Documentation
¶
Index ¶
- Constants
- Variables
- func ToProtoAuditableIdentitySlice(identities []Identity) []*request.AuditableIdentity
- func ToProtoAuditableIdentitySliceFromAuditable(identities []AuditableIdentity) ([]*request.AuditableIdentity, error)
- func ToProtoIdentitySlice(identities []Identity) []*protosv1.Identity
- func ToTokenID(id *protosv1.TokenID) *token.ID
- type Action
- type ActionDeserializer
- type ActionMetadataEntry
- type ActionSignature
- type ActionWithInputs
- type AuditInfoProvider
- type AuditMatcherProvider
- type AuditableIdentity
- type AuditorService
- type AuditorSignature
- type AuditorWallet
- type Authorization
- type CertificationClient
- type CertificationService
- type CertificationStorage
- type CertifierWallet
- type Configuration
- type Deserializer
- type Driver
- type Extras
- type FullIdentity
- type GetStateFnc
- type Identity
- type IdentityConfiguration
- type IdentityProvider
- type IdentityType
- type IdentityTypeString
- type Input
- type IssueAction
- type IssueInputMetadata
- type IssueMetadata
- type IssueOptions
- type IssueOutputMetadata
- type IssueService
- type IssuerWallet
- type Ledger
- type LedgerToken
- type LedgerTokensIterator
- type ListTokensOptions
- type Matcher
- type MatcherDeserializer
- type MetadataDeserializer
- type Output
- type OwnerWallet
- type PPHash
- type PPMFactory
- type PPReader
- type PublicParameters
- type PublicParamsFetcher
- type PublicParamsManager
- type QueryCallback2Func
- type QueryCallbackFunc
- type QueryEngine
- type RecipientData
- type RecipientExtractor
- type RequestSignature
- type ServiceOptions
- type SetupAction
- type SignatureProvider
- type Signer
- type SigningIdentity
- type SpendableTokensIterator
- type TMSID
- type TokenAndMetadataDeserializer
- type TokenCertificationStorage
- type TokenDeserializer
- type TokenDriverName
- type TokenDriverVersion
- type TokenManagerService
- type TokenManagerServiceProvider
- type TokenOutput
- type TokenOutputMetadata
- type TokenRequest
- func (r *TokenRequest) Bytes() ([]byte, error)
- func (r *TokenRequest) FromBytes(raw []byte) error
- func (r *TokenRequest) FromProtos(tr *request.TokenRequest) error
- func (r *TokenRequest) GetIssues() [][]byte
- func (r *TokenRequest) GetTransfers() [][]byte
- func (r *TokenRequest) MarshalToMessageToSign(anchor []byte) ([]byte, error)
- func (r *TokenRequest) NumIssues() int
- func (r *TokenRequest) NumTransfers() int
- func (r *TokenRequest) ToProtos() (*request.TokenRequest, error)
- func (r *TokenRequest) Validate() error
- type TokenRequestAnchor
- type TokenRequestMetadata
- func (m *TokenRequestMetadata) Bytes() ([]byte, error)
- func (m *TokenRequestMetadata) FromBytes(raw []byte) error
- func (m *TokenRequestMetadata) FromProtos(trm *request.TokenRequestMetadata) error
- func (m *TokenRequestMetadata) GetIssueMetadata(index int) (*IssueMetadata, error)
- func (m *TokenRequestMetadata) GetTransferMetadata(index int) (*TransferMetadata, error)
- func (m *TokenRequestMetadata) NumIssues() int
- func (m *TokenRequestMetadata) NumTransfers() int
- func (m *TokenRequestMetadata) ToProtos() (*request.TokenRequestMetadata, error)
- type TokenUpgradeRequest
- type TokenVault
- type TokensService
- type TokensUpgradeChallenge
- type TokensUpgradeProof
- type TokensUpgradeService
- type TokensUpgradeWitness
- type TransferAction
- type TransferInputMetadata
- type TransferMetadata
- func (t *TransferMetadata) FromProtos(transferMetadata *request.TransferMetadata) error
- func (t *TransferMetadata) IsInputAbsent(j int) bool
- func (t *TransferMetadata) IsOutputAbsent(j int) bool
- func (t *TransferMetadata) Match(action TransferAction) error
- func (t *TransferMetadata) Receivers() []Identity
- func (t *TransferMetadata) Senders() []Identity
- func (t *TransferMetadata) ToProtos() (*request.TransferMetadata, error)
- func (t *TransferMetadata) TokenIDAt(index int) *token.ID
- func (t *TransferMetadata) TokenIDs() []*token.ID
- type TransferOptions
- type TransferOutputMetadata
- type TransferService
- type TxStatus
- type TypedAction
- type UnspentTokensIterator
- type UnsupportedTokensIterator
- type ValidationAttributeID
- type ValidationAttributes
- type Validator
- type ValidatorDriver
- type ValidatorLedger
- type Vault
- type Verifier
- type VerifierDeserializer
- type Wallet
- type WalletLookupID
- type WalletService
- type WalletServiceFactory
Constants ¶
const ( // ProtocolV1 demarks the V1 version of the protocol // This version uses a secure structured format with explicit Request and Anchor fields, // providing robust boundary separation and preventing collision attacks. ProtocolV1 = 1 // MaxAnchorSize defines the maximum allowed size for anchor parameter in bytes. // This limit prevents potential DoS attacks through excessive memory allocation. MaxAnchorSize = 128 // bytes )
Variables ¶
var ( // ErrAnchorEmpty is returned when the anchor parameter is empty in V1 protocol ErrAnchorEmpty = errors.New("anchor cannot be empty") // ErrAnchorTooLarge is returned when the anchor exceeds MaxAnchorSize in V1 protocol ErrAnchorTooLarge = errors.Errorf("anchor size exceeds maximum allowed size of %d bytes", MaxAnchorSize) // ErrUnsupportedVersion is returned when an unsupported protocol version is encountered ErrUnsupportedVersion = errors.New("unsupported token request version") // ErrInvalidVersion is returned when the protocol version is 0 (invalid) ErrInvalidVersion = errors.New("invalid token request: protocol version cannot be 0") // ErrVersionBelowMinimum is returned when the protocol version is below the configured minimum ErrVersionBelowMinimum = errors.New("token request protocol version is below minimum required version") )
Typed errors for protocol validation
Functions ¶
func ToProtoAuditableIdentitySlice ¶
func ToProtoAuditableIdentitySlice(identities []Identity) []*request.AuditableIdentity
ToProtoAuditableIdentitySlice converts []Identity to []*request.AuditableIdentity
func ToProtoAuditableIdentitySliceFromAuditable ¶
func ToProtoAuditableIdentitySliceFromAuditable(identities []AuditableIdentity) ([]*request.AuditableIdentity, error)
ToProtoAuditableIdentitySliceFromAuditable converts []AuditableIdentity to []*request.AuditableIdentity
func ToProtoIdentitySlice ¶
ToProtoIdentitySlice converts []Identity to []*driver.Identity
Types ¶
type ActionDeserializer ¶
type ActionDeserializer[TA TransferAction, IA IssueAction] interface { DeserializeActions(tr *TokenRequest) ([]IA, []TA, error) }
type ActionMetadataEntry ¶
type ActionMetadataEntry struct {
ActionID uint32 // Position in Actions slice
IssueMetadata *IssueMetadata // Non-nil if this is an issue action
TransferMetadata *TransferMetadata // Non-nil if this is a transfer action
}
ActionMetadataEntry represents metadata for a single action with its ID and type-discriminated metadata
type ActionSignature ¶
func (*ActionSignature) FromProtos ¶
func (r *ActionSignature) FromProtos(tr *request.ActionSignature) error
func (*ActionSignature) ToProtos ¶
func (r *ActionSignature) ToProtos() (*request.ActionSignature, error)
type ActionWithInputs ¶
type ActionWithInputs interface {
// NumInputs returns the number of inputs in the action
NumInputs() int
// GetInputs returns the identifiers of the inputs in the action.
