Prover: Invalid Inputs
Proves that an input was invalid, i.e. a non-existent state element was spent.
A valid transaction proof, proof
, must be provided. In addition, a valid transaction proof block header for the output being spent, inputProof
must be provided. Since this output might not exist, the transaction proof does not need to be valid, only the block header.
- Get input
input
asproof.transaction.inputs(proof.inputIndex)
. - If the input's type is
Deposit
:- The deposit with that deposit ID must have amount of
0
(i.e. a non-deposit is being spent).
- The deposit with that deposit ID must have amount of
- Get metadata
metadata
asproof.transaction.metadata[proof.inputIndex]
. - The metadata's root index
metadata.rootIndex
must be at leastinputProof.rootHeader.rootLength
(i.e. metadata root index out of bounds). - If the input's type is
Transfer
orHTLC
:- If the input proof is for the rightmost leaf in the root's transaction tree, then the metadata's transaction index
metadata.transactionIndex
must be greater thaninputProof.transactionIndex
. It's impossible to provide an inclusion proof for an out-of-bounds transaction, so this check serves as a check for this condition. - The transaction leaf must be non-empty, i.e.
inputProof.transaction.length
must be greater than0
. - The metadata's output index
metadata.outputIndex
must be at leastinputProof.transaction.outputs.length()
(i.e. metadata output index out of bounds). - The output's type must be
Withdraw
orReturn
(i.e. spending a non-spendable output). - If the input's type is
Transfer
:- The output's type must not be
Transfer
(i.e. type mismatch).
- The output's type must not be
- If the input's type is
HTLC
:- The output's type must not be
HTLC
(i.e. type mismatch). - If
proof.blockHeader.blockNumber
is less thaninputProof.transaction.outputs(inputProof.outputIndex).expiry
(i.e. the timelock has not expired):- The hashlock digest
inputProof.transaction.outputs(inputProof.outputIndex).digest
must not match the hash of the preimageinput.preImage
(i.e. invalid preimage).
- The hashlock digest
- The output's type must not be
- If the input proof is for the rightmost leaf in the root's transaction tree, then the metadata's transaction index