driver

package
v0.14.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 7, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// ProtocolV1 demarks the V1 version of the protocol
	// This version uses a secure structured format with explicit Request and Anchor fields,
	// providing robust boundary separation and preventing collision attacks.
	ProtocolV1 = 1

	// MaxAnchorSize defines the maximum allowed size for anchor parameter in bytes.
	// This limit prevents potential DoS attacks through excessive memory allocation.
	MaxAnchorSize = 128 // bytes
)

Variables

View Source
var (
	// ErrAnchorEmpty is returned when the anchor parameter is empty in V1 protocol
	ErrAnchorEmpty = errors.New("anchor cannot be empty")

	// ErrAnchorTooLarge is returned when the anchor exceeds MaxAnchorSize in V1 protocol
	ErrAnchorTooLarge = errors.Errorf("anchor size exceeds maximum allowed size of %d bytes", MaxAnchorSize)

	// ErrUnsupportedVersion is returned when an unsupported protocol version is encountered
	ErrUnsupportedVersion = errors.New("unsupported token request version")

	// ErrInvalidVersion is returned when the protocol version is 0 (invalid)
	ErrInvalidVersion = errors.New("invalid token request: protocol version cannot be 0")

	// ErrVersionBelowMinimum is returned when the protocol version is below the configured minimum
	ErrVersionBelowMinimum = errors.New("token request protocol version is below minimum required version")
)

Typed errors for protocol validation

Functions

func ToProtoAuditableIdentitySlice

func ToProtoAuditableIdentitySlice(identities []Identity) []*request.AuditableIdentity

ToProtoAuditableIdentitySlice converts []Identity to []*request.AuditableIdentity

func ToProtoAuditableIdentitySliceFromAuditable

func ToProtoAuditableIdentitySliceFromAuditable(identities []AuditableIdentity) ([]*request.AuditableIdentity, error)

ToProtoAuditableIdentitySliceFromAuditable converts []AuditableIdentity to []*request.AuditableIdentity

func ToProtoIdentitySlice

func ToProtoIdentitySlice(identities []Identity) []*protosv1.Identity

ToProtoIdentitySlice converts []Identity to []*driver.Identity

func ToTokenID

func ToTokenID(id *protosv1.TokenID) *token.ID

ToTokenID converts *driver.TokenID to *token.ID

Types

type Action

type Action interface {
	Validate() error
}

type ActionDeserializer

type ActionDeserializer[TA TransferAction, IA IssueAction] interface {
	DeserializeActions(tr *TokenRequest) ([]IA, []TA, error)
}

type ActionMetadataEntry

type ActionMetadataEntry struct {
	ActionID         uint32            // Position in Actions slice
	IssueMetadata    *IssueMetadata    // Non-nil if this is an issue action
	TransferMetadata *TransferMetadata // Non-nil if this is a transfer action
}

ActionMetadataEntry represents metadata for a single action with its ID and type-discriminated metadata

type ActionSignature

type ActionSignature struct {
	ActionID  uint32
	Signature []byte
}

func (*ActionSignature) FromProtos

func (r *ActionSignature) FromProtos(tr *request.ActionSignature) error

func (*ActionSignature) ToProtos

func (r *ActionSignature) ToProtos() (*request.ActionSignature, error)

type ActionWithInputs

type ActionWithInputs interface {
	// NumInputs returns the number of inputs in the action
	NumInputs() int
	// GetInputs returns the identifiers of the inputs in the action.
	GetInputs() []*token.ID
	// GetSerializedInputs returns the serialized inputs of the action
	GetSerializedInputs() ([][]byte, error)
	// GetSerialNumbers returns the serial numbers of the inputs if this action supports graph hiding
	GetSerialNumbers() []string
	// IsGraphHiding returns true if the action is graph hiding
	IsGraphHiding() bool
	// GetMetadata returns the action's metadata
	GetMetadata() map[string][]byte
	// ExtraSigners returns the extra signers of the action
	ExtraSigners() []Identity
}

ActionWithInputs models an action with inputs

type AuditInfoProvider

type AuditInfoProvider interface {
	// GetAuditInfo returns the audit information for the given identity, if available.
	GetAuditInfo(ctx context.Context, identity Identity) ([]byte, error)
}

AuditInfoProvider models a provider of audit information

type AuditMatcherProvider

type AuditMatcherProvider interface {
	MatcherDeserializer
	MatchIdentity(ctx context.Context, id Identity, ai []byte) error
	GetAuditInfo(ctx context.Context, id Identity, p AuditInfoProvider) ([]byte, error)
}

AuditMatcherProvider provides audit related deserialization functionalities

type AuditableIdentity

type AuditableIdentity struct {
	Identity  Identity
	AuditInfo []byte
}

func FromProtoAuditableIdentitySliceToAuditable

func FromProtoAuditableIdentitySliceToAuditable(identities []*request.AuditableIdentity) ([]AuditableIdentity, error)

FromProtoAuditableIdentitySliceToAuditable converts []*request.AuditableIdentity to []AuditableIdentity

func (*AuditableIdentity) FromProtos

func (a *AuditableIdentity) FromProtos(auditableIdentity *request.AuditableIdentity) error

func (*AuditableIdentity) ToProtos

type AuditorService

type AuditorService interface {
	// AuditorCheck performs a comprehensive validation of a token request and its metadata.
	// It ensures that the transaction is well-formed and meets all auditing requirements
	// within the context of the provided anchor.
	AuditorCheck(ctx context.Context, request *TokenRequest, metadata *TokenRequestMetadata, anchor TokenRequestAnchor) error
}

AuditorService defines the methods for auditing token transactions. It provides mechanisms for authorized auditors to inspect transaction requests and their associated metadata and anchor to ensure compliance and validity.

type AuditorSignature

type AuditorSignature struct {
	Identity  Identity
	Signature []byte
}

func (*AuditorSignature) FromProtos

func (r *AuditorSignature) FromProtos(tr *request.AuditorSignature) error

func (*AuditorSignature) ToProtos

func (r *AuditorSignature) ToProtos() (*request.AuditorSignature, error)

type AuditorWallet

type AuditorWallet interface {
	Wallet

	// GetAuditorIdentity returns an auditor identity.
	// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
	GetAuditorIdentity() (Identity, error)
}

AuditorWallet models the wallet of an auditor

type Authorization

type Authorization interface {
	// IsMine determines if a given token belongs to a known owner wallet.
	// It returns the ID of the wallet (if any) and additional identifiers that may indicate ownership,
	// along with a boolean indicating if the token is indeed owned.
	IsMine(ctx context.Context, tok *token.Token) (walletID string, additionalOwners []string, mine bool)

	// AmIAnAuditor checks if the service has auditor privileges based on its configuration and identities.
	AmIAnAuditor() bool

	// Issued checks if a specific issuer, identified by their identity, was the one that issued the token.
	Issued(ctx context.Context, issuer Identity, tok *token.Token) bool

	// OwnerType determines the type of the token's owner and extracts the owner's raw identity.
	OwnerType(raw []byte) (IdentityType, []byte, error)
}

Authorization checks the relationship between a token and different wallet types (owner, issuer, auditor). It determines if a given wallet can perform specific actions on a token.

type CertificationClient

type CertificationClient interface {
	// IsCertified checks if a specific token identifier has already been certified.
	IsCertified(ctx context.Context, id *token.ID) bool
	// RequestCertification initiates the certification process for the given list of token identifiers.
	RequestCertification(ctx context.Context, ids ...*token.ID) error
}