GetInputs() []*token.ID
// GetSerializedInputs returns the serialized inputs of the action
GetSerializedInputs() ([][]byte, error)
// GetSerialNumbers returns the serial numbers of the inputs if this action supports graph hiding
GetSerialNumbers() []string
// IsGraphHiding returns true if the action is graph hiding
IsGraphHiding() bool
// GetMetadata returns the action's metadata
GetMetadata() map[string][]byte
// ExtraSigners returns the extra signers of the action
ExtraSigners() []Identity
}
ActionWithInputs models an action with inputs
type AuditInfoProvider ¶
type AuditInfoProvider interface {
// GetAuditInfo returns the audit information for the given identity, if available.
GetAuditInfo(ctx context.Context, identity Identity) ([]byte, error)
}
AuditInfoProvider models a provider of audit information
type AuditMatcherProvider ¶
type AuditMatcherProvider interface {
MatcherDeserializer
MatchIdentity(ctx context.Context, id Identity, ai []byte) error
GetAuditInfo(ctx context.Context, id Identity, p AuditInfoProvider) ([]byte, error)
}
AuditMatcherProvider provides audit related deserialization functionalities
type AuditableIdentity ¶
func FromProtoAuditableIdentitySliceToAuditable ¶
func FromProtoAuditableIdentitySliceToAuditable(identities []*request.AuditableIdentity) ([]AuditableIdentity, error)
FromProtoAuditableIdentitySliceToAuditable converts []*request.AuditableIdentity to []AuditableIdentity
func (*AuditableIdentity) FromProtos ¶
func (a *AuditableIdentity) FromProtos(auditableIdentity *request.AuditableIdentity) error
func (*AuditableIdentity) ToProtos ¶
func (a *AuditableIdentity) ToProtos() (*request.AuditableIdentity, error)
type AuditorService ¶
type AuditorService interface {
// AuditorCheck performs a comprehensive validation of a token request and its metadata.
// It ensures that the transaction is well-formed and meets all auditing requirements
// within the context of the provided anchor.
AuditorCheck(ctx context.Context, request *TokenRequest, metadata *TokenRequestMetadata, anchor TokenRequestAnchor) error
}
AuditorService defines the methods for auditing token transactions. It provides mechanisms for authorized auditors to inspect transaction requests and their associated metadata and anchor to ensure compliance and validity.
type AuditorSignature ¶
func (*AuditorSignature) FromProtos ¶
func (r *AuditorSignature) FromProtos(tr *request.AuditorSignature) error
func (*AuditorSignature) ToProtos ¶
func (r *AuditorSignature) ToProtos() (*request.AuditorSignature, error)
type AuditorWallet ¶
type AuditorWallet interface {
Wallet
// GetAuditorIdentity returns an auditor identity.
// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
GetAuditorIdentity() (Identity, error)
}
AuditorWallet models the wallet of an auditor
type Authorization ¶
type Authorization interface {
// IsMine determines if a given token belongs to a known owner wallet.
// It returns the ID of the wallet (if any) and additional identifiers that may indicate ownership,
// along with a boolean indicating if the token is indeed owned.
IsMine(ctx context.Context, tok *token.Token) (walletID string, additionalOwners []string, mine bool)
// AmIAnAuditor checks if the service has auditor privileges based on its configuration and identities.
AmIAnAuditor() bool
// Issued checks if a specific issuer, identified by their identity, was the one that issued the token.
Issued(ctx context.Context, issuer Identity, tok *token.Token) bool
// OwnerType determines the type of the token's owner and extracts the owner's raw identity.
OwnerType(raw []byte) (IdentityType, []byte, error)
}
Authorization checks the relationship between a token and different wallet types (owner, issuer, auditor). It determines if a given wallet can perform specific actions on a token.
type CertificationClient ¶
type CertificationClient interface {
// IsCertified checks if a specific token identifier has already been certified.
IsCertified(ctx context.Context, id *token.ID) bool
// RequestCertification initiates the certification process for the given list of token identifiers.
RequestCertification(ctx context.Context, ids ...*token.ID) error
}
CertificationClient provides methods to check token certification status and request new certifications.
type CertificationService ¶
type CertificationService interface {
// NewCertificationRequest creates a serialized certification request for the specified token identifiers.
NewCertificationRequest(ids []*token.ID) ([]byte, error)
// Certify uses the provided certifier wallet and ledger representations to certify a list of token identifiers.
// It takes as input the certification request and the raw token data as stored on the ledger.
Certify(wallet CertifierWallet, ids []*token.ID, tokens [][]byte, request []byte) ([][]byte, error)
// VerifyCertifications validates the provided certifications for a given list of token identifiers.
// It returns the processed certifications if they are valid, or an error otherwise.
VerifyCertifications(ids []*token.ID, certifications [][]byte) ([][]byte, error)
}
CertificationService handles the generation and verification of token certifications. Certifications provide proofs of a token's validity and status, often used in complex transaction scenarios or cross-network interactions.
type CertificationStorage ¶
type CertificationStorage interface {
// Exists checks if a certification exists for the specified token ID.
Exists(ctx context.Context, id *token.ID) bool
// Store saves the provided certifications for the given token IDs.
Store(ctx context.Context, certifications map[*token.ID][]byte) error
}
CertificationStorage provides methods for storing and checking the existence of token certifications.
type CertifierWallet ¶
type CertifierWallet interface {
Wallet
// GetCertifierIdentity returns a certifier identity.
// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
GetCertifierIdentity() (Identity, error)
}
CertifierWallet models the wallet of a certifier
type Configuration ¶
type Configuration interface {
// ID returns the unique identifier of the TMS to which this configuration applies.
ID() TMSID
// IsSet checks if a specific configuration key is defined.
IsSet(key string) bool
// UnmarshalKey decodes the configuration value associated with a key into a provided struct or interface.
// The key is typically relative to the TMS configuration block.
UnmarshalKey(key string, rawVal any) error
// GetString retrieves the value for a key as a string.
GetString(key string) string
// GetBool retrieves the value for a key as a boolean.
GetBool(key string) bool
// TranslatePath converts a relative configuration path into an absolute file system path.
TranslatePath(path string) string
}
Configuration provides methods for accessing the configuration of a specific Token Management Service (TMS). It abstracts the configuration's source and structure, allowing the TMS to retrieve settings such as identifiers, paths, and values in different formats.
type Deserializer ¶
type Deserializer interface {
// GetOwnerVerifier returns a signature verifier for a given owner identity.
GetOwnerVerifier(ctx context.Context, id Identity) (Verifier, error)
// GetIssuerVerifier returns a signature verifier for a given issuer identity.
GetIssuerVerifier(ctx context.Context, id Identity) (Verifier, error)
// GetAuditorVerifier returns a signature verifier for a given auditor identity.
GetAuditorVerifier(ctx context.Context, id Identity) (Verifier, error)
// Recipients extracts all recipient identities from a given serialized identity.
Recipients(raw Identity) ([]Identity, error)
// GetAuditInfoMatcher provides an identity matcher for a given identity and its audit metadata.
GetAuditInfoMatcher(ctx context.Context, owner Identity, auditInfo []byte) (Matcher, error)
// MatchIdentity checks if a specific identity corresponds to the provided audit data.
MatchIdentity(ctx context.Context, id Identity, ai []byte) error
// GetAuditInfo retrieves the audit information for a specific identity using an AuditInfoProvider.
