Skip to content

feat: add InductiveSmartContract with UTXO chain backward verification#5

Open
icellan wants to merge 6 commits intomainfrom
feat/inductive-smart-contract
Open

feat: add InductiveSmartContract with UTXO chain backward verification#5
icellan wants to merge 6 commits intomainfrom
feat/inductive-smart-contract

Conversation

@icellan
Copy link
Owner

@icellan icellan commented Mar 3, 2026

Summary

  • Adds InductiveSmartContract as a third contract base class extending StatefulSmartContract with backward verification via mathematical induction on the UTXO chain (BOLT-style)
  • Each transaction verifies its parent had the same covenant code and consistent lineage metadata, so a verifier only needs two consecutive transactions to confirm the entire chain back to genesis
  • Implemented across all three compilers (TypeScript, Go, Rust), all three SDKs, mock packages, with example contract and multi-format conformance test

Mechanism

The compiler auto-injects three internal state fields (_genesisOutpoint, _parentOutpoint, _grandparentOutpoint) and verification logic at method entry:

  1. Parent tx hash verification: hash256(parentTx) === left(extractOutpoint(txPreimage), 32)
  2. Genesis detection: all-zeros sentinel for first spend, sets identity
  3. Chain consistency: verifies parent's genesis matches ours and parent's parent matches our grandparent

Files changed (40 modified, 7 new)

Area Files
TS Compiler parsers (01-parse*.ts), validator, typecheck, ANF lowering, stack lowering, optimizer, IR types
Go Compiler parsers, validator, typecheck, ANF lowering, stack codegen, IR types/loader
Rust Compiler parsers, validator, typecheck, ANF lowering, stack codegen, IR types/loader
SDKs TS/Go/Rust contract.ts — parentTx detection + raw tx fetch
Mock packages Go (runar.go) + Rust (prelude.rs) — InductiveSmartContract type
New IR node extract_parent_output — raw Bitcoin tx parsing via OP_SPLIT chains
Example examples/ts/inductive-token/ — InductiveToken contract + vitest tests
Conformance conformance/tests/inductive/ — 5 format variants (TS, Sol, Move, Go, Rust)

Test plan

  • pnpm run build — all 6 packages compile
  • npx vitest run — 1306 tests pass (74 test files), including new InductiveToken tests
  • cd compilers/go && go test ./... — all Go compiler tests pass
  • cd compilers/rust && cargo test — all 108 Rust compiler tests pass
  • Cross-compiler conformance tests pass
  • Generate golden files for inductive conformance test (--update-golden)

🤖 Generated with Claude Code

icellan and others added 4 commits March 3, 2026 14:22
@icellan @claude
feat: add InductiveSmartContract with UTXO chain backward verification
90c4d03 
Implement the third contract base class that extends StatefulSmartContract
with mathematical induction on the UTXO chain. Each transaction verifies
its parent had the same covenant code and consistent lineage metadata,
enabling a verifier to confirm the full chain back to genesis by inspecting
only two consecutive transactions.

Changes across all three compilers (TypeScript, Go, Rust):
- Parser: detect InductiveSmartContract, inject internal fields
  (_genesisOutpoint, _parentOutpoint, _grandparentOutpoint)
- Validator: allow new parent class, reject reserved field names
- Typecheck: add implicit parentTx param, exclude internal fields from
  addOutput arg count
- ANF lowering: inject checkPreimage, parent tx hash verification,
  genesis detection, chain consistency assertions, internal field updates
- New IR node: extract_parent_output for raw Bitcoin tx parsing
- Stack lowering: implement extract_parent_output via OP_SPLIT chains
- Optimizer: add extract_parent_output to constant fold pass-through

SDKs (TypeScript, Go, Rust): detect parentTx ABI param, fetch raw parent
tx from provider, prepend to unlocking script.

Mock packages: add InductiveSmartContract type (Go struct, Rust struct).

Includes InductiveToken example with vitest tests and multi-format
conformance test (TS, Solidity, Move, Go, Rust).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@icellan @claude
docs: add InductiveSmartContract conceptual guide
59efe25 
Explains the chain verification problem, the induction-based solution,
compiler-injected fields and verification sequence, genesis detection,
parent output extraction, transaction flow examples, and SDK integration.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@icellan @claude
docs: add formal verification section to inductive contracts guide
5437a6d 
Describes the chain integrity theorem, its proof structure (base case,
inductive step, chain linking), the three cryptographic axioms required,
and notes that a Coq/Lean formalization would be ~200 lines.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@icellan
feat: support multi-output InductiveSmartContract methods
e48908e 
Derive output index dynamically from the outpoint in the BIP-143
preimage instead of hardcoding index 0. This enables methods like
transfer that create multiple outputs (recipient + change) where
the change UTXO at index 1 can be correctly verified in the next
transaction.

Changes across all 3 compilers (TS, Go, Rust):
- ANF lowering: extract vout from outpoint via right() + OP_BIN2NUM
- Stack lowering: unrolled output-skipping loop (up to 4 outputs)
- ANF lowering: fix Go/Rust to auto-append internal fields to addOutput
  and reorder internal field updates before developer body
- Add unpack to unary_op opcode maps

SDK multi-output support (TS, Go, Rust):
- CallOptions.outputs accepts multiple OutputSpec with per-output state
- BuildCallTransaction creates multiple continuation outputs
- ContinuationOutputIndex controls which output to track
- State save/restore during multi-output script building

Tests: 9 new Go SDK multi-output tests, all 1306 TS tests pass
@sirdeggen sirdeggen force-pushed the feat/inductive-smart-contract branch from 8fddf16 to e48908e Compare March 3, 2026 18:18
icellan and others added 2 commits March 9, 2026 23:15
@icellan @claude
Merge branch 'main' into feat/inductive-smart-contract
5ae7c3c 
Resolve 24 conflicts, keeping both InductiveSmartContract features
and main's Python compiler, property initializers, and SDK improvements.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@icellan
feat: replace full parent tx with partial SHA-256 for InductiveSmartC…
c7d3482 
…ontract

Replace the full raw parent transaction parameter with 4 constant-size
implicit parameters (_parentHashState, _parentTailBlock1, _parentTailBlock2,
_parentRawTailLen) totaling 161 bytes. The contract completes the parent
txid hash on-chain using sha256Compress, preventing exponential tx growth.

Changes across all 4 compilers (TS, Go, Rust, Python):
- Remove ExtractParentOutput ANF node and stack lowering (~250 lines each)
- Replace parentTx with partial SHA-256 verification in ANF lowering
- Extract internal fields from tail blocks using arithmetic offsets
- Add InductiveSmartContract support to Python compiler (new)
- Add Python conformance test (inductive.runar.py)

SDK changes (TS, Go, Rust, Python):
- Add sha256Compress utility + computePartialSha256ForInductive
- Auto-detect inductive methods via _parentHashState ABI param
- Compute and push 4 implicit params in unlock script

Documentation:
- Rewrite docs/inductive-contracts.md with partial SHA-256 approach
- Remove working document (partial-sha256-inductive-contracts.md)
- Update CLAUDE.md contract model section and conformance count
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@icellan