Add toCommit toDecommit utxo in accumulator, address review

vrom911 · v0d1ch · commit 5def3a08ac85 · 2025-11-26T10:26:30.000+01:00
diff --git a/hydra-cluster/test/Test/DirectChainSpec.hs b/hydra-cluster/test/Test/DirectChainSpec.hs
@@ -313,14 +313,15 @@ spec = around (showLogsOnFailure "DirectChainSpec") $ do
             aliceChain `observesInTime` OnCollectComTx{headId}
             let v = 0
             let snapshotVersion = 0
-                accumulator = Accumulator.buildFromUTxO someUTxO
+                utxoToCommit = Just someUTxOToCommit
+                accumulator = Accumulator.buildFromSnapshotUTxOs someUTxO utxoToCommit Nothing
             let snapshot =
                   Snapshot
                     { headId
                     , number = 1
                     , utxo = someUTxO
                     , confirmed = []
-                    , utxoToCommit = Just someUTxOToCommit
+                    , utxoToCommit = utxoToCommit
                     , utxoToDecommit = Nothing
                     , version = snapshotVersion
                     , accumulator
@@ -462,15 +463,16 @@ spec = around (showLogsOnFailure "DirectChainSpec") $ do
               _ -> Nothing
             let (inHead, toDecommit) = splitUTxO someUTxO
             -- Alice contests with some snapshot U1 -> successful
-            let accumulator = Accumulator.buildFromUTxO inHead
+            let utxoToDecommit = Just toDecommit
+            let accumulator = Accumulator.buildFromSnapshotUTxOs inHead Nothing utxoToDecommit
             let snapshot1 =
                   Snapshot
                     { headId
                     , number = 1
                     , utxo = inHead
                     , confirmed = []
                     , utxoToCommit = Nothing
-                    , utxoToDecommit = Just toDecommit
+                    , utxoToDecommit = utxoToDecommit
                     , version = 0
                     , accumulator
                     }
diff --git a/hydra-node/src/Hydra/HeadLogic.hs b/hydra-node/src/Hydra/HeadLogic.hs
@@ -425,7 +425,7 @@ onOpenNetworkReqSn env ledger pendingDeposits currentSlot st otherParty sv sn re
               --       𝑈 ← 𝑈_active ◦ Treq
               requireApplyTxs activeUTxO requestedTxs $ \u -> do
                 let snapshotUTxO = u `withoutUTxO` fromMaybe mempty mUtxoToCommit
-                    accumulator = Accumulator.buildFromUTxO snapshotUTxO
+                    accumulator = Accumulator.buildFromSnapshotUTxOs snapshotUTxO mUtxoToCommit mUtxoToDecommit
                 -- Spec: ŝ ← ̅S.s + 1
                 -- NOTE: confSn == seenSn == sn here
                 let nextSnapshot =
diff --git a/hydra-node/test/Hydra/Chain/Direct/TxTraceSpec.hs b/hydra-node/test/Hydra/Chain/Direct/TxTraceSpec.hs
@@ -770,7 +770,7 @@ signedSnapshot ms =
     let u = realWorldModelUTxO (toCommit ms)
      in if UTxO.null u then Nothing else Just u
 
-  accumulator = Accumulator.buildFromUTxO utxo
+  accumulator = Accumulator.buildFromSnapshotUTxOs utxo utxoToCommit utxoToDecommit
 
 -- | A confirmed snapshot (either initial or later confirmed), based onTxTra
 -- 'signedSnapshot'.
diff --git a/hydra-node/test/Hydra/HeadLogicSpec.hs b/hydra-node/test/Hydra/HeadLogicSpec.hs
@@ -592,6 +592,7 @@ spec =
         let decommitTx1 = SimpleTx 1 (utxoRef 1) (utxoRef 3)
             decommitTx2 = SimpleTx 2 (utxoRef 2) (utxoRef 4)
             activeUTxO = utxoRefs [1, 2]
+            utxoToDecommit = Just $ utxoRefs [3]
             snapshot =
               Snapshot
                 { headId = testHeadId
@@ -600,8 +601,8 @@ spec =
                 , confirmed = []
                 , utxo = activeUTxO
                 , utxoToCommit = Nothing
-                , utxoToDecommit = Just $ utxoRefs [3]
-                , accumulator = Accumulator.buildFromUTxO activeUTxO
+                , utxoToDecommit = utxoToDecommit
+                , accumulator = Accumulator.buildFromSnapshotUTxOs activeUTxO Nothing utxoToDecommit
                 }
             s0 =
               inOpenState'
@@ -893,8 +894,9 @@ spec =
         prop "reject side load confirmed snapshot because wrong snapshot utxoToDecommit" $ \utxoToDecommit -> do
           getConfirmedSnapshot startingState `shouldBe` Just snapshot1
           let utxo' = utxoRef 3
-              accumulator = Accumulator.buildFromUTxO utxo'
-              snapshot2 = Snapshot testHeadId 0 2 [tx2] utxo' Nothing (Just utxoToDecommit) accumulator
+              utxoToDecom = Just utxoToDecommit
+              accumulator = Accumulator.buildFromSnapshotUTxOs utxo' Nothing utxoToDecom
+              snapshot2 = Snapshot testHeadId 0 2 [tx2] utxo' Nothing utxoToDecom accumulator
               multisig2 = aggregate [sign aliceSk snapshot2, sign bobSk snapshot2]
 