GetAuditInfo(ctx context.Context, id Identity, p AuditInfoProvider) ([]byte, error)
}
Deserializer provides methods for converting serialized identities (owner, issuer, auditor) into cryptographic signature verifiers, which are used to validate transaction signatures.
type Driver ¶
type Driver interface {
PPReader
// NewTokenService returns a new TokenManagerService instance.
NewTokenService(tmsID TMSID, publicParams []byte) (TokenManagerService, error)
}
Driver is the interface that must be implemented by a token driver to create TokenManagerService instances.
type FullIdentity ¶
type FullIdentity interface {
SigningIdentity
Verifier
}
FullIdentity defines an identity that can both sign messages and verify signatures.
type GetStateFnc ¶
GetStateFnc models a function that returns the value for the given key from the ledger
type Identity ¶
Identity represents a generic identity
func FromProtoAuditableIdentitySlice ¶
func FromProtoAuditableIdentitySlice(identities []*request.AuditableIdentity) []Identity
FromProtoAuditableIdentitySlice converts []*request.AuditableIdentity to []Identity
func FromProtoIdentitySlice ¶
FromProtoIdentitySlice converts []*driver.Identity to []Identity
func ToIdentity ¶
ToIdentity converts *driver.Identity to Identity
type IdentityConfiguration ¶
type IdentityConfiguration struct {
// ID is the unique identifier for this identity configuration.
ID string
// Type is the type of the identity (e.g., "bccsp", "idemix").
Type string
// URL is the location of the identity's credential material (e.g., path to MSP folder).
URL string
// Config contains driver-specific configuration options in encoded format.
Config []byte
// Raw contains the raw identity material if already loaded.
Raw []byte
}
IdentityConfiguration contains configuration-related information of an identity. It is used to describe how an identity should be loaded and managed by Panurus.
type IdentityProvider ¶
type IdentityProvider interface {
// RegisterRecipientData stores information about a token recipient, including their identity and audit metadata.
RegisterRecipientData(ctx context.Context, data *RecipientData) error
// GetAuditInfo retrieves the audit data associated with a specific identity.
GetAuditInfo(ctx context.Context, identity Identity) ([]byte, error)
// GetSigner returns a cryptographic signer for a given identity, enabling signature generation.
GetSigner(ctx context.Context, identity Identity) (Signer, error)
// RegisterSigner registers a pair of signer and verifier for a specific identity,
// along with additional identity information.
RegisterSigner(ctx context.Context, identity Identity, signer Signer, verifier Verifier, signerInfo []byte, ephemeral bool) error
// AreMe checks a list of identities and returns those that have signers registered with this provider.
AreMe(ctx context.Context, identities ...Identity) []string
// IsMe returns true if a signer has been registered for the specified identity.
IsMe(ctx context.Context, party Identity) bool
// GetEnrollmentID extracts the enrollment identifier from the provided audit information for a specific identity.
GetEnrollmentID(ctx context.Context, identity Identity, auditInfo []byte) (string, error)
// GetRevocationHandler extracts the revocation handler from the provided audit information for a specific identity.
GetRevocationHandler(ctx context.Context, identity Identity, auditInfo []byte) (string, error)
// GetEIDAndRH returns both the enrollment ID and the revocation handle associated with a specific identity and its audit data.
GetEIDAndRH(ctx context.Context, identity Identity, auditInfo []byte) (string, string, error)
// Bind associates a long-term identity with one or more ephemeral (short-term) identities.
Bind(ctx context.Context, longTerm Identity, ephemeralIdentities ...Identity) error
// RegisterRecipientIdentity registers a third-party recipient's identity without requiring audit information initially.
RegisterRecipientIdentity(ctx context.Context, id Identity) error
}
IdentityProvider provides services for managing identities, including signing, verification, and audit information. It acts as a central registry for identities and their associated cryptographic materials.
type IdentityType ¶
type IdentityType = int32
IdentityType identifies the type of identity
const ( ZeroIdentityType IdentityType = 0 // IdemixIdentityType IdentityType = 1 X509IdentityType IdentityType = 2 IdemixNymIdentityType IdentityType = 3 HTLCScriptIdentityType IdentityType = 4 MultiSigIdentityType IdentityType = 5 PolicyIdentityType IdentityType = 6 )
This is a list of reserved identities
type IdentityTypeString ¶
type IdentityTypeString = string
IdentityTypeString identifies the type of identity as a string
const ( IdemixIdentityTypeString IdentityTypeString = "idemix" X509IdentityTypeString IdentityTypeString = "x509" IdemixNymIdentityTypeString IdentityTypeString = "idemixnym" HTLCScriptIdentityTypeString IdentityTypeString = "htlc" MultiSigIdentityTypeString IdentityTypeString = "multisig" PolicyIdentityTypeString IdentityTypeString = "policy" )
type Input ¶
type Input interface {
// GetOwner returns the cryptographic owner of the token.
GetOwner() []byte
}
Input represents a specific token that is being spent in a transaction.
type IssueAction ¶
type IssueAction interface {
Action
ActionWithInputs
// Serialize converts the action into its serialized byte representation.
Serialize() ([]byte, error)
// NumOutputs returns the total number of tokens created by this issuance.
NumOutputs() int
// GetSerializedOutputs retrieves the serialized representation of each created token.
GetSerializedOutputs() ([][]byte, error)
// GetOutputs returns the list of created tokens as Output interfaces.
GetOutputs() []Output
// IsAnonymous indicates whether the issuer's identity is hidden.
IsAnonymous() bool
// GetIssuer returns the identifier of the party that issued the tokens.
GetIssuer() []byte
// GetMetadata returns any additional driver-specific metadata associated with the issuance.
GetMetadata() map[string][]byte
// IsGraphHiding indicates whether the link between inputs and outputs is obfuscated.
IsGraphHiding() bool
// ExtraSigners returns any additional identities that must sign this action.
ExtraSigners() []Identity
}
IssueAction represents a single token issuance event on the ledger.
type IssueInputMetadata ¶
func (*IssueInputMetadata) FromProtos ¶
func (i *IssueInputMetadata) FromProtos(issueInputMetadata *request.IssueInputMetadata) error
func (*IssueInputMetadata) ToProtos ¶
func (i *IssueInputMetadata) ToProtos() (*request.IssueInputMetadata, error)
type IssueMetadata ¶
type IssueMetadata struct {
// Issuer is the identity of the issuer
Issuer AuditableIdentity
Inputs []*IssueInputMetadata
Outputs []*IssueOutputMetadata
// ExtraSigners is the list of extra identities that are not part of the issue action per se
// but needs to sign the request
ExtraSigners []AuditableIdentity
}
IssueMetadata contains the metadata of an issue action. In more details, there is an issuer and a list of outputs. For each output, there is a token info and a list of receivers with their audit info to recover their enrollment ID.
func (*IssueMetadata) FromProtos ¶
func (i *IssueMetadata) FromProtos(issueMetadata *request.IssueMetadata) error
func (*IssueMetadata) IsOutputAbsent ¶
func (i *IssueMetadata) IsOutputAbsent(j int) bool
IsOutputAbsent returns true if the j-th output's metadata is absent (e.g., filtered out).
func (*IssueMetadata) Match ¶
func (i *IssueMetadata) Match(action IssueAction) error
Match verifies that the given action matches this metadata. It performs a deep check of inputs, outputs, extra signers, and the issuer identity.
func (*IssueMetadata) Receivers ¶
func (i *IssueMetadata) Receivers() []Identity
func (*IssueMetadata) ToProtos ¶
func (i *IssueMetadata) ToProtos() (*request.IssueMetadata, error)
type IssueOptions ¶
type IssueOptions struct {
// Attributes is a container of generic options that might be driver specific
Attributes map[string]any
// TokensUpgradeRequest is a request to upgrade tokens
TokensUpgradeRequest *TokenUpgradeRequest
// Wallet is the wallet that should be used to issue the tokens.
