Jack Grigg
0f6eb9ca6c
Nullifier derivation
2021-03-26 07:51:05 +13:00
Jack Grigg
1a37ca492d
Extract spec::mod_r_p helper from spec::commit_ivk
2021-03-26 07:51:05 +13:00
therealyingtong
873e1b7d7e
Call hash_to_curve() only when constructing new domain
...
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-03-24 12:10:37 +08:00
therealyingtong
a3134e34c5
Introduce HashDomain and CommitDomain traits
...
Co-authored-by: Jack Grigg <thestr4d@gmail.com>
2021-03-24 12:09:11 +08:00
Jack Grigg
3911fb3202
Use Pallas directly from pasta_curves crate
2021-03-18 15:06:16 +13:00
str4d
05e86a4d98
Reuse the hasher inside diversify_hash
...
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-03-18 13:39:04 +13:00
Jack Grigg
42ea809b64
Update protocol spec references
2021-03-18 08:30:22 +13:00
Jack Grigg
e0417268ad
Make address generation infallible again
...
DiversifyHash is altered to replace the identity with another fixed
point that is known to not be the identity.
2021-03-18 08:30:22 +13:00
Jack Grigg
3c8befa0f3
Remove TODO from extract_p
...
The protocol spec now returns \mathbb{P}_x instead of a bit sequence,
matching what we do here.
2021-03-16 09:36:59 +13:00
Jack Grigg
46bf89c122
Update ivk derivation to match latest protocol spec draft
2021-03-16 09:33:07 +13:00
Jack Grigg
e98f324d7d
Ensure diversify_hash does not return the identity
...
This makes diversified address generation fallible (though with
negligible probability). We expose this to users, so they can decide how
to handle it (either just unwrapping, or incrementing the diversifier
index).
We alter spending key construction to reject spending keys that would
not result in a default address (with diversifier index 0).
2021-03-16 09:03:44 +13:00
Jack Grigg
2462bb219b
Use [u8; 64] as the output of prf_expand to match the spec
2021-03-09 10:33:56 +13:00
Jack Grigg
26701c33af
Fix commit_ivk specification
...
Commit^ivk takes ak as a point, and commits to its entire serialization
(not just the x coordinate).
2021-03-09 08:28:53 +13:00
Jack Grigg
9455158190
Use protocol spec URL anchors as link handles
2021-03-06 01:18:58 +00:00
Jack Grigg
f0779792bc
Orchard key components
2021-03-05 23:28:16 +00:00