CertificationClient provides methods to check token certification status and request new certifications.

type CertificationService

type CertificationService interface {
	// NewCertificationRequest creates a serialized certification request for the specified token identifiers.
	NewCertificationRequest(ids []*token.ID) ([]byte, error)

	// Certify uses the provided certifier wallet and ledger representations to certify a list of token identifiers.
	// It takes as input the certification request and the raw token data as stored on the ledger.
	Certify(wallet CertifierWallet, ids []*token.ID, tokens [][]byte, request []byte) ([][]byte, error)

	// VerifyCertifications validates the provided certifications for a given list of token identifiers.
	// It returns the processed certifications if they are valid, or an error otherwise.
	VerifyCertifications(ids []*token.ID, certifications [][]byte) ([][]byte, error)
}

CertificationService handles the generation and verification of token certifications. Certifications provide proofs of a token's validity and status, often used in complex transaction scenarios or cross-network interactions.

type CertificationStorage

type CertificationStorage interface {
	// Exists checks if a certification exists for the specified token ID.
	Exists(ctx context.Context, id *token.ID) bool
	// Store saves the provided certifications for the given token IDs.
	Store(ctx context.Context, certifications map[*token.ID][]byte) error
}

CertificationStorage provides methods for storing and checking the existence of token certifications.

type CertifierWallet

type CertifierWallet interface {
	Wallet

	// GetCertifierIdentity returns a certifier identity.
	// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
	GetCertifierIdentity() (Identity, error)
}

CertifierWallet models the wallet of a certifier

type Configuration

type Configuration interface {
	// ID returns the unique identifier of the TMS to which this configuration applies.
	ID() TMSID

	// IsSet checks if a specific configuration key is defined.
	IsSet(key string) bool

	// UnmarshalKey decodes the configuration value associated with a key into a provided struct or interface.
	// The key is typically relative to the TMS configuration block.
	UnmarshalKey(key string, rawVal any) error

	// GetString retrieves the value for a key as a string.
	GetString(key string) string

	// GetBool retrieves the value for a key as a boolean.
	GetBool(key string) bool

	// TranslatePath converts a relative configuration path into an absolute file system path.
	TranslatePath(path string) string
}

Configuration provides methods for accessing the configuration of a specific Token Management Service (TMS). It abstracts the configuration's source and structure, allowing the TMS to retrieve settings such as identifiers, paths, and values in different formats.

type Deserializer

type Deserializer interface {
	// GetOwnerVerifier returns a signature verifier for a given owner identity.
	GetOwnerVerifier(ctx context.Context, id Identity) (Verifier, error)

	// GetIssuerVerifier returns a signature verifier for a given issuer identity.
	GetIssuerVerifier(ctx context.Context, id Identity) (Verifier, error)

	// GetAuditorVerifier returns a signature verifier for a given auditor identity.
	GetAuditorVerifier(ctx context.Context, id Identity) (Verifier, error)

	// Recipients extracts all recipient identities from a given serialized identity.
	Recipients(raw Identity) ([]Identity, error)

	// GetAuditInfoMatcher provides an identity matcher for a given identity and its audit metadata.
	GetAuditInfoMatcher(ctx context.Context, owner Identity, auditInfo []byte) (Matcher, error)

	// MatchIdentity checks if a specific identity corresponds to the provided audit data.
	MatchIdentity(ctx context.Context, id Identity, ai []byte) error

	// GetAuditInfo retrieves the audit information for a specific identity using an AuditInfoProvider.
	GetAuditInfo(ctx context.Context, id Identity, p AuditInfoProvider) ([]byte, error)
}

Deserializer provides methods for converting serialized identities (owner, issuer, auditor) into cryptographic signature verifiers, which are used to validate transaction signatures.

type Driver

type Driver interface {
	PPReader
	// NewTokenService returns a new TokenManagerService instance.
	NewTokenService(tmsID TMSID, publicParams []byte) (TokenManagerService, error)
}

Driver is the interface that must be implemented by a token driver to create TokenManagerService instances.

type Extras

type Extras = map[string][]byte

type FullIdentity

type FullIdentity interface {
	SigningIdentity
	Verifier
}

FullIdentity defines an identity that can both sign messages and verify signatures.

type GetStateFnc

type GetStateFnc = func(id token.ID) ([]byte, error)

GetStateFnc models a function that returns the value for the given key from the ledger

type Identity

type Identity = view.Identity

Identity represents a generic identity

func FromProtoAuditableIdentitySlice

func FromProtoAuditableIdentitySlice(identities []*request.AuditableIdentity) []Identity

FromProtoAuditableIdentitySlice converts []*request.AuditableIdentity to []Identity

func FromProtoIdentitySlice

func FromProtoIdentitySlice(identities []*protosv1.Identity) []Identity

FromProtoIdentitySlice converts []*driver.Identity to []Identity

func ToIdentity

func ToIdentity(id *protosv1.Identity) Identity

ToIdentity converts *driver.Identity to Identity

type IdentityConfiguration

type IdentityConfiguration struct {
	// ID is the unique identifier for this identity configuration.
	ID string
	// Type is the type of the identity (e.g., "bccsp", "idemix").
	Type string
	// URL is the location of the identity's credential material (e.g., path to MSP folder).
	URL string
	// Config contains driver-specific configuration options in encoded format.
	Config []byte
	// Raw contains the raw identity material if already loaded.
	Raw []byte
}

IdentityConfiguration contains configuration-related information of an identity. It is used to describe how an identity should be loaded and managed by Panurus.

type IdentityProvider

type IdentityProvider interface {
	// RegisterRecipientData stores information about a token recipient, including their identity and audit metadata.
	RegisterRecipientData(ctx context.Context, data *RecipientData) error

	// GetAuditInfo retrieves the audit data associated with a specific identity.
	GetAuditInfo(ctx context.Context, identity Identity) ([]byte, error)

	// GetSigner returns a cryptographic signer for a given identity, enabling signature generation.
	GetSigner(ctx context.Context, identity Identity) (Signer, error)

	// RegisterSigner registers a pair of signer and verifier for a specific identity,
	// along with additional identity information.
	RegisterSigner(ctx context.Context, identity Identity, signer Signer, verifier Verifier, signerInfo []byte, ephemeral bool) error

	// AreMe checks a list of identities and returns those that have signers registered with this provider.
	AreMe(ctx context.Context, identities ...Identity) []string

	// IsMe returns true if a signer has been registered for the specified identity.
	IsMe(ctx context.Context, party Identity) bool

	// GetEnrollmentID extracts the enrollment identifier from the provided audit information for a specific identity.
	GetEnrollmentID(ctx context.Context, identity Identity, auditInfo []byte) (string, error)

	// GetRevocationHandler extracts the revocation handler from the provided audit information for a specific identity.
	GetRevocationHandler(ctx context.Context, identity Identity, auditInfo []byte) (string, error)

	// GetEIDAndRH returns both the enrollment ID and the revocation handle associated with a specific identity and its audit data.
	GetEIDAndRH(ctx context.Context, identity Identity, auditInfo []byte) (string, string, error)

	// Bind associates a long-term identity with one or more ephemeral (short-term) identities.
	Bind(ctx context.Context, longTerm Identity, ephemeralIdentities ...Identity) error

