Document tx lifecycle better (#95)

adlerjohn · web-flow · commit 4c5f8e5346c1 · 2021-02-20T21:20:47.000-05:00
diff --git a/specs/protocol/cryptographic_primitives.md b/specs/protocol/cryptographic_primitives.md
diff --git a/specs/protocol/identifiers.md b/specs/protocol/identifiers.md
@@ -0,0 +1,16 @@
+# Identifiers
+
+- [Transaction ID](#transaction-id)
+- [UTXO ID](#utxo-id)
+
+This document defines how to compute the unique identifiers used for transactions and state elements.
+
+## Transaction ID
+
+The _transaction ID_ (also called _transaction hash_) of a transaction is computed as the [hash](./cryptographic_primitives.md#hashing) of the [serialized transaction](./tx_format.md#transaction) with [fields zeroed out for signing](./tx_format.md) (see different inputs and outputs for which fields are set to zero).
+
+## UTXO ID
+
+The UTXO ID of a transaction's output is computed as the [hash](./cryptographic_primitives.md#hashing) of the concatenation of the [transaction ID](#transaction-id) and the output index as a `uint8`.
+
+The UTXO ID of a deposit is computed as the [hash](./cryptographic_primitives.md#hashing) of TODO.
diff --git a/specs/protocol/tx_format.md b/specs/protocol/tx_format.md
@@ -20,6 +20,7 @@
 | name                        | type     | value | description                                   |
 | --------------------------- | -------- | ----- | --------------------------------------------- |
 | `GAS_PER_BYTE`              | `uint64` |       | Gas charged per byte of the transaction.      |
+| `MAX_GAS_PER_TX`            | `uint64` |       | Maximum gas per transaction.                  |
 | `MAX_INPUTS`                | `uint64` | `8`   | Maximum number of inputs.                     |
 | `MAX_OUTPUTS`               | `uint64` | `8`   | Maximum number of outputs.                    |
 | `MAX_PREDICATE_LENGTH`      | `uint64` |       | Maximum length of predicate, in instructions. |
@@ -42,11 +43,21 @@ enum  TransactionType : uint8 {
 | `type` | `TransactionType`                                                                         | Transaction type. |
 | `data` | One of [TransactionScript](#transactionscript) or [TransactionCreate](#transactioncreate) | Transaction data. |
 
+Transaction is invalid if:
+* `type > TransactionType.Create`
+* `gasLimit > MAX_GAS_PER_TX`
+* `blockheight() < maturity`
+* `inputsCount > MAX_INPUTS`
+* `outputsCount > MAX_OUTPUTS`
+* `witnessesCount > MAX_WITNESSES`
+
 When serializing a transaction, fields are serialized as follows (with inner structs serialized recursively):
 1. `uint8`, `uint16`, `uint32`, `uint64`: big-endian right-aligned to 8 bytes.
 1. `byte[32]`: as-is.
 1. `byte[]`: as-is, with padding zeroes aligned to 8 bytes.
 
+When deserializing a transaction, the reverse is done. If there are insufficient bytes or too many bytes, the transaction is invalid.
+
 ### TransactionScript
 
 | name               | type                    | description                              |
@@ -66,8 +77,9 @@ When serializing a transaction, fields are serialized as follows (with inner str
 | `witnesses`        | [Witness](#witness)`[]` | List of witnesses.                       |
 
 Transaction is invalid if:
-* `blockheight() < maturity`
 * Any output is of type `OutputType.ContractCreated`
+* `scriptLength > MAX_SCRIPT_LENGTH`
+* `scriptDataLength > MAX_SCRIPT_DATA_LENGTH`
 
 ### TransactionCreate
 
@@ -87,13 +99,12 @@ Transaction is invalid if:
 | `witnesses`      | [Witness](#witness)`[]` | List of witnesses.                         |
 
 Transaction is invalid if:
-* `blockheight() < maturity`
 * Any input is of type `InputType.Contract`
 * Any output is of type `OutputType.Contract` or `OutputType.Variable`
 * More than one output is of type `OutputType.ContractCreated`
 * `bytecodeLength * 4 > CONTRACT_MAX_SIZE`
 
