Merge #109: Add Non interactive fee bumping example

ab42d67 Fix lint issues (Sanket Kanjalkar)
f2ccc62 Add Non interactive siganture example (Sanket Kanjalkar)

Pull request description:

  Had to refactor some of the dummy_env stuff.

  If I try to include change output in the default env, everything breaks and I did not want to spend time trying to fix all of tests. Instead, we create a new default with fee just for this one test case.

ACKs for top commit:
  uncomputable:
    ACK ab42d67 Feel free to optimize the `check_neg`  function.
  apoelstra:
    ACK ab42d67; successfully ran local tests

Tree-SHA512: ec4ccf979336f42464c640c139b2e8229e5e5ae1cd2cff91af4f933702d1891961fdd3be221ebc4b8a051573d6f0f33b6412751ba2b59500ff517a01a7a24166

Author: apoelstra

examples/non_interactive_fee_bump.simf

@@ -0,0 +1,73 @@
+/*
+ * NON-INTERACTIVE FEE BUMPING
+ *
+ * This feature allows anyone, including miners, to increase a transaction's fee by reducing the change amount,
+ * following a predefined rule that adds 1 satoshi to the fee every second.
+ *
+ * Allowed modifications without affecting the signature:
+ * - Increase the transaction's nLockTime, delaying its inclusion in a block.
+ * - Decrease the change output or increase the fee output.
+ *
+ * This enables miners to maximize their fees from transactions without needing external fee bumping services like
+ * sponsors, Child-Pays-For-Parent (CPFP), or anchor outputs, simplifying fee management for transaction inclusion.
+ */
+
+// This function computes a signature hash for transactions that allows non-interactive fee bumping.
+// It omits certain fields from the transaction that can be modified by anyone,
+// specifically nLockTime and change/fee outputs amounts.
+fn sighash_tx_nifb() -> u256 {
+    let ctx: Ctx8 = jet::sha_256_ctx_8_init();
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_4(ctx, jet::version());
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_32(ctx, jet::inputs_hash());
+    // Note that nlocktime is not signed.
+    // Add the hash of the first output (assumed the ONLY non-change output)
+    let ctx: Ctx8 = match jet::output_hash(0) {
+        Some(sighash : u256) => jet::sha_256_ctx_8_add_32(ctx, sighash),
+        None => panic!(),
+    };
+    // Add all output script pubkeys to the hash, including change and fee outputs script pubkeys
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_32(ctx, jet::output_scripts_hash());
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_32(ctx, jet::input_utxos_hash());
+    jet::sha_256_ctx_8_finalize(ctx)
+}
+
+// Combines the transaction hash with additional taproot-related data to form the overall transaction signature hash.
+fn sighash_nifb() -> u256 {
+    let ctx: Ctx8 = jet::sha_256_ctx_8_init();
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_32(ctx, jet::genesis_block_hash());
+    // Add the transaction-specific hash computed earlier
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_32(ctx, sighash_tx_nifb());
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_32(ctx, jet::tap_env_hash());
+    let ctx: Ctx8 = jet::sha_256_ctx_8_add_4(ctx, jet::current_index());
+    jet::sha_256_ctx_8_finalize(ctx)
+}
+
+// Helper function to ensure the provided boolean value is not negative.
+fn check_neg(v : bool) {
+    assert!(jet::eq_8(jet::left_pad_low_1_8(<bool>::into(v)), 0));
+}
+
+// Enforces a linear increase in transaction fee over time by adjusting the maximum fee allowed before a transaction is mined.
+fn total_fee_check() {
+    let curr_time : u32 = jet::tx_lock_time();
+    // [ELEMENTS]:Asset type for the transaction fee (explicitly specifying asset type, typically BTC asset)
+    let fee_asset : ExplicitAsset = 0x0000000000000000000000000000000000000000000000000000000000000000;
+    let fees : u64 = jet::total_fee(fee_asset);
+    let time_at_broadcast : u32 = 1734967235; // Dec 23 ~8:33am PST
+    let (carry, time_elapsed) : (bool, u32) = jet::subtract_32(curr_time, time_at_broadcast);
+    check_neg(carry); // Check for negative time difference, which shouldn't happen
+    let base_fee : u64 = 1000; // Base fee at the time of broadcast
+    // Calculate the maximum allowed fee as a function of elapsed time
+    let (carry, max_fee) : (bool, u64) = jet::add_64(base_fee, jet::left_pad_low_32_64(time_elapsed));
+    check_neg(carry); // Ensure there's no overflow in fee calculation
+    // Assert that the current fees are less than the maximum allowed fee
+    assert!(jet::lt_64(fees, max_fee));
+    // Optionally, you could limit the total fee here
+}
+
+fn main() {
+    let sighash : u256 = sighash_nifb();
+    total_fee_check();
+    let alice_pk : Pubkey = 0x9bef8d556d80e43ae7e0becb3a7e6838b95defe45896ed6075bb9035d06c9964;
+    jet::bip_0340_verify((alice_pk, sighash), witness::ALICE_SIGNATURE);
+}

