Merge branch 'main' into debug-assert-in-contract

Author: mootz12

Cargo.lock

@@ -15,40 +15,42 @@ members = [
 ]
 
 [workspace.package]
-version = "25.3.0"
+version = "26.0.0-rc.1"
 rust-version = "1.91.0"
 
 [workspace.dependencies]
-soroban-sdk = { version = "25.3.0", path = "soroban-sdk" }
-soroban-sdk-macros = { version = "25.3.0", path = "soroban-sdk-macros" }
-soroban-meta = { version = "25.3.0", path = "soroban-meta" }
-soroban-spec = { version = "25.3.0", path = "soroban-spec" }
-soroban-spec-rust = { version = "25.3.0", path = "soroban-spec-rust" }
-soroban-ledger-snapshot = { version = "25.3.0", path = "soroban-ledger-snapshot" }
-soroban-token-sdk = { version = "25.3.0", path = "soroban-token-sdk" }
-soroban-token-spec = { version = "25.3.0", path = "soroban-token-spec" }
-stellar-asset-spec = { version = "25.3.0", path = "stellar-asset-spec" }
+soroban-sdk = { version = "26.0.0-rc.1", path = "soroban-sdk" }
+soroban-sdk-macros = { version = "26.0.0-rc.1", path = "soroban-sdk-macros" }
+soroban-meta = { version = "26.0.0-rc.1", path = "soroban-meta" }
+soroban-spec = { version = "26.0.0-rc.1", path = "soroban-spec" }
+soroban-spec-rust = { version = "26.0.0-rc.1", path = "soroban-spec-rust" }
+soroban-ledger-snapshot = { version = "26.0.0-rc.1", path = "soroban-ledger-snapshot" }
+soroban-token-sdk = { version = "26.0.0-rc.1", path = "soroban-token-sdk" }
+soroban-token-spec = { version = "26.0.0-rc.1", path = "soroban-token-spec" }
+stellar-asset-spec = { version = "26.0.0-rc.1", path = "stellar-asset-spec" }
 
 [workspace.dependencies.soroban-env-common]
-version = "=25.0.1"
+version = "=26.0.1"
 # git = "https://github.com/stellar/rs-soroban-env"
-# rev = "cf58d535ab05d02802a5e804a95524650f8c62c7"
+# rev = "f4d7b3299df8fc19e92769d0a26be2d032b78ccb"
 
 [workspace.dependencies.soroban-env-guest]
-version = "=25.0.1"
+version = "=26.0.1"
 # git = "https://github.com/stellar/rs-soroban-env"
-# rev = "cf58d535ab05d02802a5e804a95524650f8c62c7"
+# rev = "f4d7b3299df8fc19e92769d0a26be2d032b78ccb"
 
 [workspace.dependencies.soroban-env-host]
-version = "=25.0.1"
+version = "=26.0.1"
 # git = "https://github.com/stellar/rs-soroban-env"
-# rev = "cf58d535ab05d02802a5e804a95524650f8c62c7"
+# rev = "f4d7b3299df8fc19e92769d0a26be2d032b78ccb"
 
 [workspace.dependencies.stellar-strkey]
 version = "=0.0.16"
 
 [workspace.dependencies.stellar-xdr]
-version = "=25.0.0"
+version = "=26.0.0"
+# git = "https://github.com/stellar/rs-stellar-xdr"
+# rev = "dd7a165a193126fd37a751d867bee1cb8f3b55a6"
 default-features = false
 features = ["curr"]
 

Cargo.toml

@@ -219,9 +219,8 @@ deny = [
 
 # Certain crates/versions that will be skipped when doing duplicate detection.
 skip = [
-    { name = "hashbrown", version = "=0.13.2" },
+    { name = "hashbrown", version = "=0.14.5" },
     { name = "stellar-strkey", version = "=0.0.13" },
-    { name = "syn", version = "=1.0.109" },
 ]
 # Similarly to `skip` allows you to skip certain crates during duplicate
 # detection. Unlike skip, it also includes the entire tree of transitive

deny.toml

@@ -260,7 +260,7 @@ impl LedgerSnapshot {
 impl Default for LedgerSnapshot {
     fn default() -> Self {
         Self {
-            protocol_version: 25,
+            protocol_version: 26,
             sequence_number: Default::default(),
             timestamp: Default::default(),
             network_id: Default::default(),

