Update comment for pending_balance_hi #364
Conversation
The comment of pending_balance_hi seems wrong, It's actual the high 32 bits of the pending balance.
|
the total available_balance is 48 bits encrypted, |
There was a problem hiding this comment.
Thanks for looking into this -- the comment here is actually correct though.
We limit the transfer amount to the low 16 bits and high 32 bits (see
token-2022/program/src/extension/confidential_transfer/mod.rs
Lines 20 to 21 in 010b8d4
The pending amount, however is split between the low 16 bits and high 48 bits. This allows for users to receive many transfers of a maximum of 2^48 without performing ApplyPendingBalance in between
|
Thanks for your reply. I still have some confusion. And also the max encrypted amount of pending_balance_hi or pending_balance_lo is 32 bits long. if the pending_balance_hi is high 48 bits. Then it will overflow, because the decrypt function can only get amount in 32 bits long, but the pending_balance_hi is 48 bits long. Is there something wrong with my understanding? |
|
I double-checked with our cryptographer because you stumped me for a bit! So the comment is correct currently, and the hi bits do actually contain the top 48 bits. Transfers are limited to 48 bits total (16 low and 32 hi). If someone transfers 2^48 tokens into your account twice, then However, the decryption function that you noticed will fail since the value is larger than 2^32. In that case, you'll need to go through the transfer transactions to properly decrypt the value. Our cryptographer noted that it's possible to decrypt values up to around 2^41 in a reasonable amount of time, so he'll add more decryption functions in case In the meantime, I propose to close the PR, but I really appreciate you bringing up this issue. |
The comment of pending_balance_hi seems wrong, It's actual the high 32 bits of the pending balance.