Use a MASP crate that guarantees ValueSums.

Cargo.toml

@@ -120,8 +120,8 @@ libc = "0.2.97"
 libloading = "0.7.2"
 linkme = "0.3.24"
 # branch = "murisi/namada-integration"
-masp_primitives = { git = "https://github.com/anoma/masp", rev = "6cbc8bd90a71cc280492c44bc3415162093daa76" }
-masp_proofs = { git = "https://github.com/anoma/masp", rev = "6cbc8bd90a71cc280492c44bc3415162093daa76", default-features = false, features = ["local-prover"] }
+masp_primitives = { git = "https://github.com/anoma/masp", rev = "9119d6e7a1cff3d954d3f9b7040eac695d82f588" }
+masp_proofs = { git = "https://github.com/anoma/masp", rev = "9119d6e7a1cff3d954d3f9b7040eac695d82f588", default-features = false, features = ["local-prover"] }
 num256 = "0.3.5"
 num_cpus = "1.13.0"
 num-derive = "0.3.3"

crates/namada/src/ledger/native_vp/masp.rs

@@ -334,9 +334,9 @@ where
                 .decoder
                 .insert(address_hash, counterpart.to_address_ref().clone());
             *result.pre.entry(address_hash).or_insert(ValueSum::zero()) +=
-                ValueSum::from_pair(token.clone(), pre_balance).unwrap();
+                ValueSum::from_pair(token.clone(), pre_balance);
             *result.post.entry(address_hash).or_insert(ValueSum::zero()) +=
-                ValueSum::from_pair(token.clone(), post_balance).unwrap();
+                ValueSum::from_pair(token.clone(), post_balance);
         }
 
         Ok(result)
@@ -397,9 +397,7 @@ fn validate_transparent_input<A: Authorization>(
             let amount =
                 token::Amount::from_masp_denominated(vin.value, *digit);
             *bal_ref = bal_ref
-                .checked_sub(
-                    &ValueSum::from_pair(address.clone(), amount).unwrap(),
-                )
+                .checked_sub(&ValueSum::from_pair(address.clone(), amount))
                 .ok_or_else(|| {
                     Error::NativeVpError(native_vp::Error::SimpleMessage(
                         "Overflow in bundle balance",
@@ -429,9 +427,7 @@ fn validate_transparent_input<A: Authorization>(
                 let amount =
                     token::Amount::from_masp_denominated(vin.value, *digit);
                 *bal_ref = bal_ref
-                    .checked_sub(
-                        &ValueSum::from_pair(token.clone(), amount).unwrap(),
-                    )
+                    .checked_sub(&ValueSum::from_pair(token.clone(), amount))
                     .ok_or_else(|| {
                         Error::NativeVpError(native_vp::Error::SimpleMessage(
                             "Overflow in bundle balance",
@@ -480,9 +476,7 @@ fn validate_transparent_output(
             let amount =
                 token::Amount::from_masp_denominated(out.value, *digit);
             *bal_ref = bal_ref
-                .checked_sub(
-                    &ValueSum::from_pair(address.clone(), amount).unwrap(),
-                )
+                .checked_sub(&ValueSum::from_pair(address.clone(), amount))
                 .ok_or_else(|| {
                     Error::NativeVpError(native_vp::Error::SimpleMessage(
                         "Overflow in bundle balance",
@@ -497,9 +491,7 @@ fn validate_transparent_output(
             let amount =
                 token::Amount::from_masp_denominated(out.value, *digit);
             *bal_ref = bal_ref
-                .checked_sub(
-                    &ValueSum::from_pair(token.clone(), amount).unwrap(),
-                )
+                .checked_sub(&ValueSum::from_pair(token.clone(), amount))
                 .ok_or_else(|| {
                     Error::NativeVpError(native_vp::Error::SimpleMessage(
                         "Overflow in bundle balance",
@@ -577,8 +569,7 @@ fn verify_sapling_balancing_value(
                     *digit,
                 );
                 let decoded_change =
-                    ValueSum::from_pair(address.clone(), decoded_change)
-                        .expect("expected this to fit");
+                    ValueSum::from_pair(address.clone(), decoded_change);
                 if *val < 0 {
                     acc += decoded_change;
                 } else {
@@ -592,8 +583,7 @@ fn verify_sapling_balancing_value(
                     *digit,
                 );
                 let decoded_change =
-                    ValueSum::from_pair(token.clone(), decoded_change)
-                        .expect("expected this to fit");
+                    ValueSum::from_pair(token.clone(), decoded_change);
                 if *val < 0 {
                     acc += decoded_change;
                 } else {

crates/sdk/src/masp.rs

@@ -1476,11 +1476,9 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
         let required = value / threshold;
         // Forget about the trace amount left over because we cannot
         // realize its value
-        let trace = I128Sum::from_pair(asset_type, value % threshold)
-            .expect("the trace should be a valid i128");
+        let trace = I128Sum::from_pair(asset_type, value % threshold);
         let normed_trace =
-            I128Sum::from_pair(normed_asset_type, value % threshold)
-                .expect("the trace should be a valid i128");
+            I128Sum::from_pair(normed_asset_type, value % threshold);
         // Record how much more of the given conversion has been used
         *usage += required;
         // Apply the conversions to input and move the trace amount to output
@@ -1660,13 +1658,7 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
 
