Prevent the migration algorithm from creating money.

The migration algorithm should satisfy the following property: >>> Total value of all inputs >= sum of selection change coins Before this change, it was possible to cause the algorithm to violate this property by giving it a single input value lower than the dust threshold. This change adds a guard to the `mkCoinSelection` function, preventing it from creating a change coin if that change coin would be higher than the total value of all inputs.
IntersectMBO · May 12, 2020 · 1ecdf26 · 1ecdf26
1 parent 50b2400
commit 1ecdf26
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/src/library/Cardano/CoinSelection/Algorithm/Migration.hs b/src/library/Cardano/CoinSelection/Algorithm/Migration.hs
@@ -33,6 +33,7 @@ import Cardano.CoinSelection
     , CoinSelectionLimit (..)
     , coinMapFromList
     , coinMapToList
+    , coinMapValue
     , sumChange
     , sumInputs
     )
@@ -118,14 +119,16 @@ selectCoins options (BatchSize batchSize) utxo =
       where
         inputs = coinMapFromList inputEntries
         outputs = mempty
-        change =
-            if null nonDustInputCoins
-            then [C.succ threshold]
-            else nonDustInputCoins
-        threshold = unDustThreshold dustThreshold
+        change
+            | null nonDustInputCoins && totalInputValue >= smallestNonDustCoin =
+                [smallestNonDustCoin]
+            | otherwise =
+                nonDustInputCoins
         nonDustInputCoins = filter
             (not . isDust dustThreshold)
             (entryValue <$> inputEntries)
+        smallestNonDustCoin = C.succ $ unDustThreshold dustThreshold
+        totalInputValue = coinMapValue inputs
 
     -- | Attempt to balance the coin selection by reducing or increasing the
     -- change values based on the computed fees.