Replace checks in validate_prove_request with charms_client::is_correct

imikushin · imikushin · commit 1a4eb14404bc · 2026-01-29T17:48:21.000-08:00
(cherry picked from commit 0367ba1) # Conflicts: # src/spell.rs
diff --git a/src/spell.rs b/src/spell.rs
@@ -28,9 +28,10 @@ pub use charms_client::{
     CURRENT_VERSION, NormalizedCharms, NormalizedSpell, NormalizedTransaction, Proof,
     SpellProverInput, to_tx,
 };
-use charms_client::{MOCK_SPELL_VK, bitcoin_tx::BitcoinTx, tx::Tx, well_formed};
+use charms_client::{MOCK_SPELL_VK, bitcoin_tx::BitcoinTx, tx::Tx};
 use charms_data::{
-    App, AppInput, B32, Charms, Data, TOKEN, Transaction, TxId, UtxoId, is_simple_transfer, util,
+    App, AppInput, B32, Charms, Data, TOKEN, Transaction, TxId, UtxoId, check, is_simple_transfer,
+    util,
 };
 use charms_lib::SPELL_VK;
 use const_format::formatcp;
@@ -971,6 +972,39 @@ impl ProveSpellTx for ProveSpellTxImpl {
     }
 }
 
+pub fn ensure_exact_app_binaries(
+    norm_spell: &NormalizedSpell,
+    app_private_inputs: &BTreeMap<App, Data>,
+    tx: &Transaction,
+    binaries: &BTreeMap<B32, Vec<u8>>,
+) -> anyhow::Result<()> {
+    let required_vks: BTreeSet<_> = norm_spell
+        .app_public_inputs
+        .iter()
+        .filter(|(app, data)| {
+            !data.is_empty()
+                || !app_private_inputs
+                    .get(app)
+                    .is_none_or(|data| data.is_empty())
+                || !is_simple_transfer(app, tx)
+        })
+        .map(|(app, _)| &app.vk)
+        .collect();
+
+    let provided_vks: BTreeSet<_> = binaries.keys().collect();
+
+    ensure!(
+        required_vks == provided_vks,
+        "binaries must contain exactly the required app binaries.\n\
+         Required VKs: {:?}\n\
+         Provided VKs: {:?}",
+        required_vks,
+        provided_vks
+    );
+
+    Ok(())
+}
+
 pub fn ensure_no_zero_amounts(norm_spell: &NormalizedSpell) -> anyhow::Result<()> {
     let apps: Vec<_> = norm_spell
         .app_public_inputs
@@ -1018,6 +1052,60 @@ fn ensure_all_prev_txs_are_present(
     Ok(())
 }
 
+// NOTE: copied over from charms-spell-checker to make cherry-picked code work.
+// This is in charms-client in later versions.
+/// Check if the spell is correct.
+fn spell_is_correct(
+    spell: &NormalizedSpell,
+    prev_txs: &Vec<Tx>,
+    app_input: Option<AppInput>,
+    spell_vk: &str,
+    tx_ins_beamed_source_utxos: &BTreeMap<UtxoId, UtxoId>,
+) -> bool {
+    let prev_spells = charms_client::prev_spells(prev_txs, spell_vk, false);
+
+    check!(charms_client::well_formed(
+        spell,
+        &prev_spells,
+        tx_ins_beamed_source_utxos
+    ));
+
+    let Some(prev_txids) = spell.tx.prev_txids() else {
+        unreachable!("the spell is well formed: tx.ins MUST be Some");
+    };
+    let all_prev_txids: BTreeSet<_> = tx_ins_beamed_source_utxos
+        .values()
+        .map(|u| &u.0)
+        .chain(prev_txids)
+        .collect();
+    check!(all_prev_txids == prev_spells.keys().collect());
+
+    let apps = charms_client::apps(spell);
+
+    let charms_tx = charms_client::to_tx(spell, &prev_spells, tx_ins_beamed_source_utxos);
+    let tx_is_simple_transfer_or_app_contracts_satisfied =
+        apps.iter().all(|app| is_simple_transfer(app, &charms_tx)) && app_input.is_none()
+            || app_input.is_some_and(|app_input| apps_satisfied(&app_input, &charms_tx));
+    check!(tx_is_simple_transfer_or_app_contracts_satisfied);
+
+    true
+}
+
+// NOTE: copied over from charms-spell-checker to make cherry-picked code work.
+// This is in charms-client in later versions.
+fn apps_satisfied(app_input: &AppInput, tx: &Transaction) -> bool {
+    let app_runner = charms_app_runner::AppRunner::new(false);
+    app_runner
+        .run_all(
+            &app_input.app_binaries,
+            &tx,
+            &app_input.app_public_inputs,
+            &app_input.app_private_inputs,
+        )
+        .expect("all apps should run successfully");
+    true
+}
+
 impl ProveSpellTxImpl {
     pub fn validate_prove_request(
         &self,
@@ -1035,19 +1123,46 @@ impl ProveSpellTxImpl {
         let prev_spells = charms_client::prev_spells(&prev_txs, SPELL_VK, self.mock);
 
         let tx = to_tx(&norm_spell, &prev_spells, &tx_ins_beamed_source_utxos);
-        // prove charms-app-checker run
-        let cycles = AppRunner::new(true).run_all(
-            &prove_request.binaries,
-            &tx,
-            &norm_spell.app_public_inputs,
+
+        ensure_exact_app_binaries(
+            &norm_spell,
             &app_private_inputs,
+            &tx,
+            &prove_request.binaries,
         )?;
-        let total_cycles = cycles.iter().sum();
-        ensure!(well_formed(
-            &norm_spell,
-            &prev_spells,
-            &tx_ins_beamed_source_utxos
-        ));
+
+        let app_input = match prove_request.binaries.is_empty() {
+            true => None,
+            false => Some(AppInput {
+                app_binaries: prove_request.binaries.clone(),
+                app_public_inputs: norm_spell.app_public_inputs.clone(),
+                app_private_inputs: app_private_inputs.clone(),
+            }),
+        };
+
+        ensure!(
+            spell_is_correct(
+                &norm_spell,
+                &prev_txs,
+                app_input.clone(),
+                SPELL_VK,
+                &tx_ins_beamed_source_utxos,
+            ),
+            "spell verification failed"
+        );
+
+        // Calculate cycles for fee estimation
+        let total_cycles = if let Some(app_input) = &app_input {
+            let cycles = AppRunner::new(true).run_all(
+                &app_input.app_binaries,
+                &tx,
+                &norm_spell.app_public_inputs,
+                &app_input.app_private_inputs,
+            )?;
+            cycles.iter().sum()
+        } else {
+            0
+        };
 
         match prove_request.chain.as_str() {
             BITCOIN => {
