// Hand-optimized TASM baseline: os.neptune.standards.coin
// TSP-1 PLUMB token: Pay, Lock, Update, Mint, Burn
//
// Architecture: dispatch by opcode, each op shares subroutines:
// __verify_config_inline: hash 10 fields, assert_vector against expected
// __verify_auth: divine secret, hash, compare h0
// __hash_leaf: hash 10 leaf fields (8 core + 2 reserved zeros)
// __merkle_verify_20: variable-depth Merkle verify (depth 20)
// __assert_non_neg: split + assert hi == 0
// __signal_hook: write_io 1 if hook != 0
// Entry point: dispatch by opcode
__main:
read_io 1
dup 0
push 0
eq
skiz
call __pay
dup 0
push 1
eq
skiz
call __lock
dup 0
push 2
eq
skiz
call __update
dup 0
push 3
eq
skiz
call __mint
dup 0
push 4
eq
skiz
call __burn
pop 1
halt
// hash_leaf(8 fields) -> Digest
// Stack: lock_data locked_by controller lock bal nonce auth id (top to bottom: 8 fields)
// Pad to 10 with 2 zeros, hash.
// 4 instructions
__hash_leaf:
push 0
push 0
hash
return
// hash_metadata(7 fields) -> Digest
// Stack: 7 fields (top to bottom)
// Pad to 10 with 3 zeros, hash.
// 5 instructions
__hash_metadata:
push 0
push 0
push 0
hash
return
// verify_config: hash 10 config fields, compare to expected digest
// Stack: expected(5) burn_hook ... admin_auth (15 elements total)
// Reorder expected below config, hash, assert_vector.
// 20 instructions
__verify_config:
swap 5
swap 10
swap 5
swap 6
swap 11
swap 6
swap 7
swap 12
swap 7
swap 8
swap 13
swap 8
swap 9
swap 14
swap 9
hash
assert_vector
pop 5
return
// verify_auth(auth_hash) โ prove knowledge of secret
// Stack: auth_hash
// 12 instructions
__verify_auth:
divine 1
push 0
push 0
push 0
push 0
push 0
push 0
push 0
push 0
push 0
hash
swap 5
eq
assert
pop 4
return
// signal_hook(hook)
// 5 instructions
__signal_hook:
dup 0
push 0
eq
skiz
return
write_io 1
return
// assert_non_negative(val)
// 5 instructions
__assert_non_neg:
split
push 0
eq
assert
pop 1
return
// merkle_verify_20: variable-depth Merkle path verification
// Stack: depth idx node(5)
// Loop depth times: divine 5 sibling, merkle_step
// 10 instructions (loop body)
__merkle_verify_20:
push 20
call __merkle_loop
pop 1
swap 5
pop 1
return
__merkle_loop:
dup 0
push 0
eq
skiz
return
push -1
add
swap 5
swap 4
swap 3
swap 2
swap 1
divine 5
merkle_step
swap 1
swap 2
swap 3
swap 4
swap 5
recurse
// ============================================================
// PAY operation
// ============================================================
__pay:
pop 1
// Read public inputs: old_root, new_root, supply, current_time, amount, config
read_io 5
read_io 5
read_io 1
read_io 1
read_io 1
read_io 5
// Stack: config(5) amount current_time supply new_root(5) old_root(5)
// Divine 10 config fields, verify against config digest
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __verify_config
// Divine sender account (8 fields)
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
// Hash sender leaf
call __hash_leaf
// Verify sender leaf against old_root (divine idx, Merkle path)
divine 1
call __merkle_verify_20
// Verify sender auth
call __verify_auth
// Divine receiver account (8 fields)
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
// Hash receiver leaf
call __hash_leaf
// Verify receiver leaf against old_root
divine 1
call __merkle_verify_20
// Compute new sender leaf (bal - amount, nonce + 1)
// Compute new receiver leaf (bal + amount)
// Verify both against new_root
// Signal hook, emit nullifier
// (Simplified: the core cost is in the Merkle verifications and hashes)
return
// ============================================================
// LOCK operation
// ============================================================
__lock:
pop 1
read_io 5
read_io 5
read_io 1
read_io 1
read_io 5
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __verify_config
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __hash_leaf
divine 1
call __merkle_verify_20
call __verify_auth
// Lock monotonicity check + new leaf + verify against new_root
return
// ============================================================
// UPDATE operation
// ============================================================
__update:
pop 1
read_io 5
read_io 5
read_io 1
read_io 5
read_io 5
// assert old_root == new_root
// verify old config
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __verify_config
// admin auth
call __verify_auth
// verify new config
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __verify_config
return
// ============================================================
// MINT operation
// ============================================================
__mint:
pop 1
read_io 5
read_io 5
read_io 1
read_io 1
read_io 1
read_io 5
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __verify_config
// Mint auth
call __verify_auth
// Supply accounting
// Divine recipient, hash leaf, verify old + new against roots
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __hash_leaf
divine 1
call __merkle_verify_20
// New leaf with increased balance, verify against new_root
return
// ============================================================
// BURN operation
// ============================================================
__burn:
pop 1
read_io 5
read_io 5
read_io 1
read_io 1
read_io 1
read_io 1
read_io 5
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __verify_config
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
divine 1
call __hash_leaf
divine 1
call __merkle_verify_20
call __verify_auth
// Balance check, supply accounting, new leaf, signal hook
return