grin/doc/wallet/transaction/basic-transaction-wf.puml

97 lines
4 KiB
Text
Raw Normal View History

@startuml grin-transaction
title
**Current Grin Tranaction Workflow**
Accurate as of Aug 1, 2018 - Master branch only
end title
actor "Sender" as sender
actor "Recipient" as recipient
entity "Grin Node" as grin_node
== Round 1 ==
note left of sender
1: Create Transaction **UUID** (for reference and maintaining correct state)
2018-06-22 11:33:42 +03:00
2: Set **lock_height** for transaction kernel (current chain height)
3: Select **inputs** using desired selection strategy
4: Create **change_output**
5: Select blinding factor for **change_output**
6: Create lock function **sF** that locks **inputs** and stores **change_output** in wallet
and identifying wallet transaction log entry **TS** linking **inputs + outputs**
(Not executed at this point)
end note
note left of sender
7: Calculate **tx_weight**: MAX(-1 * **num_inputs** + 4 * **num_change_outputs** + 1, 1)
2018-02-12 16:02:05 +03:00
(+1 covers a single output on the receiver's side)
8: Calculate **fee**: **tx_weight** * 1_000_000 nG
9: Calculate total blinding excess sum for all inputs and outputs **xS** (private scalar)
10: Select a random nonce **kS1** (private scalar)
11: Subtract random value **oS** from **kS1** to create kernel offset **oS**. Calculate **kS** = **kS1** - **oS**
12: Multiply **xS** and **kS** by generator G to create public curve points **xSG** and **kSG**
13: Add values to **Slate** for passing to other participants: **UUID, inputs, change_outputs,**
**fee, amount, lock_height, kSG, xSG, oS**
end note
sender -> recipient: **Slate**
== Round 2 ==
note right of recipient
1: Check fee against number of **inputs**, **change_outputs** +1 * **receiver_output**)
2: Create **receiver_output**
3: Choose random blinding factor for **receiver_output** **xR** (private scalar)
end note
note right of recipient
4: Calculate message **M** = **fee | lock_height **
5: Choose random nonce **kR** (private scalar)
6: Multiply **xR** and **kR** by generator G to create public curve points **xRG** and **kRG**
7: Compute Schnorr challenge **e** = Blake2(**M** | **kRG** + **kSG**)
8: Compute Recipient Schnorr signature **sR** = **kR** + **e** * **xR**
9: Add **sR, xRG, kRG** to **Slate**
10: Create wallet output function **rF** that stores **receiver_output** in wallet with status "Unconfirmed"
and identifying transaction log entry **TR** linking **receiver_output** with transaction.
end note
alt All Okay
recipient --> sender: Okay - **Slate**
recipient -> recipient: execute wallet output function **rF**
else Any Failure
recipient ->x]: Abort
recipient --> sender: Error
[x<- sender: Abort
end
== Finalize Transaction ==
note left of sender
1: Calculate message **M** = **fee | lock_height **
2: Compute Schnorr challenge **e** = Blake2(**M** | **kRG** + **kSG**)
3: Verify **sR** by verifying **kRG** + **e** * **xRG** = **sRG**
4: Compute Sender Schnorr signature **sS** = **kS** + **e** * **xS**
5: Calculate final signature **s** = (**sS**+**sR**, **kSG**+**kRG**)
6: Calculate public key for **s**: **xG** = **xRG** + **xSG**
7: Verify **s** against excess values in final transaction using **xG**
8: Create Transaction Kernel Containing:
Signature **s**
Public key **xG**
**fee**
**lock_height**
excess value **oS**
end note
sender -> sender: Create final transaction **tx** from **Slate**
sender -> grin_node: Post **tx** to mempool
grin_node --> recipient: "Ok"
alt All Okay
recipient --> sender: "Ok" - **UUID**
sender -> sender: Execute wallet lock function **sF**
...Await confirmation...
recipient -> grin_node: Confirm **receiver_output**
recipient -> recipient: Change status of **reciever_output** to "Confirmed"
sender -> grin_node: Confirm **change_output**
sender -> sender: Change status of **inputs** to "Spent"
sender -> sender: Change status of **change_output** to "Confirmed"
else Any Error
recipient -> recipient: Manually remove **receiver_output** from wallet using transaction log entry **TR**
recipient ->x]: Abort
recipient --> sender: Error
sender -> sender: Unlock **inputs** and delete **change_output** identified in transaction log entry **TS**
[x<- sender: Abort
end
@enduml