From 16ba891726db9b8e39d825674b188ae5f60bed7d Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Sat, 14 Mar 2020 10:45:03 +1300 Subject: [PATCH] Remove librustzcash crate This crate now lives in https://github.com/zcash/zcash, which is the sole intended consumer of the C FFI. --- .github/workflows/ci.yml | 2 +- Cargo.toml | 1 - librustzcash/Cargo.toml | 36 - librustzcash/README.md | 24 +- librustzcash/include/librustzcash.h | 339 ------ librustzcash/src/rustzcash.rs | 1342 ---------------------- librustzcash/src/tests/key_agreement.rs | 75 -- librustzcash/src/tests/key_components.rs | 731 ------------ librustzcash/src/tests/mmr.rs | 225 ---- librustzcash/src/tests/mod.rs | 97 -- librustzcash/src/tests/notes.rs | 673 ----------- librustzcash/src/tests/res/tree1023.dat | Bin 153867 -> 0 bytes librustzcash/src/tests/res/tree16.dat | Bin 2352 -> 0 bytes librustzcash/src/tests/signatures.rs | 514 --------- 14 files changed, 2 insertions(+), 4057 deletions(-) delete mode 100644 librustzcash/Cargo.toml delete mode 100644 librustzcash/include/librustzcash.h delete mode 100644 librustzcash/src/rustzcash.rs delete mode 100644 librustzcash/src/tests/key_agreement.rs delete mode 100644 librustzcash/src/tests/key_components.rs delete mode 100644 librustzcash/src/tests/mmr.rs delete mode 100644 librustzcash/src/tests/mod.rs delete mode 100644 librustzcash/src/tests/notes.rs delete mode 100644 librustzcash/src/tests/res/tree1023.dat delete mode 100644 librustzcash/src/tests/res/tree16.dat delete mode 100644 librustzcash/src/tests/signatures.rs diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 07cea0200..5af4ce3a5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -90,7 +90,7 @@ jobs: uses: actions-rs/cargo@v1 with: command: tarpaulin - args: --release --timeout 600 --out Xml --packages "librustzcash,zcash_client_backend,zcash_primitives,zcash_proofs" + args: --release --timeout 600 --out Xml --packages "zcash_client_backend,zcash_primitives,zcash_proofs" - name: Upload coverage to Codecov uses: codecov/codecov-action@v1.0.3 with: diff --git a/Cargo.toml b/Cargo.toml index 9681c5804..dd595b1bd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,7 +3,6 @@ members = [ "bellman", "ff", "group", - "librustzcash", "pairing", "zcash_client_backend", "zcash_history", diff --git a/librustzcash/Cargo.toml b/librustzcash/Cargo.toml deleted file mode 100644 index 4a2bfb706..000000000 --- a/librustzcash/Cargo.toml +++ /dev/null @@ -1,36 +0,0 @@ -[package] -name = "librustzcash" -description = "Rust FFI used by the zcashd binary. Not an official API." -version = "0.2.0" -authors = [ - "Sean Bowe ", - "Jack Grigg ", - "Jay Graber ", - "Simon Liu " -] -homepage = "https://github.com/zcash/librustzcash" -repository = "https://github.com/zcash/librustzcash" -readme = "README.md" -license = "MIT OR Apache-2.0" -edition = "2018" - -[lib] -name = "rustzcash" -path = "src/rustzcash.rs" -crate-type = ["staticlib"] - -[dependencies] -bellman = { version = "0.6", path = "../bellman" } -blake2b_simd = "0.5" -blake2s_simd = "0.5" -ff = { version = "0.6", path = "../ff" } -libc = "0.2" -pairing = { version = "0.16", path = "../pairing" } -lazy_static = "1" -rand_core = "0.5.1" -zcash_history = { version = "0.2", path = "../zcash_history" } -zcash_primitives = { version = "0.2", path = "../zcash_primitives" } -zcash_proofs = { version = "0.2", path = "../zcash_proofs" } - -[badges] -maintenance = { status = "deprecated" } diff --git a/librustzcash/README.md b/librustzcash/README.md index 0d6eeaed0..25b9631b4 100644 --- a/librustzcash/README.md +++ b/librustzcash/README.md @@ -1,25 +1,3 @@ # librustzcash -`librustzcash` is an FFI library crate that exposes the Zcash Rust components to -the `zcashd` full node. - -The FFI API does not have any stability guarantees, and will change as required -by `zcashd`. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](../LICENSE-APACHE) or - http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](../LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. - +This crate has been moved into https://github.com/zcash/zcash. diff --git a/librustzcash/include/librustzcash.h b/librustzcash/include/librustzcash.h deleted file mode 100644 index 1aa85ed20..000000000 --- a/librustzcash/include/librustzcash.h +++ /dev/null @@ -1,339 +0,0 @@ -#ifndef LIBRUSTZCASH_INCLUDE_H_ -#define LIBRUSTZCASH_INCLUDE_H_ - -#include - -extern "C" { -#ifdef WIN32 - typedef uint16_t codeunit; -#else - typedef uint8_t codeunit; -#endif - - void librustzcash_to_scalar(const unsigned char *input, unsigned char *result); - - void librustzcash_ask_to_ak(const unsigned char *ask, unsigned char *result); - - void librustzcash_nsk_to_nk(const unsigned char *nsk, unsigned char *result); - - void librustzcash_crh_ivk(const unsigned char *ak, const unsigned char *nk, unsigned char *result); - - bool librustzcash_check_diversifier(const unsigned char *diversifier); - - bool librustzcash_ivk_to_pkd(const unsigned char *ivk, const unsigned char *diversifier, unsigned char *result); - - /// Loads the zk-SNARK parameters into memory and saves - /// paths as necessary. Only called once. - void librustzcash_init_zksnark_params( - const codeunit* spend_path, - size_t spend_path_len, - const char* spend_hash, - const codeunit* output_path, - size_t output_path_len, - const char* output_hash, - const codeunit* sprout_path, - size_t sprout_path_len, - const char* sprout_hash - ); - - /// Validates the provided Equihash solution against - /// the given parameters, input and nonce. - bool librustzcash_eh_isvalid( - uint32_t n, - uint32_t k, - const unsigned char* input, - size_t input_len, - const unsigned char* nonce, - size_t nonce_len, - const unsigned char* soln, - size_t soln_len - ); - - /// Writes the "uncommitted" note value for empty leaves - /// of the merkle tree. `result` must be a valid pointer - /// to 32 bytes which will be written. - void librustzcash_tree_uncommitted( - unsigned char *result - ); - - /// Computes a merkle tree hash for a given depth. - /// The `depth` parameter should not be larger than - /// 62. - /// - /// `a` and `b` each must be of length 32, and must each - /// be scalars of BLS12-381. - /// - /// The result of the merkle tree hash is placed in - /// `result`, which must also be of length 32. - void librustzcash_merkle_hash( - size_t depth, - const unsigned char *a, - const unsigned char *b, - unsigned char *result - ); - - /// Computes the signature for each Spend description, given the key - /// `ask`, the re-randomization `ar`, the 32-byte sighash `sighash`, - /// and an output `result` buffer of 64-bytes for the signature. - /// - /// This function will fail if the provided `ask` or `ar` are invalid. - bool librustzcash_sapling_spend_sig( - const unsigned char *ask, - const unsigned char *ar, - const unsigned char *sighash, - unsigned char *result - ); - - /// Creates a Sapling proving context. Please free this when you're done. - void * librustzcash_sapling_proving_ctx_init(); - - /// This function (using the proving context) constructs a Spend proof - /// given the necessary witness information. It outputs `cv` (the value - /// commitment) and `rk` (so that you don't have to compute it) along - /// with the proof. - bool librustzcash_sapling_spend_proof( - void *ctx, - const unsigned char *ak, - const unsigned char *nsk, - const unsigned char *diversifier, - const unsigned char *rcm, - const unsigned char *ar, - const uint64_t value, - const unsigned char *anchor, - const unsigned char *witness, - unsigned char *cv, - unsigned char *rk, - unsigned char *zkproof - ); - - /// This function (using the proving context) constructs an Output - /// proof given the necessary witness information. It outputs `cv` - /// and the `zkproof`. - bool librustzcash_sapling_output_proof( - void *ctx, - const unsigned char *esk, - const unsigned char *payment_address, - const unsigned char *rcm, - const uint64_t value, - unsigned char *cv, - unsigned char *zkproof - ); - - /// This function (using the proving context) constructs a binding - /// signature. You must provide the intended valueBalance so that - /// we can internally check consistency. - bool librustzcash_sapling_binding_sig( - const void *ctx, - int64_t valueBalance, - const unsigned char *sighash, - unsigned char *result - ); - - /// Frees a Sapling proving context returned from - /// `librustzcash_sapling_proving_ctx_init`. - void librustzcash_sapling_proving_ctx_free(void *); - - /// Creates a Sapling verification context. Please free this - /// when you're done. - void * librustzcash_sapling_verification_ctx_init(); - - /// Check the validity of a Sapling Spend description, - /// accumulating the value commitment into the context. - bool librustzcash_sapling_check_spend( - void *ctx, - const unsigned char *cv, - const unsigned char *anchor, - const unsigned char *nullifier, - const unsigned char *rk, - const unsigned char *zkproof, - const unsigned char *spendAuthSig, - const unsigned char *sighashValue - ); - - /// Check the validity of a Sapling Output description, - /// accumulating the value commitment into the context. - bool librustzcash_sapling_check_output( - void *ctx, - const unsigned char *cv, - const unsigned char *cm, - const unsigned char *ephemeralKey, - const unsigned char *zkproof - ); - - /// Finally checks the validity of the entire Sapling - /// transaction given valueBalance and the binding signature. - bool librustzcash_sapling_final_check( - void *ctx, - int64_t valueBalance, - const unsigned char *bindingSig, - const unsigned char *sighashValue - ); - - /// Frees a Sapling verification context returned from - /// `librustzcash_sapling_verification_ctx_init`. - void librustzcash_sapling_verification_ctx_free(void *); - - /// Compute a Sapling nullifier. - /// - /// The `diversifier` parameter must be 11 bytes in length. - /// The `pk_d`, `r`, `ak` and `nk` parameters must be of length 32. - /// The result is also of length 32 and placed in `result`. - /// Returns false if the diversifier or pk_d is not valid - bool librustzcash_sapling_compute_nf( - const unsigned char *diversifier, - const unsigned char *pk_d, - const uint64_t value, - const unsigned char *r, - const unsigned char *ak, - const unsigned char *nk, - const uint64_t position, - unsigned char *result - ); - - /// Compute a Sapling commitment. - /// - /// The `diversifier` parameter must be 11 bytes in length. - /// The `pk_d` and `r` parameters must be of length 32. - /// The result is also of length 32 and placed in `result`. - /// Returns false if the diversifier or pk_d is not valid - bool librustzcash_sapling_compute_cm( - const unsigned char *diversifier, - const unsigned char *pk_d, - const uint64_t value, - const unsigned char *r, - unsigned char *result - ); - - /// Compute [sk] [8] P for some 32-byte - /// point P, and 32-byte Fs. If P or sk - /// are invalid, returns false. Otherwise, - /// the result is written to the 32-byte - /// `result` buffer. - bool librustzcash_sapling_ka_agree( - const unsigned char *p, - const unsigned char *sk, - unsigned char *result - ); - - /// Compute g_d = GH(diversifier) and returns - /// false if the diversifier is invalid. - /// Computes [esk] g_d and writes the result - /// to the 32-byte `result` buffer. Returns - /// false if `esk` is not a valid scalar. - bool librustzcash_sapling_ka_derivepublic( - const unsigned char *diversifier, - const unsigned char *esk, - unsigned char *result - ); - - /// Generate uniformly random scalar in Jubjub. - /// The result is of length 32. - void librustzcash_sapling_generate_r( - unsigned char *result - ); - - /// Sprout JoinSplit proof generation. - void librustzcash_sprout_prove( - unsigned char *proof_out, - - const unsigned char *phi, - const unsigned char *rt, - const unsigned char *h_sig, - - const unsigned char *in_sk1, - uint64_t in_value1, - const unsigned char *in_rho1, - const unsigned char *in_r1, - const unsigned char *in_auth1, - - const unsigned char *in_sk2, - uint64_t in_value2, - const unsigned char *in_rho2, - const unsigned char *in_r2, - const unsigned char *in_auth2, - - const unsigned char *out_pk1, - uint64_t out_value1, - const unsigned char *out_r1, - - const unsigned char *out_pk2, - uint64_t out_value2, - const unsigned char *out_r2, - - uint64_t vpub_old, - uint64_t vpub_new - ); - - /// Sprout JoinSplit proof verification. - bool librustzcash_sprout_verify( - const unsigned char *proof, - const unsigned char *rt, - const unsigned char *h_sig, - const unsigned char *mac1, - const unsigned char *mac2, - const unsigned char *nf1, - const unsigned char *nf2, - const unsigned char *cm1, - const unsigned char *cm2, - uint64_t vpub_old, - uint64_t vpub_new - ); - - /// Derive the master ExtendedSpendingKey from a seed. - void librustzcash_zip32_xsk_master( - const unsigned char *seed, - size_t seedlen, - unsigned char *xsk_master - ); - - /// Derive a child ExtendedSpendingKey from a parent. - void librustzcash_zip32_xsk_derive( - const unsigned char *xsk_parent, - uint32_t i, - unsigned char *xsk_i - ); - - /// Derive a child ExtendedFullViewingKey from a parent. - bool librustzcash_zip32_xfvk_derive( - const unsigned char *xfvk_parent, - uint32_t i, - unsigned char *xfvk_i - ); - - /// Derive a PaymentAddress from an ExtendedFullViewingKey. - bool librustzcash_zip32_xfvk_address( - const unsigned char *xfvk, - const unsigned char *j, - unsigned char *j_ret, - unsigned char *addr_ret - ); - - uint32_t librustzcash_mmr_append( - uint32_t cbranch, - uint32_t t_len, - const uint32_t *ni_ptr, - const unsigned char *n_ptr, - size_t p_len, - const unsigned char *nn_ptr, - unsigned char *rt_ret, - unsigned char *buf_ret - ); - - uint32_t librustzcash_mmr_delete( - uint32_t cbranch, - uint32_t t_len, - const uint32_t *ni_ptr, - const unsigned char *n_ptr, - size_t p_len, - size_t e_len, - unsigned char *rt_ret - ); - - uint32_t librustzcash_mmr_hash_node( - uint32_t cbranch, - const unsigned char *n_ptr, - unsigned char *h_ret - ); -} - -#endif // LIBRUSTZCASH_INCLUDE_H_ diff --git a/librustzcash/src/rustzcash.rs b/librustzcash/src/rustzcash.rs deleted file mode 100644 index c60b1d55a..000000000 --- a/librustzcash/src/rustzcash.rs +++ /dev/null @@ -1,1342 +0,0 @@ -//! FFI between the C++ zcashd codebase and the Rust Zcash crates. -//! -//! This is internal to zcashd and is not an officially-supported API. - -// Catch documentation errors caused by code changes. -#![deny(intra_doc_link_resolution_failure)] -// Clippy has a default-deny lint to prevent dereferencing raw pointer arguments -// in a non-unsafe function. However, declaring a function as unsafe has the -// side-effect that the entire function body is treated as an unsafe {} block, -// and rustc will not enforce full safety checks on the parts of the function -// that would otherwise be safe. -// -// The functions in this crate are all for FFI usage, so it's obvious to the -// caller (which is only ever zcashd) that the arguments must satisfy the -// necessary assumptions. We therefore ignore this lint to retain the benefit of -// explicitly annotating the parts of each function that must themselves satisfy -// assumptions of underlying code. -// -// See https://github.com/rust-lang/rfcs/pull/2585 for more background. -#![allow(clippy::not_unsafe_ptr_arg_deref)] - -use bellman::groth16::{Parameters, PreparedVerifyingKey, Proof}; -use blake2s_simd::Params as Blake2sParams; -use ff::{PrimeField, PrimeFieldRepr}; -use lazy_static; -use libc::{c_char, c_uchar, size_t}; -use pairing::bls12_381::{Bls12, Fr, FrRepr}; -use rand_core::{OsRng, RngCore}; -use std::ffi::CStr; -use std::fs::File; -use std::io::BufReader; -use std::path::{Path, PathBuf}; -use std::slice; - -#[cfg(not(target_os = "windows"))] -use std::ffi::OsStr; -#[cfg(not(target_os = "windows"))] -use std::os::unix::ffi::OsStrExt; - -#[cfg(target_os = "windows")] -use std::ffi::OsString; -#[cfg(target_os = "windows")] -use std::os::windows::ffi::OsStringExt; - -use zcash_primitives::{ - block::equihash, - constants::CRH_IVK_PERSONALIZATION, - jubjub::{ - edwards, - fs::{Fs, FsRepr}, - FixedGenerators, JubjubEngine, JubjubParams, PrimeOrder, ToUniform, Unknown, - }, - merkle_tree::MerklePath, - note_encryption::sapling_ka_agree, - primitives::{Diversifier, Note, PaymentAddress, ProofGenerationKey, ViewingKey}, - redjubjub::{self, Signature}, - sapling::{merkle_hash, spend_sig}, - transaction::components::Amount, - zip32, JUBJUB, -}; -use zcash_proofs::{ - circuit::sapling::TREE_DEPTH as SAPLING_TREE_DEPTH, - load_parameters, - sapling::{SaplingProvingContext, SaplingVerificationContext}, - sprout, -}; - -use zcash_history::{Entry as MMREntry, NodeData as MMRNodeData, Tree as MMRTree}; - -#[cfg(test)] -mod tests; - -static mut SAPLING_SPEND_VK: Option> = None; -static mut SAPLING_OUTPUT_VK: Option> = None; -static mut SPROUT_GROTH16_VK: Option> = None; - -static mut SAPLING_SPEND_PARAMS: Option> = None; -static mut SAPLING_OUTPUT_PARAMS: Option> = None; -static mut SPROUT_GROTH16_PARAMS_PATH: Option = None; - -/// Reads an FrRepr from a [u8; 32]. -fn read_fr(from: &[u8; 32]) -> FrRepr { - let mut f = FrRepr::default(); - f.read_le(&from[..]).expect("length is 32 bytes"); - f -} - -/// Reads an FsRepr from a [u8; 32]. -fn read_fs(from: &[u8; 32]) -> FsRepr { - let mut f = <::Fs as PrimeField>::Repr::default(); - f.read_le(&from[..]).expect("length is 32 bytes"); - f -} - -/// Reads an FsRepr from a [u8; 32] -/// and multiplies it by the given base. -fn fixed_scalar_mult(from: &[u8; 32], p_g: FixedGenerators) -> edwards::Point { - let f = read_fs(from); - - JUBJUB.generator(p_g).mul(f, &JUBJUB) -} - -/// Loads the zk-SNARK parameters into memory and saves paths as necessary. -/// Only called once. -#[cfg(not(target_os = "windows"))] -#[no_mangle] -pub extern "C" fn librustzcash_init_zksnark_params( - spend_path: *const u8, - spend_path_len: usize, - spend_hash: *const c_char, - output_path: *const u8, - output_path_len: usize, - output_hash: *const c_char, - sprout_path: *const u8, - sprout_path_len: usize, - sprout_hash: *const c_char, -) { - let spend_path = Path::new(OsStr::from_bytes(unsafe { - slice::from_raw_parts(spend_path, spend_path_len) - })); - let output_path = Path::new(OsStr::from_bytes(unsafe { - slice::from_raw_parts(output_path, output_path_len) - })); - let sprout_path = if sprout_path.is_null() { - None - } else { - Some(Path::new(OsStr::from_bytes(unsafe { - slice::from_raw_parts(sprout_path, sprout_path_len) - }))) - }; - - init_zksnark_params( - spend_path, - spend_hash, - output_path, - output_hash, - sprout_path, - sprout_hash, - ) -} - -/// Loads the zk-SNARK parameters into memory and saves paths as necessary. -/// Only called once. -#[cfg(target_os = "windows")] -#[no_mangle] -pub extern "C" fn librustzcash_init_zksnark_params( - spend_path: *const u16, - spend_path_len: usize, - spend_hash: *const c_char, - output_path: *const u16, - output_path_len: usize, - output_hash: *const c_char, - sprout_path: *const u16, - sprout_path_len: usize, - sprout_hash: *const c_char, -) { - let spend_path = - OsString::from_wide(unsafe { slice::from_raw_parts(spend_path, spend_path_len) }); - let output_path = - OsString::from_wide(unsafe { slice::from_raw_parts(output_path, output_path_len) }); - let sprout_path = if sprout_path.is_null() { - None - } else { - Some(OsString::from_wide(unsafe { - slice::from_raw_parts(sprout_path, sprout_path_len) - })) - }; - - init_zksnark_params( - Path::new(&spend_path), - spend_hash, - Path::new(&output_path), - output_hash, - sprout_path.as_ref().map(|p| Path::new(p)), - sprout_hash, - ) -} - -fn init_zksnark_params( - spend_path: &Path, - spend_hash: *const c_char, - output_path: &Path, - output_hash: *const c_char, - sprout_path: Option<&Path>, - sprout_hash: *const c_char, -) { - // Initialize jubjub parameters here - lazy_static::initialize(&JUBJUB); - - let spend_hash = unsafe { CStr::from_ptr(spend_hash) } - .to_str() - .expect("hash should be a valid string"); - - let output_hash = unsafe { CStr::from_ptr(output_hash) } - .to_str() - .expect("hash should be a valid string"); - - let sprout_hash = if sprout_path.is_none() { - None - } else { - Some( - unsafe { CStr::from_ptr(sprout_hash) } - .to_str() - .expect("hash should be a valid string"), - ) - }; - - // Load params - let (spend_params, spend_vk, output_params, output_vk, sprout_vk) = load_parameters( - spend_path, - spend_hash, - output_path, - output_hash, - sprout_path, - sprout_hash, - ); - - // Caller is responsible for calling this function once, so - // these global mutations are safe. - unsafe { - SAPLING_SPEND_PARAMS = Some(spend_params); - SAPLING_OUTPUT_PARAMS = Some(output_params); - SPROUT_GROTH16_PARAMS_PATH = sprout_path.map(|p| p.to_owned()); - - SAPLING_SPEND_VK = Some(spend_vk); - SAPLING_OUTPUT_VK = Some(output_vk); - SPROUT_GROTH16_VK = sprout_vk; - } -} - -/// Writes the "uncommitted" note value for empty leaves of the Merkle tree. -/// -/// `result` must be a valid pointer to 32 bytes which will be written. -#[no_mangle] -pub extern "C" fn librustzcash_tree_uncommitted(result: *mut [c_uchar; 32]) { - let tmp = Note::::uncommitted().into_repr(); - - // Should be okay, caller is responsible for ensuring the pointer - // is a valid pointer to 32 bytes that can be mutated. - let result = unsafe { &mut *result }; - tmp.write_le(&mut result[..]).expect("length is 32 bytes"); -} - -/// Computes a merkle tree hash for a given depth. The `depth` parameter should -/// not be larger than 62. -/// -/// `a` and `b` each must be of length 32, and must each be scalars of BLS12-381. -/// -/// The result of the merkle tree hash is placed in `result`, which must also be -/// of length 32. -#[no_mangle] -pub extern "C" fn librustzcash_merkle_hash( - depth: size_t, - a: *const [c_uchar; 32], - b: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) { - // Should be okay, because caller is responsible for ensuring - // the pointer is a valid pointer to 32 bytes, and that is the - // size of the representation - let a_repr = read_fr(unsafe { &*a }); - - // Should be okay, because caller is responsible for ensuring - // the pointer is a valid pointer to 32 bytes, and that is the - // size of the representation - let b_repr = read_fr(unsafe { &*b }); - - let tmp = merkle_hash(depth, &a_repr, &b_repr); - - // Should be okay, caller is responsible for ensuring the pointer - // is a valid pointer to 32 bytes that can be mutated. - let result = unsafe { &mut *result }; - tmp.write_le(&mut result[..]).expect("length is 32 bytes"); -} - -#[no_mangle] // ToScalar -pub extern "C" fn librustzcash_to_scalar(input: *const [c_uchar; 64], result: *mut [c_uchar; 32]) { - // Should be okay, because caller is responsible for ensuring - // the pointer is a valid pointer to 32 bytes, and that is the - // size of the representation - let scalar = ::Fs::to_uniform(unsafe { &(&*input)[..] }).into_repr(); - - let result = unsafe { &mut *result }; - - scalar - .write_le(&mut result[..]) - .expect("length is 32 bytes"); -} - -#[no_mangle] -pub extern "C" fn librustzcash_ask_to_ak(ask: *const [c_uchar; 32], result: *mut [c_uchar; 32]) { - let ask = unsafe { &*ask }; - let ak = fixed_scalar_mult(ask, FixedGenerators::SpendingKeyGenerator); - - let result = unsafe { &mut *result }; - - ak.write(&mut result[..]).expect("length is 32 bytes"); -} - -#[no_mangle] -pub extern "C" fn librustzcash_nsk_to_nk(nsk: *const [c_uchar; 32], result: *mut [c_uchar; 32]) { - let nsk = unsafe { &*nsk }; - let nk = fixed_scalar_mult(nsk, FixedGenerators::ProofGenerationKey); - - let result = unsafe { &mut *result }; - - nk.write(&mut result[..]).expect("length is 32 bytes"); -} - -#[no_mangle] -pub extern "C" fn librustzcash_crh_ivk( - ak: *const [c_uchar; 32], - nk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) { - let ak = unsafe { &*ak }; - let nk = unsafe { &*nk }; - - let mut h = Blake2sParams::new() - .hash_length(32) - .personal(CRH_IVK_PERSONALIZATION) - .to_state(); - h.update(ak); - h.update(nk); - let mut h = h.finalize().as_ref().to_vec(); - - // Drop the last five bits, so it can be interpreted as a scalar. - h[31] &= 0b0000_0111; - - let result = unsafe { &mut *result }; - - result.copy_from_slice(&h); -} - -#[no_mangle] -pub extern "C" fn librustzcash_check_diversifier(diversifier: *const [c_uchar; 11]) -> bool { - let diversifier = Diversifier(unsafe { *diversifier }); - diversifier.g_d::(&JUBJUB).is_some() -} - -#[no_mangle] -pub extern "C" fn librustzcash_ivk_to_pkd( - ivk: *const [c_uchar; 32], - diversifier: *const [c_uchar; 11], - result: *mut [c_uchar; 32], -) -> bool { - let ivk = read_fs(unsafe { &*ivk }); - let diversifier = Diversifier(unsafe { *diversifier }); - if let Some(g_d) = diversifier.g_d::(&JUBJUB) { - let pk_d = g_d.mul(ivk, &JUBJUB); - - let result = unsafe { &mut *result }; - - pk_d.write(&mut result[..]).expect("length is 32 bytes"); - - true - } else { - false - } -} - -/// Test generation of commitment randomness -#[test] -fn test_gen_r() { - let mut r1 = [0u8; 32]; - let mut r2 = [0u8; 32]; - - // Verify different r values are generated - librustzcash_sapling_generate_r(&mut r1); - librustzcash_sapling_generate_r(&mut r2); - assert_ne!(r1, r2); - - // Verify r values are valid in the field - let mut repr = FsRepr::default(); - repr.read_le(&r1[..]).expect("length is not 32 bytes"); - let _ = Fs::from_repr(repr).unwrap(); - repr.read_le(&r2[..]).expect("length is not 32 bytes"); - let _ = Fs::from_repr(repr).unwrap(); -} - -/// Generate uniformly random scalar in Jubjub. The result is of length 32. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_generate_r(result: *mut [c_uchar; 32]) { - // create random 64 byte buffer - let mut rng = OsRng; - let mut buffer = [0u8; 64]; - rng.fill_bytes(&mut buffer); - - // reduce to uniform value - let r = ::Fs::to_uniform(&buffer[..]); - let result = unsafe { &mut *result }; - r.into_repr() - .write_le(&mut result[..]) - .expect("result must be 32 bytes"); -} - -// Private utility function to get Note from C parameters -fn priv_get_note( - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - value: u64, - r: *const [c_uchar; 32], -) -> Result, ()> { - let diversifier = Diversifier(unsafe { *diversifier }); - let g_d = diversifier.g_d::(&JUBJUB).ok_or(())?; - - let pk_d = edwards::Point::::read(&(unsafe { &*pk_d })[..], &JUBJUB) - .map_err(|_| ())?; - - let pk_d = pk_d.as_prime_order(&JUBJUB).ok_or(())?; - - // Deserialize randomness - let r = Fs::from_repr(read_fs(unsafe { &*r })).map_err(|_| ())?; - - let note = Note { - value, - g_d, - pk_d, - r, - }; - - Ok(note) -} - -/// Compute a Sapling nullifier. -/// -/// The `diversifier` parameter must be 11 bytes in length. -/// The `pk_d`, `r`, `ak` and `nk` parameters must be of length 32. -/// The result is also of length 32 and placed in `result`. -/// Returns false if `diversifier` or `pk_d` is not valid. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_compute_nf( - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - value: u64, - r: *const [c_uchar; 32], - ak: *const [c_uchar; 32], - nk: *const [c_uchar; 32], - position: u64, - result: *mut [c_uchar; 32], -) -> bool { - let note = match priv_get_note(diversifier, pk_d, value, r) { - Ok(p) => p, - Err(_) => return false, - }; - - let ak = match edwards::Point::::read(&(unsafe { &*ak })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - let ak = match ak.as_prime_order(&JUBJUB) { - Some(ak) => ak, - None => return false, - }; - - let nk = match edwards::Point::::read(&(unsafe { &*nk })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - let nk = match nk.as_prime_order(&JUBJUB) { - Some(nk) => nk, - None => return false, - }; - - let vk = ViewingKey { ak, nk }; - let nf = note.nf(&vk, position, &JUBJUB); - let result = unsafe { &mut *result }; - result.copy_from_slice(&nf); - - true -} - -/// Compute a Sapling commitment. -/// -/// The `diversifier` parameter must be 11 bytes in length. -/// The `pk_d` and `r` parameters must be of length 32. -/// The result is also of length 32 and placed in `result`. -/// Returns false if `diversifier` or `pk_d` is not valid. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_compute_cm( - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - value: u64, - r: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) -> bool { - let note = match priv_get_note(diversifier, pk_d, value, r) { - Ok(p) => p, - Err(_) => return false, - }; - - let result = unsafe { &mut *result }; - note.cm(&JUBJUB) - .into_repr() - .write_le(&mut result[..]) - .expect("length is 32 bytes"); - - true -} - -/// Computes \[sk\] \[8\] P for some 32-byte point P, and 32-byte Fs. -/// -/// If P or sk are invalid, returns false. Otherwise, the result is written to -/// the 32-byte `result` buffer. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_ka_agree( - p: *const [c_uchar; 32], - sk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) -> bool { - // Deserialize p - let p = match edwards::Point::::read(&(unsafe { &*p })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize sk - let sk = match Fs::from_repr(read_fs(unsafe { &*sk })) { - Ok(p) => p, - Err(_) => return false, - }; - - // Compute key agreement - let ka = sapling_ka_agree(&sk, &p); - - // Produce result - let result = unsafe { &mut *result }; - ka.write(&mut result[..]).expect("length is not 32 bytes"); - - true -} - -/// Compute g_d = GH(diversifier) and returns false if the diversifier is -/// invalid. Computes \[esk\] g_d and writes the result to the 32-byte `result` -/// buffer. Returns false if `esk` is not a valid scalar. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_ka_derivepublic( - diversifier: *const [c_uchar; 11], - esk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) -> bool { - let diversifier = Diversifier(unsafe { *diversifier }); - - // Compute g_d from the diversifier - let g_d = match diversifier.g_d::(&JUBJUB) { - Some(g) => g, - None => return false, - }; - - // Deserialize esk - let esk = match Fs::from_repr(read_fs(unsafe { &*esk })) { - Ok(p) => p, - Err(_) => return false, - }; - - let p = g_d.mul(esk, &JUBJUB); - - let result = unsafe { &mut *result }; - p.write(&mut result[..]).expect("length is not 32 bytes"); - - true -} - -/// Validates the provided Equihash solution against the given parameters, input -/// and nonce. -#[no_mangle] -pub extern "C" fn librustzcash_eh_isvalid( - n: u32, - k: u32, - input: *const c_uchar, - input_len: size_t, - nonce: *const c_uchar, - nonce_len: size_t, - soln: *const c_uchar, - soln_len: size_t, -) -> bool { - if (k >= n) || (n % 8 != 0) || (soln_len != (1 << k) * ((n / (k + 1)) as usize + 1) / 8) { - return false; - } - let rs_input = unsafe { slice::from_raw_parts(input, input_len) }; - let rs_nonce = unsafe { slice::from_raw_parts(nonce, nonce_len) }; - let rs_soln = unsafe { slice::from_raw_parts(soln, soln_len) }; - equihash::is_valid_solution(n, k, rs_input, rs_nonce, rs_soln) -} - -/// Creates a Sapling verification context. Please free this when you're done. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_verification_ctx_init() -> *mut SaplingVerificationContext { - let ctx = Box::new(SaplingVerificationContext::new()); - - Box::into_raw(ctx) -} - -/// Frees a Sapling verification context returned from -/// [`librustzcash_sapling_verification_ctx_init`]. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_verification_ctx_free(ctx: *mut SaplingVerificationContext) { - drop(unsafe { Box::from_raw(ctx) }); -} - -const GROTH_PROOF_SIZE: usize = 48 // π_A - + 96 // π_B - + 48; // π_C - -/// Check the validity of a Sapling Spend description, accumulating the value -/// commitment into the context. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_check_spend( - ctx: *mut SaplingVerificationContext, - cv: *const [c_uchar; 32], - anchor: *const [c_uchar; 32], - nullifier: *const [c_uchar; 32], - rk: *const [c_uchar; 32], - zkproof: *const [c_uchar; GROTH_PROOF_SIZE], - spend_auth_sig: *const [c_uchar; 64], - sighash_value: *const [c_uchar; 32], -) -> bool { - // Deserialize the value commitment - let cv = match edwards::Point::::read(&(unsafe { &*cv })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the anchor, which should be an element - // of Fr. - let anchor = match Fr::from_repr(read_fr(unsafe { &*anchor })) { - Ok(a) => a, - Err(_) => return false, - }; - - // Deserialize rk - let rk = match redjubjub::PublicKey::::read(&(unsafe { &*rk })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the signature - let spend_auth_sig = match Signature::read(&(unsafe { &*spend_auth_sig })[..]) { - Ok(sig) => sig, - Err(_) => return false, - }; - - // Deserialize the proof - let zkproof = match Proof::::read(&(unsafe { &*zkproof })[..]) { - Ok(p) => p, - Err(_) => return false, - }; - - unsafe { &mut *ctx }.check_spend( - cv, - anchor, - unsafe { &*nullifier }, - rk, - unsafe { &*sighash_value }, - spend_auth_sig, - zkproof, - unsafe { SAPLING_SPEND_VK.as_ref() }.unwrap(), - &JUBJUB, - ) -} - -/// Check the validity of a Sapling Output description, accumulating the value -/// commitment into the context. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_check_output( - ctx: *mut SaplingVerificationContext, - cv: *const [c_uchar; 32], - cm: *const [c_uchar; 32], - epk: *const [c_uchar; 32], - zkproof: *const [c_uchar; GROTH_PROOF_SIZE], -) -> bool { - // Deserialize the value commitment - let cv = match edwards::Point::::read(&(unsafe { &*cv })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the commitment, which should be an element - // of Fr. - let cm = match Fr::from_repr(read_fr(unsafe { &*cm })) { - Ok(a) => a, - Err(_) => return false, - }; - - // Deserialize the ephemeral key - let epk = match edwards::Point::::read(&(unsafe { &*epk })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the proof - let zkproof = match Proof::::read(&(unsafe { &*zkproof })[..]) { - Ok(p) => p, - Err(_) => return false, - }; - - unsafe { &mut *ctx }.check_output( - cv, - cm, - epk, - zkproof, - unsafe { SAPLING_OUTPUT_VK.as_ref() }.unwrap(), - &JUBJUB, - ) -} - -/// Finally checks the validity of the entire Sapling transaction given -/// valueBalance and the binding signature. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_final_check( - ctx: *mut SaplingVerificationContext, - value_balance: i64, - binding_sig: *const [c_uchar; 64], - sighash_value: *const [c_uchar; 32], -) -> bool { - let value_balance = match Amount::from_i64(value_balance) { - Ok(vb) => vb, - Err(()) => return false, - }; - - // Deserialize the signature - let binding_sig = match Signature::read(&(unsafe { &*binding_sig })[..]) { - Ok(sig) => sig, - Err(_) => return false, - }; - - unsafe { &*ctx }.final_check( - value_balance, - unsafe { &*sighash_value }, - binding_sig, - &JUBJUB, - ) -} - -/// Sprout JoinSplit proof generation. -#[no_mangle] -pub extern "C" fn librustzcash_sprout_prove( - proof_out: *mut [c_uchar; GROTH_PROOF_SIZE], - - phi: *const [c_uchar; 32], - rt: *const [c_uchar; 32], - h_sig: *const [c_uchar; 32], - - // First input - in_sk1: *const [c_uchar; 32], - in_value1: u64, - in_rho1: *const [c_uchar; 32], - in_r1: *const [c_uchar; 32], - in_auth1: *const [c_uchar; sprout::WITNESS_PATH_SIZE], - - // Second input - in_sk2: *const [c_uchar; 32], - in_value2: u64, - in_rho2: *const [c_uchar; 32], - in_r2: *const [c_uchar; 32], - in_auth2: *const [c_uchar; sprout::WITNESS_PATH_SIZE], - - // First output - out_pk1: *const [c_uchar; 32], - out_value1: u64, - out_r1: *const [c_uchar; 32], - - // Second output - out_pk2: *const [c_uchar; 32], - out_value2: u64, - out_r2: *const [c_uchar; 32], - - // Public value - vpub_old: u64, - vpub_new: u64, -) { - // Load parameters from disk - let sprout_fs = File::open( - unsafe { &SPROUT_GROTH16_PARAMS_PATH } - .as_ref() - .expect("parameters should have been initialized"), - ) - .expect("couldn't load Sprout groth16 parameters file"); - - let mut sprout_fs = BufReader::with_capacity(1024 * 1024, sprout_fs); - - let params = Parameters::::read(&mut sprout_fs, false) - .expect("couldn't deserialize Sprout JoinSplit parameters file"); - - drop(sprout_fs); - - let proof = sprout::create_proof( - unsafe { *phi }, - unsafe { *rt }, - unsafe { *h_sig }, - unsafe { *in_sk1 }, - in_value1, - unsafe { *in_rho1 }, - unsafe { *in_r1 }, - unsafe { &*in_auth1 }, - unsafe { *in_sk2 }, - in_value2, - unsafe { *in_rho2 }, - unsafe { *in_r2 }, - unsafe { &*in_auth2 }, - unsafe { *out_pk1 }, - out_value1, - unsafe { *out_r1 }, - unsafe { *out_pk2 }, - out_value2, - unsafe { *out_r2 }, - vpub_old, - vpub_new, - ¶ms, - ); - - proof - .write(&mut (unsafe { &mut *proof_out })[..]) - .expect("should be able to serialize a proof"); -} - -/// Sprout JoinSplit proof verification. -#[no_mangle] -pub extern "C" fn librustzcash_sprout_verify( - proof: *const [c_uchar; GROTH_PROOF_SIZE], - rt: *const [c_uchar; 32], - h_sig: *const [c_uchar; 32], - mac1: *const [c_uchar; 32], - mac2: *const [c_uchar; 32], - nf1: *const [c_uchar; 32], - nf2: *const [c_uchar; 32], - cm1: *const [c_uchar; 32], - cm2: *const [c_uchar; 32], - vpub_old: u64, - vpub_new: u64, -) -> bool { - sprout::verify_proof( - unsafe { &*proof }, - unsafe { &*rt }, - unsafe { &*h_sig }, - unsafe { &*mac1 }, - unsafe { &*mac2 }, - unsafe { &*nf1 }, - unsafe { &*nf2 }, - unsafe { &*cm1 }, - unsafe { &*cm2 }, - vpub_old, - vpub_new, - unsafe { SPROUT_GROTH16_VK.as_ref() }.expect("parameters should have been initialized"), - ) -} - -/// This function (using the proving context) constructs an Output proof given -/// the necessary witness information. It outputs `cv` and the `zkproof`. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_output_proof( - ctx: *mut SaplingProvingContext, - esk: *const [c_uchar; 32], - payment_address: *const [c_uchar; 43], - rcm: *const [c_uchar; 32], - value: u64, - cv: *mut [c_uchar; 32], - zkproof: *mut [c_uchar; GROTH_PROOF_SIZE], -) -> bool { - // Grab `esk`, which the caller should have constructed for the DH key exchange. - let esk = match Fs::from_repr(read_fs(unsafe { &*esk })) { - Ok(p) => p, - Err(_) => return false, - }; - - // Grab the payment address from the caller - let payment_address = - match PaymentAddress::::from_bytes(unsafe { &*payment_address }, &JUBJUB) { - Some(pa) => pa, - None => return false, - }; - - // The caller provides the commitment randomness for the output note - let rcm = match Fs::from_repr(read_fs(unsafe { &*rcm })) { - Ok(p) => p, - Err(_) => return false, - }; - - // Create proof - let (proof, value_commitment) = unsafe { &mut *ctx }.output_proof( - esk, - payment_address, - rcm, - value, - unsafe { SAPLING_OUTPUT_PARAMS.as_ref() }.unwrap(), - &JUBJUB, - ); - - // Write the proof out to the caller - proof - .write(&mut (unsafe { &mut *zkproof })[..]) - .expect("should be able to serialize a proof"); - - // Write the value commitment to the caller - value_commitment - .write(&mut (unsafe { &mut *cv })[..]) - .expect("should be able to serialize rcv"); - - true -} - -/// Computes the signature for each Spend description, given the key `ask`, the -/// re-randomization `ar`, the 32-byte sighash `sighash`, and an output `result` -/// buffer of 64-bytes for the signature. -/// -/// This function will fail if the provided `ask` or `ar` are invalid. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_spend_sig( - ask: *const [c_uchar; 32], - ar: *const [c_uchar; 32], - sighash: *const [c_uchar; 32], - result: *mut [c_uchar; 64], -) -> bool { - // The caller provides the re-randomization of `ak`. - let ar = match Fs::from_repr(read_fs(unsafe { &*ar })) { - Ok(p) => p, - Err(_) => return false, - }; - - // The caller provides `ask`, the spend authorizing key. - let ask = match redjubjub::PrivateKey::::read(&(unsafe { &*ask })[..]) { - Ok(p) => p, - Err(_) => return false, - }; - - // Initialize secure RNG - let mut rng = OsRng; - - // Do the signing - let sig = spend_sig(ask, ar, unsafe { &*sighash }, &mut rng, &JUBJUB); - - // Write out the signature - sig.write(&mut (unsafe { &mut *result })[..]) - .expect("result should be 64 bytes"); - - true -} - -/// This function (using the proving context) constructs a binding signature. -/// -/// You must provide the intended valueBalance so that we can internally check -/// consistency. