From d5aa47b8100b84def0aac7f0bc6251c648c9a2fd Mon Sep 17 00:00:00 2001
From: narodnik <x@x.org>
Date: Sun, 16 May 2021 08:09:50 +0200
Subject: [PATCH] add is_valid_cashier_public_key() check to state_transition
 function

---
 src/state.rs | 17 ++++++++++++++++-
 src/tx.rs    |  2 +-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/state.rs b/src/state.rs
index c5a077e8d..1f888b387 100644
--- a/src/state.rs
+++ b/src/state.rs
@@ -14,8 +14,11 @@ pub trait ProgramState {
 
 pub struct StateUpdates {}
 
+pub type VerifyResult<T> = std::result::Result<T, VerifyFailed>;
+
 #[derive(Debug)]
 pub enum VerifyFailed {
+    InvalidCashierKey(usize),
     SpendProof(usize),
     MintProof(usize),
     ClearInputSignature(usize),
@@ -28,6 +31,9 @@ impl std::error::Error for VerifyFailed {}
 impl fmt::Display for VerifyFailed {
     fn fmt(&self, f: &mut fmt::Formatter) -> std::fmt::Result {
         match *self {
+            VerifyFailed::InvalidCashierKey(i) => {
+                write!(f, "Invalid cashier public key for clear input {}", i)
+            }
             VerifyFailed::SpendProof(i) => write!(f, "Spend proof for input {}", i),
             VerifyFailed::MintProof(i) => write!(f, "Mint proof for input {}", i),
             VerifyFailed::ClearInputSignature(i) => {
@@ -41,7 +47,16 @@ impl fmt::Display for VerifyFailed {
     }
 }
 
-pub fn state_transition<S: ProgramState>(state: &S, tx: tx::Transaction) -> Result<StateUpdates> {
+pub fn state_transition<S: ProgramState>(
+    state: &S,
+    tx: tx::Transaction,
+) -> VerifyResult<StateUpdates> {
+    for (i, input) in tx.clear_inputs.iter().enumerate() {
+        if !state.is_valid_cashier_public_key(&input.signature_public) {
+            return Err(VerifyFailed::InvalidCashierKey(i));
+        }
+    }
+
     tx.verify(state.mint_pvk(), state.spend_pvk())?;
 
     /*
diff --git a/src/tx.rs b/src/tx.rs
index c7726b456..26655f838 100644
--- a/src/tx.rs
+++ b/src/tx.rs
@@ -273,7 +273,7 @@ impl Transaction {
         &self,
         mint_pvk: &groth16::PreparedVerifyingKey<Bls12>,
         spend_pvk: &groth16::PreparedVerifyingKey<Bls12>,
-    ) -> std::result::Result<(), state::VerifyFailed> {
+    ) -> state::VerifyResult<()> {
         let mut valcom_total = jubjub::SubgroupPoint::identity();
         for input in &self.clear_inputs {
             valcom_total += Self::compute_value_commit(input.value, &input.valcom_blind);