	// RegisterRecipientIdentity registers a third-party recipient's identity without requiring audit information initially.
	RegisterRecipientIdentity(ctx context.Context, id Identity) error
}

IdentityProvider provides services for managing identities, including signing, verification, and audit information. It acts as a central registry for identities and their associated cryptographic materials.

type IdentityType

type IdentityType = int32

IdentityType identifies the type of identity

const (
	ZeroIdentityType       IdentityType = 0 //
	IdemixIdentityType     IdentityType = 1
	X509IdentityType       IdentityType = 2
	IdemixNymIdentityType  IdentityType = 3
	HTLCScriptIdentityType IdentityType = 4
	MultiSigIdentityType   IdentityType = 5
	PolicyIdentityType     IdentityType = 6
)

This is a list of reserved identities

type IdentityTypeString

type IdentityTypeString = string

IdentityTypeString identifies the type of identity as a string

const (
	IdemixIdentityTypeString     IdentityTypeString = "idemix"
	X509IdentityTypeString       IdentityTypeString = "x509"
	IdemixNymIdentityTypeString  IdentityTypeString = "idemixnym"
	HTLCScriptIdentityTypeString IdentityTypeString = "htlc"
	MultiSigIdentityTypeString   IdentityTypeString = "multisig"
	PolicyIdentityTypeString     IdentityTypeString = "policy"
)

type Input

type Input interface {
	// GetOwner returns the cryptographic owner of the token.
	GetOwner() []byte
}

Input represents a specific token that is being spent in a transaction.

type IssueAction

type IssueAction interface {
	Action
	ActionWithInputs
	// Serialize converts the action into its serialized byte representation.
	Serialize() ([]byte, error)
	// NumOutputs returns the total number of tokens created by this issuance.
	NumOutputs() int
	// GetSerializedOutputs retrieves the serialized representation of each created token.
	GetSerializedOutputs() ([][]byte, error)
	// GetOutputs returns the list of created tokens as Output interfaces.
	GetOutputs() []Output
	// IsAnonymous indicates whether the issuer's identity is hidden.
	IsAnonymous() bool
	// GetIssuer returns the identifier of the party that issued the tokens.
	GetIssuer() []byte
	// GetMetadata returns any additional driver-specific metadata associated with the issuance.
	GetMetadata() map[string][]byte
	// IsGraphHiding indicates whether the link between inputs and outputs is obfuscated.
	IsGraphHiding() bool
	// ExtraSigners returns any additional identities that must sign this action.
	ExtraSigners() []Identity
}

IssueAction represents a single token issuance event on the ledger.

type IssueInputMetadata

type IssueInputMetadata struct {
	TokenID *token.ID
}

func (*IssueInputMetadata) FromProtos

func (i *IssueInputMetadata) FromProtos(issueInputMetadata *request.IssueInputMetadata) error

func (*IssueInputMetadata) ToProtos

type IssueMetadata

type IssueMetadata struct {
	// Issuer is the identity of the issuer
	Issuer  AuditableIdentity
	Inputs  []*IssueInputMetadata
	Outputs []*IssueOutputMetadata
	// ExtraSigners is the list of extra identities that are not part of the issue action per se
	// but needs to sign the request
	ExtraSigners []AuditableIdentity
}

IssueMetadata contains the metadata of an issue action. In more details, there is an issuer and a list of outputs. For each output, there is a token info and a list of receivers with their audit info to recover their enrollment ID.

func (*IssueMetadata) FromProtos

func (i *IssueMetadata) FromProtos(issueMetadata *request.IssueMetadata) error

func (*IssueMetadata) IsOutputAbsent

func (i *IssueMetadata) IsOutputAbsent(j int) bool

IsOutputAbsent returns true if the j-th output's metadata is absent (e.g., filtered out).

func (*IssueMetadata) Match

func (i *IssueMetadata) Match(action IssueAction) error

Match verifies that the given action matches this metadata. It performs a deep check of inputs, outputs, extra signers, and the issuer identity.

func (*IssueMetadata) Receivers

func (i *IssueMetadata) Receivers() []Identity

func (*IssueMetadata) ToProtos

func (i *IssueMetadata) ToProtos() (*request.IssueMetadata, error)

type IssueOptions

type IssueOptions struct {
	// Attributes is a container of generic options that might be driver specific
	Attributes map[string]any
	// TokensUpgradeRequest is a request to upgrade tokens
	TokensUpgradeRequest *TokenUpgradeRequest
	// Wallet is the wallet that should be used to issue the tokens.
	Wallet IssuerWallet
}

IssueOptions models the options that can be passed to the issue command

type IssueOutputMetadata

type IssueOutputMetadata struct {
	OutputMetadata []byte
	// OutputAuditInfo, for each output owner we have audit info
	OutputAuditInfo []byte
	// Receivers, for each output we have a receiver
	Receivers []*AuditableIdentity
}

IssueOutputMetadata is the metadata of an output in an issue action

func (*IssueOutputMetadata) FromProtos

func (i *IssueOutputMetadata) FromProtos(outputsMetadata *request.OutputMetadata) error

func (*IssueOutputMetadata) RecipientAt

func (i *IssueOutputMetadata) RecipientAt(index int) *AuditableIdentity

func (*IssueOutputMetadata) ToProtos

func (i *IssueOutputMetadata) ToProtos() (*request.OutputMetadata, error)

type IssueService

type IssueService interface {
	// Issue generates an IssuerAction for the issuance of tokens of the specified type.
	// It takes the identity of the issuer, the token type, and a list of values and their respective owners.
	// Optional configuration can be provided through IssueOptions.
	// The method returns:
	// - An IssueAction, which captures the issuance details for the ledger.
	// - IssueMetadata, containing additional information about the issuance for the requester.
	// - An error if the issuance generation fails.
	Issue(ctx context.Context, issuerIdentity Identity, tokenType token.Type, values []uint64, owners [][]byte, opts *IssueOptions) (IssueAction, *IssueMetadata, error)

	// VerifyIssue validates the well-formedness and correctness of an IssueAction.
	// It checks the action against the provided metadata to ensure that the issuance is valid
	// according to the driver's rules.
	VerifyIssue(ctx context.Context, ia IssueAction, metadata []*IssueOutputMetadata) error

	// DeserializeIssueAction reconstructs an IssueAction from its serialized byte representation.
	DeserializeIssueAction(raw []byte) (IssueAction, error)
}

IssueService defines the methods to manage the token issuance lifecycle.

type IssuerWallet

type IssuerWallet interface {
	Wallet

	// GetIssuerIdentity returns an issuer identity for the passed token type.
	// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
	GetIssuerIdentity(tokenType token.Type) (Identity, error)

	// HistoryTokens returns the list of tokens issued by this wallet filtered using the passed options.
	HistoryTokens(ctx context.Context, opts *ListTokensOptions) (*token.IssuedTokens, error)
}

IssuerWallet models the wallet of an issuer

type Ledger

type Ledger interface {
	// GetState returns the value for the given key
	GetState(id token.ID) ([]byte, error)
}

Ledger models a read-only ledger

type LedgerToken

type LedgerToken interface {
	GetOwner() []byte
}

type LedgerTokensIterator

type LedgerTokensIterator = iterators.Iterator[*token.LedgerToken]

type ListTokensOptions

type ListTokensOptions struct {
	// TokenType is the type of token to list
	TokenType token.Type
}

