Deployed 407d255 with MkDocs version: 1.6.1
Home /
Cardano Foundation /
cardano-mpfs-onchain
Apr 20, 3-4 PM (0)
Apr 20, 4-5 PM (0)
Apr 20, 5-6 PM (0)
Apr 20, 6-7 PM (0)
Apr 20, 7-8 PM (0)
Apr 20, 8-9 PM (0)
Apr 20, 9-10 PM (0)
Apr 20, 10-11 PM (0)
Apr 20, 11-12 AM (0)
Apr 21, 12-1 AM (0)
Apr 21, 1-2 AM (0)
Apr 21, 2-3 AM (0)
Apr 21, 3-4 AM (0)
Apr 21, 4-5 AM (0)
Apr 21, 5-6 AM (0)
Apr 21, 6-7 AM (0)
Apr 21, 7-8 AM (0)
Apr 21, 8-9 AM (0)
Apr 21, 9-10 AM (0)
Apr 21, 10-11 AM (0)
Apr 21, 11-12 PM (0)
Apr 21, 12-1 PM (0)
Apr 21, 1-2 PM (0)
Apr 21, 2-3 PM (0)
Apr 21, 3-4 PM (0)
Apr 21, 4-5 PM (0)
Apr 21, 5-6 PM (0)
Apr 21, 6-7 PM (0)
Apr 21, 7-8 PM (0)
Apr 21, 8-9 PM (0)
Apr 21, 9-10 PM (0)
Apr 21, 10-11 PM (0)
Apr 21, 11-12 AM (0)
Apr 22, 12-1 AM (0)
Apr 22, 1-2 AM (0)
Apr 22, 2-3 AM (0)
Apr 22, 3-4 AM (0)
Apr 22, 4-5 AM (0)
Apr 22, 5-6 AM (0)
Apr 22, 6-7 AM (0)
Apr 22, 7-8 AM (0)
Apr 22, 8-9 AM (0)
Apr 22, 9-10 AM (0)
Apr 22, 10-11 AM (0)
Apr 22, 11-12 PM (0)
Apr 22, 12-1 PM (0)
Apr 22, 1-2 PM (0)
Apr 22, 2-3 PM (0)
Apr 22, 3-4 PM (0)
Apr 22, 4-5 PM (0)
Apr 22, 5-6 PM (0)
Apr 22, 6-7 PM (0)
Apr 22, 7-8 PM (0)
Apr 22, 8-9 PM (0)
Apr 22, 9-10 PM (0)
Apr 22, 10-11 PM (0)
Apr 22, 11-12 AM (0)
Apr 23, 12-1 AM (0)
Apr 23, 1-2 AM (0)
Apr 23, 2-3 AM (0)
Apr 23, 3-4 AM (0)
Apr 23, 4-5 AM (0)
Apr 23, 5-6 AM (0)
Apr 23, 6-7 AM (0)
Apr 23, 7-8 AM (0)
Apr 23, 8-9 AM (0)
Apr 23, 9-10 AM (0)
Apr 23, 10-11 AM (0)
Apr 23, 11-12 PM (0)
Apr 23, 12-1 PM (0)
Apr 23, 1-2 PM (0)
Apr 23, 2-3 PM (0)
Apr 23, 3-4 PM (0)
Apr 23, 4-5 PM (0)
Apr 23, 5-6 PM (0)
Apr 23, 6-7 PM (0)
Apr 23, 7-8 PM (0)
Apr 23, 8-9 PM (0)
Apr 23, 9-10 PM (0)
Apr 23, 10-11 PM (0)
Apr 23, 11-12 AM (0)
Apr 24, 12-1 AM (0)
Apr 24, 1-2 AM (0)
Apr 24, 2-3 AM (0)
Apr 24, 3-4 AM (0)
Apr 24, 4-5 AM (0)
Apr 24, 5-6 AM (0)
Apr 24, 6-7 AM (0)
Apr 24, 7-8 AM (0)
Apr 24, 8-9 AM (0)
Apr 24, 9-10 AM (0)
Apr 24, 10-11 AM (0)
Apr 24, 11-12 PM (0)
Apr 24, 12-1 PM (0)
Apr 24, 1-2 PM (0)
Apr 24, 2-3 PM (0)
Apr 24, 3-4 PM (0)
Apr 24, 4-5 PM (0)
Apr 24, 5-6 PM (0)
Apr 24, 6-7 PM (0)
Apr 24, 7-8 PM (0)
Apr 24, 8-9 PM (0)
Apr 24, 9-10 PM (0)
Apr 24, 10-11 PM (0)
Apr 24, 11-12 AM (0)
Apr 25, 12-1 AM (0)
Apr 25, 1-2 AM (0)
Apr 25, 2-3 AM (0)
Apr 25, 3-4 AM (0)
Apr 25, 4-5 AM (0)
Apr 25, 5-6 AM (0)
Apr 25, 6-7 AM (0)
Apr 25, 7-8 AM (0)
Apr 25, 8-9 AM (0)
Apr 25, 9-10 AM (0)
Apr 25, 10-11 AM (0)
Apr 25, 11-12 PM (0)
Apr 25, 12-1 PM (0)
Apr 25, 1-2 PM (0)
Apr 25, 2-3 PM (0)
Apr 25, 3-4 PM (0)
Apr 25, 4-5 PM (0)
Apr 25, 5-6 PM (0)
Apr 25, 6-7 PM (0)
Apr 25, 7-8 PM (0)
Apr 25, 8-9 PM (0)
Apr 25, 9-10 PM (0)
Apr 25, 10-11 PM (0)
Apr 25, 11-12 AM (0)
Apr 26, 12-1 AM (0)
Apr 26, 1-2 AM (0)
Apr 26, 2-3 AM (0)
Apr 26, 3-4 AM (0)
Apr 26, 4-5 AM (0)
Apr 26, 5-6 AM (0)
Apr 26, 6-7 AM (0)
Apr 26, 7-8 AM (0)
Apr 26, 8-9 AM (0)