-Creates a contract with contract ID `sha256(0x4655454C ++ tx.data.salt ++ root(tx.data.bytecode))`, where `root` is the Merkle root of [the binary Merkle tree](./cryptographic_primitives.md) with each leaf being an 8-byte word of bytecode. If the bytecode is not a multiple of 8 bytes (i.e. if there are an odd number of instructions), the last opcode is padding with 4-byte zero.
+Creates a contract with contract ID `sha256(0x4655454C ++ tx.data.salt ++ root(tx.data.bytecode))`, where `root` is the Merkle root of [the binary Merkle tree](./cryptographic_primitives.md) with each leaf being an 8-byte word of bytecode. If the bytecode is not a multiple of 8 bytes (i.e. if there are an odd number of instructions), the last opcode is padded with 4-byte zero.
 
 ## Input
 
@@ -121,6 +132,11 @@ enum  InputType : uint8 {
 | `predicate`           | `byte[]`   | Predicate bytecode.                                                    |
 | `predicateData`       | `byte[]`   | Predicate input data (parameters).                                     |
 
+Transaction is invalid if:
+* `witnessIndex >= tx.witnessesCount`
+* `predicateLength > MAX_PREDICATE_LENGTH`
+* `predicateDataLength > MAX_PREDICATE_DATA_LENGTH`
+
 If `h` is the block height the UTXO being spent was created, transaction is invalid if `blockheight() < h + maturity`.
 
 ### InputContract
@@ -130,8 +146,13 @@ If `h` is the block height the UTXO being spent was created, transaction is inva
 | `utxoID`     | `byte[32]` | UTXO ID.     |
 | `contractID` | `byte[32]` | Contract ID. |
 
+Transaction is invalid if:
+* there is not exactly one output of type `OutputType.Contract` with `inputIndex` equal to this input's index
+
 Note: when signing a transaction, `utxoID` is set to zero.
 