ListTokensOptions contains options that can be used to list tokens from a wallet

type Matcher

type Matcher interface {
	// Match returns true if the passed identity matches this matcher
	Match(ctx context.Context, identity []byte) error
}

Matcher models a matcher that can be used to match identities

type MatcherDeserializer

type MatcherDeserializer interface {
	GetAuditInfoMatcher(ctx context.Context, owner Identity, auditInfo []byte) (Matcher, error)
}

MatcherDeserializer is the interface for identity matchers' deserializer.

type MetadataDeserializer

type MetadataDeserializer[M any] interface {
	DeserializeMetadata([]byte) (M, error)
}

type Output

type Output interface {
	// Serialize converts the output into its serialized byte representation.
	Serialize() ([]byte, error)
	// IsRedeem indicates whether the output is being redeemed (burned) rather than assigned to an owner.
	IsRedeem() bool
	// GetOwner returns the cryptographic owner assigned to the created token.
	GetOwner() []byte
}

Output represents a token that is being created as a result of a transaction.

type OwnerWallet

type OwnerWallet interface {
	Wallet

	// GetRecipientIdentity returns a recipient identity.
	// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
	// Using the returned identity as an index, one can retrieve the following information:
	// - Identity audit info via GetAuditInfo;
	// - TokenMetadata via GetTokenMetadata;
	// - TokenIdentityMetadata via GetTokenMetadataAuditInfo.
	GetRecipientIdentity(ctx context.Context) (Identity, error)

	// GetRecipientData returns a recipient data struct, it does not include the token metadata audit info
	GetRecipientData(ctx context.Context) (*RecipientData, error)

	// GetAuditInfo returns auditing information for the passed identity
	GetAuditInfo(ctx context.Context, id Identity) ([]byte, error)

	// GetTokenMetadata returns the public information related to the token to be assigned to passed recipient identity.
	GetTokenMetadata(id Identity) ([]byte, error)

	// GetTokenMetadataAuditInfo returns private information about the token metadata assigned to the passed recipient identity.
	GetTokenMetadataAuditInfo(id Identity) ([]byte, error)

	// ListTokens returns the list of unspent tokens owned by this wallet filtered using the passed options.
	ListTokens(ctx context.Context, opts *ListTokensOptions) (*token.UnspentTokens, error)

	// ListTokensIterator returns an iterator of unspent tokens owned by this wallet filtered using the passed options.
	ListTokensIterator(ctx context.Context, opts *ListTokensOptions) (UnspentTokensIterator, error)

	// Balance returns the sum of the amounts of the tokens with type and EID equal to those passed as arguments.
	// The result is returned as a *big.Int to support arbitrary precision and prevent overflow.
	Balance(ctx context.Context, opts *ListTokensOptions) (*big.Int, error)

	// EnrollmentID returns the enrollment ID of the owner wallet
	EnrollmentID() string

	// RegisterRecipient register the passed recipient data.
	// The data is passed as pointer to allow the underlying token driver to modify them if needed.
	RegisterRecipient(ctx context.Context, data *RecipientData) error

	// Remote returns true if this wallet is verify only, meaning that the corresponding secret key is external to this wallet
	Remote() bool
}

OwnerWallet models the wallet of a token recipient.

type PPHash

type PPHash []byte

PPHash is used to model the hash of the raw public parameters. This should avoid confusion between the bytes of the public params themselves and its hash.

type PPMFactory

type PPMFactory interface {
	PPReader
	// NewPublicParametersManager returns a new PublicParametersManager instance from the passed public parameters
	NewPublicParametersManager(pp PublicParameters) (PublicParamsManager, error)
}

PPMFactory contains the static logic of the driver

type PPReader

type PPReader interface {
	// PublicParametersFromBytes unmarshals the bytes to a PublicParameters instance.
	PublicParametersFromBytes(params []byte) (PublicParameters, error)
}

type PublicParameters

type PublicParameters interface {
	// TokenDriverName returns the unique name of the token driver.
	TokenDriverName() TokenDriverName
	// TokenDriverVersion returns the version of the token driver for which these parameters are valid.
	TokenDriverVersion() TokenDriverVersion
	// TokenDataHiding indicates whether token values and types are hidden (obfuscated).
	TokenDataHiding() bool
	// GraphHiding indicates whether the transaction graph (linkage between tokens) is hidden.
	GraphHiding() bool
	// MaxTokenValue returns the maximum value any single token can have.
	MaxTokenValue() uint64
	// CertificationDriver returns the identifier of the certification driver, if any.
	CertificationDriver() string
	// Auditors returns the list of identities authorized to audit transactions.
	Auditors() []Identity
	// Issuers returns the list of identities authorized to issue tokens.
	Issuers() []Identity
	// Precision returns the numeric precision used for token values.
	Precision() uint64
	// String provides a human-readable representation of the public parameters.
	String() string
	// Serialize converts the public parameters into their byte representation.
	Serialize() ([]byte, error)
	// Validate checks if the public parameters are internally consistent and valid.
	Validate() error
	// Extras provides access to additional, driver-specific parameters.
	Extras() Extras
}

PublicParameters defines the common interface for a driver's public parameters. These parameters are shared among all participants in the token network and define the rules and characteristics of the token system.

type PublicParamsFetcher

type PublicParamsFetcher interface {
	// Fetch fetches the public parameters from a repository.
	Fetch() ([]byte, error)
}

PublicParamsFetcher models a public parameters fetcher.

type PublicParamsManager

type PublicParamsManager interface {
	// PublicParameters returns the current set of public parameters.
	PublicParameters() PublicParameters
	// NewCertifierKeyPair generates a new public-private key pair for a certifier, if supported by the driver.
	NewCertifierKeyPair() ([]byte, []byte, error)
	// PublicParamsHash returns a unique hash of the serialized public parameters.
	PublicParamsHash() PPHash
}

PublicParamsManager provides methods for managing and accessing the driver's public parameters. It also facilitates the generation of cryptographic materials like certifier key pairs.

