2018-10-15 07:51:40 -07:00
|
|
|
//! Helper functions for managing light client key material.
|
|
|
|
|
2021-02-12 13:08:31 -08:00
|
|
|
use zcash_primitives::zip32::{ChildIndex, ExtendedSpendingKey};
|
2020-12-22 06:10:13 -08:00
|
|
|
|
2021-10-04 13:09:02 -07:00
|
|
|
use crate::wallet::AccountId;
|
|
|
|
|
|
|
|
use zcash_primitives::{legacy::TransparentAddress, zip32::ExtendedFullViewingKey};
|
|
|
|
|
2021-02-12 13:08:31 -08:00
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
use {
|
2021-02-12 14:54:59 -08:00
|
|
|
bs58::{self, decode::Error as Bs58Error},
|
2021-03-31 18:04:38 -07:00
|
|
|
hdwallet::{ExtendedPrivKey, ExtendedPubKey, KeyIndex},
|
2021-02-12 14:54:59 -08:00
|
|
|
secp256k1::{key::PublicKey, key::SecretKey, Secp256k1},
|
2021-02-12 13:08:31 -08:00
|
|
|
sha2::{Digest, Sha256},
|
|
|
|
std::convert::TryInto,
|
2021-10-04 13:09:02 -07:00
|
|
|
zcash_primitives::consensus,
|
2021-02-12 13:08:31 -08:00
|
|
|
};
|
2018-10-15 07:51:40 -07:00
|
|
|
|
|
|
|
/// Derives the ZIP 32 [`ExtendedSpendingKey`] for a given coin type and account from the
|
|
|
|
/// given seed.
|
|
|
|
///
|
2019-09-17 10:03:58 -07:00
|
|
|
/// # Panics
|
|
|
|
///
|
|
|
|
/// Panics if `seed` is shorter than 32 bytes.
|
|
|
|
///
|
2018-10-15 07:51:40 -07:00
|
|
|
/// # Examples
|
|
|
|
///
|
|
|
|
/// ```
|
2020-08-05 13:27:40 -07:00
|
|
|
/// use zcash_primitives::{constants::testnet::COIN_TYPE};
|
2021-03-31 14:59:36 -07:00
|
|
|
/// use zcash_client_backend::{
|
|
|
|
/// keys::spending_key,
|
|
|
|
/// wallet::AccountId,
|
|
|
|
/// };
|
2018-10-15 07:51:40 -07:00
|
|
|
///
|
2021-03-31 14:59:36 -07:00
|
|
|
/// let extsk = spending_key(&[0; 32][..], COIN_TYPE, AccountId(0));
|
2018-10-15 07:51:40 -07:00
|
|
|
/// ```
|
2021-03-25 17:26:57 -07:00
|
|
|
/// [`ExtendedSpendingKey`]: zcash_primitives::zip32::ExtendedSpendingKey
|
2021-03-31 14:59:36 -07:00
|
|
|
pub fn spending_key(seed: &[u8], coin_type: u32, account: AccountId) -> ExtendedSpendingKey {
|
2019-09-17 10:03:58 -07:00
|
|
|
if seed.len() < 32 {
|
|
|
|
panic!("ZIP 32 seeds MUST be at least 32 bytes");
|
|
|
|
}
|
|
|
|
|
2018-10-15 07:51:40 -07:00
|
|
|
ExtendedSpendingKey::from_path(
|
|
|
|
&ExtendedSpendingKey::master(&seed),
|
|
|
|
&[
|
|
|
|
ChildIndex::Hardened(32),
|
|
|
|
ChildIndex::Hardened(coin_type),
|
2021-03-31 14:59:36 -07:00
|
|
|
ChildIndex::Hardened(account.0),
|
2018-10-15 07:51:40 -07:00
|
|
|
],
|
|
|
|
)
|
|
|
|
}
|
2019-09-17 15:58:14 -07:00
|
|
|
|
2021-02-12 13:08:31 -08:00
|
|
|
#[cfg(feature = "transparent-inputs")]
|
2020-12-22 06:10:13 -08:00
|
|
|
pub fn derive_transparent_address_from_secret_key(
|
2021-03-31 14:59:36 -07:00
|
|
|
secret_key: &secp256k1::key::SecretKey,
|
2020-12-22 06:10:13 -08:00
|
|
|
) -> TransparentAddress {
|
|
|
|
let secp = Secp256k1::new();
|
2021-03-31 14:59:36 -07:00
|
|
|
let pk = PublicKey::from_secret_key(&secp, secret_key);
|
|
|
|
derive_transparent_address_from_public_key(&pk)
|
2021-03-31 18:04:38 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
pub fn derive_transparent_address_from_public_key(
|
2021-03-31 14:59:36 -07:00
|
|
|
public_key: &secp256k1::key::PublicKey,
|
2021-03-31 18:04:38 -07:00
|
|
|
) -> TransparentAddress {
|
2020-12-22 06:10:13 -08:00
|
|
|