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_binding_sig( - ctx: *const SaplingProvingContext, - value_balance: i64, - sighash: *const [c_uchar; 32], - result: *mut [c_uchar; 64], -) -> bool { - let value_balance = match Amount::from_i64(value_balance) { - Ok(vb) => vb, - Err(()) => return false, - }; - - // Sign - let sig = match unsafe { &*ctx }.binding_sig(value_balance, unsafe { &*sighash }, &JUBJUB) { - Ok(s) => s, - Err(_) => return false, - }; - - // Write out signature - sig.write(&mut (unsafe { &mut *result })[..]) - .expect("result should be 64 bytes"); - - true -} - -/// This function (using the proving context) constructs a Spend proof given the -/// necessary witness information. It outputs `cv` (the value commitment) and -/// `rk` (so that you don't have to compute it) along with the proof. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_spend_proof( - ctx: *mut SaplingProvingContext, - ak: *const [c_uchar; 32], - nsk: *const [c_uchar; 32], - diversifier: *const [c_uchar; 11], - rcm: *const [c_uchar; 32], - ar: *const [c_uchar; 32], - value: u64, - anchor: *const [c_uchar; 32], - merkle_path: *const [c_uchar; 1 + 33 * SAPLING_TREE_DEPTH + 8], - cv: *mut [c_uchar; 32], - rk_out: *mut [c_uchar; 32], - zkproof: *mut [c_uchar; GROTH_PROOF_SIZE], -) -> bool { - // Grab `ak` from the caller, which should be a point. - let ak = match edwards::Point::::read(&(unsafe { &*ak })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // `ak` should be prime order. - let ak = match ak.as_prime_order(&JUBJUB) { - Some(p) => p, - None => return false, - }; - - // Grab `nsk` from the caller - let nsk = match Fs::from_repr(read_fs(unsafe { &*nsk })) { - Ok(p) => p, - Err(_) => return false, - }; - - // Construct the proof generation key - let proof_generation_key = ProofGenerationKey { - ak: ak.clone(), - nsk, - }; - - // Grab the diversifier from the caller - let diversifier = Diversifier(unsafe { *diversifier }); - - // The caller chooses the note randomness - let rcm = match Fs::from_repr(read_fs(unsafe { &*rcm })) { - Ok(p) => p, - Err(_) => return false, - }; - - // The caller also chooses the re-randomization of ak - let ar = match Fs::from_repr(read_fs(unsafe { &*ar })) { - Ok(p) => p, - Err(_) => return false, - }; - - // We need to compute the anchor of the Spend. - let anchor = match Fr::from_repr(read_fr(unsafe { &*anchor })) { - Ok(p) => p, - Err(_) => return false, - }; - - // Parse the Merkle path from the caller - let merkle_path = match MerklePath::from_slice(unsafe { &(&*merkle_path)[..] }) { - Ok(w) => w, - Err(_) => return false, - }; - - // Create proof - let (proof, value_commitment, rk) = unsafe { &mut *ctx } - .spend_proof( - proof_generation_key, - diversifier, - rcm, - ar, - value, - anchor, - merkle_path, - unsafe { SAPLING_SPEND_PARAMS.as_ref() }.unwrap(), - unsafe { SAPLING_SPEND_VK.as_ref() }.unwrap(), - &JUBJUB, - ) - .expect("proving should not fail"); - - // Write value commitment to caller - value_commitment - .write(&mut unsafe { &mut *cv }[..]) - .expect("should be able to serialize cv"); - - // Write proof out to caller - proof - .write(&mut (unsafe { &mut *zkproof })[..]) - .expect("should be able to serialize a proof"); - - // Write out `rk` to the caller - rk.write(&mut unsafe { &mut *rk_out }[..]) - .expect("should be able to write to rk_out"); - - true -} - -/// Creates a Sapling proving context. Please free this when you're done. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_proving_ctx_init() -> *mut SaplingProvingContext { - let ctx = Box::new(SaplingProvingContext::new()); - - Box::into_raw(ctx) -} - -/// Frees a Sapling proving context returned from -/// [`librustzcash_sapling_proving_ctx_init`]. -#[no_mangle] -pub extern "C" fn librustzcash_sapling_proving_ctx_free(ctx: *mut SaplingProvingContext) { - drop(unsafe { Box::from_raw(ctx) }); -} - -/// Derive the master ExtendedSpendingKey from a seed. -#[no_mangle] -pub extern "C" fn librustzcash_zip32_xsk_master( - seed: *const c_uchar, - seedlen: size_t, - xsk_master: *mut [c_uchar; 169], -) { - let seed = unsafe { std::slice::from_raw_parts(seed, seedlen) }; - - let xsk = zip32::ExtendedSpendingKey::master(seed); - - xsk.write(&mut (unsafe { &mut *xsk_master })[..]) - .expect("should be able to serialize an ExtendedSpendingKey"); -} - -/// Derive a child ExtendedSpendingKey from a parent. -#[no_mangle] -pub extern "C" fn librustzcash_zip32_xsk_derive( - xsk_parent: *const [c_uchar; 169], - i: u32, - xsk_i: *mut [c_uchar; 169], -) { - let xsk_parent = zip32::ExtendedSpendingKey::read(&unsafe { *xsk_parent }[..]) - .expect("valid ExtendedSpendingKey"); - let i = zip32::ChildIndex::from_index(i); - - let xsk = xsk_parent.derive_child(i); - - xsk.write(&mut (unsafe { &mut *xsk_i })[..]) - .expect("should be able to serialize an ExtendedSpendingKey"); -} - -/// Derive a child ExtendedFullViewingKey from a parent. -#[no_mangle] -pub extern "C" fn librustzcash_zip32_xfvk_derive( - xfvk_parent: *const [c_uchar; 169], - i: u32, - xfvk_i: *mut [c_uchar; 169], -) -> bool { - let xfvk_parent = zip32::ExtendedFullViewingKey::read(&unsafe { *xfvk_parent }[..]) - .expect("valid ExtendedFullViewingKey"); - let i = zip32::ChildIndex::from_index(i); - - let xfvk = match xfvk_parent.derive_child(i) { - Ok(xfvk) => xfvk, - Err(_) => return false, - }; - - xfvk.write(&mut (unsafe { &mut *xfvk_i })[..]) - .expect("should be able to serialize an ExtendedFullViewingKey"); - - true -} - -/// Derive a PaymentAddress from an ExtendedFullViewingKey. -#[no_mangle] -pub extern "C" fn librustzcash_zip32_xfvk_address( - xfvk: *const [c_uchar; 169], - j: *const [c_uchar; 11], - j_ret: *mut [c_uchar; 11], - addr_ret: *mut [c_uchar; 43], -) -> bool { - let xfvk = zip32::ExtendedFullViewingKey::read(&unsafe { *xfvk }[..]) - .expect("valid ExtendedFullViewingKey"); - let j = zip32::DiversifierIndex(unsafe { *j }); - - let addr = match xfvk.address(j) { - Ok(addr) => addr, - Err(_) => return false, - }; - - let j_ret = unsafe { &mut *j_ret }; - let addr_ret = unsafe { &mut *addr_ret }; - - j_ret.copy_from_slice(&(addr.0).0); - addr_ret.copy_from_slice(&addr.1.to_bytes()); - - true -} - -fn construct_mmr_tree( - // Consensus branch id - cbranch: u32, - // Length of tree in array representation - t_len: u32, - - // Indices of provided tree nodes, length of p_len+e_len - ni_ptr: *const u32, - // Provided tree nodes data, length of p_len+e_len - n_ptr: *const [c_uchar; zcash_history::MAX_ENTRY_SIZE], - - // Peaks count - p_len: size_t, - // Extra nodes loaded (for deletion) count - e_len: size_t, -) -> Result { - let (indices, nodes) = unsafe { - ( - slice::from_raw_parts(ni_ptr, p_len + e_len), - slice::from_raw_parts(n_ptr, p_len + e_len), - ) - }; - - let mut peaks: Vec<_> = indices - .iter() - .zip(nodes.iter()) - .map( - |(index, node)| match MMREntry::from_bytes(cbranch, &node[..]) { - Ok(entry) => Ok((*index, entry)), - Err(_) => Err("Invalid encoding"), - }, - ) - .collect::>()?; - let extra = peaks.split_off(p_len); - - Ok(MMRTree::new(t_len, peaks, extra)) -} - -#[no_mangle] -pub extern "system" fn librustzcash_mmr_append( - // Consensus branch id - cbranch: u32, - // Length of tree in array representation - t_len: u32, - // Indices of provided tree nodes, length of p_len - ni_ptr: *const u32, - // Provided tree nodes data, length of p_len - n_ptr: *const [c_uchar; zcash_history::MAX_ENTRY_SIZE], - // Peaks count - p_len: size_t, - // New node pointer - nn_ptr: *const [u8; zcash_history::MAX_NODE_DATA_SIZE], - // Return of root commitment - rt_ret: *mut [u8; 32], - // Return buffer for appended leaves, should be pre-allocated of ceiling(log2(t_len)) length - buf_ret: *mut [c_uchar; zcash_history::MAX_NODE_DATA_SIZE], -) -> u32 { - let new_node_bytes: &[u8; zcash_history::MAX_NODE_DATA_SIZE] = unsafe { - match nn_ptr.as_ref() { - Some(r) => r, - None => { - return 0; - } // Null pointer passed, error - } - }; - - let mut tree = match construct_mmr_tree(cbranch, t_len, ni_ptr, n_ptr, p_len, 0) { - Ok(t) => t, - _ => { - return 0; - } // error - }; - - let node = match MMRNodeData::from_bytes(cbranch, &new_node_bytes[..]) { - Ok(node) => node, - _ => { - return 0; - } // error - }; - - let appended = match tree.append_leaf(node) { - Ok(appended) => appended, - _ => { - return 0; - } - }; - - let return_count = appended.len(); - - let root_node = tree - .root_node() - .expect("Just added, should resolve always; qed"); - unsafe { - *rt_ret = root_node.data().subtree_commitment; - - for (idx, next_buf) in slice::from_raw_parts_mut(buf_ret, return_count as usize) - .iter_mut() - .enumerate() - { - tree.resolve_link(appended[idx]) - .expect("This was generated by the tree and thus resolvable; qed") - .data() - .write(&mut &mut next_buf[..]) - .expect("Write using cursor with enough buffer size cannot fail; qed"); - } - } - - return_count as u32 -} - -#[no_mangle] -pub extern "system" fn librustzcash_mmr_delete( - // Consensus branch id - cbranch: u32, - // Length of tree in array representation - t_len: u32, - // Indices of provided tree nodes, length of p_len+e_len - ni_ptr: *const u32, - // Provided tree nodes data, length of p_len+e_len - n_ptr: *const [c_uchar; zcash_history::MAX_ENTRY_SIZE], - // Peaks count - p_len: size_t, - // Extra nodes loaded (for deletion) count - e_len: size_t, - // Return of root commitment - rt_ret: *mut [u8; 32], -) -> u32 { - let mut tree = match construct_mmr_tree(cbranch, t_len, ni_ptr, n_ptr, p_len, e_len) { - Ok(t) => t, - _ => { - return 0; - } // error - }; - - let truncate_len = match tree.truncate_leaf() { - Ok(v) => v, - _ => { - return 0; - } // Error - }; - - unsafe { - *rt_ret = tree - .root_node() - .expect("Just generated without errors, root should be resolving") - .data() - .subtree_commitment; - } - - truncate_len -} - -#[no_mangle] -pub extern "system" fn librustzcash_mmr_hash_node( - cbranch: u32, - n_ptr: *const [u8; zcash_history::MAX_NODE_DATA_SIZE], - h_ret: *mut [u8; 32], -) -> u32 { - let node_bytes: &[u8; zcash_history::MAX_NODE_DATA_SIZE] = unsafe { - match n_ptr.as_ref() { - Some(r) => r, - None => return 1, - } - }; - - let node = match MMRNodeData::from_bytes(cbranch, &node_bytes[..]) { - Ok(n) => n, - _ => return 1, // error - }; - - unsafe { - *h_ret = node.hash(); - } - - 0 -} diff --git a/librustzcash/src/tests/key_agreement.rs b/librustzcash/src/tests/key_agreement.rs deleted file mode 100644 index 909c6fad5..000000000 --- a/librustzcash/src/tests/key_agreement.rs +++ /dev/null @@ -1,75 +0,0 @@ -use ff::{PrimeField, PrimeFieldRepr}; -use pairing::bls12_381::Bls12; -use rand_core::{OsRng, RngCore}; -use zcash_primitives::jubjub::{edwards, JubjubBls12}; -use zcash_primitives::primitives::{Diversifier, ViewingKey}; - -use crate::{ - librustzcash_sapling_generate_r, librustzcash_sapling_ka_agree, - librustzcash_sapling_ka_derivepublic, -}; - -#[test] -fn test_key_agreement() { - let params = JubjubBls12::new(); - let mut rng = OsRng; - - // Create random viewing key - let vk = ViewingKey:: { - ak: edwards::Point::rand(&mut rng, ¶ms).mul_by_cofactor(¶ms), - nk: edwards::Point::rand(&mut rng, ¶ms).mul_by_cofactor(¶ms), - }; - - // Create a random address with the viewing key - let addr = loop { - let mut d = [0; 11]; - rng.fill_bytes(&mut d); - if let Some(a) = vk.to_payment_address(Diversifier(d), ¶ms) { - break a; - } - }; - - // Grab ivk from our viewing key in serialized form - let ivk = vk.ivk(); - let mut ivk_serialized = [0u8; 32]; - ivk.into_repr().write_le(&mut ivk_serialized[..]).unwrap(); - - // Create random esk - let mut esk = [0u8; 32]; - librustzcash_sapling_generate_r(&mut esk); - - // The sender will create a shared secret with the recipient - // by multiplying the pk_d from their address with the esk - // we randomly generated - let mut shared_secret_sender = [0u8; 32]; - - // Serialize pk_d for the call to librustzcash_sapling_ka_agree - let mut addr_pk_d = [0u8; 32]; - addr.pk_d().write(&mut addr_pk_d[..]).unwrap(); - - assert!(librustzcash_sapling_ka_agree( - &addr_pk_d, - &esk, - &mut shared_secret_sender - )); - - // Create epk for the recipient, placed in the transaction. Computed - // using the diversifier and esk. - let mut epk = [0u8; 32]; - assert!(librustzcash_sapling_ka_derivepublic( - &addr.diversifier().0, - &esk, - &mut epk - )); - - // Create sharedSecret with ephemeral key - let mut shared_secret_recipient = [0u8; 32]; - assert!(librustzcash_sapling_ka_agree( - &epk, - &ivk_serialized, - &mut shared_secret_recipient - )); - - assert!(!shared_secret_sender.iter().all(|&v| v == 0)); - assert_eq!(shared_secret_sender, shared_secret_recipient); -} diff --git a/librustzcash/src/tests/key_components.rs b/librustzcash/src/tests/key_components.rs deleted file mode 100644 index 5975e5eb1..000000000 --- a/librustzcash/src/tests/key_components.rs +++ /dev/null @@ -1,731 +0,0 @@ -use ff::{PrimeField, PrimeFieldRepr}; -use pairing::bls12_381::Bls12; -use zcash_primitives::{ - jubjub::{fs::FsRepr, FixedGenerators, JubjubEngine, JubjubParams}, - primitives::{Diversifier, ProofGenerationKey}, -}; - -use super::JUBJUB; - -use crate::{ - librustzcash_ask_to_ak, librustzcash_check_diversifier, librustzcash_crh_ivk, - librustzcash_ivk_to_pkd, librustzcash_nsk_to_nk, -}; - -#[test] -fn key_components() { - #![allow(dead_code)] - struct TestVector { - sk: [u8; 32], - ask: [u8; 32], - nsk: [u8; 32], - ovk: [u8; 32], - ak: [u8; 32], - nk: [u8; 32], - ivk: [u8; 32], - default_d: [u8; 11], - default_pk_d: [u8; 32], - note_v: u64, - note_r: [u8; 32], - note_cm: [u8; 32], - note_pos: u64, - note_nf: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_key_components.py - let test_vectors = vec![ - TestVector { - sk: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - ask: [ - 0x85, 0x48, 0xa1, 0x4a, 0x47, 0x3e, 0xa5, 0x47, 0xaa, 0x23, 0x78, 0x40, 0x20, 0x44, - 0xf8, 0x18, 0xcf, 0x19, 0x11, 0xcf, 0x5d, 0xd2, 0x05, 0x4f, 0x67, 0x83, 0x45, 0xf0, - 0x0d, 0x0e, 0x88, 0x06, - ], - nsk: [ - 0x30, 0x11, 0x4e, 0xa0, 0xdd, 0x0b, 0xb6, 0x1c, 0xf0, 0xea, 0xea, 0xb6, 0xec, 0x33, - 0x31, 0xf5, 0x81, 0xb0, 0x42, 0x5e, 0x27, 0x33, 0x85, 0x01, 0x26, 0x2d, 0x7e, 0xac, - 0x74, 0x5e, 0x6e, 0x05, - ], - ovk: [ - 0x98, 0xd1, 0x69, 0x13, 0xd9, 0x9b, 0x04, 0x17, 0x7c, 0xab, 0xa4, 0x4f, 0x6e, 0x4d, - 0x22, 0x4e, 0x03, 0xb5, 0xac, 0x03, 0x1d, 0x7c, 0xe4, 0x5e, 0x86, 0x51, 0x38, 0xe1, - 0xb9, 0x96, 0xd6, 0x3b, - ], - ak: [ - 0xf3, 0x44, 0xec, 0x38, 0x0f, 0xe1, 0x27, 0x3e, 0x30, 0x98, 0xc2, 0x58, 0x8c, 0x5d, - 0x3a, 0x79, 0x1f, 0xd7, 0xba, 0x95, 0x80, 0x32, 0x76, 0x07, 0x77, 0xfd, 0x0e, 0xfa, - 0x8e, 0xf1, 0x16, 0x20, - ], - nk: [ - 0xf7, 0xcf, 0x9e, 0x77, 0xf2, 0xe5, 0x86, 0x83, 0x38, 0x3c, 0x15, 0x19, 0xac, 0x7b, - 0x06, 0x2d, 0x30, 0x04, 0x0e, 0x27, 0xa7, 0x25, 0xfb, 0x88, 0xfb, 0x19, 0xa9, 0x78, - 0xbd, 0x3f, 0xd6, 0xba, - ], - ivk: [ - 0xb7, 0x0b, 0x7c, 0xd0, 0xed, 0x03, 0xcb, 0xdf, 0xd7, 0xad, 0xa9, 0x50, 0x2e, 0xe2, - 0x45, 0xb1, 0x3e, 0x56, 0x9d, 0x54, 0xa5, 0x71, 0x9d, 0x2d, 0xaa, 0x0f, 0x5f, 0x14, - 0x51, 0x47, 0x92, 0x04, - ], - default_d: [ - 0xf1, 0x9d, 0x9b, 0x79, 0x7e, 0x39, 0xf3, 0x37, 0x44, 0x58, 0x39, - ], - default_pk_d: [ - 0xdb, 0x4c, 0xd2, 0xb0, 0xaa, 0xc4, 0xf7, 0xeb, 0x8c, 0xa1, 0x31, 0xf1, 0x65, 0x67, - 0xc4, 0x45, 0xa9, 0x55, 0x51, 0x26, 0xd3, 0xc2, 0x9f, 0x14, 0xe3, 0xd7, 0x76, 0xe8, - 0x41, 0xae, 0x74, 0x15, - ], - note_v: 0, - note_r: [ - 0x39, 0x17, 0x6d, 0xac, 0x39, 0xac, 0xe4, 0x98, 0x0e, 0xcc, 0x8d, 0x77, 0x8e, 0x89, - 0x86, 0x02, 0x55, 0xec, 0x36, 0x15, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - note_cm: [ - 0xcb, 0x3c, 0xf9, 0x15, 0x32, 0x70, 0xd5, 0x7e, 0xb9, 0x14, 0xc6, 0xc2, 0xbc, 0xc0, - 0x18, 0x50, 0xc9, 0xfe, 0xd4, 0x4f, 0xce, 0x08, 0x06, 0x27, 0x8f, 0x08, 0x3e, 0xf2, - 0xdd, 0x07, 0x64, 0x39, - ], - note_pos: 0, - note_nf: [ - 0x44, 0xfa, 0xd6, 0x56, 0x4f, 0xfd, 0xec, 0x9f, 0xa1, 0x9c, 0x43, 0xa2, 0x8f, 0x86, - 0x1d, 0x5e, 0xbf, 0x60, 0x23, 0x46, 0x00, 0x7d, 0xe7, 0x62, 0x67, 0xd9, 0x75, 0x27, - 0x47, 0xab, 0x40, 0x63, - ], - }, - TestVector { - sk: [ - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - ], - ask: [ - 0xc9, 0x43, 0x56, 0x29, 0xbf, 0x8b, 0xff, 0xe5, 0x5e, 0x73, 0x35, 0xec, 0x07, 0x77, - 0x18, 0xba, 0x60, 0xba, 0x28, 0xd7, 0xac, 0x37, 0x94, 0xb7, 0x4f, 0x51, 0x2c, 0x31, - 0xaf, 0x0a, 0x53, 0x04, - ], - nsk: [ - 0x11, 0xac, 0xc2, 0xea, 0xd0, 0x7b, 0x5f, 0x00, 0x8c, 0x1f, 0x0f, 0x09, 0x0c, 0xc8, - 0xdd, 0xf3, 0x35, 0x23, 0x6f, 0xf4, 0xb2, 0x53, 0xc6, 0x49, 0x56, 0x95, 0xe9, 0xd6, - 0x39, 0xda, 0xcd, 0x08, - ], - ovk: [ - 0x3b, 0x94, 0x62, 0x10, 0xce, 0x6d, 0x1b, 0x16, 0x92, 0xd7, 0x39, 0x2a, 0xc8, 0x4a, - 0x8b, 0xc8, 0xf0, 0x3b, 0x72, 0x72, 0x3c, 0x7d, 0x36, 0x72, 0x1b, 0x80, 0x9a, 0x79, - 0xc9, 0xd6, 0xe4, 0x5b, - ], - ak: [ - 0x82, 0xff, 0x5e, 0xff, 0xc5, 0x27, 0xae, 0x84, 0x02, 0x0b, 0xf2, 0xd3, 0x52, 0x01, - 0xc1, 0x02, 0x19, 0x13, 0x19, 0x47, 0xff, 0x4b, 0x96, 0xf8, 0x81, 0xa4, 0x5f, 0x2e, - 0x8a, 0xe3, 0x05, 0x18, - ], - nk: [ - 0xc4, 0x53, 0x4d, 0x84, 0x8b, 0xb9, 0x18, 0xcf, 0x4a, 0x7f, 0x8b, 0x98, 0x74, 0x0a, - 0xb3, 0xcc, 0xee, 0x58, 0x67, 0x95, 0xff, 0x4d, 0xf6, 0x45, 0x47, 0xa8, 0x88, 0x8a, - 0x6c, 0x74, 0x15, 0xd2, - ], - ivk: [ - 0xc5, 0x18, 0x38, 0x44, 0x66, 0xb2, 0x69, 0x88, 0xb5, 0x10, 0x90, 0x67, 0x41, 0x8d, - 0x19, 0x2d, 0x9d, 0x6b, 0xd0, 0xd9, 0x23, 0x22, 0x05, 0xd7, 0x74, 0x18, 0xc2, 0x40, - 0xfc, 0x68, 0xa4, 0x06, - ], - default_d: [ - 0xae, 0xf1, 0x80, 0xf6, 0xe3, 0x4e, 0x35, 0x4b, 0x88, 0x8f, 0x81, - ], - default_pk_d: [ - 0xa6, 0xb1, 0x3e, 0xa3, 0x36, 0xdd, 0xb7, 0xa6, 0x7b, 0xb0, 0x9a, 0x0e, 0x68, 0xe9, - 0xd3, 0xcf, 0xb3, 0x92, 0x10, 0x83, 0x1e, 0xa3, 0xa2, 0x96, 0xba, 0x09, 0xa9, 0x22, - 0x06, 0x0f, 0xd3, 0x8b, - ], - note_v: 12227227834928555328, - note_r: [ - 0x47, 0x8b, 0xa0, 0xee, 0x6e, 0x1a, 0x75, 0xb6, 0x00, 0x03, 0x6f, 0x26, 0xf1, 0x8b, - 0x70, 0x15, 0xab, 0x55, 0x6b, 0xed, 0xdf, 0x8b, 0x96, 0x02, 0x38, 0x86, 0x9f, 0x89, - 0xdd, 0x80, 0x4e, 0x06, - ], - note_cm: [ - 0xb5, 0x78, 0x93, 0x50, 0x0b, 0xfb, 0x85, 0xdf, 0x2e, 0x8b, 0x01, 0xac, 0x45, 0x2f, - 0x89, 0xe1, 0x0e, 0x26, 0x6b, 0xcf, 0xa3, 0x1c, 0x31, 0xb2, 0x9a, 0x53, 0xae, 0x72, - 0xca, 0xd4, 0x69, 0x50, - ], - note_pos: 763714296, - note_nf: [ - 0x67, 0x9e, 0xb0, 0xc3, 0xa7, 0x57, 0xe2, 0xae, 0x83, 0xcd, 0xb4, 0x2a, 0x1a, 0xb2, - 0x59, 0xd7, 0x83, 0x88, 0x31, 0x54, 0x19, 0xad, 0xc7, 0x1d, 0x2e, 0x37, 0x63, 0x17, - 0x4c, 0x2e, 0x9d, 0x93, - ], - }, - TestVector { - sk: [ - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, - ], - ask: [ - 0xee, 0x1c, 0x3d, 0x7e, 0xfe, 0x0a, 0x78, 0x06, 0x3d, 0x6a, 0xf3, 0xd9, 0xd8, 0x12, - 0x12, 0xaf, 0x47, 0xb7, 0xc1, 0xb7, 0x61, 0xf8, 0x5c, 0xcb, 0x06, 0x6f, 0xc1, 0x1a, - 0x6a, 0x42, 0x17, 0x03, - ], - nsk: [ - 0x1d, 0x3b, 0x71, 0x37, 0x55, 0xd7, 0x48, 0x75, 0xe8, 0xea, 0x38, 0xfd, 0x16, 0x6e, - 0x76, 0xc6, 0x2a, 0x42, 0x50, 0x21, 0x6e, 0x6b, 0xbf, 0xe4, 0x8a, 0x5e, 0x2e, 0xab, - 0xad, 0x11, 0x7f, 0x0b, - ], - ovk: [ - 0x8b, 0xf4, 0x39, 0x0e, 0x28, 0xdd, 0xc9, 0x5b, 0x83, 0x02, 0xc3, 0x81, 0xd5, 0x81, - 0x0b, 0x84, 0xba, 0x8e, 0x60, 0x96, 0xe5, 0xa7, 0x68, 0x22, 0x77, 0x4f, 0xd4, 0x9f, - 0x49, 0x1e, 0x8f, 0x49, - ], - ak: [ - 0xab, 0x83, 0x57, 0x4e, 0xb5, 0xde, 0x85, 0x9a, 0x0a, 0xb8, 0x62, 0x9d, 0xec, 0x34, - 0xc7, 0xbe, 0xe8, 0xc3, 0xfc, 0x74, 0xdf, 0xa0, 0xb1, 0x9a, 0x3a, 0x74, 0x68, 0xd1, - 0x5d, 0xca, 0x64, 0xc6, - ], - nk: [ - 0x95, 0xd5, 0x80, 0x53, 0xe0, 0x59, 0x2e, 0x4a, 0x16, 0x9c, 0xc0, 0xb7, 0x92, 0x8a, - 0xaa, 0xc3, 0xde, 0x24, 0xef, 0x15, 0x31, 0xaa, 0x9e, 0xb6, 0xf4, 0xab, 0x93, 0x91, - 0x4d, 0xa8, 0xa0, 