TODO: Conceal everything we do not need

[cymqqqq]

Hi Team, there is another PR I want to push to the rgb-ops, that is, Conceal everything we do not need.
But first, I set up a new issue, so your team can check if it is valid or makes sense.
For what I think that Conceal everything we do not need should do:

1. Keep the same set of transitions (needed for validation).
2. For each transition’s assignments, convert Assign::Revealed to Assign::ConfidentialSeal unless the seal is explicitly required by the caller (e.g. the outputs the consignment is for).
3. This reduces leakage while keeping validation intact because the commitment uses concealed seals.

Is that safe?

1. Validation depends on commitments, not revealed seals.
2. Concealing seals doesn’t change commitments (only reveals), so the transition IDs(opid) and bundle IDs remain valid.
3. Receivers who know their output can still match by secret seal even if the explicit seal is concealed.

So here is what I have done:

1. Added concealment of revealed assignment seals not in the requested output set when building consignments
2. Threaded outputs through consign_operations and consign_bundles, and updated the fascia path to pass the output slice

The code snippets:

 let (mut sorted_bundles, dag) =
            self.sort_bundles(bundles, contract_id, build_opouts_dag, &genesis)?;

        let keep_output_seals = outputs.iter().copied().collect::<HashSet<_>>();
        for witness_bundle in &mut sorted_bundles {
            for KnownTransition { transition, .. } in
                witness_bundle.bundle_mut().known_transitions.iter_mut()
            {
                for typed_assigns in transition.assignments.values_mut() {
                    Self::conceal_unneeded_assigns(typed_assigns, &keep_output_seals);
                }
            }
        }

// callback after sort bundles

fn conceal_unneeded_assigns(
        typed_assigns: &mut TypedAssigns<GraphSeal>,
        keep_output_seals: &HashSet<OutputSeal>,
    ) {
        match typed_assigns {
            TypedAssigns::Declarative(assigns) => {
                for assign in assigns.iter_mut() {
                    let Assign::Revealed { seal, .. } = assign else {
                        continue;
                    };
                    let keep_revealed = seal
                        .to_output_seal()
                        .map(|output| keep_output_seals.contains(&output))
                        .unwrap_or(false);
                    if !keep_revealed {
                        *assign = assign.conceal();
                    }
                }
            }
            TypedAssigns::Fungible(assigns) => {
                for assign in assigns.iter_mut() {
                    let Assign::Revealed { seal, .. } = assign else {
                        continue;
                    };
                    let keep_revealed = seal
                        .to_output_seal()
                        .map(|output| keep_output_seals.contains(&output))
                        .unwrap_or(false);
                    if !keep_revealed {
                        *assign = assign.conceal();
                    }
                }
            }
            TypedAssigns::Structured(assigns) => {
                for assign in assigns.iter_mut() {
                    let Assign::Revealed { seal, .. } = assign else {
                        continue;
                    };
                    let keep_revealed = seal
                        .to_output_seal()
                        .map(|output| keep_output_seals.contains(&output))
                        .unwrap_or(false);
                    if !keep_revealed {
                        *assign = assign.conceal();
                    }
                }
            }
        }
    }

[St333p]

Hi, thanks for the issue!
I think you are on the right track, but the task is a bit more complicated than that. If you conceal everything that was not explicitly requested by the caller, you will find that validation of such consignment fails. This is because, in order to verify a seal closing operation, the corresponding seal must be revealed, otherwise we don't know the UTXO it is linked to and can't verify that it is spent by the witness transaction (see https://github.com/rgb-protocol/rgb-consensus/blob/d0e157ae6a19edc08829cf4b52bbda2f10b4301e/src/validation/validator.rs#L439).

As a consequence, the task is about "concealing every seal that was not requested by the caller AND is not spent by another transition in the consignment", which seems to require a full visit of the transition graph. Since it's "only" a privacy improvement and consignment creation seems to be one of the performance bottlenecks, we'd appreciate some effort in implementing this as efficiently as possible and benchmarks showing the performance hit is limited.

