cashu-sdk fix: add verification of proofs for Melt and Split

make verify proofs private

bindings/cashu-sdk-ffi/src/cashu_sdk.udl

@@ -334,8 +334,6 @@ interface Mint {
 	PostMintResponse process_mint_request(MintRequest mint_request);
     [Throws=CashuSdkError]
 	SplitResponse process_split_request(SplitRequest split_request);
-    [Throws=CashuSdkError]
-	void verify_proof(Proof proof);
     [Throws=CashuSdkError]
 	void verify_melt_request(MeltRequest melt_request);
     [Throws=CashuSdkError]

bindings/cashu-sdk-ffi/src/mint.rs

@@ -103,14 +103,6 @@ impl Mint {
         ))
     }
 
-    pub fn verify_proof(&self, proof: Arc<Proof>) -> Result<()> {
-        Ok(self
-            .inner
-            .read()
-            .unwrap()
-            .verify_proof(proof.as_ref().deref())?)
-    }
-
     pub fn check_spendable(
         &self,
         check_spendable: Arc<CheckSpendableRequest>,

crates/cashu-sdk/src/mint.rs

@@ -135,7 +135,11 @@ impl Mint {
 
         let proof_count = split_request.proofs.len();
 
-        let secrets: HashSet<Secret> = split_request.proofs.into_iter().map(|p| p.secret).collect();
+        let secrets: HashSet<Secret> = split_request
+            .proofs
+            .iter()
+            .map(|p| p.secret.clone())
+            .collect();
 
         // Check that there are no duplicate proofs in request
         if secrets.len().ne(&proof_count) {
@@ -146,6 +150,10 @@ impl Mint {
             self.spent_secrets.insert(secret);
         }
 
+        for proof in &split_request.proofs {
+            self.verify_proof(proof)?
+        }
+
         match &split_request.amount {
             None => {
                 let promises: Vec<BlindedSignature> = split_request
@@ -178,7 +186,7 @@ impl Mint {
         }
     }
 
-    pub fn verify_proof(&self, proof: &Proof) -> Result<(), Error> {
+    fn verify_proof(&self, proof: &Proof) -> Result<(), Error> {
         if self.spent_secrets.contains(&proof.secret) {
             return Err(Error::TokenSpent);
         }
@@ -251,6 +259,10 @@ impl Mint {
             return Err(Error::DuplicateProofs);
         }
 
+        for proof in &melt_request.proofs {
+            self.verify_proof(proof)?
+        }
+
         Ok(())
     }