0x6e, - ], - ivk: [ - 0x47, 0x1c, 0x24, 0xa3, 0xdc, 0x87, 0x30, 0xe7, 0x50, 0x36, 0xc0, 0xa9, 0x5f, 0x3e, - 0x2f, 0x7d, 0xd1, 0xbe, 0x6f, 0xb9, 0x3a, 0xd2, 0x95, 0x92, 0x20, 0x3d, 0xef, 0x30, - 0x41, 0x95, 0x45, 0x05, - ], - default_d: [ - 0x75, 0x99, 0xf0, 0xbf, 0x9b, 0x57, 0xcd, 0x2d, 0xc2, 0x99, 0xb6, - ], - default_pk_d: [ - 0x66, 0x14, 0x17, 0x39, 0x51, 0x4b, 0x28, 0xf0, 0x5d, 0xef, 0x8a, 0x18, 0xee, 0xee, - 0x5e, 0xed, 0x4d, 0x44, 0xc6, 0x22, 0x5c, 0x3c, 0x65, 0xd8, 0x8d, 0xd9, 0x90, 0x77, - 0x08, 0x01, 0x2f, 0x5a, - ], - note_v: 6007711596147559040, - note_r: [ - 0x14, 0x7c, 0xf2, 0xb5, 0x1b, 0x4c, 0x7c, 0x63, 0xcb, 0x77, 0xb9, 0x9e, 0x8b, 0x78, - 0x3e, 0x5b, 0x51, 0x11, 0xdb, 0x0a, 0x7c, 0xa0, 0x4d, 0x6c, 0x01, 0x4a, 0x1d, 0x7d, - 0xa8, 0x3b, 0xae, 0x0a, - ], - note_cm: [ - 0xdb, 0x85, 0xa7, 0x0a, 0x98, 0x43, 0x7f, 0x73, 0x16, 0x7f, 0xc3, 0x32, 0xd5, 0xb7, - 0xb7, 0x40, 0x82, 0x96, 0x66, 0x17, 0x70, 0xb1, 0x01, 0xb0, 0xaa, 0x87, 0x83, 0x9f, - 0x4e, 0x55, 0xf1, 0x51, - ], - note_pos: 1527428592, - note_nf: [ - 0xe9, 0x8f, 0x6a, 0x8f, 0x34, 0xff, 0x49, 0x80, 0x59, 0xb3, 0xc7, 0x31, 0xb9, 0x1f, - 0x45, 0x11, 0x08, 0xc4, 0x95, 0x4d, 0x91, 0x94, 0x84, 0x36, 0x1c, 0xf9, 0xb4, 0x8f, - 0x59, 0xae, 0x1d, 0x14, - ], - }, - TestVector { - sk: [ - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, - ], - ask: [ - 0x00, 0xc3, 0xa1, 0xe1, 0xca, 0x8f, 0x4e, 0x04, 0x80, 0xee, 0x1e, 0xe9, 0x0c, 0xa7, - 0x51, 0x78, 0x79, 0xd3, 0xfc, 0x5c, 0x81, 0x5c, 0x09, 0x03, 0xe5, 0xee, 0xbc, 0x94, - 0xbb, 0x80, 0x95, 0x03, - ], - nsk: [ - 0xe6, 0x62, 0x85, 0xa5, 0xe9, 0xb6, 0x5e, 0x15, 0x7a, 0xd2, 0xfc, 0xd5, 0x43, 0xda, - 0xd9, 0x8c, 0x67, 0xa5, 0x8a, 0xbd, 0xf2, 0x87, 0xe0, 0x55, 0x06, 0xbd, 0x1c, 0x2e, - 0x59, 0xb0, 0x72, 0x0b, - ], - ovk: [ - 0x14, 0x76, 0x78, 0xe0, 0x55, 0x3b, 0x97, 0x82, 0x93, 0x47, 0x64, 0x7c, 0x5b, 0xc7, - 0xda, 0xb4, 0xcc, 0x22, 0x02, 0xb5, 0x4e, 0xc2, 0x9f, 0xd3, 0x1a, 0x3d, 0xe6, 0xbe, - 0x08, 0x25, 0xfc, 0x5e, - ], - ak: [ - 0x3c, 0x9c, 0xde, 0x7e, 0x5d, 0x0d, 0x38, 0xa8, 0x61, 0x0f, 0xaa, 0xdb, 0xcf, 0x4c, - 0x34, 0x3f, 0x5d, 0x3c, 0xfa, 0x31, 0x55, 0xa5, 0xb9, 0x46, 0x61, 0xa6, 0x75, 0x3e, - 0x96, 0xe8, 0x84, 0xea, - ], - nk: [ - 0xb7, 0x7d, 0x36, 0xf5, 0x08, 0x94, 0x1d, 0xbd, 0x61, 0xcf, 0xd0, 0xf1, 0x59, 0xee, - 0x05, 0xcf, 0xaa, 0x78, 0xa2, 0x6c, 0x94, 0x92, 0x90, 0x38, 0x06, 0xd8, 0x3b, 0x59, - 0x8d, 0x3c, 0x1c, 0x2a, - ], - ivk: [ - 0x63, 0x6a, 0xa9, 0x64, 0xbf, 0xc2, 0x3c, 0xe4, 0xb1, 0xfc, 0xf7, 0xdf, 0xc9, 0x91, - 0x79, 0xdd, 0xc4, 0x06, 0xff, 0x55, 0x40, 0x0c, 0x92, 0x95, 0xac, 0xfc, 0x14, 0xf0, - 0x31, 0xc7, 0x26, 0x00, - ], - default_d: [ - 0x1b, 0x81, 0x61, 0x4f, 0x1d, 0xad, 0xea, 0x0f, 0x8d, 0x0a, 0x58, - ], - default_pk_d: [ - 0x25, 0xeb, 0x55, 0xfc, 0xcf, 0x76, 0x1f, 0xc6, 0x4e, 0x85, 0xa5, 0x88, 0xef, 0xe6, - 0xea, 0xd7, 0x83, 0x2f, 0xb1, 0xf0, 0xf7, 0xa8, 0x31, 0x65, 0x89, 0x5b, 0xdf, 0xf9, - 0x42, 0x92, 0x5f, 0x5c, - ], - note_v: 18234939431076114368, - note_r: [ - 0x34, 0xa4, 0xb2, 0xa9, 0x14, 0x4f, 0xf5, 0xea, 0x54, 0xef, 0xee, 0x87, 0xcf, 0x90, - 0x1b, 0x5b, 0xed, 0x5e, 0x35, 0xd2, 0x1f, 0xbb, 0xd7, 0x88, 0xd5, 0xbd, 0x9d, 0x83, - 0x3e, 0x11, 0x28, 0x04, - ], - note_cm: [ - 0xe0, 0x8c, 0xe4, 0x82, 0xb3, 0xa8, 0xfb, 0x3b, 0x35, 0xcc, 0xdb, 0xe3, 0x43, 0x37, - 0xbd, 0x10, 0x5d, 0x88, 0x39, 0x21, 0x2e, 0x0d, 0x16, 0x44, 0xb9, 0xd5, 0x5c, 0xaa, - 0x60, 0xd1, 0x9b, 0x6c, - ], - note_pos: 2291142888, - note_nf: [ - 0x55, 0x47, 0xaa, 0x12, 0xff, 0x80, 0xa6, 0xb3, 0x30, 0x4e, 0x3b, 0x05, 0x86, 0x56, - 0x47, 0x2a, 0xbd, 0x2c, 0x81, 0x83, 0xb5, 0x9d, 0x07, 0x37, 0xb9, 0x3c, 0xee, 0x75, - 0x8b, 0xec, 0x47, 0xa1, - ], - }, - TestVector { - sk: [ - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, - ], - ask: [ - 0x82, 0x36, 0xd1, 0x9d, 0x32, 0x05, 0xd8, 0x55, 0x43, 0xa0, 0x68, 0x11, 0x34, 0x3f, - 0x82, 0x7b, 0x65, 0x63, 0x77, 0x0a, 0x49, 0xaa, 0x4d, 0x0c, 0xa0, 0x08, 0x18, 0x05, - 0xd4, 0xc8, 0xea, 0x0d, - ], - nsk: [ - 0x7e, 0xc1, 0xef, 0x0b, 0xed, 0x82, 0x71, 0x82, 0x72, 0xf0, 0xf4, 0x4f, 0x01, 0x7c, - 0x48, 0x41, 0x74, 0x51, 0x3d, 0x66, 0x1d, 0xd1, 0x68, 0xaf, 0x02, 0xd2, 0x09, 0x2a, - 0x1d, 0x8a, 0x05, 0x07, - ], - ovk: [ - 0x1b, 0x6e, 0x75, 0xec, 0xe3, 0xac, 0xe8, 0xdb, 0xa6, 0xa5, 0x41, 0x0d, 0x9a, 0xd4, - 0x75, 0x56, 0x68, 0xe4, 0xb3, 0x95, 0x85, 0xd6, 0x35, 0xec, 0x1d, 0xa7, 0xc8, 0xdc, - 0xfd, 0x5f, 0xc4, 0xed, - ], - ak: [ - 0x55, 0xe8, 0x83, 0x89, 0xbb, 0x7e, 0x41, 0xde, 0x13, 0x0c, 0xfa, 0x51, 0xa8, 0x71, - 0x5f, 0xde, 0x01, 0xff, 0x9c, 0x68, 0x76, 0x64, 0x7f, 0x01, 0x75, 0xad, 0x34, 0xf0, - 0x58, 0xdd, 0xe0, 0x1a, - ], - nk: [ - 0x72, 0x5d, 0x4a, 0xd6, 0xa1, 0x50, 0x21, 0xcd, 0x1c, 0x48, 0xc5, 0xee, 0x19, 0xde, - 0x6c, 0x1e, 0x76, 0x8a, 0x2c, 0xc0, 0xa9, 0xa7, 0x30, 0xa0, 0x1b, 0xb2, 0x1c, 0x95, - 0xe3, 0xd9, 0xe4, 0x3c, - ], - ivk: [ - 0x67, 0xfa, 0x2b, 0xf7, 0xc6, 0x7d, 0x46, 0x58, 0x24, 0x3c, 0x31, 0x7c, 0x0c, 0xb4, - 0x1f, 0xd3, 0x20, 0x64, 0xdf, 0xd3, 0x70, 0x9f, 0xe0, 0xdc, 0xb7, 0x24, 0xf1, 0x4b, - 0xb0, 0x1a, 0x1d, 0x04, - ], - default_d: [ - 0xfc, 0xfb, 0x68, 0xa4, 0x0d, 0x4b, 0xc6, 0xa0, 0x4b, 0x09, 0xc4, - ], - default_pk_d: [ - 0x8b, 0x2a, 0x33, 0x7f, 0x03, 0x62, 0x2c, 0x24, 0xff, 0x38, 0x1d, 0x4c, 0x54, 0x6f, - 0x69, 0x77, 0xf9, 0x05, 0x22, 0xe9, 0x2f, 0xde, 0x44, 0xc9, 0xd1, 0xbb, 0x09, 0x97, - 0x14, 0xb9, 0xdb, 0x2b, - ], - note_v: 12015423192295118080, - note_r: [ - 0xe5, 0x57, 0x85, 0x13, 0x55, 0x74, 0x7c, 0x09, 0xac, 0x59, 0x01, 0x3c, 0xbd, 0xe8, - 0x59, 0x80, 0x96, 0x4e, 0xc1, 0x84, 0x4d, 0x9c, 0x69, 0x67, 0xca, 0x0c, 0x02, 0x9c, - 0x84, 0x57, 0xbb, 0x04, - ], - note_cm: [ - 0xbd, 0xc8, 0x54, 0xbf, 0x3e, 0x7b, 0x00, 0x82, 0x1f, 0x3b, 0x8b, 0x85, 0x23, 0x8c, - 0xcf, 0x1e, 0x67, 0x15, 0xbf, 0xe7, 0x0b, 0x63, 0x2d, 0x04, 0x4b, 0x26, 0xfb, 0x2b, - 0xc7, 0x1b, 0x7f, 0x36, - ], - note_pos: 3054857184, - note_nf: [ - 0x8a, 0x9a, 0xbd, 0xa3, 0xd4, 0xef, 0x85, 0xca, 0xf2, 0x2b, 0xfa, 0xf2, 0xc4, 0x8f, - 0x62, 0x38, 0x2a, 0x73, 0xa1, 0x62, 0x4e, 0xb8, 0xeb, 0x2b, 0xd0, 0x0d, 0x27, 0x03, - 0x01, 0xbf, 0x3d, 0x13, - ], - }, - TestVector { - sk: [ - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, - ], - ask: [ - 0xea, 0xe6, 0x88, 0x4d, 0x76, 0x4a, 0x05, 0x40, 0x61, 0xa8, 0xf1, 0xc0, 0x07, 0x6c, - 0x62, 0x4d, 0xcb, 0x73, 0x87, 0x89, 0xf7, 0xad, 0x1e, 0x74, 0x08, 0xe3, 0x1f, 0x24, - 0xdf, 0xc8, 0x26, 0x07, - ], - nsk: [ - 0xfb, 0xe6, 0x10, 0xf4, 0x2a, 0x41, 0x74, 0x9f, 0x9b, 0x6e, 0x6e, 0x4a, 0x54, 0xb5, - 0xa3, 0x2e, 0xbf, 0xe8, 0xf4, 0x38, 0x00, 0x88, 0x1b, 0xa6, 0xcd, 0x13, 0xed, 0x0b, - 0x05, 0x29, 0x46, 0x01, - ], - ovk: [ - 0xc6, 0xbc, 0x1f, 0x39, 0xf0, 0xd7, 0x86, 0x31, 0x4c, 0xb2, 0x0b, 0xf9, 0xab, 0x22, - 0x85, 0x40, 0x91, 0x35, 0x55, 0xf9, 0x70, 0x69, 0x6b, 0x6d, 0x7c, 0x77, 0xbb, 0x33, - 0x23, 0x28, 0x37, 0x2a, - ], - ak: [ - 0xe6, 0x82, 0x76, 0x59, 0x14, 0xe3, 0x86, 0x4c, 0x33, 0x9e, 0x57, 0x82, 0xb8, 0x55, - 0xc0, 0xfd, 0xf4, 0x0e, 0x0d, 0xfc, 0xed, 0xb9, 0xe7, 0xb4, 0x7b, 0xc9, 0x4b, 0x90, - 0xb3, 0xa4, 0xc9, 0x88, - ], - nk: [ - 0x82, 0x25, 0x6b, 0x95, 0x62, 0x3c, 0x67, 0x02, 0x4b, 0x44, 0x24, 0xd9, 0x14, 0x00, - 0xa3, 0x70, 0xe7, 0xac, 0x8e, 0x4d, 0x15, 0x48, 0x2a, 0x37, 0x59, 0xe0, 0x0d, 0x21, - 0x97, 0x49, 0xda, 0xee, - ], - ivk: [ - 0xea, 0x3f, 0x1d, 0x80, 0xe4, 0x30, 0x7c, 0xa7, 0x3b, 0x9f, 0x37, 0x80, 0x1f, 0x91, - 0xfb, 0xa8, 0x10, 0xcc, 0x41, 0xd2, 0x79, 0xfc, 0x29, 0xf5, 0x64, 0x23, 0x56, 0x54, - 0xa2, 0x17, 0x8e, 0x03, - ], - default_d: [ - 0xeb, 0x51, 0x98, 0x82, 0xad, 0x1e, 0x5c, 0xc6, 0x54, 0xcd, 0x59, - ], - default_pk_d: [ - 0x6b, 0x27, 0xda, 0xcc, 0xb5, 0xa8, 0x20, 0x7f, 0x53, 0x2d, 0x10, 0xca, 0x23, 0x8f, - 0x97, 0x86, 0x64, 0x8a, 0x11, 0xb5, 0x96, 0x6e, 0x51, 0xa2, 0xf7, 0xd8, 0x9e, 0x15, - 0xd2, 0x9b, 0x8f, 0xdf, - ], - note_v: 5795906953514121792, - note_r: [ - 0x68, 0xf0, 0x61, 0x04, 0x60, 0x6b, 0x0c, 0x54, 0x49, 0x84, 0x5f, 0xf4, 0xc6, 0x5f, - 0x73, 0xe9, 0x0f, 0x45, 0xef, 0x5a, 0x43, 0xc9, 0xd7, 0x4c, 0xb2, 0xc8, 0x5c, 0xf5, - 0x6c, 0x94, 0xc0, 0x02, - ], - note_cm: [ - 0xe8, 0x26, 0x7d, 0x30, 0xac, 0x11, 0xc1, 0x00, 0xbc, 0x7a, 0x0f, 0xdf, 0x91, 0xf7, - 0x1d, 0x74, 0xc5, 0xbc, 0xf2, 0xe1, 0xef, 0x95, 0x66, 0x90, 0x44, 0x73, 0x01, 0x69, - 0xde, 0x1a, 0x5b, 0x4c, - ], - note_pos: 3818571480, - note_nf: [ - 0x33, 0x2a, 0xd9, 0x9e, 0xb9, 0xe9, 0x77, 0xeb, 0x62, 0x7a, 0x12, 0x2d, 0xbf, 0xb2, - 0xf2, 0x5f, 0xe5, 0x88, 0xe5, 0x97, 0x75, 0x3e, 0xc5, 0x58, 0x0f, 0xf2, 0xbe, 0x20, - 0xb6, 0xc9, 0xa7, 0xe1, - ], - }, - TestVector { - sk: [ - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, - ], - ask: [ - 0xe8, 0xf8, 0x16, 0xb4, 0xbc, 0x08, 0xa7, 0xe5, 0x66, 0x75, 0x0c, 0xc2, 0x8a, 0xfe, - 0x82, 0xa4, 0xce, 0xa9, 0xc2, 0xbe, 0xf2, 0x44, 0xfa, 0x4b, 0x13, 0xc4, 0x73, 0x9b, - 0x28, 0x07, 0x4c, 0x0d, - ], - nsk: [ - 0x32, 0x61, 0x5b, 0x13, 0x7f, 0x28, 0x01, 0xed, 0x44, 0x6e, 0x48, 0x78, 0x1a, 0xb0, - 0x63, 0x45, 0x72, 0xe1, 0x8c, 0xfb, 0x06, 0x93, 0x72, 0x1b, 0x88, 0x03, 0xc0, 0x5b, - 0x82, 0x27, 0xd1, 0x07, - ], - ovk: [ - 0xf6, 0x2c, 0x05, 0xe8, 0x48, 0xa8, 0x73, 0xef, 0x88, 0x5e, 0x12, 0xb0, 0x8c, 0x5e, - 0x7c, 0xa2, 0xf3, 0x24, 0x24, 0xba, 0xcc, 0x75, 0x4c, 0xb6, 0x97, 0x50, 0x44, 0x4d, - 0x35, 0x5f, 0x51, 0x06, - ], - ak: [ - 0xff, 0x27, 0xdb, 0x07, 0x51, 0x94, 0x5d, 0x3e, 0xe4, 0xbe, 0x9c, 0xf1, 0x5c, 0x2e, - 0xa2, 0x11, 0xb2, 0x4b, 0x16, 0x4d, 0x5f, 0x2d, 0x7d, 0xdf, 0xf5, 0xe4, 0xa0, 0x70, - 0x8f, 0x10, 0xb9, 0x5e, - ], - nk: [ - 0x94, 0x38, 0x85, 0x95, 0x9d, 0x4e, 0xf8, 0xa9, 0xcf, 0xca, 0x07, 0xc4, 0x57, 0xf0, - 0x9e, 0xc7, 0x4b, 0x96, 0xf9, 0x93, 0xd8, 0xe0, 0xfa, 0x32, 0xb1, 0x9c, 0x03, 0xe3, - 0xb0, 0x7a, 0x42, 0x0f, - ], - ivk: [ - 0xb5, 0xc5, 0x89, 0x49, 0x43, 0x95, 0x69, 0x33, 0xc0, 0xe5, 0xc1, 0x2d, 0x31, 0x1f, - 0xc1, 0x2c, 0xba, 0x58, 0x35, 0x4b, 0x5c, 0x38, 0x9e, 0xdc, 0x03, 0xda, 0x55, 0x08, - 0x4f, 0x74, 0xc2, 0x05, - ], - default_d: [ - 0xbe, 0xbb, 0x0f, 0xb4, 0x6b, 0x8a, 0xaf, 0xf8, 0x90, 0x40, 0xf6, - ], - default_pk_d: [ - 0xd1, 0x1d, 0xa0, 0x1f, 0x0b, 0x43, 0xbd, 0xd5, 0x28, 0x8d, 0x32, 0x38, 0x5b, 0x87, - 0x71, 0xd2, 0x23, 0x49, 0x3c, 0x69, 0x80, 0x25, 0x44, 0x04, 0x3f, 0x77, 0xcf, 0x1d, - 0x71, 0xc1, 0xcb, 0x8c, - ], - note_v: 18023134788442677120, - note_r: [ - 0x49, 0xf9, 0x0b, 0x47, 0xfd, 0x52, 0xfe, 0xe7, 0xc1, 0xc8, 0x1f, 0x0d, 0xcb, 0x5b, - 0x74, 0xc3, 0xfb, 0x9b, 0x3e, 0x03, 0x97, 0x6f, 0x8b, 0x75, 0x24, 0xea, 0xba, 0xd0, - 0x08, 0x89, 0x21, 0x07, - ], - note_cm: [ - 0x57, 0x2b, 0xa2, 0x05, 0x25, 0xb0, 0xac, 0x4d, 0x6d, 0xc0, 0x1a, 0xc2, 0xea, 0x10, - 0x90, 0xb6, 0xe0, 0xf2, 0xf4, 0xbf, 0x4e, 0xc4, 0xa0, 0xdb, 0x5b, 0xbc, 0xcb, 0x5b, - 0x78, 0x3a, 0x1e, 0x55, - ], - note_pos: 287318480, - note_nf: [ - 0xfc, 0x74, 0xcd, 0x0e, 0x4b, 0xe0, 0x49, 0x57, 0xb1, 0x96, 0xcf, 0x87, 0x34, 0xae, - 0x99, 0x23, 0x96, 0xaf, 0x4c, 0xfa, 0x8f, 0xec, 0xbb, 0x86, 0xf9, 0x61, 0xe6, 0xb4, - 0x07, 0xd5, 0x1e, 0x11, - ], - }, - TestVector { - sk: [ - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, - ], - ask: [ - 0x74, 0xb4, 0x4a, 0x37, 0xf1, 0x50, 0x23, 0xc0, 0x60, 0x42, 0x7e, 0x1d, 0xae, 0xa3, - 0xf6, 0x43, 0x12, 0xdd, 0x8f, 0xeb, 0x7b, 0x2c, 0xed, 0xf0, 0xdd, 0x55, 0x44, 0x49, - 0x3f, 0x87, 0x2c, 0x06, - ], - nsk: [ - 0x07, 0x5c, 0x35, 0xdb, 0x8b, 0x1b, 0x25, 0x75, 0x42, 0x23, 0xec, 0xee, 0x34, 0xab, - 0x73, 0x0d, 0xdd, 0xd1, 0xf1, 0x4a, 0x6a, 0x54, 0xf4, 0xc6, 0xf4, 0x68, 0x45, 0x3c, - 0x3c, 0x6e, 0xd6, 0x0b, - ], - ovk: [ - 0xe9, 0xe0, 0xdc, 0x1e, 0xd3, 0x11, 0xda, 0xed, 0x64, 0xbd, 0x74, 0xda, 0x5d, 0x94, - 0xfe, 0x88, 0xa6, 0xea, 0x41, 0x4b, 0x73, 0x12, 0xde, 0x3d, 0x2a, 0x78, 0xf6, 0x46, - 0x32, 0xbb, 0xe3, 0x73, - ], - ak: [ - 0x28, 0x3f, 0x9a, 0xaf, 0xa9, 0xbc, 0xb3, 0xe6, 0xce, 0x17, 0xe6, 0x32, 0x12, 0x63, - 0x4c, 0xb3, 0xee, 0x55, 0x0c, 0x47, 0x6b, 0x67, 0x6b, 0xd3, 0x56, 0xa6, 0xdf, 0x8a, - 0xdf, 0x51, 0xd2, 0x5e, - ], - nk: [ - 0xdc, 0x4c, 0x67, 0xb1, 0x0d, 0x4b, 0x0a, 0x21, 0x8d, 0xc6, 0xe1, 0x48, 0x70, 0x66, - 0x74, 0x0a, 0x40, 0x93, 0x17, 0x86, 0x6c, 0x32, 0xe6, 0x64, 0xb5, 0x0e, 0x39, 0x7a, - 0xa8, 0x03, 0x89, 0xd4, - ], - ivk: [ - 0x87, 0x16, 0xc8, 0x28, 0x80, 0xe1, 0x36, 0x83, 0xe1, 0xbb, 0x05, 0x9d, 0xd0, 0x6c, - 0x80, 0xc9, 0x01, 0x34, 0xa9, 0x6d, 0x5a, 0xfc, 0xa8, 0xaa, 0xc2, 0xbb, 0xf6, 0x8b, - 0xb0, 0x5f, 0x84, 0x02, - ], - default_d: [ - 0xad, 0x6e, 0x2e, 0x18, 0x5a, 0x31, 0x00, 0xe3, 0xa6, 0xa8, 0xb3, - ], - default_pk_d: [ - 0x32, 0xcb, 0x28, 0x06, 0xb8, 0x82, 0xf1, 0x36, 0x8b, 0x0d, 0x4a, 0x89, 0x8f, 0x72, - 0xc4, 0xc8, 0xf7, 0x28, 0x13, 0x2c, 0xc1, 0x24, 0x56, 0x94, 0x6e, 0x7f, 0x4c, 0xb0, - 0xfb, 0x05, 0x8d, 0xa9, - ], - note_v: 11803618549661680832, - note_r: [ - 0x51, 0x65, 0xaf, 0xf2, 0x2d, 0xd4, 0xed, 0x56, 0xb4, 0xd8, 0x1d, 0x1f, 0x17, 0x1c, - 0xc3, 0xd6, 0x43, 0x2f, 0xed, 0x1b, 0xeb, 0xf2, 0x0a, 0x7b, 0xea, 0xb1, 0x2d, 0xb1, - 0x42, 0xf9, 0x4a, 0x0c, - ], - note_cm: [ - 0xab, 0x7f, 0xc5, 0x66, 0x87, 0x3c, 0xcd, 0xe6, 0x71, 0xf5, 0x98, 0x27, 0x67, 0x85, - 0x60, 0xa0, 0x06, 0xf8, 0x2b, 0xb7, 0xad, 0xcd, 0x75, 0x22, 0x3f, 0xa8, 0x59, 0x36, - 0xf7, 0x8c, 0x2b, 0x23, - ], - note_pos: 1051032776, - note_nf: [ - 0xd2, 0xe8, 0x87, 0xbd, 0x85, 0x4a, 0x80, 0x2b, 0xce, 0x85, 0x70, 0x53, 0x02, 0x0f, - 0x5d, 0x3e, 0x7c, 0x8a, 0xe5, 0x26, 0x7c, 0x5b, 0x65, 0x83, 0xb3, 0xd2, 0x12, 0xcc, - 0x8b, 0xb6, 0x98, 0x90, - ], - }, - TestVector { - sk: [ - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, - ], - ask: [ - 0x03, 0x9d, 0xd9, 0x3d, 0xf3, 0x11, 0xff, 0x8f, 0xba, 0xb3, 0xfe, 0x23, 0x02, 0x19, - 0xcd, 0x42, 0xac, 0x87, 0x94, 0x84, 0xf3, 0x0b, 0x90, 0x3a, 0x3c, 0x1e, 0x67, 0xcc, - 0xca, 0x5a, 0x7b, 0x0d, - ], - nsk: [ - 0x04, 0x9f, 0xa1, 0x4f, 0x48, 0x6c, 0x75, 0xb9, 0xfa, 0xd7, 0xe3, 0xb6, 0x73, 0xa4, - 0x43, 0xdd, 0x07, 0x4e, 0xaa, 0x96, 0xed, 0xcb, 0x2a, 0x53, 0xea, 0xaa, 0xbd, 0xaf, - 0x70, 0xff, 0xbb, 0x08, - ], - ovk: [ - 0x14, 0x7d, 0xd1, 0x1d, 0x77, 0xeb, 0xa1, 0xb1, 0x63, 0x6f, 0xd6, 0x19, 0x0c, 0x62, - 0xb9, 0xa5, 0xd0, 0x48, 0x1b, 0xee, 0x7e, 0x91, 0x7f, 0xab, 0x02, 0xe2, 0x18, 0x58, - 0x06, 0x3a, 0xb5, 0x04, - ], - ak: [ - 0x36, 0x40, 0x48, 0xee, 0xdb, 0xe8, 0xca, 0x20, 0x5e, 0xb7, 0xe7, 0xba, 0x0a, 0x90, - 0x12, 0x16, 0x6c, 0x7c, 0x7b, 0xd9, 0xeb, 0x22, 0x8e, 0x08, 0x48, 0x14, 0x48, 0xc4, - 0x88, 0xaa, 0x21, 0xd2, - ], - nk: [ - 0xed, 0x60, 0xaf, 0x1c, 0xe7, 0xdf, 0x38, 0x07, 0x0d, 0x38, 0x51, 0x43, 0x2a, 0x96, - 0x48, 0x0d, 0xb0, 0xb4, 0x17, 0xc3, 0x68, 0x2a, 0x1d, 0x68, 0xe3, 0xe8, 0x93, 0x34, - 0x23, 0x5c, 0x0b, 0xdf, - ], - ivk: [ - 0x99, 0xc9, 0xb4, 0xb8, 0x4f, 0x4b, 0x4e, 0x35, 0x0f, 0x78, 0x7d, 0x1c, 0xf7, 0x05, - 0x1d, 0x50, 0xec, 0xc3, 0x4b, 0x1a, 0x5b, 0x20, 0xd2, 0xd2, 0x13, 0x9b, 0x4a, 0xf1, - 0xf1, 0x60, 0xe0, 0x01, - ], - default_d: [ - 0x21, 0xc9, 0x0e, 0x1c, 0x65, 0x8b, 0x3e, 0xfe, 0x86, 0xaf, 0x58, - ], - default_pk_d: [ - 0x9e, 0x64, 0x17, 0x4b, 0x4a, 0xb9, 0x81, 0x40, 0x5c, 0x32, 0x3b, 0x5e, 0x12, 0x47, - 0x59, 0x45, 0xa4, 0x6d, 0x4f, 0xed, 0xf8, 0x06, 0x08, 0x28, 0x04, 0x1c, 0xd2, 0x0e, - 0x62, 0xfd, 0x2c, 0xef, - ], - note_v: 5584102310880684544, - note_r: [ - 0x8c, 0x3e, 0x56, 0x44, 0x9d, 0xc8, 0x63, 0x54, 0xd3, 0x3b, 0x02, 0x5e, 0xf2, 0x79, - 0x34, 0x60, 0xbc, 0xb1, 0x69, 0xf3, 0x32, 0x4e, 0x4a, 0x6b, 0x64, 0xba, 0xa6, 0x08, - 0x32, 0x31, 0x57, 0x04, - ], - note_cm: [ - 0x7b, 0x48, 0xa8, 0x37, 0x5d, 0x3e, 0xbd, 0x56, 0xbc, 0x64, 0x9b, 0xb5, 0xb5, 0x24, - 0x23, 0x36, 0xc2, 0xa0, 0x5a, 0x08, 0x03, 0x23, 0x9b, 0x5b, 0x88, 0xfd, 0x92, 0x07, - 0x8f, 0xea, 0x4d, 0x04, - ], - note_pos: 1814747072, - note_nf: [ - 0xa8, 0x2f, 0x17, 0x50, 0xcc, 0x5b, 0x2b, 0xee, 0x64, 0x9a, 0x36, 0x5c, 0x04, 0x20, - 0xed, 0x87, 0x07, 0x5b, 0x88, 0x71, 0xfd, 0xa4, 0xa7, 0xf5, 0x84, 0x0d, 0x6b, 0xbe, - 0xb1, 0x7c, 0xd6, 0x20, - ], - }, - TestVector { - sk: [ - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, - ], - ask: [ - 0xeb, 0xbb, 0x40, 0xa9, 0x80, 0xba, 0x3b, 0x88, 0x60, 0x94, 0x8d, 0x01, 0x1e, 0x1b, - 0xfb, 0x4a, 0xff, 0xe1, 0x6c, 0x65, 0x2e, 0x90, 0xe9, 0x82, 0x58, 0x30, 0x2f, 0x44, - 0x64, 0xc9, 0x1e, 0x0c, - ], - nsk: [ - 0x68, 0x43, 0x1b, 0x19, 0x91, 0x04, 0x21, 0x52, 0x00, 0xb9, 0x5e, 0xe5, 0xcb, 0x71, - 0xbf, 0x8b, 0x88, 0x3a, 0x3e, 0x95, 0xb7, 0x98, 0x9c, 0xad, 0x19, 0x70, 0x63, 0x14, - 0x1e, 0xbb, 0xfd, 0x00, - ], - ovk: [ - 0x57, 0x34, 0x67, 0xa7, 0xb3, 0x0e, 0xad, 0x6c, 0xcc, 0x50, 0x47, 0x44, 0xca, 0x9e, - 0x1a, 0x28, 0x1a, 0x0d, 0x1a, 0x08, 0x73, 0x8b, 0x06, 0xa0, 0x68, 0x4f, 0xea, 0xcd, - 0x1e, 0x9d, 0x12, 0x6d, - ], - ak: [ - 0x71, 0xc3, 0x52, 0x3e, 0xec, 0xa3, 0x53, 0x11, 0xfb, 0xd5, 0xd7, 0xe7, 0xd7, 0x0b, - 0x70, 0x9d, 0x6c, 0x35, 0xa2, 0x4f, 0x26, 0x2b, 0x34, 0xbf, 0x64, 0x05, 0x9b, 0xf2, - 0xc0, 0x2e, 0x0b, 0xa8, - ], - nk: [ - 0x62, 0x44, 0x00, 0x10, 0x3b, 0x65, 0x69, 0xb7, 0x35, 0x8f, 0xe8, 0x0f, 0x6f, 0x6c, - 0xad, 0x43, 0x25, 0xde, 0xfd, 0xa9, 0xd9, 0x49, 0x9c, 0x2b, 0x8f, 0x88, 0x6a, 0x62, - 0x69, 0xa2, 0xaa, 0x52, - ], - ivk: [ - 0xdb, 0x95, 0xea, 0x8b, 0xd9, 0xf9, 0x3d, 0x41, 0xb5, 0xab, 0x2b, 0xeb, 0xc9, 0x1a, - 0x38, 0xed, 0xd5, 0x27, 0x08, 0x3e, 0x2a, 0x6e, 0xf9, 0xf3, 0xc2, 0x97, 0x02, 0xd5, - 0xff, 0x89, 0xed, 0x00, - ], - default_d: [ - 0x23, 0x3c, 0x4a, 0xb8, 0x86, 0xa5, 0x5e, 0x3b, 0xa3, 0x74, 0xc0, - ], - default_pk_d: [ - 0xb6, 0x8e, 0x9e, 0xe0, 0xc0, 0x67, 0x8d, 0x7b, 0x30, 0x36, 0x93, 0x1c, 0x83, 0x1a, - 0x25, 0x25, 0x5f, 0x7e, 0xe4, 0x87, 0x38, 0x5a, 0x30, 0x31, 0x6e, 0x15, 0xf6, 0x48, - 0x2b, 0x87, 0x4f, 0xda, - ], - note_v: 17811330145809239872, - note_r: [ - 0x6e, 0xbb, 0xed, 0x74, 0x36, 0x19, 0xa2, 0x56, 0xf9, 0xad, 0x2e, 0x85, 0x88, 0x0c, - 0xfa, 0xa9, 0x09, 0x8a, 0x5f, 0xdb, 0x16, 0x29, 0x99, 0x0d, 0x9a, 0x7d, 0x3b, 0xb9, - 0x3f, 0xc9, 0x00, 0x03, - ], - note_cm: [ - 0xd3, 0x76, 0xa7, 0xbe, 0xe8, 0xce, 0x67, 0xf4, 0xef, 0xde, 0x56, 0xaa, 0x77, 0xcf, - 0x64, 0x41, 0x9b, 0x0e, 0x55, 0x0a, 0xbb, 0xcb, 0x8e, 0x2b, 0xcb, 0xda, 0x8b, 0x63, - 0xe4, 0x1d, 0xeb, 0x37, - ], - note_pos: 2578461368, - note_nf: [ - 0x65, 0x36, 0x74, 0x87, 0x3b, 0x3c, 0x67, 0x0c, 0x58, 0x85, 0x84, 0x73, 0xe7, 0xfe, - 0x72, 0x19, 0x72, 0xfb, 0x96, 0xe2, 0x15, 0xb8, 0x73, 0x77, 0xa1, 0x7c, 0xa3, 0x71, - 0x0d, 0x93, 0xc9, 0xe9, - ], - }, - ]; - - for tv in test_vectors { - let mut ask_repr = FsRepr::default(); - let mut nsk_repr = FsRepr::default(); - ask_repr.read_le(&tv.ask[..]).unwrap(); - nsk_repr.read_le(&tv.nsk[..]).unwrap(); - let nsk = ::Fs::from_repr(nsk_repr).unwrap(); - - let ak = JUBJUB - .generator(FixedGenerators::SpendingKeyGenerator) - .mul(ask_repr.clone(), &JUBJUB); - { - let mut vec = Vec::new(); - ak.write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.ak); - } - { - let mut ak = [0u8; 32]; - librustzcash_ask_to_ak(&tv.ask, &mut ak); - assert_eq!(&ak, &tv.ak); - } - - let pgk = ProofGenerationKey { ak, nsk }; - let fvk = pgk.to_viewing_key(&JUBJUB); - { - let mut vec = Vec::new(); - fvk.nk.write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.nk); - } - { - let mut nk = [0u8; 32]; - librustzcash_nsk_to_nk(&tv.nsk, &mut nk); - assert_eq!(&nk, &tv.nk); - } - - { - let mut vec = Vec::new(); - fvk.ivk().into_repr().write_le(&mut vec).unwrap(); - assert_eq!(&vec, &tv.ivk); - } - { - let mut ivk = [0u8; 32]; - librustzcash_crh_ivk(&tv.ak, &tv.nk, &mut ivk); - assert_eq!(&ivk, &tv.ivk); - } - - let diversifier = Diversifier(tv.default_d); - assert!(librustzcash_check_diversifier(&tv.default_d)); - - let addr = fvk.to_payment_address(diversifier, &JUBJUB).unwrap(); - { - let mut vec = Vec::new(); - addr.pk_d().write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.default_pk_d); - } - { - let mut default_pk_d = [0u8; 32]; - librustzcash_ivk_to_pkd(&tv.ivk, &tv.default_d, &mut default_pk_d); - assert_eq!(&default_pk_d, &tv.default_pk_d); - } - - let mut note_r_repr = FsRepr::default(); - note_r_repr.read_le(&tv.note_r[..]).unwrap(); - let note_r = ::Fs::from_repr(note_r_repr).unwrap(); - let note = addr.create_note(tv.note_v, note_r, &JUBJUB).unwrap(); - { - let mut vec = Vec::new(); - note.cm(&JUBJUB).into_repr().write_le(&mut vec).unwrap(); - assert_eq!(&vec, &tv.note_cm); - } - - assert_eq!(note.nf(&fvk, tv.note_pos, &JUBJUB), tv.note_nf); - } -} diff --git a/librustzcash/src/tests/mmr.rs b/librustzcash/src/tests/mmr.rs deleted file mode 100644 index aa83aa37d..000000000 --- a/librustzcash/src/tests/mmr.rs +++ /dev/null @@ -1,225 +0,0 @@ -use zcash_history::{Entry, EntryLink, NodeData}; - -use crate::{librustzcash_mmr_append, librustzcash_mmr_delete}; - -const NODE_DATA_16L: &[u8] = include_bytes!