                 // The amount contributed by this note before conversion
                 let pre_contr =
-                    I128Sum::from_pair(note.asset_type, note.value as i128)
-                        .map_err(|()| {
-                            Error::Other(
-                                "received note has invalid value or asset type"
-                                    .to_string(),
-                            )
-                        })?;
+                    I128Sum::from_pair(note.asset_type, note.value as i128);
                 let (contr, normed_contr, proposed_convs) = self
                     .compute_exchanged_amount(
                         context.client(),
@@ -1880,12 +1872,10 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
                     res += ValueSum::from_pair(
                         pre_asset_type.token,
                         decoded_change,
-                    )
-                    .expect("expected this to fit");
+                    );
                 }
                 None => {
-                    undecoded += ValueSum::from_pair(*asset_type, *val)
-                        .expect("expected this to fit");
+                    undecoded += ValueSum::from_pair(*asset_type, *val);
                 }
                 _ => {}
             }
@@ -1915,11 +1905,9 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
                 res += MaspAmount::from_pair(
                     (decoded.epoch, decoded.token),
                     decoded_change,
-                )
-                .expect("unable to construct decoded amount");
+                );
             } else {
-                undecoded += ValueSum::from_pair(*asset_type, *val)
-                    .expect("expected this to fit");
+                undecoded += ValueSum::from_pair(*asset_type, *val);
             }
         }
         (res, undecoded)
@@ -1938,8 +1926,7 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
             if let Some(decoded) =
                 self.decode_asset_type(client, *asset_type).await
             {
-                res += ValueSum::from_pair((*asset_type, decoded), *val)
-                    .expect("unable to construct decoded amount");
+                res += ValueSum::from_pair((*asset_type, decoded), *val);
             }
         }
         res
@@ -2155,9 +2142,7 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
 
         // Anotate the asset type in the value balance with its decoding in
         // order to facilitate cross-epoch computations
-        let value_balance = builder.value_balance().map_err(|e| {
-            Error::Other(format!("unable to complete value balance: {}", e))
-        })?;
+        let value_balance = builder.value_balance();
         let value_balance = context
             .shielded_mut()
             .await
@@ -2247,8 +2232,7 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
             // Convert the shortfall into a I128Sum
             let mut shortfall = I128Sum::zero();
             for (asset_type, val) in asset_types.iter().zip(rem_amount) {
-                shortfall += I128Sum::from_pair(*asset_type, val.into())
-                    .expect("unable to construct value sum");
+                shortfall += I128Sum::from_pair(*asset_type, val.into());
             }
             // Return an insufficient ffunds error
             return Result::Err(TransferErr::from(
@@ -2260,16 +2244,7 @@ impl<U: ShieldedUtils + MaybeSend + MaybeSync> ShieldedContext<U> {
         if let Some(sk) = spending_key {
             // Represents the amount of inputs we are short by
             let mut additional = I128Sum::zero();
-            for (asset_type, amt) in builder
-                .value_balance()
-                .map_err(|e| {
-                    Error::Other(format!(
-                        "unable to complete value balance: {}",
-                        e
-                    ))
-                })?
-                .components()
-            {
+            for (asset_type, amt) in builder.value_balance().components() {
                 match amt.cmp(&0) {
                     Ordering::Greater => {
                         // Send the change in this asset type back to the sender

crates/shielded_token/src/conversion.rs

@@ -377,13 +377,10 @@ where
                     (MaspAmount::from_pair(
                         old_asset,
                         -(normed_inflation as i128),
-                    )
-                    .unwrap()
-                        + MaspAmount::from_pair(
-                            new_asset,
-                            new_normed_inflation as i128,
-                        )
-                        .unwrap())
+                    ) + MaspAmount::from_pair(
+                        new_asset,
+                        new_normed_inflation as i128,
+                    ))
                     .into(),
                 );
                 // Operations that happen exactly once for each token
@@ -428,14 +425,11 @@ where
                 current_convs.insert(
                     (token.clone(), denom, digit),
                     (MaspAmount::from_pair(old_asset, -(reward.1 as i128))
-                        .unwrap()
                         + MaspAmount::from_pair(new_asset, reward.1 as i128)
-                            .unwrap()
                         + MaspAmount::from_pair(
                             reward_assets[digit as usize],
                             real_reward as i128,
-                        )
-                        .unwrap())
+                        ))
                     .into(),
                 );
                 // Operations that happen exactly once for each token