Wallet IssuerWallet
}
IssueOptions models the options that can be passed to the issue command
type IssueOutputMetadata ¶
type IssueOutputMetadata struct {
OutputMetadata []byte
// OutputAuditInfo, for each output owner we have audit info
OutputAuditInfo []byte
// Receivers, for each output we have a receiver
Receivers []*AuditableIdentity
}
IssueOutputMetadata is the metadata of an output in an issue action
func (*IssueOutputMetadata) FromProtos ¶
func (i *IssueOutputMetadata) FromProtos(outputsMetadata *request.OutputMetadata) error
func (*IssueOutputMetadata) RecipientAt ¶
func (i *IssueOutputMetadata) RecipientAt(index int) *AuditableIdentity
func (*IssueOutputMetadata) ToProtos ¶
func (i *IssueOutputMetadata) ToProtos() (*request.OutputMetadata, error)
type IssueService ¶
type IssueService interface {
// Issue generates an IssuerAction for the issuance of tokens of the specified type.
// It takes the identity of the issuer, the token type, and a list of values and their respective owners.
// Optional configuration can be provided through IssueOptions.
// The method returns:
// - An IssueAction, which captures the issuance details for the ledger.
// - IssueMetadata, containing additional information about the issuance for the requester.
// - An error if the issuance generation fails.
Issue(ctx context.Context, issuerIdentity Identity, tokenType token.Type, values []uint64, owners [][]byte, opts *IssueOptions) (IssueAction, *IssueMetadata, error)
// VerifyIssue validates the well-formedness and correctness of an IssueAction.
// It checks the action against the provided metadata to ensure that the issuance is valid
// according to the driver's rules.
VerifyIssue(ctx context.Context, ia IssueAction, metadata []*IssueOutputMetadata) error
// DeserializeIssueAction reconstructs an IssueAction from its serialized byte representation.
DeserializeIssueAction(raw []byte) (IssueAction, error)
}
IssueService defines the methods to manage the token issuance lifecycle.
type IssuerWallet ¶
type IssuerWallet interface {
Wallet
// GetIssuerIdentity returns an issuer identity for the passed token type.
// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
GetIssuerIdentity(tokenType token.Type) (Identity, error)
// HistoryTokens returns the list of tokens issued by this wallet filtered using the passed options.
HistoryTokens(ctx context.Context, opts *ListTokensOptions) (*token.IssuedTokens, error)
}
IssuerWallet models the wallet of an issuer
type Ledger ¶
type Ledger interface {
// GetState returns the value for the given key
GetState(id token.ID) ([]byte, error)
}
Ledger models a read-only ledger
type LedgerToken ¶
type LedgerToken interface {
GetOwner() []byte
}
type LedgerTokensIterator ¶
type LedgerTokensIterator = iterators.Iterator[*token.LedgerToken]
type ListTokensOptions ¶
ListTokensOptions contains options that can be used to list tokens from a wallet
type Matcher ¶
type Matcher interface {
// Match returns true if the passed identity matches this matcher
Match(ctx context.Context, identity []byte) error
}
Matcher models a matcher that can be used to match identities
type MatcherDeserializer ¶
type MatcherDeserializer interface {
GetAuditInfoMatcher(ctx context.Context, owner Identity, auditInfo []byte) (Matcher, error)
}
MatcherDeserializer is the interface for identity matchers' deserializer.
type MetadataDeserializer ¶
type Output ¶
type Output interface {
// Serialize converts the output into its serialized byte representation.
Serialize() ([]byte, error)
// IsRedeem indicates whether the output is being redeemed (burned) rather than assigned to an owner.
IsRedeem() bool
// GetOwner returns the cryptographic owner assigned to the created token.
GetOwner() []byte
}
Output represents a token that is being created as a result of a transaction.
type OwnerWallet ¶
type OwnerWallet interface {
Wallet
// GetRecipientIdentity returns a recipient identity.
// Depending on the underlying wallet implementation, this can be a long-term or ephemeral identity.
// Using the returned identity as an index, one can retrieve the following information:
// - Identity audit info via GetAuditInfo;
// - TokenMetadata via GetTokenMetadata;
// - TokenIdentityMetadata via GetTokenMetadataAuditInfo.
GetRecipientIdentity(ctx context.Context) (Identity, error)
// GetRecipientData returns a recipient data struct, it does not include the token metadata audit info
GetRecipientData(ctx context.Context) (*RecipientData, error)
// GetAuditInfo returns auditing information for the passed identity
GetAuditInfo(ctx context.Context, id Identity) ([]byte, error)
// GetTokenMetadata returns the public information related to the token to be assigned to passed recipient identity.
GetTokenMetadata(id Identity) ([]byte, error)
// GetTokenMetadataAuditInfo returns private information about the token metadata assigned to the passed recipient identity.
GetTokenMetadataAuditInfo(id Identity) ([]byte, error)
// ListTokens returns the list of unspent tokens owned by this wallet filtered using the passed options.
ListTokens(ctx context.Context, opts *ListTokensOptions) (*token.UnspentTokens, error)
// ListTokensIterator returns an iterator of unspent tokens owned by this wallet filtered using the passed options.
ListTokensIterator(ctx context.Context, opts *ListTokensOptions) (UnspentTokensIterator, error)
// Balance returns the sum of the amounts of the tokens with type and EID equal to those passed as arguments.
// The result is returned as a *big.Int to support arbitrary precision and prevent overflow.
Balance(ctx context.Context, opts *ListTokensOptions) (*big.Int, error)
// EnrollmentID returns the enrollment ID of the owner wallet
EnrollmentID() string
// RegisterRecipient register the passed recipient data.
// The data is passed as pointer to allow the underlying token driver to modify them if needed.
RegisterRecipient(ctx context.Context, data *RecipientData) error
// Remote returns true if this wallet is verify only, meaning that the corresponding secret key is external to this wallet
Remote() bool
}
OwnerWallet models the wallet of a token recipient.
type PPHash ¶
type PPHash []byte
PPHash is used to model the hash of the raw public parameters. This should avoid confusion between the bytes of the public params themselves and its hash.
type PPMFactory ¶
type PPMFactory interface {
PPReader
// NewPublicParametersManager returns a new PublicParametersManager instance from the passed public parameters
NewPublicParametersManager(pp PublicParameters) (PublicParamsManager, error)
}
PPMFactory contains the static logic of the driver
type PPReader ¶
type PPReader interface {
// PublicParametersFromBytes unmarshals the bytes to a PublicParameters instance.
PublicParametersFromBytes(params []byte) (PublicParameters, error)
}
type PublicParameters ¶
type PublicParameters interface {
// TokenDriverName returns the unique name of the token driver.
TokenDriverName() TokenDriverName
// TokenDriverVersion returns the version of the token driver for which these parameters are valid.
TokenDriverVersion() TokenDriverVersion
// TokenDataHiding indicates whether token values and types are hidden (obfuscated).
TokenDataHiding() bool
// GraphHiding indicates whether the transaction graph (linkage between tokens) is hidden.
GraphHiding() bool
// MaxTokenValue returns the maximum value any single token can have.
MaxTokenValue() uint64
// CertificationDriver returns the identifier of the certification driver, if any.
CertificationDriver() string
// Auditors returns the list of identities authorized to audit transactions.
Auditors() []Identity
// Issuers returns the list of identities authorized to issue tokens.
Issuers() []Identity
// Precision returns the numeric precision used for token values.
Precision() uint64
// String provides a human-readable representation of the public parameters.
String() string
// Serialize converts the public parameters into their byte representation.
Serialize() ([]byte, error)
// Validate checks if the public parameters are internally consistent and valid.
Validate() error
// Extras provides access to additional, driver-specific parameters.