           update bobEnv ledger startingState (ClientInput (SideLoadSnapshot $ ConfirmedSnapshot snapshot2 multisig2))
@@ -904,8 +906,9 @@ spec =
           getConfirmedSnapshot startingState `shouldBe` Just snapshot1
 
           let utxo' = utxoRef 3
-              accumulator = Accumulator.buildFromUTxO utxo'
-              snapshot2 = Snapshot testHeadId 0 2 [tx2] utxo' (Just utxoToCommit) Nothing accumulator
+              utxoToCom = Just utxoToCommit
+              accumulator = Accumulator.buildFromSnapshotUTxOs utxo' utxoToCom Nothing
+              snapshot2 = Snapshot testHeadId 0 2 [tx2] utxo' utxoToCom Nothing accumulator
               multisig2 = aggregate [sign aliceSk snapshot2, sign bobSk snapshot2]
 
           update bobEnv ledger startingState (ClientInput (SideLoadSnapshot $ ConfirmedSnapshot snapshot2 multisig2))
diff --git a/hydra-tx/src/Hydra/Tx/Accumulator.hs b/hydra-tx/src/Hydra/Tx/Accumulator.hs
@@ -5,6 +5,7 @@ module Hydra.Tx.Accumulator (
   getAccumulatorHash,
   build,
   buildFromUTxO,
+  buildFromSnapshotUTxOs,
 
   -- * CRS (Common Reference String)
   generateCRS,
@@ -63,6 +64,34 @@ buildFromUTxO utxo =
   let elements = utxoToElement @tx <$> toPairList @tx utxo
    in build elements
 
+-- | Build an accumulator from snapshot UTxOs, including commit and decommit UTxOs.
+--
+-- This function combines all UTxOs that could potentially be fanned out:
+-- - The main snapshot UTxO
+-- - UTxOs to be committed (deposited into the Head)
+-- - UTxOs to be decommitted (withdrawn from the Head)
+buildFromSnapshotUTxOs ::
+  forall tx.
+  IsTx tx =>
+  -- | The main snapshot UTxO set
+  UTxOType tx ->
+  -- | UTxOs to be committed (if any)
+  Maybe (UTxOType tx) ->
+  -- | UTxOs to be decommitted (if any)
+  Maybe (UTxOType tx) ->
+  -- | The resulting accumulator containing all UTxOs
+  HydraAccumulator
+buildFromSnapshotUTxOs utxo mUtxoToCommit mUtxoToDecommit =
+  let
+    -- Combine all UTxOs that could be fanned out
+    -- Note: For Map-based UTxO types, `<>` performs union (left-biased for same keys)
+    -- If utxoToCommit and utxoToDecommit overlap (protocol violation), union deduplicates by TxIn
+    utxoToCommit = fromMaybe mempty mUtxoToCommit
+    utxoToDecommit = fromMaybe mempty mUtxoToDecommit
+    combinedUTxO = utxo <> utxoToCommit <> utxoToDecommit
+   in
+    buildFromUTxO @tx combinedUTxO
+
 -- | Get a simple hash of the accumulator state.
 --
 -- This is a pure function that returns a deterministic hash of the accumulator's contents.
diff --git a/hydra-tx/src/Hydra/Tx/Close.hs b/hydra-tx/src/Hydra/Tx/Close.hs
@@ -148,8 +148,7 @@ closeTx scriptRegistry vk headId openVersion confirmedSnapshot startSlotNo (endS
           }
    where
     snapshot = getSnapshot confirmedSnapshot
-    snapshotUtxo = Hydra.Tx.utxo snapshot
-    closedAccumulatorHash = Accumulator.getAccumulatorHash $ Accumulator.buildFromUTxO snapshotUtxo
+    closedAccumulatorHash = Accumulator.getAccumulatorHash $ accumulator snapshot
 