("./res/tree16.dat"); -const NODE_DATA_1023L: &[u8] = include_bytes!("./res/tree1023.dat"); - -struct TreeView { - peaks: Vec<(u32, Entry)>, - extra: Vec<(u32, Entry)>, -} - -fn draft(into: &mut Vec<(u32, Entry)>, nodes: &[NodeData], peak_pos: usize, h: u32) { - let node_data = nodes[peak_pos - 1].clone(); - let peak: Entry = match h { - 0 => node_data.into(), - _ => Entry::new( - node_data, - EntryLink::Stored((peak_pos - (1 << h) - 1) as u32), - EntryLink::Stored((peak_pos - 2) as u32), - ), - }; - - into.push(((peak_pos - 1) as u32, peak)); -} - -fn prepare_tree(nodes: &[NodeData]) -> TreeView { - assert!(!nodes.is_empty()); - - // integer log2 of (nodes.len()+1), -1 - let mut h = (32 - ((nodes.len() + 1) as u32).leading_zeros() - 1) - 1; - let mut peak_pos = (1 << (h + 1)) - 1; - let mut peaks = Vec::new(); - - // used later - let mut last_peak_pos = 0; - let mut last_peak_h = 0; - - loop { - if peak_pos > nodes.len() { - // left child, -2^h - peak_pos -= 1 << h; - h -= 1; - } - - if peak_pos <= nodes.len() { - draft(&mut peaks, nodes, peak_pos, h); - - // save to be used in next loop - last_peak_pos = peak_pos; - last_peak_h = h; - - // right sibling - peak_pos += (1 << (h + 1)) - 1; - } - - if h == 0 { - break; - } - } - - // for deletion, everything on the right slope of the last peak should be pre-loaded - let mut extra = Vec::new(); - let mut h = last_peak_h; - let mut peak_pos = last_peak_pos; - - while h > 0 { - let left_pos = peak_pos - (1 << h); - let right_pos = peak_pos - 1; - h -= 1; - - // drafting left child - draft(&mut extra, nodes, left_pos, h); - - // drafting right child - draft(&mut extra, nodes, right_pos, h); - - // continuing on right slope - peak_pos = right_pos; - } - - TreeView { peaks, extra } -} - -fn preload_tree_append(nodes: &[NodeData]) -> (Vec, Vec<[u8; zcash_history::MAX_ENTRY_SIZE]>) { - assert!(!nodes.is_empty()); - - let tree_view = prepare_tree(nodes); - - let mut indices = Vec::new(); - let mut bytes = Vec::new(); - - for (idx, entry) in tree_view.peaks.into_iter() { - let mut buf = [0u8; zcash_history::MAX_ENTRY_SIZE]; - entry - .write(&mut &mut buf[..]) - .expect("Cannot fail if enough buffer length"); - indices.push(idx); - bytes.push(buf); - } - - (indices, bytes) -} - -// also returns number of peaks -fn preload_tree_delete( - nodes: &[NodeData], -) -> (Vec, Vec<[u8; zcash_history::MAX_ENTRY_SIZE]>, usize) { - assert!(!nodes.is_empty()); - - let tree_view = prepare_tree(nodes); - - let mut indices = Vec::new(); - let mut bytes = Vec::new(); - - let peak_count = tree_view.peaks.len(); - - for (idx, entry) in tree_view - .peaks - .into_iter() - .chain(tree_view.extra.into_iter()) - { - let mut buf = [0u8; zcash_history::MAX_ENTRY_SIZE]; - entry - .write(&mut &mut buf[..]) - .expect("Cannot fail if enough buffer length"); - indices.push(idx); - bytes.push(buf); - } - - (indices, bytes, peak_count) -} - -fn load_nodes(bytes: &'static [u8]) -> Vec { - let mut res = Vec::new(); - let mut cursor = std::io::Cursor::new(bytes); - while (cursor.position() as usize) < bytes.len() { - let node_data = zcash_history::NodeData::read(0, &mut cursor) - .expect("Statically checked to be correct"); - res.push(node_data); - } - - res -} - -#[test] -fn append() { - let nodes = load_nodes(NODE_DATA_16L); - let (indices, peaks) = preload_tree_append(&nodes); - - let mut rt_ret = [0u8; 32]; - - let mut buf_ret = Vec::<[u8; zcash_history::MAX_NODE_DATA_SIZE]>::with_capacity(32); - - let mut new_node_data = [0u8; zcash_history::MAX_NODE_DATA_SIZE]; - let new_node = NodeData { - consensus_branch_id: 0, - subtree_commitment: [0u8; 32], - start_time: 101, - end_time: 110, - start_target: 190, - end_target: 200, - start_sapling_root: [0u8; 32], - end_sapling_root: [0u8; 32], - subtree_total_work: Default::default(), - start_height: 10, - end_height: 10, - sapling_tx: 13, - }; - new_node - .write(&mut &mut new_node_data[..]) - .expect("Failed to write node data"); - - let result = librustzcash_mmr_append( - 0, - nodes.len() as u32, - indices.as_ptr(), - peaks.as_ptr(), - peaks.len(), - &new_node_data, - &mut rt_ret, - buf_ret.as_mut_ptr(), - ); - - unsafe { - buf_ret.set_len(result as usize); - } - - assert_eq!(result, 2); - - let new_node_1 = - NodeData::from_bytes(0, &buf_ret[0][..]).expect("Failed to reconstruct return node #1"); - - let new_node_2 = - NodeData::from_bytes(0, &buf_ret[1][..]).expect("Failed to reconstruct return node #2"); - - assert_eq!(new_node_1.start_height, 10); - assert_eq!(new_node_1.end_height, 10); - - // this is combined new node (which is `new_node_1`) + the one which was there before (for block #9) - assert_eq!(new_node_2.start_height, 9); - assert_eq!(new_node_2.end_height, 10); - assert_eq!(new_node_2.sapling_tx, 27); -} - -#[test] -fn delete() { - let nodes = load_nodes(NODE_DATA_1023L); - let (indices, nodes, peak_count) = preload_tree_delete(&nodes); - - let mut rt_ret = [0u8; 32]; - - let result = librustzcash_mmr_delete( - 0, - nodes.len() as u32, - indices.as_ptr(), - nodes.as_ptr(), - peak_count, - indices.len() - peak_count, - &mut rt_ret, - ); - - // Deleting from full tree of 9 height would result in cascade deleting of 10 nodes - assert_eq!(result, 10); -} diff --git a/librustzcash/src/tests/mod.rs b/librustzcash/src/tests/mod.rs deleted file mode 100644 index bbaee0abb..000000000 --- a/librustzcash/src/tests/mod.rs +++ /dev/null @@ -1,97 +0,0 @@ -use zcash_primitives::jubjub::{FixedGenerators, JubjubParams}; - -use super::JUBJUB; - -mod key_agreement; -mod key_components; -mod mmr; -mod notes; -mod signatures; - -#[test] -fn sapling_generators() { - struct SaplingGenerators { - skb: [u8; 32], - pkb: [u8; 32], - npb: [u8; 32], - wprb: [u8; 32], - vcvb: [u8; 32], - vcrb: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_generators.py - let sapling_generators = SaplingGenerators { - skb: [ - 0x30, 0xb5, 0xf2, 0xaa, 0xad, 0x32, 0x56, 0x30, 0xbc, 0xdd, 0xdb, 0xce, 0x4d, 0x67, - 0x65, 0x6d, 0x05, 0xfd, 0x1c, 0xc2, 0xd0, 0x37, 0xbb, 0x53, 0x75, 0xb6, 0xe9, 0x6d, - 0x9e, 0x01, 0xa1, 0xd7, - ], - pkb: [ - 0xe7, 0xe8, 0x5d, 0xe0, 0xf7, 0xf9, 0x7a, 0x46, 0xd2, 0x49, 0xa1, 0xf5, 0xea, 0x51, - 0xdf, 0x50, 0xcc, 0x48, 0x49, 0x0f, 0x84, 0x01, 0xc9, 0xde, 0x7a, 0x2a, 0xdf, 0x18, - 0x07, 0xd1, 0xb6, 0xd4, - ], - npb: [ - 0x65, 0x00, 0x2b, 0xc7, 0x36, 0xfa, 0xf7, 0xa3, 0x42, 0x2e, 0xff, 0xff, 0xe8, 0xb8, - 0x55, 0xe1, 0x8f, 0xba, 0x96, 0xa0, 0x15, 0x8a, 0x9e, 0xfc, 0xa5, 0x84, 0xbf, 0x40, - 0x54, 0x9d, 0x36, 0xe1, - ], - wprb: [ - 0xac, 0x77, 0x6c, 0x79, 0x65, 0x63, 0xfc, 0xd4, 0x4c, 0xc4, 0x9c, 0xfa, 0xea, 0x8b, - 0xb7, 0x96, 0x95, 0x2c, 0x26, 0x6e, 0x47, 0x77, 0x9d, 0x94, 0x57, 0x4c, 0x10, 0xad, - 0x01, 0x75, 0x4b, 0x11, - ], - vcvb: [ - 0xd7, 0xc8, 0x67, 0x06, 0xf5, 0x81, 0x7a, 0xa7, 0x18, 0xcd, 0x1c, 0xfa, 0xd0, 0x32, - 0x33, 0xbc, 0xd6, 0x4a, 0x77, 0x89, 0xfd, 0x94, 0x22, 0xd3, 0xb1, 0x7a, 0xf6, 0x82, - 0x3a, 0x7e, 0x6a, 0xc6, - ], - vcrb: [ - 0x8b, 0x6a, 0x0b, 0x38, 0xb9, 0xfa, 0xae, 0x3c, 0x3b, 0x80, 0x3b, 0x47, 0xb0, 0xf1, - 0x46, 0xad, 0x50, 0xab, 0x22, 0x1e, 0x6e, 0x2a, 0xfb, 0xe6, 0xdb, 0xde, 0x45, 0xcb, - 0xa9, 0xd3, 0x81, 0xed, - ], - }; - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::SpendingKeyGenerator); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.skb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::ProofGenerationKey); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.pkb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::NullifierPosition); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.npb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::NoteCommitmentRandomness); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.wprb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::ValueCommitmentValue); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.vcvb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::ValueCommitmentRandomness); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.vcrb); - } -} diff --git a/librustzcash/src/tests/notes.rs b/librustzcash/src/tests/notes.rs deleted file mode 100644 index 6b48b5ff8..000000000 --- a/librustzcash/src/tests/notes.rs +++ /dev/null @@ -1,673 +0,0 @@ -use crate::librustzcash_sapling_compute_cm; -use crate::librustzcash_sapling_compute_nf; - -#[test] -fn notes() { - #![allow(dead_code)] - struct TestVector { - sk: [u8; 32], - ask: [u8; 32], - nsk: [u8; 32], - ovk: [u8; 32], - ak: [u8; 32], - nk: [u8; 32], - ivk: [u8; 32], - default_d: [u8; 11], - default_pk_d: [u8; 32], - note_v: u64, - note_r: [u8; 32], - note_cm: [u8; 32], - note_pos: u64, - note_nf: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_key_components.py - let test_vectors = vec![ - TestVector { - sk: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - ask: [ - 0x85, 0x48, 0xa1, 0x4a, 0x47, 0x3e, 0xa5, 0x47, 0xaa, 0x23, 0x78, 0x40, 0x20, 0x44, - 0xf8, 0x18, 0xcf, 0x19, 0x11, 0xcf, 0x5d, 0xd2, 0x05, 0x4f, 0x67, 0x83, 0x45, 0xf0, - 0x0d, 0x0e, 0x88, 0x06, - ], - nsk: [ - 0x30, 0x11, 0x4e, 0xa0, 0xdd, 0x0b, 0xb6, 0x1c, 0xf0, 0xea, 0xea, 0xb6, 0xec, 0x33, - 0x31, 0xf5, 0x81, 0xb0, 0x42, 0x5e, 0x27, 0x33, 0x85, 0x01, 0x26, 0x2d, 0x7e, 0xac, - 0x74, 0x5e, 0x6e, 0x05, - ], - ovk: [ - 0x98, 0xd1, 0x69, 0x13, 0xd9, 0x9b, 0x04, 0x17, 0x7c, 0xab, 0xa4, 0x4f, 0x6e, 0x4d, - 0x22, 0x4e, 0x03, 0xb5, 0xac, 0x03, 0x1d, 0x7c, 0xe4, 0x5e, 0x86, 0x51, 0x38, 0xe1, - 0xb9, 0x96, 0xd6, 0x3b, - ], - ak: [ - 0xf3, 0x44, 0xec, 0x38, 0x0f, 0xe1, 0x27, 0x3e, 0x30, 0x98, 0xc2, 0x58, 0x8c, 0x5d, - 0x3a, 0x79, 0x1f, 0xd7, 0xba, 0x95, 0x80, 0x32, 0x76, 0x07, 0x77, 0xfd, 0x0e, 0xfa, - 0x8e, 0xf1, 0x16, 0x20, - ], - nk: [ - 0xf7, 0xcf, 0x9e, 0x77, 0xf2, 0xe5, 0x86, 0x83, 0x38, 0x3c, 0x15, 0x19, 0xac, 0x7b, - 0x06, 0x2d, 0x30, 0x04, 0x0e, 0x27, 0xa7, 0x25, 0xfb, 0x88, 0xfb, 0x19, 0xa9, 0x78, - 0xbd, 0x3f, 0xd6, 0xba, - ], - ivk: [ - 0xb7, 0x0b, 0x7c, 0xd0, 0xed, 0x03, 0xcb, 0xdf, 0xd7, 0xad, 0xa9, 0x50, 0x2e, 0xe2, - 0x45, 0xb1, 0x3e, 0x56, 0x9d, 0x54, 0xa5, 0x71, 0x9d, 0x2d, 0xaa, 0x0f, 0x5f, 0x14, - 0x51, 0x47, 0x92, 0x04, - ], - default_d: [ - 0xf1, 0x9d, 0x9b, 0x79, 0x7e, 0x39, 0xf3, 0x37, 0x44, 0x58, 0x39, - ], - default_pk_d: [ - 0xdb, 0x4c, 0xd2, 0xb0, 0xaa, 0xc4, 0xf7, 0xeb, 0x8c, 0xa1, 0x31, 0xf1, 0x65, 0x67, - 0xc4, 0x45, 0xa9, 0x55, 0x51, 0x26, 0xd3, 0xc2, 0x9f, 0x14, 0xe3, 0xd7, 0x76, 0xe8, - 0x41, 0xae, 0x74, 0x15, - ], - note_v: 0, - note_r: [ - 0x39, 0x17, 0x6d, 0xac, 0x39, 0xac, 0xe4, 0x98, 0x0e, 0xcc, 0x8d, 0x77, 0x8e, 0x89, - 0x86, 0x02, 0x55, 0xec, 0x36, 0x15, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - note_cm: [ - 0xcb, 0x3c, 0xf9, 0x15, 0x32, 0x70, 0xd5, 0x7e, 0xb9, 0x14, 0xc6, 0xc2, 0xbc, 0xc0, - 0x18, 0x50, 0xc9, 0xfe, 0xd4, 0x4f, 0xce, 0x08, 0x06, 0x27, 0x8f, 0x08, 0x3e, 0xf2, - 0xdd, 0x07, 0x64, 0x39, - ], - note_pos: 0, - note_nf: [ - 0x44, 0xfa, 0xd6, 0x56, 0x4f, 0xfd, 0xec, 0x9f, 0xa1, 0x9c, 0x43, 0xa2, 0x8f, 0x86, - 0x1d, 0x5e, 0xbf, 0x60, 0x23, 0x46, 0x00, 0x7d, 0xe7, 0x62, 0x67, 0xd9, 0x75, 0x27, - 0x47, 0xab, 0x40, 0x63, - ], - }, - TestVector { - sk: [ - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - ], - ask: [ - 0xc9, 0x43, 0x56, 0x29, 0xbf, 0x8b, 0xff, 0xe5, 0x5e, 0x73, 0x35, 0xec, 0x07, 0x77, - 0x18, 0xba, 0x60, 0xba, 0x28, 0xd7, 0xac, 0x37, 0x94, 0xb7, 0x4f, 0x51, 0x2c, 0x31, - 0xaf, 0x0a, 0x53, 0x04, - ], - nsk: [ - 0x11, 0xac, 0xc2, 0xea, 0xd0, 0x7b, 0x5f, 0x00, 0x8c, 0x1f, 0x0f, 0x09, 0x0c, 0xc8, - 0xdd, 0xf3, 0x35, 0x23, 0x6f, 0xf4, 0xb2, 0x53, 0xc6, 0x49, 0x56, 0x95, 0xe9, 0xd6, - 0x39, 0xda, 0xcd, 0x08, - ], - ovk: [ - 0x3b, 0x94, 0x62, 0x10, 0xce, 0x6d, 0x1b, 0x16, 0x92, 0xd7, 0x39, 0x2a, 0xc8, 0x4a, - 0x8b, 0xc8, 0xf0, 0x3b, 0x72, 0x72, 0x3c, 0x7d, 0x36, 0x72, 0x1b, 0x80, 0x9a, 0x79, - 0xc9, 0xd6, 0xe4, 0x5b, - ], - ak: [ - 0x82, 0xff, 0x5e, 0xff, 0xc5, 0x27, 0xae, 0x84, 0x02, 0x0b, 0xf2, 0xd3, 0x52, 0x01, - 0xc1, 0x02, 0x19, 0x13, 0x19, 0x47, 0xff, 0x4b, 0x96, 0xf8, 0x81, 0xa4, 0x5f, 0x2e, - 0x8a, 0xe3, 0x05, 0x18, - ], - nk: [ - 0xc4, 0x53, 0x4d, 0x84, 0x8b, 0xb9, 0x18, 0xcf, 0x4a, 0x7f, 0x8b, 0x98, 0x74, 0x0a, - 0xb3, 0xcc, 0xee, 0x58, 0x67, 0x95, 0xff, 0x4d, 0xf6, 0x45, 0x47, 0xa8, 0x88, 0x8a, - 0x6c, 0x74, 0x15, 0xd2, - ], - ivk: [ - 0xc5, 0x18, 0x38, 0x44, 0x66, 0xb2, 0x69, 0x88, 0xb5, 0x10, 0x90, 0x67, 0x41, 0x8d, - 0x19, 0x2d, 0x9d, 0x6b, 0xd0, 0xd9, 0x23, 0x22, 0x05, 0xd7, 0x74, 0x18, 0xc2, 0x40, - 0xfc, 0x68, 0xa4, 0x06, - ], - default_d: [ - 0xae, 0xf1, 0x80, 0xf6, 0xe3, 0x4e, 0x35, 0x4b, 0x88, 0x8f, 0x81, - ], - default_pk_d: [ - 0xa6, 0xb1, 0x3e, 0xa3, 0x36, 0xdd, 0xb7, 0xa6, 0x7b, 0xb0, 0x9a, 0x0e, 0x68, 0xe9, - 0xd3, 0xcf, 0xb3, 0x92, 0x10, 0x83, 0x1e, 0xa3, 0xa2, 0x96, 0xba, 0x09, 0xa9, 0x22, - 0x06, 0x0f, 0xd3, 0x8b, - ], - note_v: 12227227834928555328, - note_r: [ - 0x47, 0x8b, 0xa0, 0xee, 0x6e, 0x1a, 0x75, 0xb6, 0x00, 0x03, 0x6f, 0x26, 0xf1, 0x8b, - 0x70, 0x15, 0xab, 0x55, 0x6b, 0xed, 0xdf, 0x8b, 0x96, 0x02, 0x38, 0x86, 0x9f, 0x89, - 0xdd, 0x80, 0x4e, 0x06, - ], - note_cm: [ - 0xb5, 0x78, 0x93, 0x50, 0x0b, 0xfb, 0x85, 0xdf, 0x2e, 0x8b, 0x01, 0xac, 0x45, 0x2f, - 0x89, 0xe1, 0x0e, 0x26, 0x6b, 0xcf, 0xa3, 0x1c, 0x31, 0xb2, 0x9a, 0x53, 0xae, 0x72, - 0xca, 0xd4, 0x69, 0x50, - ], - note_pos: 763714296, - note_nf: [ - 0x67, 0x9e, 0xb0, 0xc3, 0xa7, 0x57, 0xe2, 0xae, 0x83, 0xcd, 0xb4, 0x2a, 0x1a, 0xb2, - 0x59, 0xd7, 0x83, 0x88, 0x31, 0x54, 0x19, 0xad, 0xc7, 0x1d, 0x2e, 0x37, 0x63, 0x17, - 0x4c, 0x2e, 0x9d, 0x93, - ], - }, - TestVector { - sk: [ - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, - ], - ask: [ - 0xee, 0x1c, 0x3d, 0x7e, 0xfe, 0x0a, 0x78, 0x06, 0x3d, 0x6a, 0xf3, 0xd9, 0xd8, 0x12, - 0x12, 0xaf, 0x47, 0xb7, 0xc1, 0xb7, 0x61, 0xf8, 0x5c, 0xcb, 0x06, 0x6f, 0xc1, 0x1a, - 0x6a, 0x42, 0x17, 0x03, - ], - nsk: [ - 0x1d, 0x3b, 0x71, 0x37, 0x55, 0xd7, 0x48, 0x75, 0xe8, 0xea, 0x38, 0xfd, 0x16, 0x6e, - 0x76, 0xc6, 0x2a, 0x42, 0x50, 0x21, 0x6e, 0x6b, 0xbf, 0xe4, 0x8a, 0x5e, 0x2e, 0xab, - 0xad, 0x11, 0x7f, 0x0b, - ], - ovk: [ - 0x8b, 0xf4, 0x39, 0x0e, 0x28, 0xdd, 0xc9, 0x5b, 0x83, 0x02, 0xc3, 0x81, 0xd5, 0x81, - 0x0b, 0x84, 0xba, 0x8e, 0x60, 0x96, 0xe5, 0xa7, 0x68, 0x22, 0x77, 0x4f, 0xd4, 0x9f, - 0x49, 0x1e, 0x8f, 0x49, - ], - ak: [ - 0xab, 0x83, 0x57, 0x4e, 0xb5, 0xde, 0x85, 0x9a, 0x0a, 0xb8, 0x62, 0x9d, 0xec, 0x34, - 0xc7, 0xbe, 0xe8, 0xc3, 0xfc, 0x74, 0xdf, 0xa0, 0xb1, 0x9a, 0x3a, 0x74, 0x68, 0xd1, - 0x5d, 0xca, 0x64, 0xc6, - ], - nk: [ - 0x95, 0xd5, 0x80, 0x53, 0xe0, 0x59, 0x2e, 0x4a, 0x16, 0x9c, 0xc0, 0xb7, 0x92, 0x8a, - 0xaa, 0xc3, 0xde, 0x24, 0xef, 0x15, 0x31, 0xaa, 0x9e, 0xb6, 0xf4, 0xab, 0x93, 0x91, - 0x4d, 0xa8, 0xa0, 0x6e, - ], - ivk: [ - 0x47, 0x1c, 0x24, 0xa3, 0xdc, 0x87, 0x30, 0xe7, 0x50, 0x36, 0xc0, 0xa9, 0x5f, 0x3e, - 0x2f, 0x7d, 0xd1, 0xbe, 0x6f, 0xb9, 0x3a, 0xd2, 0x95, 0x92, 0x20, 0x3d, 0xef, 0x30, - 0x41, 0x95, 0x45, 0x05, - ], - default_d: [ - 0x75, 0x99, 0xf0, 0xbf, 0x9b, 0x57, 0xcd, 0x2d, 0xc2, 0x99, 0xb6, - ], - default_pk_d: [ - 0x66, 0x14, 0x17, 0x39, 0x51, 0x4b, 0x28, 0xf0, 0x5d, 0xef, 0x8a, 0x18, 0xee, 0xee, - 0x5e, 0xed, 0x4d, 0x44, 0xc6, 0x22, 0x5c, 0x3c, 0x65, 0xd8, 0x8d, 0xd9, 0x90, 0x77, - 0x08, 0x01, 0x2f, 0x5a, - ], - note_v: 6007711596147559040, - note_r: [ - 0x14, 0x7c, 0xf2, 0xb5, 0x1b, 0x4c, 0x7c, 0x63, 0xcb, 0x77, 0xb9, 0x9e, 0x8b, 0x78, - 0x3e, 0x5b, 0x51, 0x11, 0xdb, 0x0a, 0x7c, 0xa0, 0x4d, 0x6c, 0x01, 0x4a, 0x1d, 0x7d, - 0xa8, 0x3b, 0xae, 0x0a, - ], - note_cm: [ - 0xdb, 0x85, 0xa7, 0x0a, 0x98, 0x43, 0x7f, 0x73, 0x16, 0x7f, 0xc3, 0x32, 0xd5, 0xb7, - 0xb7, 0x40, 0x82, 0x96, 0x66, 0x17, 0x70, 0xb1, 0x01, 0xb0, 0xaa, 0x87, 0x83, 0x9f, - 0x4e, 0x55, 0xf1, 0x51, - ], - note_pos: 1527428592, - note_nf: [ - 0xe9, 0x8f, 0x6a, 0x8f, 0x34, 0xff, 0x49, 0x80, 0x59, 0xb3, 0xc7, 0x31, 0xb9, 0x1f, - 0x45, 0x11, 0x08, 0xc4, 0x95, 0x4d, 0x91, 0x94, 0x84, 0x36, 0x1c, 0xf9, 0xb4, 0x8f, - 0x59, 0xae, 0x1d, 0x14, - ], - }, - TestVector { - sk: [ - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, - ], - ask: [ - 0x00, 0xc3, 0xa1, 0xe1, 0xca, 0x8f, 0x4e, 0x04, 0x80, 0xee, 0x1e, 0xe9, 0x0c, 0xa7, - 0x51, 0x78, 0x79, 0xd3, 0xfc, 0x5c, 0x81, 0x5c, 0x09, 0x03, 0xe5, 0xee, 0xbc, 0x94, - 0xbb, 0x80, 0x95, 0x03, - ], - nsk: [ - 0xe6, 0x62, 0x85, 0xa5, 0xe9, 0xb6, 0x5e, 0x15, 0x7a, 0xd2, 0xfc, 0xd5, 0x43, 0xda, - 0xd9, 0x8c, 0x67, 0xa5, 0x8a, 0xbd, 0xf2, 0x87, 0xe0, 0x55, 0x06, 0xbd, 0x1c, 0x2e, - 0x59, 0xb0, 0x72, 0x0b, - ], - ovk: [ - 0x14, 0x76, 0x78, 0xe0, 0x55, 0x3b, 0x97, 0x82, 0x93, 0x47, 0x64, 0x7c, 0x5b, 0xc7, - 0xda, 0xb4, 0xcc, 0x22, 0x02, 0xb5, 0x4e, 0xc2, 0x9f, 0xd3, 0x1a, 0x3d, 0xe6, 0xbe, - 0x08, 0x25, 0xfc, 0x5e, - ], - ak: [ - 0x3c, 0x9c, 0xde, 0x7e, 0x5d, 0x0d, 0x38, 0xa8, 0x61, 0x0f, 0xaa, 0xdb, 0xcf, 0x4c, - 0x34, 0x3f, 0x5d, 0x3c, 0xfa, 0x31, 0x55, 0xa5, 0xb9, 0x46, 0x61, 0xa6, 0x75, 0x3e, - 0x96, 0xe8, 0x84, 0xea, - ], - nk: [ - 0xb7, 0x7d, 0x36, 0xf5, 0x08, 0x94, 0x1d, 0xbd, 0x61, 0xcf, 0xd0, 0xf1, 0x59, 0xee, - 0x05, 0xcf, 0xaa, 0x78, 0xa2, 0x6c, 0x94, 0x92, 0x90, 0x38, 0x06, 0xd8, 0x3b, 0x59, - 0x8d, 0x3c, 0x1c, 0x2a, - ], - ivk: [ - 0x63, 0x6a, 0xa9, 0x64, 0xbf, 0xc2, 0x3c, 0xe4, 0xb1, 0xfc, 0xf7, 0xdf, 0xc9, 0x91, - 0x79, 0xdd, 0xc4, 0x06, 0xff, 0x55, 0x40, 0x0c, 0x92, 0x95, 0xac, 0xfc, 0x14, 0xf0, - 0x31, 0xc7, 0x26, 0x00, - ], - default_d: [ - 0x1b, 0x81, 0x61, 0x4f, 0x1d, 0xad, 0xea, 0x0f, 0x8d, 0x0a, 0x58, - ], - default_pk_d: [ - 0x25, 0xeb, 0x55, 0xfc, 0xcf, 0x76, 0x1f, 0xc6, 0x4e, 0x85, 0xa5, 0x88, 0xef, 0xe6, - 0xea, 0xd7, 0x83, 0x2f, 0xb1, 0xf0, 0xf7, 0xa8, 0x31, 0x65, 0x89, 0x5b, 0xdf, 0xf9, - 0x42, 0x92, 0x5f, 0x5c, - ], - note_v: 18234939431076114368, - note_r: [ - 0x34, 0xa4, 0xb2, 0xa9, 0x14, 0x4f, 0xf5, 0xea, 0x54, 0xef, 0xee, 0x87, 0xcf, 0x90, - 0x1b, 0x5b, 0xed, 0x5e, 0x35, 0xd2, 0x1f, 0xbb, 0xd7, 0x88, 0xd5, 0xbd, 0x9d, 0x83, - 0x3e, 0x11, 0x28, 0x04, - ], - note_cm: [ - 0xe0, 0x8c, 0xe4, 0x82, 0xb3, 0xa8, 0xfb, 0x3b, 0x35, 0xcc, 0xdb, 0xe3, 0x43, 0x37, - 0xbd, 0x10, 0x5d, 0x88, 0x39, 0x21, 0x2e, 0x0d, 0x16, 0x44, 0xb9, 0xd5, 0x5c, 0xaa, - 0x60, 0xd1, 0x9b, 0x6c, - ], - note_pos: 2291142888, - note_nf: [ - 0x55, 0x47, 0xaa, 0x12, 0xff, 0x80, 0xa6, 0xb3, 0x30, 0x4e, 0x3b, 0x05, 0x86, 0x56, - 0x47, 0x2a, 0xbd, 0x2c, 0x81, 0x83, 0xb5, 0x9d, 0x07, 0x37, 0xb9, 0x3c, 0xee, 0x75, - 0x8b, 0xec, 0x47, 0xa1, - ], - }, - TestVector { - sk: [ - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, - ], - ask: [ - 0x82, 0x36, 0xd1, 0x9d, 0x32, 0x05, 0xd8, 0x55, 0x43, 0xa0, 0x68, 0x11, 0x34, 0x3f, - 0x82, 0x7b, 0x65, 0x63, 0x77, 0x0a, 0x49, 0xaa, 0x4d, 0x0c, 0xa0, 0x08, 0x18, 0x05, - 0xd4, 0xc8, 0xea, 0x0d, - ], - nsk: [ - 0x7e, 0xc1, 0xef, 0x0b, 0xed, 0x82, 0x71, 0x82, 0x72, 0xf0, 0xf4, 0x4f, 0x01, 0x7c, - 0x48, 0x41, 0x74, 0x51, 0x3d, 0x66, 0x1d, 0xd1, 0x68, 0xaf, 0x02, 0xd2, 0x09, 0x2a, - 0x1d, 0x8a, 0x05, 0x07, - ], - ovk: [ - 0x1b, 0x6e, 0x75, 0xec, 0xe3, 0xac, 0xe8, 0xdb, 0xa6, 0xa5, 0x41, 0x0d, 0x9a, 0xd4, - 0x75, 0x56, 0x68, 0xe4, 0xb3, 0x95, 0x85, 0xd6, 0x35, 0xec, 0x1d, 0xa7, 0xc8, 0xdc, - 0xfd, 0x5f, 0xc4, 0xed, - ], - ak: [ - 0x55, 0xe8, 0x83, 0x89, 0xbb, 0x7e, 0x41, 0xde, 0x13, 0x0c, 0xfa, 0x51, 0xa8, 0x71, - 0x5f, 0xde, 0x01, 0xff, 0x9c, 0x68, 0x76, 0x64, 0x7f, 0x01, 0x75, 0xad, 0x34, 0xf0, - 0x58, 0xdd, 0xe0, 0x1a, - ], - nk: [ - 0x72, 0x5d, 0x4a, 0xd6, 0xa1, 0x50, 0x21, 0xcd, 0x1c, 0x48, 0xc5, 0xee, 0x19, 0xde, - 0x6c, 0x1e, 0x76, 0x8a, 0x2c, 0xc0, 0xa9, 0xa7, 0x30, 0xa0, 0x1b, 0xb2, 0x1c, 0x95, - 0xe3, 0xd9, 0xe4, 0x3c, - ], - ivk: [ - 0x67, 0xfa, 0x2b, 0xf7, 0xc6, 0x7d, 0x46, 0x58, 0x24, 0x3c, 0x31, 0x7c, 0x0c, 0xb4, - 0x1f, 0xd3, 0x20, 0x64, 0xdf, 0xd3, 0x70, 0x9f, 0xe0, 0xdc, 0xb7, 0x24, 0xf1, 0x4b, - 0xb0, 0x1a, 0x1d, 0x04, - ], - default_d: [ - 0xfc, 0xfb, 0x68, 0xa4, 0x0d, 0x4b, 0xc6, 0xa0, 0x4b, 0x09, 0xc4, - ], - default_pk_d: [ - 0x8b, 0x2a, 0x33, 0x7f, 0x03, 0x62, 0x2c, 0x24, 0xff, 0x38, 0x1d, 0x4c, 0x54, 0x6f, - 0x69, 0x77, 0xf9, 0x05, 0x22, 0xe9, 0x2f, 0xde, 0x44, 0xc9, 0xd1, 0xbb, 0x09, 0x97, - 0x14, 0xb9, 0xdb, 0x2b, - ], - note_v: 12015423192295118080, - note_r: [ - 0xe5, 0x57, 0x85, 0x13, 0x55, 0x74, 0x7c, 0x09, 0xac, 0x59, 0x01, 0x3c, 0xbd, 0xe8, - 0x59, 0x80, 0x96, 0x4e, 0xc1, 0x84, 0x4d, 0x9c, 0x69, 0x67, 0xca, 0x0c, 0x02, 0x9c, - 0x84, 0x57, 0xbb, 0x04, - ], - note_cm: [ - 0xbd, 0xc8, 0x54, 0xbf, 0x3e, 0x7b, 0x00, 0x82, 0x1f, 0x3b, 0x8b, 0x85, 0x23, 0x8c, - 0xcf, 0x1e, 0x67, 0x15, 0xbf, 0xe7, 0x0b, 0x63, 0x2d, 0x04, 0x4b, 0x26, 0xfb, 0x2b, - 0xc7, 0x1b, 0x7f, 0x36, - ], - note_pos: 3054857184, - note_nf: [ - 0x8a, 0x9a, 0xbd, 0xa3, 0xd4, 0xef, 0x85, 0xca, 0xf2, 0x2b, 0xfa, 0xf2, 0xc4, 0x8f, - 0x62, 0x38, 0x2a, 0x73, 0xa1, 0x62, 0x4e, 0xb8, 0xeb, 0x2b, 0xd0, 0x0d, 0x27, 0x03, - 0x01, 0xbf, 0x3d, 0x13, - ], - }, - TestVector { - sk: [ - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, - ], - ask: [ - 0xea, 0xe6, 0x88, 0x4d, 0x76, 0x4a, 0x05, 0x40, 0x61, 0xa8, 0xf1, 0xc0, 0x07, 0x6c, - 0x62, 0x4d, 0xcb, 0x73, 0x87, 0x89, 0xf7, 0xad, 0x1e, 0x74, 0x08, 0xe3, 0x1f, 0x24, - 0xdf, 0xc8, 0x26, 0x07, - ], - nsk: [ - 0xfb, 0xe6, 0x10, 0xf4, 0x2a, 0x41, 0x74, 0x9f, 0x9b, 0x6e, 0x6e, 0x4a, 0x54, 0xb5, - 0xa3, 0x2e, 0xbf, 0xe8, 0xf4, 0x38, 0x00, 0x88, 0x1b, 0xa6, 0xcd, 0x13, 0xed, 0x0b, - 0x05, 0x29, 0x46, 0x01, - ], - ovk: [ - 0xc6, 0xbc, 0x1f, 0x39, 0xf0, 0xd7, 0x86, 0x31, 0x4c, 0xb2, 0x0b, 0xf9, 0xab, 0x22, - 0x85, 0x40, 0x91, 0x35, 0x55, 0xf9, 0x70, 0x69, 0x6b, 0x6d, 0x7c, 0x77, 0xbb, 0x33, - 0x23, 0x28, 0x37, 0x2a, - ], - ak: [ - 0xe6, 0x82, 0x76, 0x59, 0x14, 0xe3, 0x86, 0x4c, 0x33, 0x9e, 0x57, 0x82, 0xb8, 0x55, - 0xc0, 0xfd, 0xf4, 0x0e, 0x0d, 0xfc, 0xed, 0xb9, 0xe7, 0xb4, 0x7b, 0xc9, 0x4b, 0x90, - 0xb3, 0xa4, 0xc9, 0x88, - ], - nk: [ - 0x82, 0x25, 0x6b, 0x95, 0x62, 0x3c, 0x67, 0x02, 0x4b, 0x44, 0x24, 0xd9, 0x14, 0x00, - 0xa3, 0x70, 0xe7, 0xac, 0x8e, 0x4d, 0x15, 0x48, 0x2a, 0x37, 0x59, 0xe0, 0x0d, 0x21, - 0x97, 0x49, 0xda, 0xee, - ], - ivk: [ - 0xea, 0x3f, 0x1d, 0x80, 0xe4, 0x30, 0x7c, 0xa7, 0x3b, 0x9f, 0x37, 0x80, 0x1f, 0x91, - 0xfb, 0xa8, 0x10, 0xcc, 0x41, 0xd2, 0x79, 0xfc, 0x29, 0xf5, 0x64, 0x23, 0x56, 0x54, - 0xa2, 0x17, 0x8e, 0x03, - ], - default_d: [ - 0xeb, 0x51, 0x98, 0x82, 0xad, 0x1e, 0x5c, 0xc6, 0x54, 0xcd, 0x59, - ], - default_pk_d: [ - 0x6b, 0x27, 0xda, 0xcc, 0xb5, 0xa8, 0x20, 0x7f, 0x53, 0x2d, 0x10, 0xca, 0x23, 0x8f, - 0x97, 0x86, 0x64, 0x8a, 0x11, 0xb5, 0x96, 0x6e, 0x51, 0xa2, 0xf7, 0xd8, 0x9e, 0x15, - 0xd2, 0x9b, 0x8f, 0xdf, - ], - note_v: 5795906953514121792, - note_r: [ - 0x68, 0xf0, 0x61, 0x04, 0x60, 0x6b, 0x0c, 0x54, 0x49, 0x84, 0x5f, 0xf4, 0xc6, 0x5f, - 0x73, 0xe9, 0x0f, 0x45, 0xef, 0x5a, 0x43, 0xc9, 0xd7, 0x4c, 0xb2, 0xc8, 0x5c, 0xf5, - 0x6c, 0x94, 0xc0, 0x02, - ], - note_cm: [ - 0xe8, 0x26, 0x7d, 0x30, 0xac, 0x11, 0xc1, 0x00, 0xbc, 0x7a, 0x0f, 0xdf, 0x91, 0xf7, - 0x1d, 0x74, 0xc5, 0xbc, 0xf2, 0xe1, 0xef, 0x95, 0x66, 0x90, 0x44, 0x73, 0x01, 0x69, - 0xde, 0x1a, 0x5b, 0x4c, - ], - note_pos: 3818571480, - note_nf: [ - 0x33, 0x2a, 0xd9, 0x9e, 0xb9, 0xe9, 0x77, 0xeb, 0x62, 0x7a, 0x12, 0x2d, 0xbf, 0xb2, - 0xf2, 0x5f, 0xe5, 0x88, 0xe5, 0x97, 0x75, 0x3e, 0xc5, 0x58, 0x0f, 0xf2, 0xbe, 0x20, - 0xb6, 0xc9, 0xa7, 0xe1, - ], - }, - TestVector { - sk: [ - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, - ], - ask: [ - 0xe8, 0xf8, 0x16, 0xb4, 0xbc, 0x08, 0xa7, 0xe5, 0x66, 0x75, 0x0c, 0xc2, 0x8a, 0xfe, - 0x82, 0xa4, 0xce, 0xa9, 0xc2, 0xbe, 0xf2, 0x44, 0xfa, 0x4b, 0x13, 0xc4, 0x73, 0x9b, - 0x28, 0x07, 0x4c, 0x0d, - ], - nsk: [ - 0x32, 0x61, 0x5b, 0x13, 0x7f, 0x28, 0x01, 0xed, 0x44, 0x6e, 0x48, 0x78, 0x1a, 0xb0, - 0x63, 0x45, 0x72, 0xe1, 0x8c, 0xfb, 0x06, 0x93, 0x72, 0x1b, 0x88, 0x03, 0xc0, 0x5b, - 0x82, 0x27, 0xd1, 0x07, - ], - ovk: [ - 0xf6, 0x2c, 0x05, 0xe8, 0x48, 0xa8, 0x73, 0xef, 0x88, 0x5e, 0x12, 0xb0, 0x8c, 0x5e, - 0x7c, 0xa2, 0xf3, 0x24, 0x24, 0xba, 0xcc, 0x75, 0x4c, 0xb6, 0x97, 0x50, 0x44, 0x4d, - 0x35, 0x5f, 0x51, 0x06, - ], - ak: [ - 0xff, 0x27, 0xdb, 0x07, 0x51, 0x94, 0x5d, 0x3e, 0xe4, 0xbe, 0x9c, 0xf1, 0x5c, 0x2e, - 0xa2, 0x11, 0xb2, 0x4b, 0x16, 0x4d, 0x5f, 0x2d, 0x7d, 0xdf, 0xf5, 0xe4, 0xa0, 0x70, - 0x8f, 0x10, 0xb9, 0x5e, - ], - nk: [ - 0x94, 0x38, 0x85, 0x95, 0x9d, 0x4e, 0xf8, 0xa9, 0xcf, 0xca, 0x07, 0xc4, 0x57, 0xf0, - 0x9e, 0xc7, 0x4b, 0x96, 0xf9, 0x93, 0xd8, 0xe0, 0xfa, 0x32, 0xb1, 0x9c, 0x03, 0xe3, - 0xb0, 0x7a, 0x42, 0x0f, - ], - ivk: [ - 0xb5, 0xc5, 0x89, 0x49, 0x43, 0x95, 0x69, 0x33, 0xc0, 0xe5, 0xc1, 0x2d, 0x31, 0x1f, - 0xc1, 0x2c, 0xba, 0x58, 0x35, 0x4b, 0x5c, 0x38, 0x9e, 0xdc, 0x03, 0xda, 0x55, 0x08, - 0x4f, 0x74, 0xc2, 0x05, - ], - default_d: [ - 0xbe, 0xbb, 0x0f, 0xb4, 0x6b, 0x8a, 0xaf, 0xf8, 0x90, 0x40, 0xf6, - ], - default_pk_d: [ - 0xd1, 0x1d, 0xa0, 0x1f, 0x0b, 0x43, 0xbd, 0xd5, 0x28, 0x8d, 0x32, 0x38, 0x5b, 0x87, - 0x71, 0xd2, 0x23, 0x49, 0x3c, 0x69, 0x80, 0x25, 0x44, 0x04, 0x3f, 0x77, 0xcf, 0x1d, - 0x71, 0xc1, 0xcb, 0x8c, - ], - note_v: 18023134788442677120, - note_r: [ - 0x49, 0xf9, 0x0b, 0x47, 0xfd, 0x52, 0xfe, 0xe7, 0xc1, 0xc8, 0x1f, 0x0d, 0xcb, 0x5b, - 0x74, 0xc3, 0xfb, 0x9b, 0x3e, 0x03, 0x97, 0x6f, 0x8b, 0x75, 0x24, 0xea, 0xba, 0xd0, - 0x08, 0x89, 0x21, 0x07, - ], - note_cm: [ - 0x57, 0x2b, 0xa2, 0x05, 0x25, 0xb0, 0xac, 0x4d, 0x6d, 0xc0, 0x1a, 0xc2, 0xea, 0x10, - 0x90, 0xb6, 0xe0, 0xf2, 0xf4, 0xbf, 0x4e, 0xc4, 0xa0, 0xdb, 0x5b, 0xbc, 0xcb, 0x5b, - 0x78, 0x3a, 0x1e, 0x55, - ], - note_pos: 287318480, - note_nf: [ - 0xfc, 0x74, 0xcd, 0x0e, 0x4b, 0xe0, 0x49, 0x57, 0xb1, 0x96, 0xcf, 0x87, 0x34, 0xae, - 0x99, 0x23, 0x96, 0xaf, 0x4c, 0xfa, 0x8f, 0xec, 0xbb, 0x86, 0xf9, 0x61, 0xe6, 0xb4, - 0x07, 0xd5, 0x1e, 0x11, - ], - }, - TestVector { - sk: [ - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, - ], - ask: [ - 0x74, 0xb4, 0x4a, 0x37, 0xf1, 0x50, 0x23, 0xc0, 0x60, 0x42, 0x7e, 0x1d, 0xae, 0xa3, - 0xf6, 0x43, 0x12, 0xdd, 0x8f, 0xeb, 0x7b, 0x2c, 0xed, 0xf0, 0xdd, 0x55, 0x44, 0x49, - 0x3f, 0x87, 0x2c, 0x06, - ], - nsk: [ - 0x07, 0x5c, 0x35, 0xdb, 0x8b, 0x1b, 0x25, 0x75, 0x42, 0x23, 0xec, 0xee, 0x34, 0xab, - 0x73, 0x0d, 0xdd, 0xd1, 0xf1, 0x4a, 0x6a, 0x54, 0xf4, 0xc6, 0xf4, 0x68, 0x45, 0x3c, - 0x3c, 0x6e, 0xd6, 0x0b, - ], - ovk: [ - 0xe9, 0xe0, 0xdc, 0x1e, 0xd3, 0x11, 0xda, 0xed, 0x64, 0xbd, 0x74, 0xda, 0x5d, 0x94, - 0xfe, 0x88, 0xa6, 0xea, 0x41, 0x4b, 0x73, 0x12, 0xde, 0x3d, 0x2a, 0x78, 0xf6, 0x46, - 0x32, 0xbb, 0xe3, 0x73, - ], - ak: [ - 0x28, 0x3f, 0x9a, 0xaf, 0xa9, 0xbc, 0xb3, 0xe6, 0xce, 0x17, 0xe6, 0x32, 0x12, 0x63, - 0x4c, 0xb3, 0xee, 0x55, 0x0c, 0x47, 0x6b, 0x67, 0x6b, 0xd3, 0x56, 0xa6, 0xdf, 0x8a, - 0xdf, 0x51, 0xd2, 0x5e, - ], - nk: [ - 0xdc, 0x4c, 0x67, 0xb1, 0x0d, 0x4b, 0x0a, 0x21, 0x8d, 0xc6, 0xe1, 0x48, 0x70, 0x66, - 0x74, 0x0a, 0x40, 0x93, 0x17, 0x86, 0x6c, 0x32, 0xe6, 0x64, 0xb5, 0x0e, 0x39, 0x7a, - 0xa8, 0x03, 0x89, 0xd4, - ], - ivk: [ - 0x87, 0x16, 0xc8, 0x28, 0x80, 0xe1, 0x36, 0x83, 0xe1, 0xbb, 0x05, 0x9d, 0xd0, 0x6c, - 0x80, 0xc9, 0x01, 0x34, 0xa9, 0x6d, 0x5a, 0xfc, 0xa8, 0xaa, 0xc2, 0xbb, 0xf6, 0x8b, - 0xb0, 0x5f, 0x84, 0x02, - ], - default_d: [ - 0xad, 0x6e, 0x2e, 0x18, 0x5a, 0x31, 0x00, 0xe3, 0xa6, 0xa8, 0xb3, - ], - default_pk_d: [ - 0x32, 0xcb, 0x28, 0x06, 0xb8, 0x82, 0xf1, 0x36, 0x8b, 0x0d, 0x4a, 0x89, 0x8f, 0x72, - 0xc4, 0xc8, 0xf7, 0x28, 0x13, 0x2c, 0xc1, 0x24, 0x56, 0x94, 0x6e, 0x7f, 0x4c, 0xb0, - 0xfb, 0x05, 0x8d, 0xa9, - ], - note_v: 11803618549661680832, - note_r: [ - 0x51, 0x65, 0xaf, 0xf2, 0x2d, 0xd4, 0xed, 0x56, 0xb4, 0xd8, 0x1d, 0x1f, 0x17, 0x1c, - 0xc3, 0xd6, 0x43, 0x2f, 0xed, 0x1b, 0xeb, 0xf2, 0x0a, 0x7b, 0xea, 0xb1, 0x2d, 0xb1, - 0x42, 0xf9, 0x4a, 0x0c, - ], - note_cm: [ - 0xab, 0x7f, 0xc5, 0x66, 0x87, 0x3c, 0xcd, 0xe6, 0x71, 0xf5, 0x98, 0x27, 0x67, 0x85, - 0x60, 0xa0, 0x06, 0xf8, 0x2b, 0xb7, 0xad, 0xcd, 0x75, 0x22, 0x3f, 0xa8, 0x59, 0x36, - 0xf7, 0x8c, 0x2b, 0x23, - ], - note_pos: 1051032776, - note_nf: [ - 0xd2, 0xe8, 0x87, 0xbd, 0x85, 0x4a, 0x80, 0x2b, 0xce, 0x85, 0x70, 0x53, 0x02, 0x0f, - 0x5d, 0x3e, 0x7c, 0x8a, 0xe5, 0x26, 0x7c, 0x5b, 0x65, 0x83, 0xb3, 0xd2, 0x12, 0xcc, - 0x8b, 0xb6, 0x98, 0x90, - ], - }, - TestVector { - sk: [ - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, - ], - ask: [ - 0x03, 0x9d, 0xd9, 0x3d, 0xf3, 0x11, 0xff, 0x8f, 0xba, 0xb3, 0xfe, 0x23, 0x02, 0x19, - 0xcd, 0x42, 0xac, 0x87, 0x94, 0x84, 0xf3, 0x0b, 0x90, 0x3a, 0x3c, 0x1e, 0x67, 0xcc, - 0xca, 0x5a, 0x7b, 0x0d, - ], - nsk: [ - 0x04, 0x9f, 0xa1, 0x4f, 0x48, 0x6c, 0x75, 0xb9, 0xfa, 0xd7, 0xe3, 0xb6, 0x73, 0xa4, - 0x43, 0xdd, 0x07, 0x4e, 0xaa, 0x96, 0xed, 0xcb, 0x2a, 0x53, 0xea, 0xaa, 0xbd, 0xaf, - 0x70, 0xff, 0xbb, 0x08, - ], - ovk: [ - 0x14, 0x7d, 0xd1, 0x1d, 0x77, 0xeb, 0xa1, 0xb1, 0x63, 0x6f, 0xd6, 0x19, 0x0c, 0x62, - 0xb9, 0xa5, 0xd0, 0x48, 0x1b, 0xee, 0x7e, 0x91, 0x7f, 0xab, 0x02, 0xe2, 0x18, 0x58, - 0x06, 0x3a, 0xb5, 0x04, - ], - ak: [ - 0x36, 0x40, 0x48, 0xee, 0xdb, 0xe8, 0xca, 0x20, 0x5e, 0xb7, 0xe7, 0xba, 0x0a, 0x90, - 0x12, 0x16, 0x6c, 0x7c, 0x7b, 0xd9, 0xeb, 0x22, 0x8e, 0x08, 0x48, 0x14, 0x48, 0xc4, - 0x88, 0xaa, 0x21, 0xd2, - ], - nk: [ - 0xed, 0x60, 0xaf, 0x1c, 0xe7, 0xdf, 0x38, 0x07, 0x0d, 0x38, 0x51, 0x43, 0x2a, 0x96, - 0x48, 0x0d, 0xb0, 0xb4, 0x17, 0xc3, 0x68, 0x2a, 0x1d, 0x68, 0xe3, 0xe8, 0x93, 0x34, - 0x23, 0x5c, 0x0b, 0xdf, - ], - ivk: [ - 0x99, 0xc9, 0xb4, 0xb8, 0x4f, 0x4b, 0x4e, 0x35, 0x0f, 0x78, 0x7d, 0x1c, 0xf7, 0x05, - 0x1d, 0x50, 0xec, 0xc3, 0x4b, 0x1a, 0x5b, 0x20, 0xd2, 0xd2, 0x13, 0x9b, 0x4a, 0xf1, - 0xf1, 0x60, 0xe0, 0x01, - ], - default_d: [ - 0x21, 0xc9, 0x0e, 0x1c, 0x65, 0x8b, 0x3e, 0xfe, 0x86, 0xaf, 0x58, - ], - default_pk_d: [ - 0x9e, 0x64, 0x17, 0x4b, 0x4a, 0xb9, 0x81, 0x40, 0x5c, 0x32, 0x3b, 0x5e, 0x12, 0x47, - 0x59, 0x45, 0xa4, 0x6d, 0x4f, 0xed, 0xf8, 0x06, 0x08, 0x28, 0x04, 0x1c, 0xd2, 0x0e, - 0x62, 0xfd, 0x2c, 0xef, - ], - note_v: 5584102310880684544, - note_r: [ - 0x8c, 0x3e, 0x56, 0x44, 0x9d, 0xc8, 0x63, 0x54, 0xd3, 0x3b, 0x02, 0x5e, 0xf2, 0x79, - 0x34, 0x60, 0xbc, 0xb1, 0x69, 0xf3, 0x32, 0x4e, 0x4a, 0x6b, 0x64, 0xba, 0xa6, 0x08, - 0x32, 0x31, 0x57, 0x04, - ], - note_cm: [ - 0x7b, 0x48, 0xa8, 0x37, 0x5d, 0x3e, 0xbd, 0x56, 0xbc, 0x64, 0x9b, 0xb5, 0xb5, 0x24, - 0x23, 0x36, 0xc2, 0xa0, 0x5a, 0x08, 0x03, 0x23, 0x9b, 0x5b, 0x88, 0xfd, 0x92, 0x07, - 0x8f, 0xea, 0x4d, 0x04, - ], - note_pos: 1814747072, - note_nf: [ - 0xa8, 0x2f, 0x17, 0x50, 0xcc, 0x5b, 0x2b, 0xee, 0x64, 0x9a, 0x36, 0x5c, 0x04, 0x20, - 0xed, 0x87, 0x07, 0x5b, 0x88, 0x71, 0xfd, 0xa4, 0xa7, 0xf5, 0x84, 0x0d, 0x6b, 0xbe, - 0xb1, 0x7c, 0xd6, 0x20, - ], - }, - TestVector { - sk: [ - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, - ], - ask: [ - 0xeb, 0xbb, 0x40, 0xa9, 0x80, 0xba, 0x3b, 0x88, 0x60, 0x94, 0x8d, 0x01, 0x1e, 0x1b, - 0xfb, 0x4a, 0xff, 0xe1, 0x6c, 0x65, 0x2e, 0x90, 0xe9, 0x82, 0x58, 0x30, 0x2f, 0x44, - 0x64, 0xc9, 0x1e, 0x0c, - ], - nsk: [ - 0x68, 0x43, 0x1b, 0x19, 0x91, 0x04, 0x21, 0x52, 0x00, 0xb9, 0x5e, 0xe5, 0xcb, 0x71, - 0xbf, 0x8b, 0x88, 0x3a, 0x3e, 0x95, 0xb7, 0x98, 0x9c, 0xad, 0x19, 0x70, 0x63, 0x14, - 0x1e, 0xbb, 0xfd, 0x00, - ], - ovk: [ - 0x57, 0x34, 0x67, 0xa7, 0xb3, 0x0e, 0xad, 0x6c, 0xcc, 0x50, 0x47, 0x44, 0xca, 0x9e, - 0x1a, 0x28, 0x1a, 0x0d, 0x1a, 0x08, 0x73, 0x8b, 0x06, 0xa0, 0x68, 0x4f, 0xea, 0xcd, - 0x1e, 0x9d, 0x12, 0x6d, - ], - ak: [ - 0x71, 0xc3, 0x52, 0x3e, 0xec, 0xa3, 0x53, 0x11, 0xfb, 0xd5, 0xd7, 0xe7, 0xd7, 0x0b, - 0x70, 0x9d, 0x6c, 0x35, 0xa2, 0x4f, 0x26, 0x2b, 0x34, 0xbf, 0x64, 0x05, 0x9b, 0xf2, - 0xc0, 0x2e, 0x0b, 0xa8, - ], - nk: [ - 0x62, 0x44, 0x00, 0x10, 0x3b, 0x65, 0x69, 0xb7, 0x35, 0x8f, 0xe8, 0x0f, 0x6f, 0x6c, - 0xad, 0x43, 0x25, 0xde, 0xfd, 0xa9, 0xd9, 0x49, 0x9c, 0x2b, 0x8f, 0x88, 0x6a, 0x62, - 0x69, 0xa2, 0xaa, 0x52, - ], - ivk: [ - 0xdb, 0x95, 0xea, 0x8b, 0xd9, 0xf9, 0x3d, 0x41, 0xb5, 0xab, 0x2b, 0xeb, 0xc9, 0x1a, - 0x38, 0xed, 0xd5, 0x27, 0x08, 0x3e, 0x2a, 0x6e, 0xf9, 0xf3, 0xc2, 0x97, 0x02, 0xd5, - 0xff, 0x89, 0xed, 0x00, - ], - default_d: [ - 0x23, 0x3c, 0x4a, 0xb8, 0x86, 0xa5, 0x5e, 0x3b, 0xa3, 0x74, 0xc0, - ], - default_pk_d: [ - 0xb6, 0x8e, 0x9e, 0xe0, 0xc0, 0x67, 0x8d, 0x7b, 0x30, 0x36, 0x93, 0x1c, 0x83, 0x1a, - 0x25, 0x25, 0x5f, 0x7e, 0xe4, 0x87, 0x38, 0x5a, 0x30, 0x31, 0x6e, 0x15, 0xf6, 0x48, - 0x2b, 0x87, 0x4f, 0xda, - ], - note_v: 17811330145809239872, - note_r: [ - 0x6e, 0xbb, 0xed, 0x74, 0x36, 0x19, 0xa2, 0x56, 0xf9, 0xad, 0x2e, 0x85, 0x88, 0x0c, - 0xfa, 0xa9, 0x09, 0x8a, 0x5f, 0xdb, 0x16, 0x29, 0x99, 0x0d, 0x9a, 0x7d, 0x3b, 0xb9, - 0x3f, 0xc9, 0x00, 0x03, - ], - note_cm: [ - 0xd3, 0x76, 0xa7, 0xbe, 0xe8, 0xce, 0x67, 0xf4, 0xef, 0xde, 0x56, 0xaa, 0x77, 0xcf, - 0x64, 0x41, 0x9b, 0x0e, 0x55, 0x0a, 0xbb, 0xcb, 0x8e, 0x2b, 0xcb, 0xda, 0x8b, 0x63, - 0xe4, 0x1d, 0xeb, 0x37, - ], - note_pos: 2578461368, - note_nf: [ - 0x65, 0x36, 0x74, 0x87, 0x3b, 0x3c, 0x67, 0x0c, 0x58, 0x85, 0x84, 0x73, 0xe7, 0xfe, - 0x72, 0x19, 0x72, 0xfb, 0x96, 0xe2, 0x15, 0xb8, 0x73, 0x77, 0xa1, 0x7c, 0xa3, 0x71, - 0x0d, 0x93, 0xc9, 0xe9, - ], - }, - ]; - - for tv in test_vectors { - // Compute commitment and compare with test vector - let mut result = [0u8; 32]; - assert!(librustzcash_sapling_compute_cm( - &tv.default_d, - &tv.default_pk_d, - tv.note_v, - &tv.note_r, - &mut result - )); - assert_eq!(&result, &tv.note_cm); - - // Compute nullifier and compare with test vector - assert!(librustzcash_sapling_compute_nf( - &tv.default_d, - &tv.default_pk_d, - tv.note_v, - &tv.note_r, - &tv.ak, - &tv.nk, - tv.note_pos, - &mut result - )); - assert_eq!(&result, &tv.note_nf); - } -} diff --git a/librustzcash/src/tests/res/tree1023.dat b/librustzcash/src/tests/res/tree1023.dat deleted file mode 100644 index bfd79d10e851ff10e1ae67ff8dfcbcd6704e77f1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 153867 zcmcfKc{EmE`#*5EF_9=FQBjmago+{+X^^=AB}%g)DnlWnk||0e5=ttCl2jTHsSG6* z2}L0(LzD5;Z@-`Q^sn<<>-*Sy-FrQMoO{`?&-+}ibKM>vA1;b;3g666gN$p+^T+nfIf*SWa`Zlr!c%(p8!Ml|biPF>zKPo9sPTjqT-z4+i! zbJbCu%n3*dB&0-x#Ni&r_766RykYu(Ibm#X{vTZD;Tgg9Rg}mZW|Iw04BMOk2iJLd z1znP&YNBu7d$cIs%Cdd`?P<5h9E_{pJf*B-OR#gVQR5Ay1QKo<4H6Hp*zqZ8#p+@~ zDm7{w)hP0MtH`3~ zuL8PmuJQAJGFkP^51Sv)U*7QyKrMlUTB1SX8=?9}d}DM%?aQ}?`!-8X{rX1Z`f9y* zXHL9cUGio?VDtE!66i}Hp)b)OaYh)ElZITjx_)%*=`U(iPM+cA-gqGpDgC=?G)RIY zW!e70T*(_SzJXK6_U8Y=bs-^9wy)w%-he3poEEk>{|~MU3ybZS5!yYdwN=_X>*$DN z=~n`pNea(e22>7DXw6ZZD80iTDS?EPXpn@2_3EB0tw%7G)RKNdgP=bS0K5Hi4vTyA>aAGxj1Un7`87IPTqjd4NgDX zoBs#bMMTEF9W%npvZkx$&C+f@t%>ga5gy%1`*-F2-uX!ALi4%w*GLH@q(p->N<@L} zAM7-FL(+dayd1W7|KG2V9*qyOL#||U6;l8>A{0oXq7rxd73wofrUy6~h!*_)@jYN+ z!aGN6b@SI|<#U8@b(y;%C6I8_XplyWD&4zU9DLGHe!5(GXURjO(k-JI>)xA!Ysarq zv2LHS{fszj2_)1K4bmu46BX5j-y4rsOSp)gKA~yyEB~o^wdT_{$9SuA`PMp{2Heq? z{*7-mNP?naCnA&I@f2V)>s}<%YknrfGLE?zk zkdua7>EtTrZg8Y1l((3e` zEh4%%Tsp96w_&tn+#;zhW^v}z1za6g+ROTfDxj7?LM_oCiHX~h(}rACb`v!;7b=f!a`~d%>DOcM?a}YliZYu^qbH8w zh$AJCkP;1&grpWZZOGM1u41AD$BIHqd#FK<;krGHqi3Vw$ls12yyR_h+TT-dczP{h5I9!-_ zNXTzXR@%lj-Q{9RV|mu2mOw%+(I81kximE#u)h%?S@>7|(1$B4tF*UG7k{<9MxS@p zf-ibMR8}uWUjhkzi3Ukbs*IdAi{l9cQvf(eD3D}iFF(UFdxAGBg#=^oG7IHU4J^27$t zj|cTg2_&RMgET>Ak$Fsuz{qcH83QkvU#@2Bmb!ioTDoE7%iU8aZ`eLZE#ew#2_$^S z(IAbN@ngGjQwRkUB{-2}5BHLlm1jFbg)q>$!8t>LG;!h-l}UN;-Rhk;rBsyE7w)gL zNNZxAcjia5$80UX#GgB_4=I6!lxUD-CmOP)G?!2?zJYUr?BQOMCQW5KVi93r3IHdA z0%`JOh0(Hq99|tO7L`1GMAZ7UXJN%szPQ)}yY|LCaeCW$Gw?f70tqS6AWfRQTw<_o zx%%yZ0bi$7tFAqDyA>Liwq{T8RxJ9v#!qRk^%m3;NT?+mB-zOk>+`aHoKBssr@yV` z>C9tRy^k24)f?_r-@KK&=0eKH^IOrE{*7-mNaH6n!knOMVPi+0kr8|5n|i~+!lts6 zZ*lm@pE1!$iZhwX;wEPexmJ>d@PPoJ+hh;-l9N+pJ7P6q;3)@AAqA4W z{IpY>icc;olYi6idTB)ecr*9E#jSh7lhvAz?RjBnl2TEJaIYy-rn4QfgD@~Lf%Ap}Y3fv^nx{EZsSi)Cot!EEX5`GN=f-~F`5+_HwO{av z#^GiMwXsMEB&0-xG-ay!=Hlh+6y5p`Sx!i?ni`^aCT3KG&dTg<$8 zajEgyTWdM7ICDn3Ww8vU?0B@Qt?ZT6^N;gqO>_=Wj0+yoZ!PLP|79)23TL z7x(MVZ%jMip?_Che$~K$O z{r_B5Qc`7mTPmTTcY`yA0%^vKSzRKDJ#x*WC3#Q#I($7(+`L&7CnU8j_{dX{b<4D` zj5>ytKtf71NJ=v{u%(nqC>Y?tk)e>%%$aIzq&tLzIRG3*3M6G^^@Z=BKZpufaOJbD zUE%Tj^Tt-kH8VAMPR=l8yGneK5=cmi21!K~zdkwSswNx^ zaNrnFNNLtA%^^MHVk6;T4gkl50!d9xtFpXKz+L%@;^zgQlGMs>Fv?m;P$OFlNqt_?5R6oFa- z3AIFnq@q?4d8FSnl>5%c3DsN9I#)JYawX03-1CQf{RO{1*LR(MKIlvT1~?idB{e3D zpQf>NU0IT72#+j$n{?Q<+t@b0|eWnu0--Wf9!P98=8*ou@uLP|79>a(5MQu<3cm@2_>qL7k?#ymEXAYouQ0mp*^NmEmMKvMo@ zMeKv_{7rka8v@c*{6+Tfuh@SghIh4M#FDRznvoJnNQnkXL(}bqOgrbTsn%K%Dbd~PF6B1k?ee3UYfp}NQW1@mKtf71NLq9D zv86PPP%u@36HWGTueoy3lKx~?dG zNcC_-ErEnuqCwJ{*WtM=&2qwFv3I|pA59RBNgmnew5N>!{9M2KS#b{2;$vQ-Fa4V; zX^_=?nUQbVX{JboIM=e*(krGHqi3Vx@f&d<$ zC-w;`QCaPSa)#oWl7ssPpJ}|;Px`KQ*hey(ewVk-u3;2_&RMgS1fp*d1#%#j#s%T)DWje-l@6 ze`eS0RQ;T2(Jq0X+%i7vealfxAfc9MkaYDK5sr+YPeRqD<)-E{ueArA8e2NZ*Spxb z{F7mLIUN+pXg+?KvZMgh_5tTF09E zai{nXVQvD-gi=!K`b-Uv%{$fBMFDA{o8Qaa_IZ&!u|>=1?#I_MdZ#1m^7k2=U0(TL z6n@r3BPlt3CW~Lr_QK23vnlIr?O(bDKM_3lzE}Qywz<*ao=ZB<&V{_+hTmyIQuv)F z8YqrFV=u_o4nheCpH%?rC40EnqD4#DjyOdac>IFH&BONY|NHgDi;YtDOHFka+i_A` zF!jRf>~S2~;LWPaBMMg4UNbXparm$oNLPSjhsD7^MXN+2O6 z8l)u#QJbd=`116eaSZA@I=eYN)5e{vzdhRX{tlN!Pv>_BJz7yqAfc9MkQNy*6Gh>Pn!;o$KL&I}5qrAt=^2z``^STG~6MC-C^LD##(>$qOT zbv5w2RrU&)DLhksgp@!+N;F7@OHZ+-R6;nI!NJj_kdl!R>mRSFBpi%#;OJ2xEnBvV zFLd;;U8<8p0)rY4jNIb8OGVFoTls{BzVu>~6Tf+~S0g2mkP;1&(XzN^-b$;oWnIF4 zo4NVsmp9H#d9tuL?)DqMrw1=K$H0eM&)r6E`ZtBsKrLFv7?UH1Uhl{|@M#60WfbaZ`Erw?L0nwT zgoFMKjs*qMiWR2kLnj;?lYMWNWZvujE$*u$(`xcxy4`Q~o_v=Tz}ZTHWNd7H;PHXN(ytzCs?C$O)~_`4o+o;E zLdQPObLx9<^bTH1LG z)Qas0Il{m!08Ru2l9}0RKV7ByD|y3QM>z6@$Om51ogS!_ySc^vk!r^Hm0BNul_DjO zkP;1&so7<-jeq;xwuYQ#X5_m2xLkiXJxgy>dWE`lQdxUOM5}YYMyxB`j#ceLi9w^TqC-k~?lS%wd zqy!RDqCqmZxW<;!LPEi03C>lrhkIFCu46l5IbmQx0p}J4l9iQp(Y}e%JC|hscqwF| zl6Pip#!V@$`<;^_6wlw%?o-JNPD4r{Atf3lORMXVYwpA!FdV5{zT99@=-t7={_OR0 z45W{HY<3KrvMN2{KeYrBYKaEP+={VdotrEP2IDS3`D73GTD{ta?T8J8frkn>&nS@A ztg*d2KA`kr_=CU>$@~*)CJQHb4Q@Uh6a)!N~cxSE!uiLkNE1q*;l%Gd}z*+qs z*%k96y91FDNJxnWY3;f@W*Nml6l)*MZPb=OzQ9cM<*3D-ymew@WWRhcO#BHb>v-G3IUQY{Jp*26R2QCKqTg?)7xXH0+eD-U5>lc;vRz-W zb#{grk4kxeUu=#Re{h*7$eoNuD17()Gd(QIl zH^ue7GtRp-e@%OgfB8wLg(~fRt7Bb}5=cmi25F=H({;CltDHUVoxCX-uUt3vM8}fx z&ev1DKAc%O!dScF49`K-5=f{e8l(;OOa#ZKU8Y{rsjenPlOC-t=#bqk*!vXM}l1N6c(ad~tzGey=*;_RSp~#`kR%zQuX$zRh1dJ3Q=7 z3FaoC@BpTPGPh@H_yo=-l+5^`7hb@fAsCw-HTqk>9J9-JTYBIGwGQ|C3|0KR2`K!$ zi3VzsJ(D$(?K`iOfbhWppm`L&^Bf$uvXNdB4xV)2ET%x(v}xOv8^8G7+xJa=lBc~l zBQR@@e|XlwYyr27L)kwSMkKUNM@k?eB^o4$P33GUy(b)uyWkj8NNMxt?QEnr!ok!8 z&Ke3NN5>t}{NEzC9(v-n_-N@2&GlTTTl*I8K0ctLCNmIY_^W)}Y@`GdQldfH>{!XQ zi$~{$;lr5k1O?L0 zovz&8BjloPs9G+V)>)R#7p?R5DF5~-@2DM$HBCYmJ;pnc5=cmi25HC6`XM7C7iSR) zhB$B%$R6&sYu9eJBeV$vvj8|3DUh6;+}dJ7e>tib_FSsnIQaGR`GO^0`&GWb`0cw- zaPj0333t7a5=cmi25Fa5bjTh2nWKz zEC5ag1=8-_`^KfE9#Ttpk{uWoEqx?oaB^tzOO@?wQmj5yJF6u99?grCKtf71NUpov zuAKhasOLFv!RYzc4pP#iS|^vv3|@Y^qM_^9q{a2?4eC)#Afc9Mkeqij6&#aae8Q5#K6!MzNhL|4H~kyqXrOlNX2N*>wumRG3VRu*L}z}? z9sj}aYv$_nF`w)=#75Vwoqydm4s#Pws+5v)*v-`NvlaO+g24=ql-Pgqi0!MfUw3o! zV0+U(Lcv1?oF=k|d%3%No}Hj==T}`~Fs-=kukrHWD7Ba7SvwSqn-6qnJ#D?Vx)dpa zgp_EI+}yvh{Zk(#6ik-jd?kCh*PcCIY)2d;3=AmX{H8$KyVpC$`GAAM#!_jA63g%J zxn-V9#M)H0?{z;B^DE!A>i6x1a5coF$z9%$0;Q zk^;%Yf3MHzGbqW#gEaWUnpJbk9WFt?z~KTZPtxMgC-&GCTl&^ z5=f{e8l-(*Oa~{rwB@AN9;dfj;eSW{+1_+sajMnP2+32Xdd)mh>aOJ%(3}3vmNZaq zUQ8M5k9P713NtuB(<#)Gx3?c#i5C+N`ZqYUDUkN>KNzvjXu{^8;!&daQ#SR#%{1Uo zjm_r$=)w7Q;^Eafp2Clj5=cmi2FZIr!?4A~^_+k(#sRc|LQV$`__LYb5)P&TaF$Xa z`S=8UdXVV&@Zy@n+WEVq3N&3k6*;c68VXGxj?9rL@wwDdh?GD=N;F6Zd>9U=zhU_y zuOG^N5tbWAR zN_buOM`TQ1$>S?(btxOl_nMS-=6sR2M@k^!w$UIR^k)P)t;x+s@sAWIg(vQRS-5Qa z?=+3il5-wE-&b*jc_F@4z8v)g6zYiv%GaL};pXW~OekCS?P5>h=8P53MIMfLl6ZH7 zkJ6QhM&H37zOA#+pZ<+=G*I6Dj4-eI_6)=MM&28PQoMGi%K8|X7_U35`qnzIKPTvW z7H3R2<|m-=Af|zG^Ji)V+KLAq4m}8o5`On1W2x`82UZ_lglvR<7c8>;J0_v0%>_Sq z0!oz<%E6z>5;-IvUwbrA9DgQX zo~=s>5fDB~0pvyYaIb)XBWy=V5C-M~a1K!*9XfP$na9_B!>MtHmg=3#K0GnfT*ph; zlKWX$sm49uC}#84mw z1szL1H^Ne4mZMmCbflV-8pq#uQN{eXmlSRc)Mid9%JMjalt4mCG)RF#j2LH)ZOt7y znWk4=f(NAkzWFn?GXBlLlNPVpQF^Oog0&SG5ez;e0Cbb=;a*3NhOr%CP8gUo!FfP|6dW8Lv*^y;c<-HV zpO4>oxsC*?JT81QhCt2I_DyqspCOytQNc)HM&AUuuMQ3iw7Bc8IQT zN`2QZ-6_qJ&?{sQ;NqXHTqy!RDqCq+q!pO4rCs%^O zI0sN2*~7g;LnGOa@Fon*1mLt#AcciR9ldI4KkIyHmD-JVx92OXBAwmtykBDcF(vQd zwBjv(^R18)NJxnWDKw0c}3c6jKRD9Alc;3XfnESX;qqg26Zk5HIU5kg%oBe*O6I zXtp;c6AESma6~AOA|p>_P8L*N9KK0IHHqi_=k|vp2S&G5mhHPXq4zZZTlLDoSx5;a zq(p;sJd#o3NH4gsPNnZIvwlu!=Yx@xWOl8{I2mO=D^cG_fA11AlMH2lAf&I#D7&WvRqyqnLw9s|3UgFJBvt{`7C4qk%dW$%OHSJhb#U z+CSAqLppTF0=IA@xv#U0e(Vn_C>mQHCo=6yFXktp@F1pv3W#KCMzEE6I>BHX2S|!S znMXy%u#s{I2M-o-_+v3?|j21y@un2M5?r4Ma*HAtf55lhKSiM?l7~f=BegL5XQik7jMz@R*ZO z*Xf*Rp__4Zcg~%)HyTk-K%t&!prWD~JJ$KBihwZq0;Esj=AAlqhOM6J2?q}ra8^(t z#l*yWtz1?cVY^rMZ{a#wm7I|SUj8SKR>T!s=yh8!(SNOKkCZ?{N;F8PVi+yfR?td7 zm@xseqL9<+(+O<1uA6W$sDNWfffO5i_Eh+O&mR6d-K;rw%eCBU*JYg4e!tZ+d++LL z4dR23jgBBCkdP7$(&<=6o3r+E(wA<#?Yk!)m9Jdjc&zK~HR;`k2j+X~FW-7KI$%;5 z>Io>+6AjdVgEX7JEJR=?1CgAyy?F_*wkw^>@ZKD~?