Extras() Extras
}
PublicParameters defines the common interface for a driver's public parameters. These parameters are shared among all participants in the token network and define the rules and characteristics of the token system.
type PublicParamsFetcher ¶
type PublicParamsFetcher interface {
// Fetch fetches the public parameters from a repository.
Fetch() ([]byte, error)
}
PublicParamsFetcher models a public parameters fetcher.
type PublicParamsManager ¶
type PublicParamsManager interface {
// PublicParameters returns the current set of public parameters.
PublicParameters() PublicParameters
// NewCertifierKeyPair generates a new public-private key pair for a certifier, if supported by the driver.
NewCertifierKeyPair() ([]byte, []byte, error)
// PublicParamsHash returns a unique hash of the serialized public parameters.
PublicParamsHash() PPHash
}
PublicParamsManager provides methods for managing and accessing the driver's public parameters. It also facilitates the generation of cryptographic materials like certifier key pairs.
type QueryEngine ¶
type QueryEngine interface {
// IsPending checks if the transaction associated with the given token ID is still pending.
IsPending(ctx context.Context, id *token.ID) (bool, error)
// GetStatus returns the execution status of a specific transaction.
GetStatus(ctx context.Context, txID string) (TxStatus, string, error)
// IsMine checks if a specific token is owned by any wallet known to the service.
IsMine(ctx context.Context, id *token.ID) (bool, error)
// UnspentTokensIterator returns an iterator to traverse all unspent tokens on the ledger.
UnspentTokensIterator(ctx context.Context) (UnspentTokensIterator, error)
// UnspentLedgerTokensIteratorBy returns an iterator to traverse all unspent ledger tokens.
UnspentLedgerTokensIteratorBy(ctx context.Context) (LedgerTokensIterator, error)
// UnspentTokensIteratorBy returns an iterator over unspent tokens owned by a specific wallet and optionally filtered by token type.
UnspentTokensIteratorBy(ctx context.Context, walletID string, tokenType token.Type) (UnspentTokensIterator, error)
// ListUnspentTokens returns a comprehensive list of all unspent tokens.
ListUnspentTokens(ctx context.Context) (*token.UnspentTokens, error)
// ListAuditTokens returns the audited token data for the specified token IDs.
// The result is in order of ids meaning that the first token correspond to the first id and so on.
ListAuditTokens(ctx context.Context, ids ...*token.ID) ([]*token.Token, error)
// ListHistoryIssuedTokens returns a list of all tokens issued by the service.
ListHistoryIssuedTokens(ctx context.Context) (*token.IssuedTokens, error)
// PublicParams returns the serialized public parameters used by the driver.
PublicParams(ctx context.Context) ([]byte, error)
// GetTokenMetadata retrieves the private information (metadata) for the given token IDs.
GetTokenMetadata(ctx context.Context, ids []*token.ID) ([][]byte, error)
// GetTokenOutputs retrieves the raw token outputs as stored on the ledger for the specified token IDs.
GetTokenOutputs(ctx context.Context, ids []*token.ID, callback QueryCallbackFunc) error
// GetTokenOutputsAndMeta retrieves both the raw token outputs and their metadata for the specified token IDs.
GetTokenOutputsAndMeta(ctx context.Context, ids []*token.ID) ([][]byte, [][]byte, []token.Format, error)
// GetTokens returns the de-obfuscated token data for the specified token IDs.
GetTokens(ctx context.Context, inputs ...*token.ID) ([]*token.Token, error)
// WhoDeletedTokens identifies which transaction deleted the specified tokens.
WhoDeletedTokens(ctx context.Context, inputs ...*token.ID) ([]string, []bool, error)
// Balance calculates the total value of unspent tokens of a specific type owned by a wallet.
// The result is returned as a *big.Int to support arbitrary precision and prevent overflow.
Balance(ctx context.Context, id string, tokenType token.Type) (*big.Int, error)
}
QueryEngine provides a read-only interface for querying token-related data from the ledger. It allows for checking transaction status, ownership, and retrieving unspent tokens.
type RecipientData ¶
type RecipientData struct {
// Identity is the owner's cryptographic identity.
Identity Identity
// AuditInfo contains private metadata used for auditing the owner's identity.
AuditInfo []byte
// TokenMetadata contains public information about the token being assigned to this recipient.
TokenMetadata []byte
// TokenMetadataAuditInfo contains private metadata used for auditing the token metadata.
TokenMetadataAuditInfo []byte
}
RecipientData captures details about a token's recipient, used for registration and tracking.
type RecipientExtractor ¶
RecipientExtractor extracts the recipients from an identity
type RequestSignature ¶
type RequestSignature struct {
Action *ActionSignature
Auditor *AuditorSignature
}
func (*RequestSignature) FromProtos ¶
func (r *RequestSignature) FromProtos(tr *request.RequestSignature) error
func (*RequestSignature) ToProtos ¶
func (r *RequestSignature) ToProtos() (*request.RequestSignature, error)
type ServiceOptions ¶
type ServiceOptions struct {
// Network is the name of the network
Network string
// Channel is the name of the channel, if meaningful for the underlying backend
Channel string
// Namespace is the namespace of the token
Namespace string
// PublicParamsFetcher is used to fetch the public parameters
PublicParamsFetcher PublicParamsFetcher
// PublicParams contains the public params to use to instantiate the driver
PublicParams []byte
// Params is used to store any application specific parameter
Params map[string]any
}
ServiceOptions is used to configure the service
func (ServiceOptions) ParamAsString ¶
func (o ServiceOptions) ParamAsString(key string) (string, error)
ParamAsString returns the value bound to the passed key. If the key is not found, it returns the empty string. if the value bound to the passed key is not a string, it returns an error.
func (ServiceOptions) String ¶
func (o ServiceOptions) String() string
type SetupAction ¶
type SetupAction interface {
// GetSetupParameters returns the serialized public parameters from the setup action.
GetSetupParameters() ([]byte, error)
}
SetupAction defines the interface for actions that update the driver's public parameters.
type SignatureProvider ¶
type SignatureProvider interface {
// HasBeenSignedBy returns true and the verified signature if the provider contains a valid signature for the passed identity and verifier
HasBeenSignedBy(c context.Context, id Identity, verifier Verifier) ([]byte, error)
// Signatures returns the signatures inside this provider
Signatures() [][]byte
}
type Signer ¶
type Signer interface {
// Sign signs the provided message and returns the resulting signature.
Sign(message []byte) ([]byte, error)
}
Signer defines the interface for generating cryptographic signatures.
type SigningIdentity ¶
type SigningIdentity interface {
// Sign signs the provided message bytes and returns the resulting signature.
Sign(raw []byte) ([]byte, error)
// Serialize converts the signing identity into its byte representation.
Serialize() ([]byte, error)
}
SigningIdentity represents an identity capable of generating cryptographic signatures.
type SpendableTokensIterator ¶
type SpendableTokensIterator = iterators.Iterator[*token.UnspentTokenInWallet]
type TokenAndMetadataDeserializer ¶
type TokenAndMetadataDeserializer[T any, M any] interface { TokenDeserializer[T] MetadataDeserializer[M] }
type TokenDeserializer ¶
type TokenDriverVersion ¶
type TokenDriverVersion uint32
TokenDriverVersion is the version of a token driver
type TokenManagerService ¶
type TokenManagerService interface {
// IssueService returns an instance of the IssueService interface, which manages the issuance of new tokens.
IssueService() IssueService
// TransferService returns an instance of the TransferService interface, which handles the transfer of token ownership.
TransferService() TransferService
// TokensService returns an instance of the TokensService interface, providing general token management utilities.
TokensService() TokensService
// TokensUpgradeService returns an instance of the TokensUpgradeService interface, enabling token upgrades.
TokensUpgradeService() TokensUpgradeService
// AuditorService returns an instance of the AuditorService interface, facilitating token auditing capabilities.
