Construct/sign/submit tx with delegation shared wallets

[paweljakubas]

• sneak delegation action to ctxTx
• refactor constraints in constructSharedTx
• introduce ErrConstructTxStakingInvalid with integration test
• create proper staking credential during tx construction
• introduce script as credential in shelley module
• introduce dScriptTemplateM in balanceTransaction
• introduce txStakingTemplate in TxSkeleton
• fee adjustment
• inject delegation script if it is valid
• add emptySharedWalletDelegating and fixtureSharedWalletdelegating
• constructTx with delegation integration test
• account deposit/refunds
• make sure decodeSharedTransaction account deposits/refunds and certificates properly
• extending WitnessCtx in the context of decodeSharedTransaction
• signing mechanism
• show signing in integration testing
• sneaking WitnessCtx in signTransaction
• guarding submission and adding proper integration tests

Comments

Issue Number

adp-2602

[Anviking]

This function seems unused. Do you have plans for it, or should it be removed?

[Anviking]

This does not expose external deposits and returns. Should it not? Otherwise the tx may look unbalanced based on the response.

[Anviking]

Why not get this from delegationScriptTemplateM?

[Anviking]

This is not seen by balanceTx, so any change to estimateTxSize should not be needed.

[Anviking]

With ErrConstructTxStakingInvalid, I don't think we can ever hit the xpub case? If so, I suspect an error would be clearer (and obviously, rewriting everything such that the error is not needed would be even clearer, but I think that's for the future.)

[Anviking]

I believe rewardAcnt is redundant in the case of shared wallets; if we stake the XPrv for signing withdrawals and certificates will always be the same. This doesn't really matter, but could be confusing. I suspect it could be fixed now, but otherwise ADP-2675 should make this easier to deal with.

[Anviking]

I don't think we need to resolve the scripts from ByScript credentials. We already have scriptVkWitsUpperBound, and could handle it in a simpler and possible safer way by:

1. Make estimateWitNumForCred only return 1 for key credentials and 0 otherwise.
2. Drop apiScriptHashes - we don't need the resolution

I tried this locally and it fails with (FeeTooSmallUTxO (Coin 176900) (Coin 166800). But I suspect this is because we somehow sign with one witness too much, probably because of duplication between:

        , mapMaybe mkWdrlCertWitness certs
        , mapMaybe mkStakingScriptWitness stakingScriptsKeyHashes

[Anviking]

Haven't made the final review (waiting for response now & happy to chat), but I wanted to also point out / emphasise overall that I really feel

1. Refactoring signTx / estimateNumberOfWitnesses https://input-output.atlassian.net/browse/ADP-2676 / https://input-output.atlassian.net/browse/ADP-2675 / using Ledger.witsVKeysNeeded
2. Refactoring TransactionCtx and mkUnsignedTx somehow (I think likely stop trying very hard to generalise, and instead splitting into more specialised parts)

would make the logic in this PR much neater and is something we should do fairly soon.

[piotr-iohk]

Integration tests only covers join atm. rejoin and quit are missing if I'm not mistaken.

Also, I've noticed (after joining shared wallet on preprod) that the delegation settings returned as part of getSharedWallet are not updated and still show:

  "delegation": {
    "active": {
      "status": "not_delegating"
    },
    "next": []
  }

Therefore we need to make sure to also check something like this.

[paweljakubas]

closing in favor of #3830