examples/non_interactive_fee_bump.wit

@@ -0,0 +1,7 @@
+{
+    "ALICE_SIGNATURE": {
+        "value": "0xe6608ceb66f62896ca07661964dd2ab0867df94caaeb089ac09089d13c23cf64ee3a0d42f8f84c2f627d4230c9f357919c48a274117e38c9c3d32a0e87570b45",
+        "type": "Signature"
+    }
+}
+

src/array.rs

@@ -20,7 +20,7 @@ impl<'a, A> BTreeSlice<'a, A> {
     }
 }
 
-impl<'a, A: Clone> BTreeSlice<'a, A> {
+impl<A: Clone> BTreeSlice<'_, A> {
     /// Fold the tree in post order, using the binary function `f`.
     ///
     /// Returns `None` if the tree is empty.
@@ -57,7 +57,7 @@ impl<'a, A: Clone> BTreeSlice<'a, A> {
     }
 }
 
-impl<'a, A: Clone> TreeLike for BTreeSlice<'a, A> {
+impl<A: Clone> TreeLike for BTreeSlice<'_, A> {
     fn as_node(&self) -> Tree<Self> {
         match self.0.len() {
             0 | 1 => Tree::Nullary,
@@ -169,7 +169,7 @@ impl<'a, A> Partition<'a, A> {
     }
 }
 
-impl<'a, A: Clone> Partition<'a, A> {
+impl<A: Clone> Partition<'_, A> {
     /// Check if the partition is complete.
     ///
     /// A complete partition contains no empty blocks.
@@ -213,7 +213,7 @@ impl<'a, A: Clone> Partition<'a, A> {
 }
 
 #[rustfmt::skip]
-impl<'a, A: Clone> TreeLike for Partition<'a, A> {
+impl<A: Clone> TreeLike for Partition<'_, A> {
     fn as_node(&self) -> Tree<Self> {
         match self {
             Self::Leaf {..} => Tree::Nullary,

src/ast.rs

@@ -426,7 +426,7 @@ pub enum ExprTree<'a> {
     Match(&'a Match),
 }
 
-impl<'a> TreeLike for ExprTree<'a> {
+impl TreeLike for ExprTree<'_> {
     fn as_node(&self) -> Tree<Self> {
         use SingleExpressionInner as S;
 

src/dummy_env.rs

@@ -4,56 +4,81 @@ use std::sync::Arc;
 
 use elements::{confidential, taproot::ControlBlock, AssetIssuance};
 use hashes::Hash;
+use simplicity::elements::{AssetId, TxOut};
 use simplicity::jet::elements::{ElementsEnv, ElementsUtxo};
 use simplicity::Cmr;
 use simplicity::{elements, hashes};
 
 /// Return a dummy Elements environment.
 pub fn dummy() -> ElementsEnv<Arc<elements::Transaction>> {
-    dummy_with(elements::LockTime::ZERO, elements::Sequence::MAX)
+    dummy_with(elements::LockTime::ZERO, elements::Sequence::MAX, false)
 }
 