AuditorService() AuditorService
// CertificationService returns an instance of the CertificationService interface, managing token certifications.
CertificationService() CertificationService
// Deserializer returns an instance of the Deserializer interface, which deserializes identities to obtain signature verifiers.
Deserializer() Deserializer
// IdentityProvider returns an instance of the IdentityProvider interface, managing identities and their associated information.
IdentityProvider() IdentityProvider
// Validator returns an instance of the Validator interface, which provides mechanisms for validating token transactions.
Validator() (Validator, error)
// PublicParamsManager returns an instance of the PublicParamsManager interface, managing the driver's public parameters.
PublicParamsManager() PublicParamsManager
// Configuration returns an instance of the Configuration interface, providing access to driver-specific configuration.
Configuration() Configuration
// WalletService returns an instance of the WalletService interface, which manages issuer, owner, auditor, and certifier wallets.
WalletService() WalletService
// Authorization returns an instance of the Authorization interface, used to check the relationship between tokens and wallets.
Authorization() Authorization
// Done releases all the resources allocated by this service, ensuring a clean shutdown.
Done() error
}
TokenManagerService is the core entry point of the Driver API. It provides access to a comprehensive suite of services for token issuance, transfer, auditing, and management. Each driver implementation must provide a concrete implementation of this interface to enable Panurus to interact with its specific token technology.
type TokenManagerServiceProvider ¶
type TokenManagerServiceProvider interface {
// GetTokenManagerService returns a TokenManagerService instance for the passed parameters
// If a TokenManagerService is not available, it creates one.
GetTokenManagerService(opts ServiceOptions) (TokenManagerService, error)
// Update uses the given options to update the public parameters of a given TMS.
// If the public parameters in the options are identical to those in the current TMS, then nothing happens.
// If a TMS does not exist for the given options, one is created with the given public parameters.
Update(options ServiceOptions) error
}
type TokenOutputMetadata ¶
type TokenOutputMetadata []byte
TokenOutputMetadata models the metadata of an output on the ledger
type TokenRequest ¶
type TokenRequest struct {
// Version specifies the protocol version for this token request.
// Defaults to ProtocolV1 (structured format) for new requests.
// The asn1 tag with "-" means this field is never included in ASN.1 marshaling,
// ensuring consistent signature verification.
Version uint32
Actions []*TypedAction // Unified slice of all actions
Signatures []*RequestSignature
}
TokenRequest represents a collection of token actions (issuance and transfer). Each action within the request is logically independent, though they are processed together. A TokenRequest also includes the signatures (witnesses) required to authorize its actions.
func (*TokenRequest) Bytes ¶
func (r *TokenRequest) Bytes() ([]byte, error)
func (*TokenRequest) FromBytes ¶
func (r *TokenRequest) FromBytes(raw []byte) error
func (*TokenRequest) FromProtos ¶
func (r *TokenRequest) FromProtos(tr *request.TokenRequest) error
func (*TokenRequest) GetIssues ¶
func (r *TokenRequest) GetIssues() [][]byte
GetIssues returns all issue actions from the unified Actions slice
func (*TokenRequest) GetTransfers ¶
func (r *TokenRequest) GetTransfers() [][]byte
GetTransfers returns all transfer actions from the unified Actions slice
func (*TokenRequest) MarshalToMessageToSign ¶
func (r *TokenRequest) MarshalToMessageToSign(anchor []byte) ([]byte, error)
MarshalToMessageToSign creates a canonical byte representation of the TokenRequest for signature generation using the structured ASN.1 format.
The ProtocolV1 format uses a secure structured ASN.1 format with separate Request and Anchor fields, providing robust boundary separation and preventing collision attacks.
Parameters:
- anchor: A unique identifier (e.g., transaction ID) that binds this signature to a specific context. Must be non-empty and within size limits.
Security considerations:
- The anchor MUST be unique per transaction to prevent signature reuse
- Signatures are not included in the marshaled data to avoid circular dependencies
- Structured format provides strong security guarantees against collision attacks
Returns the message bytes to be signed, or an error if marshaling fails.
func (*TokenRequest) NumIssues ¶
func (r *TokenRequest) NumIssues() int
NumIssues returns the count of issue actions
func (*TokenRequest) NumTransfers ¶
func (r *TokenRequest) NumTransfers() int
NumTransfers returns the count of transfer actions
func (*TokenRequest) ToProtos ¶
func (r *TokenRequest) ToProtos() (*request.TokenRequest, error)
func (*TokenRequest) Validate ¶
func (r *TokenRequest) Validate() error
Validate checks the structural validity of the TokenRequest. It ensures that all required fields are present and non-empty. This method should be called after unmarshalling to verify the request is well-formed.
Special case: Empty requests (nil Actions or empty Actions slice) are allowed to support test scenarios where requests are created but not yet populated. This is necessary because ToProtos() sets Version=ProtocolV1 even for empty requests.
Returns an error if:
- Any action in Actions is nil
- Any action has empty Raw bytes
- Any signature in Signatures is nil
- Any signature has empty signature bytes
type TokenRequestAnchor ¶
type TokenRequestAnchor string
TokenRequestAnchor models the anchor of a token request
type TokenRequestMetadata ¶
type TokenRequestMetadata struct {
// Actions contains metadata for all actions in the corresponding TokenRequest.
Actions []*ActionMetadataEntry
// Application allows for attaching arbitrary application-level metadata to the token request.
Application map[string][]byte
}
TokenRequestMetadata contains the supplementary information needed to process and interpret a TokenRequest. It includes metadata for each issuance and transfer action, enabling de-obfuscation and identity recovery.
func (*TokenRequestMetadata) Bytes ¶
func (m *TokenRequestMetadata) Bytes() ([]byte, error)
func (*TokenRequestMetadata) FromBytes ¶
func (m *TokenRequestMetadata) FromBytes(raw []byte) error
func (*TokenRequestMetadata) FromProtos ¶
func (m *TokenRequestMetadata) FromProtos(trm *request.TokenRequestMetadata) error
func (*TokenRequestMetadata) GetIssueMetadata ¶
func (m *TokenRequestMetadata) GetIssueMetadata(index int) (*IssueMetadata, error)
GetIssueMetadata returns issue metadata at the given index (among issues only)
func (*TokenRequestMetadata) GetTransferMetadata ¶
func (m *TokenRequestMetadata) GetTransferMetadata(index int) (*TransferMetadata, error)
GetTransferMetadata returns transfer metadata at the given index (among transfers only)
func (*TokenRequestMetadata) NumIssues ¶
func (m *TokenRequestMetadata) NumIssues() int
NumIssues returns the count of issue metadata entries
func (*TokenRequestMetadata) NumTransfers ¶
func (m *TokenRequestMetadata) NumTransfers() int
NumTransfers returns the count of transfer metadata entries
func (*TokenRequestMetadata) ToProtos ¶
func (m *TokenRequestMetadata) ToProtos() (*request.TokenRequestMetadata, error)
type TokenUpgradeRequest ¶
type TokenUpgradeRequest struct {
// Challenge is a challenge to be solved by the prover
Challenge TokensUpgradeChallenge
// Tokens is a list of tokens to be converted
Tokens []token.LedgerToken
// Proof is a proof that the prover has solved the challenge
Proof TokensUpgradeProof
}
TokenUpgradeRequest is a request to convert tokens
type TokenVault ¶
type TokenVault interface {
IsPending(ctx context.Context, id *token.ID) (bool, error)
GetTokenOutputsAndMeta(ctx context.Context, ids []*token.ID) ([][]byte, [][]byte, []token.Format, error)
GetTokenOutputs(ctx context.Context, ids []*token.ID, callback QueryCallbackFunc) error
UnspentTokensIteratorBy(ctx context.Context, id string, tokenType token.Type) (UnspentTokensIterator, error)
ListHistoryIssuedTokens(ctx context.Context) (*token.IssuedTokens, error)
PublicParams(ctx context.Context) ([]byte, error)
Balance(ctx context.Context, id string, tokenType token.Type) (*big.Int, error)
}
type TokensService ¶
type TokensService interface {
// SupportedTokenFormats returns the list of token formats supported by the driver.
