Skip to content

ZK-073: Redesign relayer binding and zero-relayer semantics across SDK and contract code#446

Open
canvascn00-crypto wants to merge 1 commit intoANAVHEOBA:mainfrom
canvascn00-crypto:fix/PrivacyLayer-1777591456
Open

ZK-073: Redesign relayer binding and zero-relayer semantics across SDK and contract code#446
canvascn00-crypto wants to merge 1 commit intoANAVHEOBA:mainfrom
canvascn00-crypto:fix/PrivacyLayer-1777591456

Conversation

@canvascn00-crypto
Copy link
Copy Markdown

@canvascn00-crypto canvascn00-crypto commented Apr 30, 2026

Wave Issue Key: ZK-073

Unified relayer binding contract across SDK, circuit, and contract code.

See issue: #349

@canvascn00
ZK-073: Redesign relayer binding and zero-relayer semantics
00c3b41 
Wave Issue Key: ZK-073

Unified relayer binding contract across SDK, circuit, and contract code:

## Changes

### Circuit (circuits/)
- **relayer.nr**: Replaced incomplete validation with canonical re-export
  from fee.nr. Added validate_relayer_not_malformed() defense-in-depth.
- **mod.nr**: Updated to delegate validate_relayer to fee.nr canonical impl.
- **spend.nr**: Added ZK-073 regression tests for all three modes:
  - Mode 1: No relayer (relayer=0, fee=0)
  - Mode 2: Relayer + fee (relayer≠0, fee>0)
  - Mode 3: Malformed (rejected — phantom relayer, orphan fee)

### Contract (contracts/)
- **address_decoder.rs**: decode_optional_relayer now returns Result with
  MalformedRelayer error for non-canonical encodings. Added
  validate_relayer_fee_binding() for contract-level enforcement.
- **withdraw.rs**: Added relayer/fee binding validation call after address
  decoding. Added regression tests.
- **errors.rs**: Added MalformedRelayer error variant (code 48).
- **relayer_binding_zk073.rs**: New regression test file.

### SDK (sdk/)
- **relayer_binding.ts**: New module defining the canonical relayer binding
  contract with resolveRelayerBinding() and classifyRelayerBinding().
  Self-tests for all modes.
- **relayer_binding_zk073.test.ts**: End-to-end regression tests verifying
  clean distinction between absent and malformed relayer cases.

## Acceptance Criteria Met
✅ Relayer handling no longer depends on ad hoc zero-address assumptions
✅ Contract accepts only relayer encodings the SDK can produce canonically
✅ Regression tests distinguish absent relayer from malformed relayer cleanly
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@canvascn00-crypto @canvascn00