type QueryCallback2Func

type QueryCallback2Func func(*token.ID, string, []byte, []byte) error

type QueryCallbackFunc

type QueryCallbackFunc func(*token.ID, []byte) error

type QueryEngine

type QueryEngine interface {
	// IsPending checks if the transaction associated with the given token ID is still pending.
	IsPending(ctx context.Context, id *token.ID) (bool, error)
	// GetStatus returns the execution status of a specific transaction.
	GetStatus(ctx context.Context, txID string) (TxStatus, string, error)
	// IsMine checks if a specific token is owned by any wallet known to the service.
	IsMine(ctx context.Context, id *token.ID) (bool, error)
	// UnspentTokensIterator returns an iterator to traverse all unspent tokens on the ledger.
	UnspentTokensIterator(ctx context.Context) (UnspentTokensIterator, error)
	// UnspentLedgerTokensIteratorBy returns an iterator to traverse all unspent ledger tokens.
	UnspentLedgerTokensIteratorBy(ctx context.Context) (LedgerTokensIterator, error)
	// UnspentTokensIteratorBy returns an iterator over unspent tokens owned by a specific wallet and optionally filtered by token type.
	UnspentTokensIteratorBy(ctx context.Context, walletID string, tokenType token.Type) (UnspentTokensIterator, error)
	// ListUnspentTokens returns a comprehensive list of all unspent tokens.
	ListUnspentTokens(ctx context.Context) (*token.UnspentTokens, error)
	// ListAuditTokens returns the audited token data for the specified token IDs.
	// The result is in order of ids meaning that the first token correspond to the first id and so on.
	ListAuditTokens(ctx context.Context, ids ...*token.ID) ([]*token.Token, error)
	// ListHistoryIssuedTokens returns a list of all tokens issued by the service.
	ListHistoryIssuedTokens(ctx context.Context) (*token.IssuedTokens, error)
	// PublicParams returns the serialized public parameters used by the driver.
	PublicParams(ctx context.Context) ([]byte, error)
	// GetTokenMetadata retrieves the private information (metadata) for the given token IDs.
	GetTokenMetadata(ctx context.Context, ids []*token.ID) ([][]byte, error)
	// GetTokenOutputs retrieves the raw token outputs as stored on the ledger for the specified token IDs.
	GetTokenOutputs(ctx context.Context, ids []*token.ID, callback QueryCallbackFunc) error
	// GetTokenOutputsAndMeta retrieves both the raw token outputs and their metadata for the specified token IDs.
	GetTokenOutputsAndMeta(ctx context.Context, ids []*token.ID) ([][]byte, [][]byte, []token.Format, error)
	// GetTokens returns the de-obfuscated token data for the specified token IDs.
	GetTokens(ctx context.Context, inputs ...*token.ID) ([]*token.Token, error)
	// WhoDeletedTokens identifies which transaction deleted the specified tokens.
	WhoDeletedTokens(ctx context.Context, inputs ...*token.ID) ([]string, []bool, error)
	// Balance calculates the total value of unspent tokens of a specific type owned by a wallet.
	// The result is returned as a *big.Int to support arbitrary precision and prevent overflow.
	Balance(ctx context.Context, id string, tokenType token.Type) (*big.Int, error)
}

QueryEngine provides a read-only interface for querying token-related data from the ledger. It allows for checking transaction status, ownership, and retrieving unspent tokens.

type RecipientData

type RecipientData struct {
	// Identity is the owner's cryptographic identity.
	Identity Identity
	// AuditInfo contains private metadata used for auditing the owner's identity.
	AuditInfo []byte
	// TokenMetadata contains public information about the token being assigned to this recipient.
	TokenMetadata []byte
	// TokenMetadataAuditInfo contains private metadata used for auditing the token metadata.
	TokenMetadataAuditInfo []byte
}

RecipientData captures details about a token's recipient, used for registration and tracking.

type RecipientExtractor

type RecipientExtractor interface {
	Recipients(id Identity) ([]Identity, error)
}

RecipientExtractor extracts the recipients from an identity

type RequestSignature

type RequestSignature struct {
	Action  *ActionSignature
	Auditor *AuditorSignature
}

func (*RequestSignature) FromProtos

func (r *RequestSignature) FromProtos(tr *request.RequestSignature) error

func (*RequestSignature) ToProtos

func (r *RequestSignature) ToProtos() (*request.RequestSignature, error)

type ServiceOptions

type ServiceOptions struct {
	// Network is the name of the network
	Network string
	// Channel is the name of the channel, if meaningful for the underlying backend
	Channel string
	// Namespace is the namespace of the token
	Namespace string
	// PublicParamsFetcher is used to fetch the public parameters
	PublicParamsFetcher PublicParamsFetcher
	// PublicParams contains the public params to use to instantiate the driver
	PublicParams []byte
	// Params is used to store any application specific parameter
	Params map[string]any
}

ServiceOptions is used to configure the service

func (ServiceOptions) ParamAsString

func (o ServiceOptions) ParamAsString(key string) (string, error)

ParamAsString returns the value bound to the passed key. If the key is not found, it returns the empty string. if the value bound to the passed key is not a string, it returns an error.

func (ServiceOptions) String

func (o ServiceOptions) String() string

type SetupAction

type SetupAction interface {
	// GetSetupParameters returns the serialized public parameters from the setup action.
	GetSetupParameters() ([]byte, error)
}

SetupAction defines the interface for actions that update the driver's public parameters.

type SignatureProvider

type SignatureProvider interface {
	// HasBeenSignedBy returns true and the verified signature if the provider contains a valid signature for the passed identity and verifier
	HasBeenSignedBy(c context.Context, id Identity, verifier Verifier) ([]byte, error)
	// Signatures returns the signatures inside this provider
	Signatures() [][]byte
}

type Signer

type Signer interface {
	// Sign signs the provided message and returns the resulting signature.
	Sign(message []byte) ([]byte, error)
}

Signer defines the interface for generating cryptographic signatures.

type SigningIdentity

type SigningIdentity interface {
	// Sign signs the provided message bytes and returns the resulting signature.
	Sign(raw []byte) ([]byte, error)

	// Serialize converts the signing identity into its byte representation.
	Serialize() ([]byte, error)
}

SigningIdentity represents an identity capable of generating cryptographic signatures.

type SpendableTokensIterator

type SpendableTokensIterator = iterators.Iterator[*token.UnspentTokenInWallet]

type TMSID

type TMSID struct {
	Network   string
	Channel   string
	Namespace string
}

TMSID models a TMS identifier

func (TMSID) Equal

func (t TMSID) Equal(tmsid TMSID) bool

func (TMSID) String

func (t TMSID) String() string

String returns a string representation of the TMSID

type TokenAndMetadataDeserializer

type TokenAndMetadataDeserializer[T any, M any] interface {
	TokenDeserializer[T]
	MetadataDeserializer[M]
}

type TokenCertificationStorage

type TokenCertificationStorage interface {
	GetCertifications(ctx context.Context, ids []*token.ID) ([][]byte, error)
}

type TokenDeserializer

type TokenDeserializer[T any] interface {
	DeserializeToken([]byte) (T, error)
}

type TokenDriverName

type TokenDriverName string

TokenDriverName is the name of a token driver

type TokenDriverVersion

type TokenDriverVersion uint32

TokenDriverVersion is the version of a token driver

type TokenManagerService

type TokenManagerService interface {
	// IssueService returns an instance of the IssueService interface, which manages the issuance of new tokens.
	IssueService() IssueService
	// TransferService returns an instance of the TransferService interface, which handles the transfer of token ownership.
	TransferService() TransferService
	// TokensService returns an instance of the TokensService interface, providing general token management utilities.
	TokensService() TokensService
	// TokensUpgradeService returns an instance of the TokensUpgradeService interface, enabling token upgrades.
	TokensUpgradeService() TokensUpgradeService
	// AuditorService returns an instance of the AuditorService interface, facilitating token auditing capabilities.
	AuditorService() AuditorService
	// CertificationService returns an instance of the CertificationService interface, managing token certifications.
	CertificationService() CertificationService
	// Deserializer returns an instance of the Deserializer interface, which deserializes identities to obtain signature verifiers.
	Deserializer() Deserializer
	// IdentityProvider returns an instance of the IdentityProvider interface, managing identities and their associated information.
	IdentityProvider() IdentityProvider
	// Validator returns an instance of the Validator interface, which provides mechanisms for validating token transactions.
	Validator() (Validator, error)
	// PublicParamsManager returns an instance of the PublicParamsManager interface, managing the driver's public parameters.
	PublicParamsManager() PublicParamsManager
	// Configuration returns an instance of the Configuration interface, providing access to driver-specific configuration.
	Configuration() Configuration
	// WalletService returns an instance of the WalletService interface, which manages issuer, owner, auditor, and certifier wallets.
	WalletService() WalletService
	// Authorization returns an instance of the Authorization interface, used to check the relationship between tokens and wallets.
	Authorization() Authorization
	// Done releases all the resources allocated by this service, ensuring a clean shutdown.
	Done() error
}