SupportedTokenFormats() []token.Format
// Deobfuscate decodes a token output and its metadata to reveal its underlying details.
// It returns the de-obfuscated token, the identity of its issuer (if applicable),
// the list of its recipients, and its format.
Deobfuscate(ctx context.Context, output TokenOutput, outputMetadata TokenOutputMetadata) (*token.Token, Identity, []Identity, token.Format, error)
// Recipients extracts the recipient identities from a given token output.
Recipients(output TokenOutput) ([]Identity, error)
}
TokensService provides utilities for managing and interacting with tokens. It includes functionality for de-obfuscating token outputs and extracting recipient information.
type TokensUpgradeChallenge ¶
type TokensUpgradeChallenge = []byte
TokensUpgradeChallenge is the challenge the issuer generates to make sure the client is not cheating
type TokensUpgradeProof ¶
type TokensUpgradeProof = []byte
TokensUpgradeProof is the proof generated with the respect to a given challenge to prove the validity of the tokens to be upgrade
type TokensUpgradeService ¶
type TokensUpgradeService interface {
// NewUpgradeChallenge generates a new upgrade challenge that the issuer
// provides to the client to ensure the integrity of the upgrade process.
NewUpgradeChallenge() (TokensUpgradeChallenge, error)
// GenUpgradeProof generates a proof of the validity of the tokens to be upgraded,
// based on the provided challenge and ledger tokens.
GenUpgradeProof(ctx context.Context, ch TokensUpgradeChallenge, tokens []token.LedgerToken, witness TokensUpgradeWitness) (TokensUpgradeProof, error)
// CheckUpgradeProof verifies the provided upgrade proof against the challenge
// and the tokens to ensure the upgrade is valid and authorized.
CheckUpgradeProof(ctx context.Context, ch TokensUpgradeChallenge, proof TokensUpgradeProof, tokens []token.LedgerToken) (bool, error)
}
TokensUpgradeService defines the methods to manage the token upgrade lifecycle. Token upgrades allow for tokens of one version or format to be converted to another, ensuring system continuity and consistency during transitions.
type TokensUpgradeWitness ¶
type TokensUpgradeWitness = []byte
TokensUpgradeWitness contains any other additional information needed to generate a TokensUpgradeProof
type TransferAction ¶
type TransferAction interface {
Action
ActionWithInputs
// Serialize converts the action into its serialized byte representation.
Serialize() ([]byte, error)
// NumOutputs returns the total number of tokens created by this transfer.
NumOutputs() int
// GetSerializedOutputs retrieves the serialized representation of each created token.
GetSerializedOutputs() ([][]byte, error)
// GetOutputs returns the list of created tokens as Output interfaces.
GetOutputs() []Output
// IsRedeemAt checks if a specific output, by its index, is a redeem output.
IsRedeemAt(index int) bool
// SerializeOutputAt returns the serialized representation of a specific output.
SerializeOutputAt(index int) ([]byte, error)
// IsGraphHiding indicates whether the link between inputs and outputs is obfuscated.
IsGraphHiding() bool
// GetMetadata returns any additional driver-specific metadata associated with the transfer.
GetMetadata() map[string][]byte
// GetIssuer returns the identity of the issuer in cases where the transfer includes redemption.
GetIssuer() Identity
}
TransferAction represents a token transfer event on the ledger.
type TransferInputMetadata ¶
type TransferInputMetadata struct {
TokenID *token.ID
Senders []*AuditableIdentity
}
func (*TransferInputMetadata) FromProtos ¶
func (t *TransferInputMetadata) FromProtos(transferInputMetadata *request.TransferInputMetadata) error
func (*TransferInputMetadata) ToProtos ¶
func (t *TransferInputMetadata) ToProtos() (*request.TransferInputMetadata, error)
type TransferMetadata ¶
type TransferMetadata struct {
Inputs []*TransferInputMetadata
Outputs []*TransferOutputMetadata
// ExtraSigners is the list of extra identities that are not part of the transfer action per se
// but needs to sign the request
ExtraSigners []AuditableIdentity
// Issuer contains the identity of the issuer to sign the transfer action
Issuer AuditableIdentity
}
TransferMetadata contains the metadata of a transfer action For each TokenID there is a sender with its audit info to recover its enrollment ID, For each Output there is: - A OutputMetadata entry to de-obfuscate the output; - A Receiver identity; - A ReceiverAuditInfo entry to recover the enrollment ID of the receiver - A Flag to indicate if the receiver is a sender in this very same action
func (*TransferMetadata) FromProtos ¶
func (t *TransferMetadata) FromProtos(transferMetadata *request.TransferMetadata) error
func (*TransferMetadata) IsInputAbsent ¶
func (t *TransferMetadata) IsInputAbsent(j int) bool
IsInputAbsent returns true if the j-th input's metadata is absent (e.g., filtered out).
func (*TransferMetadata) IsOutputAbsent ¶
func (t *TransferMetadata) IsOutputAbsent(j int) bool
IsOutputAbsent returns true if the j-th output's metadata is absent (e.g., filtered out).
func (*TransferMetadata) Match ¶
func (t *TransferMetadata) Match(action TransferAction) error
Match verifies that the given action matches this metadata. It performs a deep check of inputs, outputs, extra signers, and the issuer identity (if present).
func (*TransferMetadata) Receivers ¶
func (t *TransferMetadata) Receivers() []Identity
func (*TransferMetadata) Senders ¶
func (t *TransferMetadata) Senders() []Identity
func (*TransferMetadata) ToProtos ¶
func (t *TransferMetadata) ToProtos() (*request.TransferMetadata, error)
func (*TransferMetadata) TokenIDAt ¶
func (t *TransferMetadata) TokenIDAt(index int) *token.ID
TokenIDAt returns the TokenID at the given index. It returns nil if the index is out of bounds.
func (*TransferMetadata) TokenIDs ¶
func (t *TransferMetadata) TokenIDs() []*token.ID
type TransferOptions ¶
type TransferOptions struct {
// Attributes is a container of generic options that might be driver specific
Attributes map[string]any
}
TransferOptions models the options that can be passed to the transfer command
type TransferOutputMetadata ¶
type TransferOutputMetadata struct {
OutputMetadata []byte
// OutputAuditInfo, for each output owner we have audit info
OutputAuditInfo []byte
// Receivers is the list of receivers
Receivers []*AuditableIdentity
}
TransferOutputMetadata is the metadata of an output in a transfer action
func (*TransferOutputMetadata) FromProtos ¶
func (t *TransferOutputMetadata) FromProtos(transferOutputMetadata *request.OutputMetadata) error
func (*TransferOutputMetadata) RecipientAt ¶
func (t *TransferOutputMetadata) RecipientAt(index int) *AuditableIdentity
func (*TransferOutputMetadata) ToProtos ¶
func (t *TransferOutputMetadata) ToProtos() (*request.OutputMetadata, error)
type TransferService ¶
type TransferService interface {
// Transfer generates a TransferAction to transfer the specified tokens.
// It uses the provided wallet and anchor, along with a list of token identifiers and target outputs.
// Additional options can be provided through TransferOptions.
// The method returns:
// - A TransferAction, which encodes the transfer details for the ledger.
// - TransferMetadata, containing additional information for the requester.
// - An error if the transfer generation fails.