   contestationDeadline =
     addContestationPeriod (posixFromUTCTime utcTime) openContestationPeriod
diff --git a/hydra-tx/src/Hydra/Tx/Contest.hs b/hydra-tx/src/Hydra/Tx/Contest.hs
@@ -67,7 +67,7 @@ contestTx scriptRegistry vk headId contestationPeriod openVersion snapshot sig (
       & setTxValidityUpperBound (TxValidityUpperBound slotNo)
       & setTxMetadata (TxMetadataInEra $ mkHydraHeadV1TxName "ContestTx")
  where
-  Snapshot{number, version, utxo, utxoToCommit, utxoToDecommit} = snapshot
+  Snapshot{number, version, utxo, utxoToCommit, utxoToDecommit, accumulator} = snapshot
 
   ClosedThreadOutput
     { closedThreadUTxO = (headInput, headOutputBefore)
@@ -149,7 +149,7 @@ contestTx scriptRegistry vk headId contestationPeriod openVersion snapshot sig (
           , accumulatorHash = toBuiltin contestAccumulatorHash
           }
    where
-    contestAccumulatorHash = Accumulator.getAccumulatorHash $ Accumulator.buildFromUTxO utxo
+    contestAccumulatorHash = Accumulator.getAccumulatorHash accumulator
 
 -- * Observation
 
diff --git a/hydra-tx/src/Hydra/Tx/Decrement.hs b/hydra-tx/src/Hydra/Tx/Decrement.hs
@@ -62,7 +62,7 @@ decrementTx scriptRegistry vk headId headParameters (headInput, headOutput) snap
 
   utxoHash = toBuiltin $ hashUTxO @Tx utxo
 
-  decrementAccumulatorHash = Accumulator.getAccumulatorHash $ Accumulator.buildFromUTxO utxo
+  decrementAccumulatorHash = Accumulator.getAccumulatorHash accumulator
 
   HeadParameters{parties, contestationPeriod} = headParameters
 
@@ -93,7 +93,7 @@ decrementTx scriptRegistry vk headId headParameters (headInput, headOutput) snap
           , version = toInteger version + 1
           }
 
-  Snapshot{utxo, utxoToDecommit, number, version} = snapshot
+  Snapshot{utxo, utxoToDecommit, number, version, accumulator} = snapshot
 
 -- * Observation
 
diff --git a/hydra-tx/src/Hydra/Tx/Increment.hs b/hydra-tx/src/Hydra/Tx/Increment.hs
@@ -82,7 +82,7 @@ incrementTx scriptRegistry vk headId headParameters (headInput, headOutput) snap
 
   utxoHash = toBuiltin $ hashUTxO @Tx utxo
 
-  incrementAccumulatorHash = Accumulator.getAccumulatorHash $ Accumulator.buildFromUTxO utxo
+  incrementAccumulatorHash = Accumulator.getAccumulatorHash accumulator
 
   headDatumAfter =
     mkTxOutDatumInline $
@@ -107,7 +107,7 @@ incrementTx scriptRegistry vk headId headParameters (headInput, headOutput) snap
       ScriptWitness scriptWitnessInCtx $
         mkScriptWitness depositValidatorScript InlineScriptDatum depositRedeemer
 
-  Snapshot{utxo, utxoToCommit, version, number} = snapshot
+  Snapshot{utxo, utxoToCommit, version, number, accumulator} = snapshot
 
 -- * Observation
 
diff --git a/hydra-tx/src/Hydra/Tx/Snapshot.hs b/hydra-tx/src/Hydra/Tx/Snapshot.hs
@@ -137,8 +137,8 @@ instance IsTx tx => FromJSON (Snapshot tx) where
             Left _ -> fail "Failed to deserialize accumulator"
             Right acc -> pure $ Accumulator.HydraAccumulator acc
         _ -> do
-          -- Reconstruct accumulator from utxo hashes for backward compatibility (or if empty)
-          pure $ Accumulator.buildFromUTxO utxo
+          -- Reconstruct accumulator from all UTxOs (including commit/decommit) for backward compatibility (or if empty)
+          pure $ Accumulator.buildFromSnapshotUTxOs utxo utxoToCommit utxoToDecommit
     pure $ Snapshot{headId, version, number, confirmed, utxo, utxoToCommit, utxoToDecommit, accumulator}
    where
     parseBase16 :: Text -> Parser ByteString
@@ -156,12 +156,12 @@ instance (Arbitrary tx, Arbitrary (UTxOType tx), IsTx tx) => Arbitrary (Snapshot
     utxo <- arbitrary
     utxoToCommit <- arbitrary
     utxoToDecommit <- arbitrary
-    let accumulator = Accumulator.buildFromUTxO utxo
+    let accumulator = Accumulator.buildFromSnapshotUTxOs utxo utxoToCommit utxoToDecommit
     pure $ Snapshot{headId, version, number, confirmed, utxo, utxoToCommit, utxoToDecommit, accumulator}
 