`wIRxx-k#8PDXA5=cmi1}Q#)S;W!e z72LaN#3_OLkQq-8+RE=4x7M#Ut@P+kxr5=eADT%Epq_w2J<&kLB`|)hqskP5!Hfw| zB-z8g&Yn$SJ3@sp(8IwwLxGf-c>e2?BOlupBicUf5qOtUZS5&?-}Ua75YxT+-NLa? zKFH)EC6JI34bs^}#*noY%q19%a{yf+d$`xRa~If-SVS0@3BbvqKuStV9lJY30A=CoZ~zBaQ^JXi#Y{OdX5S! zGcR9DOte2#&m>6gds6Ew^79bt2`JPP4b<5rCW8C+Gr7C3s#i(*Nu3N7Q1n>)Xu9da zt=?OnP7&%de{Mdm8U5+sKt}@=m&6G3O*uD3bNa^Q{agcouRUGzxT*7ItM1Khsp1Ab z>K-B67J8%lg9`2QrlBVn4Ez*BJ zRXTdzB5RS)hC%~;wV%8N_8zJaICHhHX;Lmy0tqS6ASI_Tt5`evMuNfM3s4!^!@bU* zzr=RL4#L3n1kM`@qze}=x5PAtA06-1o3&e}wm2<9Z@<%CT?Lzpg-sRxb*~q0xrUTL zLP|79=PxkkoK`Q>QtxKV$rj~m5iKi(^2ILKK1mvQ_2Es^+<>R1kz%MPpioaVP{|jV zMAo5h55Zs>2j~OY!@W{dudp5AOBi_Cf%Am|>Egxo=iB=9mrb2uVDs>!@R!GnmNxqA z{y>DX0e*ebJSo_Ti3ncoxdN}mko%|%KeAtf55v`dUNr?K#e zRcqrX&%6D_N~4N5J;>8Ah!GAbQdPGde|+re#f7LRpioaVP^p)g3~r}YaW1C@Q`afz zbBnnwwUJujlI79e-o9eZ{tL}JD|l_upZ<-$G*HQx7-KRO4ZY$C3Lg;w8X++Bd;b?# zFJI1J`!cD7f*uae7z(5-S29gI`+f?^eEJ=}GW@AtyS%2niHPGW9+~$|M+!a{$Ru$SFNNi|y9kAsoyE;3!fcUA=n!*!m*VQtoDxpxkwh z`|^O$)i$FL7=1NzObSpZimd>%uWV0fh%K4ODU#Q^Wcv zz1s-}(>OruD3tm2>$ljx^L`Ny9xUK&qCmQFBX_E+-I%pkHoTRH`ta(&!W~ZPekP&a z&vbQ;j~A)UZJzZFDS?EPXppYoV4PW-=3fHBj0unvg`BdpZ?oMxLBhbG0*(g-(#@N9 zQcjiqydib6LDXx40*5nU%g)W!A+BFmiFa+ze%0o)%>yZcgp_EIvTrhOoLV7K?Flo+ ztZ%K#@|fIP`g)n|wuwyGR;7mU4XWlZT(nV7K%t&!pswF!8d&G2u>^y`7a)JKhkNDZ z++{mLmN4*O0Vjk4>DH}0=OxD$zgy|f*Kbf$U@&6>6ixPUuiV^wY)7aQ1_l*y5-E^w-@ZTT$Ha!V`|jIB?ix+w zQk64EWKy_=Qh*9edkeu+v*3KM;2AvJTCLBe>U%8?iY2N5%0ym z#g?b)rg4BSkv-h&&YcHrM;HYD3I>neYn0y zq4Mtf+lN**Tb784rcYb?+45rVr`0x1)1QU5Zk%=>DS?EPXprvQWqeutlPSSqoCD|{ z*~7i^^77e^uqF)51mHZTK)QFY;9IKqxlhxC?w%>hd1zHr6xihZ#iqMEBb*5XJsg}`3Zw@Q9`*AUc$M$BFVUPn!&J)M z$AL@Ks7Uc)lfd!I_m4jCE>}ZJAR#3hr27w;!>p~qlVC8;0rZLN;a(3P7O@=>Kp2<_ z!0Dhs%Fi!WZ0*^9Yt#J5bg`z&o8D6zUgWI_;oo$YH+j^f#&x!Qc}NK)q(p=CFrPWb z*?dvT=bX!ksWbU3Z^s_H$9Qs2SLFQlDBi1Kx&G43NH^3IP^c#wsQdYh2#-XNqPT0S zKF`K}!I+vHxrba8I<=L@ws#1gyFPIKexEe@6Hw?+G*EZ)8DakF%cpev5=R|9`*`gH zwWe4r8@1&epYc@^aWn2cv6ww02J;h8CX`Uu^O+i{Gxkbs4Iz|(@VNz`Ub2UK6%;&XJK_{!pv1x9X8jik z*}fY4^}@mu<-DofH7#Dh+_KGO+^e-pZtU`1y~69V#K`3d0poLTc_F2L-*q%d1%*sF z>*M7dL17vPNSH!Sj~+c?3-dDJV59>_k^-ry=&6}8v+=I}t<1#>el*K171YZ<6&Bs3 ze5&pv_wIdDimP>y5=cmi2I)}|6UDLJm0iAn#?@a5pUr%Vmks!HrKS4yT+H2&xYU|= zZU6Wms3)NCT}J~|P{d4R{iDO#1cQ$V08OTF^NNd~vDMRk!oedLoEa2Ij~|y_EDIZm z>CX#0%{#TUO1h%<#@M-Icju0k=PNW(b@B-cK}sMYB^spS$IL0#R!~Afn8pFpq>xid zNg3O%t0WwZbl~VwAU%0f&K*`ggKx>$u5B}vw+YxP1+UIXiW$A`MkM#bKYxz82wX)< zAR#3hq>?909OrAB=k>teg`YLmYEn`M?9$zTjJvV#hfvS;I-eW)`&}APPe7rbXrPLp zFseKU9%c5(42tHKa;I$MUd7A#Y7l>Dhf#{*(rC}3u;SZw=uiLVaT=(CCyX%})rMa0 z2nwHD09r<&qMkmj7#hUI)l4|(;ow+MAU%8b+*MY5!E_1!p0tkO12*R+U(QdHnQ&sf z@f4rC4o5F9IGT)o!of@c&Q=Pfva-t7 zoXI&Og2PHn7H602lWVhjy4lr$+urtXs@wR+EpsmAB73;k^XISFj*ue^%mm;>P$0c{@%r7sllMw}kD_FY9>kd{ zRxUW0|GLd!?7+s=F_q!A$)}W&5=cmi2I=_=<}&BzB>DS43Z7&*sBCh|&YhE><(K*N zuZqF;3bW8>Vv<^gs3)LMPc%^FFBlV^86TRyg-*~|zhTLlZwqcl{7FBZvF_bE?G?AY z`O4%jpWBcA^lzY}fqMFa3F9B%w0G2=3qOTKHeHK<@2oO`@5t7gQQJohS|r|f)eXFP z5c3mIco5S-6}(_-gxSh`CIMj@2Pl^8;a-)MZ`h8|A`CoOz)7J%dik>2pk3e7EQWFW zqQ&E_=9}6q6ulxXaAA9_L50rOZS+L`TF|Vro~Is3q5TwCY`A1^*GY-OJZp>QUVDn z(I8d5Vy<(3rT1*;c0LiI!dDS~_?OnnvKpBmj^ZcI7_K<4pVw=+67>WW>WK!b@)cvp zIzL$w33sZdGl`9I{tX8mYK8b>sKZ*4tlMkdQW3Um&ege0 zZcggJuL_Gn8dZK}PTgUjZjw^l)&bDUcc( zKCV9HEY58%Jo(nK5hu9Jzd5={Z;nfNp1XDF#YK8)YyP}ON+2O68l?ILrkJ%AHS}G%yZxw=Sh=u8MTp|r zS4G)czmO70NQnmN{RieL$IIa6-NemjtM6(R8Cs+#i5cAU?^>U%>oU!7Z|NDib4sWu zpioaVQ1u^}2%a+kZ7undIW?EP`cri8g)SH{YfG0NC;c|_N@er+XO&gxPyYrw8mPA) z7-4~rouOWbW>~&m#(S%I&Rgx^?Ox4M8`nhSChg(25Al3pi1`U9JcwzaDnBqaqYCR9 z<`=AdvyjKDc|&(>%fY_VJ#XX^619@57q?3Ge0YnWKLLfGKhZ!Hd|2 zlf9ae;LEe`Vrt66+$sZMC))$Ts3)LMPc%@CpO{3}q3#C(VHyX>p2E#*ZvMhnPYmJU zX$Q_u3Z#~ncB!N5&qf?PaK!(M@PeHS#*K@-W?6OPw`qLiXq`VfVU6`j2_&RMgVfx@ zyk>0$0tAD>7ofdl5BF+q{mOQP7-3*~0>_U6>GS7rW3`XwmOi@?f2Wh{yv8=+d)1oH zj0>Ld?KD_4>u`E}^){pg5>lc;YW>W-adKsA46GI*Nfms_oowDtVtF?-1u>%LlNJK>ZJpYBz$pZs#>Ox#zG z{`7D3rGaYv%ovlYXy`S8B!rI$00omh+^emvgY5_f!axrP=L7}PmoJ?b8BGNY8u zl+h^qb@G(S;I0L=5&g3c_!$fIx^UOEAtjKI5)D$@7p9)IKg}W-jB@}bkUiY1y}gU= z2yMc^OaRVB3Z$=JySo=Jynn!PTxgGf_KN5^GRyjd1lB2ky17i(@MWg@db1x$2_&RM zgVg?&Y2-W-`E_T$pwUmBJCzrBSB@Q+yHEG8MsoHTi9^O2vdbE!QBOdjo@k)jzA_J3 zN0lW6gBcT`EV74tef##E?TA%`fgTRdT?(X*jvqVf>o#B7Dyn(Bqs(J*?XOW8<6frM zs$bT-(6jzIuc+Ehqy!RDqCxuB!8EhBg0%#LaSos&vWI(hcK&2L!htX_6M$1efz;LY zE3fL^!S;_km9uMo0t)p+1NE(oso>dmGF0FeCzx!p3hR7h~GU`pY3xfks&3-qh_(v-B%Jb8co z=M~fwP^c#wsP3Ok1MB>Bl3+0S{s+YRH`>@rf&KcgU;S)vI!ieJnJ)=vBn8s%-vd7* zdVK~)7aeMUUg9R+Ftyjb_M=Bng5B%SLI=lvylS-*DS?EPXpnyWW`41@f;57`j0uo9 zg`9eN2H9@ib;7}*0?tGVq~2bJ;Tj#BByhqoVe5H2%U^uT0|GZ62JjYtdZ({(IWFv4 zmX98C0tz|NK=t%8eH=@9DH}bn{TqJ1yjA^f+Db*Ur9l$~^EDOqXNbLuVmx?JQ9z-h zXrO-eG95f~{B5$&$y#dHJP2@mVRg^9;&7-S>Ys|LQp+o(fGiji@dzmuU zANJ%C6y|Y&rcCuy(2E1cadupam3?8W>=>SW#~Y2(tk|ODUiR z2N@10$EL2Hb6+{>@5w_A3P$DnT{_dJl`iji^Xk}7v2PxX7Lo!ANzp(J5EQp%`j|QA z%NB7U^p#kIKkjBOE zaYhyJTz`Lg|A6t+pN5YNgOU~NIs(S5^5~ywvT`1G+DCaL1{iK56&Q(&zy!G;9}f{S ztPQf`M>Y*sH&`{JYrE#XS)IGneuM?H2fj@0z1(-*R1beO z3M~B9C>pE)u<|zr{88T<3r4YI*Smb|c zu>RA#{13Cu%|e8P&xRm*kv-gtOkH^Kvvzw4g29Lb)FB!$ZVnkI7y-`X^vfdy?Bxz> zhYA#Umpw?-YmVKLt<25BrXCI<*NtJ2=%0xfbgjZsGDRD_adzo zFJabOX-+U0rGa`t12zIpj2Xo#bIEGSOcB3+_V~OppKLPu%R(O=ZqD7P@XY)2mEE77 zEka^|Au%d25*LAu=k7hd?BtQ{V~?KVJ+zhAzPaSF$WL`;n_Ok>TW>Gqmdad2jRA%l zqXHu}MqsMEjX~|TwR0cOix2kJSAF))>wAIHyicd=jP#Fm_xc%Y8ljK<`&2{)M*0|m z8Iyr|=w(Y__#6q;6S9YUk%tjpBCN%~g<#P2fqF>;HWJ;H8O_nX64I#Z`MoSNem0+S zMxkfuWRnho+7;oyTKV)=7Fv!$Vt^qrDlifkfyuJ=F;@b@kO)*A*~7g^&&NxY^;UWl z3?>VpT4=z8(Onraj&Q_mRe{@@)9=jJ`fjhgV&nyrNOAvrrCNMPRQP9ByKX~bfFUs| zFcKGm$#F~1-#mXy-5zn1P#5VIUXQ_Pvo5b}UwiYbO-S9}S*x^cQDcCi#;CwZjS-k0 z>(~=WK$u>E>LPo%7kL=rHHNju!U+alAEOVA}|Hkc5#}3FeC!Six1_)yhv-sOPuvqCKC`Q z3!p@3z(mo+7zvKdxsGnpYd7i~I=6qF$D4e(%Ee*Di(S7oj>G^%VpL!x zE&@~HUV5W_iQT?Sr)&DEW?QbRS{Z*Y`r;<%t-{Jv{uTzlK4yR#0}M4r1x9L&z)W}_ z?3yLtu}r;7=Dd+bx`OqBkq_qx+bruZdHNx;dcFFlQ1r2XLn0Lz>0<;IHbUye#?VIv zUT(9*WxOo?at`H0oe>VSJAT>yp$ITaY0#|W%Ol?GA=4b`tjjw=WdRYi>fh8m*+BQ-`~cC7PQ6+vOF21=jCt(3rn zl96Vuv3i2S;|Qn~G+>fwV$1}NYZ50TwXkyLw9Mn}cQ;nsZ_!-++`aJ4iYop_r&n(* zc#s%iNQ?@M#6@6QtnH$epfJ4xWkn;gap*MIA|2Q>y5YK#hu)EI%e@SZ4ikxi=eR>?j1Lhf`@)I8~h zN^!q+xyM|REZp-}`$`-7*uUwO3XJqI0xM(vG1LHoVcrL7JK4j%$ioP)iLAxXM=6gj~rIDe{cTl`ZLSTPemOP5@lY@wY$BrvT(Qgg#!C|NDMF}Mg>OV zA~0RnJ~oVDIjHKrxF~E=*6&Q(&z!q^Ar9`|kyX}`GW`3=P-*9T{&$Sn8 zCOw-Iar9%*Oxw55E}_N%Lyb{^ks2c~Ki08l3ISny1uBy4;a=ongqJ*Pjj0d}x;{{6 zXuu|-i7`_+ZCNGf%*Xm#$h?)#AGoC_>zU#zp0@n6omN?4QqK5j86*Z65~BhmaS@my zYrB|BKo}B%x20hcX`Z@K`Z6ENDMF}Mg>OVBCzG$315E%1kcP2o^dgvCilYScOK^zzRm2f zwfHzWTx#DhXLZyVV5l)FFj8X#7Qx%qrhdy+Y`k%wb#s_@%+YTfpH@uyq zu-Cd9eeB!NP;e!ZJx5*yvMIPUHDYCYU)dYj*Bv6GkVDfk#G1E9w2fU<={_c2i zd4R`c$?=%ZJ3+^nJ72%DZ&gum$NnjTMMw-VBt`{B;v%qBtet-&0b#5Ls*LR6UgRl> z*L2ofxr1OZivjh925c&xM~o8Zrf20uXVnn7$ZCTUeqrtq<*^+f?gxl9-3uaA88B%KSX&V2P}Q;vNFRybsg|vWI(-$2VRxSZmCeVDOv->I)5+BAOU8lOuU&V%0+TCDZFi zJ}=1IB;4elo8zS4BcK$`;Rv?HW=SG3z>pXf7>SF(RQQT=RnV|2qEVnSKWxCI=%i zz>pXf7>SF(thvo^9V)urEU`i6jl;q|4X(~5UD}UUYnSO*2RC_Se7uv38UqY9Mg>M{ zjKDH@N7(c}EV{QfV@r|5`J90Bw*=o-)>;)D%&n=Z{yn>FMn3x3zpiT^$<1n5 zbV%1MY7#RTZrnRP{AW|Cb~6$K42e;Jk+=wK3v0WmCMXPvKpD_TY!9U)Sg=KF$(<50Eu4l{DX=)+6&loiZ7;20PjMNx`Rq%QT zu8i%gdZ6*)^4K7a?o54O|J)UMc~6{WjW%plYSUr1W-1r?TCozu!h6gzn7@5ZitY!?`jMPp*nD>ENN2B=F z@t|bpuzpwmA}BnLfZ9X@HXCi9naeTOetG$DPFP#isDZxSx6@~iu+Po=SfanhJ9?rA ze?{D4BnB7~qXHvw5tuV;gZ)cTm|lT$qLG*eo=40))>|n^Fc^7&@}L3JMB8VyIfa6s z7pnxBZsK|xz=%BO7Uk7t&Lzpdd~+ww|Ar@@UkMTe42e;Jk+=xVjl0KHO2EZY$ffyq z%I&q~58f~1sI0IVZ0^(^ry@FPr0qu37+|O|Dlk%G1lGVhkBucDjMYH-lReyvJSFkc zVXZM)g2Cems1O>kIcQ?ce9jK{b7x+yO|Y#sQ_0nAFKjYc$89-R!8N`$=j36F6B_zR z3@{`{1xDf`uzjrUVj2NqdIc()?BQOdwc@pa^;W7A3`QQH5^2EZp@}iNoQW;6wlWXO z3})EmCyyVc+wTkfFUs|FcKGmd2F)A=pV+7X0n`E{tLgc|S*N5LnpI`eRhdV~L zb@$&$@rK5>HP&u%{G#Y%|E5-?Q1eMrnD>FYMD}nm@-V_nkG1#>2?kvs zs2en3I_R#9N^bRzOwmawzv?)G`SR%gL+vU(~9_ejJ3@{`{1xDf` zFkjX_W=cR95`nr$_HZxK^YPMWy_MDkgUJG@$24FI&|R5DoFilF{6-$iOkO4DWLnYL z+VM%K&2@!dlv=Uix@!w}@^3_9fFUs|FcKGm1#q8tY2V&cuAA5{FB`W|tSqowf7RK@ zC();xrmn5`+x0gcH3k@Jj0%j@7=is^9eXwt5T;k4UXVT9i#&|*TFhEw&IE(54^%A; zm>!xKvxIX%qN=)NFsk2WaExQ&>993b&F+V?wjQ&!mwG*I;%lceBnB7~qXHvw5!hkY zcHv1t7!rZ{MD}nm(pvE{V7-+A1cS)}s16!1eKaw~kfSOx?#Eug10fd+2CocM1lugz zK9(!V8^&;jEVHfyAy8enr5PL_=l~Dpm3;qRBPvs z*Ggd_W278+p~e71jZuM-8Y3_fzT#Kf?SC5tY9{lgxGuZj|9+`?oZX_`d`AZ?BAbKO z&M`zE`!^&~fssB&V8SD>i+zr^c;ptQC$n1LQos3l%@#49%u!8`_DFr_s%(nhgn0}w z6IzLpd5pkn#-5fq(D>MN3Gdhb*cXqqmWt-C)BGbf_5IupzM8*e&k0Um`Ck}*K1L-m z^7AnQ%TiphzIvPxH`iP1=^XdMR~NKKYTw}EOyS*>=kUHsLMW*dzdwe=@cUy_V4VNJ z?3c6krBH&xCnTVH$sX=S<_f%)vi7l41cL`SP~4-2o5jUNo|1SOam>%!U*jFn?(yjD zGrG65)?w}+&yuyvyqkB{Ri66rKEWA@0fxk=z(`yK7S8%eI!8d5_kj|ok=PPE!I@>O zxAHPUVMqi@k_OBG4@zb^N7Q$u$En3PORaW(xs_q2a3KE8^eYeI-4sG>p3YUAxkCks z0fxk=z(`yK7RCMAGkeR2owbe;zL6JByPiuNua({4QYvNo&hGSU*=;XFP-B3h#;CwZ zjS<*H@|O{ZUfBeM4i4khc zBg>EWb~>F5%{KIE8B{oW$JyThN=hCQ0}P2#fswcf>=bLeC?P1!`#@>ZNX!V`l`&?$ zm6ZgAArUA&8n9((V$3Se^u>$Yj{6>)@c(+d({QZz_I==%nEq@+QmC`oCK6p9cTnl)hMcb)rqdb`()|Ns83W36Mqc%B!Z z<6PH$elPd7>(XJD9i|tqZR#cOufE;zeUilFy#rt5@K=!-U`UJ!jN&5LA<0xbxxu|> zaj03mA;l{+nif3Q=WX=E=EEEGX@xDj0ucpj9^;QbIbc%Ih*z>xG-W; zqSo&y2P4UEKAN3hj&F>VxEB*0y%|0Bci(3MqaGue8EskreU%XmKOq4%hsBJ|#d*Y= z3l4uRq0st3S+jtdpj~+juHlqUKaIvn%d?luuG+u-W&zYn7BDlkD{sY}ja)lQHnnBk zYMbuYCVzbvs&v*{@jHZIBpXNQ?=L;v!grej(e8E>ah%neJfZEFfW{DExZ8=*HgC1q_JEaF@oLhLI zNzSjVucL~r$>q&`%#Y5G`TFGy5(5m0F@aHB1Un@;T62Nsti)W8dEC?!G09pFL(YdD z+~8r*Mf>ETKW8;U2Vuql!;CS3(TowyTzc`ijQ&HC^Lq?F+-*ed1>dYLbtY%3q|F`{ z2PAdx_@SSV9{al_GJ#Q#5iGpR1GVG5_Q@*LU$M|jNL9F?*?H!MzF}7)Tn_Y**>gkG zr55`bU^vK`z-S*MSZPn8PuVC!Vc!QTmL73mbV}l0Ao!^qM;IJOKqaz(S)=xOJI*+5 z#lwu}XQR@xGv$uRDa?*F_-5B*@rXg1(o?-u2ky^6Vt^qrCNPSNU}psjb_#*8y#kd+ zkGL;7jBwivzRJ0T!O8>FB^I#xsD0jn+fjYsqRs87(Ze51zS>xlG;{gyi(%24Ph7WH z6&{&!ePkID0}P2Vfl*upJ1;4rA**&Wa*yq>k4haS_RBp+f7UP`A#d`!Pkh6P1F|aG zm@&XGV@zN)V+3;)+{bJPgtZ!|Tl9$gqEiz0LctkZLKqxJK;35nTYwVd7jgPMR-D-W zI{LT7oRaDlo3^{ZE%R<4kr&n~w?^B^I$Y};5(5m0F@aHB1j`bvi&X@|_6pPsdc=KE zwc=hZ_$t>C1}hIxZ&<+WQDXcOPQE?&)u!tAwL9wumEVlN;dQOP_~H|O*pa}hz>pXd7{x`ftCEe!kEZmBG>}@laEQUC<|uWqVcLJ1GlD<8y{?`@Ak?BMmj1wp`mK!GxLPWL%jlfRAa^f!;CS3(Tou+ zP;l)@A`rG$pp;m=$|X3D_~n8#c9u|ReV~+Cz#LIx{0i=u)gHH}hc?;XFKhf>CUHHx zB6wDo{-a0hTAr^6N{HPfgTw$sVoYEZ7s2uc>*6w@up|OCltp4o(XPC+;H%6f6gCT> zv{=BLP-46bS6FF%e)hr3HT-&&v}aFS63Um@EPrBEKd+=%_jE+Bv4z?!Q>4WTLn*DnaAwq#hBSy;bI6#sI^NF@e#H5p1t?xZ5LjV>c?gO@NIe(tLX3Lu3qxzbN%+}*G3vh z3@{|d1V(WY?4e-uzapoJW|EadQU253^2?X6Bx}H!Hx>mb(jbFo9V2r>=K)|vo2@Ml+qEe=4nOlIFcNkoPxvvLt;!| z6c@pY1?xhFKv=7R+DMPMFRE7D9)hp38)2}E0Tsvswi+eIui@%{Kd?I4QSjmJva)+) z+=jPzvx%^r5MMK=U_j4jcOU+|fW!bpVoYEZ7r|ah?$@w#d}F`Y_P4HtU$kVDkDkO- z?Glf}uO4gM9@Xu{CJr+O7-ozKjAo2r>Cy*3R;Bmf*x0lCr-#2J7L}?-!8U z9^tiGZ^Y02=&`?RH4_;17{ScwxAgz}QlX^qg9uQ&=n?lthY@a1!Qmf97_>f6`&hu- z(60PH-1x-NR|{{&x%|17Ul_){{(N`Z*x@4YTAu%Q}ii=>if^}g>AS{VM z-JwU^7ga0nje@Uo8DX$l0QHCkY%NNR_u|y=Z;6whP`oOw(f_o@_#avMZFzGmv=1B~ zKG!-X;&Av%BnB7~V*;bN2=+m8VVk9^l)dSYZ>gi_N6qaw>DKb6zC{Yhq#e43Ei-L6 zFbOjT7-ozKjAo2rkEG9?Jk|fkF%RYNPI3;(S*7z8f?D-YpNm+v$w#;3+C~Kz^w{4e zkqL}?j9}q%nM1jLb-$}pye>pV-7-))_h`%_$=vdb@_pnq7q*ObjK@9(m=>$VXdfe3 zX>XxVnLB~7?<1{Jdc=LvDT#ZN;HT1yFgT8YddC8`9<|SVbDP@=W-6#g>)X7JKh|<8 zSwGO`%yR#(_P11ZI*hWW_|HRPfFUs^Fp7&{&4L9RL?CRhKsC`L?u!m1+&+S@ayMbH z@&NUN1#BZ~pZDeNzuUPXV2NTwRN{^vi(-F<@BL*os_z)C!t=so=M$RU_aHIAkQfsf z#YM0$lE;$1oxC_HX%KfPKkLwi5*dwxya}C~((NSgJvwnfgRV&KhPN zwK_{;Izv}SsnEl(J}$#Zm=Qyvln42dy; zQCtN3E$Le1>Clp@6LZrrI85Dea~K| zkMLF2yEG)lZhl0yhW*X52c2)bIQ&SGF%6kHRC8~QDthei_R0iCJw`C$ziZ_h!LaWG zHG;*A`Qkj{0|kdapHOIhpmbTl{Lrp^5O-AL*V3kj^7`VVhN}XS`^(j=_n)wFs)bMN zx`TRFPP--}F~E=*6BxxsFkZ079uo>nB2bf9B<7FW=Ys`bM<;emTj1uFwb8B@n9rqn~ zH|R4wFn3qyw;H267S(7=L=Tk?5=l5sx;_Gl0fyJe1V(WYOjdMv=Aod53887Zu{ANT zRn+F3{cDQKLEN$XyP}JS9cNhJO?TOj%|FDE#OKln*`PzG&gWy+g2Idl3ek1yEa9z_#E7=XY{D&o3{$^_?q7 zlsSD@wSIdaErWx9daKT=+`LKdS(Vp~TqFh<5@Q0RxCo{ocvcQ15PlE=Dx4m1U$j@? z-X-`dH3)<46{r{%ux&WO`Q4ne-oTeB+ztan_bt`~j0270pPw&Y{i{YvFJ{`~7}NQ2 zNDMF}#so%j5v-fY+Tgg{_e-i%#-xvXyrf6^vhTV#Wt`MEd|4WDscLSs+9J#tV3;u` zFq$!f4d^5^Gh+#apOAn$PLH@RT6l1W3eMPM!eFxi>NE@34wM)lMt@o4dILUfUjOhZ zS=;Z8{a`!R!OLj>YiF6y6?t{qADl-ZF~E=*6BxxsuwH_7F`Gd6K?JCa^oaYSYQ-Hc z_$sXkgY6Zl92T%$C^3Ey*Jo(ps(oue)x^78d!)8_k#V-sLObVmHNoBVUzznA|2`gx z0fxkwz$h+)^%D)#og!6hq+&3x>*{=E)tp?v2en_Ndi5M)srludyo*OYW(+XQ7!w%H z7{RnU`P~fK^?78=*ObFoW>*vq*s~zV%OdsF$RR&p$_^j(`?)E4?C%dEOkmVw1T&-c z@4v4_1jCPRK;5H9+!q~2xc3SUzYAf|`anHn0SiUD@)6vwnpV~DavihFwkM9~Y~i>4 z-g9N~iuvvLbJV_@&O2nIio^gzVoYEZ7r|5od+Z+qVMzq4oE~vs=zO{(1z)8vVX#>M z^_~SR9PP?SajsXbd(OVp^ZB*7=G}(#o*i^5D{R`K=vk{Houy=?HP`})0fxkwz$h+) z4H7L;SBy2cvX`H4J^xwy`&m*G>qpIBS#VWV6y#gCU~F$0%ot#pF(xpYF@hNhu02}` zgzXim&-943RvKn%=Kn^!+NdC7P7Z?);K%-v5nSiODg{7+{z&CNP>Yf|+;vpz=U2 zHuiPIxx3Hzba&kHrbyL6c1YJ{S`XvR`mJaxj6;w8T@snVsK*EvE^i#%KJzmFPoFQ{ zeucfedAHEXX4)CW(N(eQlT!LsOg&nNeGD)h-h31pS#*R$@+RsuL_)}*(Y&l{F{Myl6qw89mqKP zPd_9E7!qRwqqqpBDOj*K35D$ysL?DEi^h4x#|pm6LPBBX0ct!8*nZSLe~8N-`9<_l zP40L5R*&$XA-@K_*l^~Q`jf*gmg6c0#@XLCMPh&0m_jDEEXlkAK`RbWWLWDp{BJk z{aIRLP_^@w{EgPV-CoB_yehkPcZ^9X5(5m0F@aHB1e+krRf|7&z++%nmqz)bWUr9N zMyZwUCHwBk$Hh8E4~;6mh8Y74GsXl)Ge$7aPWMI`AHVi|JFjBYzewHC@b`P|JLWDA zZXWPxE4Ve@#&SG*?CPN0QUo{?g(D#mB;0+s<5o13| zK7G?ExiK6w1{h|H35;fpV1a^b&kzD(dj%?z9&ulE7~xJ7oH0$pp!I<|%mQ{4CB`Rl zqg(dfC^FPZf7Lo{tMw1duGw=pzV?>9_vFhcm*&oYKAb>efFUs^Fp7&{GX?8HpFmg= zfjU8txG$Z!Spb#J0(KlF#wT+Z%@0}6aE)Eoav}1-4D+naJx6EeJUiNK zs9jLga{8U?8YBi75@Q0RxCk~^^kJH!*Tu12>uz$YGy2(OO-jvGJ$H6)r*`Q9t5X-K zIUmG~0frf40;3rt*xpX+S<8AEc2Wy_@cqQ3mtZK?uvP>0ogQ&tRIRwv1YczoVX%t<^@j!Q zBub1w%bl*0A2Tnpy|TOU!0jKL$J#3`svTnRcOkmVw1T&-mjNreoID+8^5uiGE z`|tnn|BwHb4kO&@g2SIoAhbSE-C4j+qh0xPoN7MFRs_5@+2e%7!qRwqqqpRM6k!s5eQ2nQ2kjXb_TW2X9&K^tAxU40hBrmSQ^@u zKhF()*m(<=}OK9wjtg=Kc%$7=B~qx0frf40;3rtSdQS@bDKceUV+kP z@hZ>aJmN11&e%gjq4j~9$O4v*65}&Dsgmbrl?PLz7992Lq(8Imu!V>5sQB#6!Ld~m z5;qP@e=)^rUc_a-(kH;N~%zLpDiSYzR(?!HfZh8Dj#Y86()EPHJZpK6_<<9;BpRHSt%U z`N4I@@lW6E&-XFE`*>lc*R#9mvA;_q6BzXv!NL_}FYvoR4d3uKKr7BuZBKc9nC~(Z z?Y6hFdf&zcNR0V?8v7VvILMj6Xdfe3sj|=x)kq-h`#{;V82hW#sI^NF@e#H5$uiNKGuUkSgU~wrbpZtoszh-1!qi^FgT8Y3S|Mi zgc9SgadKfg%88TG+{(WewJkn5Y+%3D`yXE(WGLAf+qiUhpA0P|1{e}!0;9MH<|SAc z!wH1#6{!96i2I^y#eH4yRq7B1D-TddS-`HK#P}Or^Rd10PTAFQ0X2^^+mB^f&b!_3 zb-3A==%(oDSC?4%uSQ~kAu%Q}ii=>rB9+Pc1Cyssy*l1$?)QC75v9^4Yacls9lgHD z|90KFatjH}7+{z&CNP>Yf_?1NWFNg~;6+c1_+w+wI>hR==SWVzyUwsEY)9R2%_kkM ze(15k+ba_o^%%j51iywdq@=L#19g%fabI*8;m#2p{+Wb9>jQOx1uPrw%HQPjV!f4S zwc4(!HtLq}s-$J;$lK)&t<&Mje|b+jv=%XK>NPBJd>z{MobZG(ay_Buap%O&$Ws&;J_3nZ`U zy&GVN!~jELOkflj!9qmeokEAMu}mG6aBIrWOV{<2Ti%q}?f>n1d*ayGEq!*@7d3;Q&-OWC8igllQ>aUpIza~B1G+*>~I`4qQ z07GI-U=$a@c8k&tI;4gNRRlWKkBGEN`lQd)t2{+0EQvt%W&yi{gOV@g zF3xy&y=$Y!{A7p1H5Tu>`4#rpXd7{x`fD3Q5;;)9#~gg$4P1i}v@K&i2K zmHAjL`1^u0c7sqjz=0ac0(KWA#y{Xowm!Rp!HT^dP@7v_7c*4Z=U7o#pT2%}Z0}P2Vfl*upJ0!BdzhLx7LtEXA zA=CW#biA9id+E5ulQU}msSS*H+Tb%M6f*`GW{e4pW{hB3GEPQwR@qorb(Kvr8tNav zzhOpGdA{?ZA-1yHob;7zjvhvj{oVJOz^KOvW=4Pf?0;Wn1jA2AK+Rz>V}&@6_(y`n zUrQ*oK2X*yVE56k{9{f_KCIiFCq37y4_bP*>dH3d1vdPY#0#OC`38?xa%Fu?kQiV{ zj0ue5BG?hZ9{WTnEQvrZW|7zf)IR@2@KydM6gCT>R-1V;~T%3M=o7NWc zt}ZZVLczn1Bx&8b538G3^N88W{e4pW{hA)f@_b6K-gY^T1$_(FFK5HKNFlW1;U{9 zf%0PkdxR3>pL2cOwR%6Vy;vd}mVWi3qs5u5p5KZUb5}*Sg_o|6dF-f-!~jELOkflj z!IA~*q7Q+vBm%XK9&uk(t+-zZzRE#_!Da!}UKX$?C^5d6+qkUhL_>2!x7^a|s8uWN zVnvPWRl6_6RSw%VueIosi~T14iygmy_O(>$VQw>|Bz;Za z;6*z+Hohn%&``*-x%-zAX=jCzb<;a%6?E-art%j@fesxGI^bj=GE<}V(8M|t=Y&$5m@ou{%^ z*vA0FLCyq5`xwDW`wM-_MiC18K2Wjri2I^b5_gHrg=9E9` z^Ldf{AK$duvY$_8Jo6G&cjZB{cfMvcm09H07GI-U=$a@&I%Un6ary;1uBgm zabI*8;VueiO zx!|i@M;NR;K)qoBD@BR%72MQ+7DumMsMq~K%&-!RiPI+ae5N)$F5!w@wy6BzXv!HNXG zhVmyE_I;r0=@IuuhY{{Kg2TU^Flc?CzOsP5M!WKFxjMs9lkH1Cd$g5F9hFP(=lW;5 z!N>6%Z6%~q3l#jjr&=K~z>pXd7{x`f8-hI+K_D!NK(*5&?u$AfcctK~JVY357C?3C zA#N7^i_~(oD__N>m_G_w)^53F&HA)?K64G%AKB(7w}1DA_G#b=sbMg?E?kkQ`cvpU-1cfBqW0}P2Vfl*upD-?D2 zi#_L~$(czwzW3YMef8BL3dvQ?k@eNp(Z1amJx{-d83PP6#so$)MzFmyF*(yETx+*} zFaIPRn?3B;iP=4$6#uHzD$yRxt>`w>H5xtkcS&RdqaGueyyDA{)+&?2ts18X_FjJY zf@$V0iw6=*q6To5obtFXt)F$Uj{$~*oC%EfF@lw$d6fHmUvQVU8>8_37-0B*j0udsA0t@CM4@B(0ip1N2v7zrK9yBC!TI-sbx}+x zoRdIJV*z`I^N6qGexLq!q+T~X|9dC9EB5_knU^@hWR^g7Xc6GsY7N=Oj>W zEMV_ZVtgZ)W3^(>{!bQ3H97ZoKMcEGdi8>ZdygB5HdnJEEoSeTz7B~2hQye_C@z8( z3)Y1Ufv{EswUHiiUsSEQn*?8FH^N{S11gXOtR5xCH*+^ntnxP2im<6tbFTHt3=9bg z7^QwTuJ^%MyCq>;Quj3=F~E=*6Bxxsuva2IuRF`iSKe{Y-Ei1AvH5J)*;x-?={xKz zoDoobW>{?S56l=~m@y_WnlXZ<%RKy0U~TlNWKQMFE+Mgn2WQ_KoSxrvdXK}^59YpU z&B^?L9{amiGl5Z$5zLH!8UDX76-o*}hyb;V9&ulE7~%dXIQ+v1gVqOX9}8Fm+Liyr z4a{!4IIU)1kDa+v@#=Y3qO|9<-Wstqz+`E!99!KB(VTBuClWisty#qxpEBa6SCR9@lG z&0c4i`^3acI!FvKB*p|raS^Oa;oGd7PfXnmlvS-?J`#Q1OAr#o4S zyBDuCIi&Abcs_nlr~U!a_BP?C7R?&hrKI(bp(PRn42dy;QCtM86|4(80%1u6>JB~P zzNlJpe;0g}%Ls$b0;oqUV4qQ9dE4wPjx} zNbXxDLSld+F(xpIi(nr_quP?*4vt7XKj4h9#N`v0S5>=AkRK;o=H1&SuDU^HU{dn9A3V>HG*Xh3(R&1zALWKa7`A`=+( z7{S67Hx$YI40jAO{qnkx!W79C&rqucKTEcpR+fJ-(LL91ei`;Lz_eH;M*A4SN(Tsi z%G?QreIIF+(j)GRPD$K91V5Etgu!tH)H@ciuc&?gC%4yPUHv~>+`lfds(wFawOr4! zLp8OETkT5~tGv=IcC9Q$Vt^qrCNPSNV9kOB8$=*%uRt}?Bkqe1Biz3PU*&GXVC4bo z2MgGD)IR^4JJqks+~;$*VLlr-n)!Q%n%G`?FBo{_#L#(MwfjNThIOGm!;pQbbgGX@xDj0ucpj9_mB_pxXK zVXgib)l=LPM*r%$1qUVHDmY_D2=(vgN~kU@U_Ve|d>a=u+dS6ju>8c_rIsDRXZ5<9 zIkb0jZ&qlOem+j?qvA>t5(5m0F@aHB1Zxqji&O$(dj+Z|i^P7SUHNvwS9zXLSb2aN zzykIQCC2mI=BHhQpZnWgUY?Wwc?&X-1m#`zQQkKxE>sw{LfUzE?LGGX@xDj0ucpj9?#S>>g}V zx$UQ-(PVMPC_kVy^j5LPm^JOspN&<~{1_d-!vQ_^cY9?5qaGtzk>J-**9eAvAE*&5 zX6!f4BmR%z@aGc>tq+tg3s@`KmG9tuUIi!hvP<;%E^)2qm4n;QpUtwPhp%v5VUQI# ze^K2B6(j~25@Q0RxCq7z_Sj=WVMzpP5{tyzQ2V@uq|oX2icr`rfSSbu){b`NImzWC zf9jn~vrD&-nX_@rhNrj74!*3|pFQ`e=Y*E1og+hDA~C>_7!w%91(=l7vpy3`-Wj+n zoE#Y^rxWti;dO|id2L#Y&qzzhRcoGY#f$-l8Dj#Y86(&q!L_HFP}p99vSjfpd7MYQ zq~MG-6AG;l)It`pKPWL?BsuTSj^ljn-r}|1T+fK_T*}6T#{s@+8&!jCx7||Q8efOR z07GI-U=$a@q@{#Dl|Kn3@jsL^i^Mw6uDq1stKpP-7BC4(DluMKQgN4_%1ka` zc{!K!)9Pe~W!8!-ugcEO2+(-=@RwCU&8et=5~2hsc`$|!d{Ewci+=WIJsV` zqL+5-f)2 ztuEsGF~GD~!RY%jf@K)__(bI2%#duA*Hg>*=-0{R))jX?_~h904<^Rj`Pnay#P5#* zhTk7!l34D)Fel#~b8mQz?C0g}tP|8$H_7|6alImVBJ?|d}3xjU+%AO8F?!0_jf zF@c5r3%m8MevR}R%eOWDW7R(_**I)`Q0WIt#|X)W3p27LM%Qfdvy$ubKN$U!35)~m zPw;k5;)_C;erAI<$Lx!qV{m0y*Cmr5^=UYNq3Pv^?G=B9XsE7~qw4=RGx{eB+P^Rf IIZ28C0|YG$$p8QV diff --git a/librustzcash/src/tests/res/tree16.dat b/librustzcash/src/tests/res/tree16.dat deleted file mode 100644 index bde2e74d45daade78a0124c7336fd2283cd702f3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2352 zcmZQzzz?