supplyverifier: add check for minimum pre-commit count in verifier

ffranr · ffranr · commit c7656dd2fd9c · 2025-09-30T22:34:28.000+01:00
Each issuance event should have a corresponding pre-commitment output.
This relationship is used to enforce a lower bound on the number of
pre-commitments.
diff --git a/universe/supplyverifier/verifier.go b/universe/supplyverifier/verifier.go
@@ -813,6 +813,15 @@ func (v *Verifier) VerifyCommit(ctx context.Context,
 			"group when verifying supply commitment: %w", err)
 	}
 
+	// Verify that we have at least as many supply pre-commitments as
+	// new issuance leaves. Each issuance leaf must correspond to a
+	// pre-commitment output created at the time of asset issuance.
+	if len(unspentPreCommits) < len(leaves.IssuanceLeafEntries) {
+		return fmt.Errorf("not enough unspent supply pre-commitment "+
+			"outputs for issuance leaves: have %d, need %d",
+			len(unspentPreCommits), len(leaves.IssuanceLeafEntries))
+	}
+
 	// Perform validation of the provided supply leaves.
 	err = v.verifySupplyLeaves(ctx, assetSpec, delegationKey, leaves)
 	if err != nil {