Apr 26, 9-10 AM (0)
Apr 26, 10-11 AM (0)
Apr 26, 11-12 PM (0)
Apr 26, 12-1 PM (0)
Apr 26, 1-2 PM (0)
Apr 26, 2-3 PM (0)
Apr 26, 3-4 PM (0)
Apr 26, 4-5 PM (0)
Apr 26, 5-6 PM (0)
Apr 26, 6-7 PM (0)
Apr 26, 7-8 PM (0)
Apr 26, 8-9 PM (0)
Apr 26, 9-10 PM (0)
Apr 26, 10-11 PM (0)
Apr 26, 11-12 AM (0)
Apr 27, 12-1 AM (0)
Apr 27, 1-2 AM (0)
Apr 27, 2-3 AM (0)
Apr 27, 3-4 AM (0)
Apr 27, 4-5 AM (0)
Apr 27, 5-6 AM (0)
Apr 27, 6-7 AM (0)
Apr 27, 7-8 AM (0)
Apr 27, 8-9 AM (0)
Apr 27, 9-10 AM (0)
Apr 27, 10-11 AM (0)
Apr 27, 11-12 PM (0)
Apr 27, 12-1 PM (1)
Apr 27, 1-2 PM (1)
Apr 27, 2-3 PM (3)
Apr 27, 3-4 PM (0)
5 commits this week
Apr 20, 2026
-
Apr 27, 2026
docs: mark Phase 2-5,7 tasks done
Deployed ea8e7c6 with MkDocs version: 1.6.1
feat(cage): per-token parameterization with owner sweep
Replaces the unused `_version: Int` validator parameter with
`seed: OutputReference`. Each cage instance is now a unique script
hash → one address → one minted token. CSMT subtree completeness at
the cage address proves "all pending requests for this exact token,"
with no cross-token bandwidth coupling.
Validator changes:
- mpfCage parameter: `seed: OutputReference` (was `_version: Int`).
- `MintRedeemer.Minting` collapsed to unit; `Mint { asset }` removed.
- `validateMint` derives `tokenId = assetName(seed)` from the param;
enforces seed UTxO consumption.
- `validateMigration` pins `tokenId.assetName == assetName(seed)`
so migrations cannot relabel the token across the boundary.
- `UpdateRedeemer.Sweep(OutputReference)` added — owner reclaims
non-legitimate UTxOs at the cage. Direct O(1) state lookup via the
redeemer's pointer (in inputs or reference_inputs); confirms the
pointed-to UTxO carries cageToken before reading the state datum.
- Spend Modify/End paths add defense-in-depth
`expect extractedToken == cageToken`.
- `validModify` short-circuits the per-request refund-conservation
equation when `n == 0` (zero-request tick: root unchanged, no
refunds, oracle pays tx_fee from sweep dust).
Tests cover Sweep happy paths (no-datum garbage, wrong-token request,
fake-state-no-NFT, alongside Modify), Sweep negative paths (non-owner,
fake-state-ref, legitimate state, legitimate request), zero-request
Modify (positive + negative root mutation), and per-token isolation
across two distinct seeds. 1286 checks, 0 errors.
Implements: specs/003-per-token-cage-with-sweep/spec.md FR-001..FR-011.
Closes: cardano-foundation/cardano-mpfs-onchain#47
docs: plan per-token cage with owner sweep
Speckit artifacts for #47, superseding #24's per-oracle approach. Captures per-token parameterization (seed: OutputReference), Sweep redeemer with direct state UTxO lookup, zero-request Modify support, defense-in-depth token-equality checks, and migration asset-name pin.