TokenManagerService is the core entry point of the Driver API. It provides access to a comprehensive suite of services for token issuance, transfer, auditing, and management. Each driver implementation must provide a concrete implementation of this interface to enable Panurus to interact with its specific token technology.

type TokenManagerServiceProvider

type TokenManagerServiceProvider interface {
	// GetTokenManagerService returns a TokenManagerService instance for the passed parameters
	// If a TokenManagerService is not available, it creates one.
	GetTokenManagerService(opts ServiceOptions) (TokenManagerService, error)

	// Update uses the given options to update the public parameters of a given TMS.
	// If the public parameters in the options are identical to those in the current TMS, then nothing happens.
	// If a TMS does not exist for the given options, one is created with the given public parameters.
	Update(options ServiceOptions) error
}

type TokenOutput

type TokenOutput []byte

TokenOutput models an output on the edger

type TokenOutputMetadata

type TokenOutputMetadata []byte

TokenOutputMetadata models the metadata of an output on the ledger

type TokenRequest

type TokenRequest struct {
	// Version specifies the protocol version for this token request.
	// Defaults to ProtocolV1 (structured format) for new requests.
	// The asn1 tag with "-" means this field is never included in ASN.1 marshaling,
	// ensuring consistent signature verification.
	Version    uint32
	Actions    []*TypedAction // Unified slice of all actions
	Signatures []*RequestSignature
}

TokenRequest represents a collection of token actions (issuance and transfer). Each action within the request is logically independent, though they are processed together. A TokenRequest also includes the signatures (witnesses) required to authorize its actions.

func (*TokenRequest) Bytes

func (r *TokenRequest) Bytes() ([]byte, error)

func (*TokenRequest) FromBytes

func (r *TokenRequest) FromBytes(raw []byte) error

func (*TokenRequest) FromProtos

func (r *TokenRequest) FromProtos(tr *request.TokenRequest) error

func (*TokenRequest) GetIssues

func (r *TokenRequest) GetIssues() [][]byte

GetIssues returns all issue actions from the unified Actions slice

func (*TokenRequest) GetTransfers

func (r *TokenRequest) GetTransfers() [][]byte

GetTransfers returns all transfer actions from the unified Actions slice

func (*TokenRequest) MarshalToMessageToSign

func (r *TokenRequest) MarshalToMessageToSign(anchor []byte) ([]byte, error)

MarshalToMessageToSign creates a canonical byte representation of the TokenRequest for signature generation using the structured ASN.1 format.

The ProtocolV1 format uses a secure structured ASN.1 format with separate Request and Anchor fields, providing robust boundary separation and preventing collision attacks.

Parameters:

  • anchor: A unique identifier (e.g., transaction ID) that binds this signature to a specific context. Must be non-empty and within size limits.

Security considerations:

  • The anchor MUST be unique per transaction to prevent signature reuse
  • Signatures are not included in the marshaled data to avoid circular dependencies
  • Structured format provides strong security guarantees against collision attacks

Returns the message bytes to be signed, or an error if marshaling fails.

func (*TokenRequest) NumIssues

func (r *TokenRequest) NumIssues() int

NumIssues returns the count of issue actions

func (*TokenRequest) NumTransfers

func (r *TokenRequest) NumTransfers() int

NumTransfers returns the count of transfer actions

func (*TokenRequest) ToProtos

func (r *TokenRequest) ToProtos() (*request.TokenRequest, error)

func (*TokenRequest) Validate

func (r *TokenRequest) Validate() error

Validate checks the structural validity of the TokenRequest. It ensures that all required fields are present and non-empty. This method should be called after unmarshalling to verify the request is well-formed.

Special case: Empty requests (nil Actions or empty Actions slice) are allowed to support test scenarios where requests are created but not yet populated. This is necessary because ToProtos() sets Version=ProtocolV1 even for empty requests.

Returns an error if:

  • Any action in Actions is nil
  • Any action has empty Raw bytes
  • Any signature in Signatures is nil
  • Any signature has empty signature bytes

type TokenRequestAnchor

type TokenRequestAnchor string

TokenRequestAnchor models the anchor of a token request

type TokenRequestMetadata

type TokenRequestMetadata struct {
	// Actions contains metadata for all actions in the corresponding TokenRequest.
	Actions []*ActionMetadataEntry
	// Application allows for attaching arbitrary application-level metadata to the token request.
	Application map[string][]byte
}

TokenRequestMetadata contains the supplementary information needed to process and interpret a TokenRequest. It includes metadata for each issuance and transfer action, enabling de-obfuscation and identity recovery.

func (*TokenRequestMetadata) Bytes

func (m *TokenRequestMetadata) Bytes() ([]byte, error)

func (*TokenRequestMetadata) FromBytes

func (m *TokenRequestMetadata) FromBytes(raw []byte) error

func (*TokenRequestMetadata) FromProtos

func (*TokenRequestMetadata) GetIssueMetadata

func (m *TokenRequestMetadata) GetIssueMetadata(index int) (*IssueMetadata, error)

GetIssueMetadata returns issue metadata at the given index (among issues only)

func (*TokenRequestMetadata) GetTransferMetadata

func (m *TokenRequestMetadata) GetTransferMetadata(index int) (*TransferMetadata, error)

GetTransferMetadata returns transfer metadata at the given index (among transfers only)

func (*TokenRequestMetadata) NumIssues

func (m *TokenRequestMetadata) NumIssues() int

NumIssues returns the count of issue metadata entries

func (*TokenRequestMetadata) NumTransfers

func (m *TokenRequestMetadata) NumTransfers() int

NumTransfers returns the count of transfer metadata entries

func (*TokenRequestMetadata) ToProtos

type TokenUpgradeRequest

type TokenUpgradeRequest struct {
	// Challenge is a challenge to be solved by the prover
	Challenge TokensUpgradeChallenge
	// Tokens is a list of tokens to be converted
	Tokens []token.LedgerToken
	// Proof is a proof that the prover has solved the challenge
	Proof TokensUpgradeProof
}

TokenUpgradeRequest is a request to convert tokens

type TokenVault

type TokenVault interface {
	IsPending(ctx context.Context, id *token.ID) (bool, error)
	GetTokenOutputsAndMeta(ctx context.Context, ids []*token.ID) ([][]byte, [][]byte, []token.Format, error)
	GetTokenOutputs(ctx context.Context, ids []*token.ID, callback QueryCallbackFunc) error
	UnspentTokensIteratorBy(ctx context.Context, id string, tokenType token.Type) (UnspentTokensIterator, error)
	ListHistoryIssuedTokens(ctx context.Context) (*token.IssuedTokens, error)
	PublicParams(ctx context.Context) ([]byte, error)
	Balance(ctx context.Context, id string, tokenType token.Type) (*big.Int, error)
}

type TokensService

type TokensService interface {
	// SupportedTokenFormats returns the list of token formats supported by the driver.
	SupportedTokenFormats() []token.Format

	// Deobfuscate decodes a token output and its metadata to reveal its underlying details.
	// It returns the de-obfuscated token, the identity of its issuer (if applicable),
	// the list of its recipients, and its format.
	Deobfuscate(ctx context.Context, output TokenOutput, outputMetadata TokenOutputMetadata) (*token.Token, Identity, []Identity, token.Format, error)