{A(jq{d2gDWll~P5Pk&%s%Iif%XazG4nP7@);RFG$4V&Am%Q!8us!f65< zTDRWWtzORjIQf~y6aQuV4nMuzZna(-6iOf`fkKHMPGV%@CFC)ApaKo3b9x9Vrh+^( zGY274G=U0?fEeVQX@nG0L7s($GjGAf8&h`dIqbMPB=~jJ4)tw9^)s(0E1!9n+L8Oi z{oy81D1n>=iZpsSiJ3*PUwQdaL&27_s|rdQLr?F^Gd%Ts_1(M2GCE@Bo}B2ep94xu zASZ#+5xAL#Rf#!UXGEPdU{Nm@voRExwo7Y$^ZK;e4^Sw9oCFFbdN_%d4O9~11@1uE03ZfA zXA54H)RAOo=OJWJAW%UR5QChvkC0+2$a8S;9%gYbmCAE`7_2DCeOY?q)76D1UP$U( zznoLyl5^MU)MHR6ft&;iC3-lCokQ~I)YI-Sc^~p!P2+Psf2Hxmmaw|Y6AF5>K1Y2% ze`#lVBPcC_oCHcs^l%a@hu$@j_$hO4UAlRwG+9jL%{AkVp?0@tO}ZL-{Mv8!WXUa} mpmGW1Bv83T4<|8l_yBFf3!;ItDL@Qz&I!CKsUykB$p-+L*^;aP diff --git a/librustzcash/src/tests/signatures.rs b/librustzcash/src/tests/signatures.rs deleted file mode 100644 index 68ac7997c..000000000 --- a/librustzcash/src/tests/signatures.rs +++ /dev/null @@ -1,514 +0,0 @@ -use ff::{PrimeField, PrimeFieldRepr}; -use pairing::bls12_381::Bls12; -use zcash_primitives::jubjub::{FixedGenerators, JubjubEngine}; -use zcash_primitives::redjubjub::{PrivateKey, PublicKey, Signature}; - -use super::JUBJUB; - -#[test] -fn redjubjub_signatures() { - struct TestVector { - sk: [u8; 32], - vk: [u8; 32], - alpha: [u8; 32], - rsk: [u8; 32], - rvk: [u8; 32], - m: [u8; 32], - sig: [u8; 64], - rsig: [u8; 64], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_signatures.py - let test_vectors = vec![ - TestVector { - sk: [ - 0x18, 0xe2, 0x8d, 0xea, 0x5c, 0x11, 0x81, 0x7a, 0xee, 0xb2, 0x1a, 0x19, 0x98, 0x1d, - 0x28, 0x36, 0x8e, 0xc4, 0x38, 0xaf, 0xc2, 0x5a, 0x8d, 0xb9, 0x4e, 0xbe, 0x08, 0xd7, - 0xa0, 0x28, 0x8e, 0x09, - ], - vk: [ - 0x9b, 0x01, 0x53, 0xb0, 0x3d, 0x32, 0x0f, 0xe2, 0x3e, 0x28, 0x34, 0xd5, 0xd6, 0x1d, - 0xbb, 0x1f, 0x51, 0x9b, 0x3f, 0x41, 0xf8, 0xf9, 0x46, 0x15, 0x2b, 0xf0, 0xc3, 0xf2, - 0x47, 0xd1, 0x18, 0x07, - ], - alpha: [ - 0xff, 0xd1, 0xa1, 0x27, 0x32, 0x52, 0xb1, 0x87, 0xf4, 0xed, 0x32, 0x6d, 0xfc, 0x98, - 0x85, 0x3e, 0x29, 0x17, 0xc2, 0xb3, 0x63, 0x79, 0xb1, 0x75, 0xda, 0x63, 0xb9, 0xef, - 0x6d, 0xda, 0x6c, 0x08, - ], - rsk: [ - 0x60, 0x87, 0x38, 0x3b, 0x30, 0x55, 0x9b, 0x31, 0x60, 0x90, 0x85, 0xb9, 0x00, 0x96, - 0x45, 0xce, 0xb6, 0xa0, 0xc6, 0x61, 0x25, 0x99, 0xd7, 0x28, 0x80, 0x72, 0x8e, 0x61, - 0x24, 0x4e, 0x7d, 0x03, - ], - rvk: [ - 0xc1, 0xba, 0xbc, 0xb6, 0xea, 0xe2, 0xb9, 0x94, 0xee, 0x6d, 0x65, 0xc1, 0x0b, 0x9d, - 0xad, 0x59, 0x40, 0xdc, 0x73, 0x5b, 0x07, 0x50, 0x4d, 0xae, 0xd1, 0xe4, 0x6b, 0x07, - 0x09, 0xb4, 0x51, 0x36, - ], - m: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - sig: [ - 0xea, 0xa0, 0x57, 0x47, 0x6b, 0x4a, 0xb4, 0x82, 0x28, 0x8b, 0x93, 0xdf, 0x8f, 0xe0, - 0xc5, 0xce, 0x9d, 0x78, 0x83, 0x67, 0xf2, 0xbe, 0x55, 0x1b, 0x7f, 0x7a, 0x82, 0xa6, - 0xdb, 0x36, 0x04, 0x68, 0xde, 0xb9, 0xa7, 0xb7, 0xaf, 0xaa, 0xdf, 0xec, 0xa6, 0xf4, - 0x81, 0x19, 0x3d, 0xc6, 0x57, 0x57, 0x47, 0xf6, 0x0a, 0x1a, 0x8a, 0x48, 0xff, 0x0a, - 0xd7, 0x0c, 0xf8, 0xcb, 0x8d, 0x52, 0x8e, 0x08, - ], - rsig: [ - 0xd5, 0x6f, 0x0d, 0x91, 0xaf, 0x42, 0x4e, 0x1f, 0x1c, 0x7f, 0xb8, 0x6b, 0xa4, 0xee, - 0xd1, 0x43, 0xcc, 0x16, 0x66, 0x0c, 0x5f, 0xe8, 0xd7, 0xdc, 0x0d, 0x28, 0x4b, 0xcf, - 0x65, 0xa0, 0x89, 0xe9, 0x8b, 0x56, 0x1f, 0x9f, 0x20, 0x1a, 0x63, 0x3d, 0x70, 0x0c, - 0xd3, 0x98, 0x1e, 0x8c, 0xac, 0x07, 0xb5, 0xa8, 0x7e, 0xfa, 0x61, 0x86, 0x06, 0x2d, - 0xd8, 0xe5, 0xd6, 0x32, 0x5e, 0x7b, 0x82, 0x02, - ], - }, - TestVector { - sk: [ - 0x05, 0x96, 0x54, 0xf9, 0x61, 0x27, 0x3d, 0xaf, 0xda, 0x3b, 0x26, 0x77, 0xb3, 0x5c, - 0x18, 0xaf, 0x6b, 0x11, 0xad, 0xfb, 0x9e, 0xe9, 0x0b, 0x48, 0x93, 0x5e, 0x55, 0x7c, - 0x8d, 0x5d, 0x9c, 0x04, - ], - vk: [ - 0xfa, 0xf6, 0xc3, 0xb7, 0x37, 0xe8, 0xe6, 0x11, 0xaa, 0xfe, 0xa5, 0x2f, 0x03, 0xbb, - 0x27, 0x86, 0xe1, 0x83, 0x53, 0xeb, 0xe0, 0xd3, 0x13, 0x9e, 0x3c, 0x54, 0x49, 0x87, - 0x80, 0xc8, 0xc1, 0x99, - ], - alpha: [ - 0xc3, 0x0b, 0x96, 0x20, 0x8d, 0xa8, 0x00, 0xe1, 0x0a, 0xf0, 0x25, 0x42, 0xce, 0x69, - 0x4b, 0x7e, 0xd7, 0x6a, 0x28, 0x29, 0x9f, 0x85, 0x99, 0x8e, 0x5d, 0x61, 0x08, 0x12, - 0x68, 0x1b, 0xf0, 0x03, - ], - rsk: [ - 0xc8, 0xa1, 0xea, 0x19, 0xef, 0xcf, 0x3d, 0x90, 0xe5, 0x2b, 0x4c, 0xb9, 0x81, 0xc6, - 0x63, 0x2d, 0x43, 0x7c, 0xd5, 0x24, 0x3e, 0x6f, 0xa5, 0xd6, 0xf0, 0xbf, 0x5d, 0x8e, - 0xf5, 0x78, 0x8c, 0x08, - ], - rvk: [ - 0xd5, 0x24, 0xdc, 0xe7, 0x73, 0x40, 0x69, 0x75, 0x8a, 0x91, 0xf0, 0x07, 0xa8, 0x69, - 0x50, 0x5d, 0xfc, 0x4a, 0xba, 0x17, 0x20, 0x59, 0x4d, 0x4d, 0x74, 0xf0, 0x07, 0x70, - 0x0e, 0x62, 0xee, 0x00, - ], - m: [ - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - ], - sig: [ - 0x22, 0x35, 0x54, 0x94, 0xa8, 0x31, 0x6a, 0xb1, 0x34, 0x73, 0xf5, 0x5e, 0x62, 0x66, - 0xb2, 0xfb, 0x41, 0x97, 0x31, 0x5e, 0xac, 0x62, 0xf8, 0x2c, 0xc7, 0x3d, 0xca, 0xca, - 0x19, 0x90, 0x90, 0xf1, 0x5b, 0xe1, 0x98, 0xce, 0x7d, 0x3f, 0x9f, 0xc8, 0xff, 0xf5, - 0x50, 0xe1, 0x08, 0x81, 0xec, 0x49, 0xff, 0x27, 0x36, 0x9e, 0x7d, 0x4f, 0xd9, 0x64, - 0x01, 0x53, 0x49, 0x2a, 0x0a, 0x06, 0x25, 0x08, - ], - rsig: [ - 0xf4, 0xb8, 0x94, 0xba, 0x84, 0xce, 0x1e, 0xc3, 0x8a, 0x63, 0x15, 0x2f, 0xc4, 0x09, - 0xf9, 0x47, 0xd6, 0x1a, 0xbb, 0x1f, 0x48, 0x91, 0x63, 0x6b, 0xc3, 0xee, 0x19, 0xef, - 0x6d, 0x4b, 0x30, 0xc0, 0xfd, 0x22, 0x86, 0x6b, 0x84, 0xff, 0xbc, 0x7e, 0x2a, 0x78, - 0xc4, 0x3f, 0x57, 0x83, 0xd2, 0xd2, 0xea, 0xd0, 0x78, 0x59, 0x55, 0x03, 0x74, 0x43, - 0xc2, 0xf4, 0xd5, 0x2f, 0x78, 0x5e, 0xee, 0x07, - ], - }, - TestVector { - sk: [ - 0xad, 0xe7, 0xab, 0xb5, 0x51, 0xc7, 0x9d, 0x0f, 0x0e, 0x42, 0xef, 0x7f, 0x12, 0x06, - 0xb8, 0x77, 0x12, 0xa8, 0x4a, 0x61, 0xde, 0xa3, 0xf3, 0x7b, 0x42, 0x49, 0x6d, 0x7e, - 0xfd, 0x12, 0x52, 0x0c, - ], - vk: [ - 0x36, 0x9e, 0xa7, 0x51, 0x76, 0x2f, 0x83, 0x9d, 0x25, 0x70, 0x1a, 0x5e, 0xeb, 0x55, - 0x1e, 0xc4, 0xf0, 0x6c, 0x12, 0x90, 0xb3, 0xb9, 0xc3, 0xa7, 0x24, 0x40, 0x2d, 0xec, - 0x02, 0x73, 0x92, 0x21, - ], - alpha: [ - 0x81, 0x92, 0x25, 0x29, 0xa6, 0x3e, 0xe7, 0x43, 0xfc, 0x4f, 0xbb, 0xac, 0x45, 0xc4, - 0x98, 0x83, 0x16, 0xbc, 0x9b, 0x6e, 0x42, 0x8b, 0x01, 0xa8, 0xd3, 0x1f, 0xc1, 0xc2, - 0xa6, 0xca, 0x62, 0x05, - ], - rsk: [ - 0x77, 0x4d, 0xda, 0x07, 0x99, 0xf7, 0xed, 0x82, 0x87, 0x81, 0xe2, 0x5f, 0xc4, 0xa9, - 0xe8, 0x54, 0x28, 0x29, 0xb2, 0xce, 0x1f, 0xf4, 0x8d, 0x1d, 0x6d, 0xb9, 0xfa, 0xdb, - 0xb9, 0x28, 0x37, 0x03, - ], - rvk: [ - 0x0d, 0x92, 0xad, 0x6d, 0x46, 0xed, 0xac, 0xd0, 0x23, 0xd4, 0xd2, 0xef, 0x70, 0x3a, - 0x6c, 0xa0, 0xa7, 0x92, 0xcf, 0xc4, 0xb7, 0xda, 0x11, 0xc2, 0x35, 0x3b, 0xc8, 0x45, - 0xa2, 0x7a, 0x97, 0x4d, - ], - m: [ - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, - ], - sig: [ - 0xdd, 0x65, 0x21, 0x01, 0x4d, 0xff, 0x70, 0x6e, 0x3a, 0x38, 0x52, 0x7a, 0x86, 0xb6, - 0xc1, 0x6e, 0x94, 0x14, 0x80, 0xe7, 0x33, 0xef, 0xf7, 0x9e, 0xbe, 0x0c, 0x43, 0x03, - 0x79, 0xd7, 0x57, 0x04, 0x9d, 0xb7, 0x90, 0xcd, 0x5e, 0x14, 0x44, 0x7c, 0x38, 0x6f, - 0x5f, 0xcb, 0x41, 0x9f, 0x27, 0xc4, 0x41, 0x3f, 0x35, 0x88, 0xfa, 0x21, 0x42, 0xd2, - 0xcf, 0xba, 0xed, 0x08, 0x2c, 0xc6, 0xdb, 0x07, - ], - rsig: [ - 0xd8, 0x94, 0x45, 0xcb, 0x9b, 0xd1, 0x03, 0x35, 0x69, 0x23, 0x1d, 0xd6, 0x28, 0xaa, - 0x62, 0x81, 0x09, 0xfe, 0x93, 0x50, 0x2b, 0xf2, 0x2f, 0x9a, 0x5f, 0x37, 0xb1, 0x4e, - 0x51, 0x7f, 0x9a, 0x20, 0x54, 0xae, 0xe3, 0xc8, 0x1b, 0x60, 0xb3, 0xf0, 0x55, 0x1e, - 0x32, 0xf7, 0x93, 0x5a, 0xbc, 0x2f, 0x37, 0xb9, 0x9a, 0xb3, 0xec, 0x99, 0x68, 0x02, - 0xef, 0xd6, 0x50, 0x69, 0xe1, 0x28, 0x12, 0x08, - ], - }, - TestVector { - sk: [ - 0xc9, 0xd2, 0xae, 0x1f, 0x6d, 0x32, 0xa6, 0x75, 0xd0, 0x9e, 0xb0, 0x82, 0x3f, 0x46, - 0x7f, 0xa9, 0x21, 0xb3, 0x28, 0x4a, 0xcb, 0x35, 0xfa, 0xbd, 0xfc, 0x99, 0x4d, 0xe5, - 0x49, 0xb8, 0x59, 0x0d, - ], - vk: [ - 0x2d, 0x2f, 0x31, 0x6e, 0x5c, 0x36, 0x9a, 0xe4, 0xdd, 0x2c, 0x82, 0x5f, 0x3d, 0x86, - 0x46, 0x00, 0x58, 0x40, 0x71, 0x84, 0x60, 0x3b, 0x21, 0x2c, 0xf3, 0x45, 0x9f, 0x36, - 0xc8, 0x69, 0x7f, 0xd8, - ], - alpha: [ - 0xeb, 0xbc, 0x89, 0x03, 0x11, 0x07, 0xc4, 0x4f, 0x47, 0x88, 0x9e, 0xd4, 0xd4, 0x37, - 0x5a, 0x41, 0x14, 0xcf, 0x8a, 0x75, 0xdd, 0x33, 0xb9, 0x62, 0xf2, 0xd7, 0x59, 0xd3, - 0xf4, 0xc6, 0xdf, 0x06, - ], - rsk: [ - 0xfd, 0x62, 0x41, 0x4c, 0x1f, 0x2b, 0xd3, 0xf4, 0x94, 0x16, 0x87, 0x8a, 0x80, 0x5d, - 0x71, 0x44, 0x35, 0x47, 0x7f, 0xbe, 0xa7, 0x2e, 0x4c, 0x1a, 0x46, 0xc2, 0x73, 0x53, - 0x54, 0xca, 0xbb, 0x05, - ], - rvk: [ - 0xf0, 0x43, 0x0e, 0x95, 0x3b, 0xe6, 0x0b, 0xf4, 0x38, 0xdb, 0xdc, 0xc2, 0x30, 0x3f, - 0x0e, 0x32, 0xa6, 0xf7, 0xce, 0x2f, 0xbe, 0xdf, 0xb1, 0x3a, 0xc5, 0x18, 0xf7, 0x5a, - 0x3f, 0xd1, 0x0e, 0xb5, - ], - m: [ - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, - ], - sig: [ - 0x72, 0x79, 0xa7, 0x5c, 0x01, 0x36, 0x75, 0xb3, 0x29, 0x84, 0xe5, 0xc7, 0x3a, 0x98, - 0x91, 0xeb, 0xf0, 0xb2, 0x29, 0xb1, 0x6e, 0x62, 0x35, 0xba, 0x36, 0xdf, 0xa1, 0xb5, - 0xa1, 0x0c, 0x5e, 0x44, 0x57, 0x81, 0x91, 0x89, 0x7c, 0x06, 0xb8, 0x52, 0x4a, 0x26, - 0x74, 0xaa, 0x7a, 0x0c, 0x8c, 0x23, 0x5f, 0x52, 0xd3, 0x3a, 0xc9, 0x2c, 0x70, 0x56, - 0xb2, 0xbe, 0x95, 0x3c, 0x3f, 0xaa, 0x3d, 0x07, - ], - rsig: [ - 0xaa, 0xd4, 0x82, 0x8c, 0xb3, 0x42, 0xcf, 0x09, 0xb0, 0x0e, 0x30, 0x2c, 0xbb, 0xe7, - 0xcc, 0x3e, 0x95, 0xfe, 0x1f, 0xf8, 0x28, 0x74, 0x8e, 0x5f, 0x5b, 0xc6, 0x9c, 0xbf, - 0xde, 0x6e, 0x27, 0x22, 0xd7, 0x64, 0x35, 0x68, 0x7e, 0x85, 0x0c, 0xd3, 0x07, 0xa9, - 0xc1, 0x82, 0xec, 0x10, 0xe6, 0x88, 0x1d, 0xd6, 0x5e, 0xed, 0xc1, 0x1f, 0xa7, 0xb4, - 0x6d, 0xe3, 0xa7, 0x19, 0x59, 0xce, 0xc0, 0x02, - ], - }, - TestVector { - sk: [ - 0x33, 0xbc, 0xd2, 0x86, 0x45, 0x41, 0xb8, 0xbb, 0x7f, 0xdc, 0x77, 0xa1, 0x9d, 0x97, - 0x0f, 0x92, 0x4e, 0xae, 0xec, 0xf4, 0x10, 0x3c, 0x38, 0xc8, 0xd2, 0xb0, 0x66, 0x81, - 0x42, 0xf2, 0x7d, 0x09, - ], - vk: [ - 0x74, 0x17, 0x94, 0xe6, 0x2c, 0xf9, 0x32, 0x0c, 0x58, 0xba, 0xc5, 0x94, 0xa2, 0xb9, - 0x0e, 0x34, 0x0a, 0x6d, 0x8a, 0x68, 0x05, 0x6f, 0x6e, 0xd5, 0xc7, 0x86, 0x8c, 0x5f, - 0xf3, 0xe4, 0xd6, 0x16, - ], - alpha: [ - 0x7c, 0xe7, 0x25, 0xa5, 0xfe, 0xf6, 0x1b, 0xd4, 0xa1, 0xe9, 0xc7, 0x73, 0x28, 0xe8, - 0x21, 0x0e, 0xb7, 0x29, 0x2d, 0x95, 0x4c, 0x64, 0xe9, 0x9e, 0x8b, 0xed, 0xd0, 0x7a, - 0xb3, 0xab, 0x0e, 0x0d, - ], - rsk: [ - 0xf8, 0x76, 0x01, 0x55, 0xe5, 0x29, 0x3d, 0xbf, 0x9e, 0xb5, 0x77, 0x48, 0x32, 0x5f, - 0xc9, 0xf9, 0x04, 0x9d, 0xe5, 0x88, 0x5c, 0x65, 0xba, 0x60, 0xb5, 0xee, 0x03, 0x97, - 0x0b, 0xe9, 0x0e, 0x08, - ], - rvk: [ - 0x66, 0x62, 0xba, 0x09, 0x95, 0x0a, 0xcc, 0xd2, 0xce, 0xa3, 0xc7, 0xa8, 0x12, 0x90, - 0xcd, 0x59, 0x78, 0xa6, 0x2b, 0x5a, 0xc5, 0xbb, 0xc4, 0x8d, 0x9f, 0x58, 0x19, 0xcd, - 0xc9, 0x64, 0x6f, 0x0a, - ], - m: [ - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, - ], - sig: [ - 0x51, 0x23, 0xb3, 0x1f, 0x84, 0xaf, 0x0c, 0x35, 0x5e, 0x13, 0xe7, 0x8a, 0x64, 0xd7, - 0xa3, 0xcd, 0xfd, 0x6b, 0xdf, 0xfd, 0xc7, 0x33, 0x38, 0xd9, 0x31, 0x7f, 0x73, 0x43, - 0x91, 0xa5, 0x5a, 0xe6, 0x25, 0x8f, 0x69, 0x80, 0xb9, 0xc7, 0xd1, 0x90, 0xcf, 0xa3, - 0x65, 0x81, 0xa9, 0xa4, 0x7a, 0x86, 0x3f, 0xd3, 0xbf, 0x76, 0x59, 0x42, 0x22, 0x95, - 0xb7, 0x5f, 0xd1, 0x22, 0xc3, 0xdd, 0x8a, 0x05, - ], - rsig: [ - 0x5b, 0xae, 0x25, 0x4f, 0xbd, 0xed, 0x60, 0x7a, 0x5c, 0x48, 0xb5, 0x30, 0x29, 0xf5, - 0x9b, 0xa7, 0x06, 0x32, 0x48, 0x79, 0xaa, 0x18, 0xd9, 0xc4, 0x73, 0x19, 0x00, 0x4b, - 0xe0, 0x2c, 0xec, 0xe0, 0xb8, 0xbb, 0x02, 0x4a, 0x7a, 0xab, 0xaa, 0x0a, 0x64, 0x0f, - 0x3a, 0x54, 0xdc, 0xda, 0xf2, 0x11, 0x31, 0x46, 0x9a, 0x50, 0x06, 0xbe, 0x27, 0x81, - 0xa5, 0x67, 0xff, 0xa6, 0x50, 0x3a, 0x35, 0x03, - ], - }, - TestVector { - sk: [ - 0xca, 0x35, 0x06, 0xd6, 0xaf, 0x77, 0x67, 0xb5, 0x79, 0x0e, 0xf0, 0xc5, 0x19, 0x0f, - 0xb3, 0xf3, 0x87, 0x7c, 0x4a, 0xab, 0x40, 0xe0, 0xdd, 0x65, 0x1a, 0xbb, 0xda, 0xcb, - 0x54, 0x4e, 0xd0, 0x05, - ], - vk: [ - 0xba, 0xb6, 0xcf, 0xb5, 0xc8, 0xea, 0x34, 0x91, 0x25, 0x1b, 0x46, 0xd5, 0x2a, 0xca, - 0x25, 0xd9, 0xe9, 0xaf, 0x69, 0xfa, 0xa9, 0xb4, 0xe4, 0x0b, 0x03, 0xad, 0x00, 0x86, - 0xde, 0x59, 0xb5, 0x1f, - ], - alpha: [ - 0xbe, 0xa3, 0x87, 0x20, 0x3f, 0x43, 0x76, 0x0a, 0xd3, 0x7d, 0x61, 0xde, 0x0e, 0xb5, - 0x9f, 0xca, 0x6c, 0xab, 0x75, 0x60, 0xdf, 0x64, 0xfa, 0xbb, 0x95, 0x11, 0x57, 0x9f, - 0x6f, 0x68, 0x26, 0x06, - ], - rsk: [ - 0x88, 0xd9, 0x8d, 0xf6, 0xee, 0xba, 0xdd, 0xbf, 0x4c, 0x8c, 0x51, 0xa4, 0x28, 0xc4, - 0x52, 0xbe, 0xf4, 0x27, 0xc0, 0x0b, 0x20, 0x45, 0xd8, 0x21, 0xb0, 0xcc, 0x31, 0x6b, - 0xc4, 0xb6, 0xf6, 0x0b, - ], - rvk: [ - 0x11, 0x26, 0x7d, 0x14, 0xd5, 0xe0, 0xb2, 0xbb, 0x3c, 0xe0, 0x99, 0xe8, 0xef, 0x84, - 0x49, 0x47, 0x1c, 0xbc, 0xfc, 0x69, 0x39, 0xa4, 0xb3, 0x48, 0xde, 0xa2, 0xc1, 0x73, - 0x56, 0xa1, 0xe8, 0xdd, - ], - m: [ - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, - ], - sig: [ - 0xdc, 0x18, 0xc8, 0x8d, 0x96, 0x44, 0x42, 0x40, 0x6d, 0x65, 0x0a, 0xa2, 0xff, 0xbd, - 0x83, 0xd1, 0x13, 0xbf, 0x6a, 0x19, 0xda, 0x78, 0xf2, 0x66, 0x5b, 0x29, 0x4f, 0xa5, - 0xfa, 0x45, 0x0b, 0x92, 0x81, 0xa0, 0x7e, 0x32, 0x0c, 0x1a, 0xa3, 0x1d, 0x32, 0x44, - 0x9e, 0x00, 0xc5, 0xc3, 0x2d, 0xb2, 0xf4, 0x13, 0xdf, 0x0b, 0x63, 0xd0, 0x72, 0x8f, - 0xa4, 0x09, 0x41, 0xa8, 0xda, 0x02, 0x4f, 0x01, - ], - rsig: [ - 0x59, 0xe2, 0xe8, 0x18, 0x76, 0x6c, 0x50, 0xfc, 0x8f, 0x38, 0x40, 0xb2, 0x72, 0xaf, - 0x9a, 0xd9, 0x47, 0x56, 0xc8, 0x41, 0x32, 0x95, 0xfc, 0x79, 0x5f, 0xaf, 0xbc, 0xc0, - 0x71, 0x8e, 0x6c, 0x08, 0x16, 0x9a, 0x00, 0xd5, 0x83, 0x02, 0x77, 0x2a, 0x28, 0x28, - 0x43, 0xe8, 0x88, 0xd9, 0x81, 0xfa, 0x04, 0x79, 0x5d, 0x01, 0x4c, 0xf9, 0xc8, 0xcd, - 0xb9, 0x07, 0xff, 0x1b, 0x43, 0x0d, 0x92, 0x00, - ], - }, - TestVector { - sk: [ - 0xbc, 0x27, 0x83, 0x8d, 0xe2, 0xa6, 0x14, 0xcf, 0xba, 0x6c, 0x3e, 0x92, 0x2a, 0x8f, - 0x84, 0x24, 0xd9, 0x85, 0x6f, 0x68, 0x16, 0xf3, 0xbc, 0x61, 0x02, 0x31, 0x3b, 0x7f, - 0xaf, 0x5c, 0x3a, 0x0c, - ], - vk: [ - 0xd7, 0x9b, 0xe9, 0xff, 0x22, 0x9a, 0x2e, 0x35, 0xf5, 0xbc, 0xa4, 0x48, 0xe5, 0xeb, - 0x4a, 0x8a, 0xa9, 0x7f, 0xb4, 0x18, 0x02, 0x91, 0x25, 0xcf, 0xba, 0xa7, 0x8a, 0x91, - 0xa3, 0x82, 0xb0, 0x94, - ], - alpha: [ - 0x21, 0xa7, 0x15, 0x0e, 0x19, 0x4f, 0xed, 0xfe, 0xf9, 0x0c, 0x5d, 0x10, 0xe4, 0x20, - 0x85, 0x8b, 0xca, 0x40, 0x04, 0x04, 0x0e, 0xb6, 0x81, 0xd1, 0x4e, 0x75, 0xc4, 0x47, - 0x13, 0x51, 0xcb, 0x02, - ], - rsk: [ - 0x26, 0xa2, 0xa1, 0xc4, 0x9c, 0xe7, 0x6a, 0xfd, 0x31, 0x69, 0xd3, 0xd5, 0x7a, 0x8f, - 0xa1, 0x09, 0xa3, 0x8b, 0x3f, 0x6b, 0x23, 0x6e, 0xd7, 0x2c, 0xa8, 0xf6, 0xcb, 0x61, - 0xd8, 0xf8, 0x87, 0x00, - ], - rvk: [ - 0x54, 0xbf, 0x1b, 0xe7, 0x2e, 0x6d, 0x41, 0x20, 0x8b, 0x8a, 0xec, 0x11, 0x61, 0xd3, - 0xba, 0x59, 0x51, 0x9f, 0xb9, 0x3d, 0xa0, 0x1a, 0x55, 0xe6, 0x78, 0xe2, 0x75, 0x20, - 0x06, 0x60, 0x36, 0xc9, - ], - m: [ - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, - ], - sig: [ - 0x9a, 0xf6, 0xf2, 0x80, 0x0f, 0x4b, 0x80, 0xf7, 0x93, 0xbe, 0x64, 0x8a, 0x43, 0x9f, - 0x86, 0xe5, 0x7d, 0xa1, 0xb9, 0x19, 0x99, 0x9e, 0x41, 0x91, 0x09, 0x99, 0xd4, 0x2e, - 0xd0, 0xf3, 0x89, 0x6d, 0xb7, 0x6e, 0x06, 0x38, 0x8b, 0x27, 0x2c, 0x99, 0x85, 0x8b, - 0x55, 0x04, 0xd0, 0x2e, 0xc6, 0xb4, 0xd5, 0x25, 0xb8, 0x71, 0x38, 0x10, 0x50, 0x5f, - 0x4f, 0xc0, 0x31, 0x08, 0x3a, 0x14, 0xbf, 0x09, - ], - rsig: [ - 0x3f, 0x7d, 0x50, 0x71, 0xb8, 0x76, 0x17, 0x49, 0x05, 0x71, 0xa8, 0xbe, 0x91, 0x74, - 0x9e, 0x69, 0xf6, 0xbc, 0xba, 0x5a, 0xb6, 0x26, 0xe4, 0x2f, 0xf9, 0x2d, 0x0d, 0x7d, - 0xab, 0x73, 0xf3, 0x03, 0x61, 0xe5, 0xa2, 0x24, 0x99, 0x8e, 0x1f, 0x5e, 0xa1, 0xe5, - 0xf8, 0x68, 0x9a, 0x06, 0xa2, 0x77, 0x48, 0xbf, 0x74, 0x19, 0x63, 0xef, 0x51, 0x33, - 0x22, 0xf4, 0xa1, 0xba, 0x99, 0xaa, 0x36, 0x03, - ], - }, - TestVector { - sk: [ - 0xb2, 0x08, 0x59, 0xb8, 0x8e, 0xe3, 0x33, 0x8a, 0x64, 0x95, 0x4f, 0x8a, 0x9e, 0x8e, - 0x9b, 0xf3, 0xe7, 0x11, 0x5a, 0xcf, 0x7c, 0x6e, 0x7f, 0x01, 0x43, 0x2c, 0x5f, 0x76, - 0x96, 0xd2, 0xd0, 0x05, - ], - vk: [ - 0xa8, 0x1f, 0xe6, 0x84, 0x6d, 0xbe, 0x0a, 0x75, 0xc0, 0xf4, 0x9b, 0x21, 0x32, 0x32, - 0xbe, 0xad, 0xd1, 0xf9, 0xa5, 0x64, 0x67, 0x3d, 0x25, 0xb9, 0x1e, 0xe0, 0xf1, 0x7c, - 0xe9, 0xca, 0xa3, 0x63, - ], - alpha: [ - 0x44, 0xd9, 0x08, 0xe1, 0xc1, 0x5e, 0x6b, 0xd9, 0x38, 0x0a, 0x8b, 0x23, 0x5a, 0xce, - 0x02, 0xfa, 0xc1, 0xc0, 0x87, 0x94, 0x45, 0x4b, 0xcd, 0xb4, 0xa6, 0xf4, 0x8c, 0xea, - 0x78, 0xa7, 0x4a, 0x04, - ], - rsk: [ - 0xf6, 0xe1, 0x61, 0x99, 0x50, 0x42, 0x9f, 0x63, 0x9d, 0x9f, 0xda, 0xad, 0xf8, 0x5c, - 0x9e, 0xed, 0xa9, 0xd2, 0xe1, 0x63, 0xc2, 0xb9, 0x4c, 0xb6, 0xe9, 0x20, 0xec, 0x60, - 0x0f, 0x7a, 0x1b, 0x0a, - ], - rvk: [ - 0x0b, 0x68, 0xd5, 0x0f, 0x91, 0x3c, 0xd1, 0xb7, 0x8b, 0x59, 0x92, 0x1e, 0x16, 0x56, - 0xd5, 0x76, 0xb0, 0xeb, 0x17, 0x1e, 0xd3, 0x87, 0x0d, 0x39, 0xfe, 0xc6, 0x94, 0x41, - 0xb3, 0x4b, 0x25, 0x38, - ], - m: [ - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, - ], - sig: [ - 0x64, 0x59, 0x67, 0x6a, 0x94, 0x16, 0x34, 0xec, 0xb6, 0x1e, 0x59, 0xb7, 0x9a, 0x98, - 0xab, 0xe5, 0x87, 0x6f, 0x35, 0x6f, 0x72, 0x8a, 0xa0, 0x9e, 0x0c, 0xca, 0x9e, 0xfe, - 0x05, 0x76, 0x1a, 0x33, 0x09, 0xaa, 0x88, 0xb2, 0xfa, 0x0e, 0xe2, 0xd0, 0x4c, 0x1c, - 0x46, 0xe9, 0xf2, 0xa0, 0x48, 0xd5, 0x9d, 0x55, 0x65, 0xaf, 0xa6, 0xc3, 0xf1, 0x5b, - 0xce, 0x70, 0x8d, 0xaa, 0xab, 0x7b, 0x34, 0x0e, - ], - rsig: [ - 0xc9, 0x66, 0x84, 0xec, 0x7e, 0xa6, 0x0b, 0xde, 0x87, 0x88, 0x22, 0xdd, 0xca, 0xf6, - 0xb8, 0xb0, 0xbd, 0x31, 0x98, 0x51, 0x54, 0xdf, 0x9a, 0xd4, 0xf6, 0x90, 0x7d, 0xf8, - 0xfe, 0xd9, 0x5c, 0x1d, 0x84, 0xfe, 0x67, 0xe6, 0x78, 0x75, 0xa5, 0x39, 0x55, 0x0e, - 0xb2, 0x51, 0x4f, 0x19, 0x3b, 0x8e, 0xd4, 0x57, 0x25, 0x6c, 0x8d, 0x30, 0x28, 0x1d, - 0x6f, 0x8b, 0xb9, 0x54, 0x49, 0x24, 0xca, 0x0c, - ], - }, - TestVector { - sk: [ - 0x32, 0x16, 0xae, 0x47, 0xe9, 0xf5, 0x3e, 0x8a, 0x52, 0x79, 0x6f, 0x24, 0xb6, 0x24, - 0x60, 0x77, 0x6b, 0xd5, 0xf2, 0x05, 0xa7, 0x8e, 0x15, 0x95, 0xbc, 0x8e, 0xfe, 0xdc, - 0x51, 0x9d, 0x36, 0x0b, - ], - vk: [ - 0xdf, 0x74, 0xbf, 0x04, 0x79, 0x61, 0xcc, 0x5c, 0xda, 0xc8, 0x28, 0x90, 0xc7, 0x6e, - 0xc6, 0x75, 0xbd, 0x4e, 0x89, 0xea, 0xd2, 0x80, 0xc9, 0x52, 0xd7, 0xc3, 0x3e, 0xea, - 0xf2, 0xb5, 0xa6, 0x6b, - ], - alpha: [ - 0xc9, 0x61, 0xf2, 0xdd, 0x93, 0x68, 0x2a, 0xdb, 0x93, 0xf5, 0xc0, 0x5a, 0x73, 0xfd, - 0xbc, 0x6d, 0x43, 0xc7, 0x0e, 0x1b, 0x15, 0xe8, 0xd5, 0x3e, 0x3f, 0x17, 0xa8, 0x24, - 0x94, 0xe3, 0xf2, 0x09, - ], - rsk: [ - 0x44, 0x4b, 0xa9, 0x4e, 0x1e, 0x50, 0xd2, 0x94, 0x63, 0x5e, 0x68, 0xb2, 0x95, 0x01, - 0xb5, 0x3e, 0xae, 0x61, 0xcd, 0x1f, 0xbb, 0x3b, 0x84, 0xcd, 0x52, 0xf6, 0x72, 0x9c, - 0xfb, 0xcb, 0xab, 0x06, - ], - rvk: [ - 0x0a, 0xfb, 0xe4, 0x06, 0xa8, 0x91, 0xc3, 0xb8, 0xc3, 0x10, 0xc2, 0x15, 0xbc, 0x68, - 0xa9, 0x13, 0xde, 0x7c, 0xda, 0x06, 0xaf, 0x29, 0x42, 0x00, 0x56, 0x46, 0x8d, 0x0c, - 0x08, 0x85, 0x5b, 0x28, - ], - m: [ - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, - ], - sig: [ - 0x24, 0x93, 0x2c, 0x1f, 0xaa, 0x01, 0x63, 0xca, 0x9a, 0x7f, 0xcd, 0xe4, 0x76, 0x11, - 0x29, 0xd2, 0xe5, 0xe9, 0x9c, 0xf5, 0xef, 0xa2, 0x5d, 0x27, 0x04, 0x58, 0x8e, 0x1c, - 0x75, 0x67, 0x7b, 0x5e, 0xeb, 0xe4, 0x55, 0x04, 0x8d, 0x7c, 0xe1, 0xb0, 0xd2, 0x01, - 0x27, 0x53, 0xf7, 0x1b, 0x27, 0x25, 0x01, 0x2e, 0xe1, 0x85, 0x49, 0x28, 0x73, 0x18, - 0xf9, 0xcd, 0x73, 0xf0, 0x7f, 0x0f, 0xb5, 0x02, - ], - rsig: [ - 0xf7, 0xfa, 0x26, 0xca, 0x22, 0xf3, 0x86, 0xc4, 0x3c, 0x19, 0x1a, 0x0b, 0x3e, 0xa6, - 0x57, 0x7e, 0x8e, 0xea, 0xa3, 0xf3, 0x6b, 0x9b, 0xd1, 0xa3, 0xac, 0x3d, 0xf6, 0xf8, - 0x83, 0xa3, 0xff, 0xdb, 0x31, 0x32, 0x0b, 0xde, 0x62, 0x7f, 0xf4, 0x6f, 0xc2, 0x26, - 0x4a, 0x32, 0x63, 0xb9, 0xab, 0x67, 0x12, 0x3b, 0xa5, 0xe1, 0x08, 0x43, 0x20, 0xd9, - 0x10, 0xb3, 0x94, 0xef, 0x8c, 0x65, 0xba, 0x09, - ], - }, - TestVector { - sk: [ - 0x85, 0x83, 0x6f, 0x98, 0x32, 0xb2, 0x8d, 0xe7, 0xc6, 0x36, 0x13, 0xe2, 0xa6, 0xed, - 0x36, 0xfb, 0x1a, 0xb4, 0x4f, 0xb0, 0xc1, 0x3f, 0xa8, 0x79, 0x8c, 0xd9, 0xcd, 0x30, - 0x30, 0xd4, 0x55, 0x03, - ], - vk: [ - 0xbf, 0xd5, 0xbc, 0x00, 0xc7, 0xc0, 0x22, 0xaa, 0x89, 0x01, 0xae, 0x08, 0x3c, 0x12, - 0xd5, 0x4b, 0x82, 0xf0, 0xdd, 0xff, 0x8e, 0xd6, 0xdb, 0x9a, 0x12, 0xd5, 0x9a, 0x5e, - 0xf6, 0xa5, 0xa2, 0xe0, - ], - alpha: [ - 0xa2, 0xe8, 0xb9, 0xe1, 0x6d, 0x6f, 0xf3, 0xca, 0x6c, 0x53, 0xd4, 0xe8, 0x8a, 0xbb, - 0xb9, 0x9b, 0xe7, 0xaf, 0x7e, 0x36, 0x59, 0x63, 0x1f, 0x1e, 0xae, 0x1e, 0xff, 0x23, - 0x87, 0x4d, 0x8e, 0x0c, - ], - rsk: [ - 0x70, 0x3f, 0x32, 0xa3, 0x41, 0x13, 0xea, 0xe1, 0xb0, 0x79, 0x1f, 0xfe, 0x9d, 0x88, - 0x88, 0xf0, 0x01, 0x29, 0x9a, 0xe5, 0x19, 0x68, 0x60, 0x91, 0x91, 0x48, 0x99, 0xef, - 0xcc, 0x6c, 0x66, 0x01, - ], - rvk: [ - 0xeb, 0x92, 0x97, 0x03, 0x6c, 0xf5, 0x17, 0xe1, 0x5e, 0x9e, 0xfe, 0x39, 0x75, 0x32, - 0x8d, 0xb4, 0x8e, 0xe7, 0xc2, 0x69, 0x4e, 0x94, 0x6d, 0xb2, 0x5f, 0x52, 0x87, 0x88, - 0xf6, 0xa1, 0xdb, 0x14, - ], - m: [ - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, - ], - sig: [ - 0x64, 0xab, 0xd1, 0x25, 0xbf, 0xc4, 0xc6, 0x54, 0xfa, 0xf2, 0xb6, 0xdd, 0x75, 0x3e, - 0xc6, 0x90, 0x22, 0x4d, 0xbc, 0xab, 0x8c, 0xd6, 0x32, 0xdd, 0x59, 0x3c, 0x91, 0xce, - 0x3a, 0xb0, 0xbc, 0xad, 0xca, 0x92, 0x76, 0x34, 0x02, 0x1c, 0x31, 0x47, 0x6c, 0x78, - 0xc5, 0xac, 0x7c, 0xcc, 0xab, 0xbd, 0x6f, 0x92, 0x7d, 0xf2, 0x05, 0xea, 0xa7, 0x07, - 0xcc, 0x00, 0xd4, 0x7d, 0x39, 0xf3, 0xe4, 0x0c, - ], - rsig: [ - 0xeb, 0x7a, 0x06, 0x5d, 0x75, 0xf8, 0x45, 0xdc, 0x09, 0x41, 0xb7, 0x09, 0xc0, 0xb1, - 0x49, 0xea, 0xfd, 0x80, 0x5e, 0xa5, 0x8f, 0x38, 0x0b, 0x92, 0xb9, 0xd3, 0x10, 0x8a, - 0x56, 0x1b, 0xda, 0x17, 0x85, 0xdf, 0x8f, 0x10, 0x1e, 0x0e, 0x14, 0x0f, 0xca, 0xee, - 0x99, 0xb7, 0xdb, 0xb7, 0xdf, 0xbf, 0x7e, 0x61, 0xf3, 0xa1, 0x2f, 0x46, 0x09, 0x50, - 0x69, 0xe0, 0x6e, 0x88, 0x96, 0xa9, 0xe4, 0x04, - ], - }, - ]; - - for tv in test_vectors { - let sk = PrivateKey::::read(&tv.sk[..]).unwrap(); - let vk = PublicKey::::read(&tv.vk[..], &JUBJUB).unwrap(); - let rvk = PublicKey::::read(&tv.rvk[..], &JUBJUB).unwrap(); - let sig = Signature::read(&tv.sig[..]).unwrap(); - let rsig = Signature::read(&tv.rsig[..]).unwrap(); - - let mut alpha_repr = <::Fs as PrimeField>::Repr::default(); - alpha_repr.read_le(&tv.alpha[..]).unwrap(); - let alpha = ::Fs::from_repr(alpha_repr).unwrap(); - - { - let mut vec = Vec::new(); - sk.randomize(alpha.clone()).write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.rsk); - } - { - let mut vec = Vec::new(); - vk.randomize(alpha, FixedGenerators::SpendingKeyGenerator, &JUBJUB) - .write(&mut vec) - .unwrap(); - assert_eq!(&vec, &tv.rvk); - } - - assert!(vk.verify(&tv.m, &sig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - assert!(rvk.verify(&tv.m, &rsig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - assert!(!vk.verify(&tv.m, &rsig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - assert!(!rvk.verify(&tv.m, &sig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - } -}