Skip to content

Commit

Permalink
Address miklos comment made in #5966
Browse files Browse the repository at this point in the history
  • Loading branch information
remyhaemmerle-da committed Jun 11, 2020
1 parent 5051383 commit c75867c
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 14 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1370,7 +1370,7 @@ class EngineTest extends WordSpec with Matchers with EitherValues with BazelRunf
val fetchedCid = toContractId("#1")
val now = Time.Timestamp.now()
val submissionSeed = crypto.Hash.hashPrivateKey(
"fetching contracts that have keys correctly fills in the transaction structur")
"fetching contracts that have keys correctly fills in the transaction structure")
val txSeed = crypto.Hash.deriveTransactionSeed(submissionSeed, participant, now)

"fetched via a fetch" in {
Expand Down
25 changes: 16 additions & 9 deletions daml-lf/spec/contract-id.rst
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,17 @@
V1 Contract ID allocation scheme
================================


Goals
^^^^^

* Allows ordering contract IDs and make DAML semantics depend on this
order, e.g., for comparison builtin and maps using IDs as keys.
* Eliminate all contract ID translations for central commiter ledger
* Eliminate all contract ID translations for central committer ledger
* Allows ledgers to store arbitrary information about the contract and
the creating transaction in the contract ID if necessary.


Requirements
^^^^^^^^^^^^

Expand Down Expand Up @@ -40,6 +42,7 @@ C2 with the same contract ID such that one of the following holds:
**Distinctness**: The ledger can enforce that the seeds are pairwise
different.


Contract Identifiers
^^^^^^^^^^^^^^^^^^^^

Expand All @@ -60,6 +63,7 @@ where
* ``suffix`` is a sequence of 0 to 94 bytes used to enforce global
uniqueness of the contract ID in a distributed ledger.


Discriminator freshness
-----------------------

Expand Down Expand Up @@ -92,6 +96,7 @@ This ensures that only the discriminators, not the suffix are needed
to order the contract IDs of created contracts w.r.t. other contract
IDs.


Contract ID uniqueness
----------------------

Expand All @@ -103,12 +108,13 @@ contract IDs. No other requirement (except the 94 bytes size limit)
is assumed for those suffices.

The simplest approach consists to suffix all local contract ID with a
uniquely global transaction ID. Alternatively central commiter ledger
uniquely global transaction ID. Alternatively central committer ledger
can completely avoid suffixing by enforcing that same pair (submission
seed, submission time) is never used more that once, the discriminator
allocation scheme ensuring in this case the uniqueness of allocated
discriminators.


Submission time
---------------

Expand All @@ -117,10 +123,11 @@ practice, it should be close to the original time at which the
submission was initiated. No particular requirement is made in this
specification. However a particular ledger implementation can require
this time to be within a particular time window around the commit
time. This allows, for instance, the commiter of a central commiter
time. This allows, for instance, the committer of a central committer
ledger to enforce global uniqueness of the pair (submission seed,
submission time).


Allocation scheme for discriminators
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand All @@ -133,7 +140,7 @@ construction. It assumes a hash-based MAC function HMAC, and defines
for each big-endian 32 bits integer ``n`` the derived seed:

deriveSeed(seed, n) := HMAC(seed, n)


Submission seed
---------------
Expand All @@ -157,8 +164,7 @@ where
* ``submissionTime`` is the submission time in micro second encoded as
a 64 bytes big-endian integer;




Derivation of seeds for root nodes the transaction
--------------------------------------------------

Expand Down Expand Up @@ -200,7 +206,7 @@ Submission
The submission performs the following steps:

* Pick a submission seed with high entropy.
* Derive the transaction seed and start the interperation
* Derive the transaction seed and start the interpretation
* During interpretation derive the node seeds, and the discriminator
of local contract ID accordingly the scheme described above. If the
discriminator is not `fresh <Discriminator Freshness_>`_, abort the
Expand All @@ -216,7 +222,6 @@ transactions coincide. Committed transactions are the source of truth to
derive the state of the ledger.



Validation
^^^^^^^^^^

Expand All @@ -235,9 +240,11 @@ submission. The resulting transactions are then compared with the
original ones ignoring the suffix of the local contract IDs.



.. Local Variables:
.. eval: (flyspell-mode 1)
.. eval: (set-input-method "TeX")
.. End:
.. LocalWords: commiter lexicographically endian
.. LocalWords: subactions lexicographically endian Executability
.. LocalWords: Unlinkability
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ object ValueGenerators {
Gen
.containerOfN[Array, Byte](crypto.Hash.underlyingHashLength, arbitrary[Byte]) map crypto.Hash.assertFromByteArray
private val genSuffixes: Gen[Bytes] = for {
sz <- Gen.chooseNum(0, ContractId.V1.maxSuffixLength)
sz <- Gen.chooseNum(0, ContractId.V1.MaxSuffixLength)
ab <- Gen.containerOfN[Array, Byte](sz, arbitrary[Byte])
} yield Bytes fromByteArray ab

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -364,15 +364,18 @@ object Value extends CidContainer1[Value] {
}

object V1 {
val maxSuffixLength = 94
// For more details, please refer to V1 Contract ID allocation scheme
// daml-lf/spec/contract-id.rst

val MaxSuffixLength = 94

def apply(discriminator: Hash): V1 = new V1(discriminator, Bytes.Empty)

def build(discriminator: crypto.Hash, suffix: Bytes): Either[String, V1] =
Either.cond(
suffix.length <= maxSuffixLength,
suffix.length <= MaxSuffixLength,
new V1(discriminator, suffix),
s"the suffix is too long, expected at most ${maxSuffixLength} bytes, but got ${suffix.length}"
s"the suffix is too long, expected at most ${MaxSuffixLength} bytes, but got ${suffix.length}"
)

def assertBuild(discriminator: crypto.Hash, suffix: Bytes): V1 =
Expand Down

0 comments on commit c75867c

Please sign in to comment.