multi: hook up burn and mint events to the supply commit state machine #1675
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…n control This commit introduces a new DelegationKeyChecker interface that allows verification of whether we control the delegation key for a given asset. The interface is implemented by the address.Book, which checks if the local key ring contains the private key corresponding to an asset's delegation public key. The implementation queries the asset group and metadata to extract the delegation key, then attempts to locate the corresponding private key in the local keystore. This verification is essential for ensuring only authorized parties can create supply commitment proofs for assets with delegation keys.
This commit extends the MultiStateMachineManager to implement the MintCommitter and BurnSupplyCommitter interfaces. These new methods provide a type-safe way to send mint and burn events to the supply commitment state machines. The SendMintEvent method accepts universe-specific types for minting operations, while SendBurnEvent handles burn leaf submissions. Both methods internally construct the appropriate event types and delegate to the existing SendEvent infrastructure, maintaining consistency with the state machine architecture.
This commit enhances the GardenKit configuration by adding two new optional dependencies: DelegationKeyChecker and MintCommitter. These additions enable the garden subsystem to verify delegation key ownership and submit mint events to the supply commitment state machine. The GardenKit struct serves as the central configuration hub for the tapgarden package, and these new fields allow components like the BatchCaretaker to conditionally enable supply commitment functionality when the required dependencies are available.
This commit extends the ChainPorterConfig with DelegationKeyChecker and BurnSupplyCommitter dependencies to enable supply commitment tracking for asset burns. When processing burn events, the chain porter now filters assets to only submit supply commitment events for those where we control the delegation key. The sendBurnSupplyCommitEvents method uses functional filtering to pre-process the burn list, ensuring we only attempt to create supply commitments for assets we're authorized to manage. This prevents unnecessary processing and potential errors for assets where we lack delegation authority.
This commit enhances the BatchCaretaker to filter mint events based on delegation key ownership. The sendSupplyCommitEvents method now uses functional filtering to ensure supply commitment events are only sent for assets where we control the delegation key. Similar to the burn event filtering in tapfreighter, this change ensures the caretaker respects delegation authority when creating supply proofs for newly minted assets. The filtering happens early in the process to avoid unnecessary proof construction and event submission for assets we're not authorized to manage.
This commit completes the integration by wiring the address book's DelegationKeyChecker implementation to both the GardenKit and ChainPorterConfig. With this configuration, both minting and burning operations now properly verify delegation key ownership before submitting supply commitment events. The address book serves as the central authority for key ownership verification, leveraging its existing access to the key ring and asset metadata storage. This ensures consistent delegation checking across all supply commitment operations.
This commit introduces comprehensive test coverage for the delegation key filtering functionality in the BatchCaretaker. The tests verify that mint supply commitment events are only sent for assets where we control the delegation key. The test suite covers three key scenarios: all assets having delegation keys, partial delegation key ownership, and no delegation keys. Mock implementations of the MintCommitter and DelegationKeyChecker interfaces enable isolated testing of the filtering logic without requiring actual key management infrastructure.
This commit adds a unified test suite for burn supply commitment event processing in the ChainPorter. The tests verify delegation key filtering, error handling, and various burn scenarios through a table-driven approach with a helper function for cleaner test setup. The test coverage includes successful burn processing with mixed group keys, delegation key filtering scenarios, error handling for both the delegation checker and burn committer, handling of missing dependencies, and validation of invalid group key bytes. The setupChainPorterTest helper function eliminates repetitive mock configuration, making the tests more maintainable and focused on the scenarios being tested.
ffranr
reviewed
Aug 6, 2025
Comment on lines
+229
to
+245
| // Set up mocks | ||
| tt.setupMocks(mockStorage) | ||
|
|
||
| // Call the method | ||
| hasDelegation, err := book.HasDelegationKey(ctx, tt.assetID) | ||
|
|
||
| // Check results | ||
| if tt.expectedError != "" { | ||
| require.Error(t, err) | ||
| require.Contains(t, err.Error(), tt.expectedError) | ||
| } else { | ||
| require.NoError(t, err) | ||
| } | ||
|
|
||
| require.Equal(t, tt.expectedHas, hasDelegation) | ||
|
|
||
| // Verify expectations |
There was a problem hiding this comment.
comments can be removed here
Comment on lines
+95
to
+97
| // MintCommitter is used to commit the minting of new assets to the | ||
| // supply commitment state machine. | ||
| MintCommitter MintSupplyCommitter |
There was a problem hiding this comment.
I think we should call this field MintSupplyCommitter, but no big deal IMO
Comment on lines
+104
to
+111
| // BurnSupplyCommitter is used to track supply changes (burns) and | ||
| // create periodic on-chain supply commitments. | ||
| BurnCommitter BurnSupplyCommitter | ||
|
|
||
| // DelegationKeyChecker is used to verify that we control the delegation | ||
| // key for a given asset, which is required for creating supply | ||
| // commitments. | ||
| DelegationKeyChecker address.DelegationKeyChecker |
There was a problem hiding this comment.
The ChainPorter already supports event emission, so I think we might be able to avoid leaking the concept of supply commitments into it, even if the logic is abstracted behind interfaces. Instead, the multi supply commit manager could subscribe as a consumer of ChainPorter events. Perhaps we define a new burn event emitted by the ChainPorter, and let the supply commit manager handle delegation key checks independently.
In other words, the ChainPorter just emits a burn event, and the multi supply commit manager does the rest. This would help keep the supply commitment feature cleanly separated.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.