let mut hash160 = ripemd160::Ripemd160::new();
|
2021-03-31 14:59:36 -07:00
|
|
|
hash160.update(Sha256::digest(&public_key.serialize()));
|
2020-12-22 06:10:13 -08:00
|
|
|
TransparentAddress::PublicKey(*hash160.finalize().as_ref())
|
|
|
|
}
|
|
|
|
|
2021-02-12 13:08:31 -08:00
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
pub fn derive_secret_key_from_seed<P: consensus::Parameters>(
|
|
|
|
params: &P,
|
|
|
|
seed: &[u8],
|
|
|
|
account: AccountId,
|
|
|
|
index: u32,
|
|
|
|
) -> Result<SecretKey, hdwallet::error::Error> {
|
2021-03-31 18:04:38 -07:00
|
|
|
let private_key =
|
|
|
|
derive_extended_private_key_from_seed(params, seed, account, index)?.private_key;
|
|
|
|
Ok(private_key)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
pub fn derive_public_key_from_seed<P: consensus::Parameters>(
|
|
|
|
params: &P,
|
|
|
|
seed: &[u8],
|
|
|
|
account: AccountId,
|
|
|
|
index: u32,
|
|
|
|
) -> Result<PublicKey, hdwallet::error::Error> {
|
|
|
|
let private_key = derive_extended_private_key_from_seed(params, seed, account, index)?;
|
|
|
|
let pub_key = ExtendedPubKey::from_private_key(&private_key);
|
|
|
|
Ok(pub_key.public_key)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
pub fn derive_extended_private_key_from_seed<P: consensus::Parameters>(
|
|
|
|
params: &P,
|
|
|
|
seed: &[u8],
|
|
|
|
account: AccountId,
|
|
|
|
index: u32,
|
|
|
|
) -> Result<ExtendedPrivKey, hdwallet::error::Error> {
|
|
|
|
let pk = ExtendedPrivKey::with_seed(&seed)?;
|
|
|
|
let private_key = pk
|
2021-02-12 13:08:31 -08:00
|
|
|
.derive_private_key(KeyIndex::hardened_from_normalize_index(44)?)?
|
|
|
|
.derive_private_key(KeyIndex::hardened_from_normalize_index(params.coin_type())?)?
|
|
|
|
.derive_private_key(KeyIndex::hardened_from_normalize_index(account.0)?)?
|
|
|
|
.derive_private_key(KeyIndex::Normal(0))?
|
2021-03-31 18:04:38 -07:00
|
|
|
.derive_private_key(KeyIndex::Normal(index))?;
|
2021-02-12 13:08:31 -08:00
|
|
|
Ok(private_key)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
2021-02-12 15:57:44 -08:00
|
|
|
#[derive(Clone, Debug, Eq, PartialEq)]
|
2021-02-12 13:08:31 -08:00
|
|
|
pub struct Wif(pub String);
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
impl Wif {
|
|
|
|
pub fn from_secret_key(sk: &SecretKey, compressed: bool) -> Self {
|
|
|
|
let secret_key = sk.as_ref();
|
|
|
|
let mut wif = [0u8; 34];
|
|
|
|
wif[0] = 0x80;
|
|
|
|
wif[1..33].copy_from_slice(secret_key);
|
|
|
|
if compressed {
|
|
|
|
wif[33] = 0x01;
|
|
|
|
Wif(bs58::encode(&wif[..]).with_check().into_string())
|
|
|
|
} else {
|
|
|
|
Wif(bs58::encode(&wif[..]).with_check().into_string())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
2021-02-12 15:57:44 -08:00
|
|
|
impl<'a> TryInto<SecretKey> for &'a Wif {
|
2021-02-12 13:08:31 -08:00
|
|
|
type Error = Bs58Error;
|
|
|
|
|
|
|
|
fn try_into(self) -> Result<SecretKey, Self::Error> {
|
|
|
|
bs58::decode(&self.0)
|
|
|
|
.with_check(None)
|
|
|
|
.into_vec()
|
|
|
|
.map(|decoded| SecretKey::from_slice(&decoded[1..33]).expect("wrong size key"))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-10-04 13:09:02 -07:00
|
|
|
/// A set of viewing keys that are all associated with a single
|
|
|
|
/// ZIP-0032 account identifier.