   -- NOTE: See note on 'Arbitrary (ClientInput tx)'
   shrink Snapshot{headId, version, number, utxo, confirmed, utxoToCommit, utxoToDecommit} =
-    [ let accumulator = Accumulator.buildFromUTxO utxo'
+    [ let accumulator = Accumulator.buildFromSnapshotUTxOs utxo' utxoToCommit' utxoToDecommit'
        in Snapshot headId version number confirmed' utxo' utxoToCommit' utxoToDecommit' accumulator
     | confirmed' <- shrink confirmed
     , utxo' <- shrink utxo
@@ -252,7 +252,7 @@ genConfirmedSnapshot headId version minSn utxo utxoToCommit utxoToDecommit sks
     -- FIXME: This is another nail in the coffin to our current modeling of
     -- snapshots
     number <- arbitrary `suchThat` (> minSn)
-    let accumulator = Accumulator.buildFromUTxO utxo
+    let accumulator = Accumulator.buildFromSnapshotUTxOs utxo utxoToCommit utxoToDecommit
         snapshot = Snapshot{headId, version, number, confirmed = [], utxo, utxoToCommit, utxoToDecommit, accumulator}
     let signatures = aggregate $ fmap (`sign` snapshot) sks
     pure $ ConfirmedSnapshot{snapshot, signatures}
diff --git a/hydra-tx/test/Hydra/Tx/Contract/Close/CloseUnused.hs b/hydra-tx/test/Hydra/Tx/Contract/Close/CloseUnused.hs
@@ -123,7 +123,7 @@ healthyCurrentSnapshot =
     , utxo = healthySplitUTxOInHead
     , utxoToCommit = Nothing
     , utxoToDecommit = Just healthySplitUTxOToDecommit
-    , accumulator = Accumulator.buildFromUTxO healthySplitUTxOInHead
+    , accumulator = Accumulator.buildFromSnapshotUTxOs healthySplitUTxOInHead Nothing (Just healthySplitUTxOToDecommit)
     }
 
 healthyCurrentOpenDatum :: Head.State
diff --git a/hydra-tx/test/Hydra/Tx/Contract/Close/CloseUsed.hs b/hydra-tx/test/Hydra/Tx/Contract/Close/CloseUsed.hs
@@ -93,7 +93,7 @@ healthyOutdatedSnapshot =
     , utxo = healthySplitUTxOInHead
     , utxoToCommit = Nothing
     , utxoToDecommit = Just healthySplitUTxOToDecommit
-    , accumulator = Accumulator.buildFromUTxO healthySplitUTxOInHead
+    , accumulator = Accumulator.buildFromSnapshotUTxOs healthySplitUTxOInHead Nothing (Just healthySplitUTxOToDecommit)
     }
 
 healthyOutdatedOpenDatum :: Head.State
diff --git a/hydra-tx/test/Hydra/Tx/Contract/Contest/Healthy.hs b/hydra-tx/test/Hydra/Tx/Contract/Contest/Healthy.hs
@@ -114,7 +114,7 @@ healthyContestSnapshot =
     , utxoToCommit = Nothing
     , utxoToDecommit = Just splitUTxOToDecommit
     , version = healthyCloseSnapshotVersion
-    , accumulator = Accumulator.buildFromUTxO splitUTxOInHead
+    , accumulator = Accumulator.buildFromSnapshotUTxOs splitUTxOInHead Nothing (Just splitUTxOToDecommit)
     }
 
 healthyClosedState :: Head.State
@@ -131,7 +131,7 @@ healthyClosedState =
       , headId = toPlutusCurrencySymbol testPolicyId
       , contesters = []
       , version = toInteger healthyCloseSnapshotVersion
-      , accumulatorHash = toBuiltin ("" :: ByteString) -- TODO: Proper accumulator hash
+      , accumulatorHash = toBuiltin $ Accumulator.getAccumulatorHash (Accumulator.buildFromUTxO healthyClosedUTxO)
       }
 