soroban-ledger-snapshot/src/lib.rs

@@ -22,7 +22,7 @@ stellar-xdr = { workspace = true, features = ["curr", "std"] }
 syn = {version="2.0.77",features=["full"]}
 quote = "1.0"
 proc-macro2 = "1.0"
-itertools = "0.10.5"
+itertools = "0.13.0"
 darling = "0.20.10"
 macro-string = "0.1.4"
 sha2 = "0.10.7"

soroban-sdk-macros/Cargo.toml

@@ -1,3 +1,40 @@
+//! # Migrating from v25 to v26
+//!
+//! 1. Add support for [CAP-78: Host functions for performing limited TTL extensions](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0078.md).
+//!    New `extend_ttl_with_limits` methods on [`Persistent`], [`Instance`], and
+//!    [`Deployer`] provide bounded control over TTL extensions with `min_extension` and
+//!    `max_extension` parameters.
+//!
+//! 2. Add support for [CAP-82: Checked 256-bit integer arithmetic host functions](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0082.md).
+//!    New `checked_*` methods on [`U256`] and [`I256`] (`checked_add`, `checked_sub`,
+//!    `checked_mul`, `checked_div`, `checked_pow`, `checked_rem_euclid`, `checked_shl`,
+//!    `checked_shr`) return `Option` instead of panicking on overflow. Also adds
+//!    `min_value` and `max_value` methods on [`U256`] and [`I256`] to fetch the
+//!    value bounds of each type.
+//!
+//! 3. Add support for [CAP-80: Host functions for efficient ZK BN254 use cases](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0080.md).
+//!    [`BN254`] gains scalar field arithmetic (`Fr` `Add`/`Sub`/`Mul` traits, `pow`, `inv`),
+//!    multi-scalar multiplication (`g1_msm`), and curve validation (`g1_is_on_curve`).
+//!    [`BLS12381`] gains `g1_is_on_curve` and `g2_is_on_curve`.
+//!
+//! 4. Add support for [CAP-79: Host functions for muxed address strkey conversions](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0079.md).
+//!    New method [`MuxedAddress::to_strkey`] converts muxed addresses to Stellar strkey format.
+//!
+//! 5. Add support for [CAP-73: Allow SAC to create G-account balances](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0073.md).
+//!    Update the [`StellarAssetInterface`] to include the new method [`StellarAssetInterface::trust`]. This method creates
+//!    an unlimited trustline for the contract's asset, if applicable.
+//!
+//! [`Persistent`]: crate::storage::Persistent
+//! [`Instance`]: crate::storage::Instance
+//! [`Deployer`]: crate::deploy::Deployer
+//! [`U256`]: crate::U256
+//! [`I256`]: crate::I256
+//! [`MuxedAddress::to_strkey`]: crate::MuxedAddress::to_strkey
+//! [`StellarAssetInterface`]: crate::token::StellarAssetInterface
+//! [`StellarAssetInterface::trust`]: crate::token::StellarAssetInterface::trust
+//! [`BN254`]: crate::crypto::bn254
+//! [`BLS12381`]: crate::crypto::bls12_381
+//!
 //! # Migrating from v23 to v25
 //!
 //! 1. [`Events::all()` return type changed from `Vec<(Address, Vec<Val>, Val)>` to `ContractEvents`][v25_event_testing].

soroban-sdk/src/_migrating.rs

@@ -267,8 +267,36 @@ impl CryptoHazmat {
 
     /// Performs a Poseidon permutation on the input state vector.
     ///
-    /// WARNING: This is a low-level permutation function. Most users should use
-    /// the higher-level `poseidon_hash` function instead.
+    /// This is a **low-level** permutation primitive. For safe, user-friendly
+    /// hash functions, use
+    /// [`rs-soroban-poseidon`](https://github.com/stellar/rs-soroban-poseidon)
+    /// instead, which provides input validation and standard hash constructions.
+    ///
+    /// # Field elements and `U256`
+    ///
+    /// All `U256` values (`input`, `mds`, `round_constants`) are generic
+    /// representations of field elements in the prime field specified by
+    /// `field`. If a `U256` value exceeds the field modulus, it is **silently
+    /// reduced mod the field order**. Two distinct `U256` inputs that reduce
+    /// to the same field element will produce the same output, leading to
+    /// unintended collisions. Callers must ensure inputs are already in the
+    /// valid field range.
+    ///
+    /// # Parameters
+    ///
+    /// - `input`: state vector of `t` field elements.
+    /// - `field`: the prime field (`"BLS12_381"` or `"BN254"`).
+    /// - `t`: state size (number of field elements).
+    /// - `d`: S-box degree (5 for BLS12-381 and BN254).
+    /// - `rounds_f`: number of full rounds (must be even).
+    /// - `rounds_p`: number of partial rounds.
+    /// - `mds`: `t`-by-`t` MDS matrix as `Vec<Vec<U256>>`.
+    /// - `round_constants`: `(rounds_f + rounds_p)`-by-`t` matrix of round
+    ///   constants as `Vec<Vec<U256>>`.
+    ///
+    /// # Panics
+    ///
+    /// If any dimension is inconsistent or if `field` is unsupported.
     pub fn poseidon_permutation(
         &self,
         input: &Vec<U256>,
@@ -299,8 +327,38 @@ impl CryptoHazmat {
 