-/// Return a dummy Elements environment with the given locktime and input sequence.
-pub fn dummy_with(
+/// Returns a default transaction for the Elements network.
+fn create_default_transaction(
     lock_time: elements::LockTime,
     sequence: elements::Sequence,
-) -> ElementsEnv<Arc<elements::Transaction>> {
+    include_fee_output: bool,
+) -> elements::Transaction {
+    let mut tx = elements::Transaction {
+        version: 2,
+        lock_time,
+        input: vec![elements::TxIn {
+            previous_output: elements::OutPoint::default(),
+            is_pegin: false,
+            script_sig: elements::Script::new(),
+            sequence,
+            asset_issuance: AssetIssuance::default(),
+            witness: elements::TxInWitness::default(),
+        }],
+        output: vec![elements::TxOut {
+            asset: confidential::Asset::default(),
+            value: confidential::Value::default(),
+            nonce: confidential::Nonce::default(),
+            script_pubkey: elements::Script::default(),
+            witness: elements::TxOutWitness::default(),
+        }],
+    };
+
+    if include_fee_output {
+        tx.output.push(TxOut::new_fee(1_000, AssetId::default()));
+    }
+    tx
+}
+
+/// Returns a dummy Elements environment with a provided transaction.
+pub fn dummy_with_tx(tx: elements::Transaction) -> ElementsEnv<Arc<elements::Transaction>> {
     let ctrl_blk: [u8; 33] = [
         0xc0, 0xeb, 0x04, 0xb6, 0x8e, 0x9a, 0x26, 0xd1, 0x16, 0x04, 0x6c, 0x76, 0xe8, 0xff, 0x47,
         0x33, 0x2f, 0xb7, 0x1d, 0xda, 0x90, 0xff, 0x4b, 0xef, 0x53, 0x70, 0xf2, 0x52, 0x26, 0xd3,
         0xbc, 0x09, 0xfc,
     ];
+    let num_inputs = tx.input.len();
 
     ElementsEnv::new(
-        Arc::new(elements::Transaction {
-            version: 2,
-            lock_time,
-            // Enable locktime in dummy txin
-            input: vec![elements::TxIn {
-                previous_output: elements::OutPoint::default(),
-                is_pegin: false,
-                script_sig: elements::Script::new(),
-                sequence,
-                asset_issuance: AssetIssuance::default(),
-                witness: elements::TxInWitness::default(),
-            }],
-            output: vec![elements::TxOut {
+        Arc::new(tx),
+        vec![
+            ElementsUtxo {
+                script_pubkey: elements::Script::default(),
                 asset: confidential::Asset::default(),
                 value: confidential::Value::default(),
-                nonce: confidential::Nonce::default(),
-                script_pubkey: elements::Script::default(),
-                witness: elements::TxOutWitness::default(),
-            }],
-        }),
-        vec![ElementsUtxo {
-            script_pubkey: elements::Script::default(),
-            asset: confidential::Asset::default(),
-            value: confidential::Value::default(),
-        }],
+            };
+            num_inputs
+        ],
         0,
         Cmr::from_byte_array([0; 32]),
         ControlBlock::from_slice(&ctrl_blk).unwrap(),
         None,
         elements::BlockHash::all_zeros(),
     )
 }
+
+/// Returns a dummy Elements environment with the given locktime and sequence.
+pub fn dummy_with(
+    lock_time: elements::LockTime,
+    sequence: elements::Sequence,
+    include_fee_output: bool,
+) -> ElementsEnv<Arc<elements::Transaction>> {
+    let default_tx = create_default_transaction(lock_time, sequence, include_fee_output);
+    dummy_with_tx(default_tx)
+}

src/error.rs

@@ -144,7 +144,7 @@ impl<'a> From<&'a pest::iterators::Pair<'_, Rule>> for Span {
     }
 }
 
-impl<'a> From<&'a str> for Span {
+impl From<&str> for Span {
     fn from(s: &str) -> Self {
         let start = Position::new(1, 1);
         let end_line = std::cmp::max(1, s.lines().count());

src/lib.rs

@@ -1,4 +1,4 @@
-/// Library for parsing and compiling simfony
+//! Library for parsing and compiling simfony
 
 pub type ProgNode = Arc<named::ConstructNode>;
 
@@ -247,6 +247,8 @@ pub trait ArbitraryOfType: Sized {
 mod tests {
     use base64::display::Base64Display;
     use base64::engine::general_purpose::STANDARD;
+    #[cfg(feature = "serde")]
+    use elements::LockTime;
     use simplicity::BitMachine;
     use std::borrow::Cow;
     use std::path::Path;
@@ -257,6 +259,7 @@ mod tests {
         program: T,
         lock_time: elements::LockTime,
         sequence: elements::Sequence,
+        include_fee_output: bool,
     }
 
     impl TestCase<TemplateProgram> {
@@ -274,6 +277,7 @@ mod tests {
                 program,
                 lock_time: elements::LockTime::ZERO,
                 sequence: elements::Sequence::MAX,
+                include_fee_output: false,
             }
         }
 