+Note: when verifying a predicate, `utxoID` is initialized to zero.
+
 ## Output
 
 ```
@@ -164,9 +185,13 @@ enum  OutputType : uint8 {
 | `amount`     | `uint64`   | Amount of coins owned by contract after transaction execution. |
 | `stateRoot`  | `byte[32]` | State root of contract after transaction execution.            |
 
+Transaction is invalid if:
+* `inputIndex >= tx.inputsCount`
+* `tx.inputs[inputIndex].type != InputType.Contract`
+
 Note: when signing a transaction, `amount` and `stateRoot` are set to zero.
 
-Note: when executing a transaction, `amount` and `stateRoot` are initialized to the balance and state root of the contract with ID `tx.inputs[inputIndex].contractID`.
+Note: when verifying a predicate or executing a script, `amount` and `stateRoot` are initialized to the balance and state root of the contract with ID `tx.inputs[inputIndex].contractID`.
 
 ### OutputChange
 
@@ -177,7 +202,7 @@ Note: when executing a transaction, `amount` and `stateRoot` are initialized to
 
 Note: when signing a transaction, `amount` is set to zero.
 
-Note: when executing a transaction, `amount` is initialized to zero.
+Note: when verifying a predicate or executing a script, `amount` is initialized to zero.
 
 This output type indicates that the output's amount may vary based on transaction execution, but is otherwise identical to a [Coin](#outputcoin) output. An `amount` of zero after transaction execution indicates that the output is unspendable and can be pruned from the UTXO set.
 
@@ -190,7 +215,7 @@ This output type indicates that the output's amount may vary based on transactio
 
 Note: when signing a transaction, `to` and `amount` are set to zero.
 
-Note: when executing a transaction, `to` and `amount` are initialized to zero.
+Note: when verifying a predicate or executing a script, `to` and `amount` are initialized to zero.
 
 This output type indicates that the output's amount and owner may vary based on transaction execution, but is otherwise identical to a [Coin](#outputcoin) output. An `amount` of zero after transaction execution indicates that the output is unspendable and can be pruned from the UTXO set.
 
diff --git a/specs/protocol/tx_validity.md b/specs/protocol/tx_validity.md
@@ -1,90 +1,51 @@
 # Transaction Validity
 
-- [Standardness Rules](#standardness-rules)
-    - [Version](#version)
-    - [Spending UTXOs or Created Contracts](#spending-utxos-or-created-contracts)
-    - [Transaction Maturity](#transaction-maturity)
-    - [Input Maturity](#input-maturity)
-    - [Counts](#counts)
-    - [Script Length](#script-length)
-    - [Predicate Lengths](#predicate-lengths)
+- [Transaction Lifecycle](#transaction-lifecycle)
+- [VM Precondition Validity Rules](#vm-precondition-validity-rules)
+    - [Base Sanity Checks](#base-sanity-checks)
+    - [Spending UTXOs and Created Contracts](#spending-utxos-and-created-contracts)
     - [Sufficient Balance](#sufficient-balance)
     - [Valid Signatures](#valid-signatures)
-    - [Predicate Validity](#predicate-validity)
-- [Validity Rules](#validity-rules)
+- [Predicate Verification](#predicate-verification)
+- [Script Execution](#script-execution)
+- [VM Postcondition Validity Rules](#vm-postcondition-validity-rules)
     - [No Inflation](#no-inflation)
+    - [State Changes](#state-changes)
 
-## Standardness Rules
+## Transaction Lifecycle
 
-This section defines _standardness rules_ for transactions: the bare minimum required to accept an unconfirmed transaction into a mempool. Chains of unconfirmed transactions are omitted.
+Once a transaction is seen, it goes through several stages of validation, in this order:
+1. [Pre-checks](#vm-precondition-validity-rules)
+1. [Predicate verification](#predicate-verification)
+1. [Script execution](#script-execution)
+1. [Post-checks](#vm-postcondition-validity-rules)
 
-For a transaction `tx`, state `state`, and contract set `contracts`, the following checks must pass.
-
-### Version
+## VM Precondition Validity Rules
 
-```py
-return tx.version == 0
-```
+This section defines _vm precondition validity rules_ for transactions: the bare minimum required to accept an unconfirmed transaction into a mempool, and preconditions that the VM assumes to hold prior to execution. Chains of unconfirmed transactions are omitted.
 
-### Spending UTXOs or Created Contracts
+The validity rules assuming sequential transaction validation for side effects (i.e. state changes). However, by construction, transactions with different access lists can be validated in parallel. Transactions with overlapping access lists must be validated and placed in blocks in topological order.
 
-```py
-for input in tx.inputs:
-    if input.type == InputType.Coin:
-        if not input.utxoID in state:
-            return False
-    if input.type == InputType.Contract:
-        if not input.contractID in contracts:
-return True
-```
+For a transaction `tx`, state `state`, and contract set `contracts`, the following checks must pass.
 
-### Transaction Maturity
+### Base Sanity Checks
 
-```py
-return blockheight() >= tx.maturity
-```
+Base sanity checks are defined in the [transaction format](./tx_format.md).
 
-### Input Maturity
+### Spending UTXOs and Created Contracts
 
 ```py
 for input in tx.inputs:
-    if input.type == InputType.Coin:
-        if blockheight() < state[input.utxoID].created + input.maturity:
+    if input.type == InputType.Contract:
+        if not input.contractID in contracts:
+                return False
+    else:
+        if not input.utxoID in state:
             return False
 return True
 ```
 
-### Counts
-
-```py
-return (
-    tx.inputsCount <= MAX_INPUTS and
-    tx.outputsCount <= MAX_OUTPUTS and
-    tx.witnessesCount <= MAX_WITNESSES
-)
-```
-
-### Script Length
-
-```py
-return (
-    scriptLength <= MAX_SCRIPT_LENGTH and
-    scriptDataLength <= MAX_SCRIPT_DATA_LENGTH
-)
-```
-
-### Predicate Lengths
-
-```py
-for input in tx.inputs:
-    if input.type == InputType.Coin:
-        if (
-            input.predicateLength > MAX_PREDICATE_LENGTH or
-            input.predicateDataLength > MAX_PREDICATE_DATA_LENGTH
-        ):
-            return False
-return True
-```
+If this check passes, the `utxoID` field of each input is set to the UTXO ID of the respective contract.
 
 ### Sufficient Balance
 
@@ -124,7 +85,7 @@ return available_balance(tx) >= unavailable_balance(tx)
 