     /// Performs a Poseidon2 permutation on the input state vector.
     ///
-    /// WARNING: This is a low-level permutation function. Most users should use
-    /// the higher-level `poseidon2_hash` function instead.
+    /// This is a **low-level** permutation primitive. For safe, user-friendly
+    /// hash functions, use
+    /// [`rs-soroban-poseidon`](https://github.com/stellar/rs-soroban-poseidon)
+    /// instead, which provides input validation and standard hash constructions.
+    ///
+    /// # Field elements and `U256`
+    ///
+    /// All `U256` values (`input`, `mat_internal_diag_m_1`, `round_constants`)
+    /// are generic representations of field elements in the prime field
+    /// specified by `field`. If a `U256` value exceeds the field modulus, it
+    /// is **silently reduced mod the field order**. Two distinct `U256` inputs
+    /// that reduce to the same field element will produce the same output,
+    /// leading to unintended collisions. Callers must ensure inputs are
+    /// already in the valid field range.
+    ///
+    /// # Parameters
+    ///
+    /// - `input`: state vector of `t` field elements.
+    /// - `field`: the prime field (`"BLS12_381"` or `"BN254"`).
+    /// - `t`: state size (number of field elements). Only
+    ///   `t` ∈ {2, 3, 4, 8, 12, 16, 20, 24} are supported.
+    /// - `d`: S-box degree (5 for BLS12-381 and BN254).
+    /// - `rounds_f`: number of full rounds (must be even).
+    /// - `rounds_p`: number of partial rounds.
+    /// - `mat_internal_diag_m_1`: diagonal of the internal matrix minus the
+    ///   identity, as `Vec<U256>` of length `t`.
+    /// - `round_constants`: `(rounds_f + rounds_p)`-by-`t` matrix of round
+    ///   constants as `Vec<Vec<U256>>`.
+    ///
+    /// # Panics
+    ///
+    /// If any dimension is inconsistent or if `field` is unsupported.
     pub fn poseidon2_permutation(
         &self,
         input: &Vec<U256>,

soroban-sdk/src/crypto.rs

@@ -603,6 +603,14 @@ impl Bls12_381 {
         res.into()
     }
 
+    /// Checks if a G1 point is on the BLS12-381 curve (no subgroup check).
+    pub fn g1_is_on_curve(&self, point: &G1Affine) -> bool {
+        let env = self.env();
+        internal::Env::bls12_381_g1_is_on_curve(env, point.to_object())
+            .unwrap_infallible()
+            .into()
+    }
+
     /// Adds two points `p0` and `p1` in G1.
     pub fn g1_add(&self, p0: &G1Affine, p1: &G1Affine) -> G1Affine {
         let env = self.env();
@@ -671,6 +679,14 @@ impl Bls12_381 {
         res.into()
     }
 
+    /// Checks if a G2 point is on the BLS12-381 curve (no subgroup check).
+    pub fn g2_is_on_curve(&self, point: &G2Affine) -> bool {
+        let env = self.env();
+        internal::Env::bls12_381_g2_is_on_curve(env, point.to_object())
+            .unwrap_infallible()
+            .into()
+    }
+
     /// Adds two points `p0` and `p1` in G2.
     pub fn g2_add(&self, p0: &G2Affine, p1: &G2Affine) -> G2Affine {
         let env = self.env();

soroban-sdk/src/crypto/bls12_381.rs

@@ -2,15 +2,15 @@
 use crate::xdr::ScVal;
 use crate::{
     crypto::utils::BigInt,
-    env::internal::{self, BytesObject, U256Val},
+    env::internal::{self, BytesObject, U256Val, U64Val},
     impl_bytesn_repr_without_from_bytes,
     unwrap::{UnwrapInfallible, UnwrapOptimized},
     Bytes, BytesN, ConversionError, Env, IntoVal, TryFromVal, Val, Vec, U256,
 };
 use core::{
     cmp::Ordering,
     fmt::Debug,
-    ops::{Add, Mul, Neg},
+    ops::{Add, Mul, Neg, Sub},
 };
 