|
|
|
|
#[derive(Clone, Debug)]
|
|
|
|
pub struct UnifiedFullViewingKey {
|
|
|
|
account: AccountId,
|
|
|
|
transparent: Option<TransparentAddress>,
|
|
|
|
sapling: Option<ExtendedFullViewingKey>,
|
|
|
|
}
|
|
|
|
|
|
|
|
impl UnifiedFullViewingKey {
|
|
|
|
/// Construct a new unified full viewing key, if the required components are present.
|
|
|
|
pub fn new(
|
|
|
|
account: AccountId,
|
|
|
|
transparent: Option<TransparentAddress>,
|
|
|
|
sapling: Option<ExtendedFullViewingKey>,
|
|
|
|
) -> Option<UnifiedFullViewingKey> {
|
|
|
|
if sapling.is_none() {
|
|
|
|
None
|
|
|
|
} else {
|
|
|
|
Some(UnifiedFullViewingKey {
|
|
|
|
account,
|
|
|
|
transparent,
|
|
|
|
sapling,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Returns the ZIP32 account identifier to which all component
|
|
|
|
/// keys are related.
|
|
|
|
pub fn account(&self) -> AccountId {
|
|
|
|
self.account
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Returns the transparent component of the unified key.
|
|
|
|
// TODO: make this the pubkey rather than the address to
|
|
|
|
// permit child derivation
|
|
|
|
pub fn transparent(&self) -> Option<&TransparentAddress> {
|
|
|
|
self.transparent.as_ref()
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Returns the Sapling extended full viewing key component of this
|
|
|
|
/// unified key.
|
|
|
|
pub fn sapling(&self) -> Option<&ExtendedFullViewingKey> {
|
|
|
|
self.sapling.as_ref()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-09-17 15:58:14 -07:00
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
|
|
|
use super::spending_key;
|
2021-10-04 13:09:02 -07:00
|
|
|
use crate::wallet::AccountId;
|
2019-09-17 15:58:14 -07:00
|
|
|
|
2021-02-12 14:54:59 -08:00
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
use {
|
2021-03-31 18:04:38 -07:00
|
|
|
super::{
|
|
|
|
derive_public_key_from_seed, derive_secret_key_from_seed,
|
|
|
|
derive_transparent_address_from_public_key, derive_transparent_address_from_secret_key,
|
|
|
|
Wif,
|
|
|
|
},
|
2021-10-04 13:09:02 -07:00
|
|
|
crate::encoding::AddressCodec,
|
2021-02-12 14:54:59 -08:00
|
|
|
secp256k1::key::SecretKey,
|
|
|
|
std::convert::TryInto,
|
|
|
|
zcash_primitives::consensus::MAIN_NETWORK,
|
|
|
|
};
|
|
|
|
|
2021-10-04 13:09:02 -07:00
|
|
|
#[cfg(feature = "transparent-inputs")]
|
2021-03-31 18:04:38 -07:00
|
|
|
fn seed() -> Vec<u8> {
|
|
|
|
let seed_hex = "6ef5f84def6f4b9d38f466586a8380a38593bd47c8cda77f091856176da47f26b5bd1c8d097486e5635df5a66e820d28e1d73346f499801c86228d43f390304f";
|
|
|
|
hex::decode(&seed_hex).unwrap()
|
|
|
|
}
|
|
|
|
|
2019-09-17 15:58:14 -07:00