 ```py
 def address_from(pubkey: bytes) -> bytes:
-    return sha256(pubkey)[0:31]
+    return sha256(pubkey)[0:32]
 
 for input in tx.inputs:
     if input.type == InputType.Coin:
@@ -133,46 +94,57 @@ for input in tx.inputs:
 return True
 ```
 
-### Predicate Validity
+The transaction hash is computed as defined [here](./identifiers.md#transaction-id).
 
-For each input of type `InputType.Coin` and `predicateLength > 0`, [verify its predicate](./main.md#predicate-verification).
+## Predicate Verification
 
-## Validity Rules
+For each input of type `InputType.Coin` and `predicateLength > 0`, [verify its predicate](../vm/main.md#predicate-verification).
 
-This section defines _validity rules_ for transactions: the requirements for a confirmed transaction to be valid.
+## Script Execution
 
-Given transaction `tx`, state `state`, and contract set `contracts`:
+Given transaction `tx`, the following checks must pass:
 
-If `tx.scriptLength == 0`, there is no script and the transaction defines a simple balance transfer, and no further checks are required. Transaction processing is completed by removing spent UTXOs from the state and adding created UTXOs to the state.
+If `tx.scriptLength == 0`, there is no script and the transaction defines a simple balance transfer, so no further checks are required.
 
 If `tx.scriptLength > 0`, the script must be executed. The free balance available to be moved around by the script and called contracts is `freeBalance`:
 
 ```py
 freeBalance = available_balance(tx) - unavailable_balance(tx)
 ```
 
-The following checks must pass.
+Once the free balance is computed, the [script is executed](../vm/main.md#script-execution) and the transaction in memory on VM termination is used as the final transaction which is included in the block, i.e.:
+
+```
+tx = MEM[40, MEM[32, 8]]
+```
+
+If the transaction as included in a block does not match the final transaction, the block is invalid.
+
+## VM Postcondition Validity Rules
+
+This section defines _VM postcondition validity rules_ for transactions: the requirements for a transaction to be valid after it has been executed.
+
+Given transaction `tx`, state `state`, and contract set `contracts`, the following checks must pass.
 
 ### No Inflation
 
 ```py
 def sum_all_inputs(tx) -> int:
     total: int = 0
     for input in tx.inputs:
-        if input.type == InputType.Coin:
-            total += state[input.utxoID].amount
-        else if input.type == InputType.Contract:
-            total += state[tx.witnesses[input.witnessIndex]].amount
+        total += state[input.utxoID].amount
     return total
 
 def sum_all_outputs(tx) -> int:
     total: int = 0
     for output in tx.outputs:
-        if output.type == OutputType.Coin:
+        if output.type != OutputType.ContractCreated:
             total += output.amount
-        else if output.type == OutputType.Contract:
-            total += tx.witnesses[output.amountWitnessIndex]
     return total
 
 return sum_all_inputs(tx) >= sum_all_outputs(tx)
 ```
+
+### State Changes
+
+Transaction processing is completed by removing spent UTXOs from the state and adding created UTXOs to the state.
diff --git a/specs/vm/main.md b/specs/vm/main.md
@@ -73,7 +73,8 @@ A complete list of opcodes in the Fuel VM is documented [here](./opcodes.md).
 Every time the VM runs, a single monolithic memory of size `VM_MAX_RAM` bytes is allocated, indexed by individual byte. A stack and heap memory model is used, allowing for dynamic memory allocation in higher-level languages. The stack begins at `0` and grows upward. The heap begins at `VM_MAX_RAM - 1` and grows downward.
 
 To initialize the VM, the following is pushed on the stack sequentially:
-1. Transaction hash (`byte[32]`, word-aligned).
+1. Transaction hash (`byte[32]`, word-aligned), computed as defined [here](../protocol/identifiers.md#transaction-id).
+1. Transaction length, in bytes (`uint64`, word-aligned).
 1. The [transaction, serialized](../protocol/tx_format.md).
 
 Then the following registers are initialized (without explicit initialization, all registers are initialized to zero):
