof, nonce and signature are valid).
+3. The batcher answers with a BatchInclusionData for each proof.
+4. The user invokes the VerifyBatchInclusion function in the ServiceManager contract with this data to check that the
+   proof has been verified in Aligned and is included in the batch.
+5. Then, it is checked that the commitment of the proven program matches the expected one.
 
 ### Full flow with internals of the proof
 
-1. The user uses a provided CLI or SDK to send one proof or many to the batcher, and waits (Alternatively, the user can run a batcher or interact directly with Ethereum).
-2. The batcher accumulates proofs of many users for a small number of blocks (typically 1-3).
-3. The batcher creates a Merkle Tree with commitments of all the data submitted by users, uploads the proofs to the Data Service, and creates the verification task in the ServiceManager.
-4. The operators, using the data in Ethereum, download the proofs from the DataService. They then verify that the Merkle root is equal to the one in Ethereum, and verifies all the proofs.
-5. If the proofs are valid, they sign the root and send this to the BLS signature aggregator.
-6. The signature aggregator accumulates the signed responses until reaching the quorum, then sends the aggregated signature to Ethereum.
-7. Ethereum verifies the aggregated signatures and changes the state of the batch to verified.
+1. The user uses a provided CLI or SDK to send one or more proofs to the batcher, and waits (Alternatively, the user can
+   run a batcher or interact directly with Ethereum).
+2. The batcher accumulates proofs of many users for a small number of blocks (typically 1–3).
+3. The batcher creates a Merkle Tree with commitments of all the data submitted by users, uploads the proofs to the Data
+   Service,
+   and submits it to the [Batcher Payment Service](./components/2_payment_service_contract.md)
+4. The Batcher Payment Service rebuilds the merkle tree, and then verifies user signatures and nonce's.
+5. The Batcher Payment Service sends the batch to
+   the [Aligned Service Manager](./components/3_service_manager_contract.md).
+6. The operators, using the data in Ethereum, download the proofs from the DataService.
+   They then verify that the Merkle root is equal to the one in Ethereum, and verifies all the proofs.
+7. If the proofs are valid, they sign the root and send this to the BLS signature aggregator.
+8. The signature aggregator accumulates the signed responses until reaching the quorum, then sends the aggregated
+   signature to Ethereum.
+9. Ethereum verifies the aggregated signatures and changes the state of the batch from pending to verified.
@@ -1,21 +1,44 @@
 # Payment Service
 
-The Payment Service handles User's payments to fund the verification of their proofs. 
+The Payment Service handles User's payments to fund the verification of their proofs.
 
-To be able to use the batcher, a user must fund its transactions. For this, there is a simple Batcher Payment System.
+To be able to use the batcher, a user must fund its transactions.
+For this, there is a simple Batcher Payment System.
 
-The Batcher has an associated Batcher Payments smart contract, which is in charge of receiving user's payments, and it guarantees that it can only spend these funds to send users' proofs to Aligned.
+The Batcher has an associated Batcher Payments smart contract,
+which is in charge of receiving user's payments,
+and it guarantees that it can only spend these funds to send users' proofs to Aligned.
 
-Users must first deposit into this contract, via a normal transfer to its address, where the Batcher Payment System will update the User's balance.
+Users must first deposit into this contract, via a normal transfer to its address,
+where the Batcher Payment System will update the User's balance.
 
-Then, users can send proofs to the Batcher, the Batcher will preemptively check if the user has funds for this, and once the whole batch is assembled, the Batcher will call its smart contract with the data it has received from the users.
+Users send proofs to the Batcher, which checks for sufficient funds.
+Once a batch is complete, the Batcher calls its smart contract with the collected user data
 
-The smart contract will then discount the corresponding amount of funds from each of the senders' balances, and create a new Batch in [Aligned Service Manager](./3_service_manager_contract.md), sending with it the corresponding amount of tokens for the batch verification to be paid to the [Aggregator](./5_aggregator.md).
+The smart contract deducts funds from senders' balances and creates a new Batch in
+the [Aligned Service Manager](./3_service_manager_contract.md),
+including tokens for batch verification payment to the [Aggregator](./5_aggregator.md).
 
-Users can then withdraw extra funds deposited to the Batcher Payments smart contract, or leave them to fund future proofs.
+Users can then withdraw extra funds deposited to the Batcher Payments smart contract,
+or leave them to fund future proofs.
 
 This way, the Batcher can only use User funds to pay for the verification of the User's proofs.
 
+The Batcher Payment Service guarantees that the Batcher
+will not be able to spend the user funds for anything other than submitting the user's proofs to Aligned.
+
+The way it does is:
+
+- When the batcher calls the smart contract to create a new batch,
+  it gets the batch merkle tree leaves, with each leaf, signed by the user.
+- The contract then rebuilds the merkle tree to check the
+  batch merkle root and verifies the user signatures.
+- Each signature also contains a nonce that can only be used once per user,
+  to avoid the batcher being able to reuse the same signature.
+- Only if the merkle root and the signatures are valid, the contract will
+  discount the corresponding funds from the user's balance and
+  create a new batch in the [Aligned Service Manager](./3_service_manager_contract.md).
+
 ## Details of the contract
 
 ### API
@@ -26,27 +49,53 @@ This way, the Batcher can only use User funds to pay for the verification of the
     receive() external payable
 ```
 
-This function will be called every time a User transfers funds to the smart contract. It will not only receive the funds, but it will also register internally how much the User deposited, to keep track of each User's funds separately. 
-
+This function will be called every time a User transfers funds to the smart contract.
+It will not only receive the funds, but it will also register internally how much the User deposited,
+to keep track of each User's funds separately.
 
 #### Create New Task
 
 ```solidity
     function createNewTask(
         bytes32 batchMerkleRoot,
         string calldata batchDataPointer,
-        address[] calldata proofSubmitters,
+        bytes32[] calldata leaves, // padded to the next power of 2
+        SignatureData[] calldata signatures, // actual length (proof sumbitters == proofs submitted)
         uint256 gasForAggregator,
         uint256 gasPerProof
     ) external onlyBatcher
 ```
 
-This function will be executed only by the Batcher, when it has a batch to post to Aligned. It contains all the information needed to post the batch in [Aligned Service Manager](./3_service_manager_contract.md) (`batchMerkleRoot` and `batchDataPointer`), plus an array containing which are the `proofSubmitters`, so as to discount `gasPerProof` from these, and also the `gasForAggregator`, declaring how much will need to go pay for the response of the batch.
+This function will be executed only by the Batcher when it has a batch to post to Aligned.
+It contains all the information needed to post the batch
+in [Aligned Service Manager](./3_service_manager_contract.md) (`batchMerkleRoot`
+and `batchDataPointer`), plus an array containing which are the `proofSubmitters`, to discount `gasPerProof` from
+these, and also the `gasForAggregator`, declaring how much will need to go pay for the response of the batch.
+
+#### Unlock
+
+```solidity
+    function unlock() external
+```
+
+Any user can call this function to unlock its funds for withdrawal after 100 blocks.
+
+Note that if the user funds are unlocked, the batcher will reject any new proofs from this user until the funds are
+locked again.
+
+#### Lock
+
+```solidity
+    function lock() external
+```
+
+Any user can call this function to lock its funds again after unlocking.
 
 #### Withdraw
 
 ```solidity
     function withdraw(uint256 amount) external
 ```
 
-This function can be called by any User, to freely withdraw any amount of their available balance from the contract.
+Any User can call this function to withdraw any amount of their available balance from the contract,
+only when their funds are unlocked.