Transfer(ctx context.Context, anchor TokenRequestAnchor, wallet OwnerWallet, ids []*token2.ID, outputs []*token2.Token, opts *TransferOptions) (TransferAction, *TransferMetadata, error)
// VerifyTransfer validates the well-formedness and correctness of a TransferAction.
// It ensures that the transfer adheres to the driver's rules and correctly spends its inputs
// to produce its outputs.
VerifyTransfer(ctx context.Context, tr TransferAction, outputMetadata []*TransferOutputMetadata) error
// DeserializeTransferAction reconstructs a TransferAction from its serialized byte representation.
DeserializeTransferAction(raw []byte) (TransferAction, error)
}
TransferService defines the methods to manage the token transfer lifecycle.
type TxStatus ¶
type TxStatus = int
TxStatus is the status of a transaction
const ( // Unknown is the status of a transaction that is unknown Unknown TxStatus = iota // Pending is the status of a transaction that has been submitted to the ledger Pending // Confirmed is the status of a transaction that has been confirmed by the ledger Confirmed // Deleted is the status of a transaction that has been deleted due to a failure to commit Deleted // Orphan is the status of a transaction that never reached the ledger (e.g. broadcast failure, mempool drop) Orphan )
type TypedAction ¶
type TypedAction struct {
Type request.ActionType // ACTION_TYPE_ISSUE or ACTION_TYPE_TRANSFER
Raw []byte // Serialized action data
}
TypedAction represents a single token action with its type and raw bytes
type UnspentTokensIterator ¶
type UnspentTokensIterator = iterators.Iterator[*token.UnspentToken]
type UnsupportedTokensIterator ¶
type UnsupportedTokensIterator = iterators.Iterator[*token.LedgerToken]
type ValidationAttributeID ¶
type ValidationAttributeID = string
ValidationAttributeID is the type of validation attribute identifier
type ValidationAttributes ¶
type ValidationAttributes = map[ValidationAttributeID][]byte
ValidationAttributes is a map containing attributes generated during validation
type Validator ¶
type Validator interface {
// UnmarshalActions reconstructs the individual actions (issue, transfer, etc.)
// from their serialized representation in a token request.
UnmarshalActions(raw []byte) ([]any, error)
// VerifyTokenRequestFromRaw validates a marshalled token request against the provided ledger state and anchor.
// It performs a comprehensive check of all actions and signatures within the request.
// It returns:
// - The list of unmarshalled actions.
// - A map of validation attributes (driver-specific) containing additional details about the request.
// - An error if the validation fails.
VerifyTokenRequestFromRaw(ctx context.Context, getState GetStateFnc, anchor TokenRequestAnchor, raw []byte) ([]any, ValidationAttributes, error)
// SetMinProtocolVersion configures the minimum protocol version that this validator will accept.
// Token requests with a protocol version below this minimum will be rejected during validation.
// Setting this to 0 (default) accepts all protocol versions.
// This is useful for enforcing protocol upgrades across a network.
SetMinProtocolVersion(version uint32)
}
Validator provides methods for validating token transaction requests. It ensures that requests are well-formed and consistent with the rules defined by the token driver.
type ValidatorDriver ¶
type ValidatorDriver interface {
PPReader
// NewValidator returns a new Validator instance from the passed public parameters
NewValidator(pp PublicParameters) (Validator, error)
}
ValidatorDriver is the interface that must be implemented by a token driver to create Validator instances.
type Vault ¶
type Vault interface {
// QueryEngine returns an instance of the QueryEngine interface for querying the ledger.
QueryEngine() QueryEngine
// CertificationStorage returns an instance of the CertificationStorage interface for managing token certifications.
CertificationStorage() CertificationStorage
}
Vault defines the interface for accessing the token vault, which stores tokens and their certifications. It provides a QueryEngine for querying the ledger and a CertificationStorage for managing certifications.
type Verifier ¶
type Verifier interface {
// Verify checks the signature against the provided message and returns nil if valid.
Verify(message, sigma []byte) error
}
Verifier defines the interface for verifying cryptographic signatures.
type VerifierDeserializer ¶
type VerifierDeserializer interface {
DeserializeVerifier(ctx context.Context, id Identity) (Verifier, error)
}
VerifierDeserializer is the interface for verifiers' deserializer. A verifier checks the validity of a signature against the identity associated with the verifier
type Wallet ¶
type Wallet interface {
// ID returns the ID of this wallet
ID() string
// Contains returns true if the passed identity belongs to this wallet
Contains(ctx context.Context, identity Identity) bool
// ContainsToken returns true if the passed token is owned by this wallet
ContainsToken(ctx context.Context, token *token.UnspentToken) bool
// GetSigner returns the Signer bound to the passed identity
GetSigner(ctx context.Context, identity Identity) (Signer, error)
}
Wallet models a generic wallet
type WalletLookupID ¶
type WalletLookupID = any
WalletLookupID defines the type of identifiers that can be used to retrieve a given wallet. It can be a string, as the name of the wallet, or an identity contained in that wallet. Ultimately, it is the token driver to decide which types are allowed.
type WalletService ¶
type WalletService interface {
// RegisterRecipientIdentity registers a recipient identity and its audit data.
RegisterRecipientIdentity(ctx context.Context, data *RecipientData) error
// GetAuditInfo retrieves the audit data associated with a specific identity.
GetAuditInfo(ctx context.Context, id Identity) ([]byte, error)
// GetEnrollmentID extracts the enrollment identifier from audit data for a given identity.
GetEnrollmentID(ctx context.Context, identity Identity, auditInfo []byte) (string, error)
// GetRevocationHandle extracts the revocation handler from audit data for a given identity.
GetRevocationHandle(ctx context.Context, identity Identity, auditInfo []byte) (string, error)
// GetEIDAndRH returns both the enrollment ID and the revocation handle for a given identity and audit data.
GetEIDAndRH(ctx context.Context, identity Identity, auditInfo []byte) (string, string, error)
// Wallet returns a generic wallet interface associated with the specified identity, if any.
Wallet(ctx context.Context, identity Identity) Wallet
// RegisterOwnerIdentity registers a long-term owner identity using the provided configuration.
RegisterOwnerIdentity(ctx context.Context, config IdentityConfiguration) error
// RegisterIssuerIdentity registers a long-term issuer identity using the provided configuration.
RegisterIssuerIdentity(ctx context.Context, config IdentityConfiguration) error
// OwnerWalletIDs returns a list of identifiers for all known owner wallets.
OwnerWalletIDs(ctx context.Context) ([]string, error)
// OwnerWallet retrieves an OwnerWallet instance based on its identifier or an identity belonging to it.
OwnerWallet(ctx context.Context, id WalletLookupID) (OwnerWallet, error)
// IssuerWallet retrieves an IssuerWallet instance based on its identifier or an identity belonging to it.
IssuerWallet(ctx context.Context, id WalletLookupID) (IssuerWallet, error)
// AuditorWallet retrieves an AuditorWallet instance based on its identifier or an identity belonging to it.
AuditorWallet(ctx context.Context, id WalletLookupID) (AuditorWallet, error)
// CertifierWallet retrieves a CertifierWallet instance based on its identifier or an identity belonging to it.
CertifierWallet(ctx context.Context, id WalletLookupID) (CertifierWallet, error)
// SpendIDs returns unique identifiers representing the potential spending of the specified token IDs.
SpendIDs(ids ...*token.ID) ([]string, error)
// Done releases all the resources allocated by this service.
Done() error
}
WalletService manages different types of token wallets: issuer, owner, auditor, and certifier. It provides methods for looking up wallets, registering identities, and extracting audit data.
type WalletServiceFactory ¶
type WalletServiceFactory interface {
PPReader
// NewWalletService returns an instance of the WalletService interface for the passed arguments
NewWalletService(tmsConfig Configuration, params PublicParameters) (WalletService, error)
}