 pub const BN254_FP_SERIALIZED_SIZE: usize = 32; // Size in bytes of a serialized Bn254Fp element in BN254. The field modulus is 254 bits, requiring 32 bytes (256 bits).
@@ -254,6 +254,38 @@ impl Fr {
     pub fn to_val(&self) -> Val {
         self.0.to_val()
     }
+
+    pub fn pow(&self, rhs: u64) -> Self {
+        self.env().crypto().bn254().fr_pow(self, rhs)
+    }
+
+    pub fn inv(&self) -> Self {
+        self.env().crypto().bn254().fr_inv(self)
+    }
+}
+
+impl Add for Fr {
+    type Output = Fr;
+
+    fn add(self, rhs: Self) -> Self::Output {
+        self.env().crypto().bn254().fr_add(&self, &rhs)
+    }
+}
+
+impl Sub for Fr {
+    type Output = Fr;
+
+    fn sub(self, rhs: Self) -> Self::Output {
+        self.env().crypto().bn254().fr_sub(&self, &rhs)
+    }
+}
+
+impl Mul for Fr {
+    type Output = Fr;
+
+    fn mul(self, rhs: Self) -> Self::Output {
+        self.env().crypto().bn254().fr_mul(&self, &rhs)
+    }
 }
 
 // BN254 scalar field modulus r in big-endian bytes.
@@ -386,6 +418,59 @@ impl Bn254 {
             .unwrap_infallible()
             .into()
     }
+
+    /// Performs a multi-scalar multiplication (MSM) operation in G1.
+    pub fn g1_msm(&self, vp: Vec<Bn254G1Affine>, vs: Vec<Fr>) -> Bn254G1Affine {
+        let env = self.env();
+        let bin = internal::Env::bn254_g1_msm(env, vp.into(), vs.into()).unwrap_infallible();
+        unsafe { Bn254G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) }
+    }
+
+    /// Checks if a G1 point is on the BN254 curve.
+    pub fn g1_is_on_curve(&self, point: &Bn254G1Affine) -> bool {
+        let env = self.env();
+        internal::Env::bn254_g1_is_on_curve(env, point.to_object())
+            .unwrap_infallible()
+            .into()
+    }
+
+    // scalar arithmetic
+
+    /// Adds two scalars in the BN254 scalar field `Fr`.
+    pub fn fr_add(&self, lhs: &Fr, rhs: &Fr) -> Fr {
+        let env = self.env();
+        let v = internal::Env::bn254_fr_add(env, lhs.into(), rhs.into()).unwrap_infallible();
+        U256::try_from_val(env, &v).unwrap_infallible().into()
+    }
+
+    /// Subtracts one scalar from another in the BN254 scalar field `Fr`.
+    pub fn fr_sub(&self, lhs: &Fr, rhs: &Fr) -> Fr {
+        let env = self.env();
+        let v = internal::Env::bn254_fr_sub(env, lhs.into(), rhs.into()).unwrap_infallible();
+        U256::try_from_val(env, &v).unwrap_infallible().into()
+    }
+
+    /// Multiplies two scalars in the BN254 scalar field `Fr`.
+    pub fn fr_mul(&self, lhs: &Fr, rhs: &Fr) -> Fr {
+        let env = self.env();
+        let v = internal::Env::bn254_fr_mul(env, lhs.into(), rhs.into()).unwrap_infallible();
+        U256::try_from_val(env, &v).unwrap_infallible().into()
+    }
+
+    /// Raises a scalar to the power of a given exponent in the BN254 scalar field `Fr`.
+    pub fn fr_pow(&self, lhs: &Fr, rhs: u64) -> Fr {
+        let env = self.env();
+        let rhs = U64Val::try_from_val(env, &rhs).unwrap_optimized();
+        let v = internal::Env::bn254_fr_pow(env, lhs.into(), rhs).unwrap_infallible();
+        U256::try_from_val(env, &v).unwrap_infallible().into()
+    }
+
+    /// Computes the multiplicative inverse of a scalar in the BN254 scalar field `Fr`.
+    pub fn fr_inv(&self, lhs: &Fr) -> Fr {
+        let env = self.env();
+        let v = internal::Env::bn254_fr_inv(env, lhs.into()).unwrap_infallible();
+        U256::try_from_val(env, &v).unwrap_infallible().into()
+    }
 }
 
 #[cfg(test)]