[cymqqqq]

Hi, I re-designed another version of concealing every seal that was not requested by the caller AND is not spent by another transition in the consignment, you can review it again.

What changed:

1. Keep‑if‑requested‑or‑spent: we now keep revealed seals if either:
   1.1 The seal is explicitly requested by the caller (outputs), or
   1.2 The seal is spent by another transition in the consignment (i.e., appears as an input opout).
2. Full graph visit: we scan all transitions once to collect keep_spent_opouts, then a second pass to conceal non‑required seals.
3. Applied to genesis too: if a transition spends a genesis output, that seal stays revealed; otherwise it can be concealed.

Implemented:
consign_bundles now:
builds keep_spent_opouts from all transition inputs,
keeps requested output seals,
applies concealment on genesis and all transitions.

It may match your requirement?

1. Validation needs revealed seals for spent inputs, so we keep those.
2. Everything else can be safely concealed unless explicitly requested.
3. This avoids the validation failure you called out while still reducing leakage.

  fn consign_bundles<const TRANSFER: bool>(
        &self,
        contract_id: ContractId,
        mut bundles: BTreeMap<BundleId, (WitnessBundle, u32)>,
        mut parent_opids: Vec<OpId>,
        bundle_sec_seals: BTreeMap<BundleId, BTreeSet<SecretSeal>>,
        outputs: &[OutputSeal],
        build_opouts_dag: bool,
    ) -> Result<ConsignmentWithOptDag<TRANSFER>, StockError<S, H, P, ConsignError>> {
        // 2. Collect all state transitions between terminals and genesis
        let mut seen_ids = HashSet::new();
        while let Some(id) = parent_opids.pop() {
            if id == contract_id {
                continue; // we skip genesis since it will be present anywhere
            }
            if !seen_ids.insert(id) {
                continue; // we skip seen IDs to avoid re-processing duplicates
            }
            let transition = self.transition(id)?;
            parent_opids.extend(transition.inputs().iter().map(|input| input.op));
            let bundle_id = self.index.bundle_id_for_op(transition.id())?;
            if let Some((wbundle, _)) = bundles.get_mut(&bundle_id) {
                wbundle.bundle.reveal_transition(transition.clone())?;
            } else {
                bundles.insert(bundle_id, self.witness_bundle(bundle_id, id)?);
            };
        }

        let mut genesis = self.stash.genesis(contract_id)?.clone();

        let schema = self.stash.schema(genesis.schema_id)?.clone();

        let (mut sorted_bundles, dag) =
            self.sort_bundles(bundles, contract_id, build_opouts_dag, &genesis)?;
// we start to conceal here
        let keep_output_seals = outputs.iter().copied().collect::<HashSet<_>>();
        let mut keep_spent_opouts = HashSet::new();
        for witness_bundle in &sorted_bundles {
            for KnownTransition { transition, .. } in &witness_bundle.bundle.known_transitions {
                for input in &transition.inputs {
                    keep_spent_opouts.insert(*input);
                }
            }
        }

        let genesis_opid = genesis.id();
        for (type_id, typed_assigns) in genesis.assignments.iter_mut() {
            Self::conceal_unneeded_assigns(
                typed_assigns,
                genesis_opid,
                *type_id,
                &keep_spent_opouts,
                &keep_output_seals,
            );
        }
        for witness_bundle in &mut sorted_bundles {
            for KnownTransition { transition, .. } in
                witness_bundle.bundle_mut().known_transitions.iter_mut()
            {
                let opid = transition.id();
                for (type_id, typed_assigns) in transition.assignments.iter_mut() {
                    Self::conceal_unneeded_assigns(
                        typed_assigns,
                        opid,
                        *type_id,
                        &keep_spent_opouts,
                        &keep_output_seals,
                    );
                }
            }
        }