@@ -299,6 +303,7 @@ mod tests {
                 program,
                 lock_time: self.lock_time,
                 sequence: self.sequence,
+                include_fee_output: self.include_fee_output,
             }
         }
     }
@@ -339,6 +344,7 @@ mod tests {
                 program,
                 lock_time: self.lock_time,
                 sequence: self.sequence,
+                include_fee_output: self.include_fee_output,
             }
         }
     }
@@ -362,7 +368,7 @@ mod tests {
 
         #[allow(dead_code)]
         pub fn print_sighash_all(self) -> Self {
-            let env = dummy_env::dummy_with(self.lock_time, self.sequence);
+            let env = dummy_env::dummy_with(self.lock_time, self.sequence, self.include_fee_output);
             dbg!(env.c_tx_env().sighash_all());
             self
         }
@@ -385,7 +391,7 @@ mod tests {
 
         fn run(self) -> Result<(), simplicity::bit_machine::ExecutionError> {
             let mut mac = BitMachine::for_program(self.program.redeem());
-            let env = dummy_env::dummy_with(self.lock_time, self.sequence);
+            let env = dummy_env::dummy_with(self.lock_time, self.sequence, self.include_fee_output);
             mac.exec(self.program.redeem(), &env).map(|_| ())
         }
 
@@ -411,6 +417,17 @@ mod tests {
             .assert_run_success();
     }
 
+    #[test]
+    #[cfg(feature = "serde")]
+    fn sighash_non_interactive_fee_bump() {
+        let mut t = TestCase::program_file("./examples/non_interactive_fee_bump.simf")
+            .with_witness_file("./examples/non_interactive_fee_bump.wit");
+        t.sequence = elements::Sequence::ENABLE_LOCKTIME_NO_RBF;
+        t.lock_time = LockTime::from_time(1734967235 + 600).unwrap();
+        t.include_fee_output = true;
+        t.assert_run_success();
+    }
+
     #[test]
     #[cfg(feature = "serde")]
     fn escrow_with_delay_timeout() {

src/parse.rs

@@ -544,7 +544,7 @@ pub enum ExprTree<'a> {
     Match(&'a Match),
 }
 
-impl<'a> TreeLike for ExprTree<'a> {
+impl TreeLike for ExprTree<'_> {
     fn as_node(&self) -> Tree<Self> {
         use SingleExpressionInner as S;
 
@@ -596,7 +596,7 @@ impl<'a> TreeLike for ExprTree<'a> {
     }
 }
 
-impl<'a> fmt::Display for ExprTree<'a> {
+impl fmt::Display for ExprTree<'_> {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         use SingleExpressionInner as S;
 
@@ -1512,7 +1512,7 @@ impl PestParse for ModuleAssignment {
 #[derive(Clone, Debug)]
 struct PatternPair<'a>(pest::iterators::Pair<'a, Rule>);
 
-impl<'a> TreeLike for PatternPair<'a> {
+impl TreeLike for PatternPair<'_> {
     fn as_node(&self) -> Tree<Self> {
         let mut it = self.0.clone().into_inner();
         match self.0.as_rule() {
@@ -1534,7 +1534,7 @@ impl<'a> TreeLike for PatternPair<'a> {
 #[derive(Clone, Debug)]
 struct TyPair<'a>(pest::iterators::Pair<'a, Rule>);
 
-impl<'a> TreeLike for TyPair<'a> {
+impl TreeLike for TyPair<'_> {
     fn as_node(&self) -> Tree<Self> {
         let mut it = self.0.clone().into_inner();
         match self.0.as_rule() {

src/pattern.rs

@@ -72,7 +72,7 @@ impl Pattern {
     }
 }
 
-impl<'a> TreeLike for &'a Pattern {
+impl TreeLike for &Pattern {
     fn as_node(&self) -> Tree<Self> {
         match self {
             Pattern::Identifier(_) | Pattern::Ignore => Tree::Nullary,
@@ -170,7 +170,7 @@ pub enum BasePattern {
     Product(Arc<Self>, Arc<Self>),
 }
 
-impl<'a> TreeLike for &'a BasePattern {
+impl TreeLike for &BasePattern {
     fn as_node(&self) -> Tree<Self> {
         match self {
             BasePattern::Ignore | BasePattern::Identifier(_) => Tree::Nullary,