mirror of https://github.com/zcash/halo2.git
Circuit::synthesize(): Diversified address integrity.
This commit is contained in:
parent
1e35b2b4fa
commit
f31dd28a8e
|
@ -42,11 +42,13 @@ use gadget::{
|
|||
StateWord, Word,
|
||||
},
|
||||
sinsemilla::{
|
||||
chip::{SinsemillaChip, SinsemillaConfig, SinsemillaHashDomains},
|
||||
chip::{SinsemillaChip, SinsemillaCommitDomains, SinsemillaConfig, SinsemillaHashDomains},
|
||||
commit_ivk::CommitIvkConfig,
|
||||
merkle::{
|
||||
chip::{MerkleChip, MerkleConfig},
|
||||
MerklePath,
|
||||
},
|
||||
CommitDomain,
|
||||
},
|
||||
utilities::{
|
||||
copy,
|
||||
|
@ -78,6 +80,7 @@ pub struct Config {
|
|||
merkle_config_2: MerkleConfig,
|
||||
sinsemilla_config_1: SinsemillaConfig,
|
||||
sinsemilla_config_2: SinsemillaConfig,
|
||||
commit_ivk_config: CommitIvkConfig,
|
||||
}
|
||||
|
||||
/// The Orchard Action circuit.
|
||||
|
@ -233,6 +236,11 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
(sinsemilla_config_2, merkle_config_2)
|
||||
};
|
||||
|
||||
// Configuration to handle decomposition and canonicity checking
|
||||
// for CommitIvk.
|
||||
let commit_ivk_config =
|
||||
CommitIvkConfig::configure(meta, advices, sinsemilla_config_1.clone());
|
||||
|
||||
// TODO: Infrastructure to handle public inputs.
|
||||
let q_primary = meta.selector();
|
||||
let primary = meta.instance_column();
|
||||
|
@ -263,6 +271,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
merkle_config_2,
|
||||
sinsemilla_config_1,
|
||||
sinsemilla_config_2,
|
||||
commit_ivk_config,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -543,6 +552,27 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
alpha_commitment.add(layouter.namespace(|| "rk"), &ak)?
|
||||
};
|
||||
|
||||
// Diversified address integrity.
|
||||
let _pk_d_old = {
|
||||
let commit_ivk_config = config.commit_ivk_config.clone();
|
||||
|
||||
let ivk = {
|
||||
let rivk = self.rivk.map(|rivk| *rivk);
|
||||
|
||||
commit_ivk_config.assign_region(
|
||||
config.sinsemilla_chip_1(),
|
||||
ecc_chip.clone(),
|
||||
layouter.namespace(|| "CommitIvk"),
|
||||
*ak.extract_p().inner(),
|
||||
nk,
|
||||
rivk,
|
||||
)?
|
||||
};
|
||||
|
||||
// [ivk] g_d_old
|
||||
g_d_old.mul(layouter.namespace(|| "[ivk] g_d_old"), ivk.inner())?
|
||||
};
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@ use pasta_curves::pallas;
|
|||
|
||||
use ecc::chip::EccChip;
|
||||
use poseidon::Pow5T3Chip as PoseidonChip;
|
||||
use sinsemilla::merkle::chip::MerkleChip;
|
||||
use sinsemilla::{chip::SinsemillaChip, merkle::chip::MerkleChip};
|
||||
use utilities::plonk::PLONKChip;
|
||||
|
||||
pub(crate) mod ecc;
|
||||
|
@ -19,6 +19,14 @@ impl super::Config {
|
|||
EccChip::construct(self.ecc_config.clone())
|
||||
}
|
||||
|
||||
pub(super) fn sinsemilla_chip_1(&self) -> SinsemillaChip {
|
||||
SinsemillaChip::construct(self.sinsemilla_config_1.clone())
|
||||
}
|
||||
|
||||
pub(super) fn sinsemilla_chip_2(&self) -> SinsemillaChip {
|
||||
SinsemillaChip::construct(self.sinsemilla_config_2.clone())
|
||||
}
|
||||
|
||||
pub(super) fn merkle_chip_1(&self) -> MerkleChip {
|
||||
MerkleChip::construct(self.merkle_config_1.clone())
|
||||
}
|
||||
|
|
|
@ -43,6 +43,11 @@ pub(crate) const L_ORCHARD_SCALAR: usize = 255;
|
|||
/// $\ell_\mathsf{value}$
|
||||
pub(crate) const L_VALUE: usize = 64;
|
||||
|
||||
/// T_PRIME_BITS is the smallest multiple of 10 such that 2^T_PRIME_BITS
|
||||
/// is larger than t_P. t_P is defined in q_P = 2^254 + t_P for the
|
||||
/// Pallas base field.
|
||||
pub(crate) const PALLAS_T_PRIME_BITS: usize = 130;
|
||||
|
||||
/// SWU hash-to-curve personalization for the spending key base point and
|
||||
/// the nullifier base point K^Orchard
|
||||
pub const ORCHARD_PERSONALIZATION: &str = "z.cash:Orchard";
|
||||
|
|
Loading…
Reference in New Issue