|
|
|
#[test]
|
|
|
|
#[should_panic]
|
|
|
|
fn spending_key_panics_on_short_seed() {
|
2021-03-31 14:59:36 -07:00
|
|
|
let _ = spending_key(&[0; 31][..], 0, AccountId(0));
|
2019-09-17 15:58:14 -07:00
|
|
|
}
|
2021-02-12 14:54:59 -08:00
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
#[test]
|
|
|
|
fn sk_to_wif() {
|
2021-03-31 18:04:38 -07:00
|
|
|
let sk = derive_secret_key_from_seed(&MAIN_NETWORK, &seed(), AccountId(0), 0).unwrap();
|
|
|
|
let wif = Wif::from_secret_key(&sk, true).0;
|
2021-02-12 14:54:59 -08:00
|
|
|
assert_eq!(
|
2021-03-31 18:04:38 -07:00
|
|
|
wif,
|
2021-02-12 14:54:59 -08:00
|
|
|
"L4BvDC33yLjMRxipZvdiUmdYeRfZmR8viziwsVwe72zJdGbiJPv2".to_string()
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
#[test]
|
|
|
|
fn sk_to_taddr() {
|
2021-03-31 18:04:38 -07:00
|
|
|
let sk = derive_secret_key_from_seed(&MAIN_NETWORK, &seed(), AccountId(0), 0).unwrap();
|
2021-03-31 14:59:36 -07:00
|
|
|
let taddr = derive_transparent_address_from_secret_key(&sk).encode(&MAIN_NETWORK);
|
2021-03-31 18:04:38 -07:00
|
|
|
assert_eq!(taddr, "t1PKtYdJJHhc3Pxowmznkg7vdTwnhEsCvR4".to_string());
|
2021-02-12 14:54:59 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
#[test]
|
|
|
|
fn sk_wif_to_taddr() {
|
|
|
|
let sk_wif = Wif("L4BvDC33yLjMRxipZvdiUmdYeRfZmR8viziwsVwe72zJdGbiJPv2".to_string());
|
2021-02-12 15:57:44 -08:00
|
|
|
let sk: SecretKey = (&sk_wif).try_into().expect("invalid wif");
|
2021-03-31 14:59:36 -07:00
|
|
|
let taddr = derive_transparent_address_from_secret_key(&sk).encode(&MAIN_NETWORK);
|
2021-03-31 18:04:38 -07:00
|
|
|
assert_eq!(taddr, "t1PKtYdJJHhc3Pxowmznkg7vdTwnhEsCvR4".to_string());
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
#[test]
|
|
|
|
fn pk_from_seed() {
|
|
|
|
let pk = derive_public_key_from_seed(&MAIN_NETWORK, &seed(), AccountId(0), 0).unwrap();
|
|
|
|
let hex_value = hex::encode(&pk.serialize());
|
2021-02-12 14:54:59 -08:00
|
|
|
assert_eq!(
|
2021-03-31 18:04:38 -07:00
|
|
|
hex_value,
|
|
|
|
"03b1d7fb28d17c125b504d06b1530097e0a3c76ada184237e3bc0925041230a5af".to_string()
|
2021-02-12 14:54:59 -08:00
|
|
|
);
|
|
|
|
}
|
2021-03-31 18:04:38 -07:00
|
|
|
|
|
|
|
#[cfg(feature = "transparent-inputs")]
|
|
|
|
#[test]
|
|
|
|
fn pk_to_taddr() {
|
|
|
|
let pk = derive_public_key_from_seed(&MAIN_NETWORK, &seed(), AccountId(0), 0).unwrap();
|
2021-03-31 14:59:36 -07:00
|
|
|
let taddr = derive_transparent_address_from_public_key(&pk).encode(&MAIN_NETWORK);
|
2021-03-31 18:04:38 -07:00
|
|
|
assert_eq!(taddr, "t1PKtYdJJHhc3Pxowmznkg7vdTwnhEsCvR4".to_string());
|
|
|
|
}
|
2019-09-17 15:58:14 -07:00
|
|
|
}
|