 healthyContestUTxOHash :: BuiltinByteString
diff --git a/hydra-tx/test/Hydra/Tx/Contract/ContractSpec.hs b/hydra-tx/test/Hydra/Tx/Contract/ContractSpec.hs
@@ -256,7 +256,7 @@ prop_verifySnapshotSignatures =
           utxoHash = toBuiltin $ hashUTxO utxo
           utxoToCommitHash = toBuiltin . hashUTxO $ fromMaybe mempty utxoToCommit
           utxoToDecommitHash = toBuiltin . hashUTxO $ fromMaybe mempty utxoToDecommit
-          accumulatorHash = toBuiltin $ Accumulator.getAccumulatorHash $ Accumulator.buildFromUTxO utxo
+          accumulatorHash = toBuiltin $ Accumulator.getAccumulatorHash $ Accumulator.buildFromSnapshotUTxOs utxo utxoToCommit utxoToDecommit
        in verifySnapshotSignature onChainParties (headIdToCurrencySymbol headId, snapshotVersion, snapshotNumber, utxoHash, utxoToCommitHash, utxoToDecommitHash, accumulatorHash) signatures
             & counterexample ("headId: " <> toString (serialiseToRawBytesHexText headId))
             & counterexample ("version: " <> show snapshotVersion)
diff --git a/hydra-tx/test/Hydra/Tx/Contract/Decrement.hs b/hydra-tx/test/Hydra/Tx/Contract/Decrement.hs
@@ -117,8 +117,8 @@ healthySnapshot =
 
 healthyAccumulator :: Accumulator.HydraAccumulator
 healthyAccumulator =
-  let (_utxoToDecommit', utxo) = splitUTxO healthyUTxO
-   in Accumulator.buildFromUTxO utxo
+  let (utxoToDecommit', utxo) = splitUTxO healthyUTxO
+   in Accumulator.buildFromSnapshotUTxOs utxo Nothing (Just utxoToDecommit')
 
 healthyAccumulatorHash :: ByteString
 healthyAccumulatorHash = Accumulator.getAccumulatorHash healthyAccumulator
diff --git a/hydra-tx/test/Hydra/Tx/Contract/FanOut.hs b/hydra-tx/test/Hydra/Tx/Contract/FanOut.hs
@@ -17,6 +17,7 @@ import Hydra.Ledger.Cardano.Time (slotNoFromUTCTime, slotNoToUTCTime)
 import Hydra.Plutus.Extras (posixFromUTCTime)
 import Hydra.Plutus.Orphans ()
 import Hydra.Tx (registryUTxO)
+import Hydra.Tx.Accumulator qualified as Accumulator
 import Hydra.Tx.Fanout (fanoutTx)
 import Hydra.Tx.Init (mkHeadOutput)
 import Hydra.Tx.IsTx (IsTx (hashUTxO))
@@ -95,7 +96,7 @@ healthyFanoutDatum =
       , headId = toPlutusCurrencySymbol testPolicyId
       , contesters = []
       , version = 0
-      , accumulatorHash = toBuiltin ("" :: ByteString) -- TODO: Proper accumulator hash
+      , accumulatorHash = toBuiltin $ Accumulator.getAccumulatorHash (Accumulator.buildFromUTxO (fst healthyFanoutSnapshotUTxO))
       }
  where
   healthyContestationPeriodSeconds = 10
diff --git a/hydra-tx/test/Hydra/Tx/Contract/Increment.hs b/hydra-tx/test/Hydra/Tx/Contract/Increment.hs
@@ -136,7 +136,7 @@ healthyAccumulatorHash :: ByteString
 healthyAccumulatorHash = Accumulator.getAccumulatorHash healthyAccumulator
 
 healthyAccumulator :: Accumulator.HydraAccumulator
-healthyAccumulator = Accumulator.buildFromUTxO healthyUTxO
+healthyAccumulator = Accumulator.buildFromSnapshotUTxOs healthyUTxO (Just healthyDeposited) Nothing
 
 healthyContestationPeriod :: ContestationPeriod
 healthyContestationPeriod =

Original file line number	Diff line number	Diff line change
`@@ -148,8 +148,7 @@ closeTx scriptRegistry vk headId openVersion confirmedSnapshot startSlotNo (endS`
`148`	`148`	`}`
`149`	`149`	`where`
`150`	`150`	`snapshot = getSnapshot confirmedSnapshot`
`151`		`- snapshotUtxo = Hydra.Tx.utxo snapshot`
`152`		`- closedAccumulatorHash = Accumulator.getAccumulatorHash $ Accumulator.buildFromUTxO snapshotUtxo`
	`151`	`+ closedAccumulatorHash = Accumulator.getAccumulatorHash $ accumulator snapshot`
`153`	`152`
`154`	`153`	`contestationDeadline =`
`155`	`154`	`addContestationPeriod (posixFromUTCTime utcTime) openContestationPeriod`