	// Recipients extracts the recipient identities from a given token output.
	Recipients(output TokenOutput) ([]Identity, error)
}

TokensService provides utilities for managing and interacting with tokens. It includes functionality for de-obfuscating token outputs and extracting recipient information.

type TokensUpgradeChallenge

type TokensUpgradeChallenge = []byte

TokensUpgradeChallenge is the challenge the issuer generates to make sure the client is not cheating

type TokensUpgradeProof

type TokensUpgradeProof = []byte

TokensUpgradeProof is the proof generated with the respect to a given challenge to prove the validity of the tokens to be upgrade

type TokensUpgradeService

type TokensUpgradeService interface {
	// NewUpgradeChallenge generates a new upgrade challenge that the issuer
	// provides to the client to ensure the integrity of the upgrade process.
	NewUpgradeChallenge() (TokensUpgradeChallenge, error)

	// GenUpgradeProof generates a proof of the validity of the tokens to be upgraded,
	// based on the provided challenge and ledger tokens.
	GenUpgradeProof(ctx context.Context, ch TokensUpgradeChallenge, tokens []token.LedgerToken, witness TokensUpgradeWitness) (TokensUpgradeProof, error)

	// CheckUpgradeProof verifies the provided upgrade proof against the challenge
	// and the tokens to ensure the upgrade is valid and authorized.
	CheckUpgradeProof(ctx context.Context, ch TokensUpgradeChallenge, proof TokensUpgradeProof, tokens []token.LedgerToken) (bool, error)
}

TokensUpgradeService defines the methods to manage the token upgrade lifecycle. Token upgrades allow for tokens of one version or format to be converted to another, ensuring system continuity and consistency during transitions.

type TokensUpgradeWitness

type TokensUpgradeWitness = []byte

TokensUpgradeWitness contains any other additional information needed to generate a TokensUpgradeProof

type TransferAction

type TransferAction interface {
	Action
	ActionWithInputs
	// Serialize converts the action into its serialized byte representation.
	Serialize() ([]byte, error)
	// NumOutputs returns the total number of tokens created by this transfer.
	NumOutputs() int
	// GetSerializedOutputs retrieves the serialized representation of each created token.
	GetSerializedOutputs() ([][]byte, error)
	// GetOutputs returns the list of created tokens as Output interfaces.
	GetOutputs() []Output
	// IsRedeemAt checks if a specific output, by its index, is a redeem output.
	IsRedeemAt(index int) bool
	// SerializeOutputAt returns the serialized representation of a specific output.
	SerializeOutputAt(index int) ([]byte, error)
	// IsGraphHiding indicates whether the link between inputs and outputs is obfuscated.
	IsGraphHiding() bool
	// GetMetadata returns any additional driver-specific metadata associated with the transfer.
	GetMetadata() map[string][]byte
	// GetIssuer returns the identity of the issuer in cases where the transfer includes redemption.
	GetIssuer() Identity
}

TransferAction represents a token transfer event on the ledger.

type TransferInputMetadata

type TransferInputMetadata struct {
	TokenID *token.ID
	Senders []*AuditableIdentity
}

func (*TransferInputMetadata) FromProtos

func (t *TransferInputMetadata) FromProtos(transferInputMetadata *request.TransferInputMetadata) error

func (*TransferInputMetadata) ToProtos

type TransferMetadata

type TransferMetadata struct {
	Inputs  []*TransferInputMetadata
	Outputs []*TransferOutputMetadata
	// ExtraSigners is the list of extra identities that are not part of the transfer action per se
	// but needs to sign the request
	ExtraSigners []AuditableIdentity
	// Issuer contains the identity of the issuer to sign the transfer action
	Issuer AuditableIdentity
}

TransferMetadata contains the metadata of a transfer action For each TokenID there is a sender with its audit info to recover its enrollment ID, For each Output there is: - A OutputMetadata entry to de-obfuscate the output; - A Receiver identity; - A ReceiverAuditInfo entry to recover the enrollment ID of the receiver - A Flag to indicate if the receiver is a sender in this very same action

func (*TransferMetadata) FromProtos

func (t *TransferMetadata) FromProtos(transferMetadata *request.TransferMetadata) error

func (*TransferMetadata) IsInputAbsent

func (t *TransferMetadata) IsInputAbsent(j int) bool

IsInputAbsent returns true if the j-th input's metadata is absent (e.g., filtered out).

func (*TransferMetadata) IsOutputAbsent

func (t *TransferMetadata) IsOutputAbsent(j int) bool

IsOutputAbsent returns true if the j-th output's metadata is absent (e.g., filtered out).

func (*TransferMetadata) Match

func (t *TransferMetadata) Match(action TransferAction) error

Match verifies that the given action matches this metadata. It performs a deep check of inputs, outputs, extra signers, and the issuer identity (if present).

func (*TransferMetadata) Receivers

func (t *TransferMetadata) Receivers() []Identity

func (*TransferMetadata) Senders

func (t *TransferMetadata) Senders() []Identity

func (*TransferMetadata) ToProtos

func (t *TransferMetadata) ToProtos() (*request.TransferMetadata, error)

func (*TransferMetadata) TokenIDAt

func (t *TransferMetadata) TokenIDAt(index int) *token.ID

TokenIDAt returns the TokenID at the given index. It returns nil if the index is out of bounds.

func (*TransferMetadata) TokenIDs

func (t *TransferMetadata) TokenIDs() []*token.ID

type TransferOptions

type TransferOptions struct {
	// Attributes is a container of generic options that might be driver specific
	Attributes map[string]any
}

TransferOptions models the options that can be passed to the transfer command

type TransferOutputMetadata

type TransferOutputMetadata struct {
	OutputMetadata []byte
	// OutputAuditInfo, for each output owner we have audit info
	OutputAuditInfo []byte
	// Receivers is the list of receivers
	Receivers []*AuditableIdentity
}

TransferOutputMetadata is the metadata of an output in a transfer action

func (*TransferOutputMetadata) FromProtos

func (t *TransferOutputMetadata) FromProtos(transferOutputMetadata *request.OutputMetadata) error

func (*TransferOutputMetadata) RecipientAt

func (t *TransferOutputMetadata) RecipientAt(index int) *AuditableIdentity

func (*TransferOutputMetadata) ToProtos

type TransferService

type TransferService interface {
	// Transfer generates a TransferAction to transfer the specified tokens.
	// It uses the provided wallet and anchor, along with a list of token identifiers and target outputs.
	// Additional options can be provided through TransferOptions.
	// The method returns:
	// - A TransferAction, which encodes the transfer details for the ledger.
	// - TransferMetadata, containing additional information for the requester.
	// - An error if the transfer generation fails.
	Transfer(ctx context.Context, anchor TokenRequestAnchor, wallet OwnerWallet, ids []*token2.ID, outputs []*token2.Token, opts *TransferOptions) (TransferAction, *TransferMetadata, error)

	// VerifyTransfer validates the well-formedness and correctness of a TransferAction.
	// It ensures that the transfer adheres to the driver's rules and correctly spends its inputs
	// to produce its outputs.
	VerifyTransfer(ctx context.Context, tr TransferAction, outputMetadata []*TransferOutputMetadata) error

	// DeserializeTransferAction reconstructs a TransferAction from its serialized byte representation.
	DeserializeTransferAction(raw []byte) (TransferAction, error)
}

TransferService defines the methods to manage the token transfer lifecycle.

