Add OutputType::Forwarded to ensure a user's transfer in isn't misclassified

If a user transferred in without an InInstruction, and the amount exactly matched a forwarded output, the user's output would fulfill the forwarding. Then the forwarded output would come along, have no InInstruction, and be refunded (to the prior multisig) when the user should've been refunded. Adding this new address type resolves such concerns.
2025-12-08 12:19:24 +00:00 · 2023-11-09 14:24:13 -05:00
parent b51204a4eb
commit 42e8f2c8d8
5 changed files with 83 additions and 71 deletions
--- a/processor/src/networks/bitcoin.rs
+++ b/processor/src/networks/bitcoin.rs
@@ -302,6 +302,7 @@ impl BlockTrait<Bitcoin> for Block {
 const KEY_DST: &[u8] = b"Serai Bitcoin Output Offset";
 static BRANCH_OFFSET: Lazy<Scalar> = Lazy::new(|| Secp256k1::hash_to_F(KEY_DST, b"branch"));
 static CHANGE_OFFSET: Lazy<Scalar> = Lazy::new(|| Secp256k1::hash_to_F(KEY_DST, b"change"));
+static FORWARD_OFFSET: Lazy<Scalar> = Lazy::new(|| Secp256k1::hash_to_F(KEY_DST, b"forward"));

 // Always construct the full scanner in order to ensure there's no collisions
 fn scanner(
@@ -325,6 +326,7 @@ fn scanner(

  register(OutputType::Branch, *BRANCH_OFFSET);
  register(OutputType::Change, *CHANGE_OFFSET);
+  register(OutputType::Forwarded, *FORWARD_OFFSET);

  (scanner, offsets, kinds)
 }
@@ -550,6 +552,11 @@ impl Network for Bitcoin {
    Self::address(key + (ProjectivePoint::GENERATOR * offsets[&OutputType::Change]))
  }

+  fn forward_address(key: ProjectivePoint) -> Address {
+    let (_, offsets, _) = scanner(key);
+    Self::address(key + (ProjectivePoint::GENERATOR * offsets[&OutputType::Forwarded]))
+  }
+
  async fn get_latest_block_number(&self) -> Result<usize, NetworkError> {
    self.rpc.get_latest_block_number().await.map_err(|_| NetworkError::ConnectionError)
  }