        let bundles =
            Confined::try_from_iter(sorted_bundles).map_err(|_| ConsignError::TooManyBundles)?;
        let terminals = Confined::try_from(
            bundle_sec_seals
                .into_iter()
                .map(|(bundle_id, seals)| {
                    Confined::try_from(seals)
                        .map(|confined| (bundle_id, SecretSeals::from(confined)))
                        .map_err(|_| ConsignError::InvalidSecretSealsNumber)
                })
                .collect::<Result<BTreeMap<_, _>, _>>()?,
        )
        .map_err(|_| ConsignError::TooManyTerminals)?;

        let (types, scripts) = self.stash.extract(&schema)?;
        let scripts = Confined::from_iter_checked(scripts.into_values());

        let consignment = Consignment {
            version: ContainerVer::V0,
            transfer: TRANSFER,

            schema,
            genesis,
            terminals,
            bundles,

            types,
            scripts,
        };

        Ok((consignment, dag))
    }

    fn conceal_unneeded_assigns<Seal: ExposedSeal>(
        typed_assigns: &mut TypedAssigns<Seal>,
        opid: OpId,
        type_id: AssignmentType,
        keep_spent_opouts: &HashSet<Opout>,
        keep_output_seals: &HashSet<OutputSeal>,
    ) {
        match typed_assigns {
            TypedAssigns::Declarative(assigns) => {
                for (index, assign) in assigns.iter_mut().enumerate() {
                    let opout = Opout::new(opid, type_id, index as u16);
                    if keep_spent_opouts.contains(&opout) {
                        continue;
                    }
                    let Assign::Revealed { seal, .. } = assign else {
                        continue;
                    };
                    let keep_revealed = seal
                        .to_output_seal()
                        .map(|output| keep_output_seals.contains(&output))
                        .unwrap_or(false);
                    if !keep_revealed {
                        *assign = assign.conceal();
                    }
                }
            }
            TypedAssigns::Fungible(assigns) => {
                for (index, assign) in assigns.iter_mut().enumerate() {
                    let opout = Opout::new(opid, type_id, index as u16);
                    if keep_spent_opouts.contains(&opout) {
                        continue;
                    }
                    let Assign::Revealed { seal, .. } = assign else {
                        continue;
                    };
                    let keep_revealed = seal
                        .to_output_seal()
                        .map(|output| keep_output_seals.contains(&output))
                        .unwrap_or(false);
                    if !keep_revealed {
                        *assign = assign.conceal();
                    }
                }
            }
            TypedAssigns::Structured(assigns) => {
                for (index, assign) in assigns.iter_mut().enumerate() {
                    let opout = Opout::new(opid, type_id, index as u16);
                    if keep_spent_opouts.contains(&opout) {
                        continue;
                    }
                    let Assign::Revealed { seal, .. } = assign else {
                        continue;
                    };
                    let keep_revealed = seal
                        .to_output_seal()
                        .map(|output| keep_output_seals.contains(&output))
                        .unwrap_or(false);
                    if !keep_revealed {
                        *assign = assign.conceal();
                    }
                }
            }
        }
    }

[St333p]

The logic looks good to me now, just a couple of things I'd change:

• For performance reasons, I would like to avoid cycling all transition inputs all over again, could you please figure out if it's possible to build keep_spent_opouts within the while let cycle at the beginning of the method?
• conceal_unneeded_assigns contains quite a bit of duplicated code; I'm aware that the TypedAssigns structure is a bit complex to work with, but I'd appreciate some effort into reducing such duplicated code.

If you do proceed to open a PR, kindly

• make sure that all integration tests in github.com/rgb-protocol/rgb-tests pass before asking our review
• take some time to produce benchmarks (you can use https://github.com/rgb-protocol/rgb-tests/blob/master/tests/stress.rs) to evaluate the performance hit for the consignment creation, i.e. the difference in execution time and memory consumption before and after your changed