type TxStatus

type TxStatus = int

TxStatus is the status of a transaction

const (
	// Unknown is the status of a transaction that is unknown
	Unknown TxStatus = iota
	// Pending is the status of a transaction that has been submitted to the ledger
	Pending
	// Confirmed is the status of a transaction that has been confirmed by the ledger
	Confirmed
	// Deleted is the status of a transaction that has been deleted due to a failure to commit
	Deleted
	// Orphan is the status of a transaction that never reached the ledger (e.g. broadcast failure, mempool drop)
	Orphan
)

type TypedAction

type TypedAction struct {
	Type request.ActionType // ACTION_TYPE_ISSUE or ACTION_TYPE_TRANSFER
	Raw  []byte             // Serialized action data
}

TypedAction represents a single token action with its type and raw bytes

type UnspentTokensIterator

type UnspentTokensIterator = iterators.Iterator[*token.UnspentToken]

type UnsupportedTokensIterator

type UnsupportedTokensIterator = iterators.Iterator[*token.LedgerToken]

type ValidationAttributeID

type ValidationAttributeID = string

ValidationAttributeID is the type of validation attribute identifier

type ValidationAttributes

type ValidationAttributes = map[ValidationAttributeID][]byte

ValidationAttributes is a map containing attributes generated during validation

type Validator

type Validator interface {
	// UnmarshalActions reconstructs the individual actions (issue, transfer, etc.)
	// from their serialized representation in a token request.
	UnmarshalActions(raw []byte) ([]any, error)

	// VerifyTokenRequestFromRaw validates a marshalled token request against the provided ledger state and anchor.
	// It performs a comprehensive check of all actions and signatures within the request.
	// It returns:
	// - The list of unmarshalled actions.
	// - A map of validation attributes (driver-specific) containing additional details about the request.
	// - An error if the validation fails.
	VerifyTokenRequestFromRaw(ctx context.Context, getState GetStateFnc, anchor TokenRequestAnchor, raw []byte) ([]any, ValidationAttributes, error)

	// SetMinProtocolVersion configures the minimum protocol version that this validator will accept.
	// Token requests with a protocol version below this minimum will be rejected during validation.
	// Setting this to 0 (default) accepts all protocol versions.
	// This is useful for enforcing protocol upgrades across a network.
	SetMinProtocolVersion(version uint32)
}

Validator provides methods for validating token transaction requests. It ensures that requests are well-formed and consistent with the rules defined by the token driver.

type ValidatorDriver

type ValidatorDriver interface {
	PPReader
	// NewValidator returns a new Validator instance from the passed public parameters
	NewValidator(pp PublicParameters) (Validator, error)
}

ValidatorDriver is the interface that must be implemented by a token driver to create Validator instances.

type ValidatorLedger

type ValidatorLedger interface {
	GetState(id token.ID) ([]byte, error)
}

type Vault

type Vault interface {
	// QueryEngine returns an instance of the QueryEngine interface for querying the ledger.
	QueryEngine() QueryEngine
	// CertificationStorage returns an instance of the CertificationStorage interface for managing token certifications.
	CertificationStorage() CertificationStorage
}

Vault defines the interface for accessing the token vault, which stores tokens and their certifications. It provides a QueryEngine for querying the ledger and a CertificationStorage for managing certifications.

type Verifier

type Verifier interface {
	// Verify checks the signature against the provided message and returns nil if valid.
	Verify(message, sigma []byte) error
}

Verifier defines the interface for verifying cryptographic signatures.

type VerifierDeserializer

type VerifierDeserializer interface {
	DeserializeVerifier(ctx context.Context, id Identity) (Verifier, error)
}

VerifierDeserializer is the interface for verifiers' deserializer. A verifier checks the validity of a signature against the identity associated with the verifier

type Wallet

type Wallet interface {
	// ID returns the ID of this wallet
	ID() string

	// Contains returns true if the passed identity belongs to this wallet
	Contains(ctx context.Context, identity Identity) bool

	// ContainsToken returns true if the passed token is owned by this wallet
	ContainsToken(ctx context.Context, token *token.UnspentToken) bool

	// GetSigner returns the Signer bound to the passed identity
	GetSigner(ctx context.Context, identity Identity) (Signer, error)
}

Wallet models a generic wallet

type WalletLookupID

type WalletLookupID = any

WalletLookupID defines the type of identifiers that can be used to retrieve a given wallet. It can be a string, as the name of the wallet, or an identity contained in that wallet. Ultimately, it is the token driver to decide which types are allowed.

type WalletService

type WalletService interface {
	// RegisterRecipientIdentity registers a recipient identity and its audit data.
	RegisterRecipientIdentity(ctx context.Context, data *RecipientData) error

	// GetAuditInfo retrieves the audit data associated with a specific identity.
	GetAuditInfo(ctx context.Context, id Identity) ([]byte, error)

	// GetEnrollmentID extracts the enrollment identifier from audit data for a given identity.
	GetEnrollmentID(ctx context.Context, identity Identity, auditInfo []byte) (string, error)

	// GetRevocationHandle extracts the revocation handler from audit data for a given identity.
	GetRevocationHandle(ctx context.Context, identity Identity, auditInfo []byte) (string, error)

	// GetEIDAndRH returns both the enrollment ID and the revocation handle for a given identity and audit data.
	GetEIDAndRH(ctx context.Context, identity Identity, auditInfo []byte) (string, string, error)

	// Wallet returns a generic wallet interface associated with the specified identity, if any.
	Wallet(ctx context.Context, identity Identity) Wallet

	// RegisterOwnerIdentity registers a long-term owner identity using the provided configuration.
	RegisterOwnerIdentity(ctx context.Context, config IdentityConfiguration) error

	// RegisterIssuerIdentity registers a long-term issuer identity using the provided configuration.
	RegisterIssuerIdentity(ctx context.Context, config IdentityConfiguration) error

	// OwnerWalletIDs returns a list of identifiers for all known owner wallets.
	OwnerWalletIDs(ctx context.Context) ([]string, error)

	// OwnerWallet retrieves an OwnerWallet instance based on its identifier or an identity belonging to it.
	OwnerWallet(ctx context.Context, id WalletLookupID) (OwnerWallet, error)

	// IssuerWallet retrieves an IssuerWallet instance based on its identifier or an identity belonging to it.
	IssuerWallet(ctx context.Context, id WalletLookupID) (IssuerWallet, error)

	// AuditorWallet retrieves an AuditorWallet instance based on its identifier or an identity belonging to it.
	AuditorWallet(ctx context.Context, id WalletLookupID) (AuditorWallet, error)

	// CertifierWallet retrieves a CertifierWallet instance based on its identifier or an identity belonging to it.
	CertifierWallet(ctx context.Context, id WalletLookupID) (CertifierWallet, error)

	// SpendIDs returns unique identifiers representing the potential spending of the specified token IDs.
	SpendIDs(ids ...*token.ID) ([]string, error)

	// Done releases all the resources allocated by this service.
	Done() error
}

WalletService manages different types of token wallets: issuer, owner, auditor, and certifier. It provides methods for looking up wallets, registering identities, and extracting audit data.

type WalletServiceFactory

type WalletServiceFactory interface {
	PPReader
	// NewWalletService returns an instance of the WalletService interface for the passed arguments
	NewWalletService(tmsConfig Configuration, params PublicParameters) (WalletService, error)
}

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.
protos-go
v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL