You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/reference/splitter.md
+25-2Lines changed: 25 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -43,7 +43,7 @@ Every transaction on Solana includes a fee payer, at least one signature (the fe
43
43
Importantly, the Solana blockchain generates a new blockhash value roughly every `~400ms` and it keeps a list of recent blockhash values. Any transaction that is submitted must use a recent blockhash value. If a Solana validator receives a transaction with a blockhash value that is not in the recent blockhash list, the transaction will be rejected.
44
44
45
45
### Durable Nonces
46
-
Durable nonces are a Solana feature that allows for the creation of a nonce account that can be used to store a blockhash derived value. This value can then be used instead of a blockhash and allows users to get around the recent blockhash requirement mentioned above. The primary use case is to give users time to sign multi-sig transactions.
46
+
Durable nonces are a Solana feature that allows for the creation of a [nonce account](https://docs.solana.com/implemented-proposals/durable-tx-nonces) that can be used to store a blockhash derived value. This value can then be used instead of a blockhash and allows users to get around the recent blockhash requirement mentioned above. The primary use case is to give users time to sign multi-sig transactions.
47
47
48
48
::: warning Nonce Value
49
49
Importantly, if a transaction using a durable nonce is submitted, the value of the durable nonce is advanced. This prevents replay attacks. It doesn't matter if the transaction fails or succeeds, the value of the durable nonce is advanced.
@@ -137,11 +137,34 @@ Now that you have an understanding of `conditional payments`, `commitments`, and
137
137
After making a payment, whether it happens to be on the next app open or during another payment, the Code app will ask the Code Sequencer if there are any pending temporary privacy transactions that can be upgraded to permanent privacy. If there are, the Code Sequencer will respond with a `Merkle Proof` that can be used to re-create the original temporary privacy transaction for a past intent but with a different commitment value. The merkle proof can be used to prove that the original payment is included within a more recent merkle tree root. The mobile app can then re-create the original `Tx1` transaction with the new commitment value and submit it to the Code Sequencer. This effectively breaks the connection between `Tx1` and `Tx2` on-chain.
138
138
139
139
::: warning Atomicity of Durable Nonce Transactions
140
-
One very important property of transactions that include a [durable nonce](#durable-nonces) is that we can create many transactions against the same durable nonce value. Only one of these transactions can ever be successfully executed on-chain. The rest will fail because the durable nonce value will be advanced atomically after the first transaction is submitted.
140
+
One very important property of transactions that include a [durable nonce](#durable-nonces) is that we can create many transactions against the same durable nonce value. Only one of these transactions can ever be executed on-chain (successfully or not). The rest will fail because the durable nonce value will be advanced atomically after the first transaction is submitted. It doesn't matter if the first transaction is successful, the nonce value will be advanced.
141
+
142
+
```mermaid
143
+
sequenceDiagram
144
+
participant User
145
+
participant Solana
146
+
participant NonceAccount
147
+
148
+
User->>User: Creates two transaction variations <br>(Tx1 and Tx2) with same nonce
149
+
150
+
User->>+Solana: Submit Transaction Variation Tx1 with nonce
151
+
Solana->>+NonceAccount: Check and Advance nonce value
152
+
NonceAccount-->>-Solana: Confirm nonce advanced
153
+
Solana-->>-User: Tx1 is executed (successfully or not)
154
+
155
+
User->>+Solana: Submit Transaction Variation Tx2 with same nonce
156
+
Solana->>+NonceAccount: Check current nonce
157
+
NonceAccount-->>-Solana: Value does not match
158
+
Solana-->>-User: Tx2 failed due to nonce advance
159
+
160
+
Note over User,NonceAccount: Only one transaction with the same durable nonce value can ever be executed
161
+
```
141
162
142
163
This means that **it is safe to provide the Code Sequencer with two transaction variations of the same intent**. The Code Sequencer will only ever be able to execute one of them on the Solana blockchain.
143
164
:::
144
165
166
+
167
+
145
168
Reviewing our example from above, the `Tx2` transaction will be submitted at some point. Unrelated transactions from other Code users will also land. These will change the on-chain Merkle Root value. When the Code app is opened again, the Code Sequencer will respond with a merkle proof that can be used to re-create the original `Tx1` transaction with a new commitment value. This new commitment value will be based on some recent Merkle Root value. The Code app has all the information it needs to calculate if the provided proof actually includes the `Tx2` transaction. The Code app can then submit the new `Tx1` transaction to the Code Sequencer.
0 commit comments